Navigation

← Previous Changeset
Next Changeset →

Changeset 1607

Timestamp:

03/24/08 19:22:30 (7 months ago)

Author:

common

Message:

libemu

restructured the process environment
now we have emu_env as the holder for linux and win32 as well as emu_env_hook for the api hooks.
env functions take emu_env and emu_env_hook as args, and access the required *thing* themselves
furthermore I introduced a different kind of hooking api calls using variadic callbackfunctions
the benefit is easy, the interactive hooks do not have to be part of libemu itself any longer
and hooking calls does not require access to the emu/cpu/memory
all you have to do is retrieve the arguments for the function to be hooked from the va_list using va_arg

- sctest got -i --interactive, using the interactive hooks from sctest itself

Files:

libemu/trunk/configure.ac (modified) (1 diff)
libemu/trunk/include/emu/environment/emu_env.h (added)
libemu/trunk/include/emu/environment/linux/emu_env_linux.h (modified) (4 diffs)
libemu/trunk/include/emu/environment/linux/env_linux_syscall_hooks.h (modified) (2 diffs)
libemu/trunk/include/emu/environment/win32/emu_env_w32.h (modified) (6 diffs)
libemu/trunk/include/emu/environment/win32/emu_env_w32_dll.h (modified) (3 diffs)
libemu/trunk/include/emu/environment/win32/emu_env_w32_dll_export.h (modified) (2 diffs)
libemu/trunk/include/emu/environment/win32/env_w32_dll_export_kernel32_hooks.h (modified) (1 diff)
libemu/trunk/include/emu/environment/win32/env_w32_dll_export_msvcrt_hooks.h (modified) (1 diff)
libemu/trunk/include/emu/environment/win32/env_w32_dll_export_urlmon_hooks.h (modified) (1 diff)
libemu/trunk/include/emu/environment/win32/env_w32_dll_export_ws2_32_hooks.h (modified) (1 diff)
libemu/trunk/src/Makefile.am (modified) (1 diff)
libemu/trunk/src/emu_shellcode.c (modified) (4 diffs)
libemu/trunk/src/environment/emu_env.c (added)
libemu/trunk/src/environment/linux/emu_env_linux.c (modified) (6 diffs)
libemu/trunk/src/environment/linux/env_linux_syscall_hooks.c (modified) (12 diffs)
libemu/trunk/src/environment/win32/emu_env_w32.c (modified) (8 diffs)
libemu/trunk/src/environment/win32/emu_env_w32_dll.c (modified) (4 diffs)
libemu/trunk/src/environment/win32/env_w32_dll_export_kernel32_hooks.c (modified) (27 diffs)
libemu/trunk/src/environment/win32/env_w32_dll_export_msvcrt_hooks.c (modified) (2 diffs)
libemu/trunk/src/environment/win32/env_w32_dll_export_urlmon_hooks.c (modified) (2 diffs)
libemu/trunk/src/environment/win32/env_w32_dll_export_ws2_32_hooks.c (modified) (12 diffs)
libemu/trunk/testsuite/sctest.c (modified) (24 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

libemu/trunk/configure.ac

r1509	r1607
77	77	# library soname
78	78	# check http://sources.redhat.com/autobook/autobook/autobook_91.html#SEC91
79		libemu_current=1
	79	libemu_current=2
80	80	libemu_revision=0
81	81	libemu_age=0

libemu/trunk/include/emu/environment/linux/emu_env_linux.h

r1526	r1607
40	40
41	41	struct emu_profile;
	42	struct emu_env;
42	43
43	44	struct emu_env_linux
…	…
45	46	struct emu *emu;
46	47	struct emu_hashtable *syscall_hooks_by_name;
47		struct emu_env_linux_syscall *syscall_hooks;
48		struct emu_profile *profile;
	48	struct emu_env_linux_syscall *syscall_hookx;
	49	struct emu_env_hook *hooks;
	50	// struct emu_profile *profile;
49	51	};
50	52
…	…
52	54	void emu_env_linux_free(struct emu_env_linux *eel);
53	55
54		struct emu_env_~~linux_syscall emu_env_linux_syscall_check(struct emu_env_linux~~ env);
	56	struct emu_env_hook emu_env_linux_syscall_check(struct emu_env env);
55	57
56	58
…	…
61	63	};
62	64
	65
	66	typedef uint32_t (userhook)(struct emu_env_linux env, struct emu_env_linux_syscall *syscall, ...);
	67
63	68	struct emu_env_linux_syscall
64	69	{
65	70	const char *name;
66		int32_t (fnhook)(struct emu_env~~_linux env, struct emu_env_linux_syscall *syscall~~);
	71	int32_t (fnhook)(struct emu_env env, struct emu_env_hook *hook);
67	72	void *userdata;
	73	uint32_t (userhook)(struct emu_env env, struct emu_env_hook *hook, ...);
68	74	};
69	75
70		int32_t emu_env_linux_syscall_hook(struct emu_env~~_linux~~ env, const char syscallname,
71		~~int32_t (fnhook)(struct emu_env_linux env, struct emu_env_linux_syscall *syscall~~),
	76	int32_t emu_env_linux_syscall_hook(struct emu_env env, const char syscallname,
	77	uint32_t (userhook)(struct emu_env env, struct emu_env_hook *hook, ...),
72	78	void *userdata);
73	79

