Refactor sandbox add api set

example/jitter/arm_sc.py

@@ -1,31 +1,30 @@
 #! /usr/bin/env python2
 #-*- coding:utf-8 -*-
 from miasm.core.utils import int_to_byte
-from miasm.analysis.sandbox import Sandbox_Linux_armb_str
-from miasm.analysis.sandbox import Sandbox_Linux_arml_str
+from miasm.analysis.sandbox import Sandbox_Linux_armb_shellcode
+from miasm.analysis.sandbox import Sandbox_Linux_arml_shellcode
 from miasm.loader.strpatchwork import StrPatchwork
 from miasm.core.locationdb import LocationDB
 
 from pdb import pm
 
-parser = Sandbox_Linux_arml_str.parser(description="""Sandbox an elf binary with arm engine
+parser = Sandbox_Linux_arml_shellcode.parser(description="""Sandbox an elf binary with arm engine
 (ex: jit_arm_sc.py example/demo_arm_l.bin)""")
-parser.add_argument("filename", help="string Filename")
 parser.add_argument("endianness", help="endianness [b/l]")
 parser.add_argument('-v', "--verbose",
                     help="verbose mode", action="store_true")
 
 options = parser.parse_args()
 
 if options.endianness == 'b':
-    sandbox = Sandbox_Linux_armb_str
+    sandbox = Sandbox_Linux_armb_shellcode
 elif options.endianness == 'l':
-    sandbox = Sandbox_Linux_arml_str
+    sandbox = Sandbox_Linux_arml_shellcode
 else:
     raise ValueError("Bad endianness!")
 
 loc_db = LocationDB()
-sb = sandbox(loc_db, options.filename, options, globals())
+sb = sandbox(loc_db, options, globals())
 
 if options.address is None:
     raise ValueError('invalid address')

example/jitter/run_with_linuxenv.py

@@ -58,6 +58,7 @@
 ld_path = linux_env.filesystem.resolve_path(ld_path)
 cont_ld = Container.from_stream(
     open(ld_path, "rb"),
+    loc_db=loc_db,
     vm=jitter.vm,
     addr=0x80000000,
     apply_reloc=True

example/jitter/sandbox_call.py

@@ -9,11 +9,10 @@
 
 # Parse arguments
 parser = Sandbox_Linux_arml.parser(description="ELF sandboxer")
-parser.add_argument("filename", help="ELF Filename")
 options = parser.parse_args()
 
 loc_db = LocationDB()
-sb = Sandbox_Linux_arml(loc_db, options.filename, options, globals())
+sb = Sandbox_Linux_arml(loc_db, options, globals())
 
 with open(options.filename, "rb") as fdesc:
     cont = Container.from_stream(fdesc, loc_db)

example/jitter/sandbox_elf_aarch64l.py

@@ -8,12 +8,11 @@
 
 # Parse arguments
 parser = Sandbox_Linux_aarch64l.parser(description="ELF sandboxer")
-parser.add_argument("filename", help="ELF Filename")
 options = parser.parse_args()
 
 # Create sandbox
 loc_db = LocationDB()
-sb = Sandbox_Linux_aarch64l(loc_db, options.filename, options, globals())
+sb = Sandbox_Linux_aarch64l(loc_db, options, globals())
 
 log_func.setLevel(logging.ERROR)
 

example/jitter/arm.py → example/jitter/sandbox_elf_arml.py

@@ -10,13 +10,12 @@
 # Get arguments
 parser = Sandbox_Linux_arml.parser(description="""Sandbox an elf binary with arm
  engine (ex: jit_arm.py samples/md5_arm -a A684)""")
-parser.add_argument("filename", help="ELF Filename")
 parser.add_argument('-v', "--verbose", help="verbose mode", action="store_true")
 options = parser.parse_args()
 
 # Prepare the sandbox
 loc_db = LocationDB()
-sb = Sandbox_Linux_arml(loc_db, options.filename, options, globals())
+sb = Sandbox_Linux_arml(loc_db, options, globals())
 
 # Handle 'verbose' option
 if options.verbose is True:

example/jitter/sandbox_elf_ppc32.py

@@ -10,12 +10,11 @@
 
 # Parse arguments
 parser = Sandbox_Linux_ppc32b.parser(description="ELF sandboxer")
-parser.add_argument("filename", help="ELF Filename")
 options = parser.parse_args()
 
 # Create sandbox
 loc_db = LocationDB()
-sb = Sandbox_Linux_ppc32b(loc_db, options.filename, options, globals())
+sb = Sandbox_Linux_ppc32b(loc_db, options, globals())
 log_func.setLevel(logging.ERROR)
 
 sb.run()

example/jitter/sandbox_pe_x86_32.py

@@ -1,16 +1,15 @@
 from pdb import pm
-from miasm.analysis.sandbox import Sandbox_Win_x86_32
+from miasm.analysis.sandbox import Sandbox_WinXP_x86_32
 from miasm.core.locationdb import LocationDB
 # Insert here user defined methods
 
