Bruto
#!/usr/bin/env python
import re
machineOpcode = "result"
file = "kerneldecrypt.c"
def SearchEntryPoint(data):
z = re.search("%s = (.*);" % machineOpcode, data)
if z != None:
return z.group(1)
else:
return None
def SearchOpcodeTokens(token, data):
# Search first for switch-case. If not we try other stuff
b = re.search("case\s%s:(.*?)break"%token, data, re.S)
if b != None:
lines = [t.strip() for t in b.group(1).split("\n")]
tokens = filter(None, [SearchEntryPoint(l) for l in lines])
return tokens
# Search secondly for the base token, to see if we have {} or not
b = re.search("\(\sresult\s==\s%s\s\)\n.*\n" %token, data)
if b == None:
return []
if not "{" in b.group(0):
# No brackets, single line if
return filter(None, [ SearchEntryPoint(b.group(0)) ])
else:
z = re.search("\(\sresult\s==\s%s\s\).*?\{(.*?)\}" %token, data, re.S)
if z != None:
lines = [t.strip() for t in z.group(1).split("\n")]
tokens = filter(None, [SearchEntryPoint(l) for l in lines])
return tokens
else:
return []
f = open(file, "r")
data = f.read()
f.close()
print "Searching Entry Point"
entryPoint = SearchEntryPoint(data)
print "Entry Point found: %s" %entryPoint
tokenStack = [entryPoint]
processedTokens = []
print "Navigating tree"
while True:
if len(tokenStack) == 0:
break
p = tokenStack.pop(0)
processedTokens.append(p)
tokens = SearchOpcodeTokens(p, data)
for t in tokens:
if not t in processedTokens and not t in tokenStack:
tokenStack.append(t)
print "\"%s\" -> %s" %(p, ",".join(["\"%s\"" % t for t in tokens]))
| 1 | #!/usr/bin/env python |
| 2 | |
| 3 | import re |
| 4 | |
| 5 | machineOpcode = "result" |
| 6 | file = "kerneldecrypt.c" |
| 7 | |
| 8 | def SearchEntryPoint(data): |
| 9 | z = re.search("%s = (.*);" % machineOpcode, data) |
| 10 | if z != None: |
| 11 | return z.group(1) |
| 12 | else: |
| 13 | return None |
| 14 | |
| 15 | def SearchOpcodeTokens(token, data): |
| 16 | # Search first for switch-case. If not we try other stuff |
| 17 | b = re.search("case\s%s:(.*?)break"%token, data, re.S) |
| 18 | if b != None: |
| 19 | lines = [t.strip() for t in b.group(1).split("\n")] |
| 20 | tokens = filter(None, [SearchEntryPoint(l) for l in lines]) |
| 21 | return tokens |
| 22 | # Search secondly for the base token, to see if we have {} or not |
| 23 | b = re.search("\(\sresult\s==\s%s\s\)\n.*\n" %token, data) |
| 24 | if b == None: |
| 25 | return [] |
| 26 | |
| 27 | if not "{" in b.group(0): |
| 28 | # No brackets, single line if |
| 29 | return filter(None, [ SearchEntryPoint(b.group(0)) ]) |
| 30 | else: |
| 31 | z = re.search("\(\sresult\s==\s%s\s\).*?\{(.*?)\}" %token, data, re.S) |
| 32 | if z != None: |
| 33 | lines = [t.strip() for t in z.group(1).split("\n")] |
| 34 | tokens = filter(None, [SearchEntryPoint(l) for l in lines]) |
| 35 | return tokens |
| 36 | else: |
| 37 | return [] |
| 38 | |
| 39 | f = open(file, "r") |
| 40 | data = f.read() |
| 41 | f.close() |
| 42 | |
| 43 | |
| 44 | print "Searching Entry Point" |
| 45 | entryPoint = SearchEntryPoint(data) |
| 46 | print "Entry Point found: %s" %entryPoint |
| 47 | |
| 48 | tokenStack = [entryPoint] |
| 49 | processedTokens = [] |
| 50 | |
| 51 | print "Navigating tree" |
| 52 | while True: |
| 53 | if len(tokenStack) == 0: |
| 54 | break |
| 55 | p = tokenStack.pop(0) |
| 56 | processedTokens.append(p) |
| 57 | tokens = SearchOpcodeTokens(p, data) |
| 58 | for t in tokens: |
| 59 | if not t in processedTokens and not t in tokenStack: |
| 60 | tokenStack.append(t) |
| 61 | print "\"%s\" -> %s" %(p, ",".join(["\"%s\"" % t for t in tokens])) |
| 62 |