2020-1-capstone-design1 / JJS_Project1

Go to a project
Toggle navigation Toggle navigation pinning
박우진
f3e2515e 1 parent 7aa79fdb

change mechanism

Inline Side-by-side
Showing 1 changed file with 84 additions and 1 deletions
...@@ -5,13 +5,91 @@ ...@@ -5,13 +5,91 @@
5 #include "llvm/Support/Alignment.h" 5 #include "llvm/Support/Alignment.h"
6 #include "llvm/Support/raw_ostream.h" 6 #include "llvm/Support/raw_ostream.h"
7 #include "llvm/IR/CFG.h" 7 #include "llvm/IR/CFG.h"
8 +#include <fstream>
8 using namespace llvm; 9 using namespace llvm;
9 10
10 namespace { 11 namespace {
11 struct ReturnObfuscation : public FunctionPass { 12 struct ReturnObfuscation : public FunctionPass {
12 static char ID; 13 static char ID;
13 - ReturnObfuscation() : FunctionPass(ID) {} 14 + ReturnObfuscation() : FunctionPass(ID) { }
15 +
16 +
17 +
14 bool runOnFunction(Function &F) override { 18 bool runOnFunction(Function &F) override {
19 + size_t num_retblocks;
20 + Module *mod = F.getParent();
21 + std::vector<Constant *> retblocks;
22 + // 함수 가져오기
23 + std::ifstream function_list;
24 + function_list.open("functions.txt");
25 + std::vector<Function *> functions;
26 + std::string line;
27 + while(getline(function_list, line)) {
28 + functions.push_back(mod->getFunction(line));
29 + }
30 + // 함수 별로 벡터에 집어넣기
31 + for (auto &Fn : functions) {
32 + for (auto &BB : (*Fn)) {
33 + if (BB.getName().equals("obfuscatedreturn")){
34 + Constant* retBlockAddress = BlockAddress::get(&BB);
35 + retblocks.push_back(retBlockAddress);
36 + }
37 + }
38 + }
39 +
40 + num_retblocks = retblocks.size();
41 +
42 + ArrayType* array_in = ArrayType::get(IntegerType::get(mod->getContext(), 8), 20);
43 + ArrayType* array_out = ArrayType::get(array_in, 50);
44 + PointerType* array_ptr = PointerType::get(array_out, 0);
45 + ConstantInt* const_int_0 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("0"), 10));
46 + std::vector<Type*> Func_deobfus_type_args;
47 + FunctionType* Func_deobfus_type = FunctionType::get(
48 + IntegerType::get(mod->getContext(), 32),
49 + Func_deobfus_type_args,
50 + false
51 + );
52 +
53 + Function* Func_deobfus = mod->getFunction("func_deobfus");
54 + if (!Func_deobfus) {
55 + Func_deobfus = Function::Create(
56 + Func_deobfus_type,
57 + GlobalValue::ExternalLinkage,
58 + "func_deobfus", mod
59 + );
60 + Func_deobfus->setCallingConv(CallingConv::C);
61 + AttributeList Func_deobfus_att_list;
62 + SmallVector<AttributeList, 4> Attrs;
63 + AttributeList PAS;
64 + AttrBuilder B;
65 + B.addAttribute(Attribute::NoInline);
66 + B.addAttribute(Attribute::NoRecurse);
67 + B.addAttribute(Attribute::NoUnwind);
68 + B.addAttribute(Attribute::OptimizeNone);
69 + PAS = AttributeList::get(mod->getContext(), ~0U, B);
70 + Attrs.push_back(PAS);
71 + Func_deobfus_att_list = AttributeList::get(mod->getContext(), Attrs);
72 + Func_deobfus->setAttributes(Func_deobfus_att_list);
73 + if (Func_deobfus->size() == 0) {
74 + GlobalVariable* gvar_ret_inst_list = new GlobalVariable(*mod,
