You are not logged in.
Pages: 1
Wow, what a cool forum.
Rainbows-And-Pwnies-Tools, or "rt" for short, is a set of libraries for dissecting executables. You can think of it as an easier to use version of the Binary File Descriptor. rt then breaks this functionality out into lua, so that you can script out your disassembly tasks. You should be able to write one tool and have it work on multiple executable formats in 32-bit and 64-bit x86.
Here's a short video: http://www.youtube.com/watch?v=sGaSVu9_mnM
And here's the source: https://github.com/endeav0r/Rainbows-And-Pwnies-Tools
Here's a quote from the readme:
First and foremost, rt is a C library for easily and generically working with 32 and 64-bit binary formats. Currently is supports ELF and a subsect of the PE format.
Second, rt breaks much of this functionality out into the lua scripting language. This allows you to write one lua script which work on 32 and 64-bit x86 in a variety of formats. For example, if you wanted to find all of the mov instructions, you could implement that in a lua script (as of this writing) as follows:
dofile('stdlib/stdlib.lua') exec = exec_t.new(argv[1]) sections = exec:sections() for ss, s in pairs(sections) do if table.contains(s:types(), 'executable') then print(TERM_COLOR_MAGENTA .. TERM_BOLD .. s:name() .. TERM_NORMAL .. TERM_COLOR_DEFAULT) for ii, ins in pairs(s:disassemble()) do if ins['mnemonic'] == 'mov' then print(ins['address']:strx() .. ' ' .. ins['description']) end end end endYou'll notice we make use of a few variables and functions created for our convenience. These can be found in the stdlib/ directory.
Finally, rt now has a command line lua interpreter, allowing you to script your disassembly away to your heart's content.
Still very much a work in progress. Let me know what you think.
Offline
Pages: 1