├── README.md ├── allstar ├── __init__.py ├── allstar.py ├── error.py ├── util.py └── version.py ├── evm - BsidesDC - ChallengeProblemsForStaticAnalysis.pdf └── evm - Jailbreak2019 - ChallengeProblemsForStaticAnalysis.pdf /README.md: -------------------------------------------------------------------------------- 1 | # ALLSTAR 2 | Assembled Labeled Library for Static Analysis Research - Debian packages built for 6 architectures, storing compiler artifacts, binaries and symbols. 3 | Available at http://allstar.jhuapl.edu 4 | 5 | -------------------------------------------------------------------------------- /allstar/__init__.py: -------------------------------------------------------------------------------- 1 | from .allstar import Repo, Package 2 | -------------------------------------------------------------------------------- /allstar/allstar.py: -------------------------------------------------------------------------------- 1 | ############################################################################################## 2 | # Copyright 2021 The Johns Hopkins University Applied Physics Laboratory LLC 3 | # All rights reserved. 4 | # Permission is hereby granted, free of charge, to any person obtaining a copy of this 5 | # software and associated documentation files (the "Software"), to deal in the Software 6 | # without restriction, including without limitation the rights to use, copy, modify, 7 | # merge, publish, distribute, sublicense, and/or sell copies of the Software, and to 8 | # permit persons to whom the Software is furnished to do so. 9 | # 10 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 11 | # INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 12 | # PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 13 | # LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, 14 | # TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE 15 | # OR OTHER DEALINGS IN THE SOFTWARE. 16 | # 17 | # HAVE A NICE DAY. 18 | 19 | import json 20 | import requests 21 | from urllib.parse import urljoin 22 | from collections import defaultdict 23 | from . import util 24 | from .error import AllstarPackageError 25 | 26 | BASE_URL = "https://allstar.jhuapl.edu" 27 | 28 | 29 | class Repo(object): 30 | """A Repo represents an architecture repository of the ALLSTAR dataset. 31 | 32 | The ALLSTAR site will return JSON information about the repository and 33 | all packages in that repository. This class is a simple wrapper that 34 | can query the appropriate URLs and return Python objects. 35 | 36 | Example: 37 | r = Repo('amd64') 38 | for pkg in r.packages(): 39 | pobj = r.package(pkg) 40 | for binary in pobj.get_binaries(): 41 | process(binary) 42 | """ 43 | 44 | def __init__(self, arch, base_url=BASE_URL): 45 | """Inits Repo class for a specified architecture. 46 | 47 | Args: 48 | arch: Architecture to query. Valid architectures are: 49 | 'amd64', 'armel', 'i386', 'mipsel', 'ppc64el', and 's390x' 50 | """ 51 | self.arch = arch 52 | self.base_url = base_url 53 | self.rsession = requests.Session() 54 | 55 | self.packages_by_name = {} 56 | self.packages_by_part = defaultdict(list) 57 | self._generate_package_list() 58 | 59 | def _generate_package_list(self): 60 | for part in range(1, 5): 61 | url = urljoin(self.base_url, 62 | '/repo/jessie-list-p{}-final.txt'.format(part)) 63 | r = self.rsession.get(url) 64 | 65 | for pkg in r.text.split(): 66 | self.packages_by_name[pkg] = part 67 | self.packages_by_part[part].append(pkg) 68 | 69 | def packages(self): 70 | """Get a list of all packages that are in the repo. 71 | 72 | Returns: 73 | A list of strings with the names of all packages. 74 | """ 75 | return list(self.packages_by_name.keys()) 76 | 77 | def package(self, pkg): 78 | return Package(pkg, self.arch, 79 | self.base_url) 80 | 81 | 82 | class Package(object): 83 | """A Package represents a package in the ALLSTAR dataset. 