diff options
| -rw-r--r-- | example/test_jit_arm.py | 72 | ||||
| -rw-r--r-- | miasm2/analysis/sandbox.py | 39 | ||||
| -rw-r--r-- | test/test_all.py | 2 |
3 files changed, 57 insertions, 56 deletions
diff --git a/example/test_jit_arm.py b/example/test_jit_arm.py index 2e54ee58..da4a0e6d 100644 --- a/example/test_jit_arm.py +++ b/example/test_jit_arm.py @@ -1,70 +1,34 @@ #!/usr/bin/env python #-*- coding:utf-8 -*- -from argparse import ArgumentParser from miasm2.analysis import debugging, gdbserver +from miasm2.analysis.sandbox import Sandbox_Linux_arml from miasm2.jitter.jitload import vm_load_elf, libimp, preload_elf from miasm2.analysis.machine import Machine +import logging from pdb import pm -parser = ArgumentParser( - description="""Sandbox an elf binary with arm engine -(ex: test_jit_arm.py example/md5_arm A684)""") -parser.add_argument("-r", "--log-regs", - help="Log registers value for each instruction", - action="store_true") -parser.add_argument("-m", "--log-mn", - help="Log desassembly conversion for each instruction", - action="store_true") -parser.add_argument("-n", "--log-newbloc", - help="Log basic blocks processed by the Jitter", - action="store_true") -parser.add_argument("-j", "--jitter", - help="Jitter engine. Possible values are : tcc (default), llvm", - default="tcc") -parser.add_argument("-d", "--debugging", - help="Attach a CLI debugguer to the sandboxed programm", - action="store_true") -parser.add_argument("binary", - help="binary to run") -parser.add_argument("addr", - help="start exec on addr") +parser = Sandbox_Linux_arml.parser(description="""Sandbox an elf binary with arm engine +(ex: test_jit_arm.py example/md5_arm -a A684)""") +parser.add_argument("filename", help="PE Filename") +parser.add_argument('-v', "--verbose", + help="verbose mode", action="store_true") -machine = Machine("arm") +options = parser.parse_args() +sb = Sandbox_Linux_arml(options.filename, options, globals()) -def jit_arm_binary(args): - filepath, entryp = args.binary, int(args.addr, 16) - myjit = machine.jitter(jit_type = args.jitter) - myjit.init_stack() - # Log level (if available with jitter engine) - myjit.jit.log_regs = args.log_regs - myjit.jit.log_mn = args.log_mn - myjit.jit.log_newbloc = args.log_newbloc +if options.verbose is True: + logging.basicConfig(level=logging.INFO) +else: + logging.basicConfig(level=logging.WARNING) - elf = vm_load_elf(myjit.vm, filepath) - libs = libimp() - preload_elf(myjit.vm, elf, libs) - myjit.add_lib_handler(libs) - myjit.add_breakpoint(0x1337BEEF, lambda _: exit(0)) - regs = myjit.cpu.get_gpreg() - regs['LR'] = 0x1337BEEF - myjit.cpu.set_gpreg(regs) - myjit.init_run(entryp) +if options.verbose is True: + sb.jitter.vm.dump_memory_page_pool() +if options.address is None: + raise ValueError('invalid address') +sb.run() - # Handle debugging - if args.debugging is True: - dbg = debugging.Debugguer(myjit) - cmd = debugging.DebugCmd(dbg) - cmd.cmdloop() - - else: - print(myjit.continue_run()) - -if __name__ == '__main__': - from sys import stderr - args = parser.parse_args() - jit_arm_binary(args) diff --git a/miasm2/analysis/sandbox.py b/miasm2/analysis/sandbox.py index f66f5913..8a1e1ca4 100644 --- a/miasm2/analysis/sandbox.py +++ b/miasm2/analysis/sandbox.py @@ -86,7 +86,7 @@ class Sandbox(object): @addr: (int) start address """ if addr is None and self.options.address is not None: - addr = int(options.address, 16) + addr = int(self.options.address, 16) if any([self.options.debugging, self.options.gdbserver]): dbg = debugging.Debugguer(self.jitter) @@ -245,6 +245,19 @@ class Arch_x86_32(Arch): help="Use segments fs:") +class Arch_arml(Arch): + _ARCH_ = "arm" + STACK_SIZE = 0x100000 + + def __init__(self): + super(Arch_arml, self).__init__() + + # Init stack + self.jitter.stack_size = self.STACK_SIZE + self.jitter.init_stack() + + + class Sandbox_Win_x86_32(Sandbox, Arch_x86_32, OS_Win): @staticmethod @@ -303,3 +316,27 @@ class Sandbox_Linux_x86_32(Sandbox, Arch_x86_32, OS_Linux): if addr is None: addr = self.entry_point super(Sandbox_Linux_x86_32, self).run(addr) + + + +class Sandbox_Linux_arml(Sandbox, Arch_arml, OS_Linux): + + @staticmethod + def code_sentinelle(jitter): + print 'Emulation stop' + jitter.run = False + return False + + def __init__(self, *args, **kwargs): + Sandbox.__init__(self, *args, **kwargs) + + self.jitter.cpu.LR = 0x1337beef + + # Set the runtime guard + self.jitter.add_breakpoint(0x1337beef, self.__class__.code_sentinelle) + + + def run(self, addr = None): + if addr is None and self.options.address is not None: + addr = int(self.options.address, 16) + super(Sandbox_Linux_arml, self).run(addr) diff --git a/test/test_all.py b/test/test_all.py index 9f014e32..4264927b 100644 --- a/test/test_all.py +++ b/test/test_all.py @@ -97,7 +97,7 @@ all_tests = { map(all_jit, [ ["unpack_upx.py", "box_upx.exe"], # Take 5 mins on a Core i5 ["test_jit_x86_32.py", "x86_32_sc.bin"], - ["test_jit_arm.py", "md5_arm", "A684"], + ["test_jit_arm.py", "md5_arm", "-a", "A684"], ["test_jit_msp430.py", "msp430_sc.bin", "0"], ["test_jit_mips32.py", "mips32_sc.bin", "0"], ["sandbox_pe_x86_32.py", "box_x86_32.bin"], |