Skip to content
Browse files

updated IKVM to latest version and added JAD Support to Util - Java M…

…ethods CallTo and IsCalledBy Mappings.h2
  • Loading branch information...
1 parent bcd5abb commit 3255cb89ed3060e6808ce05265cb1ec00befb697 @DinisCruz DinisCruz committed Sep 4, 2013
View
2 3rdParty/FuzzDB/API_FuzzDB.cs
@@ -54,7 +54,7 @@ public bool install()
//var webLocation = "{0}{1}".format(PublicDI.config.O2SVN_FilesWithNoCode, currentVersionZipFile);
var webLocation = "http://o2platform.googlecode.com/svn/trunk/O2%20-%20All%20Active%20Projects/_3rdPartyDlls/FilesWithNoCode/fuzzdb-1.08.zip";
"downloading file {0} from {1} to {2}".info(currentVersionZipFile, webLocation,localFilePath);
- if (webLocation.httpFileExists())
+ //if (webLocation.httpFileExists())
{
new Web().downloadBinaryFile(webLocation, localFilePath);
if (localFilePath.fileExists())
View
27 3rdParty/JAD/API_Jad.cs
@@ -1,18 +1,18 @@
// This file is part of the OWASP O2 Platform (http://www.owasp.org/index.php/OWASP_O2_Platform) and is released under the Apache 2.0 License (http://www.apache.org/licenses/LICENSE-2.0)
using FluentSharp.CoreLib;
-using FluentSharp.CoreLib.API;
using FluentSharp.REPL;
//Installer:Jad_Installer.cs!jad/jad.exe
-namespace O2.XRules.Database.APIs
+namespace FluentSharp.CoreLib.API
{
public class API_Jad
{
- public string Executable { get; set;}
+ public string Executable { get; set;}
public string JadDecompilations { get; set; }
+ public string LastJadExtraction { get; set; }
public API_Jad()
{
this.Executable = PublicDI.config.ToolsOrApis.pathCombine(@"jad/jad.exe");
@@ -33,7 +33,25 @@ public static string help(this API_Jad jad)
public static string decompile(this API_Jad jad, string classFile)
{
- return jad.execute("-p \"{0}\"".format(classFile));
+ return classFile.valid() && classFile.fileExists()
+ ? jad.execute("-p \"{0}\"".format(classFile))
+ : "";
+ }
+ public static string decompile_From_JavaSignature(this API_Jad jad, string javaSignature)
+ {
+ return jad.decompile(jad.getClassFile_From_JavaSignature(javaSignature));
+ }
+
+ public static string jad_Decompile(this string classFile)
+ {
+ return new API_Jad().decompile(classFile);
+ }
+
+ public static string getClassFile_From_JavaSignature(this API_Jad jad, string javaSignature)
+ {
+ return javaSignature.valid()
+ ? jad.LastJadExtraction.pathCombine(javaSignature.replace(".",@"\").add(".class"))
+ : "";
}
}
@@ -50,6 +68,7 @@ public static string extractJarIntoTempFolder(this API_Jad jad, string jarFile)
"Extracting Classes from Jar: {0}".info(jarFile);
jarFile.unzip(extractFolder);
}
+ jad.LastJadExtraction = extractFolder;
return extractFolder;
}
return null;
View
6 APIs/IKVM/API_IKVM.cs
@@ -6,9 +6,7 @@
//using O2.XRules.Database.Languages_and_Frameworks.DotNet;
-//Installer:IKVM_Installer.cs!IKVM\ikvm-7.1.4532.2\bin\ikvm.exe
-
-//_O2File:DotNet_SDK_GacUtil.cs
+//Installer:IKVM_Installer.cs!IKVM\ikvm-7.2.4630.5\bin\ikvm.exe
namespace O2.XRules.Database.APIs.IKVM
{
@@ -33,7 +31,7 @@ public class API_IKVM
public API_IKVM()
{
- _IKVMRuntimeDir = PublicDI.config.ToolsOrApis.pathCombine(@"\IKVM\ikvm-7.1.4532.2\bin");
+ _IKVMRuntimeDir = PublicDI.config.ToolsOrApis.pathCombine(@"\IKVM\ikvm-7.2.4630.5\bin");
//"_IKVM_Runtime.zip";
IKVMExecutable = Path.Combine(_IKVMRuntimeDir, "ikvm.exe");
View
25 APIs/IKVM/API_IKVMC.cs
@@ -14,21 +14,16 @@
using FluentSharp.REPL.Controls;
using FluentSharp.WinForms;
