10549534825

Committed 12 Aug 2024 04:39PM UTC coverage: 74.334% (-0.04%) from 74.374%

Build # 10549534825

Build Type

push

github

Committed by

peace-maker

Commit Message

Pin colored_traceback < 0.4 for Python 2

Run Details

4451 of 7185 branches covered (61.95%)

12984 of 17467 relevant lines covered (74.33%)

0.74 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

96.67

/pwnlib/commandline/constgrep.py

from __future__ import absolute_import
from __future__ import division

import argparse
import functools
import re

import pwnlib.args
pwnlib.args.free_form = False

from pwn import *
from pwnlib.commandline import common

p = common.parser_commands.add_parser(
    'constgrep',
    help = "Looking up constants from header files.\n\nExample: constgrep -c freebsd -m  ^PROT_ '3 + 4'",
    description = "Looking up constants from header files.\n\nExample: constgrep -c freebsd -m  ^PROT_ '3 + 4'",
    formatter_class = argparse.RawDescriptionHelpFormatter,
)

p.add_argument(
    '-e', '--exact',
    action='store_true',
    help='Do an exact match for a constant instead of searching for a regex',
)

p.add_argument(
    'regex',
    help='The regex matching constant you want to find',
)

p.add_argument(
    'constant',
    nargs = '?',
    default = None,
    type = safeeval.expr,
    help = 'The constant to find',
)

p.add_argument(
    '-i', '--case-insensitive',
    action = 'store_true',
    help = 'Search case insensitive',
)

p.add_argument(
    '-m', '--mask-mode',
    action = 'store_true',
    help = 'Instead of searching for a specific constant value, search for values not containing strictly less bits that the given value.',
)

p.add_argument(
    '-c', '--context',
    metavar = 'arch_or_os',
    action = 'append',
    type   = common.context_arg,
    choices = common.choices,
    help = 'The os/architecture/endianness/bits the shellcode will run in (default: linux/i386), choose from: %s' % common.choices,
)

def main(args):
    if args.exact:
        # This is the simple case
        print(cpp(args.regex).strip())
    else:
        # New we search in the right module.
        # But first: We find the right module
        if context.os == 'freebsd':
            mod = constants.freebsd
        else:
            mod = getattr(getattr(constants, context.os), context.arch)

        # Compile the given regex, for optimized lookup
        if args.case_insensitive:
            matcher = re.compile(args.regex, re.IGNORECASE)
        else:
            matcher = re.compile(args.regex)

        # The found matching constants and the length of the longest string
        out    = []
        maxlen = 0

        constant = args.constant

        for k in dir(mod):
            # No python stuff
            if k.endswith('__') and k.startswith('__'):
                continue

            # Run the regex
            if not matcher.search(k):
                continue

            # Check if the value has proper type
            val = getattr(mod, k)
            if not isinstance(val, pwnlib.constants.constant.Constant):
                continue

            # Check the constant
            if constant is not None:
                if args.mask_mode:
                    if constant & val != val:
                        continue
                else:
                    if constant != val:
                        continue

            # Append it
            out.append((val, k))
            maxlen = max(len(k), maxlen)

        # Output all matching constants
        for _, k in sorted(out):
            print('#define %s %s' % (k.ljust(maxlen), cpp(k).strip()))

        # If we are in match_mode, then try to find a combination of
        # constants that yield the exact given value
        # We do not want to find combinations using the value 0.
        if constant and args.mask_mode:
            mask = constant
            good = []
            out = [(v, k) for v, k in out if v != 0]

            while mask and out:
                cur = out.pop()
                mask &= ~cur[0]
                good.append(cur)

                out = [(v, k) for v, k in out if mask & v == v]

            if functools.reduce(lambda x, cur: x | cur[0], good, 0) == constant:
                print('')
                print('(%s) == %s' % (' | '.join(k for v, k in good), args.constant))

if __name__ == '__main__':
    pwnlib.commandline.common.main(__file__)

