Add hexdump to print non-ascii characters

Question

Add hexdump to print non-ascii characters

Ekultek opened this issue 3 years ago · 5 comments

(venv) me@DESKTOP-123456:~$ ROPgadget --binary '/bin/ls' --string '.+\w+(.)?\\.+'
Strings information
============================================================
0x000000000001c7bf : ��G��BI�\��
0x000000000001c7f7 : ��G��BI�\��
0x000000000001ca32 : ��A��BN�\
Traceback (most recent call last):
  File "/home/me/erop/venv/bin/ROPgadget", line 12, in <module>
    ropgadget.main()
  File "/home/me/erop/venv/lib/python3.8/site-packages/ropgadget/__init__.py", line 30, in main
    sys.exit(0 if Core(args.getArgs()).analyze() else 1)
  File "/home/me/erop/venv/lib/python3.8/site-packages/ropgadget/core.py", line 246, in analyze
    return self.__lookingForAString(self.__options.string)
  File "/home/me/erop/venv/lib/python3.8/site-packages/ropgadget/core.py", line 176, in __lookingForAString
    print("0x{{0:0{}x}} : {{1}}".format(8 if arch == CS_MODE_32 else 16).format(vaddr, match.decode()))
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xb0 in position 12: invalid start byte
(venv) me@DESKTOP-123456:~$

Create a hexdump for it so that it can decode the string properly, for example (in core.py):

class Core(cmd.Cmd):
    ....
    
    def __hexdump(self, s):
        acceptable = string.printable[0:-6] # everything except \x00 and shit like that
        results = []
        for c in list(s):
            if c in acceptable:
                results.append(c)
            else:
                results.append(".")
        return "".join(results)
        
    ...

        def __lookingForAString(self, string):
        ....
                try:
                    match = section["opcodes"][ref:ref + len(string)]
                    print("0x{{0:0{}x}} : {{1}}".format(8 if arch == CS_MODE_32 else 16).format(vaddr, match.decode()))
                except UnicodeDecodeError:
                    match = self.__hexdump(section["opcodes"][ref:ref + len(string)].decode())
                    print("0x{{0:0{}x}} : {{1}}".format(8 if arch == CS_MODE_32 else 16).format(vaddr, match))
        return True

This way if anything comes up thats not printable you can still see it without crashing the program

Answer 1 · 2022-02-14T17:23:57.000Z

Can you make a PR with this fix?

Answer 2 · 2022-02-14T18:24:13.000Z

@SweetVishnya yes I can, I don't have time right now though that's why I put it in an issue.

Answer 3 · 2022-03-02T16:32:12.000Z

Hey, I'm most likely not going to have time in the near future, so the code above should work, if you want to test it.

Answer 4 · 2022-03-02T17:04:45.000Z

Ok, I'll try to find time this week to apply this patch.

Answer 5 · 2022-03-11T16:05:04.000Z

I merged a fix to master