removed python and windows impl, it was not going anywhere
parent
c2f08290cf
commit
2ce5281a55
154
pic-windows.c
154
pic-windows.c
|
@ -1,154 +0,0 @@
|
|||
#ifndef WIN32_LEAN_AND_MEAN
|
||||
#define WIN32_LEAN_AND_MEAN
|
||||
#endif
|
||||
|
||||
#include <windows.h>
|
||||
#include <winsock2.h>
|
||||
#include <ws2tcpip.h>
|
||||
#include <iphlpapi.h>
|
||||
#include <assert.h>
|
||||
#include <stdio.h>
|
||||
#include <io.h>
|
||||
#include <stdlib.h>
|
||||
#include <malloc.h>
|
||||
#include <fcntl.h>
|
||||
#include <intrin.h>
|
||||
|
||||
#pragma comment(lib, "Ws2_32.lib")
|
||||
#pragma comment(lib, "Mswsock.lib")
|
||||
#pragma comment(lib, "AdvApi32.lib")
|
||||
|
||||
#define PORT 999
|
||||
#define PORT_STR "999"
|
||||
|
||||
typedef auto (*FUNCPTR)();
|
||||
|
||||
int __cdecl main(int argc, const char **argv)
|
||||
{
|
||||
auto retVal = SOCKET_ERROR;
|
||||
LPVOID picBuffer = NULL;
|
||||
HANDLE fileHandle;
|
||||
DWORD picBuffer_len = 0;
|
||||
DWORD oldProtect;
|
||||
char *fileInPath = argv[0];
|
||||
char *fileOutPath = argv[0];
|
||||
FUNCPTR func = NULL;
|
||||
|
||||
SecureZeroMemory(&fileHandle, sizeof(fileHandle));
|
||||
fileHandle = CreateFile(fileInPath, GENERIC_READ, 0, 0, OPEN_EXISTING, 0, 0);
|
||||
if (INVALID_HANDLE_VALUE == fileHandle)
|
||||
{
|
||||
retVal = GetLastError();
|
||||
goto CLEAN_UP;
|
||||
}
|
||||
|
||||
picBuffer_len = GetFileSize(fileHandle, &picBuffer_len);
|
||||
if (-1 == picBuffer_len)
|
||||
{
|
||||
retVal = GetLastError();
|
||||
goto CLEAN_UP;
|
||||
}
|
||||
|
||||
picBuffer = malloc(picBuffer_len);
|
||||
if (NULL == picBuffer)
|
||||
{
|
||||
retVal = GetLastError();
|
||||
goto CLEAN_UP;
|
||||
}
|
||||
|
||||
SecureZeroMemory(picBuffer, sizeof(picBuffer_len));
|
||||
retVal = VirtualProtect(picBuffer, picBuffer_len, PAGE_EXECUTE_READWRITE,
|
||||
&oldProtect);
|
||||
if (0 == retVal)
|
||||
{
|
||||
retVal = GetLastError();
|
||||
goto CLEAN_UP;
|
||||
}
|
||||
|
||||
SecureZeroMemory(&overlapped, sizeof(overlapped));
|
||||
retVal =
|
||||
ReadFile(fileHandle, picBuffer, picBuffer_len, &overlapped, NULL);
|
||||
if (FALSE == retVal)
|
||||
{
|
||||
retVal = GetLastError();
|
||||
goto CLEAN_UP;
|
||||
}
|
||||
|
||||
if (fileHandle)
|
||||
{
|
||||
CloseHandle(fileHandle);
|
||||
}
|
||||
|
||||
func = (FUNCPTR)picBuffer;
|
||||
|
||||
SecureZeroMemory(&wsaData, sizeof(wsaData));
|
||||
WSAStartup(MAKEWORD(2, 2), &wsaData);
|
||||
|
||||
/* create sockets */
|
||||
|
||||
OVERLAPPED overlapped;
|
||||
unsigned int listenSocket = INVALID_SOCKET;
|
||||
unsigned int clientSocket = INVALID_SOCKET;
|
||||
struct addrinfo *result = NULL;
|
||||
struct addrinfo hints;
|
||||
SOCKET socketReuse = INVALID_SOCKET;
|
||||
WSABUF messageBuffer;
|
||||
WSAOVERLAPPED sendOverlapped;
|
||||
WSADATA wsaData;
|
||||