 # Parse arguments
-parser = Sandbox_Win_x86_32.parser(description="PE sandboxer")
-parser.add_argument("filename", help="PE Filename")
+parser = Sandbox_WinXP_x86_32.parser(description="PE sandboxer")
 options = parser.parse_args()
 
 # Create sandbox
 loc_db = LocationDB()
-sb = Sandbox_Win_x86_32(loc_db, options.filename, options, globals())
+sb = Sandbox_WinXP_x86_32(loc_db, options, globals())
 
 # Run
 sb.run()

example/jitter/sandbox_pe_x86_64.py

@@ -1,17 +1,16 @@
 from pdb import pm
-from miasm.analysis.sandbox import Sandbox_Win_x86_64
+from miasm.analysis.sandbox import Sandbox_WinXP_x86_64
 from miasm.core.locationdb import LocationDB
 
 # Insert here user defined methods
 
 # Parse arguments
-parser = Sandbox_Win_x86_64.parser(description="PE sandboxer")
-parser.add_argument("filename", help="PE Filename")
+parser = Sandbox_WinXP_x86_64.parser(description="PE sandboxer")
 options = parser.parse_args()
 
 # Create sandbox
 loc_db = LocationDB()
-sb = Sandbox_Win_x86_64(loc_db, options.filename, options, globals())
+sb = Sandbox_WinXP_x86_64(loc_db, options, globals())
 
 # Run
 sb.run()

example/jitter/test_x86_32_seh.py

@@ -1,6 +1,6 @@
 import os
 from pdb import pm
-from miasm.analysis.sandbox import Sandbox_Win_x86_32
+from miasm.analysis.sandbox import Sandbox_WinXP_x86_32
 from miasm.core.locationdb import LocationDB
 from miasm.os_dep import win_api_x86_32_seh
 from miasm.jitter.csts import *
@@ -36,15 +36,14 @@ def return_from_seh(jitter):
 # Insert here user defined methods
 
 # Parse arguments
-parser = Sandbox_Win_x86_32.parser(description="PE sandboxer")
-parser.add_argument("filename", help="PE Filename")
+parser = Sandbox_WinXP_x86_32.parser(description="PE sandboxer")
 options = parser.parse_args()
 options.usesegm = True
 options.use_windows_structs = True
 
 # Create sandbox
 loc_db = LocationDB()
-sb = Sandbox_Win_x86_32(loc_db, options.filename, options, globals())
+sb = Sandbox_WinXP_x86_32(loc_db, options, globals())
 
 # Install Windows SEH callbacks
 sb.jitter.add_exception_handler(EXCEPT_ACCESS_VIOL, deal_exception_access_violation)

example/jitter/trace.py

@@ -38,7 +38,6 @@ def mem_write(self, dest, data):
 
 # Parse arguments
 parser = Sandbox_Linux_arml.parser(description="Tracer")
-parser.add_argument("filename", help="ELF Filename")
 options = parser.parse_args()
 
 # Use our memory tracker
@@ -47,7 +46,7 @@ def mem_write(self, dest, data):
 # Create sandbox, forcing Python jitter
 options.jitter = "python"
 loc_db = LocationDB()
-sb = Sandbox_Linux_arml(loc_db, options.filename, options, globals())
+sb = Sandbox_Linux_arml(loc_db, options, globals())
 
 # Force jit one instr per call, and register our callback
 sb.jitter.jit.set_options(jit_maxline=1, max_exec_per_call=1)

example/jitter/unpack_upx.py

@@ -1,7 +1,8 @@
 from __future__ import print_function
+from pdb import pm
 import os
 import logging
-from miasm.analysis.sandbox import Sandbox_Win_x86_32
+from miasm.analysis.sandbox import Sandbox_WinXP_x86_32
 from miasm.jitter.loader.pe import vm2pe
 from miasm.core.locationdb import LocationDB
 
@@ -24,28 +25,33 @@ def kernel32_GetProcAddress(jitter):
 
     # Get the generated address of the library, and store it in memory to
     # dst_ad
-    ad = sb.libs.lib_get_add_func(args.libbase, fname, dst_ad)
+    name = sb.loader.module_base_address_to_name[args.libbase]
+    addr = sb.loader.resolve_function(name, fname, dst_ad=dst_ad)
     # Add a breakpoint in case of a call on the resolved function
     # NOTE: never happens in UPX, just for skeleton
-    jitter.handle_function(ad)
+    jitter.handle_function(addr)
 