libemu/trunk/include/emu/environment/linux/env_linux_syscall_hooks.h

r1476	r1607
27	27
28	28	/* 1 exit */
29		int32_t env_linux_hook_exit(struct emu_env~~_linux env, struct emu_env_linux_syscall syscall~~);
	29	int32_t env_linux_hook_exit(struct emu_env env, struct emu_env_hook hook);
30	30
31	31	/* 2 fork */
32		int32_t env_linux_hook_fork(struct emu_env~~_linux env, struct emu_env_linux_syscall syscall~~);
	32	int32_t env_linux_hook_fork(struct emu_env env, struct emu_env_hook hook);
33	33
34	34	/* 11 execve */
35		int32_t env_linux_hook_execve(struct emu_env~~_linux env, struct emu_env_linux_syscall syscall~~);
	35	int32_t env_linux_hook_execve(struct emu_env env, struct emu_env_hook hook);
36	36
37	37	/* 63 dup2 */
38		int32_t env_linux_hook_dup2(struct emu_env~~_linux env, struct emu_env_linux_syscall syscall~~);
	38	int32_t env_linux_hook_dup2(struct emu_env env, struct emu_env_hook hook);
39	39
40	40	/* 102 socketcall */
…	…
58	58	socketpair - missing
59	59	*/
60		int32_t env_linux_hook_socketcall(struct emu_env~~_linux env, struct emu_env_linux_syscall syscall~~);
	60	int32_t env_linux_hook_socketcall(struct emu_env env, struct emu_env_hook hook);
61	61
62	62

libemu/trunk/include/emu/environment/win32/emu_env_w32.h

r1505	r1607
26	26	*******************************************************************************/
27	27
	28	#ifndef HAVE_EMU_ENV_W32
	29	#define HAVE_EMU_ENV_W32
	30
28	31	#include <stdint.h>
29	32
…	…
32	35	struct emu_env_w32_dll_export;
33	36	struct emu_profile;
	37	struct emu_env;
	38	struct emu_env_hook;
34	39
35	40	/**
…	…
52	57	*/
53	58	uint32_t baseaddr;
54
55		~~struct emu_profile *profile;~~
56	59	};
57	60
…	…
79	82	*
80	83	* @param env the env
81		* @param dllname the dllname, if NULL the export is searched within all loaded dlls
82	84	* @param exportname the exportname, f.e. "socket"
83	85	* @param fnhook pointer to the hook function
…	…
86	88	* on failure: -1
87	89	*/
88		int32_t emu_env_w32_export_hook(struct emu_env_w32 *env,
89		const char *dllname,
	90	int32_t emu_env_w32_export_hook(struct emu_env *env,
90	91	const char *exportname,
91		~~int32_t (fnhook)(struct emu_env_w32 env, struct emu_env_w32_dll_export *ex~~),
	92	uint32_t (fnhook)(struct emu_env env, struct emu_env_hook *hook, ...),
92	93	void *userdata);
93	94
…	…
103	104	* on failure: NULL
104	105	*/
105		struct emu_env_w32_dll_export emu_env_w32_eip_check(struct emu_env_w32 env);
	106	struct emu_env_hook emu_env_w32_eip_check(struct emu_env env);
	107
	108	#endif
	109

libemu/trunk/include/emu/environment/win32/emu_env_w32_dll.h

r1317	r1607
26	26	*******************************************************************************/
27	27
	28	#ifndef HAVE_EMU_ENV_W32_DLL_H
	29	#define HAVE_EMU_ENV_W32_DLL_H
	30
28	31	#include <stdint.h>
29	32
	33	struct emu_env_hook;
30	34	struct emu_env_w32_dll_export;
31	35
…	…
39	43	uint32_t baseaddr;
40	44
41		struct emu_env_w32_dll_export *exports;
	45	struct emu_env_w32_dll_export *exportx;
	46	struct emu_env_hook *hooks;
42	47	struct emu_hashtable *exports_by_fnptr;
43	48	struct emu_hashtable *exports_by_fnname;
…	…
65	70	};
66	71
	72	#endif

