yanguangshaonian
/
memflow-pcileech
mirror of https://github.com/memflow/memflow-pcileech
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
memflow connector backend to interface with pcileech devices
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
86 Commits
4 Branches
11 Tags
1.3 MiB
Rust 88.2%
C 11.8%
 
 
main
stable
next
rust_native
0.1.0
0.1.5
0.1.6
0.1.7
0.2.0
0.2.0-beta1
0.2.0-beta10
0.2.0-beta11
0.2.0-beta5
0.2.0-beta7
nightly
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5f50fa57b6'
${ noResults }
Go to file
ko1N 5f50fa57b6 Updated logging to use simplelog; added basic install.rhai script 3 years ago
.cargo Recoded pcileech connector by using the leechcore library. Some test-implementations for read/write already exist; very WIP 4 years ago
.github/workflows Added registry key to acquire the memory map to readme 4 years ago
leechcore-sys Fixed formatting 3 years ago
memflow-pcileech Updated logging to use simplelog; added basic install.rhai script 3 years ago
.gitignore Moved to seperate project from memflow 5 years ago
.gitmodules Recoded pcileech connector by using the leechcore library. Some test-implementations for read/write already exist; very WIP 4 years ago
Cargo.toml Updated logging to use simplelog; added basic install.rhai script 3 years ago
LICENSE Recoded pcileech connector by using the leechcore library. Some test-implementations for read/write already exist; very WIP 4 years ago
README.md Updated to latest memflow/next 3 years ago
install.rhai Updated logging to use simplelog; added basic install.rhai script 3 years ago
install.sh Updated to latest memflow/next 3 years ago
memmap.toml Updated leechcore submodule and fixed linux warnings 4 years ago

README.md

memflow-pcileech

This connector implements the LeechCore interface of pcileech for memflow.

More information about pcileech can be found under https://github.com/ufrisk/pcileech.

Compilation

First make sure that the leechcore submodule is checked out:

git submodule update --init

Install the following build tools:

  • gcc
  • clang
  • libusb-1.0 (only required on linux)

Make sure that libclang can be found by either adding it to your PATH or via the LIBCLANG_PATH environment variable.

On Windows you additionally need to supply the proprietary FTD3XX.dll. It can be downloaded from the FTDI Website in the Application Library (DLL) column.

On Linux you need to check-out and compile the leechcore_ft601_driver_linux project from the LeechCore-Plugins repository.

More information about these requirements can be found in the LeechCore-Plugins repository.

Running the example

To run the example simply execute:

cargo run --example read_phys --release -- FPGA

On Linux the example binary will be ran with sudo -E to elevate privileges.

Since the invoked binary is placed in the target/release/examples or /target/debug/examples folder the leechcore_ft601_driver_linux.so has to be placed in the corresponding folder. On Windows the FTD3XX.dll has to be placed in the corresponding examples folder.

Installing the library

The ./install.sh script will just compile and install the plugin. The connector will be installed to ~/.local/lib/memflow by default. Additionally the --system flag can be specified which will install the connector in /usr/lib/memflow as well.

Remarks: The install.sh script does currently not place the leechcore_ft601_driver_linux.so / FTD3XX.dll in the corresponding folders. Please make sure to provide it manually.

Building the stand-alone connector for dynamic loading

To compile a dynamic library for use with the connector inventory use the following command:

cargo build --release --all-features

As mentioned above the leechcore_ft601_driver_linux.so or FTD3XX.dll have to be placed in the same folder the connector library is placed in.

Using the library in a rust project

To use the plugin in a rust project just include it in your Cargo.toml

memflow-pcileech = { git = "https://github.com/memflow/memflow-pcileech", branch = "master" }

Make sure to NOT enable the plugin feature when importing multiple connectors in a rust project without using the memflow plugin inventory. This might cause duplicated exports being generated in your project.

After adding the dependency to your Cargo.toml you can easily create a new Connector instance and pass it some arguments from the command line:

let args: Vec<String> = env::args().collect();
let conn_args = if args.len() > 1 {
    ConnectorArgs::parse(&args[1]).expect("unable to parse arguments")
} else {
    ConnectorArgs::new()
};

let mut conn = memflow_pcileech::create_connector(&conn_args, log::Level::Debug)
    .expect("unable to initialize memflow_pcileech");

Arguments

The following arguments can be used when loading the connector:

  • device - the name of the pcileech device to open (e.g. FPGA) (default argument, required)
  • memmap - a file that contains a custom memory map in TOML format (optional)

The memory map file must contain a mapping table in the following format:

[[range]]
base=0x1000
length=0x1000

[[range]]
base=0x2000
length=0x1000
real_base=0x3000

The real_base parameter is optional. If it is not set there will be no re-mapping.

On Windows systems the memory map can be obtained from the Registry under the following Key:

HKEY_LOCAL_MACHINE\\HARDWARE\\RESOURCEMAP\\System Resources\\Physical Memory\\.Translated

In case no memory mappings are provided by the user the connector will use the memory mappings found by the os integration (e.g. win32).

Troubleshooting

Q: The plugin is not detected/found by memflow

A: Make sure to compile the plugin with the correct flags. See the usage section for more information.

License

Licensed under GPL-3.0 License, see LICENSE.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, shall be licensed as above, without any additional terms or conditions.