Drive by multi-architecture examples of software breakpoint detection :D

- 
; intel x86_64
 mov rcx, rsi ; move size argument into rcx for the loop
 mov rsi, rdi ; move the the text pointer to rsi for printing
 xor rax, rax ; clear out registers
 xor rdi, rdi
scan:    ; scan for breakpoints
 cmp byte [rsi], 0xCC
 je fuck_you
 inc rsi
loop scan
 xor rdi, rdi
 ret
fuck_you:
 xor rdi, rdi
 mov al, 1
 ret



@ ARM
scan:
        .code 32
        ldr r3, =0xE7F00000     @ load breakpoint constant
        ldr r4, =0xFFFF0000     @ mask
loop:
        ldr r2, [r0]    @ load byte code into r2
        and r2, r4      @ clear out extra data in bytecode with mask
        cmp r2, r3      @ is it a breakpoint?
        beq fuck        @ if so FUCK
        cmp r1, #0      @ are we at the end?
        beq safe        @ if so we are safe
        sub r1, #1      @ decrement the counter
        add r0, #1      @ increment our pointer
        bne loop        @ if we are still looping, loop
safe:
        mov r0, #0      @ return false
        mov r1, r0
        bx lr
fuck:
        mov r0, #0x1    @ return true
        mov r1, #0
        bx lr



# MIPS
scan:
        li $t0, 0x5000D                 # breakpoint constant
loop:
        lw $t3, ($a0)                   # load bytecode
        beq $t3, $t0, fuck              # if this is a breakpoint fucked
        beq $t3, 0, safe                # if the counter is 0 we are safe
        subu $a1, 1                     # decrement counter
        addu $a0, 1                     # increment our pointer
        j loop                          # if we are looping loop
 
safe:
        li $v0, 0x0     # return false
        li $v1, 0x0
        jr $ra
 
fuck:
        li $v0, 0x1     # return true
        li $v1, 0x0
        jr $ra

Comments

Post a Comment

Popular posts from this blog

What is a canary, how does it work, and what does that mean if I want to write a modern exploit.

-
Image
Canaries were  once regularly used  in  coal mining as an early warning system . Toxic gases such as carbon monoxide or asphyxiant gases such as methane  in the mine  would kill the bird before affecting the  miners . Signs of distress from the bird indicated  to  the  miners  that conditions  were  unsafe . Let's start with some history Oh the good old days. I remember a time when hackthissite.org , and  Smash The Stack  were fresh, and BOF's were often as easy as shoving your shellcode where the buffer was supposed to be and overwriting the return pointer with where that buffer was... Then they had to go and ruin the fun by widely adopting ASLR (Address Space Layout Randomization), DEP (Data execution protection), and  canaries  (stack cookies). Now in these dark times not only do we have to ROP with return to libc, we have to chain that with a memory leak vulnerability if we have any hope of  smashing the stack. While I plan to do posts soon covering all of these exciti
Read more

Better visualization of data formats using assembly POC's to better implement them in C

-
Image
Are you tired of staring at hex dumps, white papers and manual pages? Want to feel like you truly know how a data type like a file format, or a disk partition LOOKS like. Well I can't help you with the manual pages and white papers, ( https://staff.washington.edu/dittrich/misc/fatgen103.pdf , http://www.eit.lth.se/fileadmin/eit/courses/eitn50/Projekt1/FAT12Description.pdf ) but here is a great example of implementing a fat12 floppy image in assembly. ;//////////////////////////////////////////////////////////////////////////////// ;// THE SCOTCH-WARE LICENSE (Revision 0): ;// <aaronryool@gmail.com> wrote this file. As long as you retain this notice you ;// can do whatever you want with this stuff. If we meet some day, and you think ;// this stuff is worth it, you can buy me a shot of scotch in return ;//////////////////////////////////////////////////////////////////////////////// ; This assembles to a floppy disk image [bits 16] [org 0x7C00] ;;;;;;;;;;;;;;;;;
Read more

Putting Linux on your Android device using debootstrap and chroot

-
Image
Ok, so first thing first. You will need a few things done BEFORE you attempt this tutorial: A rooted android device of sorts with debugging enabled and busybox installed An sdcard to store the debian image on A Linux machine (or live cd) to prepare the debian system image ADB for remounting the system partition and pushing startup scripts A terminal application installed on your droid and about an hour of free time Lets get right into it open up a terminal, and make a directory that you will be storing all of the files and things we create for easy cleanup later. I called mine linux_on_android. change to that directory, all instructions from here on out will be relative to whatever directory you are currently residing in after this step. Next, we create an empty raw disk image, make a directory to mount it under, create a filesystem on the image, and mount it under our new mount point. Now lets change into our mnt directory, install debootstrap, and use it to install a base system into
Read more