diff --git a/BUILD_INSTRUCTIONS_WINDOWS.txt b/BUILD_INSTRUCTIONS_WINDOWS.txt new file mode 100644 index 00000000..97bf24aa --- /dev/null +++ b/BUILD_INSTRUCTIONS_WINDOWS.txt @@ -0,0 +1,4 @@ +1. git clone +2. cd +3. cmake .. DESTDIR= // please override this as it defaults to c:\Program Files +4. cmake --build . diff --git a/BinLoader/CMakeLists.txt b/BinLoader/CMakeLists.txt index 92a724b1..04f1fae7 100644 --- a/BinLoader/CMakeLists.txt +++ b/BinLoader/CMakeLists.txt @@ -10,7 +10,9 @@ add_library(${LIBRARY_NAME} STATIC Unified.Loader.cpp LoaderAPI.cpp Inproc.Mapper.cpp + Extern.Mapper.cpp Shm.Mapper.cpp + Mem.Mapper.cpp Inproc.Native.Importer.cpp ) diff --git a/CMakeLists.txt b/CMakeLists.txt index 968c0bf9..95aecd47 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,9 +1,11 @@ cmake_minimum_required(VERSION 2.8) -set(CMAKE_SYSTEM_NAME Linux) +##set(CMAKE_SYSTEM_NAME Linux) project(RIVER C CXX ASM) set(CMAKE_ASM_CREATE_SHARED_LIBRARY ${CMAKE_C_CREATE_SHARED_LIBRARY}) -set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_INSTALL_PREFIX}/bin) +set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib) +set(CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib) +set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/bin) set(CMAKE_POSITION_INDEPENDENT_CODE false) @@ -24,6 +26,7 @@ add_subdirectory(revtracer-wrapper) add_subdirectory(revtracer) add_subdirectory(ipclib) add_subdirectory(Execution) +add_subdirectory(loader.setup) add_subdirectory(loader) add_subdirectory(SymbolicEnvironment) add_subdirectory(benchmarking-payload) diff --git a/Execution/CMakeLists.txt b/Execution/CMakeLists.txt index 1286ed46..65600885 100644 --- a/Execution/CMakeLists.txt +++ b/Execution/CMakeLists.txt @@ -1,7 +1,13 @@ ## Execution CMakeLists.txt set(LIBRARY_NAME execution) -set(FLAGS_CROSS "-D__cdecl=\"\" -D__stdcall=\"\"") +if(WIN32) +set(FLAGS_CROSS "-D_cdecl=\"__cdecl\" \ + -D_stdcall=\"__stdcall\"") +else(WIN32) +set(FLAGS_CROSS "-D_cdecl=\"__attribute__((cdecl))\" \ + -D_stdcall=\"__attribute__((stdcall))\"") +endif() set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -m32 -std=c++11 -D_EXECUTION_EXPORTS \ -DBLOCK_CACHE_READ_ONLY ${FLAGS_CROSS}") @@ -9,8 +15,11 @@ include_directories(../BinLoader) add_library(${LIBRARY_NAME} SHARED Debugger.cpp ExternExecutionController.Linux.cpp + ExternExecutionController.Windows.cpp DualAllocator.Linux.cpp + DualAllocator.Windows.cpp TokenRingInit.Linux.cpp + TokenRingInit.Windows.cpp LargeStack.cpp CommonExecutionController2.cpp InprocessExecutionController.cpp @@ -22,15 +31,22 @@ add_library(${LIBRARY_NAME} SHARED ../libproc/libproc.cpp ) +if (UNIX AND NOT APPLE) +set (OS_LIBS rt dl) +else () +set (OS_LIBS ntdll) +endif () + target_link_libraries(${LIBRARY_NAME} binloader wrappersetup + loadersetup virtualmemory - rt - dl) + ${OS_LIBS}) set_target_properties(${LIBRARY_NAME} PROPERTIES PUBLIC_HEADER "Execution.h") install(TARGETS ${LIBRARY_NAME} + DESTINATION ${CMAKE_INSTALL_PREFIX}/lib LIBRARY DESTINATION ${CMAKE_INSTALL_PREFIX}/lib PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_PREFIX}/include/Execution ) diff --git a/Execution/Main.cpp b/Execution/Main.cpp