1	from __future__ import absolute_import	1✔
2	from __future__ import division	1✔
3
4	import argparse	1✔
5	import functools	1✔
6	import re	1✔
7
8	import pwnlib.args	1✔
9	pwnlib.args.free_form = False	1✔
10
11	from pwn import *	1✔
12	from pwnlib.commandline import common	1✔
13
14	p = common.parser_commands.add_parser(	1✔
15	'constgrep',
16	help = "Looking up constants from header files.\n\nExample: constgrep -c freebsd -m ^PROT_ '3 + 4'",
17	description = "Looking up constants from header files.\n\nExample: constgrep -c freebsd -m ^PROT_ '3 + 4'",
18	formatter_class = argparse.RawDescriptionHelpFormatter,
19	)
20
21	p.add_argument(	1✔
22	'-e', '--exact',
23	action='store_true',
24	help='Do an exact match for a constant instead of searching for a regex',
25	)
26
27	p.add_argument(	1✔
28	'regex',
29	help='The regex matching constant you want to find',
30	)
31
32	p.add_argument(	1✔
33	'constant',
34	nargs = '?',
35	default = None,
36	type = safeeval.expr,
37	help = 'The constant to find',
38	)
39
40	p.add_argument(	1✔
41	'-i', '--case-insensitive',
42	action = 'store_true',
43	help = 'Search case insensitive',
44	)
45
46	p.add_argument(	1✔
47	'-m', '--mask-mode',
48	action = 'store_true',
49	help = 'Instead of searching for a specific constant value, search for values not containing strictly less bits that the given value.',
50	)
51
52	p.add_argument(	1✔
53	'-c', '--context',
54	metavar = 'arch_or_os',
55	action = 'append',
56	type = common.context_arg,
57	choices = common.choices,
58	help = 'The os/architecture/endianness/bits the shellcode will run in (default: linux/i386), choose from: %s' % common.choices,
59	)
60
61	def main(args):	1✔
62	if args.exact:	1✔
63	# This is the simple case
64	print(cpp(args.regex).strip())	1✔
65	else:
66	# New we search in the right module.
67	# But first: We find the right module
68	if context.os == 'freebsd':	1✔
69	mod = constants.freebsd	1✔
70	else:
71	mod = getattr(getattr(constants, context.os), context.arch)	1✔
72
73	# Compile the given regex, for optimized lookup
74	if args.case_insensitive:	1!
75	matcher = re.compile(args.regex, re.IGNORECASE)	×
76	else:
77	matcher = re.compile(args.regex)	1✔
78
79	# The found matching constants and the length of the longest string
80	out = []	1✔
81	maxlen = 0	1✔
82
83	constant = args.constant	1✔
84
85	for k in dir(mod):	1✔
86	# No python stuff
87	if k.endswith('__') and k.startswith('__'):	1✔
88	continue	1✔
89
90	# Run the regex
91	if not matcher.search(k):	1✔
92	continue	1✔
93
94	# Check if the value has proper type
95	val = getattr(mod, k)	1✔
96	if not isinstance(val, pwnlib.constants.constant.Constant):	1✔
97	continue	1✔
98
99	# Check the constant
100	if constant is not None:	1✔
101	if args.mask_mode:	1✔
102	if constant & val != val:	1!
103	continue	×
104	else:
105	if constant != val:	1✔
106	continue	1✔
107
108	# Append it
109	out.append((val, k))	1✔
110	maxlen = max(len(k), maxlen)	1✔
111
112	# Output all matching constants
113	for _, k in sorted(out):	1✔
114	print('#define %s %s' % (k.ljust(maxlen), cpp(k).strip()))	1✔
115
116	# If we are in match_mode, then try to find a combination of
117	# constants that yield the exact given value
118	# We do not want to find combinations using the value 0.
119	if constant and args.mask_mode:	1✔
120	mask = constant	1✔
121	good = []	1✔
122	out = [(v, k) for v, k in out if v != 0]	1✔
123
124	while mask and out:	1✔
125	cur = out.pop()	1✔
126	mask &= ~cur[0]	1✔
127	good.append(cur)	1✔
128
129	out = [(v, k) for v, k in out if mask & v == v]	1✔
130
131	if functools.reduce(lambda x, cur: x \| cur[0], good, 0) == constant:	1!
132	print('')	1✔
133	print('(%s) == %s' % (' \| '.join(k for v, k in good), args.constant))	1✔
134
135	if __name__ == '__main__':	1✔
136	pwnlib.commandline.common.main(__file__)	1✔

Gallopsled / pwntools / 10549534825

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous