7
8
9
10
11
12
13
14
15
16
17
18
19
20
..
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
..
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
-- giving cortav extra privileges
local includes = [[
#include <lua.h>
#include <lauxlib.h>
#include <stdio.h>
#include <stddef.h>
extern int luaL_openlibs(lua_State* l);
]]
local main = [[
int main(int argc, char** argv) {
lua_State* l = luaL_newstate();
................................................................................
// load and run our payload
int e = luaL_loadbufferx(l, ct_bytecode, sizeof(ct_bytecode), "cortav", "b");
if (e != LUA_OK) {
printf("some kind of error idk fam\n");
return -1;
}
lua_call(l, 0, 0);
// normal termination is by the os.exit() call
return -1;
}
]]
local function setfile(i, dflt, mode)
................................................................................
return dflt
end
local src = setfile(1, io.stdin, "rb")
local dest = setfile(2, io.stdout, "w")
local cstr = {}
local strtpl = 'static char ct_bytecode [%u] = {%s};'
local lines = {includes}
local bytes = {}
local bn = 1
local len = 0
while true do
local byte = src:read(1)
if not byte then break end
local str = tostring(byte:byte(1))..','
-- make sure our source file is parseable by
-- a compliant C compiler
len = len + string.len(str)
if len >= 4096 then
len = 0
bytes[bn]='\n'
bn = bn + 1
end
bytes[bn] = str
bn = bn + 1
end
table.insert(lines, strtpl:format(#bytes, table.concat(bytes)))
table.insert(lines, main)
dest:write(table.concat(lines, '\n'))
|
>
|
>
>
>
>
>
>
>
>
|
|
>
|
|
>
>
>
|
<
>
|
>
|
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
..
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
..
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
-- giving cortav extra privileges
local includes = [[
#include <lua.h>
#include <lauxlib.h>
#include <stdio.h>
#include <stddef.h>
#include <unistd.h>
extern int luaL_openlibs(lua_State* l);
]]
local main = [[
int main(int argc, char** argv) {
lua_State* l = luaL_newstate();
................................................................................
// load and run our payload
int e = luaL_loadbufferx(l, ct_bytecode, sizeof(ct_bytecode), "cortav", "b");
if (e != LUA_OK) {
printf("some kind of error idk fam\n");
return -1;
}
if (lua_pcall(l, 0, 0, 0) != LUA_OK) {
size_t len;
const char* msg = luaL_tolstring(l, -1, &len);
if (isatty(2)) {
fprintf(stderr, "\33[31;1m(fatal)\33[m %.*s\n", (int)len, msg);
} else {
fprintf(stderr, "(fatal) %.*s\n", (int)len, msg);
}
};
// normal termination is by the os.exit() call
return -1;
}
]]
local function setfile(i, dflt, mode)
................................................................................
return dflt
end
local src = setfile(1, io.stdin, "rb")
local dest = setfile(2, io.stdout, "w")
local cstr = {}
local strtpl = [[static char ct_bytecode [%u] = {
%s
};]]
local bytes = {}
local bn = 1
local len = 0
while true do
local byte = src:read(1)
if not byte then break end
local str = tostring(byte:byte(1))..','
-- make sure our source file is parseable by
-- a compliant C compiler
local strl = string.len(str)
if len + strl >= 4095 then
len = 0
bytes[bn]='\n'
bn = bn + 1
end
len = len + strl
bytes[bn] = str
bn = bn + 1
end
local lines = {
includes;
strtpl:format(#bytes, table.concat(bytes));
main;
}
dest:write(table.concat(lines, '\n'))
|