libemu/trunk/include/emu/environment/win32/emu_env_w32_dll_export.h

r1442	r1607
34	34	struct emu;
35	35	struct emu_env_w32;
	36	struct emu_env;
	37	struct emu_env_hook;
36	38
	39	typedef uint32_t (win32userhook)(struct emu_env_w32 env, struct emu_env_w32_dll_export *ex, ...);
37	40
38	41	struct emu_env_w32_dll_export
…	…
40	43	char *fnname;
41	44	uint32_t virtualaddr;
42		int32_t (fnhook)(struct emu_env~~_w32 env, struct emu_env_w32_dll_export *ex~~);
	45	int32_t (fnhook)(struct emu_env env, struct emu_env_hook *hook);
43	46	void *userdata;
	47	uint32_t (userhook)(struct emu_env env, struct emu_env_hook *hook, ...);
44	48	};
45	49

libemu/trunk/include/emu/environment/win32/env_w32_dll_export_kernel32_hooks.h

r1367	r1607
28	28	#include <stdint.h>
29	29
30		int32_t env_w32_hook_CloseHandle(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
31		int32_t env_w32_hook_CreateFileA(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
32		int32_t env_w32_hook_CreateProcessA(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
33		int32_t env_w32_hook_DeleteFileA(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
34		int32_t env_w32_hook_ExitProcess(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
35		int32_t env_w32_hook_ExitThread(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
36		int32_t env_w32_hook_fclose(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
37		int32_t env_w32_hook_fopen(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
38		int32_t env_w32_hook_fwrite(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
39		int32_t env_w32_hook_GetProcAddress(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
40		int32_t env_w32_hook_GetSystemDirectoryA(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
41		int32_t env_w32_hook_GetTickCount(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
42		int32_t env_w32_hook__hwrite(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
43		int32_t env_w32_hook__lclose(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
44		int32_t env_w32_hook__lcreat(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
45		int32_t env_w32_hook__lwrite(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
46		int32_t env_w32_hook_LoadLibrayA(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
47		int32_t env_w32_hook_malloc(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
48		int32_t env_w32_hook_memset(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
49		int32_t env_w32_hook_SetUnhandledExceptionFilter(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
50		int32_t env_w32_hook_WaitForSingleObject(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
51		int32_t env_w32_hook_WinExec(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
52		int32_t env_w32_hook_WriteFile(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
	30	int32_t env_w32_hook_CloseHandle(struct emu_env env, struct emu_env_hook hook);
	31	int32_t env_w32_hook_CreateFileA(struct emu_env env, struct emu_env_hook hook);
	32	int32_t env_w32_hook_CreateProcessA(struct emu_env env, struct emu_env_hook hook);
	33	int32_t env_w32_hook_DeleteFileA(struct emu_env env, struct emu_env_hook hook);
	34	int32_t env_w32_hook_ExitProcess(struct emu_env env, struct emu_env_hook hook);
	35	int32_t env_w32_hook_ExitThread(struct emu_env env, struct emu_env_hook hook);
	36	int32_t env_w32_hook_fclose(struct emu_env env, struct emu_env_hook hook);
	37	int32_t env_w32_hook_fopen(struct emu_env env, struct emu_env_hook hook);
	38	int32_t env_w32_hook_fwrite(struct emu_env env, struct emu_env_hook hook);
	39	int32_t env_w32_hook_GetProcAddress(struct emu_env env, struct emu_env_hook hook);
	40	int32_t env_w32_hook_GetSystemDirectoryA(struct emu_env env, struct emu_env_hook hook);
	41	int32_t env_w32_hook_GetTickCount(struct emu_env env, struct emu_env_hook hook);
	42	int32_t env_w32_hook__hwrite(struct emu_env env, struct emu_env_hook hook);
	43	int32_t env_w32_hook__lclose(struct emu_env env, struct emu_env_hook hook);
	44	int32_t env_w32_hook__lcreat(struct emu_env env, struct emu_env_hook hook);
	45	int32_t env_w32_hook__lwrite(struct emu_env env, struct emu_env_hook hook);
	46	int32_t env_w32_hook_LoadLibrayA(struct emu_env env, struct emu_env_hook hook);
	47	int32_t env_w32_hook_malloc(struct emu_env env, struct emu_env_hook hook);
	48	int32_t env_w32_hook_memset(struct emu_env env, struct emu_env_hook hook);
	49	int32_t env_w32_hook_SetUnhandledExceptionFilter(struct emu_env env, struct emu_env_hook hook);
	50	int32_t env_w32_hook_WaitForSingleObject(struct emu_env env, struct emu_env_hook hook);
	51	int32_t env_w32_hook_WinExec(struct emu_env env, struct emu_env_hook hook);
	52	int32_t env_w32_hook_WriteFile(struct emu_env env, struct emu_env_hook hook);
53	53
54	54	#define HANDLE int32_t

libemu/trunk/include/emu/environment/win32/env_w32_dll_export_msvcrt_hooks.h

r1531	r1607
28	28	#include <stdint.h>
29	29
30		int32_t env_w32_hook__execv(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
	30	int32_t env_w32_hook__execv(struct emu_env env, struct emu_env_hook hook);
31	31

