Adding extraction support for strings

br0kej · Nov 16, 2024 · 48cc134 · 48cc134
1 parent 869e9d8
commit 48cc134
Show file tree

Hide file tree

Showing 2 changed files with 41 additions and 1 deletion.
diff --git a/src/extract.rs b/src/extract.rs
@@ -42,6 +42,7 @@ pub enum ExtractionJobType {
     PCodeFunc,
     PCodeBB,
     LocalVariableXrefs,
+    GlobalStrings
 }
 
 #[derive(Debug)]
@@ -313,6 +314,19 @@ pub struct Writes {
     pub addrs: Vec<i64>,
 }
 
+#[derive(Default, Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct StringEntry {
+    pub vaddr: i64,
+    pub paddr: i64,
+    pub ordinal: i64,
+    pub size: i64,
+    pub length: i64,
+    pub section: String,
+    #[serde(rename = "type")]
+    pub type_field: String,
+    pub string: String,
+}
+
 impl ExtractionJob {
     pub fn new(
         input_path: &PathBuf,
@@ -348,6 +362,7 @@ impl ExtractionJob {
                 "pcode-func" => Ok(ExtractionJobType::PCodeFunc),
                 "pcode-bb" => Ok(ExtractionJobType::PCodeBB),
                 "localvar-xrefs" => Ok(ExtractionJobType::LocalVariableXrefs),
+                "strings" => Ok(ExtractionJobType::GlobalStrings),
                 _ => bail!("Incorrect command type - got {}", mode),
             }
         }
@@ -592,6 +607,8 @@ impl FileToBeProcessed {
             r2p.close();
             info!("r2p closed");
 
+
+
             info!("Writing extracted data to file");
             self.write_to_json(&json!(function_decomp))
         } else {
@@ -704,6 +721,25 @@ impl FileToBeProcessed {
         }
     }
 
+    pub fn extract_global_strings(&self) {
+        info!("Stating Global String Extraction");
+        let mut r2p = self.setup_r2_pipe();
+        let json = r2p.cmd("izj");
+        r2p.close();
+        info!("r2p closed");
+
+        if json.is_ok() {
+            let json = json.unwrap();
+            debug!("{}", json);
+            let json_obj: Vec<StringEntry> =
+                serde_json::from_str(&json).expect("Unable to convert to JSON object!");
+
+            self.write_to_json(&json!(json_obj))
+        } else {
+            error!("Failed to execute axj command successfully")
+        }
+    }
+
     // r2 commands to structs
     fn get_ghidra_pcode_function(
         &self,

diff --git a/src/main.rs b/src/main.rs
@@ -281,7 +281,7 @@ enum Commands {
         output_dir: PathBuf,
 
         /// The extraction mode
-        #[arg(short, long, value_name = "EXTRACT_MODE", value_parser = clap::builder::PossibleValuesParser::new(["finfo", "reg", "cfg", "func-xrefs","cg", "decomp", "pcode-func", "pcode-bb", "localvar-xrefs"])
+        #[arg(short, long, value_name = "EXTRACT_MODE", value_parser = clap::builder::PossibleValuesParser::new(["finfo", "reg", "cfg", "func-xrefs","cg", "decomp", "pcode-func", "pcode-bb", "localvar-xrefs", "strings"])
         .map(|s| s.parse::<String>().unwrap()),)]
         mode: String,
 
@@ -1152,6 +1152,10 @@ fn main() {
                     job.files_to_be_processed[0].extract_pcode_basic_block()
                 } else if job.job_type == ExtractionJobType::LocalVariableXrefs {
                     job.files_to_be_processed[0].extract_local_variable_xrefs()
+                } else if job.job_type == ExtractionJobType::GlobalStrings {
+                    job.files_to_be_processed[0].extract_global_strings()
+                } else {
+                    error!("Unsupported ExtractionJobType of {:?}", job.job_type)
                 }
                 info!("Extraction complete for {:?}", fpath)
             }