AlliedModders

AlliedModders (https://forums.alliedmods.net/index.php)
-   Snippets and Tutorials (https://forums.alliedmods.net/forumdisplay.php?f=112)
-   -   [SNAKES] Plugin reader/partial decompiler (https://forums.alliedmods.net/showthread.php?t=104458)

devicenull 09-23-2009 17:45

[SNAKES] Plugin reader/partial decompiler
 
This code will parse various information from a compiled Sourcemod plugin. Right now it can pull a list of all the strings, natives used, any public functions/variables, and a list of tags used (the last is rather useless). It can handle compressed plugins, and hasn't been well tested well.

This is probably useless to most people :p

Requirements: Python and http://code.google.com/p/python-bitstring/

You can find the code here

example output:
Code:

INFO: Version 102 Compression 1
INFO: total size 6335
INFO: uncompressed size 17180
DEBUG: section 0 name .code
DEBUG: section 1 name .data
DEBUG: section 2 name .publics
DEBUG: section 3 name .pubvars
DEBUG: section 4 name .natives
DEBUG: section 5 name .tags
DEBUG: section 6 name .names
DEBUG: section 7 name .dbg.natives
DEBUG: section 8 name .dbg.files
DEBUG: section 9 name .dbg.lines
DEBUG: section 10 name .dbg.symbols
DEBUG: section 11 name .dbg.info
DEBUG: section 12 name .dbg.strings
DEBUG: 5072 bytes of code, version=9, cellsize=4
DEBUG: 2580 bytes of data
DEBUG: 14 publics
DEBUG: {'nameoffs': 0, 'name': 'CheckPlayer', 'address': 1872}
DEBUG: {'nameoffs': 12, 'name': 'Cmd_ChangeLevel', 'address': 3556}
DEBUG: {'nameoffs': 28, 'name': 'Cmd_EntCreate', 'address': 2864}
DEBUG: {'nameoffs': 42, 'name': 'Cmd_EntFire', 'address': 3232}
DEBUG: {'nameoffs': 54, 'name': 'ConVarDone', 'address': 2276}
DEBUG: {'nameoffs': 65, 'name': 'HalfConnected', 'address': 4728}
DEBUG: {'nameoffs': 79, 'name': 'OnClientPutInServer', 'address': 1696}
DEBUG: {'nameoffs': 99, 'name': 'OnClientSettingsChanged', 'address': 3720}
DEBUG: {'nameoffs': 123, 'name': 'OnConfigsExecuted', 'address': 2452}
DEBUG: {'nameoffs': 141, 'name': 'OnPluginStart', 'address': 148}
DEBUG: {'nameoffs': 155, 'name': 'StartTeleCheck', 'address': 4312}
DEBUG: {'nameoffs': 170, 'name': 'TeleCheckDone', 'address': 4484}
DEBUG: {'nameoffs': 184, 'name': '__ext_core_SetNTVOptional', 'address': 8}
DEBUG: {'nameoffs': 210, 'name': 'rcon_changed', 'address': 2680}
DEBUG: 7 pubvars
DEBUG: {'nameoffs': 689, 'name': 'MaxClients', 'address': 96}
DEBUG: {'nameoffs': 700, 'name': 'NULL_STRING', 'address': 60}
DEBUG: {'nameoffs': 712, 'name': 'NULL_VECTOR', 'address': 48}
DEBUG: {'nameoffs': 724, 'name': '__ext_core', 'address': 80}
DEBUG: {'nameoffs': 735, 'name': '__ext_sdktools', 'address': 128}
DEBUG: {'nameoffs': 750, 'name': '__version', 'address': 32}
DEBUG: {'nameoffs': 760, 'name': 'myinfo', 'address': 256}
DEBUG: 33 natives
DEBUG: {'nameoffs': 223, 'name': 'VerifyCoreVersion'}
DEBUG: {'nameoffs': 241, 'name': 'FloatCompare'}
DEBUG: {'nameoffs': 254, 'name': 'strcmp'}
DEBUG: {'nameoffs': 261, 'name': 'CreateConVar'}
DEBUG: {'nameoffs': 274, 'name': 'RegConsoleCmd'}
DEBUG: {'nameoffs': 288, 'name': 'FindConVar'}
DEBUG: {'nameoffs': 299, 'name': 'HookConVarChange'}
DEBUG: {'nameoffs': 316, 'name': 'LogMessage'}
DEBUG: {'nameoffs': 327, 'name': 'GetCommandFlags'}
