Implémentation du rondoudou patch v2
This commit is contained in:
parent
f3d2022c2e
commit
239e8ba670
5 changed files with 233 additions and 0 deletions
6
patch2/CMakeLists.txt
Normal file
6
patch2/CMakeLists.txt
Normal file
|
@ -0,0 +1,6 @@
|
|||
cmake_minimum_required(VERSION 3.17)
|
||||
project(patch2 C)
|
||||
|
||||
set(CMAKE_C_STANDARD 99)
|
||||
|
||||
add_executable(patch2 main.c rondoudou_patch2.h rondoudou_patch2.c)
|
2
patch2/Makefile
Normal file
2
patch2/Makefile
Normal file
|
@ -0,0 +1,2 @@
|
|||
test_patch2: main.c rondoudou_patch2.c rondoudou_patch2.h
|
||||
gcc -Wall -g main.c rondoudou_patch2.c -o test_patch2
|
35
patch2/main.c
Normal file
35
patch2/main.c
Normal file
|
@ -0,0 +1,35 @@
|
|||
#include "rondoudou_patch2.h"
|
||||
|
||||
void f() {
|
||||
cipher;
|
||||
print_log("Dans f\n");
|
||||
decipher;
|
||||
}
|
||||
|
||||
void g(int a) {
|
||||
cipher;
|
||||
print_log("Dans g(%d)\n", a);
|
||||
decipher;
|
||||
}
|
||||
|
||||
int h(int a) {
|
||||
cipher;
|
||||
print_log("Dans h(%d)\n", a);
|
||||
change_key(1516531);
|
||||
|
||||
decipher;
|
||||
return 5;
|
||||
}
|
||||
|
||||
|
||||
int main() {
|
||||
cipher;
|
||||
print_log("Appel de f\n");
|
||||
f();
|
||||
print_log("Appel de g(3)\n");
|
||||
g(3);
|
||||
print_log("Appel de f(6)\n");
|
||||
h(6);
|
||||
decipher;
|
||||
return 0;
|
||||
}
|
21
patch2/rondoudou_patch2.c
Normal file
21
patch2/rondoudou_patch2.c
Normal file
|
@ -0,0 +1,21 @@
|
|||
#include <stdio.h>
|
||||
#include <stdarg.h>
|
||||
#include "rondoudou_patch2.h"
|
||||
|
||||
int rondoudou_patch_call_level = 0;
|
||||
uintptr_t rondoudou_patch_key = 0xffffffffffffffff;
|
||||
uintptr_t rondoudou_patch_offset = 1;
|
||||
uintptr_t *rondoudou_patch_return_addr_addr = 0;
|
||||
|
||||
int print_debug = 1;
|
||||
|
||||
int print_log(const char *format, ...) {
|
||||
if (print_debug) {
|
||||
va_list args;
|
||||
va_start(args, format);
|
||||
int ret = vprintf(format, args);
|
||||
va_end(args);
|
||||
return ret;
|
||||
}
|
||||
return 0;
|
||||
}
|
169
patch2/rondoudou_patch2.h
Normal file
169
patch2/rondoudou_patch2.h
Normal file
|
@ -0,0 +1,169 @@
|
|||
#ifndef PATCH2_RONDOUDOU_PATCH2_H
|
||||
#define PATCH2_RONDOUDOU_PATCH2_H
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
extern int rondoudou_patch_call_level;
|
||||
extern uintptr_t rondoudou_patch_key;
|
||||
extern uintptr_t rondoudou_patch_offset;
|
||||
extern uintptr_t *rondoudou_patch_return_addr_addr;
|
||||
|
||||
int print_log(const char *format, ...);
|
||||
|
||||
#define cipher \
|
||||
do { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(0) + rondoudou_patch_offset; \
|
||||
print_log("cipher : base return address = %018p\n", __builtin_return_address(0));\
|
||||
/*print_log("cipher : Return address = %018p\n", *rondoudou_patch_return_addr_addr);*/\
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("cipher : encrypted return address = %018p\n", __builtin_return_address(0));\
|
||||
/*print_log("cipher : Return address = %018p\n", *rondoudou_patch_return_addr_addr);*/\
|
||||
rondoudou_patch_call_level++; \
|
||||
} while(0)
|
||||
|
||||
#define decipher \
|
||||
do { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(0) + rondoudou_patch_offset; \
|
||||
print_log("decipher: encrypted return address = %018p\n", __builtin_return_address(0));\
|
||||
/*print_log("decipher: Return address = %018p\n", *rondoudou_patch_return_addr_addr);*/\
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("decipher: decrypted return address = %018p\n", __builtin_return_address(0));\
|
||||
/*print_log("decipher: Return address = %018p\n", *rondoudou_patch_return_addr_addr);*/\
|
||||
rondoudou_patch_call_level--; \
|
||||
} while(0)
|
||||
|
||||
#define change_key(new_key) \
|
||||
do { \
|
||||
print_log("\n--- Changing key ---\n"); \
|
||||
print_log("Call_level = %d\n", rondoudou_patch_call_level); \
|
||||
\
|
||||
if (rondoudou_patch_call_level > 0) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(0) + rondoudou_patch_offset; \
|
||||
print_log("0: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("0: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("0: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
if (rondoudou_patch_call_level > 1) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(1) + rondoudou_patch_offset; \
|
||||
print_log("1: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("1: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("1: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