libemu/trunk/include/emu/environment/win32/env_w32_dll_export_urlmon_hooks.h

r1367	r1607
28	28	#include <stdint.h>
29	29
30		int32_t env_w32_hook_URLDownloadToFileA(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
	30	int32_t env_w32_hook_URLDownloadToFileA(struct emu_env env, struct emu_env_hook hook);
31	31

libemu/trunk/include/emu/environment/win32/env_w32_dll_export_ws2_32_hooks.h

r1367	r1607
28	28	#include <stdint.h>
29	29
30		int32_t env_w32_hook_accept(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
31		int32_t env_w32_hook_bind(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
32		int32_t env_w32_hook_closesocket(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
33		int32_t env_w32_hook_connect(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
34		int32_t env_w32_hook_listen(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
35		int32_t env_w32_hook_recv(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
36		int32_t env_w32_hook_send(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
37		int32_t env_w32_hook_sendto(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
38		int32_t env_w32_hook_socket(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
39		int32_t env_w32_hook_WSASocketA(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
40		int32_t env_w32_hook_WSAStartup(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~);
	30	int32_t env_w32_hook_accept(struct emu_env env, struct emu_env_hook hook);
	31	int32_t env_w32_hook_bind(struct emu_env env, struct emu_env_hook hook);
	32	int32_t env_w32_hook_closesocket(struct emu_env env, struct emu_env_hook hook);
	33	int32_t env_w32_hook_connect(struct emu_env env, struct emu_env_hook hook);
	34	int32_t env_w32_hook_listen(struct emu_env env, struct emu_env_hook hook);
	35	int32_t env_w32_hook_recv(struct emu_env env, struct emu_env_hook hook);
	36	int32_t env_w32_hook_send(struct emu_env env, struct emu_env_hook hook);
	37	int32_t env_w32_hook_sendto(struct emu_env env, struct emu_env_hook hook);
	38	int32_t env_w32_hook_socket(struct emu_env env, struct emu_env_hook hook);
	39	int32_t env_w32_hook_WSASocketA(struct emu_env env, struct emu_env_hook hook);
	40	int32_t env_w32_hook_WSAStartup(struct emu_env env, struct emu_env_hook hook);
41	41

libemu/trunk/src/Makefile.am

r1531	r1607
79	79	libemu_la_SOURCES += libdasm.c libdasm.h opcode_tables.h
80	80
	81	libemu_la_SOURCES += environment/emu_env.c
81	82	libemu_la_SOURCES += environment/emu_profile.c
82	83	libemu_la_SOURCES += environment/win32/emu_env_w32.c

libemu/trunk/src/emu_shellcode.c

r1592	r1607
37	37	#include "emu/emu_source.h"
38	38	#include "emu/emu_getpc.h"
	39	#include "emu/environment/emu_env.h"
39	40	#include "emu/environment/win32/emu_env_w32.h"
40	41	#include "emu/environment/win32/emu_env_w32_dll_export.h"
…	…
101	102	// struct emu_list_root *tested_positions = emu_list_create();
102	103
103		struct emu_env~~_w32~~ *env = NULL;
	104	struct emu_env *env = NULL;
104	105
105	106	while ( !emu_queue_empty(eq) )
…	…
116	117	emu_memory_clear(mem);
117	118	if (env)
118		emu_env_~~w32_~~free(env);
	119	emu_env_free(env);
119	120
120	121	/* write the code to the offset */
121	122	emu_memory_write_block(mem, STATIC_OFFSET, data, datasize);
122	123
123		env = emu_env_w32_new(e);
	124	env = emu_env_new(e);
	125
124	126	/* set the registers to the initial values */
125	127	int reg;
…	…
143	145	eipsave = emu_cpu_eip_get(cpu);
144	146
145		struct emu_env_~~w32_dll_export *dll~~hook = NULL;
146
147		~~dll~~hook = emu_env_w32_eip_check(env);
148
149
150		if ( ~~dll~~hook != NULL )
	147	struct emu_env_hook *hook = NULL;
	148
	149	hook = emu_env_w32_eip_check(env);
	150
	151
	152	if ( hook != NULL )
151	153	{
152		if ( ~~dllhook~~->fnhook == NULL )
	154	if ( hook->hook.win->fnhook == NULL )
153	155	break;
154	156	}

