64,637
社区成员
发帖
与我相关
我的任务
分享
int main(int argc, char** argv){
Json::Reader json;
static csh handle;
cs_err cerr;
cerr = cs_open(CS_ARCH_X86, CS_MODE_32, &handle);
while(true){
std::string line;
printf("begin ... \n");
if(std::getline(std::cin, line)){
printf("parsing string ....\n");
size_t pos = line.find_last_of("\t");
printf("first find done ...\n");
if(pos != std::string::npos && line.find("file_content") != std::string::npos){
Json::Value output, json_data;
if(json.parse(line.substr(pos), json_data)){
pos = line.find_first_of("\t");
output["md5"] = line.substr(0, pos);
printf("json parse end ...\n");
std::string zip_buffer = base64_decode(json_data["file_content"].asString());
size_t file_buf_len = 0;
void* file_buf = (void*)unzip(zip_buffer.c_str(), zip_buffer.length(), (size_t*)&file_buf_len);
zip_buffer.clear();
printf("unzip end ... \n");
if(file_buf_len >= sizeof(IMAGE_DOS_HEADER)){
//check "MZ" signature
printf("checking MZ header ... \n");
if(*(unsigned short int*)(file_buf) == 0x5a4d){
PIMAGE_DOS_HEADER dos_header = (PIMAGE_DOS_HEADER)file_buf;
//check "PE" signature
printf("checking PE header ... \n");
if(file_buf_len >= (dos_header->e_lfanew + sizeof(IMAGE_NT_HEADERS32)) && *(unsigned int*)((char*)file_buf + dos_header->e_lfanew) == 0x4550){
PIMAGE_NT_HEADERS32 nt_header = (PIMAGE_NT_HEADERS32)((char*)file_buf + dos_header->e_lfanew);
printf("getting section ... \n");
PIMAGE_SECTION_HEADER psh = get_section_header(file_buf, file_buf_len, nt_header->OptionalHeader.AddressOfEntryPoint);
printf("border check ... \n");
if(psh && file_buf_len >= psh->PointerToRawData + psh->SizeOfRawData){
cs_insn* insn;
unsigned int address = nt_header->OptionalHeader.AddressOfEntryPoint + nt_header->OptionalHeader.ImageBase;
size_t count = cs_disasm(handle, \
(uint8_t*)((char*)file_buf+RVA2OFFSET(nt_header->OptionalHeader.AddressOfEntryPoint,psh)), \
psh->PointerToRawData + psh->SizeOfRawData, \
address, 0, &insn);
for(size_t i = 0; i < count; ++i){
char szIns[520] = {0};
sprintf(szIns, "0x%x\t%s\t%s\n", insn[i].address, insn[i].mnemonic, insn[i].op_str);
output["asm"].append(szIns);
}
cs_free(insn, count);
std::cout<<output["md5"].asString()<<std::endl;
}
}
}
}
std::cout<<"free buffer ... "<<std::endl;
if(file_buf) free(file_buf);
}
}
std::cout<<"-------------------------------"<<std::endl;
line.resize(0);
}
}
return 0;
}
begin ...
parsing string ....
first find done ...
json parse end ...
unzip end ...
checking MZ header ...
checking PE header ...
getting section ...
border check ...
318e619313393266d4036b42815b5646
free buffer ...
-------------------------------
begin ...
parsing string ....
first find done ...
json parse end ...
unzip end ...
checking MZ header ...
checking PE header ...
getting section ...
border check ...
860582da12e4205474eb8a0fb49e556b
free buffer ...
-------------------------------
begin ...
[1]+ 段错误 nohup cat /data/sample.bin | ./asm > log.log 2>&1