diff options
| author | serpilliere <devnull@localhost> | 2012-05-22 16:39:06 +0200 |
|---|---|---|
| committer | serpilliere <devnull@localhost> | 2012-05-22 16:39:06 +0200 |
| commit | 309d89a9d579c3a7e500fecb037bd09ef89aadec (patch) | |
| tree | a9c3b0cdd8a85b0052af2df84aa7f9edc5f2f683 | |
| parent | 94a0e6eb3c795190320addbe3907fc5c25ea99ab (diff) | |
| download | focaccia-miasm-309d89a9d579c3a7e500fecb037bd09ef89aadec.tar.gz focaccia-miasm-309d89a9d579c3a7e500fecb037bd09ef89aadec.zip | |
seh_helper: can accept pre parsed modules_name
| -rw-r--r-- | miasm/tools/seh_helper.py | 11 | ||||
| -rw-r--r-- | miasm/tools/to_c_helper.py | 8 |
2 files changed, 13 insertions, 6 deletions
diff --git a/miasm/tools/seh_helper.py b/miasm/tools/seh_helper.py index 156c69ad..f2fe6869 100644 --- a/miasm/tools/seh_helper.py +++ b/miasm/tools/seh_helper.py @@ -171,12 +171,18 @@ def build_fake_inordermodule(modules_name): o += (0x1000 - len(o))*"C" for i, m in enumerate(modules_name): #fname = os.path.join('win_dll', m) - fname = m + if len(m) == 1: + fname, e = m, None + elif len(m) ==2: + fname, e = m + else: + raise ValueError('unknown modules_name r'%m) bname = os.path.split(fname)[1].lower() bname = "\x00".join(bname)+"\x00" print "add module", repr(bname) print hex(in_load_order_module_1+i*0x1000) - e = pe_init.PE(open(fname, 'rb').read()) + if e == None: + e = pe_init.PE(open(fname, 'rb').read()) next_ad = in_load_order_module_1 + (i+1)*0x1000 if i == len(modules_name) -1: @@ -226,7 +232,6 @@ def init_seh(): vm_add_memory_page(peb_address, PAGE_READ | PAGE_WRITE, build_fake_peb()) #vm_add_memory_page(peb_ldr_data_address, PAGE_READ | PAGE_WRITE, p(0) * 3 + p(in_load_order_module_list_address) + p(0) * 0x20) vm_add_memory_page(peb_ldr_data_address, PAGE_READ | PAGE_WRITE, build_fake_ldr_data()) - #vm_add_memory_page(in_load_order_module_list_address, PAGE_READ | PAGE_WRITE, p(0) * 40) vm_add_memory_page(in_load_order_module_list_address, PAGE_READ | PAGE_WRITE, build_fake_inordermodule(loaded_modules)) vm_add_memory_page(default_seh, PAGE_READ | PAGE_WRITE, p(0xffffffff) + p(0x41414141) + p(0x42424242)) diff --git a/miasm/tools/to_c_helper.py b/miasm/tools/to_c_helper.py index 21329ec1..9b764e15 100644 --- a/miasm/tools/to_c_helper.py +++ b/miasm/tools/to_c_helper.py @@ -1177,15 +1177,15 @@ def load_pe_in_vm(fname_in, options, all_imp_dll = None, **kargs): runtime_dll.add_export_lib(ee, n) exp_funcs = pe_helper.get_export_name_addr_list(ee) exp_func[n] = exp_funcs - all_pe.append(ee) + all_pe.append((fname, ee)) - for ee in all_pe: + for fname, ee in all_pe: pe_helper.preload_lib(ee, runtime_dll) seh_helper.runtime_dll = runtime_dll if options.loadmainpe: seh_helper.main_pe = e seh_helper.main_pe_name = "c:\\xxx\\"+kargs.get("main_pe_name", "toto.exe") - seh_helper.loaded_modules = ['win_dll/'+x for x in mod_list] + seh_helper.loaded_modules = all_pe dll_dyn_funcs = pe_helper.preload_lib(e, runtime_dll) win_api.winobjs.runtime_dll = runtime_dll @@ -1201,6 +1201,7 @@ def load_pe_in_vm(fname_in, options, all_imp_dll = None, **kargs): "\x00"*stack_size) dump_memory_page_pool_py() + regs = vm_get_gpreg() regs['esp'] = stack_base_ad+stack_size vm_set_gpreg(regs) @@ -1216,6 +1217,7 @@ def load_pe_in_vm(fname_in, options, all_imp_dll = None, **kargs): segm_to_do = {} symbol_pool = asmbloc.asm_symbol_pool() + return e, in_str, runtime_dll, segm_to_do, symbol_pool |