aboutsummaryrefslogtreecommitdiff
path: root/get
blob: 9cb87bff86dba6ea7ff64f9eedb206fa6fc19a01 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#!/bin/bash
mkdir -p tmp db
die() {
  echo >&2 $1
  exit 1
}
dump_symbols() {
  readelf -Ws $1 | perl -n -e '/: (\w*).*?(\w+)@@GLIBC_/ && print "$2 $1\n"'
}
extract_label() {
  perl -n -e '/(\w+)/ && print $1'
}
dump_libc_start_main_ret() {
  local call_main=`objdump -D $1 \
    | grep -A 100 '<__libc_start_main>' \
    | grep call \
    | grep -B 1 '<exit>' \
    | head -n 1 \
    | extract_label`
  local offset=`objdump -D $1 | egrep -A 1 "(^| )$call_main:" | tail -n 1 | extract_label`
  if [[ "$offset" != "" ]]; then
    echo "__libc_start_main_ret $offset"
  fi
}
dump_bin_sh() {
  local offset=`strings -a -t x $1 | grep '/bin/sh' | extract_label`
  if [[ "$offset" != "" ]]; then
    echo "str_bin_sh $offset"
  fi
}
get_ubuntu() {
  local url="$1"
  local info="$2"
  echo "Getting $info"
  echo "  -> Location: $url"
  local id=`echo $url | perl -n -e '/(libc6[^\/]*)\./ && print $1'`
  echo "  -> ID: $id"
  if [[ -e db/${id}.info ]]; then
    echo "  -> Already have this version, 'rm db/${id}.*' to force"
    return
  fi
  echo "  -> Downloading package"
  rm -rf tmp/*
  wget $url 2>/dev/null -O tmp/pkg.deb || die "Failed to download package from $url"
  echo "  -> Extracting package"
  cd tmp
  ar x pkg.deb || die "ar failed"
  tar xf data.tar.* || die "tar failed"
  cd ..
  local libc=`find tmp -name libc.so.6 || die "Cannot locate libc.so.6"`
  echo "  -> Writing libc to db/${id}.so"
  cp $libc db/${id}.so
  echo "  -> Writing symbols to db/${id}.symbols"
  (dump_symbols $libc; dump_libc_start_main_ret $libc; dump_bin_sh $libc) \
     > db/${id}.symbols
  echo "  -> Writing version info"
  echo "$info" > db/${id}.info
}
get_current_ubuntu() {
  local version=$1
  local arch=$2
  local pkg=$3
  local info=ubuntu-$version-$arch-$pkg
  echo "Getting package location for ubuntu-$version-$arch"
  local url=`(wget http://packages.ubuntu.com/$version/$arch/$pkg/download -O - 2>/dev/null \
               | grep -oh 'http://[^"]*libc6[^"]*.deb') || die "Failed to get package version"`
  get_ubuntu $url $info
}
get_all_ubuntu() {
  local info=$1
  local url=$2
  for f in `wget $url/ -O - 2>/dev/null | egrep -oh 'libc6(-i386|-amd64)?_[^"]*' |grep -v "</a>"`; do
    get_ubuntu $url/$f $1
  done
}

get_current_ubuntu trusty i386 libc6
get_current_ubuntu trusty amd64 libc6
get_current_ubuntu trusty amd64 libc6-i386
get_current_ubuntu utopic i386 libc6
get_current_ubuntu utopic amd64 libc6
get_current_ubuntu utopic amd64 libc6-i386

get_all_ubuntu archive-eglibc http://security.ubuntu.com/ubuntu/pool/main/e/eglibc/
get_all_ubuntu archive-glibc http://security.ubuntu.com/ubuntu/pool/main/g/glibc/