wsh(1)
The witchcraft shell
Description
WSH
NAME
wsh - The witchcraft shell
SYNOPSIS
wsh [script] [-h|-q|-v|-V] [binary1] [binary2] ... [-x [script_arg1] [script_arg2] ...]
DESCRIPTION
The Witchcraft Shell is part of the Witchcraft Compiler Collection.
The witchcraft shell accepts shared libraries, executables and Witchcraft Shell Scripts written in Punk-C as an input. It loads all the executables in its own address space and make their API available for programming in its embedded interpreter. This provides for binaries functionalities similar to those provided via reflection on interpreted languages like Java.
Options:
-x, --args
Optional script argument separator
-q, --quiet Display less output
-v, --verbose Display more output
-V, --version Display version and build, then exit
Script:
If the first
argument is an existing file which is not a known binary
file format,
it is assumed to be a lua script and gets executed.
Binaries:
Any binary file
name before the -x tag gets loaded before running the
script.
The last binary loaded is the main binary analyzed.
NOTES
The Witchcraft
shell calls dlopen() on the shared libraries and executables
it loads in its address space. In doing so, it may execute
constructor functions from those executables. This may be
unsafe if the intent is to analyse hostile code such as
malware or binary exploits.
The Witcraft Compiler Collection is a set of reverse
engineering tools.
AUTHOR
Written by endrazine (Jonathan Brossard)
REPORTING BUGS
Witchcraft Compiler Collection online bug tracker: <https://github.com/endrazine/wcc/issues>
COPYRIGHT
Copyright
Jonathan Brossard
License : MIT and BSD Licenses. See
<https://github.com/endrazine/wcc/blob/master/LICENSE>.
SEE ALSO
wcc(1), wld(1), wldd(1), wcch(1)
The full documentation of the Witchcraft Compiler Collection is available online at https://github.com/endrazine/wcc/wiki