The-Homebrew-Cloud/GhidraRPXLoader
2
0
Fork 0
mirror of https://github.com/Maschell/GhidraRPXLoader.git synced 2024-09-28 23:58:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Zero the data in imports and exports section to prevent analysis marking strings.

Browse Source
This commit is contained in:
James Benton 2019-10-03 11:44:55 +01:00
parent 3275fe9c7f
commit 55e72815e3
1 changed files with 42 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
src/main/java/cafeloader/Cafe_ElfExtension.java
View File

@ -135,20 +135,30 @@ public class Cafe_ElfExtension extends ElfExtension {
processRplCrcs(elfLoadHelper, sectionHeader);
} else if (headertype == SHT_RPL_FILEINFO.value) {
processRplFileInfo(elfLoadHelper, sectionHeader);
} else if (headertype == SHT_RPL_IMPORTS.value) {
processRplImports(elfLoadHelper, sectionHeader);
} else if (headertype == SHT_RPL_EXPORTS.value) {
processRplExports(elfLoadHelper, sectionHeader);
}
}
}
private void processRplExports(ElfLoadHelper elfLoadHelper, ElfSectionHeader sectionHeader) {
String sectionName = sectionHeader.getNameAsString();
boolean isDataExports = sectionName.contentEquals(".dexports");
if (!isDataExports) {
// Function exports are already in symbol table
return;
private void processRplImports(ElfLoadHelper elfLoadHelper, ElfSectionHeader sectionHeader) {
// Clear the section data otherwise analysis will identify strings in it.
Address sectionAddress = elfLoadHelper.findLoadAddress(sectionHeader, 0);
int sectionSize = (int) sectionHeader.getSize();
elfLoadHelper.createUndefinedData(sectionAddress, sectionSize);
byte[] zeroes = new byte[sectionSize];
try {
elfLoadHelper.getProgram().getMemory().setBytes(sectionAddress, zeroes);
} catch (MemoryAccessException e) {
}
}
private void processRplExports(ElfLoadHelper elfLoadHelper, ElfSectionHeader sectionHeader) {
String sectionName = sectionHeader.getNameAsString();
if (sectionName.contentEquals(".dexports")) {
// Create symbols for data exports
BinaryReader reader = elfLoadHelper.getElfHeader().getReader();
reader.setPointerIndex(sectionHeader.getOffset());
@ -170,6 +180,18 @@ public class Cafe_ElfExtension extends ElfExtension {
}
}
// Clear the section data otherwise analysis will identify strings in it.
Address sectionAddress = elfLoadHelper.findLoadAddress(sectionHeader, 0);
int sectionSize = (int) sectionHeader.getSize();
elfLoadHelper.createUndefinedData(sectionAddress, sectionSize);
byte[] zeroes = new byte[sectionSize];
try {
elfLoadHelper.getProgram().getMemory().setBytes(sectionAddress, zeroes);
} catch (MemoryAccessException e) {
}
}
private void processRplCrcs(ElfLoadHelper elfLoadHelper, ElfSectionHeader sectionHeader) {
Address address = elfLoadHelper.findLoadAddress(sectionHeader, 0);
if (address == null) {