Waht is LoLe?

LoLe is a Python3 library for...

Reading/Writing data in address.

Value in square brackets [] denote address depeding on LoLe plugin.

Typical LoLe plugin (Kmem) can be used for reading/writeing data in physical address.

Plugin

LoLe.Kmem    # Plugin for reading/writeing data by physical address in system.

For example...

In Linux X86_64 platform, to read data in physical address 0xB0000000

>>> from LoLe.Kmem import Kmem8, Kmem16, Kmem32, Kmem64
-----------------------------------
LoLe Evaluation version: 00.01.000
Author MaxWu (EfiPy.Core@gmail.com)
===================================
>>> Kmem = Kmem32 (0x10000000000000000)
>>> Kmem[0xB0000000]
Kmem32[0xb0000000:0xb0000003].bit[0:31]: 0x29C08086
>>> Kmem[0xB0000000][0:15]
Kmem32[0xb0000000:0xb0000003].bit[0:15]: 0x8086
>>>

Download
LoLe library can be downloaded from https://github.com/EfiPy/LoLe

Comments

  1. y-koj23/5/24 10:58

    I found your LoLe project while looking for a good library for the kernel module manipulation, (fortunately I found kmodule :D)

    LoLe looks cool to me! And I'm curious about what LoLe does in its internals, which is probably achieved in `LoLe/Driver/*.o.*` and `LinuxKmDrv.so.*`.
    Especially, I want to know about the way LoLe reads data from the kernel via physical memory address and the way to avoid KASLR.
    I would be glad if you would provide me some insights (or related documents/books) about these topics.

    I look forward to your response. Thank you!

    ReplyDelete

Post a Comment

Popular posts from this blog

How to extract bits from interger in python

Introduction LoLe provides Uint plgin which can extract bits from integer. Example If there is an integer 0x87654321 .... The value from bit 4 to bit 7 is 0x02 The value from bit 8 to bit 15 is 0x43 >>> from LoLe.UintPy import UintPy ----------------------------------- LoLe version: 00.01.005 Author MaxWu (EfiPy.Core@gmail.com) =================================== >>> from LoLe.Uint import Uint >>> foo = Uint( 0x87654321 ) >>> foo[ 4:7 ] UINT[0x0:0x0].bit[ 4:7 ]: 0x2 >>> foo[ 8:15 ] UINT[0x0:0x0].bit[ 8:15 ]: 0x43 >>> 
Read more

EXAMPLE - Bitwise operation

Concept It explains how the LoLe basic bitwise operation is. LoLe has two operations: Array operation and bit operation.  These operations are done by subscript operator (square brackets []). Example import LoLe package import Mem operation which is used for memory buffer. from LoLe.Mem import Mem32 Using Mem(0x20) to create 0x20 bytes buffer. In this code, TestMem is an array, each element holds 32bit data. It uses malloc to arrange system memory. TestMem = Mem32 (0x20) subscript operaton Using subscript operator to denote any data in TestMem . The value in subscript operator after TestMem can be any value from 0 to 0x1F . In this code TestWord = TestMem[0x04] Any TestWord operation effects the 4th to the 7th bytes in TestMem . other data in TestMem remain the same. TestMem[0x04] is the same as TestMem[0x04:0x07] . Write bits the TestWord[3] = 1 implementation concept is denote in this pseudo code. (1 << 3) | (TestWird & (~(1 << 3))) the TestWord[3] = 0 im...
Read more