sha0coder
sha0coder
thanks a lot, this type of bugs is good to know. for now 64bits only support shellcodes, 32bits support shellcodes and exe's. btw this is an opportunity to fix a...
Ok fixed for debug build also, thanks guys.
Same vagrant ubuntu/focal64 same libc + sudo version (manually compiled) and don't work, even don't seem exploitable: The "@CCCCC" buffers are far from the "systemd" and other service_user structures (0x1000...
this works for ARM32 but should be tested on ARM16: ```c case ARM_INS_BLX: r_strbuf_appendf (&op->esil, "1,%s,&,tf,:=", ARG (0)); ``` ```c case ARM_INS_B: if (ISREG (0) && REGID (0) == ARM_REG_PC)...
The 'list' command is pointing to runes object, but not sure if it's well synced with the source.
UML emulation, interesting, good opportunity to improve algorithms. uml is dynamic-linked which is not supported for now, one option is compile it statically. For emulating UML is necessary to implement...
Ok the strtab sometimes is vaddr instead of file offset, fixed. ```assembly ~/s/scemu ❯❯❯ target/release/scemu -f '/home/sha0/Downloads/Telegram Desktop/uml/linux-user-mode/linux-6.2.2-uml-vmlinux' -6 -vv -c 11 initializing regs loading memory maps elf64 detected. loading...
Hooks are already implemented in rust, but I tried several times to provide them on the python module and I couldn't find the way using pyo3. Prolly you have to...
yeah, for now I think is more convinient not emulating aslr. For debugging/emulating/automating having predictable addresses is quite nice. This is probably more likely process space simulation than emulation.
yes i have to refactor this, for now one option is loading it manually: ``` let map = emu.maps.create_map("something") map.set_base(0x400000) map.load("file.sys") in pyscemu: emu.load_map("code", "memdump_052D0000.bin", 0x52d0000) ```