libemu/trunk/src/environment/linux/emu_env_linux.c

r1526	r1607
31	31
32	32
	33	#include "emu/environment/emu_env.h"
33	34	#include "emu/environment/emu_profile.h"
34	35	#include "emu/environment/linux/emu_env_linux.h"
…	…
46	47	eel->syscall_hooks_by_name = emu_hashtable_new(256, dll_export_fnname_hash, dll_export_fnname_cmp);
47	48	int i;
48		eel->syscall_hooks = malloc(sizeof(syscall_hooks));
49		memcpy(eel->syscall_hooks, syscall_hooks, sizeof(syscall_hooks));
	49	eel->syscall_hookx = malloc(sizeof(syscall_hooks));
	50	eel->hooks = malloc(sizeof(struct emu_env_hook)*(sizeof(syscall_hooks)/sizeof(struct emu_env_linux_syscall)));
	51	memcpy(eel->syscall_hookx, syscall_hooks, sizeof(syscall_hooks));
	52
50	53	for (i=0;i<sizeof(syscall_hooks)/sizeof(struct emu_env_linux_syscall);i++)
51	54	{
52		emu_hashtable_insert(eel->syscall_hooks_by_name, (void )eel->syscall_hooks[i].name, (void )&eel->syscall_hooks[i]);
	55	eel->hooks[i].type = emu_env_type_linux;
	56	eel->hooks[i].hook.lin = &eel->syscall_hookx[i];
	57	emu_hashtable_insert(eel->syscall_hooks_by_name, (void )eel->syscall_hookx[i].name, (void )&eel->hooks[i]);
53	58	}
54	59
55		eel->profile = emu_profile_new();
	60	// eel->profile = emu_profile_new();
56	61
57	62	return eel;
…	…
62	67	{
63	68	emu_hashtable_free(eel->syscall_hooks_by_name);
64		free(eel->syscall_hooks);
65		emu_profile_free(eel->profile);
	69	free(eel->syscall_hookx);
	70	free(eel->hooks);
	71	// emu_profile_free(eel->profile);
66	72	free(eel);
67	73	}
68	74
69		struct emu_env_~~linux_syscall emu_env_linux_syscall_check(struct emu_env_linux~~ env)
	75	struct emu_env_hook emu_env_linux_syscall_check(struct emu_env env)
70	76	{
71		struct emu_cpu *cpu = emu_cpu_get(env->emu);
	77	struct emu_cpu *cpu = emu_cpu_get(env->env.lin->emu);
72	78
73	79	if ( cpu->instr.is_fpu == false
…	…
86	92	if ( env_linux_syscalls[callnum].fnhook != NULL )
87	93	{
88		name = env_linux_syscalls[callnum].fnhook(env);
	94	name = env_linux_syscalls[callnum].fnhook(env->env.lin);
89	95	}
90	96
91	97	if ( name != NULL )
92	98	{
93		struct emu_hashtable_item ehi = emu_hashtable_search(env->syscall_hooks_by_name, (void )name);
	99	struct emu_hashtable_item ehi = emu_hashtable_search(env->env.lin->syscall_hooks_by_name, (void )name);
94	100	if ( ehi != NULL )
95	101	{
96		return~~(struct emu_env_linux_syscall *)~~ ehi->value;
	102	return (struct emu_env_hook *)ehi->value;
97	103	}
98	104	}
…	…
104	110	}
105	111
106		int32_t emu_env_linux_syscall_hook(struct emu_env~~_linux~~ env, const char syscallname,
107		~~int32_t (fnhook)(struct emu_env_linux env, struct emu_env_linux_syscall *syscallfox~~),
	112	int32_t emu_env_linux_syscall_hook(struct emu_env env, const char syscallname,
	113	uint32_t (userhook)(struct emu_env env, struct emu_env_hook *hook, ...),
108	114	void *userdata)
109	115	{
110	116
111		struct emu_hashtable_item ehi = emu_hashtable_search(env->syscall_hooks_by_name, (void )syscallname);
	117	struct emu_hashtable_item ehi = emu_hashtable_search(env->env.lin->syscall_hooks_by_name, (void )syscallname);
112	118	if (ehi != NULL)
113	119	{
114		struct emu_env_linux_syscall syscall = (struct emu_env_linux_syscall )ehi->value;
115		syscall->fnhook = fnhook;
116		syscall->userdata = userdata;
	120
	121	struct emu_env_hook hook = (struct emu_env_hook )ehi->value;
	122	hook->hook.lin->userhook = userhook;
	123	hook->hook.lin->userdata = userdata;
117	124	return 0;
118	125	}
…	…
120	127	return -1;
121	128	}
	129
122	130
123	131	const char env_linux_socketcall(struct emu_env_linux env)

