search

tum-i4 / self-checksumming

10 stars 6 forks source link

Supports 64bit address #61

Open sploving opened 5 years ago

sploving commented 5 years ago

Hello, On MacOS, I met the following error: Traceback (most recent call last): File "dump_pipe.py", line 214, in address_patch = patch_placeholder(mm,'<I', addresses, patch['add_placeholder'], patch['add_target']) File "dump_pipe.py", line 98, in patch_placeholder patch_bytes = struct.pack(struct_flag, target_value) struct.error: 'I' format requires 0 <= number <= 4294967295

The address on MacOS is as the following:

{u'entry0': {'offset': 4294970912, 'size': 170}, u'sym._add': {'offset': 4294970880, 'size': 26}, u'sym._ttt': {'offset': 4294970608, 'size': 122}, u'sym._guardMe': {'offset': 4294971088, 'size': 137}, u'sym.imp.abort': {'offset': 4294971226, 'size': 6}, u'sym.imp.printf': {'offset': 4294971232, 'size': 6}, u'sym._addsum': {'offset': 4294970736, 'size': 144}}

Thanks.

mr-ma commented 5 years ago

Hey, We have not really tested our tools on any operation systems other than Ubuntu. How about using our docker container? Here you can find a docker file along with all the necessary steps to run the container: https://github.com/mr-ma/sip-eval/tree/acsac

sploving commented 5 years ago

Hello, On ubuntu, it works well. Thanks. Any example to run SC on large project such as openSSL. Current patcher script only deals with one file. (I am using this patcher: https://github.com/tum-i22/self-checksumming/blob/acsac/patcher/dump_pipe.py)How to make post-patching works with lots of files? Can machine pass do this job instead the pacher script? Thank you.

mr-ma commented 5 years ago

No, unfortunately the patcher deals only with one file. You could use MakeAdditions to compile all files into a single bitcode file and subsequently run the protection pass on it.

Can machine pass do this job instead the pacher script?

Sure, def a better alternative.

sploving commented 5 years ago

Hello, On MacOS, I met the following error: Traceback (most recent call last): File "dump_pipe.py", line 214, in address_patch = patch_placeholder(mm,'<I', addresses, patch['add_placeholder'], patch['add_target']) File "dump_pipe.py", line 98, in patch_placeholder patch_bytes = struct.pack(struct_flag, target_value) struct.error: 'I' format requires 0 <= number <= 4294967295

I know it. On macOS, the binary address starts 0x100000000, which is 64 bit. This is different from ubuntu. So it happens the above error.

The address on MacOS is as the following:

{u'entry0': {'offset': 4294970912, 'size': 170}, u'sym._add': {'offset': 4294970880, 'size': 26}, u'sym._ttt': {'offset': 4294970608, 'size': 122}, u'sym._guardMe': {'offset': 4294971088, 'size': 137}, u'sym.imp.abort': {'offset': 4294971226, 'size': 6}, u'sym.imp.printf': {'offset': 4294971232, 'size': 6}, u'sym._addsum': {'offset': 4294970736, 'size': 144}}

Thanks.