DEBUG: {'nameoffs': 343, 'name': 'SetCommandFlags'}
DEBUG: {'nameoffs': 359, 'name': 'GetConVarFlags'}
DEBUG: {'nameoffs': 374, 'name': 'SetConVarFlags'}
DEBUG: {'nameoffs': 389, 'name': 'SetConVarBounds'}
DEBUG: {'nameoffs': 405, 'name': 'FindFirstConCommand'}
DEBUG: {'nameoffs': 425, 'name': 'FindNextConCommand'}
DEBUG: {'nameoffs': 444, 'name': 'CreateTimer'}
DEBUG: {'nameoffs': 456, 'name': 'IsClientInGame'}
DEBUG: {'nameoffs': 471, 'name': 'QueryClientConVar'}
DEBUG: {'nameoffs': 489, 'name': 'KickClient'}
DEBUG: {'nameoffs': 500, 'name': 'GetConVarString'}
DEBUG: {'nameoffs': 516, 'name': 'GetConVarInt'}
DEBUG: {'nameoffs': 529, 'name': 'SetConVarInt'}
DEBUG: {'nameoffs': 542, 'name': 'SetConVarString'}
DEBUG: {'nameoffs': 558, 'name': 'GetCmdArg'}
DEBUG: {'nameoffs': 568, 'name': 'GetCmdArgString'}
DEBUG: {'nameoffs': 584, 'name': 'StrContains'}
DEBUG: {'nameoffs': 596, 'name': 'GetClientName'}
DEBUG: {'nameoffs': 610, 'name': 'strlen'}
DEBUG: {'nameoffs': 617, 'name': 'ReplaceString'}
DEBUG: {'nameoffs': 631, 'name': 'SetClientInfo'}
DEBUG: {'nameoffs': 645, 'name': 'IsClientConnected'}
DEBUG: {'nameoffs': 663, 'name': 'StringToFloat'}
DEBUG: {'nameoffs': 677, 'name': 'GetClientIP'}
DEBUG: 93 tags
DEBUG: 152 names
DEBUG: CheckPlayer
DEBUG: Cmd_ChangeLevel
DEBUG: Cmd_EntCreate
DEBUG: Cmd_EntFire
DEBUG: ConVarDone
DEBUG: HalfConnected
DEBUG: OnClientPutInServer
DEBUG: OnClientSettingsChanged
DEBUG: OnConfigsExecuted
DEBUG: OnPluginStart
DEBUG: StartTeleCheck
DEBUG: TeleCheckDone
DEBUG: __ext_core_SetNTVOptional
DEBUG: rcon_changed
DEBUG: VerifyCoreVersion
DEBUG: FloatCompare
DEBUG: strcmp
DEBUG: CreateConVar
DEBUG: RegConsoleCmd
DEBUG: FindConVar
DEBUG: HookConVarChange
DEBUG: LogMessage
DEBUG: GetCommandFlags
DEBUG: SetCommandFlags
DEBUG: GetConVarFlags
DEBUG: SetConVarFlags
DEBUG: SetConVarBounds
DEBUG: FindFirstConCommand
DEBUG: FindNextConCommand
DEBUG: CreateTimer
DEBUG: IsClientInGame
DEBUG: QueryClientConVar
DEBUG: KickClient
DEBUG: GetConVarString
DEBUG: GetConVarInt
DEBUG: SetConVarInt
DEBUG: SetConVarString
DEBUG: GetCmdArg
DEBUG: GetCmdArgString
DEBUG: StrContains
DEBUG: GetClientName
DEBUG: strlen
DEBUG: ReplaceString
DEBUG: SetClientInfo
DEBUG: IsClientConnected
DEBUG: StringToFloat
DEBUG: GetClientIP
DEBUG: MaxClients
DEBUG: NULL_STRING
DEBUG: NULL_VECTOR
DEBUG: __ext_core
DEBUG: __ext_sdktools
DEBUG: __version
DEBUG: myinfo
DEBUG: _
DEBUG: bool
DEBUG: any
DEBUG: Function
DEBUG: String
DEBUG: Action
DEBUG: Identity
DEBUG: PlVers
DEBUG: Float
DEBUG: PluginStatus
DEBUG: PluginInfo
DEBUG: Extension
DEBUG: Handle
DEBUG: ParamType
DEBUG: ExecType
DEBUG: NativeCall
DEBUG: FileType
DEBUG: FileTimeMode
DEBUG: PathType
DEBUG: GameLogHook
DEBUG: Timer
DEBUG: AdminFlag
DEBUG: OverrideType
DEBUG: OverrideRule
DEBUG: ImmunityType
DEBUG: GroupId
DEBUG: AdminId
DEBUG: AdmAccessMode
DEBUG: AdminCachePart
DEBUG: KvDataTypes
DEBUG: DBResult
DEBUG: DBBindType
DEBUG: DBPriority
DEBUG: SQLTCallback
DEBUG: SortOrder
DEBUG: SortType
DEBUG: SortFunc1D
DEBUG: SortFunc2D
DEBUG: SortFuncADTArray
DEBUG: SMCResult
DEBUG: SMCError
DEBUG: SMC_ParseStart
DEBUG: SMC_ParseEnd
DEBUG: SMC_NewSection
DEBUG: SMC_KeyValue
DEBUG: SMC_EndSection
DEBUG: SMC_RawLine
DEBUG: NetFlow
DEBUG: ConVarBounds
DEBUG: QueryCookie
DEBUG: ReplySource
DEBUG: ConVarQueryResult
DEBUG: SrvCmd
DEBUG: ConCmd
DEBUG: ConVarChanged
DEBUG: ConVarQueryFinished
DEBUG: EventHookMode
DEBUG: EventHook
DEBUG: UserMsg
DEBUG: MsgHook
DEBUG: MsgPostHook
DEBUG: MenuStyle
DEBUG: MenuAction
DEBUG: MenuSource
DEBUG: MenuHandler
DEBUG: VoteHandler
DEBUG: DialogType
DEBUG: Plugin
DEBUG: PropType
DEBUG: PropFieldType
DEBUG: MoveType
DEBUG: RenderMode
DEBUG: RenderFx
DEBUG: AmbientSHook
DEBUG: NormalSHook
DEBUG: RayType
DEBUG: TraceEntityFilter
DEBUG: TEHook
DEBUG: EntityOutput
DEBUG: SDKCallType
DEBUG: SDKLibrary
DEBUG: SDKFuncConfSource
DEBUG: SDKType
DEBUG: SDKPassMethod
DEBUG: $Func@2
DEBUG: $Func@3
DEBUG: $Func@1
DEBUG: $Func@13
DEBUG: $Func@5
DEBUG: $Func@0
DEBUG: $Func@10
DEBUG: $Func@4
DEBUG: $Func@11
DEBUG:
DEBUG:
DEBUG:
DEBUG: x
DEBUG:
WARNING: Unhandled section .dbg.natives
WARNING: Unhandled section .dbg.files
WARNING: Unhandled section .dbg.lines
WARNING: Unhandled section .dbg.symbols
WARNING: Unhandled section .dbg.info
WARNING: Unhandled section .dbg.strings
['1.2.1', '', '09/22/2009', '10:44:09', '\x05', '\x08', '\x14', 'Core', 'core', '@', 'H', 'SDKTools', 'sdktools.ext', 'd', 'p', '\x01', 'RCON Lock', 'devicenull', 'Locks RCON and patches various exploitable commands', '0.3.3', 'http://www.sourcemod.net/', '\x90', '\xa8', '\x9c', '\xdc', '\xe4', '\x0c', '\x1c', ',', 'point_servercommand', 'point_clientcommand', 'logic_timer', '0', '4', '8', '<', 'D', 'quit', 'quti', 'restart', 'sm', 'admin', 'ma_', 'rcon', 'sv_', 'mp_', 'meta', 'alias', 'L', '\\', 'h', 't', '\x80', '\x8c', '\xa0', '\xb0', '\xc0', '\xcc', '\xd8', '\xe8', '\xf0', '\x08\x01', '\x10\x01', ' \x01', ',\x01', '@\x01', 'dumpcountedstrings', 'dbghist_dump', 'dumpeventqueue', 'dump_globals', 'physics_select', 'physics_debug_entity', 'dump_entity_sizes', 'dumpentityfactories', 'dump_terrain', 'mp_dump_timers', 'mem_dump', 'soundscape_flush', 'groundlist', 'soundlist', 'report_touchlinks', 'report_entities', 'physics_report_active', 'listmodels', '\x18', ' ', '$', 'timeleft', 'nextmap', 'ma_timeleft', 'ma_nextmap', 'listmaps', 'ff', 'P', '`', 'sourcemod_version', 'metamod_version', 'mani_admin_plugin_version', 'eventscripts_ver', 'est_version', 'bat_version', 'beetlesmod_version', 'sm_rconlock', 'Plugin version', 'ent_create', 'ent_fire', 'changelevel', 'rcon_password', '%i cheat commands', 'Flagging %s as cheat', "Couldn't find %s (this may be normal)", 'sv_rcon_minfailures', 'sv_rcon_maxfailures', "Removing client '%L' as %s=%s", 'Please remove any plugins you are running', 'Rcon password changed to %s, reverting', "Blocking ent_create from '%L', for containing %s", "Blocking ent_fire from '%L': %s", "Blocking changelevel from '%L': %s", "Removing client '%L' for not having a name", 'Please set a name, then rejoin', '\x07', 'name', "Removing client '%L' for having BELL characters", 'The bell does not toll here.  Remove bell characters from your name', '%', "Removing client '%L' for having % characters", 'Please remove all % characters from your name', 'sensitivity', "Removing client '%L' as sensitivity=%f", 'Please lower your sensitivity', 'Got half-connected command from client %s: %s']