libemu/trunk/src/environment/linux/env_linux_syscall_hooks.c

r1531	r1607
32	32	#include <sys/types.h>
33	33	#include <sys/socket.h>
	34	#include <stdlib.h>
34	35
35	36
…	…
38	39	#include "emu/emu_memory.h"
39	40	#include "emu/emu_string.h"
	41	#include "emu/environment/emu_env.h"
40	42	#include "emu/environment/emu_profile.h"
41	43	#include "emu/environment/linux/emu_env_linux.h"
42	44
43		int32_t env_linux_hook_exit(struct emu_env~~_linux env, struct emu_env_linux_syscall syscall~~)
	45	int32_t env_linux_hook_exit(struct emu_env env, struct emu_env_hook hook)
44	46	{
45	47	printf("sys_exit(2)\n");
…	…
48	50	emu_profile_argument_add_ptr(env->profile, "int", "status", c->reg[ebx]);
49	51
50		emu_cpu_reg32_set(c, eax, 0);
51		return 0;
52		}
53
54		int32_t env_linux_hook_fork(struct emu_env_linux env, struct emu_env_linux_syscall syscall)
	52	if (hook->hook.lin->userhook != NULL)
	53	{
	54	uint32_t r = hook->hook.lin->userhook(env, hook, c->reg[ebx]);
	55	emu_cpu_reg32_set(c, eax, r);
	56	}else
	57	emu_cpu_reg32_set(c, eax, 0);
	58
	59
	60	return 0;
	61	}
	62
	63	int32_t env_linux_hook_fork(struct emu_env env, struct emu_env_hook hook)
55	64	{
56	65	printf("sys_fork(2)\n");
…	…
62	71	}
63	72
64		int32_t env_linux_hook_execve(struct emu_env~~_linux env, struct emu_env_linux_syscall syscall~~)
	73	int32_t env_linux_hook_execve(struct emu_env env, struct emu_env_hook hook)
65	74	{
66	75	printf("execve\n");
…	…
115	124
116	125
117		int32_t env_linux_hook_dup2(struct emu_env~~_linux env, struct emu_env_linux_syscall syscall~~)
	126	int32_t env_linux_hook_dup2(struct emu_env env, struct emu_env_hook hook)
118	127	{
119	128	struct emu_cpu *c = emu_cpu_get(env->emu);
…	…
131	140
132	141
133		int32_t env_linux_hook_socketcall(struct emu_env~~_linux env, struct emu_env_linux_syscall syscall~~)
	142	int32_t env_linux_hook_socketcall(struct emu_env env, struct emu_env_hook hook)
134	143	{
135	144	struct emu_cpu *c = emu_cpu_get(env->emu);
…	…
147	156	emu_memory_read_dword(emu_memory_get(c->emu),c->reg[ecx]+4*i,a+i);
148	157	}
	158
	159	uint32_t returnvalue = 0;
149	160
150	161	switch ( c->reg[ebx] )
…	…
160	171	emu_profile_argument_add_int(env->profile, "int", "protocol", a[2]);
161	172
162		emu_profile_function_returnvalue_int_set(env->profile, "int", 4);
163		emu_cpu_reg32_set(c, eax, 4);
	173
	174	if (hook->hook.lin->userhook != NULL)
	175	returnvalue = hook->hook.lin->userhook(env, hook, a[0], a[1], a[2]);
	176	else
	177	returnvalue = 14;
	178	emu_profile_function_returnvalue_int_set(env->profile, "int", returnvalue);
	179	emu_cpu_reg32_set(c, eax, returnvalue);
	180
164	181	break;
165	182
…	…
208	225
209	226
	227	if (hook->hook.lin->userhook != NULL)
	228	returnvalue = hook->hook.lin->userhook(env, hook, a[0], &sa, a[2]);
	229	else
	230	returnvalue = 0;
	231	emu_profile_function_returnvalue_int_set(env->profile, "int", returnvalue);
	232	emu_cpu_reg32_set(c, eax, returnvalue);
	233
210	234	}
211		emu_profile_function_returnvalue_int_set(env->profile, "int", 0);
212		emu_cpu_reg32_set(c, eax, 0);
	235
	236
213	237	break;
214	238
…	…
248	272
249	273
	274	if (hook->hook.lin->userhook != NULL)
	275	returnvalue = hook->hook.lin->userhook(env, hook, a[0], &sa, a[2]);
	276	else
	277	returnvalue = 0;
	278
	279	emu_profile_function_returnvalue_int_set(env->profile, "int", returnvalue);
	280	emu_cpu_reg32_set(c, eax, returnvalue);
250	281	}
251		~~emu_profile_function_returnvalue_int_set(env->profile, "int", 0);~~
252		~~emu_cpu_reg32_set(c, eax, 0);~~
253	282	break;
254	283
…	…
260	289	emu_profile_argument_add_int(env->profile, "int", "s", a[0]);
261	290	emu_profile_argument_add_int(env->profile, "int", "backlog", a[1]);
262		emu_profile_function_returnvalue_int_set(env->profile, "int", 0);
263		emu_cpu_reg32_set(c, eax, 0);
	291
	292	if (hook->hook.lin->userhook != NULL)
	293	returnvalue = hook->hook.lin->userhook(env, hook, a[0], a[1]);
	294	else
	295	returnvalue = 0;
	296
	297	emu_profile_function_returnvalue_int_set(env->profile, "int", returnvalue);
	298	emu_cpu_reg32_set(c, eax, returnvalue);
	299
264	300	break;
265	301
…	…
283	319	emu_profile_argument_add_none(env->profile);
284	320
285
286		emu_profile_function_returnvalue_int_set(env->profile, "int", 112);
287		emu_cpu_reg32_set(c, eax, 112);
	321	if (hook->hook.lin->userhook != NULL)
	322	returnvalue = hook->hook.lin->userhook(env, hook, a[0], &sa, a[2]);
	323	else
	324	returnvalue = 0;
	325
	326	emu_profile_function_returnvalue_int_set(env->profile, "int", returnvalue);
	327	emu_cpu_reg32_set(c, eax, returnvalue);
288	328	break;
289	329

