Skip to content

Commit

Permalink
Implementing strlen for KSA, output matches!
Browse files Browse the repository at this point in the history
  • Loading branch information
b committed Dec 17, 2017
1 parent 5680b36 commit c9c7d3c
Showing 1 changed file with 13 additions and 2 deletions.
15 changes: 13 additions & 2 deletions sample/rc4/prga.py
View file
Expand Up @@ -49,7 +49,6 @@ def _start_unicorn(self, startaddr):
if self.mu.reg_read(UC_X86_REG_RIP) == 1:
return
retAddr = struct.unpack("<q", self.mu.mem_read(self.mu.reg_read(UC_X86_REG_RSP), 8))[0]
print "%08x" % retAddr
if retAddr in self.hookdict.keys():
getattr(self, self.hookdict[retAddr])()
self.mu.reg_write(UC_X86_REG_RSP, self.mu.reg_read(UC_X86_REG_RSP) + 8)
Expand Down Expand Up @@ -90,10 +89,22 @@ def __init__(self):

self.mu.mem_write(0x400626L, self.code_0)
self.mu.mem_write(0x40065aL, self.code_1)
self.mu.mem_write(0x4004d0L, "ff25410b2000".decode('hex'))

self.hookdict = {4195958L: 'hook_strlen'}

def hook_strlen(self):
pass
arg = self.mu.reg_read(UC_X86_REG_RDI)
arg0 = arg
mem = self.mu.mem_read(arg, 1)
while mem[0] != 0:
arg+=1
mem = self.mu.mem_read(arg, 1)
print "strlen(): %d" % (arg-arg0)
self.mu.reg_write(UC_X86_REG_RAX, arg-arg0)
return arg-arg0


def _start_unicorn(self, startaddr):
try:
self.mu.emu_start(startaddr, 0)
Expand Down

0 comments on commit c9c7d3c

Please sign in to comment.