-    jitter.func_ret_stdcall(ret_ad, ad)
+    jitter.func_ret_stdcall(ret_ad, addr)
 
 
-parser = Sandbox_Win_x86_32.parser(description="Generic UPX unpacker")
-parser.add_argument("filename", help="PE Filename")
+parser = Sandbox_WinXP_x86_32.parser(description="Generic UPX unpacker")
 parser.add_argument('-v', "--verbose",
                     help="verbose mode", action="store_true")
+
+"""
+parser.add_argument("filename", help="PE Filename")
+"""
+
 parser.add_argument("--graph",
                     help="Export the CFG graph in graph.dot",
                     action="store_true")
+
 options = parser.parse_args()
 options.load_hdr = True
 
 loc_db = LocationDB()
-sb = Sandbox_Win_x86_32(
-    loc_db, options.filename, options, globals(),
-    parse_reloc=False
+sb = Sandbox_WinXP_x86_32(
+    loc_db, options, globals()
 )
 
 
@@ -58,7 +64,7 @@ def kernel32_GetProcAddress(jitter):
     print(sb.jitter.vm)
 
 # Ensure there is one and only one leave (for OEP discovering)
-mdis = sb.machine.dis_engine(sb.jitter.bs, loc_db=loc_db)
+mdis = sb.arch.machine.dis_engine(sb.jitter.bs, loc_db=loc_db)
 mdis.dont_dis_nulstart_bloc = True
 asmcfg = mdis.dis_multiblock(sb.entry_point)
 
@@ -103,7 +109,7 @@ def stop(jitter):
 # vm2pe will:
 # - set the new entry point to the current address (ie, the OEP)
 # - dump each section from the virtual memory into the new PE
-# - use `sb.libs` to generate a new import directory, and use it in the new PE
+# - use `sb.loader` to generate a new import directory, and use it in the new PE
 # - save the resulting PE in `out_fname`
 
-vm2pe(sb.jitter, out_fname, libs=sb.libs, e_orig=sb.pe)
+vm2pe(sb.jitter, out_fname, loader=sb.loader, e_orig=sb.pe)

example/symbol_exec/dse_crackme.py

@@ -68,7 +68,6 @@ def xxx_fclose(jitter):
 
 # Create sandbox
 parser = Sandbox_Linux_x86_64.parser(description="ELF sandboxer")
-parser.add_argument("filename", help="ELF Filename")
 parser.add_argument("--strategy",
                     choices=["code-cov", "branch-cov", "path-cov"],
                     help="Strategy to use for solution creation",
@@ -77,7 +76,7 @@ def xxx_fclose(jitter):
 options.mimic_env = True
 options.command_line = ["%s" % TEMP_FILE.name]
 loc_db = LocationDB()
-sb = Sandbox_Linux_x86_64(loc_db, options.filename, options, globals())
+sb = Sandbox_Linux_x86_64(loc_db, options, globals())
 
 # Init segment
 sb.jitter.lifter.do_stk_segm = True
@@ -261,7 +260,7 @@ def xxx_puts_symb(dse):
 dse.cur_solver.add(z3_file_size < 0x10)
 
 # Register symbolic stubs for extern functions (xxx_puts_symb, ...)
-dse.add_lib_handler(sb.libs, globals())
+dse.add_lib_handler(sb.loader, globals())
 
 # Automatic exploration of solution
 

miasm/analysis/dse.py

@@ -247,8 +247,8 @@ def add_handler(self, addr, callback):
         @callback: func(dse instance)"""
         self.handler[addr] = callback
 
-    def add_lib_handler(self, libimp, namespace):
-        """Add search for handler based on a @libimp libimp instance
+    def add_lib_handler(self, loader, namespace):
+        """Add search for handler based on a @loader Loader instance
 
         Known functions will be looked by {name}_symb or {name}_{ord}_symb in the @namespace
         """
@@ -258,14 +258,14 @@ def add_lib_handler(self, libimp, namespace):
 
         # lambda cannot contain statement
         def default_func(dse):
-            fname = libimp.fad2cname[dse.jitter.pc]
+            fname = loader.module_base_address_to_name(dse.jitter.pc)
             if isinstance(fname, tuple):
                 fname = b"%s_%d_symb" % (force_bytes(fname[0]), fname[1])
             else:
                 fname = b"%s_symb" % force_bytes(fname)
             raise RuntimeError("Symbolic stub '%s' not found" % fname)
 
-        for addr, fname in viewitems(libimp.fad2cname):
+        for addr, fname in viewitems(loader.function_address_to_canonical_name):
             if isinstance(fname, tuple):
                 fname = b"%s_%d_symb" % (force_bytes(fname[0]), fname[1])
             else: