From 48cc13484b1835496dfd6741a33afcbdc62dc44e Mon Sep 17 00:00:00 2001
From: br0kej <br0kej@protonmail.com>
Date: Sat, 16 Nov 2024 15:12:32 +0000
Subject: [PATCH] Adding extraction support for strings

---
 src/extract.rs | 36 ++++++++++++++++++++++++++++++++++++
 src/main.rs    |  6 +++++-
 2 files changed, 41 insertions(+), 1 deletion(-)

diff --git a/src/extract.rs b/src/extract.rs
index d0a3733..77c7a24 100644
--- a/src/extract.rs
+++ b/src/extract.rs
@@ -42,6 +42,7 @@ pub enum ExtractionJobType {
     PCodeFunc,
     PCodeBB,
     LocalVariableXrefs,
+    GlobalStrings
 }
 
 #[derive(Debug)]
@@ -313,6 +314,19 @@ pub struct Writes {
     pub addrs: Vec<i64>,
 }
 
+#[derive(Default, Debug, Clone, PartialEq, Serialize, Deserialize)]
+pub struct StringEntry {
+    pub vaddr: i64,
+    pub paddr: i64,
+    pub ordinal: i64,
+    pub size: i64,
+    pub length: i64,
+    pub section: String,
+    #[serde(rename = "type")]
+    pub type_field: String,
+    pub string: String,
+}
+
 impl ExtractionJob {
     pub fn new(
         input_path: &PathBuf,
@@ -348,6 +362,7 @@ impl ExtractionJob {
                 "pcode-func" => Ok(ExtractionJobType::PCodeFunc),
                 "pcode-bb" => Ok(ExtractionJobType::PCodeBB),
                 "localvar-xrefs" => Ok(ExtractionJobType::LocalVariableXrefs),
+                "strings" => Ok(ExtractionJobType::GlobalStrings),
                 _ => bail!("Incorrect command type - got {}", mode),
             }
         }
@@ -592,6 +607,8 @@ impl FileToBeProcessed {
             r2p.close();
             info!("r2p closed");
 
+
+
             info!("Writing extracted data to file");
             self.write_to_json(&json!(function_decomp))
         } else {
@@ -704,6 +721,25 @@ impl FileToBeProcessed {
         }
     }
 
+    pub fn extract_global_strings(&self) {
+        info!("Stating Global String Extraction");
+        let mut r2p = self.setup_r2_pipe();
+        let json = r2p.cmd("izj");
+        r2p.close();
+        info!("r2p closed");
+
+        if json.is_ok() {
+            let json = json.unwrap();
+            debug!("{}", json);
+            let json_obj: Vec<StringEntry> =
+                serde_json::from_str(&json).expect("Unable to convert to JSON object!");
+
+            self.write_to_json(&json!(json_obj))
+        } else {
+            error!("Failed to execute axj command successfully")
+        }
+    }
+
     // r2 commands to structs
     fn get_ghidra_pcode_function(
         &self,
diff --git a/src/main.rs b/src/main.rs
index f67fba6..6b06102 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -281,7 +281,7 @@ enum Commands {
         output_dir: PathBuf,
 
         /// The extraction mode
-        #[arg(short, long, value_name = "EXTRACT_MODE", value_parser = clap::builder::PossibleValuesParser::new(["finfo", "reg", "cfg", "func-xrefs","cg", "decomp", "pcode-func", "pcode-bb", "localvar-xrefs"])
+        #[arg(short, long, value_name = "EXTRACT_MODE", value_parser = clap::builder::PossibleValuesParser::new(["finfo", "reg", "cfg", "func-xrefs","cg", "decomp", "pcode-func", "pcode-bb", "localvar-xrefs", "strings"])
         .map(|s| s.parse::<String>().unwrap()),)]
         mode: String,
 
@@ -1152,6 +1152,10 @@ fn main() {
                     job.files_to_be_processed[0].extract_pcode_basic_block()
                 } else if job.job_type == ExtractionJobType::LocalVariableXrefs {
                     job.files_to_be_processed[0].extract_local_variable_xrefs()
+                } else if job.job_type == ExtractionJobType::GlobalStrings {
+                    job.files_to_be_processed[0].extract_global_strings()
+                } else {
+                    error!("Unsupported ExtractionJobType of {:?}", job.job_type)
                 }
                 info!("Extraction complete for {:?}", fpath)
             }