75 + array_out,
76 + false,
77 + GlobalValue::ExternalLinkage,
78 + 0,
79 + "ret_inst_list");
80 + gvar_ret_inst_list->setAlignment(MaybeAlign(16));
81 +
82 + BasicBlock* obfus_entry = BasicBlock::Create(mod->getContext(), "entry", Func_deobfus);
83 + for (size_t i = 0; i < num_retblocks; i++) {
84 + PointerType* ret_func_ptr = PointerType::get(IntegerType::get(mod->getContext(), 8), 0);
85 + AllocaInst* ptr_this_ret = new AllocaInst(ret_func_ptr, NULL, "ptr", obfus_entry);;
86 + StoreInst* void_17 = new StoreInst(retblocks[i], ptr_this_ret, false, obfus_entry);
87 + }
88 + ReturnInst::Create(mod->getContext(), const_int_0, obfus_entry);
89 +
90 + }
91 + }
92 + /*
15 Module* mod = F.getParent(); 93 Module* mod = F.getParent();
16 ArrayType* return_array = ArrayType::get(IntegerType::get(mod->getContext(), 8), 12); 94 ArrayType* return_array = ArrayType::get(IntegerType::get(mod->getContext(), 8), 12);
17 PointerType* return_array_ptr = PointerType::get(return_array, 0); 95 PointerType* return_array_ptr = PointerType::get(return_array, 0);
...@@ -123,6 +201,8 @@ namespace { ...@@ -123,6 +201,8 @@ namespace {
123 ldr_ptr_this_ret->setAlignment(MaybeAlign(4)); 201 ldr_ptr_this_ret->setAlignment(MaybeAlign(4));
124 GetElementPtrInst* get_func_ptr_idx = GetElementPtrInst::Create(cast<PointerType>(ldr_ptr_this_ret->getType()->getScalarType())->getElementType(), ldr_ptr_this_ret, ldr_i_data_2, "arrayidx1", decrypt_ing); 202 GetElementPtrInst* get_func_ptr_idx = GetElementPtrInst::Create(cast<PointerType>(ldr_ptr_this_ret->getType()->getScalarType())->getElementType(), ldr_ptr_this_ret, ldr_i_data_2, "arrayidx1", decrypt_ing);
125 get_func_ptr_idx->setIsInBounds(true); 203 get_func_ptr_idx->setIsInBounds(true);
204 +
205 +
126 LoadInst* ldr_func_ptr_idx = new LoadInst(get_func_ptr_idx, "", false, decrypt_ing); 206 LoadInst* ldr_func_ptr_idx = new LoadInst(get_func_ptr_idx, "", false, decrypt_ing);
127 ldr_func_ptr_idx->setAlignment(MaybeAlign(1)); 207 ldr_func_ptr_idx->setAlignment(MaybeAlign(1));
128 208
...@@ -175,6 +255,8 @@ namespace { ...@@ -175,6 +255,8 @@ namespace {
175 str_i_data_4->setAlignment(MaybeAlign(4)); 255 str_i_data_4->setAlignment(MaybeAlign(4));
176 BranchInst::Create(decrypt_cond, decrypt_add); 256 BranchInst::Create(decrypt_cond, decrypt_add);
177 257
258 +
259 +
178 LoadInst* ldr_ret_array = new LoadInst(ret_array_ptr, "", false, decrypt_end); 260 LoadInst* ldr_ret_array = new LoadInst(ret_array_ptr, "", false, decrypt_end);
179 ldr_ret_array->setAlignment(MaybeAlign(4)); 261 ldr_ret_array->setAlignment(MaybeAlign(4));
180 262
...@@ -187,6 +269,7 @@ namespace { ...@@ -187,6 +269,7 @@ namespace {
187 void_41->addDestination(BB); 269 void_41->addDestination(BB);
188 errs().write_escaped(F.getName()) << " " << F.getParent()->getName() << '\n'; 270 errs().write_escaped(F.getName()) << " " << F.getParent()->getName() << '\n';
189 } 271 }
272 + */
190 return true; 273 return true;
191 } 274 }
192 275
......