fixed issue #22

ChrisTheCoolHut · Jan 29, 2022 · a541336 · a541336
1 parent b7ccad9
commit a541336
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 3 deletions.
diff --git a/zeratool/formatExploiter.py b/zeratool/formatExploiter.py
@@ -51,6 +51,10 @@ def exploitFormat(binary_name, properties):
             log.info("[+] Found stack location at {}".format(stack_position))
             break
 
+    if stack_position == -1:
+        log.info("Could not find stack position")
+        return None
+
     if len(properties["win_functions"]) > 0:
         for func in properties["win_functions"]:
             address = properties["win_functions"][func]["fcn_addr"]

diff --git a/zeratool/overflowDetector.py b/zeratool/overflowDetector.py
@@ -27,8 +27,8 @@ def run(self):
 
     p = angr.Project(binary_name, load_options={"auto_load_libs": False})
     # Hook rands
-    p.hook_symbol("rand", hookFour)
-    p.hook_symbol("srand", hookFour)
+    p.hook_symbol("rand", hookFour())
+    p.hook_symbol("srand", hookFour())
     # p.hook_symbol('fgets',angr.SIM_PROCEDURES['libc']['gets']())
 
     # Setup state based on input type

diff --git a/zeratool/radare_helper.py b/zeratool/radare_helper.py
@@ -19,7 +19,7 @@ def getRegValues(filename, endAddr=None):
     # drj command is broken in r2 right now
     # so use drrj
     regs = json.loads(r2.cmd("drrj"))
-    regs = dict([(x["reg"], int(x["value"], 16)) for x in regs])
+    regs = dict([(x["reg"], int(x["value"], 16)) for x in regs if x["reg"] != "rflags"])
     r2.quit()
     return regs