84 | """ 85 | 86 | def __init__(self, name, arch, base_url=BASE_URL): 87 | self.name = name 88 | self.arch = arch 89 | self.part = util.package_part(self.name) 90 | self.base = urljoin(base_url, 91 | f'/repo/p{self.part}/{self.arch}/{self.name}/') 92 | 93 | self.rsession = requests.Session() 94 | index_url = urljoin(self.base, 'index.json') 95 | resp = self.rsession.get(index_url) 96 | if resp.status_code == 404: 97 | raise AllstarPackageError(f'No such package: {self.name}') 98 | index_json = resp.text 99 | try: 100 | self.index = json.loads(index_json) 101 | except json.JSONDecodeError: 102 | index_json = self._fix_index(index_json) 103 | self.index = json.loads(index_json) 104 | 105 | self.documentation = self.index['documentation'] 106 | self.binaries = self.index['binaries'] 107 | 108 | def _fix_index(self, index): 109 | """Deal with buggy json from ALLSTAR 110 | Have to change multiple "manual" entries to a json list 111 | """ 112 | index_offset = 0 113 | 114 | while True: 115 | mans_start = index.find('"manual": ', index_offset) 116 | if mans_start == -1: 117 | break 118 | mans_start = mans_start + len('"manual": ') 119 | 120 | # Need to skip the '"' that's at start 121 | mans_end = index.find('"', mans_start + 1) 122 | if mans_end == -1: 123 | break 124 | # Want the '"' at the end 125 | mans_end = mans_end + 1 126 | 127 | mans = index[mans_start:mans_end] 128 | fixed_mans = '",\n"'.join(mans.split('\n')) 129 | index = f'{index[:mans_start]} [ {fixed_mans} ]\n {index[mans_end:]}' 130 | 131 | index_offset = mans_end 132 | 133 | return index 134 | 135 | def has_binaries(self): 136 | return len(self.binaries) > 0 137 | 138 | def get_binaries(self): 139 | ret = [] 140 | for b in self.binaries: 141 | name = b['name'] 142 | url = urljoin(self.base, f'{name}') 143 | r = self.rsession.get(url) 144 | ret.append({'name': name, 145 | 'content': r.content}) 146 | return ret 147 | 148 | def get_gimples(self): 149 | ret = [] 150 | for b in self.binaries: 151 | for u in b['units']: 152 | if 'gimple' in u: 153 | name = u['gimple'] 154 | url = urljoin(self.base, name) 155 | r = self.rsession.get(url) 156 | ret.append({'name': name, 157 | 'content': r.content}) 158 | return ret 159 | -------------------------------------------------------------------------------- /allstar/error.py: -------------------------------------------------------------------------------- 1 | class AllstarPackageError(Exception): 2 | pass 3 | -------------------------------------------------------------------------------- /allstar/util.py: -------------------------------------------------------------------------------- 1 | def package_part(pkg): 2 | if pkg <= 'libapr-dev': 3 | return 1 4 | elif pkg <= 'liblingua-stem-perl': 5 | return 2 6 | elif pkg <= 'mate-system-tools': 7 | return 3 8 | elif pkg <= 'zzuf': 9 | return 4 10 | else: 11 | return None 12 | -------------------------------------------------------------------------------- /allstar/version.py: -------------------------------------------------------------------------------- 1 | __version__ = '0.1.0' 2 | -------------------------------------------------------------------------------- /evm - BsidesDC - ChallengeProblemsForStaticAnalysis.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JHUAPL/ALLSTAR/1997b2b91caff0ab239dee043fbff0cb2f13016c/evm - BsidesDC - ChallengeProblemsForStaticAnalysis.pdf -------------------------------------------------------------------------------- /evm - Jailbreak2019 - ChallengeProblemsForStaticAnalysis.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/JHUAPL/ALLSTAR/1997b2b91caff0ab239dee043fbff0cb2f13016c/evm - Jailbreak2019 - ChallengeProblemsForStaticAnalysis.pdf --------------------------------------------------------------------------------