Revision of flownav.py

Lucas Teske ревизий этого фрагмента 8 years ago. К ревизии

1 file changed, 61 insertions

flownav.py(файл создан)

		@@ -0,0 +1,61 @@
1	+	#!/usr/bin/env python
2	+
3	+	import re
4	+
5	+	machineOpcode = "result"
6	+	file = "kerneldecrypt.c"
7	+
8	+	def SearchEntryPoint(data):
9	+	z = re.search("%s = (.*);" % machineOpcode, data)
10	+	if z != None:
11	+	return z.group(1)
12	+	else:
13	+	return None
14	+
15	+	def SearchOpcodeTokens(token, data):
16	+	# Search first for switch-case. If not we try other stuff
17	+	b = re.search("case\s%s:(.*?)break"%token, data, re.S)
18	+	if b != None:
19	+	lines = [t.strip() for t in b.group(1).split("\n")]
20	+	tokens = filter(None, [SearchEntryPoint(l) for l in lines])
21	+	return tokens
22	+	# Search secondly for the base token, to see if we have {} or not
23	+	b = re.search("\(\sresult\s==\s%s\s\)\n.*\n" %token, data)
24	+	if b == None:
25	+	return []
26	+
27	+	if not "{" in b.group(0):
28	+	# No brackets, single line if
29	+	return filter(None, [ SearchEntryPoint(b.group(0)) ])
30	+	else:
31	+	z = re.search("\(\sresult\s==\s%s\s\).?\{(.?)\}" %token, data, re.S)
32	+	if z != None:
33	+	lines = [t.strip() for t in z.group(1).split("\n")]
34	+	tokens = filter(None, [SearchEntryPoint(l) for l in lines])
35	+	return tokens
36	+	else:
37	+	return []
38	+
39	+	f = open(file, "r")
40	+	data = f.read()
41	+	f.close()
42	+
43	+
44	+	print "Searching Entry Point"
45	+	entryPoint = SearchEntryPoint(data)
46	+	print "Entry Point found: %s" %entryPoint
47	+
48	+	tokenStack = [entryPoint]
49	+	processedTokens = []
50	+
51	+	print "Navigating tree"
52	+	while True:
53	+	if len(tokenStack) == 0:
54	+	break
55	+	p = tokenStack.pop(0)
56	+	processedTokens.append(p)
57	+	tokens = SearchOpcodeTokens(p, data)
58	+	for t in tokens:
59	+	if not t in processedTokens and not t in tokenStack:
60	+	tokenStack.append(t)
61	+	print "\"%s\" -> %s" %(p, ",".join(["\"%s\"" % t for t in tokens]))

Новее Позже