https://github.com/apachecn-archive/mipsaudit

https://github.com/apachecn-archive/mipsaudit

Science Score: 13.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (1.0%) to scientific vocabulary
Last synced: 10 months ago · JSON representation

Repository

Basic Info
  • Host: GitHub
  • Owner: apachecn-archive
  • Language: Python
  • Default Branch: master
  • Size: 233 KB
Statistics
  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • Open Issues: 0
  • Releases: 0
Created about 3 years ago · Last pushed about 3 years ago
Metadata Files
Readme Funding

README.md

IDAPython mipsAudit

简介

这是一个简单的IDAPython脚本。

进一步来说是MIPS静态汇编审计辅助脚本。

可能会有bug,欢迎大家完善。

功能

辅助脚本功能如下:

  1. 找到危险函数的调用处,并且高亮该行(也可以下断点,这个需要自己去源码看吧)

  2. 给参数赋值处加上注释

  3. 最后以表格的形式输出函数名,调用地址,参数,还有当前函数的缓冲区大小

大家双击addr那一列的地址,即可跳到对应的地址处

17cc62c98820974f8c759dc086dd5acb

28069d48cf3f357dd83e42406e10d980

审计的危险函数如下

``` dangerous_functions = [ "strcpy", "strcat",
"sprintf", "read", "getenv"
]

attention_function = [ "memcpy", "strncpy", "sscanf", "strncat", "snprintf", "vprintf", "printf" ]

commandexecutionfunction = [ "system", "execve", "popen", "unlink" ] ```

使用

File - Script file

1561006651468

选择mipsAudit.py

1561006737134

即可看到效果

mipsAudit

双击地址即可跳到对应的代码处

1561006887117

Owner

  • Name: ApacheCN 归档
  • Login: apachecn-archive
  • Kind: organization
  • Email: wizard.z@qq.com

防止重要项目丢失而设立的归档

GitHub Events

Total
Last Year