Module: Rex::Arch

Defined in:
lib/rex/arch.rb,
lib/rex/arch/x86.rb,
lib/rex/arch/sparc.rb,
lib/rex/arch/zarch.rb,
lib/rex/arch/version.rb

Overview

This module provides generalized methods for performing operations that are architecture specific. Furthermore, the modules contained within this module provide features that are specific to a given architecture.

Defined Under Namespace

Modules: Sparc, X86, ZARCH

Constant Summary collapse

ARCH_ANY =

Architecture constants

'_any_'
ARCH_ALL = 
ARCH_TYPES   =
[
  ARCH_X86       = 'x86',
  ARCH_X86_64    = 'x86_64',
  ARCH_X64       = 'x64', # To be used for compatability with ARCH_X86_64
  ARCH_MIPS      = 'mips',
  ARCH_MIPSLE    = 'mipsle',
  ARCH_MIPSBE    = 'mipsbe',
  ARCH_MIPS64    = 'mips64',
  ARCH_MIPS64LE  = 'mips64le',
  ARCH_PPC       = 'ppc',
  ARCH_PPCE500V2 = 'ppce500v2',
  ARCH_PPC64     = 'ppc64',
  ARCH_PPC64LE   = 'ppc64le',
  ARCH_CBEA      = 'cbea',
  ARCH_CBEA64    = 'cbea64',
  ARCH_SPARC     = 'sparc',
  ARCH_SPARC64   = 'sparc64',
  ARCH_ARMLE     = 'armle',
  ARCH_ARMBE     = 'armbe',
  ARCH_AARCH64   = 'aarch64',
  ARCH_CMD       = 'cmd',
  ARCH_PHP       = 'php',
  ARCH_TTY       = 'tty',
  ARCH_JAVA      = 'java',
  ARCH_RUBY      = 'ruby',
  ARCH_DALVIK    = 'dalvik',
  ARCH_PYTHON    = 'python',
  ARCH_NODEJS    = 'nodejs',
  ARCH_FIREFOX   = 'firefox',
  ARCH_ZARCH     = 'zarch',
  ARCH_R         = 'r'
]
ENDIAN_LITTLE =

Endian constants

0
ENDIAN_BIG = 
1
IS_ENDIAN_LITTLE = 
( [1].pack('s') == "\x01\x00" ) ? true : false
IS_ENDIAN_BIG = 
( not IS_ENDIAN_LITTLE )
VERSION = 
"0.1.13"

Class Method Summary collapse

Class Method Details

.adjust_stack_pointer(arch, adjustment) ⇒ Object

This routine adjusts the stack pointer for a given architecture.



73
74
75
76
77
78
79
80
81
82
83
84
85
 
# File 'lib/rex/arch.rb', line 73

def self.adjust_stack_pointer(arch, adjustment)

  if arch.is_a?(::Array)
    arch = arch[0]
  end

  case arch
    when /x86/
      Rex::Arch::X86.adjust_reg(Rex::Arch::X86::ESP, adjustment)
    else
      nil
  end
end

.endian(arch) ⇒ Object

This routine reports the endianess of a given architecture



135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
 
# File 'lib/rex/arch.rb', line 135

def self.endian(arch)

  if ( arch.is_a?(::Array))
    arch = arch[0]
  end

  case arch
    when ARCH_X86
      return ENDIAN_LITTLE
    when ARCH_X86_64
      return ENDIAN_LITTLE
    when ARCH_X64
      return ENDIAN_LITTLE
    when ARCH_MIPS # ambiguous
      return ENDIAN_BIG
    when ARCH_MIPSLE
      return ENDIAN_LITTLE
    when ARCH_MIPSBE
      return ENDIAN_BIG
    when ARCH_MIPS64
      return ENDIAN_BIG
    when ARCH_MIPS64LE
      return ENDIAN_LITTLE
    when ARCH_PPC  # ambiguous
      return ENDIAN_BIG
    when ARCH_PPCE500V2
      return ENDIAN_BIG
    when ARCH_PPC64LE
      return ENDIAN_LITTLE
    when ARCH_SPARC
      return ENDIAN_BIG
    when ARCH_SPARC64
      return ENDIAN_BIG
    when ARCH_ARMLE
      return ENDIAN_LITTLE
    when ARCH_ARMBE
      return ENDIAN_BIG
    when ARCH_AARCH64
      return ENDIAN_LITTLE
    when ARCH_ZARCH
      return ENDIAN_BIG
  end

  return ENDIAN_LITTLE
end

.pack_addr(arch, addr) ⇒ Object

This route provides address packing for the specified arch



90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
 
# File 'lib/rex/arch.rb', line 90

def self.pack_addr(arch, addr)

  if ( arch.is_a?(::Array))
    arch = arch[0]
  end

  case arch
    when ARCH_X86
      [addr].pack('V')
    when ARCH_X86_64, ARCH_X64
      [addr].pack('Q<')
    when ARCH_MIPS # ambiguous
      [addr].pack('N')
    when ARCH_MIPSBE
      [addr].pack('N')
    when ARCH_MIPSLE
      [addr].pack('V')
    when ARCH_MIPS64
      [addr].pack('Q>')
    when ARCH_MIPS64LE
      [addr].pack('Q<')
    when ARCH_PPC  # ambiguous
      [addr].pack('N')
    when ARCH_PPCE500V2
      [addr].pack('N')
    when ARCH_PPC64LE
      [addr].pack('Q<')
    when ARCH_SPARC
      [addr].pack('N')
    when ARCH_SPARC64
      [addr].pack('Q>')
    when ARCH_ARMLE
      [addr].pack('V')
    when ARCH_ARMBE
      [addr].pack('N')
    when ARCH_AARCH64
      [addr].pack('Q<')
    when ARCH_ZARCH
      [addr].pack('Q>')
  end
end