victor/Analisis_De_Software
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first files

Browse Source
This commit is contained in:
victor
2025-03-29 18:17:41 +01:00
parent a0a4afce31
commit 2d70eb315c
10 changed files with 121 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
Practica_2/Ej1_main.pdf Normal file
View File

Binary file not shown.

BIN
Practica_2/Ej1_main.png-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 254 KiB

40
Practica_2/Ej1_main.txt Normal file
View File

@ -0,0 +1,40 @@
[0x08048390]> pdf @ main
;-- main:
/ (fcn) main 92
| main ();
| ; var int local_ch @ ebp-0xc
| ; var int local_4h_2 @ ebp-0x4
| ; var int local_4h @ esp+0x4
| ; DATA XREF from 0x080483a7 (entry0)
| 0x080484d7 8d4c2404 lea ecx, [local_4h] ; 4
| 0x080484db 83e4f0 and esp, 0xfffffff0
| 0x080484de ff71fc push dword [ecx - 4]
| 0x080484e1 55 push ebp
| 0x080484e2 89e5 mov ebp, esp
| 0x080484e4 51 push ecx
| 0x080484e5 83ec14 sub esp, 0x14
| 0x080484e8 83ec08 sub esp, 8
| 0x080484eb 6a64 push 0x64 ; 'd' ; 100
| 0x080484ed 6a00 push 0
| 0x080484ef e897ffffff call sym.read_valid_int
| 0x080484f4 83c410 add esp, 0x10
| 0x080484f7 8945f4 mov dword [local_ch], eax
| 0x080484fa 8b45f4 mov eax, dword [local_ch]
| 0x080484fd 83e001 and eax, 1
| 0x08048500 85c0 test eax, eax
| ,=< 0x08048502 7512 jne 0x8048516
| | 0x08048504 83ec0c sub esp, 0xc
| | 0x08048507 68ea850408 push str.x_is_even ; 0x80485ea ; "x is even"
| | 0x0804850c e83ffeffff call sym.imp.puts ; int puts(const char *s)
| | 0x08048511 83c410 add esp, 0x10
| ,==< 0x08048514 eb10 jmp 0x8048526
| |`-> 0x08048516 83ec0c sub esp, 0xc
| | 0x08048519 68f4850408 push str.x_is_odd ; 0x80485f4 ; "x is odd"
| | 0x0804851e e82dfeffff call sym.imp.puts ; int puts(const char *s)
| | 0x08048523 83c410 add esp, 0x10
| | ; JMP XREF from 0x08048514 (main)
| `--> 0x08048526 b800000000 mov eax, 0
| 0x0804852b 8b4dfc mov ecx, dword [local_4h_2]
| 0x0804852e c9 leave
| 0x0804852f 8d61fc lea esp, [ecx - 4]
\ 0x08048532 c3 ret

BIN
Practica_2/Ej1_read_valid_int.pdf Normal file
View File

Binary file not shown.

BIN
Practica_2/Ej1_read_valid_int.png-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 240 KiB

32
Practica_2/Ej1_read_valid_int.txt Normal file
View File

@ -0,0 +1,32 @@
[0x080485a4]> pdf @ sym.read_valid_int
/ (fcn) sym.read_valid_int 76
| sym.read_valid_int (int arg_8h, int arg_ch);
| ; var int local_ch @ ebp-0xc
| ; arg int arg_8h @ ebp+0x8
| ; arg int arg_ch @ ebp+0xc
| ; CALL XREF from 0x080484ef (main)
| 0x0804848b 55 push ebp
| 0x0804848c 89e5 mov ebp, esp
| 0x0804848e 83ec18 sub esp, 0x18
| 0x08048491 c745f4000000. mov dword [local_ch], 0 ;->int x=0 en dirección ebp-0xc
| ..-> 0x08048498 83ec04 sub esp, 4
| :: 0x0804849b ff750c push dword [arg_ch]
| :: 0x0804849e ff7508 push dword [arg_8h]
| :: 0x080484a1 68c0850408 push str.Provide_a_number_x_between__d_and__d: ; 0x80485c0 ; "Provide a number x between %d and %d: "
| :: 0x080484a6 e895feffff call sym.imp.printf ; int printf(const char *format)
| :: 0x080484ab 83c410 add esp, 0x10
| :: 0x080484ae 83ec08 sub esp, 8
| :: 0x080484b1 8d45f4 lea eax, [local_ch]
| :: 0x080484b4 50 push eax
| :: 0x080484b5 68e7850408 push 0x80485e7
| :: 0x080484ba e8b1feffff call sym.imp.__isoc99_scanf ;->scanf
| :: 0x080484bf 83c410 add esp, 0x10
| :: 0x080484c2 8b45f4 mov eax, dword [local_ch] ;->guarda valor de x en eax
| :: 0x080484c5 394508 cmp dword [arg_8h], eax ; [0x13:4]=-1 ; 19 ;-> min < x
| `==< 0x080484c8 7fce jg 0x8048498
| : 0x080484ca 8b45f4 mov eax, dword [local_ch] ;->guarda valor de x en eax
| : 0x080484cd 3b450c cmp eax, dword [arg_ch] ; [0xc:4]=-1 ; 12 ;-> x > max
| `=< 0x080484d0 7fc6 jg 0x8048498
| 0x080484d2 8b45f4 mov eax, dword [local_ch]
| 0x080484d5 c9 leave
\ 0x080484d6 c3 ret

49
Practica_2/analisis_grafos.py Normal file
View File

@ -0,0 +1,49 @@
import angr
from angrutils import * # for plot_cfg
import sys
import os
if len(sys.argv) != 2:
print("Usage: python2 analisis_grafos.py <binary_file>")
sys.exit(1)
binary_path = sys.argv[1]
proj = angr.Project(binary_path, load_options={'auto_load_libs': False})
main = proj.loader.main_object.get_symbol("main")
start_state = proj.factory.blank_state(addr=main.rebased_addr)
cfg = proj.analyses.CFGAccurate(
fail_fast=True, starts=[main.rebased_addr], initial_state=start_state
)
print("This is the graph:", cfg.graph)
print("It has %d nodes and %d edges" % (len(cfg.graph.nodes()), len(cfg.graph.edges())))
# this grabs *any* node at a given location:
entry_node = cfg.get_any_node(main.rebased_addr)
# on the other hand, this grabs all of the nodes
print(
"There were %d contexts for the entry block"
% len(cfg.get_all_nodes(main.rebased_addr))
)
# we can also look up predecessors and successors
print("Predecessors of the entry point:", entry_node.predecessors)
print("Successors of the entry point:", entry_node.successors)
print(
"Successors (and type of jump) of the entry point:",
[
jumpkind + " to " + str(node.addr)
for node, jumpkind in cfg.get_successors_and_jumpkind(entry_node)
],
)
# Get the filename without extension
filename_without_extension = os.path.splitext(os.path.basename(binary_path))[0]
plot_cfg(
cfg,
filename_without_extension,
asminst=True,
remove_imports=True,
remove_path_terminator=True,
)

BIN
Practica_2/ejemplo_cfg.out Executable file
View File

Binary file not shown.

BIN
Practica_2/ejemplo_cfg.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 141 KiB

BIN
Practica_2/feedme.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 403 KiB