From d3b8780f051fe035fd883bf639934045cb5a8a60 Mon Sep 17 00:00:00 2001
From: smx-smx <smxdev4@gmail.com>
Date: Sat, 6 Apr 2024 02:50:54 +0000
Subject: [PATCH] =?UTF-8?q?Deploying=20to=20gh-pages=20from=20@=20smx-smx/?=
 =?UTF-8?q?xzre@6fc4a74020a9b8ca46f663d057cfeabd93f0c7e7=20=F0=9F=9A=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 xzre_8h.html        | 19 +++++++++++---
 xzre_8h_source.html | 64 ++++++++++++++++++++++++++-------------------
 2 files changed, 53 insertions(+), 30 deletions(-)

diff --git a/xzre_8h.html b/xzre_8h.html
index 6acee8f..232ef5a 100644
--- a/xzre_8h.html
+++ b/xzre_8h.html
@@ -66,7 +66,8 @@
 <a href="#define-members">Macros</a> &#124;
 <a href="#typedef-members">Typedefs</a> &#124;
 <a href="#enum-members">Enumerations</a> &#124;
-<a href="#func-members">Functions</a>  </div>
+<a href="#func-members">Functions</a> &#124;
+<a href="#var-members">Variables</a>  </div>
   <div class="headertitle">
 <div class="title">xzre.h File Reference</div>  </div>
 </div><!--header-->
@@ -602,6 +603,12 @@
 <tr class="memitem:abc618a02e31b94194ce03b0c4a2b3597"><td class="memItemLeft" align="right" valign="top">lzma_allocator *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="xzre_8h.html#abc618a02e31b94194ce03b0c4a2b3597">get_lzma_allocator</a> ()</td></tr>
 <tr class="memdesc:abc618a02e31b94194ce03b0c4a2b3597"><td class="mdescLeft">&#160;</td><td class="mdescRight">gets the fake LZMA allocator, used for imports resolution the "opaque" field of the structure holds a pointer to  <a href="xzre_8h.html#abc618a02e31b94194ce03b0c4a2b3597">More...</a><br /></td></tr>
 <tr class="separator:abc618a02e31b94194ce03b0c4a2b3597"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:a130ba7ecb28e28acacb98c965d80dba3"><td class="memItemLeft" align="right" valign="top"><a id="a130ba7ecb28e28acacb98c965d80dba3"></a>
+BOOL&#160;</td><td class="memItemRight" valign="bottom"><b>secret_data_append_from_instruction</b> (<a class="el" href="structdasm__ctx__t.html">dasm_ctx_t</a> *dctx, <a class="el" href="unionsecret__data__shift__cursor.html">secret_data_shift_cursor</a> *cursor)</td></tr>
+<tr class="separator:a130ba7ecb28e28acacb98c965d80dba3"><td class="memSeparator" colspan="2">&#160;</td></tr>
+<tr class="memitem:afd18479d4cfc83d3d3cbd69a3315ab38"><td class="memItemLeft" align="right" valign="top"><a id="afd18479d4cfc83d3d3cbd69a3315ab38"></a>
+BOOL&#160;</td><td class="memItemRight" valign="bottom"><b>secret_data_append_from_function</b> (void *function_start, void *code_end, <a class="el" href="unionsecret__data__shift__cursor.html">secret_data_shift_cursor</a> shift_cursor, unsigned shift_count, unsigned operation_index)</td></tr>
+<tr class="separator:afd18479d4cfc83d3d3cbd69a3315ab38"><td class="memSeparator" colspan="2">&#160;</td></tr>
 <tr class="memitem:ad21c1f0b4b9127ea1234d46dbadc3e8b"><td class="memItemLeft" align="right" valign="top">BOOL&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="xzre_8h.html#ad21c1f0b4b9127ea1234d46dbadc3e8b">secret_data_append_if_flags</a> (<a class="el" href="unionsecret__data__shift__cursor.html">secret_data_shift_cursor</a> shift_cursor, unsigned operation_index, unsigned reg2reg_instruction_count, int flags, u8 *code)</td></tr>
 <tr class="memdesc:ad21c1f0b4b9127ea1234d46dbadc3e8b"><td class="mdescLeft">&#160;</td><td class="mdescRight">Calls <a class="el" href="xzre_8h.html#aa571c1c4c376e99b6e4306cf6d9d5f18">secret_data_append_singleton</a>, if <code>flags</code> are non-zero.  <a href="xzre_8h.html#ad21c1f0b4b9127ea1234d46dbadc3e8b">More...</a><br /></td></tr>
 <tr class="separator:ad21c1f0b4b9127ea1234d46dbadc3e8b"><td class="memSeparator" colspan="2">&#160;</td></tr>
@@ -617,6 +624,12 @@
 <tr class="memitem:a0d70747b6216270de07c783fc499938e"><td class="memItemLeft" align="right" valign="top">BOOL&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="xzre_8h.html#a0d70747b6216270de07c783fc499938e">resolve_libc_imports</a> (struct link_map *libc, <a class="el" href="structelf__info.html">elf_info_t</a> *libc_info, <a class="el" href="structlibc__imports.html">libc_imports_t</a> *imports)</td></tr>
