radareorg
Fixes for Issues in #20540 (ragg2 related)
- [x] Mark this if you consider it ready to merge
- [ ] I've added tests (optional)
- [x] I wrote some lines in the book (optional)
Description
Fix for Issue 1: 'c' type shellcode not working
const char cstr[27] = ""\
"\xeb\x0efffff.\x0f\x1f\x84\x00\x00\x00\x00\x001\xc0\xc7D$\xfc"\
"\x00\x00\x00\x00\xc3";
The \x001 is supposed to be interpreted as '\x00-0x31' (The '1' is a character), but the C compiler is talking it as '\x00-\x01'. This is a problem. Here is the compiler version.
$ gcc --version
gcc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0
Copyright (C) 2017 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Fix for this is simply emitting hex-code even for printable characters(So that '1' is emitted as \x31).
Fix for Issue 2: PE executables not generated on Linux-x64
The switch case code which goes over all the file formats was not covering PE format. The fix has been added - its simply calling create with the right flags. PE32 binaries are created but not PE64/PE32+ binaries - looks like it is yet to be implemented. Being tracked through https://github.com/radareorg/radare2/issues/20566.
Along with these, please consider this PR https://github.com/radareorg/radare2-book/pull/347 for r2-book on ragg2.
Regards, Adwaith
i dont think the new output is better, you can use pcx for an alternative byte-only output for C
Okay. But leaving it untouched will lead to erroneous code in the final executable. What do we do about that?