-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathimport_implementations.py
More file actions
51 lines (40 loc) · 1.62 KB
/
import_implementations.py
File metadata and controls
51 lines (40 loc) · 1.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
import logging
from angr import SimProcedure
from angr.procedures.libc.memcpy import memcpy
from cle import SymbolType
logger = logging.getLogger(__name__)
logger.setLevel(logging.DEBUG)
class ReturnZero(SimProcedure):
def run(self):
self.ret(0)
class UnimplementedHook(SimProcedure):
def __init__(self, symbol_name, *args, **kwargs):
super(UnimplementedHook, self).__init__(*args, **kwargs)
self.symbol_name = symbol_name
def run(self):
logger.warning("Symbol '%s' called but corresponding function is NOT implemented." % self.symbol_name)
self.ret()
# Symbol name, SimProcedure
IMPLEMENTED_IMPORTS = [
("pthread_mutex_lock", ReturnZero),
("pthread_mutex_unlock", ReturnZero),
("__aeabi_memcpy", memcpy)
]
def hookAllImportSymbols(proj):
# Set hook on implemented imports
for symbName, SimProc in IMPLEMENTED_IMPORTS:
if proj.loader.find_symbol(symbName):
proj.hook_symbol(symbName, SimProc(), replace=True)
# Set warning SimProcedure on unimplemented imports
for symb in proj.loader.symbols :
if symb.is_import and symb.type == SymbolType.TYPE_FUNCTION:
if symb.resolvedby:
symb_addr = symb.resolvedby.rebased_addr
else:
symb_addr = symb.rebased_addr
if proj.is_hooked(symb_addr):
simProc = proj.hooked_by(symb_addr)
if not simProc.is_stub:
# This symbol is already implemented by a SimProcedure
continue
proj.hook_symbol(symb_addr, UnimplementedHook(symb.name), replace=False)