diff options
| author | Camille Mougey <camille.mougey@cea.fr> | 2014-12-03 19:34:34 +0100 |
|---|---|---|
| committer | Camille Mougey <camille.mougey@cea.fr> | 2014-12-03 22:29:33 +0100 |
| commit | 60ea6e9608a840c55ea0f276eebaa36751018ef5 (patch) | |
| tree | a72ad29d9902b17341e02ecb9f7e479826634e94 | |
| parent | 27b2fb9cb2af967f30a1a609b2c752545e13542c (diff) | |
| download | miasm-60ea6e9608a840c55ea0f276eebaa36751018ef5.tar.gz miasm-60ea6e9608a840c55ea0f276eebaa36751018ef5.zip | |
Loader: Move 'vm2pe' to loader/pe
| -rw-r--r-- | miasm2/jitter/jitload.py | 76 | ||||
| -rw-r--r-- | miasm2/jitter/loader/pe.py | 74 |
2 files changed, 74 insertions, 76 deletions
diff --git a/miasm2/jitter/jitload.py b/miasm2/jitter/jitload.py index f12e326b..e7a2af85 100644 --- a/miasm2/jitter/jitload.py +++ b/miasm2/jitter/jitload.py @@ -393,79 +393,3 @@ class jitter: """Set an unicode string in memory""" s = "\x00".join(list(s)) + '\x00' * 3 self.vm.set_mem(addr, s) - - - - -def vm2pe(myjit, fname, libs=None, e_orig=None, - min_addr=None, max_addr=None, - min_section_offset=0x1000, img_base=None, - added_funcs=None): - mye = pe_init.PE() - - if min_addr is None and e_orig is not None: - min_addr = min([e_orig.rva2virt(s.addr) for s in e_orig.SHList]) - if max_addr is None and e_orig is not None: - max_addr = max([e_orig.rva2virt(s.addr + s.size) for s in e_orig.SHList]) - - - if img_base is None: - img_base = e_orig.NThdr.ImageBase - - mye.NThdr.ImageBase = img_base - all_mem = myjit.vm.get_all_memory() - addrs = all_mem.keys() - addrs.sort() - mye.Opthdr.AddressOfEntryPoint = mye.virt2rva(myjit.cpu.EIP) - first = True - for ad in addrs: - if not min_addr <= ad < max_addr: - continue - log.debug('%s' % hex(ad)) - if first: - mye.SHList.add_section( - "%.8X" % ad, - addr=ad - mye.NThdr.ImageBase, - data=all_mem[ad]['data'], - offset=min_section_offset) - else: - mye.SHList.add_section( - "%.8X" % ad, - addr=ad - mye.NThdr.ImageBase, - data=all_mem[ad]['data']) - first = False - if libs: - if added_funcs is not None: - # name_inv = dict([(x[1], x[0]) for x in libs.name2off.items()]) - - for addr, funcaddr in added_func: - libbase, dllname = libs.fad2info[funcaddr] - libs.lib_get_add_func(libbase, dllname, addr) - - new_dll = libs.gen_new_lib(mye, lambda x: mye.virt.is_addr_in(x)) - else: - new_dll = {} - - log.debug('%s' % new_dll) - - mye.DirImport.add_dlldesc(new_dll) - s_imp = mye.SHList.add_section("import", rawsize=len(mye.DirImport)) - mye.DirImport.set_rva(s_imp.addr) - log.debug('%s' % repr(mye.SHList)) - if e_orig: - # resource - xx = str(mye) - mye.content = xx - ad = e_orig.NThdr.optentries[pe.DIRECTORY_ENTRY_RESOURCE].rva - log.debug('dirres %s' % hex(ad)) - if ad != 0: - mye.NThdr.optentries[pe.DIRECTORY_ENTRY_RESOURCE].rva = ad - mye.DirRes = pe.DirRes.unpack(xx, ad, mye) - # log.debug('%s' % repr(mye.DirRes)) - s_res = mye.SHList.add_section( - name="myres", rawsize=len(mye.DirRes)) - mye.DirRes.set_rva(s_res.addr) - log.debug('%s' % repr(mye.DirRes)) - # generation - open(fname, 'w').write(str(mye)) - return mye diff --git a/miasm2/jitter/loader/pe.py b/miasm2/jitter/loader/pe.py index 880f8f61..c0053f35 100644 --- a/miasm2/jitter/loader/pe.py +++ b/miasm2/jitter/loader/pe.py @@ -181,3 +181,77 @@ def vm_fix_imports_pe_libs(lib_imgs, libs, lib_path_base="win_dll", patch_vm_imp=True, **kargs): for e in lib_imgs.values(): preload_pe(e, libs, patch_vm_imp) + + +def vm2pe(myjit, fname, libs=None, e_orig=None, + min_addr=None, max_addr=None, + min_section_offset=0x1000, img_base=None, + added_funcs=None): + mye = pe_init.PE() + + if min_addr is None and e_orig is not None: + min_addr = min([e_orig.rva2virt(s.addr) for s in e_orig.SHList]) + if max_addr is None and e_orig is not None: + max_addr = max([e_orig.rva2virt(s.addr + s.size) for s in e_orig.SHList]) + + + if img_base is None: + img_base = e_orig.NThdr.ImageBase + + mye.NThdr.ImageBase = img_base + all_mem = myjit.vm.get_all_memory() + addrs = all_mem.keys() + addrs.sort() + mye.Opthdr.AddressOfEntryPoint = mye.virt2rva(myjit.cpu.EIP) + first = True + for ad in addrs: + if not min_addr <= ad < max_addr: + continue + log.debug('%s' % hex(ad)) + if first: + mye.SHList.add_section( + "%.8X" % ad, + addr=ad - mye.NThdr.ImageBase, + data=all_mem[ad]['data'], + offset=min_section_offset) + else: + mye.SHList.add_section( + "%.8X" % ad, + addr=ad - mye.NThdr.ImageBase, + data=all_mem[ad]['data']) + first = False + if libs: + if added_funcs is not None: + # name_inv = dict([(x[1], x[0]) for x in libs.name2off.items()]) + + for addr, funcaddr in added_func: + libbase, dllname = libs.fad2info[funcaddr] + libs.lib_get_add_func(libbase, dllname, addr) + + new_dll = libs.gen_new_lib(mye, lambda x: mye.virt.is_addr_in(x)) + else: + new_dll = {} + + log.debug('%s' % new_dll) + + mye.DirImport.add_dlldesc(new_dll) + s_imp = mye.SHList.add_section("import", rawsize=len(mye.DirImport)) + mye.DirImport.set_rva(s_imp.addr) + log.debug('%s' % repr(mye.SHList)) + if e_orig: + # resource + xx = str(mye) + mye.content = xx + ad = e_orig.NThdr.optentries[pe.DIRECTORY_ENTRY_RESOURCE].rva + log.debug('dirres %s' % hex(ad)) + if ad != 0: + mye.NThdr.optentries[pe.DIRECTORY_ENTRY_RESOURCE].rva = ad + mye.DirRes = pe.DirRes.unpack(xx, ad, mye) + # log.debug('%s' % repr(mye.DirRes)) + s_res = mye.SHList.add_section( + name="myres", rawsize=len(mye.DirRes)) + mye.DirRes.set_rva(s_res.addr) + log.debug('%s' % repr(mye.DirRes)) + # generation + open(fname, 'w').write(str(mye)) + return mye |