-//O2File:API_IKVMC_JavaMetadata.cs
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.Runtime.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.Runtime.JNI.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Util.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Core.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.Reflection.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\ikvmc.exe
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.Runtime.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.Runtime.JNI.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.OpenJDK.Util.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.OpenJDK.Core.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.Reflection.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.OpenJDK.XML.API.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.OpenJDK.Beans.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\ikvmc.exe
-//_O2Ref:IKVM.OpenJDK.SwingAWT.dll
-//_O2Ref:IKVM.OpenJDK.Security.dll
-//_O2Ref:IKVM.Runtime.dll
-//_O2Ref:IKVM.OpenJDK.Util.dll
-//_O2Ref:IKVM.OpenJDK.Core.dll
-//_O2Ref:IKVM.Reflection.dll
-//_O2Ref:IKVM.Runtime.JNI.dll
+//O2File:API_IKVMC_JavaMetadata.cs
namespace O2.XRules.Database.APIs.IKVM
{
@@ -49,7 +44,7 @@ public API_IKVMC()
public void setup()
{
//IkvmcAssembly = "ikvmc.exe".assembly();
- var basePath = @"IKVM\ikvm-7.1.4532.2\bin\";
+ var basePath = @"IKVM\ikvm-7.2.4630.5\bin\";
IkvmcAssembly = basePath.add(@"ikvmc.exe").assembly();
StaticCompiler = IkvmcAssembly.type("StaticCompiler");
//IkvmRuntime = StaticCompiler.invokeStatic("LoadFile",Environment.CurrentDirectory.pathCombine("IKVM.Runtime.dll"));
View
6 APIs/IKVM/IKVM_Installer.cs
@@ -16,8 +16,10 @@ public class IKVM_Installer : Tool_API
public IKVM_Installer()
{
config("IKVM",
- "http://switch.dl.sourceforge.net/project/ikvm/ikvm/7.1.4532.2/ikvmbin-7.1.4532.2.zip".uri(),
- @"ikvm-7.1.4532.2\bin\ikvm.exe");
+ "http://garr.dl.sourceforge.net/project/ikvm/ikvm/7.2.4630.5/ikvmbin-7.2.4630.5.zip".uri(),
+ @"ikvm-7.2.4630.5\bin\ikvm.exe");
+ //"http://switch.dl.sourceforge.net/project/ikvm/ikvm/7.1.4532.2/ikvmbin-7.1.4532.2.zip".uri(),
+ //@"ikvm-7.1.4532.2\bin\ikvm.exe");
installFromZip_Web();
}
View
41 APIs/IKVM/PoC - view IKVM internal java converted objects.h2
@@ -1,24 +1,6 @@
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.SwingAWT.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Security.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.Runtime.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Util.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Core.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.Reflection.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.Runtime.JNI.dll
-
var topPanel = "util - view IKVM internal java converted objects".popupWindow(1000,600).insert_LogViewer();
//var topPanel = panel.clear().add_Panel();
-//using IKVM.Runtime
-//using IKVM.Internal
-//using java.lang
-//using java.lang.reflect
-//using java.util.jar
-//using java.util.zip
-//using ikvm.runtime
-//using System.Reflection
-//var comp = new IkvmcCompiler();
-
var treeView = topPanel.add_TreeView();//_with_PropertyGrid(false);
var objectViewer = treeView.insert_Right().add_Control<ctrl_ObjectViewer>();
treeView.afterSelect<object>(objectViewer.show);
@@ -171,10 +153,23 @@ treeView.onDrop((file)=>O2Thread.mtaThread(()=>loadFile(file)));
