From 9616996dcd623a094bbe975f7e11118d33523afb Mon Sep 17 00:00:00 2001 From: Niklas Baumstark Date: Mon, 16 Mar 2015 22:32:07 +0100 Subject: initial commit --- get | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+) create mode 100755 get (limited to 'get') diff --git a/get b/get new file mode 100755 index 0000000..c0b222d --- /dev/null +++ b/get @@ -0,0 +1,82 @@ +#!/bin/bash +mkdir -p tmp db +die() { + echo >&2 $1 + exit 1 +} +dump_symbols() { + readelf -Ws $1 | perl -n -e '/: (\w*).*?(\w+)@@GLIBC_/ && print "$2 $1\n"' +} +extract_label() { + perl -n -e '/(\w+)/ && print $1' +} +dump_libc_start_main_ret() { + local call_main=`objdump -D $1 \ + | grep -A 100 '<__libc_start_main>' \ + | grep call \ + | grep -B 1 '' \ + | head -n 1 \ + | extract_label` + local offset=`objdump -D $1 | egrep -A 1 "(^| )$call_main:" | tail -n 1 | extract_label` + if [[ "$offset" != "" ]]; then + echo "__libc_start_main_ret $offset" + fi +} +dump_bin_sh() { + local offset=`strings -a -t x $1 | grep '/bin/sh' | extract_label` + if [[ "$offset" != "" ]]; then + echo "str_bin_sh $offset" + fi +} +get_ubuntu() { + local url="$1" + local info="$2" + echo "Getting $info" + echo " -> Location: $url" + local id=`echo $url | perl -n -e '/_(.*)\./ && print $1'` + echo " -> ID: $id" + if [[ -e db/${id}.info ]]; then + echo " -> Already have this version, 'rm db/${id}.*' to force" + return + fi + echo " -> Downloading package" + rm -rf tmp/* + wget $url 2>/dev/null -O tmp/pkg.deb || die "Failed to download package from $url" + echo " -> Extracting package" + cd tmp + ar x pkg.deb || die "ar failed" + tar xf data.tar.gz || die "tar failed" + cd .. + local libc=`find tmp -name libc.so.6 || die "Cannot locate libc.so.6"` + echo " -> Writing libc to db/${id}.so" + cp $libc db/${id}.so + echo " -> Writing symbols to db/${id}.symbols" + (dump_symbols $libc; dump_libc_start_main_ret $libc; dump_bin_sh $libc) \ + > db/${id}.symbols + echo " -> Writing version info" + echo "$info" > db/${id}.info +} +get_current_ubuntu() { + local version=$1 + local arch=$2 + local info=ubuntu-$version-$arch + echo "Getting package location for ubuntu-$version-$arch" + local url=`(wget http://packages.ubuntu.com/$version/$arch/libc6/download -O - 2>/dev/null \ + | grep -oh 'http://[^"]*libc6[^"]*.deb') || die "Failed to get package version"` + get_ubuntu $url $info +} +get_all_ubuntu() { + local info=$1 + local url=$2 + for f in `wget $url/ -O - 2>/dev/null | grep -oh 'libc6_[^"]*' |grep -v ""`; do + get_ubuntu $url/$f $1 + done +} + +get_current_ubuntu trusty i386 +get_current_ubuntu trusty amd64 +get_current_ubuntu utopic i386 +get_current_ubuntu utopic amd64 + +get_all_ubuntu archive-eglibc http://security.ubuntu.com/ubuntu/pool/main/e/eglibc/ +get_all_ubuntu archive-glibc http://security.ubuntu.com/ubuntu/pool/main/g/glibc/ -- cgit v1.2.3-54-g00ecf