Module: Pwnlib::Util::Getdents

Defined in:: lib/pwnlib/util/getdents.rb

Overview

Helper methods related to getdents syscall.

Defined Under Namespace

Classes: Dirent

Constant Summary collapse

DT_TYPE_INVERSE = For inverse mapping of linux_dirent#d_type. man getdents to see more information.

{
  0 => 'UNKNOWN',
  1 => 'FIFO',
  2 => 'CHR',
  4 => 'DIR',
  6 => 'BLK',
  8 => 'REG',
  10 => 'LNK',
  12 => 'SOCK'
}.freeze

Class Method Summary collapse

.parse(binstr) ⇒ String

Parse the output of getdents syscall.

Class Method Details

.parse(binstr) ⇒ `String`

Parse the output of getdents syscall. For users to handle the shit-like output by shellcraft.ls (e.g. Shellcraft::Generators::X86::Linux#ls).

Examples:

context.arch = 'i386'
Util::Getdents.parse("\x92\x22\x0e\x01\x8f\x4a\xb3\x41" \
                      "\x18\x00\x52\x45\x41\x44\x4d\x45" \
                      "\x2e\x6d\x64\x00\x00\x00\x00\x08" \
                      "\xb5\x10\x34\x01\xff\xff\xff\x7f" \
                      "\x10\x00\x6c\x69\x62\x00\x00\x04")
#=> "REG README.md\nDIR lib\n"

Parameters:

binstr (String) —

The content returns by getdents syscall.

Returns:

(String) —

Formatted output of filenames with file types.

# File 'lib/pwnlib/util/getdents.rb', line 69

def parse(binstr)
  str = StringIO.new(binstr)
  result = StringIO.new
  until str.eof?
    ent = Dirent.new(endian: context.endian.to_sym)
    ent.bits = context.bits
    ent.read(str)
    # NOTE: d_name might contains garbage after first "\x00", so we use gsub(/\x00.*/) instead of delete("\x00").
    result.puts("#{DT_TYPE_INVERSE[ent.d_type]} #{ent.d_name.gsub(/\x00.*/, '')}")
  end
  result.string
end