return "ok";
//return O2.DotNetWrappers.DotNet.GacUtils.currentGacAssemblies();
-//using O2.XRules.Database.APIs.IKVM
-//using O2.XRules.Database.APIs
-//O2File:API_IKVM.cs
+//using IKVM.Runtime
+//using IKVM.Internal
+//using java.lang
+//using java.lang.reflect
+//using java.util.jar
+//using java.util.zip
+//using ikvm.runtime
+//using System.Reflection
+
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.OpenJDK.SwingAWT.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.OpenJDK.Security.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.Runtime.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.OpenJDK.Util.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.OpenJDK.Core.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.Reflection.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.Runtime.JNI.dll
+
-//using System.Collections
-
+//using System.Collections
View
106 APIs/IKVM/Util - Java Methods CallTo and IsCalledBy Mappings.h2
@@ -4,17 +4,22 @@ var topPanel = O2Gui.open<Panel>("Util - Java Methods CallTo and IsCalledBy Mapp
JavaMetadata_XRefs javaXRefs = null;
var filter = "";
-var show_CallsTo = false;
-var show_IsCalledBy = false;
-var show_ImplementedBy = false;
-var show_Implements = false;
+var show_CallsTo = false;
+var show_IsCalledBy = false;
+var show_ImplementedBy = false;
+var show_Implements = false;
var show_EnclosingMethod = false;
-var show_SourceCode = false;
-var showStubTreeNodes = false;
-Action showData = ()=>{};
-
+var show_SourceCode = false;
+var showStubTreeNodes = false;
+var useJad = false;
+var apiJad = new API_Jad();
+
+Action showData = ()=>{};
+TextBox textSearch = null;
+
var codeViewer = topPanel.add_SourceCodeViewer();
-
+
+//var toolStrip = topPanel.insert_Above_ToolStrip();
//var treeView = topPanel.insert_Left().add_TreeView_with_PropertyGrid();
var treeView = topPanel.insert_Left().add_TreeView();
@@ -25,6 +30,7 @@ var showCallsTo_Checkbox = configPanel.add_CheckBox("show 'Calls To' mappings
var showIsCalledBy_CheckBox = configPanel.add_CheckBox("show 'IsCalledBy' mappings", 0,200, (value)=> { show_IsCalledBy= value; showData(); }).autoSize().check();
configPanel.add_CheckBox("show 'Implements' mappings", 20,200, (value)=> { show_Implements = value ; showData(); }).autoSize().check();
configPanel.add_CheckBox("show 'EnclosingMethod' mappings", 40,200, (value)=> { show_EnclosingMethod = value ; showData(); }).autoSize().check();
+ configPanel.add_CheckBox("use JAD" , 20,400, (value)=> { useJad = value ; }).autoSize();//.check();
configPanel.add_CheckBox("Hide 'Type Nodes'", 40,400, (value)=> { showStubTreeNodes = value ; showData(); }).autoSize().check();
configPanel.add_CheckBox("on Select, open Source Code ", 40,0, (value)=> { show_SourceCode= value; }).autoSize().check();
@@ -45,28 +51,46 @@ treeView.beforeExpand<Method_CallMapping>(
if(show_IsCalledBy)
treeNode.add_IsCalledBy(callMapping, javaXRefs.CallMappings, javaXRefs.Methods_by_Signature, showStubTreeNodes);
if (show_Implements)
- treeNode.add_Implements(callMapping, javaXRefs.CallMappings,javaXRefs.Methods_by_Signature, showStubTreeNodes);
-
-
-
+ treeNode.add_Implements(callMapping, javaXRefs.CallMappings,javaXRefs.Methods_by_Signature, showStubTreeNodes);
if (show_EnclosingMethod)
treeNode.add_EnclosingMethod(callMapping, javaXRefs, showStubTreeNodes);
});
treeView.afterSelect<Method_CallMapping>(
- (callMapping)=> {