\
|
||||
if (rondoudou_patch_call_level > 2) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(2) + rondoudou_patch_offset; \
|
||||
print_log("2: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("2: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("2: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
\
|
||||
if (rondoudou_patch_call_level > 3) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(3) + rondoudou_patch_offset; \
|
||||
print_log("3: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("3: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("3: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
\
|
||||
\
|
||||
if (rondoudou_patch_call_level > 4) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(4) + rondoudou_patch_offset; \
|
||||
print_log("4: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("4: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("4: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
\
|
||||
if (rondoudou_patch_call_level > 6) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(6) + rondoudou_patch_offset; \
|
||||
print_log("6: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("6: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("6: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
if (rondoudou_patch_call_level > 7) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(7) + rondoudou_patch_offset; \
|
||||
print_log("7: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("7: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("7: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
if (rondoudou_patch_call_level > 8) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(8) + rondoudou_patch_offset; \
|
||||
print_log("8: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("8: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("8: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
if (rondoudou_patch_call_level > 9) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(9) + rondoudou_patch_offset; \
|
||||
print_log("9: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("9: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("9: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
if (rondoudou_patch_call_level > 10) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(10) + rondoudou_patch_offset; \
|
||||
print_log("10: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("10: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("10: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
if (rondoudou_patch_call_level > 11) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(11) + rondoudou_patch_offset; \
|
||||
print_log("11: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("11: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("11: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
if (rondoudou_patch_call_level > 12) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(12) + rondoudou_patch_offset; \
|
||||
print_log("12: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("12: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("12: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
if (rondoudou_patch_call_level > 13) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(13) + rondoudou_patch_offset; \
|
||||
print_log("13: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("13: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("13: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
if (rondoudou_patch_call_level > 14) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(14) + rondoudou_patch_offset; \
|
||||
print_log("14: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("14: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("14: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
if (rondoudou_patch_call_level > 15) { \
|
||||
rondoudou_patch_return_addr_addr = (uintptr_t *)__builtin_frame_address(15) + rondoudou_patch_offset; \
|
||||
print_log("15: encrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ rondoudou_patch_key; \
|
||||
print_log("15: decrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
*rondoudou_patch_return_addr_addr = *rondoudou_patch_return_addr_addr ^ new_key; \
|
||||
print_log("15: reencrypted ret address = %018p\n", *rondoudou_patch_return_addr_addr); \
|
||||
} \
|
||||
print_log("\n"); \
|
||||
rondoudou_patch_key = new_key; \
|
||||
} while (0)
|
||||
|
||||
#endif //PATCH2_RONDOUDOU_PATCH2_H
|
Loading…
Reference in a new issue