diff options
Diffstat (limited to 'example/jitter')
| -rw-r--r-- | example/jitter/unpack_upx.py | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/example/jitter/unpack_upx.py b/example/jitter/unpack_upx.py index f1f179b8..72a9feb3 100644 --- a/example/jitter/unpack_upx.py +++ b/example/jitter/unpack_upx.py @@ -25,7 +25,8 @@ def kernel32_GetProcAddress(jitter): else jitter.get_str_ansi(args.fname)) logging.info(fname) - # Get the generated address of the library, and store it in memory to dst_ad + # Get the generated address of the library, and store it in memory to + # dst_ad ad = sb.libs.lib_get_add_func(args.libbase, fname, dst_ad) # Add a breakpoint in case of a call on the resolved function # NOTE: never happens in UPX, just for skeleton @@ -34,7 +35,6 @@ def kernel32_GetProcAddress(jitter): jitter.func_ret_stdcall(ret_ad, ad) - parser = Sandbox_Win_x86_32.parser(description="Generic UPX unpacker") parser.add_argument("filename", help="PE Filename") parser.add_argument('-v', "--verbose", @@ -43,7 +43,9 @@ parser.add_argument("--graph", help="Export the CFG graph in graph.dot", action="store_true") options = parser.parse_args() -sb = Sandbox_Win_x86_32(options.filename, options, globals()) +options.load_hdr = True +sb = Sandbox_Win_x86_32(options.filename, options, globals(), + parse_reloc=False) if options.verbose is True: @@ -84,7 +86,7 @@ def update_binary(jitter): logging.info('updating binary') for s in sb.pe.SHList: sdata = sb.jitter.vm.get_mem(sb.pe.rva2virt(s.addr), s.rawsize) - sb.pe.virt[sb.pe.rva2virt(s.addr)] = sdata + sb.pe.rva.set(s.addr, sdata) # Stop execution jitter.run = False |