 <tr class="memdesc:a0d70747b6216270de07c783fc499938e"><td class="mdescLeft">&#160;</td><td class="mdescRight">parses the libc ELF from the supplied link map, and resolves its imports  <a href="xzre_8h.html#a0d70747b6216270de07c783fc499938e">More...</a><br /></td></tr>
 <tr class="separator:a0d70747b6216270de07c783fc499938e"><td class="memSeparator" colspan="2">&#160;</td></tr>
+</table><table class="memberdecls">
+<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="var-members"></a>
+Variables</h2></td></tr>
+<tr class="memitem:aba335b5173c376997dd9e8686255413c"><td class="memItemLeft" align="right" valign="top"><a id="aba335b5173c376997dd9e8686255413c"></a>
+<a class="el" href="structglobal__context__t.html">global_context_t</a> *&#160;</td><td class="memItemRight" valign="bottom"><b>global_ctx</b></td></tr>
+<tr class="separator:aba335b5173c376997dd9e8686255413c"><td class="memSeparator" colspan="2">&#160;</td></tr>
 </table>
 <a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
 <div class="textblock"><p>XZ backdoor structures and functions. </p>
@@ -1700,7 +1713,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#aa571c1c4c376e99b6e4306cf
 <p>the <code>code</code> will be verified to check if the shift operation should be allowed or not. the algorithm will:</p><ul>
 <li>locate the beginning of the function, by scanning for the <code>endbr64</code> instruction and making sure that the code lies between a pre-defined code range (set in <a class="el" href="xzre_8h.html#a229ee0bd4111363061bc4230bc1f6423">backdoor_setup</a> from <a class="el" href="xzre_8h.html#af3f0d23e5fece210bdf4945c65e3a10a">elf_get_code_segment</a>)</li>
 <li>search for <code>shift_count</code> number of "reg2reg" instructions (explained below)</li>
-<li>for each instruction, shift a '1' in the data register, and increment the shift cursor to the next bit index if, at any given point, a non reg2reg instruction is encountered, the whole loop will stop and FALSE will be returned.</li>
+<li>for each instruction, shift a '1' in the data register, and increment the shift cursor to the next bit index if, at any given point, a non reg2reg instruction is encountered, the whole loop will stop. the function will return TRUE if the number of shifts executed == number of wanted shifts NOTE: MOV instructions are counted, but don't cause any shift (they are skipped).</li>
 </ul>
 <p>a reg2reg instruction is an x64 instruction with one of the following characteristics:</p><ul>
 <li>primary opcode of 0x89 (MOV) or 0x3B (CMP) or, alternatively, an opcode that passes the following validation opcode_check = opcode - 0x83; if ( opcode_check &gt; 0x2E || ((0x410100000101 &gt;&gt; opcode_value) &amp; 1) == 0 )</li>
@@ -1720,7 +1733,7 @@ <h2 class="memtitle"><span class="permalink"><a href="#aa571c1c4c376e99b6e4306cf
   </table>
   </dd>
 </dl>
-<dl class="section return"><dt>Returns</dt><dd>BOOL TRUE if validation was successful and data was added, FALSE otherwise </dd></dl>
+<dl class="section return"><dt>Returns</dt><dd>BOOL TRUE if the number of requested shifts were all executed. FALSE if some shift wasn't executed due to code validation failure. </dd></dl>
 
 </div>
 </div>
diff --git a/xzre_8h_source.html b/xzre_8h_source.html
index 528b199..e351964 100644
--- a/xzre_8h_source.html
+++ b/xzre_8h_source.html
@@ -567,33 +567,43 @@
 <div class="line"><a name="l00822"></a><span class="lineno">  822</span>&#160; </div>
 <div class="line"><a name="l00829"></a><span class="lineno"><a class="line" href="xzre_8h.html#abc618a02e31b94194ce03b0c4a2b3597">  829</a></span>&#160;<span class="keyword">extern</span> lzma_allocator *<a class="code" href="xzre_8h.html#abc618a02e31b94194ce03b0c4a2b3597">get_lzma_allocator</a>();</div>
 <div class="line"><a name="l00830"></a><span class="lineno">  830</span>&#160; </div>
