Skip to content

cli - syscall injection and disassemble commands (and other things) #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
kwong05 wants to merge 37 commits into
base: main
Choose a base branch
from
Open

cli - syscall injection and disassemble commands (and other things) #8

Changes from all commits
Commits
Show all changes
37 commits
Select commit Hold shift + click to select a range
ab5ddfc
add readline as dependency
kwong05 Apr 22, 2025
55955fb
Merge remote-tracking branch 'origin/reusable_breakpoints' into cli
kwong05 Apr 29, 2025
7279603
partially implement cli with breakpoint insertion
kwong05 Apr 29, 2025
2687391
handle multiple commands (while loop)
kwong05 Apr 29, 2025
56d8b20
add (untested) support for symbols for breakpoint
kwong05 May 6, 2025
22443a7
print usable commands, slightly modify strtoul
kwong05 May 6, 2025
5b2ad79
reorganize Operation into its own files
kwong05 May 6, 2025
2684b00
fix commented-out elf.hpp include
kwong05 May 6, 2025
5aa6aa5
fix headers for operation.cpp, reorganize address acquisition into se…
kwong05 May 6, 2025
b4a77f0
fix a lot of things, except readline
kwong05 May 6, 2025
525f207
clarify list of available commands
kwong05 May 6, 2025
ca2105a
align header declarations with definitions; add another constructor
kwong05 May 6, 2025
b3edf6d
add error handling for no-ELF situations
kwong05 May 6, 2025
0594597
reorganize class declaration
kwong05 May 6, 2025
cf2be23
fix readline error (include cstdio)
kwong05 May 6, 2025
bde49b9
rebase with main, comment out code for now
kwong05 May 13, 2025
687d348
lay things out for syscall and register commands (not implemented yet)
kwong05 May 13, 2025
09ecf77
add helper function to return Register
kwong05 May 13, 2025
ab2f7e9
actually try to match things with main
kwong05 May 13, 2025
e4cb8ae
implement register read/write
kwong05 May 13, 2025
fa1663f
fix parsing, and other misc things
kwong05 May 13, 2025
1081cc4
some bug fixes (still buggy), move continue condition elsewhere
kwong05 May 13, 2025
fea7d6b
Merge branch 'main' into cli
kwong05 May 13, 2025
d02ab9a
add mem read and write (untested)
kwong05 May 20, 2025
27bc2d6
Merge remote-tracking branch 'origin' into cli
kwong05 May 20, 2025
0abb37a
backtrace, elf
kwong05 May 20, 2025
1f3f8b6
adjust prompts and outputs
kwong05 May 20, 2025
d508a79
more minor tweaks
kwong05 May 20, 2025
9f7ad79
Merge branch 'main' into cli
kwong05 May 20, 2025
a61285e
implement injection command, make some tweaks
kwong05 May 20, 2025
95a84c4
print slightly more info for syscall
kwong05 May 20, 2025
a16f638
modify backtrace result variable type
kwong05 May 20, 2025
2b22974
display better error info
kwong05 May 20, 2025
02d4e57
Merge remote-tracking branch 'origin' into cli
kwong05 May 21, 2025
0f9cbae
disassemble command
kwong05 May 21, 2025
454fdda
organize commands help prompt
kwong05 May 21, 2025
f0a7d94
implement quitting
kwong05 May 21, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
141 changes: 115 additions & 26 deletions operation.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -145,41 +145,82 @@ int Operation::execute_command(std::vector<std::string> arguments) {
std::cout << "Breakpoint added at" << arg1_l << "\n";
return 0;

} else if (command == "bt" || command == "backtrace") {
std::vector<long> result = tracee->backtrace();
}
else if (command == "bt" || command == "backtrace")
{
std::vector<int64_t> result = tracee->backtrace();

std::cout << "Backtrace:\n";
for (unsigned long i = 0; i < result.size(); i++) {
std::cout << result.at(i) << "\n";
}
std::cout << "End backtrace\n";
return 0;
} else if (command == "si" || command == "stepin") {
}

else if (command == "d" || command == "disas")
{
std::string arg1 = arguments.at(1);
long arg1_l = Operation::get_addr(arg1);

int arg2_i = std::stoi(arguments.at(2));
return tracee->disassemble(arg2_i, arg1_l);
}

