#define NOMINMAX #define _CRT_SECURE_NO_WARNINGS #include #include #include #include #include int __cdecl main( int argc, const char *argv[] ) { argparse::argument_parser_t cli_parser( "llo stage-one", "llo stage one demo" ); cli_parser.add_argument() .names( { "-i", "--input" } ) .description( "input file, must be a supported file format..." ) .required( true ); cli_parser.add_argument() .names( { "-s", "--symbols" } ) .description( "path to symbols file, must be a supported file format... pdb, map, etc..." ); cli_parser.enable_help(); auto err = cli_parser.parse( argc, argv ); if ( err ) { std::cout << err << std::endl; cli_parser.print_help(); return -1; } auto name{ cli_parser.get< std::string >( "input" ) }; if ( !std::filesystem::exists( name ) ) { std::printf( "[!] input file does not exist...\n" ); return -1; } std::vector< std::uint8_t > image; if ( !llo::utils::open_binary_file( name, image ) ) { std::printf( "[!] failed to read file off disk...\n" ); return -1; } std::shared_ptr< llo::s1::symbol_loader_base_t > symbol_loader = nullptr; if ( cli_parser.exists( "symbols" ) ) { std::filesystem::path symbols_file{ cli_parser.get< std::string >( "symbols" ) }; if ( !symbols_file.extension().compare( ".map" ) ) { symbol_loader = std::make_shared< llo::s1::symbol_loader_map_t >( symbols_file.string() ); } else if ( !symbols_file.extension().compare( ".pdb" ) ) { // TODO: // symbol_loader = std::make_shared< llo::s1::symbol_loader_pdb_t >( symbols_file ); } else { std::printf( "[!] unknown symbol file extension: %s\n", symbols_file.extension().c_str() ); return -1; } } std::shared_ptr< llo::s1::dctor_base_t > file_dctor = nullptr; std::filesystem::path file_path{ name }; if ( !file_path.extension().compare( ".exe" ) || !file_path.extension().compare( ".dll" ) || !file_path.extension().compare( ".sys" ) ) { file_dctor = std::make_shared< llo::s1::dctor_pe_t >( image, symbol_loader.get() ); } else if ( !file_path.extension().compare( ".lib" ) ) { file_dctor = std::make_shared< llo::s1::dctor_lib_t >( image, symbol_loader.get() ); } else if ( !file_path.extension().compare( ".o" ) || !file_path.extension().compare( ".so" ) ) { // TODO: // file_dctor = std::make_shared< llo::s1::dctor_elf_t >( image, symbol_loader.get() ); } else { std::printf( "[!] unknown file extension: %s\n", file_path.extension().c_str() ); return -1; } xed_tables_init(); llo::lloiff_t iff( name, image ); file_dctor->generate( iff ); std::printf( "> iff number of children = %d\n", iff.children.size() ); for ( auto §ion : iff.sections ) { std::printf( "> section name = %s\n", section.section_name.get_data().c_str() ); std::printf( "> section data = %p\n", section.raw.data() ); if ( section.characteristics.prot.is_executable ) std::printf( "> number of instructions = %d\n", section.instrs.size() ); std::printf( "> size of raw section = %d\n", section.raw.size() ); } for ( auto &child : iff.children ) { for ( auto §ion : child->sections ) { std::printf( "> section name = %s\n", section.section_name.get_data().c_str() ); std::printf( "> section data = %p\n", section.raw.data() ); if ( section.characteristics.prot.is_executable ) std::printf( "> number of instructions = %d\n", section.instrs.size() ); std::printf( "> size of raw section = %d\n", section.raw.size() ); } } std::getchar(); }