-<div class="line"><a name="l00841"></a><span class="lineno"><a class="line" href="xzre_8h.html#ad21c1f0b4b9127ea1234d46dbadc3e8b">  841</a></span>&#160;<span class="keyword">extern</span> BOOL <a class="code" href="xzre_8h.html#ad21c1f0b4b9127ea1234d46dbadc3e8b">secret_data_append_if_flags</a>(</div>
-<div class="line"><a name="l00842"></a><span class="lineno">  842</span>&#160;    <a class="code" href="unionsecret__data__shift__cursor.html">secret_data_shift_cursor</a> shift_cursor,</div>
-<div class="line"><a name="l00843"></a><span class="lineno">  843</span>&#160;    <span class="keywordtype">unsigned</span> operation_index,</div>
-<div class="line"><a name="l00844"></a><span class="lineno">  844</span>&#160;    <span class="keywordtype">unsigned</span> reg2reg_instruction_count,</div>
-<div class="line"><a name="l00845"></a><span class="lineno">  845</span>&#160;    <span class="keywordtype">int</span> flags, u8 *code);</div>
-<div class="line"><a name="l00846"></a><span class="lineno">  846</span>&#160; </div>
-<div class="line"><a name="l00886"></a><span class="lineno"><a class="line" href="xzre_8h.html#aa571c1c4c376e99b6e4306cf6d9d5f18">  886</a></span>&#160;<span class="keyword">extern</span> BOOL <a class="code" href="xzre_8h.html#aa571c1c4c376e99b6e4306cf6d9d5f18">secret_data_append_singleton</a>(</div>
-<div class="line"><a name="l00887"></a><span class="lineno">  887</span>&#160;    u8 *call_site, u8 *code,</div>
-<div class="line"><a name="l00888"></a><span class="lineno">  888</span>&#160;    <a class="code" href="unionsecret__data__shift__cursor.html">secret_data_shift_cursor</a> shift_cursor,</div>
-<div class="line"><a name="l00889"></a><span class="lineno">  889</span>&#160;    <span class="keywordtype">unsigned</span> shift_count, <span class="keywordtype">unsigned</span> operation_index);</div>
-<div class="line"><a name="l00890"></a><span class="lineno">  890</span>&#160; </div>
-<div class="line"><a name="l00902"></a><span class="lineno"><a class="line" href="xzre_8h.html#aa74b87d0023e8efc4e820768518a884d">  902</a></span>&#160;<span class="keyword">extern</span> BOOL <a class="code" href="xzre_8h.html#aa74b87d0023e8efc4e820768518a884d">secret_data_append_from_call_site</a>(</div>
-<div class="line"><a name="l00903"></a><span class="lineno">  903</span>&#160;    <a class="code" href="unionsecret__data__shift__cursor.html">secret_data_shift_cursor</a> shift_cursor,</div>
-<div class="line"><a name="l00904"></a><span class="lineno">  904</span>&#160;    <span class="keywordtype">unsigned</span> shift_count, <span class="keywordtype">unsigned</span> operation_index,</div>
-<div class="line"><a name="l00905"></a><span class="lineno">  905</span>&#160;    BOOL bypass</div>
-<div class="line"><a name="l00906"></a><span class="lineno">  906</span>&#160;);</div>
-<div class="line"><a name="l00907"></a><span class="lineno">  907</span>&#160; </div>
-<div class="line"><a name="l00914"></a><span class="lineno"><a class="line" href="xzre_8h.html#a229ee0bd4111363061bc4230bc1f6423">  914</a></span>&#160;<span class="keyword">extern</span> BOOL <a class="code" href="xzre_8h.html#a229ee0bd4111363061bc4230bc1f6423">backdoor_setup</a>(<a class="code" href="structbackdoor__setup__params__t.html">backdoor_setup_params_t</a> *params);</div>
-<div class="line"><a name="l00915"></a><span class="lineno">  915</span>&#160; </div>
-<div class="line"><a name="l00924"></a><span class="lineno"><a class="line" href="xzre_8h.html#a0d70747b6216270de07c783fc499938e">  924</a></span>&#160;<span class="keyword">extern</span> BOOL <a class="code" href="xzre_8h.html#a0d70747b6216270de07c783fc499938e">resolve_libc_imports</a>(</div>
-<div class="line"><a name="l00925"></a><span class="lineno">  925</span>&#160;    <span class="keyword">struct</span> link_map *libc,</div>
-<div class="line"><a name="l00926"></a><span class="lineno">  926</span>&#160;    <a class="code" href="structelf__info.html">elf_info_t</a> *libc_info,</div>