libemu/trunk/src/environment/win32/emu_env_w32.c

r1531	r1607
34	34	#include "emu/emu_memory.h"
35	35	#include "emu/emu_hashtable.h"
	36	#include "emu/environment/emu_env.h"
36	37	#include "emu/environment/emu_profile.h"
37	38	#include "emu/environment/win32/emu_env_w32.h"
…	…
157	158	struct emu_env_w32 env = (struct emu_env_w32 )malloc(sizeof(struct emu_env_w32));
158	159	memset(env,0,sizeof(struct emu_env_w32));
159		env->profile = emu_profile_new();
	160	// env->profile = emu_profile_new();
160	161	env->emu = e;
161	162	// write TEB and linklist
…	…
197	198
198	199	// map kernel32.dll to emu's memory at 0x7c800000
199		if (emu_env_w32_load_dll(env,"kernel32.dll") == -1 )
	200	if (emu_env_w32_load_dll(env,"kernel32.dll") == -1)
200	201	{
201	202	free(env);
…	…
215	216	}
216	217	free(env->loaded_dlls);
217		emu_profile_free(env->profile);
	218	// emu_profile_free(env->profile);
218	219	free(env);
219	220
…	…
272	273
273	274
274		struct emu_env_~~w32_dll_export emu_env_w32_eip_check(struct emu_env_w32~~ env)
	275	struct emu_env_hook emu_env_w32_eip_check(struct emu_env env)
275	276	{
276	277	uint32_t eip = emu_cpu_eip_get(emu_cpu_get(env->emu));
277	278
278	279	int numdlls=0;
279		while ( env->loaded_dlls[numdlls] != NULL )
	280	while ( env->env.win->loaded_dlls[numdlls] != NULL )
280	281	{
281	282	/* printf("0x%08x %s 0x%08x - 0x%08x \n",
…	…
285	286	env->loaded_dlls[numdlls]->baseaddr + env->loaded_dlls[numdlls]->imagesize);
286	287	*/
287		if ( eip > env->loaded_dlls[numdlls]->baseaddr &&
288		eip < env->~~loaded_dlls[numdlls]->baseaddr + env~~->loaded_dlls[numdlls]->imagesize )
	288	if ( eip > env->env.win->loaded_dlls[numdlls]->baseaddr &&
	289	eip < env->env.win->loaded_dlls[numdlls]->baseaddr + env->env.win->loaded_dlls[numdlls]->imagesize )
289	290	{
290		logDebug(env->e~~mu, "eip %08x is within %s\n",eip, env~~->loaded_dlls[numdlls]->dllname);
291		struct emu_env_w32_dll *dll = env->loaded_dlls[numdlls];
	291	logDebug(env->env.win->emu, "eip %08x is within %s\n",eip, env->env.win->loaded_dlls[numdlls]->dllname);
	292	struct emu_env_w32_dll *dll = env->env.win->loaded_dlls[numdlls];
292	293
293	294	struct emu_hashtable_item ehi = emu_hashtable_search(dll->exports_by_fnptr, (void )(eip - dll->baseaddr));
…	…
299	300	}
300	301
301		struct emu_env_w32_dll_export ex = (struct emu_env_w32_dll_export )ehi->value;
302
303		if ( ex->fnhook != NULL )
	302
	303	struct emu_env_hook hook = (struct emu_env_hook )ehi->value;
	304
	305	if ( hook->hook.win->fnhook != NULL )
304	306	{
305		~~ex->fnhook(env, ex~~);
306		return ex;
	307	hook->hook.win->fnhook(env, hook);
	308	return hook;
307	309	}
308	310	else
309	311	{
310		logDebug(env->emu, "unhooked call to %s\n", ex->fnname);
311		return ex;
	312	logDebug(env->emu, "unhooked call to %s\n", hook->hook.win->fnname);
	313	return hook;
312	314	}
313	315	}
…	…
318	320	}
319	321
320		int32_t emu_env_w32_export_hook(struct emu_env_w32 *env,
321		const char *dllname,
	322	int32_t emu_env_w32_export_hook(struct emu_env *env,
322	323	const char *exportname,
323		~~int32_t (fnhook)(struct emu_env_w32 env, struct emu_env_w32_dll_export *ex~~),
	324	uint32_t (fnhook)(struct emu_env env, struct emu_env_hook *hook, ...),
324	325	void *userdata)
325	326	{
326	327	int numdlls=0;
327		while ( env->loaded_dlls[numdlls] != NULL )
	328	while ( env->env.win->loaded_dlls[numdlls] != NULL )
328	329	{
329		if (dllname == NULL \|\| strncasecmp(env->loaded_dlls[numdlls]->dllname, dllname, strlen(env->loaded_dlls[numdlls]->dllname)) == 0)
	330	if (1)//dllname == NULL \|\| strncasecmp(env->loaded_dlls[numdlls]->dllname, dllname, strlen(env->loaded_dlls[numdlls]->dllname)) == 0)
330	331	{
331		struct emu_hashtable_item ehi = emu_hashtable_search(env->loaded_dlls[numdlls]->exports_by_fnname, (void )exportname);
	332	struct emu_hashtable_item ehi = emu_hashtable_search(env->env.win->loaded_dlls[numdlls]->exports_by_fnname, (void )exportname);
332	333	if (ehi != NULL)
333	334	{
334		struct emu_env_w32_dll_export ex = (struct emu_env_w32_dll_export )ehi->value;
335		ex->fnhook = fnhook;
336		ex->userdata = userdata;
	335	printf("hooked %s\n", exportname);
	336	struct emu_env_hook hook = (struct emu_env_hook )ehi->value;
	337	hook->hook.win->userhook = fnhook;
	338	hook->hook.win->userdata = userdata;
337	339	return 0;
338	340	}

