-
Notifications
You must be signed in to change notification settings - Fork 30
Expand file tree
/
Copy pathzcat.zig
More file actions
102 lines (88 loc) · 3.15 KB
/
zcat.zig
File metadata and controls
102 lines (88 loc) · 3.15 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
///name: zcat
///description: "Print content of a gzip compressed file"
///author: Z-Labs
///tags: ['windows', 'linux','host-recon','z-labs']
///OS: cross
///sources:
/// - 'https://raw.githubusercontent.com/The-Z-Labs/bof-launcher/main/bofs/src/zcat.zig'
///examples: '
/// zcat /boot/config.gz
///'
///arguments:
///- name: file_path
/// desc: "path to the file to be printed"
/// type: string
/// required: true
///errors:
///- name: AccessDenied
/// code: 0x1
/// message: "Failed to open provided file"
///- name: FileNotFound
/// code: 0x2
/// message: "File not found"
///- name: AntivirusInterference
/// code: 0x3
/// message: "Possible Antivirus Interference while opening the file"
///- name: FileNotProvided
/// code: 0x4
/// message: "No file provided"
///- name: StreamTooLong
/// code: 0x5
/// message: "File is very large"
///- name: UnknownError
/// code: 0x6
/// message: "Unknown error"
const std = @import("std");
const bofapi = @import("bof_api");
const beacon = bofapi.beacon;
const posix = bofapi.posix;
comptime {
@import("bof_api").embedFunctionCode("memcpy");
@import("bof_api").embedFunctionCode("memset");
@import("bof_api").embedFunctionCode("memmove");
@import("bof_api").embedFunctionCode("__aeabi_llsl");
@import("bof_api").embedFunctionCode("__aeabi_uidiv");
@import("bof_api").embedFunctionCode("__udivdi3");
@import("bof_api").embedFunctionCode("__ashldi3");
@import("bof_api").embedFunctionCode("__stackprobe__");
}
// BOF-specific error codes
const BofErrors = enum(u8) {
AccessDenied = 0x1,
FileNotFound,
AntivirusInterference,
FileNotProvided,
StreamTooLong,
UnknownError,
};
fn getFileContent(allocator: std.mem.Allocator, file_path: [*:0]u8) !u8 {
const file = try std.fs.openFileAbsoluteZ(file_path, .{});
defer file.close();
const file_stat = try file.stat();
const file_data = try allocator.alloc(u8, @intCast(file_stat.size));
defer allocator.free(file_data);
var file_reader = file.reader(&.{});
try file_reader.interface.readSliceAll(file_data);
var reader: std.Io.Reader = .fixed(file_data);
var aw: std.Io.Writer.Allocating = .init(allocator);
defer aw.deinit();
var decompress: std.compress.flate.Decompress = .init(&reader, .gzip, &.{});
const decompressed_len = try decompress.reader.streamRemaining(&aw.writer);
_ = decompressed_len;
bofapi.print(.output, "{s}", .{aw.written()});
return 0;
}
pub export fn go(adata: ?[*]u8, alen: i32) callconv(.c) u8 {
@import("bof_api").init(adata, alen, .{});
const allocator = std.heap.page_allocator;
var parser = beacon.datap{};
beacon.dataParse(&parser, adata, alen);
if (beacon.dataExtract(&parser, null)) |file_path| {
return getFileContent(allocator, file_path) catch |err| switch (err) {
error.AccessDenied => @intFromEnum(BofErrors.AccessDenied),
error.FileNotFound => @intFromEnum(BofErrors.FileNotFound),
error.AntivirusInterference => @intFromEnum(BofErrors.AntivirusInterference),
else => @intFromEnum(BofErrors.UnknownError),
};
} else return @intFromEnum(BofErrors.FileNotProvided);
}