diff --git a/ropgadget_patternfinder.c b/ropgadget_patternfinder.c index 55552e0..2eb69be 100644 --- a/ropgadget_patternfinder.c +++ b/ropgadget_patternfinder.c @@ -17,6 +17,7 @@ size_t filebufsz=0, hashblocksize=0; size_t patterndata_size=0, patternmask_size=0; unsigned int dataload_offset = 0, dataload_enabled = 0; +unsigned int addval=0; int enable_script = 0; @@ -218,6 +219,11 @@ int parse_param(char *param, int type) sscanf(¶m[11], "0x%x", &dataload_offset); } + if(strncmp(param, "--addval=", 9)==0) + { + sscanf(¶m[9], "0x%x", &addval); + } + if(strncmp(param, "--plainout", 10)==0) { plainout = 1; @@ -325,21 +331,27 @@ int locate_pattern() { if(!dataload_enabled) { - if(!plainout)printf("Found the pattern at "); - printf("%s0x%x", line_prefix, ((unsigned int)pos) + baseaddr); + tmpval = ((unsigned int)pos) + baseaddr; + tmpval+= addval; + + if(!plainout)printf("Found the pattern at(value added with 0x%x) ", addval); + printf("%s0x%x", line_prefix, tmpval); if(!plainout)printf("."); } else { + tmpval = *((unsigned int*)&filebuf[((unsigned int)pos) + dataload_offset]); + tmpval+= addval; + if(!plainout) { printf("Found the pattern at "); printf("%s0x%x", line_prefix, ((unsigned int)pos) + baseaddr); - printf(", u32 value at +0x%x: 0x%x.", dataload_offset, *((unsigned int*)&filebuf[((unsigned int)pos) + dataload_offset])); + printf(", u32 value at +0x%x, value added with 0x%x: 0x%x.", dataload_offset, addval, tmpval); } else { - printf("%s0x%x", line_prefix, *((unsigned int*)&filebuf[((unsigned int)pos) + dataload_offset])); + printf("%s0x%x", line_prefix, tmpval); } } @@ -398,6 +410,8 @@ int parse_script(FILE *fscript) plainout = 0; memset(line_prefix, 0, sizeof(line_prefix)); + addval = 0; + while(*strptr) { if(strptr[0] == ' ') @@ -486,8 +500,9 @@ int main(int argc, char **argv) printf("--findtarget=0x Stop searching once this number of matches were found, by default this is 0x1. When this is 0x0, this will not stop until the end of the binary is reached.\n"); printf("--baseaddr=0x This is the value which is added to the located offset when printing it, by default this is 0x0.\n"); printf("--dataload=0x When used, the u32 at the specified offset relative to the located pattern location, is returned instead of the pattern offset. --baseaddr does not apply to the loaded value.\n"); + printf("--addval=0x Add the specified value to the value which gets printed.\n"); printf("--plainout[=] Only print the located offset/address, unless an error occurs. If '=' is specified, print that before printing the located offset/address.\n"); - printf("--script= Specifies a script from which to load params from(identical to the cmd-line params), each line is for a different pattern to search for. Each param applies to the current line, and all the lines after that until that param gets specified on another line again. When '=' isn't specified, the script is read from stdin. When this --script option is used, all input-param state is reset to the defaults, except for --patterntype, --baseaddr, and --findtarget. When beginning processing each line, the --patterndatamask, --dataload, and --plainout state is reset to the default before parsing the params each time.\n"); + printf("--script= Specifies a script from which to load params from(identical to the cmd-line params), each line is for a different pattern to search for. Each param applies to the current line, and all the lines after that until that param gets specified on another line again. When '=' isn't specified, the script is read from stdin. When this --script option is used, all input-param state is reset to the defaults, except for --patterntype, --baseaddr, and --findtarget. When beginning processing each line, the --patterndatamask, --dataload, --addval, and --plainout state is reset to the default before parsing the params each time.\n"); return 0; }