index 5899c023..d5608276 100644 --- a/Execution/Main.cpp +++ b/Execution/Main.cpp @@ -2,10 +2,6 @@ #include "ExternExecutionController.h" #endif -#ifndef DISABLE_EXTERN_EXECUTION -#include "ExternExecutionController.h" -#endif - #ifndef DISABLE_INPROCESS_EXECUTION #include "InprocessExecutionController.h" #endif diff --git a/SymbolicEnvironment/CMakeLists.txt b/SymbolicEnvironment/CMakeLists.txt index 64a5dce0..1a8180f2 100644 --- a/SymbolicEnvironment/CMakeLists.txt +++ b/SymbolicEnvironment/CMakeLists.txt @@ -1,7 +1,13 @@ ## SymbolicEnvironment CMakeLists.txt set(LIBRARY_NAME symbolicenvironment) -set(FLAGS_CROSS "-D__cdecl=\"\" -D__stdcall=\"\"") +if(WIN32) +set(FLAGS_CROSS "-D_cdecl=\"__cdecl\" \ + -D_stdcall=\"__stdcall\"") +else(WIN32) +set(FLAGS_CROSS "-D_cdecl=\"__attribute__((cdecl))\" \ + -D_stdcall=\"__attribute__((stdcall))\"") +endif() set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -g -m32 -std=c++11 \ -D_BUILDING_ENVIRONMENT_DLL -D_NO_TRACK_CALLBACKS_ ${FLAGS_CROSS}") @@ -20,6 +26,7 @@ set_target_properties(${LIBRARY_NAME} PROPERTIES ) install(TARGETS ${LIBRARY_NAME} + DESTINATION ${CMAKE_INSTALL_PREFIX}/lib LIBRARY DESTINATION ${CMAKE_INSTALL_PREFIX}/lib PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_PREFIX}/include/SymbolicEnvironment ) diff --git a/VirtualMemory/CMakeLists.txt b/VirtualMemory/CMakeLists.txt index 5d6155fa..dfba5713 100644 --- a/VirtualMemory/CMakeLists.txt +++ b/VirtualMemory/CMakeLists.txt @@ -6,6 +6,7 @@ set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -g -m32 -std=c++11") add_library(${LIBRARY_NAME} STATIC VirtualMem.cpp MemoryLayout.Linux.cpp + MemoryLayout.Windows.cpp ../libproc/libproc.cpp ) diff --git a/VirtualMemory/MemoryLayout.Linux.cpp b/VirtualMemory/MemoryLayout.Linux.cpp index fc316aa7..f35eaa77 100644 --- a/VirtualMemory/MemoryLayout.Linux.cpp +++ b/VirtualMemory/MemoryLayout.Linux.cpp @@ -1,4 +1,4 @@ -#if __linux__ +#ifdef __linux__ #include "../libproc/os-linux.h" @@ -12,14 +12,14 @@ namespace vmem { class LinMemoryLayout : public MemoryLayout { private: process_t pid; - std::vector regions; + std::vector regions; public : LinMemoryLayout(process_t p) { pid = p; } virtual bool Snapshot() { - MemoryRegionInfo mTmp; + MemoryRegionInformation mTmp; struct map_iterator mi; if (maps_init(&mi, pid) < 0) { //dbg_log("[DualAllocator] Cannot retrieve /proc/%d/maps\n", pid); @@ -72,7 +72,7 @@ namespace vmem { maps_close(&mi); } - virtual bool Query(void *addr, MemoryRegionInfo &out) { + virtual bool Query(void *addr, MemoryRegionInformation &out) { for (auto it = regions.begin(); it != regions.end(); ++it) { if (addr < it->allocationBase) continue; diff --git a/VirtualMemory/MemoryLayout.Windows.cpp b/VirtualMemory/MemoryLayout.Windows.cpp index ae24a0e7..21e2b647 100644 --- a/VirtualMemory/MemoryLayout.Windows.cpp +++ b/VirtualMemory/MemoryLayout.Windows.cpp @@ -53,7 +53,7 @@ namespace vmem { return true; } - virtual bool Query(void *addr, MemoryRegionInfo &out) { + virtual bool Query(void *addr, MemoryRegionInformation &out) { MEMORY_BASIC_INFORMATION32 mbi; if (0 == VirtualQueryEx(process, addr, (PMEMORY_BASIC_INFORMATION)&mbi, sizeof(mbi))) { diff --git a/VirtualMemory/MemoryLayout.h b/VirtualMemory/MemoryLayout.h index 9edff864..e053b1d3 100644 --- a/VirtualMemory/MemoryLayout.h +++ b/VirtualMemory/MemoryLayout.h @@ -1,4 +1,5 @@ #ifndef _MEMORY_LAYOUT_H_ +#define _MEMORY_LAYOUT_H_ #include "VirtualMem.h" @@ -13,7 +14,7 @@ namespace vmem { #define MEMORY_REGION_WRITE 0x2 #define MEMORY_REGION_EXECUTE 0x1 - struct MemoryRegionInfo { + struct MemoryRegionInformation { void *baseAddress; void *allocationBase; @@ -31,7 +32,7 @@ namespace vmem { class MemoryLayout { public: virtual bool Snapshot() = 0; - virtual bool Query(void *addr, MemoryRegionInfo &out) = 0; + virtual bool Query(void *addr, vmem::MemoryRegionInformation &out) = 0; virtual bool Release() = 0; virtual bool Debug() = 0; diff --git a/VirtualMemory/VirtualMem.cpp b/VirtualMemory/VirtualMem.cpp index 6a2c527b..4f0e47a3 100644 --- a/VirtualMemory/VirtualMem.cpp +++ b/VirtualMemory/VirtualMem.cpp @@ -15,7 +15,7 @@ namespace vmem { } while (dwOffset < 0x2FFF0000) { - MemoryRegionInfo mri; + MemoryRegionInformation mri; nodep::DWORD regionSize = 0xFFFFFFFF; bool regionFree = true; @@ -77,7 +77,7 @@ namespace vmem { } while (dwOffset < 0x2FFF0000) { - MemoryRegionInfo mri; + MemoryRegionInformation mri; nodep::DWORD regionSize = 0xFFFFFFFF; bool regionFree = true; diff --git a/ipclib/CMakeLists.txt b/ipclib/CMakeLists.txt index b90b5c93..462ea017 100644 --- a/ipclib/CMakeLists.txt +++ b/ipclib/CMakeLists.txt @@ -7,4 +7,6 @@ add_library(${LIBRARY_NAME} SHARED ipclib.cpp ) +target_compile_definitions(${LIBRARY_NAME} PRIVATE _BUILDING_IPC_DLL) + install(TARGETS ${LIBRARY_NAME} DESTINATION ${CMAKE_INSTALL_PREFIX}/lib) diff --git a/libproc/libproc.cpp b/libproc/libproc.cpp index d6e459e1..515c7d70 100644 --- a/libproc/libproc.cpp +++ b/libproc/libproc.cpp @@ -24,6 +24,8 @@ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ +#ifdef __linux__ + #include "os-linux.h" #include #include @@ -298,3 +300,5 @@ long get_rss() { fclose( fp ); return (size_t)resident * (size_t)sysconf( _SC_PAGESIZE); } + +#endif diff --git a/loader.setup/CMakeLists.txt b/loader.setup/CMakeLists.txt new file mode 100644 index 00000000..b0f706fc --- /dev/null +++ b/loader.setup/CMakeLists.txt @@ -0,0 +1,13 @@ +## loader.setup CMakeLists.txt + +set(LIBRARY_NAME "loadersetup") + +set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -m32 -std=c++11") +set(CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS}") +set(CMAKE_CXX_FLAGS_DEBUG "-g ${CMAKE_CXX_FLAGS}") + +add_library(${LIBRARY_NAME} STATIC + Setup.Windows.cpp + ) + +install(TARGETS ${LIBRARY_NAME} DESTINATION ${CMAKE_INSTALL_PREFIX}/lib) diff --git a/loader/CMakeLists.txt b/loader/CMakeLists.txt index af322615..b45c9483 100644 --- a/loader/CMakeLists.txt +++ b/loader/CMakeLists.txt @@ -4,7 +4,7 @@ set(LIBRARY_NAME "loader") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -m32 -std=c++11") set(CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS}") -set(CMAKE_CXX_FLAGS_DEGUB "-g ${CMAKE_CXX_FLAGS}") +set(CMAKE_CXX_FLAGS_DEBUG "-g ${CMAKE_CXX_FLAGS}") set(CMAKE_ASM_COMPILER as) set(CMAKE_ASM_FLAGS "--32") @@ -14,12 +14,15 @@ set(CMAKE_ASM_FLAGS_DEBUG "-g ${CMAKE_ASM_FLAGS}") add_library(${LIBRARY_NAME} SHARED Loader.Linux.cpp Loader.Linux.Stub.S + Loader.Windows.cpp ) +if (UNIX AND NOT APPLE) target_link_libraries(${LIBRARY_NAME} rt dl - ) +) +endif() # disable -${LIBRARY_NAME}_EXPORTS set_target_properties(${LIBRARY_NAME} diff --git a/revtracer-wrapper/CMakeLists.txt b/revtracer-wrapper/CMakeLists.txt index d4c3396b..8be85555 100644 --- a/revtracer-wrapper/CMakeLists.txt +++ b/revtracer-wrapper/CMakeLists.txt @@ -1,17 +1,28 @@ ## revtracer-wrapper CMakeLists.txt set(LIBRARY_NAME "revtracerwrapper") + + + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -g -m32 -std=c++11") add_library(${LIBRARY_NAME} SHARED RevtracerWrapper.cpp Wrapper.Linux.cpp Wrapper.Windows.cpp - ) +) + +target_compile_definitions(${LIBRARY_NAME} PRIVATE _BUILDING_REVTRACER_WRAPPER_DLL) + +if (UNIX AND NOT APPLE) +set (OS_LIBS dl) +else () +set (OS_LIBS) +endif () target_link_libraries(${LIBRARY_NAME} binloader - dl - ) + ${OS_LIBS} +) install(TARGETS ${LIBRARY_NAME} DESTINATION ${CMAKE_INSTALL_PREFIX}/lib) diff --git a/revtracer/CMakeLists.txt b/revtracer/CMakeLists.txt index ca93d8b2..9e05fcd5 100644 --- a/revtracer/CMakeLists.txt +++ b/revtracer/CMakeLists.txt @@ -3,8 +3,14 @@ set(CMAKE_VERBOSE_MAKEFILE true) set(CMAKE_CXX_COMPILER i686-w64-mingw32-g++) +if(WIN32) +set(FLAGS_CROSS "-D_cdecl=\"__cdecl\" \ + -D_stdcall=\"__stdcall\"") +else(WIN32) set(FLAGS_CROSS "-D_cdecl=\"__attribute__((cdecl))\" \ -D_stdcall=\"__attribute__((stdcall))\"") +endif() + set(CMAKE_CXX_FLAGS "-g -m32 -march=i386 -fno-exceptions \ -fno-stack-protector -fcheck-new -std=c++11 ${FLAGS_CROSS} \ -D_BUILDING_REVTRACER_DLL") @@ -68,5 +74,6 @@ set_target_properties(revtracer ) install(TARGETS revtracer + DESTINATION ${CMAKE_INSTALL_PREFIX}/lib LIBRARY DESTINATION ${CMAKE_INSTALL_PREFIX}/lib PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_PREFIX}/include/revtracer) diff --git a/revtracer/callgates.cpp b/revtracer/callgates.cpp index 583b04d5..c37fcfcd 100644 --- a/revtracer/callgates.cpp +++ b/revtracer/callgates.cpp @@ -30,11 +30,23 @@ void SetEsp(struct ExecutionEnvironment *pEnv, nodep::DWORD esp) { #ifdef _MSC_VER #define GET_RETURN_ADDR _ReturnAddress +#define GET_ESP() ( int _esp; __asm mov _esp, esp; esp; ) #define CALLING_CONV(conv) __##conv + +nodep::DWORD __declspec(naked) EspAddr() { + __asm mov eax, esp + __asm ret +} #else #define GET_RETURN_ADDR() ({ int addr; asm volatile("mov 4(%%ebp), %0" : "=r" (addr)); addr; }) #define GET_ESP() ({ int esp; asm volatile("mov %%esp, %0" : "=r" (esp)); esp; }) #define CALLING_CONV(conv) __attribute__((conv)) +#define ATTRIBUTE(conv) __attribute__((conv)) + +nodep::DWORD __attribute__((naked)) EspAddr() { + return (nodep::DWORD)GET_ESP(); +} + #endif #define _RET_ADDR_FUNC_2(conv, paramCount, ...) \ @@ -44,10 +56,6 @@ void SetEsp(struct ExecutionEnvironment *pEnv, nodep::DWORD esp) { #define _RET_ADDR_FUNC_(conv, paramCount, ...) _RET_ADDR_FUNC_2(conv, paramCount, __VA_ARGS__) -nodep::DWORD CALLING_CONV(naked) EspAddr () { - return (nodep::DWORD)GET_ESP(); -} - _RET_ADDR_FUNC_(cdecl, 0); _RET_ADDR_FUNC_(cdecl, 1, void *);