lyc
/
pwndbg
mirror of https://github.com/pwndbg/pwndbg.git
1
0
Fork 0
Code Releases Activity

Enhance canary command

Browse Source 
Canary command:
* Displays telescope result of places where canaries are located
* Moved to its own file (`pwndbg/commands/canary.py`)
* Moved to `ArgparsedCommand` (as discussed in https://github.com/pwndbg/pwndbg/issues/244)
pull/319/head
Disconnect3d 8 years ago committed by GitHub
parent 8775073df0
commit f69b285ad4
3 changed files with 49 additions and 12 deletions
Show Stats Download Patch File Download Diff File

1
pwndbg/__init__.py
Unescape View File

@ -18,6 +18,7 @@ import pwndbg.commands
import pwndbg.commands.argv import pwndbg.commands.argv
import pwndbg.commands.aslr import pwndbg.commands.aslr
import pwndbg.commands.auxv import pwndbg.commands.auxv
import pwndbg.commands.canary
import pwndbg.commands.checksec import pwndbg.commands.checksec
import pwndbg.commands.config import pwndbg.commands.config
import pwndbg.commands.context import pwndbg.commands.context

48
pwndbg/commands/canary.py
Unescape View File

@ -0,0 +1,48 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from __future__ import absolute_import
from __future__ import division
from __future__ import print_function
from __future__ import unicode_literals
import argparse
import pwndbg.auxv
import pwndbg.color
import pwndbg.commands
import pwndbg.commands.telescope
import pwndbg.memory
import pwndbg.regs
import pwndbg.search
parser = argparse.ArgumentParser(description='Print out the current stack canary')
@pwndbg.commands.ArgparsedCommand(parser)
@pwndbg.commands.OnlyWhenRunning
def canary():
auxv = pwndbg.auxv.get()
at_random = auxv.get('AT_RANDOM', None)
if at_random is None:
print("Couldn't find AT_RANDOM - can't display canary.")
return
global_canary = pwndbg.memory.pvoid(at_random)
# masking canary value as canaries on the stack has last byte = 0
global_canary &= (pwndbg.arch.ptrmask ^ 0xFF)
print("AT_RANDOM = %#x # points to (not masked) global canary value" % at_random)
print("Canary = 0x%x" % global_canary)
stack_canaries = list(
pwndbg.search.search(pwndbg.arch.pack(global_canary), mappings=pwndbg.stack.stacks.values())
)
if not stack_canaries:
print(pwndbg.color.yellow('No valid canaries found on the stacks.'))
return
print(pwndbg.color.green('Found valid canaries on the stacks:'))
for stack_canary in stack_canaries:
pwndbg.commands.telescope.telescope(address=stack_canary, count=1)

12
pwndbg/commands/misc.py
Unescape View File

@ -76,15 +76,3 @@ def distance(a, b):
distance = (b-a) distance = (b-a)
print("%#x->%#x is %#x bytes (%#x words)" % (a, b, distance, distance // _arch.ptrsize)) print("%#x->%#x is %#x bytes (%#x words)" % (a, b, distance, distance // _arch.ptrsize))
@_pwndbg.commands.Command
@_pwndbg.commands.OnlyWhenRunning
def canary():
"""Print out the current stack canary"""
auxv = _pwndbg.auxv.get()
at_random = auxv.get('AT_RANDOM', None)
if at_random is not None:
print("AT_RANDOM=%#x" % at_random)
else:
print("Couldn't find AT_RANDOM")

Write Preview
Loading…
Cancel
Save