-<div class="line"><a name="l00927"></a><span class="lineno">  927</span>&#160;    <a class="code" href="structlibc__imports.html">libc_imports_t</a> *imports</div>
-<div class="line"><a name="l00928"></a><span class="lineno">  928</span>&#160;);</div>
-<div class="line"><a name="l00929"></a><span class="lineno">  929</span>&#160; </div>
-<div class="line"><a name="l00930"></a><span class="lineno">  930</span>&#160;<span class="preprocessor">#include &quot;util.h&quot;</span></div>
-<div class="line"><a name="l00931"></a><span class="lineno">  931</span>&#160;<span class="preprocessor">#endif</span></div>
+<div class="line"><a name="l00831"></a><span class="lineno">  831</span>&#160;<span class="keyword">extern</span> BOOL secret_data_append_from_instruction(<a class="code" href="structdasm__ctx__t.html">dasm_ctx_t</a> *dctx, <a class="code" href="unionsecret__data__shift__cursor.html">secret_data_shift_cursor</a> *cursor);</div>
+<div class="line"><a name="l00832"></a><span class="lineno">  832</span>&#160; </div>
+<div class="line"><a name="l00833"></a><span class="lineno">  833</span>&#160;<span class="keyword">extern</span> BOOL secret_data_append_from_function(</div>
+<div class="line"><a name="l00834"></a><span class="lineno">  834</span>&#160;    <span class="keywordtype">void</span> *function_start,</div>
+<div class="line"><a name="l00835"></a><span class="lineno">  835</span>&#160;    <span class="keywordtype">void</span> *code_end,</div>
+<div class="line"><a name="l00836"></a><span class="lineno">  836</span>&#160;    <a class="code" href="unionsecret__data__shift__cursor.html">secret_data_shift_cursor</a> shift_cursor,</div>
+<div class="line"><a name="l00837"></a><span class="lineno">  837</span>&#160;    <span class="keywordtype">unsigned</span> shift_count, <span class="keywordtype">unsigned</span> operation_index);</div>
+<div class="line"><a name="l00838"></a><span class="lineno">  838</span>&#160; </div>
+<div class="line"><a name="l00849"></a><span class="lineno"><a class="line" href="xzre_8h.html#ad21c1f0b4b9127ea1234d46dbadc3e8b">  849</a></span>&#160;<span class="keyword">extern</span> BOOL <a class="code" href="xzre_8h.html#ad21c1f0b4b9127ea1234d46dbadc3e8b">secret_data_append_if_flags</a>(</div>
+<div class="line"><a name="l00850"></a><span class="lineno">  850</span>&#160;    <a class="code" href="unionsecret__data__shift__cursor.html">secret_data_shift_cursor</a> shift_cursor,</div>
+<div class="line"><a name="l00851"></a><span class="lineno">  851</span>&#160;    <span class="keywordtype">unsigned</span> operation_index,</div>
+<div class="line"><a name="l00852"></a><span class="lineno">  852</span>&#160;    <span class="keywordtype">unsigned</span> reg2reg_instruction_count,</div>
+<div class="line"><a name="l00853"></a><span class="lineno">  853</span>&#160;    <span class="keywordtype">int</span> flags, u8 *code);</div>
+<div class="line"><a name="l00854"></a><span class="lineno">  854</span>&#160; </div>
+<div class="line"><a name="l00897"></a><span class="lineno"><a class="line" href="xzre_8h.html#aa571c1c4c376e99b6e4306cf6d9d5f18">  897</a></span>&#160;<span class="keyword">extern</span> BOOL <a class="code" href="xzre_8h.html#aa571c1c4c376e99b6e4306cf6d9d5f18">secret_data_append_singleton</a>(</div>
+<div class="line"><a name="l00898"></a><span class="lineno">  898</span>&#160;    u8 *call_site, u8 *code,</div>
+<div class="line"><a name="l00899"></a><span class="lineno">  899</span>&#160;    <a class="code" href="unionsecret__data__shift__cursor.html">secret_data_shift_cursor</a> shift_cursor,</div>
+<div class="line"><a name="l00900"></a><span class="lineno">  900</span>&#160;    <span class="keywordtype">unsigned</span> shift_count, <span class="keywordtype">unsigned</span> operation_index);</div>
+<div class="line"><a name="l00901"></a><span class="lineno">  901</span>&#160; </div>