else if (command == "si" || command == "stepin")
{
std::cout << "Stepping into child\n";
tracee->step_into();
return 0;
} else if (command == "rr" || command == "readreg") {
}
else if (command == "rr" || command == "readreg")
{
Register arg1 = get_register(arguments.at(1));
printf("%#lx", tracee->read_register(arg1, 8));
return 0;
} else if (command == "wr" || command == "writereg") {
}
else if (command == "wr" || command == "writereg")
{
Register arg1 = get_register(arguments.at(1));
int arg2 = stoi(arguments.at(2));
unsigned long arg3 = std::stoul(arguments.at(3));
tracee->write_register(arg1, arg2, arg3);
unsigned long arg2 = std::stoul(arguments.at(2));
tracee->write_register(arg1, 8, arg2);
printf("Written\n");
return 0;
} else if (command == "i" || command == "inj" || command == "inject") {
}
else if (command == "i" || command == "inj" || command == "inject")
{
// i/inj/inject SYSCALL_NUM VALUE
// the user must provide all 6 syscall arguments
unsigned long syscall_num = std::stoul(arguments.at(1));

std::array<unsigned long, 6> syscall_args;

if (arguments.size() < 8) // not enough args
{
std::cout << "You don't have enough arguments. Provide a syscall value and 6 arguments.\n For more, hit ENTER.\n";
return -1;
}

for (int i = 0; i < 6; i++)
{
syscall_args[i] = std::stoul(arguments[i + 2]);
}

unsigned long retval = tracee->syscall(syscall_num, syscall_args);
printf("Syscall return: %#lx", retval);
return 0;
// TODO
} else if (command == "x" || command == "readmem") {
}
else if (command == "x" || command == "readmem")
{
std::string arg1 = arguments.at(1);
long arg1_l = Operation::get_addr(arg1);
long arg2_l = std::stoul(arguments.at(2));
unsigned long output;
tracee->read_memory(arg1_l, &output, arg2_l);
printf("%#lx", output);
return 0;
} else if (command == "set" || command == "writemem") {
}
else if (command == "set" || command == "writemem") {
std::string arg1 = arguments.at(1);
long arg1_l = Operation::get_addr(arg1);
long arg2_l = std::stoul(arguments.at(2));
Expand All @@ -189,19 +230,53 @@ int Operation::execute_command(std::vector<std::string> arguments) {

std::cout << "Written\n";
return 0;
} else {
std::cout << "Available commands:\n"
<< "bt/backtrace\n"
<< "b/brk/break/breakpoint *0xHEXADDR\n"
<< "b/brk/break/breakpoint SYMBOL\n"
<< "c/continue\n"
<< "si/stepin\n"
<< "rr/readreg REG\n"
<< "wr/writereg REG NBYTES VALUE\n"
<< "i/inj/inject ___" << "x/readmem *0xHEXADDR SIZE\n"
<< "x/readmem SYMBOL SIZE\n"
<< "set/writemem *0xHEXADDR SIZE VALUE\n"
<< "set/writemem SYMBOL SIZE VALUE\n";
}
else if (command == "exit" || command == "quit")
{
tracee->kill_process();
exit(0);
}
else
{
std::cout <<
"Available commands:\n" <<
"\n" <<

"Breakpoints:\n" <<
"b/brk/break/breakpoint 0xHEXADDR\n" <<
"b/brk/break/breakpoint SYMBOL\n" <<
"\n" <<

"Disassemble:\n" <<
"d/disas 0xHEXADDR LINENUMS\n" <<
"d/disas SYMBOL LINENUMS\n" <<
"bt/backtrace\n" <<
"\n" <<

"Memory:\n" <<
"x/readmem 0xHEXADDR SIZE\n" <<
"x/readmem SYMBOL SIZE\n" <<
"set/writemem 0xHEXADDR SIZE DATA\n" <<
"set/writemem SYMBOL SIZE DATA\n" <<
"\n" <<

"Registers:\n" <<
"rr/readreg REG\n" <<
"wr/writereg REG DATA\n" <<
"\n" <<

"Continued execution:\n" <<
"c/continue\n" <<
"si/stepin\n" <<
"\n" <<

"Syscall injection:\n" <<
"i/inj/inject SYSCALL_NUM RDI RSI RDX R10 R8 R9\n" <<
"\n" <<

"Exit debugger\n" <<
"exit/quit\n"
;
return 0;
}
}
Expand All @@ -218,7 +293,21 @@ int Operation::parse_and_run() {
try {
execute_command(command);
std::cout << "\n";
} catch (...) {
}
catch(int errorcode)
{
std::cout << "Something went wrong. Reevaluate your commands, and try again.\nFor help, hit ENTER.\n" <<
"Errorno thrown: " << errorcode << "\n";
}
catch(std::runtime_error& error)
{
std::cout << "Something went wrong. Reevaluate your commands, and try again.\nFor help, hit ENTER.\n";
const char* errordesc = error.what();
printf("Error description: %s\n", errordesc);

}
catch(...)
{
std::cout << "Something went wrong. Reevaluate your commands, and try again.\nFor help, hit ENTER.\n";
}
}
Expand Down