- if (show_SourceCode)
+ (callMapping)=> {
+ if (javaXRefs.Methods_by_Signature.hasKey(callMapping.Signature))
{
- if (javaXRefs.Methods_by_Signature.hasKey(callMapping.Signature))
- {
- var method = javaXRefs.Methods_by_Signature[callMapping.Signature];
- var methodClass = javaXRefs.Classes_by_Signature[method.ClassName];
- codeViewer.showInCodeViewer(methodClass,method);
+ var method = javaXRefs.Methods_by_Signature[callMapping.Signature];
+ var methodClass = javaXRefs.Classes_by_Signature[method.ClassName];
+ if (show_SourceCode)
+ {
+ codeViewer.showInCodeViewer(methodClass,method);
}
else
- codeViewer.set_Text("...no code for method");
- treeView.focus();
- }
+ {
+ if(useJad)
+ {
+ "Using JAD for class: {0}".info(method.ClassName);
+ var jadCode = apiJad.decompile_From_JavaSignature(method.ClassName);
+ if (jadCode.valid())
+ {
+ codeViewer.set_Text(jadCode);
+ textSearch.set_Text(" " + method.Name);
+ }
+ else
+ codeViewer.set_Text("... class to decompile not available, drag & drop jar again with the 'use JAD' checkbox selected");
+ }
+ else
+ {
+ codeViewer.set_Text("...no code reference for selected method: {0}".format(callMapping.Signature));
+ }
+ }
+ }
+ else
+ {
+ codeViewer.set_Text("...no code reference for selected method: {0}".format(callMapping.Signature));
+ }
+ treeView.focus();
});
@@ -97,7 +121,23 @@ showData =
treeView.nodes().first().expand();
};
-
+Action hack_ShowCodeViewerSearchBar =
+ ()=>{
+ codeViewer.editor()._ShowSearchAndAstDetails=true;
+ var tabControl = codeViewer.controls<TabControl>(true).first();
+ var tabs = tabControl.tabs();
+ tabs.RemoveAt(0);
+ tabs.forEach<TabPage>(tab => tabControl.remove_Tab(tab));
+ tabControl.splitContainer().fixedPanel2();
+ tabControl.splitterDistance(codeViewer.splitContainer().height()-80);
+ textSearch = tabControl.controls<TextBox>(true).first();
+ };
+Action<string> extractForJAD =
+ (file)=>{
+ if (useJad)
+ apiJad.extractJarIntoTempFolder(file);
+ };
+
Action<string> loadData =
(file)=>{
treeView.azure();
@@ -109,15 +149,27 @@ Action<string> loadData =
"could not get Java Metadata from file: {0}".error(file);
else
{
- javaXRefs = javaMetadata.map_JavaMetadata_XRefs();
+ javaXRefs = javaMetadata.map_JavaMetadata_XRefs();
showData();
+ extractForJAD(file);
treeView.focus();
}
treeView.white();
});
};
-
+
treeView.onDrop(loadData);
+hack_ShowCodeViewerSearchBar();
+
+loadData("commons-logging-1.1.1.jar".local());
+//return "";
+topPanel.mainMenu().clear()
+ .add_Menu("Sample files")
+ .add_MenuItem("commons-logging-1.1.1.jar", ()=> loadData("commons-logging-1.1.1.jar".local()))
+ .add_Menu("REPL (Script UI)")
+ .add_MenuItem("REPL Java Objects", ()=> javaXRefs.script_Me())
+ .add_MenuItem("REPL this GUI", ()=> topPanel.script_Me());
+
treeView.add_Node("Drop here Jar or Class file to view its call mappings");
//loadData(@"C:\O2\DemoData\WebGoat\WebGoat-5.3_RC1\tomcat\webapps\webgoat\WEB-INF\lib\commons-logging-1.0.4.jar");
@@ -128,7 +180,7 @@ treeView.add_Node("Drop here Jar or Class file to view its call mappings");
return "ok";
//O2File:API_IKVMC_JavaMetadata.cs
-
+//O2File:API_Jad.cs
//using O2.XRules.Database.APIs.IKVM
//O2File:API_IKVMC.cs
//O2File:API_IKVMC_CallMapping.cs
View
18 APIs/IKVM/Util - View Jar File Entries.h2
@@ -1,23 +1,21 @@
-<?xml version="1.0"?>
-<H2>
- <SourceCode>var topPanel = O2Gui.open&lt;Panel&gt;("Util - View Jar File Entries",700,400);
+var topPanel = O2Gui.open<Panel>("Util - View Jar File Entries",700,400);
//var topPanel = panel.clear().add_Panel();
var treeView = topPanel.add_TreeView().sort();
-Action&lt;string&gt; showJarEntries =
- (file)=&gt;{
+Action<string> showJarEntries =
+ (file)=>{
"Loading file: {0}".info(file);
var jarFile = new JarFile(file);
var entries = jarFile.entries();
- var zipEntries = new List&lt;ZipEntry&gt;();
+ var zipEntries = new List<ZipEntry>();
while (entries.hasMoreElements())
zipEntries.add((ZipEntry)entries.nextElement());
treeView.add_Nodes(zipEntries);
};
treeView.onDrop(
- (fileOrFolder)=&gt;{
+ (fileOrFolder)=>{
treeView.clear();
if (fileOrFolder.fileExists())
showJarEntries(fileOrFolder);
@@ -33,7 +31,5 @@ treeView.add_Node("Drop here a local Jar file or Folder (with Jars) to view its
//using java.util.jar
//using java.util.zip
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Core.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Util.dll</SourceCode>
- <ReferencedAssemblies />
-</H2>
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.OpenJDK.Core.dll
+//O2Ref:IKVM\ikvm-7.2.4630.5\bin\IKVM.OpenJDK.Util.dll
View
7 APIs/IKVM/Util - View Java Mappings.h2
@@ -1,11 +1,6 @@
-<?xml version="1.0"?>
-<H2>
- <SourceCode>var topPanel = O2Gui.open&lt;Panel&gt;("Util - View Java Mappings",700,400);
+var topPanel = O2Gui.open<Panel>("Util - View Java Mappings",700,400);
topPanel.insert_LogViewer();
topPanel.viewJavaMappings(null);
//using O2.XRules.Database.APIs.IKVM
//O2File:API_IKVMC.cs
-</SourceCode>
- <ReferencedAssemblies />
-</H2>
View
BIN _DataFiles/Jars/commons-logging-1.1.1.jar
Binary file not shown.
View
10 _Sample_Vulns/XmlSerialization/XmlDecode/PoC - XmlEncode object (using IKVM).h2
@@ -3,7 +3,7 @@ var topPanel = "Util - XmlEncode object (using IKVM)".popupWindow(800,250);
var script = topPanel.add_Script();
var xmlEncoded = topPanel.insert_Right("XmlEncode of reutnr object").add_SourceCodeViewer();
-
+
script.onExecute =
(objectToXmlEncode)=>
{
@@ -32,8 +32,8 @@ var testObj = "a string";
//using java.io
//using java.beans
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Core.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.XML.API.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Beans.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Util.dll
+//O2Ref:IKVM.OpenJDK.Core.dll
+//O2Ref:IKVM.OpenJDK.XML.API.dll
+//O2Ref:IKVM.OpenJDK.Beans.dll
+//O2Ref:IKVM.OpenJDK.Util.dll
//O2File:API_IKVMC.cs
View
10 _Sample_Vulns/XmlSerialization/XmlDecode/Util - XmlDecode in memory using IKVM.h2
@@ -1,7 +1,7 @@
//var topPanel = panel.add_Panel(true);
var topPanel = "Util - XmlDecode in memory using IKVM.h2".popupWindow(1200,600).insert_LogViewer();
-bool autoConvert = false;
+bool autoConvert = false;
var exploitsFolder = "exploits";
XMLDecoder xmlDecoder = null;
@@ -90,9 +90,9 @@ exploits.selectFirst();
//using java.io
//using java.beans
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Core.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.XML.API.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Beans.dll
-//O2Ref:IKVM\ikvm-7.1.4532.2\bin\IKVM.OpenJDK.Util.dll
+//O2Ref:IKVM.OpenJDK.Core.dll
+//O2Ref:IKVM.OpenJDK.XML.API.dll
+//O2Ref:IKVM.OpenJDK.Beans.dll
+//O2Ref:IKVM.OpenJDK.Util.dll
//O2File:API_IKVMC.cs
//_O2EmbedTool:IKVM

0 comments on commit 3255cb8

Please sign in to comment.
Something went wrong with that request. Please try again.