DontWannaName 09-23-2009 17:59

Re: [PYTHON] Plugin reader
 
So its like a decompiler?

BAILOPAN 09-23-2009 18:00

Re: [PYTHON] Plugin reader
 
Not at all, a decompiler reconstructs source code.

lake393 09-23-2009 20:07

Re: [PYTHON] Plugin reader
 
So do we get to write sourcemod plugins in Python now?

neo_gis 09-23-2009 20:09

Re: [PYTHON] Plugin reader
 
Quote:

Originally Posted by BAILOPAN (Post 941793)
Not at all, a decompiler reconstructs source code.

is there a decompiler for SourcePawn ?

devicenull 09-23-2009 21:19

Re: [PYTHON] Plugin reader
 
Quote:

Originally Posted by neo_gis (Post 941892)
is there a decompiler for SourcePawn ?

amxxdump was ported to it (Check AMXX Off topic forum)

DJ Tsunami 09-24-2009 05:44

Re: [PYTHON] Plugin reader
 
Quote:

Originally Posted by lake393 (Post 941889)
So do we get to write sourcemod plugins in Python now?

No, this is just a Python script that reads SMX files, nothing more.

ubercow 09-24-2009 18:28

Re: [SNAKES] Plugin reader
 
It'd be useful if it could read the Name, Author, Etc. from the Plugin's Info section.

I don't know if that's possible or not.

devicenull 09-24-2009 19:33

Re: [SNAKES] Plugin reader
 
It's possible, but I don't see any useful application to it..

Dragonshadow 09-25-2009 08:47

Re: [SNAKES] Plugin reader
 
Quote:

Originally Posted by devicenull (Post 942690)
It's possible, but I don't see any useful application to it..

If you're making a list of what plugins are made by who, or need to output that info to something... I dunno.

olj 09-25-2009 09:42

Re: [SNAKES] Plugin reader
 
"sm plugins list" does that already. It can be used if you dont have access to this command but have access to plugins folder though.

DJ Tsunami 09-27-2009 16:33

Re: [SNAKES] Plugin reader
 
Or use GetPluginIterator and GetPluginInfo to read all that info.

devicenull 10-01-2009 12:30

Re: [SNAKES] Plugin reader
 
Updated the code to support Pawn's debug symbols. I've also posted my "decompiler", which is a first step at being able to decompile plugins.

NouveauJoueur 12-13-2009 06:49

Re: [SNAKES] Plugin reader/partial decompiler
 
Can you decompile this plugin for me please?
It got uploaded by this guy on one of my server :

STEAM_0:1:28442898

http://steamcommunity.com/profiles/76561198017151525

Known IP :

86.149.170.114
81.158.112.119

antihacker 12-13-2009 09:16

Re: [SNAKES] Plugin reader/partial decompiler
 
Its seem like, that the script registers to commands, set_rcon -> Command_SetRcon, send_me_rcon -> Command_SendRcon. Its indeend a rcon password stealer. http://pastebin.com/m60491bdf

bestmeth0ds 05-13-2011 20:36

Re: [SNAKES] Plugin reader/partial decompiler
 
If anyone could assist me I would be deeply appreciative. ;)

http://forums.alliedmods.net/showthread.php?t=156922

Peace-Maker 01-20-2012 06:16

Re: [SNAKES] Plugin reader/partial decompiler
 
3 Attachment(s)
Since this really can provide some useful fast information, here's a PHP version based off devicenull's code.

http://wcfan.de/diverse/spfile.php

You could also read that information in sourcepawn directly. Have a look at this plugin which displays information of unloaded plugins. (myinfo)

Thanks to theY4Kman's sm-gunzip INFLATE implementation. I've only tweaked it to read and write to intarrays instead of files and removed the gzip part, leaving only the INFLATE decompression algorithm.

The attached plugin provides a sm_unloaded_plugins server command. Run it via rcon to get a list of unloaded plugins placed in the /plugins folder.


All times are GMT -4. The time now is 18:21.

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.