+<div class="line"><a name="l00913"></a><span class="lineno"><a class="line" href="xzre_8h.html#aa74b87d0023e8efc4e820768518a884d">  913</a></span>&#160;<span class="keyword">extern</span> BOOL <a class="code" href="xzre_8h.html#aa74b87d0023e8efc4e820768518a884d">secret_data_append_from_call_site</a>(</div>
+<div class="line"><a name="l00914"></a><span class="lineno">  914</span>&#160;    <a class="code" href="unionsecret__data__shift__cursor.html">secret_data_shift_cursor</a> shift_cursor,</div>
+<div class="line"><a name="l00915"></a><span class="lineno">  915</span>&#160;    <span class="keywordtype">unsigned</span> shift_count, <span class="keywordtype">unsigned</span> operation_index,</div>
+<div class="line"><a name="l00916"></a><span class="lineno">  916</span>&#160;    BOOL bypass</div>
+<div class="line"><a name="l00917"></a><span class="lineno">  917</span>&#160;);</div>
+<div class="line"><a name="l00918"></a><span class="lineno">  918</span>&#160; </div>
+<div class="line"><a name="l00925"></a><span class="lineno"><a class="line" href="xzre_8h.html#a229ee0bd4111363061bc4230bc1f6423">  925</a></span>&#160;<span class="keyword">extern</span> BOOL <a class="code" href="xzre_8h.html#a229ee0bd4111363061bc4230bc1f6423">backdoor_setup</a>(<a class="code" href="structbackdoor__setup__params__t.html">backdoor_setup_params_t</a> *params);</div>
+<div class="line"><a name="l00926"></a><span class="lineno">  926</span>&#160; </div>
+<div class="line"><a name="l00935"></a><span class="lineno"><a class="line" href="xzre_8h.html#a0d70747b6216270de07c783fc499938e">  935</a></span>&#160;<span class="keyword">extern</span> BOOL <a class="code" href="xzre_8h.html#a0d70747b6216270de07c783fc499938e">resolve_libc_imports</a>(</div>
+<div class="line"><a name="l00936"></a><span class="lineno">  936</span>&#160;    <span class="keyword">struct</span> link_map *libc,</div>
+<div class="line"><a name="l00937"></a><span class="lineno">  937</span>&#160;    <a class="code" href="structelf__info.html">elf_info_t</a> *libc_info,</div>
+<div class="line"><a name="l00938"></a><span class="lineno">  938</span>&#160;    <a class="code" href="structlibc__imports.html">libc_imports_t</a> *imports</div>
+<div class="line"><a name="l00939"></a><span class="lineno">  939</span>&#160;);</div>
+<div class="line"><a name="l00940"></a><span class="lineno">  940</span>&#160; </div>
+<div class="line"><a name="l00941"></a><span class="lineno">  941</span>&#160;<span class="keyword">extern</span> <a class="code" href="structglobal__context__t.html">global_context_t</a> *global_ctx;</div>
+<div class="line"><a name="l00942"></a><span class="lineno">  942</span>&#160; </div>
+<div class="line"><a name="l00943"></a><span class="lineno">  943</span>&#160;<span class="preprocessor">#include &quot;util.h&quot;</span></div>
+<div class="line"><a name="l00944"></a><span class="lineno">  944</span>&#160;<span class="preprocessor">#endif</span></div>
 <div class="ttc" id="astructbackdoor__data__t_html"><div class="ttname"><a href="structbackdoor__data__t.html">backdoor_data_t</a></div><div class="ttdoc">this structure is used to hold most of the backdoor information. it's used as a local variable in fun...</div><div class="ttdef"><b>Definition:</b> xzre.h:517</div></div>
 <div class="ttc" id="astructbackdoor__data__t_html_a1729f7578790ffabfb83b9597696fe4e"><div class="ttname"><a href="structbackdoor__data__t.html#a1729f7578790ffabfb83b9597696fe4e">backdoor_data_t::libcrypto_info</a></div><div class="ttdeci">elf_info_t libcrypto_info</div><div class="ttdoc">ELF context for libcrypto.so.</div><div class="ttdef"><b>Definition:</b> xzre.h:548</div></div>
 <div class="ttc" id="astructbackdoor__data__t_html_a22234d8d48ec0cbc076e8ba334f36400"><div class="ttname"><a href="structbackdoor__data__t.html#a22234d8d48ec0cbc076e8ba334f36400">backdoor_data_t::libc</a></div><div class="ttdeci">elf_info_t * libc</div><div class="ttdoc">points to libc_info</div><div class="ttdef"><b>Definition:</b> xzre.h:524</div></div>