static function r2_functions($binary) { #calculate code_start and code_end $code_section = Binary::codeSection($binary); $imagebase = Pefile::imagebase($binary); $code_start = hexdec($code_section["va"]) + hexdec($imagebase); $code_end = hexdec($code_section["va"]) + hexdec($imagebase) + hexdec($code_section["srd"]["value"]); $cmd = "echo \"aa;af;e scr.interactive=false;echo BEGIN;afj\"|" . Config::$radare2_path . "/radare2 {$binary}"; @ob_start(); system($cmd); $res = ob_get_contents(); ob_end_clean(); $out = ""; $res = preg_replace("/.*BEGIN/s", "", $res); $res = preg_replace("/\\033\\[2K.*/s", "", $res); $items = array(); $lines = json_decode($res); if (count($lines)) { foreach ($lines as $line) { $item = array(); $item["address"] = "0x" . dechex($line->offset); $item["size"] = $line->size; $item["cc"] = $line->cc; $item["name"] = $line->name; $item["type"] = $line->type; $item["callrefs"] = count($line->callrefs); $item["datarefs"] = count($line->datarefs); if (hexdec($item["address"]) >= $code_start && hexdec($item["address"]) <= $code_end) { $item["incodesec"] = 1; } else { $item["incodesec"] = 0; } array_push($items, $item); } } @usort($items, array(self, "cmp_functions")); return $items; }
<?php $packerid = Pefile::packerid($vars["binary"], true); $compiler = Pefile::compiler($vars["binary"]); $timedatestamp = Pefile::timedatestamp($vars["binary"]); ?> <div class="row clearfix"> <div class="col-md-12 column"> <table class="table table-bordered"> <thead> <tr> <td width=20% class="active">MD5</td> <td><?php echo $vars["md5"]; ?> </td> </tr> <tr> <td class="active">File Size</td> <td><?php echo Binary::filesize($vars["binary"]); ?> </td> </tr> <tr> <td class="active">File Type</td> <td><?php echo Binary::magic($vars["binary"]); ?> </td> </tr>
if (file_exists($binary)) { if ($action == "res_offsets") { print $html_res_offsets; preg_match_all("/RT_ICON (.+)/", $html_res_offsets, $i); $count = 0; foreach ($i[1] as $icon) { $count++; list($offset_d, $size, $offset) = preg_split("/\\s/", $icon); print "<img src=\"?report={$md5}&icon={$count}\" class=\"img-thumbnail\" title=\"RT_ICON@" . $offset . "\">"; } preg_match_all("/RT_BITMAP (.+)/", $html_res_offsets, $i); $count = 0; foreach ($i[1] as $bitmap) { $count++; list($offset_d, $size, $offset) = preg_split("/\\s/", $bitmap); print "<img src=\"?report={$md5}&bitmap={$count}\" class=\"img-thumbnail\" title=\"RT_BITMAP@" . $offset . "\">"; } } else { $html = Pefile::call($action, $binary); print $html; } } else { print "Binary not found.. removed?"; } ?> </p> </div> </div> </div> </div>
<?php } if ($version) { ?> <div class="modal fade" id="modal-container-VERSION" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"> <div class="modal-dialog" style="width:70%"> <div class="modal-content"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h4 class="modal-title" id="myModalLabel"> RT_VERSION </h4> </div> <div class="modal-body"> <pre><?php print htmlentities(Pefile::fileinfo($binary, true)); ?> </pre> </div> <div class="modal-footer"> <button type="button" class="btn btn-default" data-dismiss="modal">Close</button> </div> </div> </div> </div> <?php } if (isset($_GET["rcdata"])) { print Templates::Load("templates/misc/rcdata_dump.php", array(""));
$md5 = Common::getMD5("report"); $icon = Common::getInteger("icon"); $binary = "uploads/{$md5}.bin"; @ob_clean(); if (!file_exists($binary)) { $path = "img/computers.jpg"; header("Content-Type: image/jpg"); print file_get_contents($path); } else { $cache_icon = "cache/{$md5}" . "_icon_" . $icon . ".bmp"; if (!file_exists($cache_icon)) { $count = 0; $offset = 0; $size = 0; $b = new Binary($binary); $html = Pefile::call("res_offsets", $binary); preg_match_all("/RT_ICON (.+)/", $html, $i); if ($icon > count($i[1])) { die; } foreach ($i[1] as $icn) { $count++; if ($count == $icon) { list($va, $offset_d, $size, $offset) = preg_split("/\\s/", $icn); break; } } list($width, $height) = getIconWH($b, $html, $icon); //print "width: ".ord($width)." height: ".ord($height); $out = $b->headerOf("RT_ICON", $width, $height); $out .= $b->readBytesAtOffset($offset, $size);
<div class="col-md-10 column"> <p> <?php if (file_exists($binary)) { if (preg_match("/^radare2\\/(rabin2|rahash2)/", $app)) { print Radare2::call($app, $fun, $binary); } if (preg_match("/^radare2\\/radare2/", $app)) { $functions = Radare2::r2_functions($binary); $codesize = Binary::codeSize($binary); $entrypoint = Pefile::entrypoint($binary); print Templates::Load("templates/art/drawing3.php", array("functions" => $functions, "codesize" => $codesize, "entrypoint" => $entrypoint, "md5" => $md5)); print Templates::Load("templates/radare2/r2_functions.php", array("functions" => $functions, "md5" => $md5)); } if (preg_match("/^pefile/", $app)) { print Pefile::call($fun, $binary); } if (preg_match("/^monodis/", $app)) { if ($fun == "presources") { print Templates::Load("templates/mono/presources.php", array("presources" => $presources, "binary" => $binary, "md5" => $md5)); } else { print Mono::call($fun, $binary); } } } else { print "Binary not found.. removed?"; } ?> </p> </div> </div>
print Templates::Load("templates/art/draw_sections.php", array("version" => Binary::version($binary), "magic" => Binary::magic($binary), "resources" => $resources, "sections" => $sections, "md5" => $md5)); } if ($action == "dump_res") { print Templates::Load("templates/misc/resources.php", array("resources" => $resources)); print Templates::Load("templates/art/draw_resources.php", array("resources" => $resources, "filesize" => Binary::filesize($binary, false), "md5" => $md5, "res_size" => Binary::resourcesSize($binary), "res_comp" => Binary::resourcesCompression($binary))); } if ($action == "imports") { print Templates::Load("templates/misc/imports.php", array("imports" => $imports)); } if ($action == "strings") { print Templates::Load("templates/misc/strings.php", array("binary" => $binary)); } if ($action == "graph") { print Templates::Load("templates/misc/graph.php", array("binary" => $binary, "md5" => $md5)); } if ($action == "art") { $codesize = Binary::codeSize($binary); $entrypoint = Pefile::entrypoint($binary); print Templates::Load("templates/art/drawing3.php", array("functions" => Radare2::r2_functions($binary), "md5" => $md5, "codesize" => $codesize, "entrypoint" => $entrypoint)); } } else { print "Binary not found.. removed?"; } ?> </p> </div> </div> </div> </div>