Instantiates an object which can resolve symbols in a running binary given a :class:`pwnlib.memleak.MemLeak` leaker and a pointer inside the binary. Arguments: leak(MemLeak): Instance of pwnlib.memleak.MemLeak for leaking memory pointer(int):
(self, leak, pointer=None, elf=None, libcdb=True)
| 147 | ''' |
| 148 | |
| 149 | def __init__(self, leak, pointer=None, elf=None, libcdb=True): |
| 150 | ''' |
| 151 | Instantiates an object which can resolve symbols in a running binary |
| 152 | given a :class:`pwnlib.memleak.MemLeak` leaker and a pointer inside |
| 153 | the binary. |
| 154 | |
| 155 | Arguments: |
| 156 | leak(MemLeak): Instance of pwnlib.memleak.MemLeak for leaking memory |
| 157 | pointer(int): A pointer into a loaded ELF file |
| 158 | elf(str,ELF): Path to the ELF file on disk, or a loaded :class:`pwnlib.elf.ELF`. |
| 159 | libcdb(bool): Attempt to use libcdb to speed up libc lookups |
| 160 | ''' |
| 161 | self.libcdb = libcdb |
| 162 | self._elfclass = None |
| 163 | self._elftype = None |
| 164 | self._link_map = None |
| 165 | self._waitfor = None |
| 166 | self._bases = {} |
| 167 | self._dynamic = None |
| 168 | self.elf = None |
| 169 | |
| 170 | if elf: |
| 171 | path = elf |
| 172 | if isinstance(elf, ELF): |
| 173 | path = elf.path |
| 174 | |
| 175 | # Load a fresh copy of the ELF |
| 176 | with context.local(log_level='error'): |
| 177 | w = self.waitfor("Loading from %r" % path) |
| 178 | self.elf = ELF(path) |
| 179 | w.success("[LOADED]") |
| 180 | |
| 181 | if not (pointer or (elf and elf.address)): |
| 182 | log.error("Must specify either a pointer into a module and/or an ELF file with a valid base address") |
| 183 | |
| 184 | pointer = pointer or elf.address |
| 185 | |
| 186 | if not isinstance(leak, MemLeak): |
| 187 | leak = MemLeak(leak) |
| 188 | |
| 189 | if not elf: |
| 190 | log.warn_once("No ELF provided. Leaking is much faster if you have a copy of the ELF being leaked.") |
| 191 | |
| 192 | self.leak = leak |
| 193 | self.libbase = self._find_base(pointer or elf.address) |
| 194 | |
| 195 | if elf: |
| 196 | self._elftype = self.elf.elftype |
| 197 | self._elfclass = self.elf.elfclass |
| 198 | self.elf.address = self.libbase |
| 199 | self._dynamic = self.elf.get_section_by_name('.dynamic').header.sh_addr |
| 200 | self._dynamic = self._make_absolute_ptr(self._dynamic) |
| 201 | |
| 202 | @classmethod |
| 203 | def for_one_lib_only(cls, leak, ptr): |
nothing calls this directly
no test coverage detected