libemu/trunk/src/environment/win32/emu_env_w32_dll.c

r1317	r1607
30	30
31	31	#include "emu/emu.h"
	32	#include "emu/environment/emu_env.h"
32	33	#include "emu/environment/win32/emu_env_w32_dll.h"
33	34	#include "emu/environment/win32/emu_env_w32_dll_export.h"
…	…
45	46	emu_hashtable_free(dll->exports_by_fnptr);
46	47	emu_hashtable_free(dll->exports_by_fnname);
47		free(dll->exports);
	48	free(dll->exportx);
	49	free(dll->hooks);
48	50	free(dll->dllname);
49	51	free(dll);
…	…
106	108	size = i;
107	109
108		to->exports = (struct emu_env_w32_dll_export )malloc(sizeof(struct emu_env_w32_dll_export) size);
109		memcpy(to->exports, from, sizeof(struct emu_env_w32_dll_export) * size);
	110	to->exportx = malloc(sizeof(struct emu_env_w32_dll_export) * size);
	111	to->hooks = malloc(sizeof(struct emu_env_hook) * size);
	112	memcpy(to->exportx, from, sizeof(struct emu_env_w32_dll_export) * size);
	113
110	114
111	115	to->exports_by_fnptr = emu_hashtable_new(size, dll_export_fnptr_hash, dll_export_fnptr_cmp);
…	…
114	118	for (i=0;from[i].fnname != 0; i++)
115	119	{
116		struct emu_env_w32_dll_export *ex = &to->exports[i];
117		emu_hashtable_insert(to->exports_by_fnptr, (void *)from[i].virtualaddr, ex);
118		emu_hashtable_insert(to->exports_by_fnname, (void *)from[i].fnname, ex);
	120	struct emu_env_w32_dll_export *ex = &to->exportx[i];
	121	struct emu_env_hook *hook = &to->hooks[i];
	122	hook->type = emu_env_type_win32;
	123	hook->hook.win = ex;
	124
	125	emu_hashtable_insert(to->exports_by_fnptr, (void *)from[i].virtualaddr, hook);
	126	emu_hashtable_insert(to->exports_by_fnname, (void *)from[i].fnname, hook);
119	127	}
120	128	}

libemu/trunk/src/environment/win32/env_w32_dll_export_kernel32_hooks.c

r1531	r1607
49	49	#include "emu/emu_hashtable.h"
50	50	#include "emu/emu_string.h"
	51	#include "emu/environment/emu_env.h"
51	52	#include "emu/environment/emu_profile.h"
52	53	#include "emu/environment/win32/emu_env_w32.h"
…	…
56	57
57	58
58		int32_t env_w32_hook_CloseHandle(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~)
	59	int32_t env_w32_hook_CloseHandle(struct emu_env env, struct emu_env_hook hook)
59	60	{
60	61	printf("Hook me Captain Cook!\n");
…	…
85	86
86	87
87		int32_t env_w32_hook_CreateFileA(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~)
	88	int32_t env_w32_hook_CreateFileA(struct emu_env env, struct emu_env_hook hook)
88	89	{
89	90	printf("Hook me Captain Cook!\n");
…	…
145	146
146	147
147		int32_t env_w32_hook_CreateProcessA(struct emu_env~~_w32 env, struct emu_env_w32_dll_export ex~~)
	148	int32_t env_w32_hook_CreateProcessA(struct emu_env env, struct emu_env_hook hook)
148	149	{
149	150	printf("Hook me Captain Cook!\n");
…	…
272	273
273	274
274
275