Browse Source

some fixes on the junk library

master
parent
commit
f54195019c
4 changed files with 28 additions and 14 deletions
  1. +1
    -0
      .gitignore
  2. +3
    -3
      chals/reverse_rop/main.c
  3. +3
    -4
      chals/reverse_rop/setup.py
  4. +21
    -7
      libchals.py

+ 1
- 0
.gitignore View File

@ -2,3 +2,4 @@ chals_out/*
teams.json
submissions.json
challenges.json
__pycache__

+ 3
- 3
chals/reverse_rop/main.c View File

@ -10,6 +10,9 @@
char *test[80];
//--JUNK CODE--
//--JUNK CODE--
void flag1() {
strcat(test,"FLAG_PART_1");
@ -141,7 +144,4 @@ int main(int argc, char **argv){
}
//--JUNK CODE--
//--JUNK CODE--

+ 3
- 4
chals/reverse_rop/setup.py View File

@ -7,9 +7,9 @@ from libchals import *
from pwn import *
# junk code generation
write_junk_body("main.c", 145)
write_junk_calls("main.c", 131, len(fun_names)//2)
write_junk_calls("main.c", 59)
write_junk_calls("main.c", 134, len(fun_names)//2)
write_junk_calls("main.c", 62)
write_junk_body("main.c", 14)
# replace flags in source file
f = open("flag.txt", "r")
@ -20,7 +20,6 @@ flag3=flag[30:40]
flag4=flag[40:50]
flag5=flag[50:60]
flag6=flag[60:]
print(flag6)
replace_text("main.c", "FLAG_PART_1", flag1)
replace_text("main.c", "FLAG_PART_2", flag2)
replace_text("main.c", "FLAG_PART_3", flag3)


+ 21
- 7
libchals.py View File

@ -4,9 +4,9 @@ import string
"""
Some limitations:
The junk code must be added at the end of the source file
You must write junk code from bottom to top, aka first junk definitions,
then junk calls, if called at multiple place, from the bottom up.
The junk code must be added at the beginning of the source file
You must write junk code from bottom to top, aka first junk calls,
then junk definition, from the bottom up.
"""
def rng(index):
BUF_SIZE = 65536
@ -177,13 +177,17 @@ fun_names=[]
junk_called=0
def write_junk_body(fd, line):
# junk generator!!
dont_gen_name=False
junk_count=rng(0)%len(junk)
if(fun_names!=[]):
dont_gen_name=True
for i in range(0, junk_count+1):
junk_to_add=rng(i%len(junk))%len(junk)
# use this
fun_names.append(random_name())
write_line(fd, line, junk[junk_to_add].replace("FUNCTION_NAME",
random_name()))
if(not dont_gen_name):
fun_names.append(random_name())
write_line(fd, line,
junk[junk_to_add].replace("FUNCTION_NAME",fun_names[i]))
def write_junk_calls(fd, line, count=-1):
# junk generator!!
@ -191,9 +195,19 @@ def write_junk_calls(fd, line, count=-1):
junk_count=rng(0)%len(junk)
if(count==-1):
count=junk_count+1
if(fun_names==[] and junk_called==0):
gen_fun_names()
for i in range(junk_called, count):
junk_to_add=rng(i%len(junk))%len(junk)
# use this
tmp=junk_calls[junk_to_add].replace("FUNCTION_NAME", random_name())
tmp=junk_calls[junk_to_add].replace("FUNCTION_NAME", fun_names[i])
write_line(fd, line, tmp.replace("VAR_NAME", random_name()))
junk_called+=1
def gen_fun_names():
# junk generator!!
junk_count=rng(0)%len(junk)
for i in range(0, junk_count+1):
junk_to_add=rng(i%len(junk))%len(junk)
# use this
fun_names.append(random_name())

Loading…
Cancel
Save