Scroll to navigation

WSH(1) User Commands WSH(1)

NAME

wsh - The witchcraft shell

SYNOPSIS

wsh [script] [-h|-q|-v|-V] [binary1] [binary2] ... [-x [script_arg1] [script_arg2] ...]

DESCRIPTION

The Witchcraft Shell is part of the Witchcraft Compiler Collection.

The witchcraft shell accepts shared libraries, executables and Witchcraft Shell Scripts written in Punk-C as an input. It loads all the executables in its own address space and make their API available for programming in its embedded interpreter. This provides for binaries functionalities similar to those provided via reflection on interpreted languages like Java.

Options:

-x, --args Optional script argument separator -q, --quiet Display less output -v, --verbose Display more output -V, --version Display version and build, then exit

Script:

If the first argument is an existing file which is not a known binary file format, it is assumed to be a lua script and gets executed.

Binaries:

Any binary file name before the -x tag gets loaded before running the script. The last binary loaded is the main binary analyzed.

NOTES

The Witchcraft shell calls dlopen() on the shared libraries and executables it loads in its address space. In doing so, it may execute constructor functions from those executables. This may be unsafe if the intent is to analyse hostile code such as malware or binary exploits.
The Witcraft Compiler Collection is a set of reverse engineering tools.

AUTHOR

Written by endrazine (Jonathan Brossard)

REPORTING BUGS

Witchcraft Compiler Collection online bug tracker: <https://github.com/endrazine/wcc/issues>

COPYRIGHT

Copyright Jonathan Brossard
License : MIT and BSD Licenses. See <https://github.com/endrazine/wcc/blob/master/LICENSE>.

SEE ALSO

wcc(1), wld(1), wldd(1), wcch(1)

The full documentation of the Witchcraft Compiler Collection is available online at https://github.com/endrazine/wcc/wiki

April 2017 Witchcraft Compiler Collection