|
||||
SecureZeroMemory(&hints, sizeof(hints));
|
||||
hints.ai_family = AF_INET;
|
||||
hints.ai_socktype = SOCK_STREAM;
|
||||
hints.ai_protocol = IPPROTO_TCP;
|
||||
hints.ai_flags = AI_PASSIVE;
|
||||
|
||||
retVal = getaddrinfo(NULL, PORT_STR, &hints, &result);
|
||||
if (SOCKET_ERROR == retVal)
|
||||
{
|
||||
retVal = WSAGetLastError();
|
||||
goto CLEAN_UP;
|
||||
}
|
||||
|
||||
listenSocket = INVALID_SOCKET;
|
||||
listenSocket =
|
||||
socket(result->ai_family, result->ai_socktype, result->ai_protocol);
|
||||
if (INVALID_SOCKET == listenSocket)
|
||||
{
|
||||
retVal = WSAGetLastError();
|
||||
goto CLEAN_UP;
|
||||
}
|
||||
|
||||
retVal = bind(listenSocket, result->ai_addr, (int)result->ai_addrlen);
|
||||
if (SOCKET_ERROR == retVal)
|
||||
{
|
||||
retVal = WSAGetLastError();
|
||||
goto CLEAN_UP;
|
||||
}
|
||||
|
||||
freeaddrinfo(result);
|
||||
|
||||
retVal = listen(listenSocket, SOMAXCONN);
|
||||
if (SOCKET_ERROR == retVal)
|
||||
{
|
||||
retVal = WSAGetLastError();
|
||||
goto CLEAN_UP;
|
||||
}
|
||||
|
||||
clientSocket = accept(listenSocket, NULL, NULL);
|
||||
if (INVALID_SOCKET == clientSocket)
|
||||
{
|
||||
retVal = WSAGetLastError();
|
||||
goto CLEAN_UP;
|
||||
}
|
||||
|
||||
socketReuse = func(); /** PIC test here **/
|
||||
|
||||
retVal = 0;
|
||||
CLEAN_UP:
|
||||
if (fileHandle)
|
||||
{
|
||||
CloseHandle(fileHandle);
|
||||
}
|
||||
WSACleanup();
|
||||
return retVal;
|
||||
}
|
13
scrap.asm
13
scrap.asm
|
@ -4,17 +4,14 @@
|
|||
mov rbp,rsp
|
||||
sub rsp,0x30
|
||||
mov QWORD [rbp-0x18],rdi
|
||||
mov QWORD [rbp-0x20],rsi
|
||||
mov DWORD [rbp-0x1c],esi
|
||||
mov QWORD [rbp-0x28],rdx
|
||||
mov QWORD [rbp-0x30],rcx
|
||||
mov rax,QWORD [rbp-0x28]
|
||||
mov QWORD [rbp-0x8],rax
|
||||
mov rdx,QWORD [rbp-0x30]
|
||||
mov rsi,QWORD [rbp-0x20]
|
||||
mov rcx,QWORD [rbp-0x18]
|
||||
mov ecx,DWORD [rbp-0x1c]
|
||||
mov rdx,QWORD [rbp-0x18]
|
||||
mov rax,QWORD [rbp-0x8]
|
||||
mov rdi,rcx
|
||||
mov esi,ecx
|
||||
mov rdi,rdx
|
||||
call rax
|
||||
nop
|
||||
leave
|
||||
ret
|
||||
|
|
|
@ -11,17 +11,14 @@
|
|||
#include <unistd.h>
|
||||
#include <openssl/sha.h>
|
||||
#include <signal.h>
|
||||
#include <setjmp.h>
|
||||
|
||||
#pragma comment(lib, "openssl/sha.lib")
|
||||
|
||||
#define SHA_SUM_LENGTH (SHA_DIGEST_LENGTH + SHA_DIGEST_LENGTH + 1)
|
||||
|
||||
jmp_buf jmpBuf;
|
||||
|
||||
void picProto(void *picAddr, size_t picSize, void *clonePtr, char *checksum) {
|
||||
void picProto(void *picAddr, size_t picSize, void *clonePtr) {
|
||||
void (*cloneFunc)(void *, size_t, char *) = clonePtr;
|
||||
cloneFunc(picAddr, picSize, checksum);
|
||||
cloneFunc(picAddr, picSize);
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -67,16 +64,6 @@ CLONE_CLEANUP:
|
|||
return;
|
||||
}
|
||||
|
||||
void magic_handler(int sig) {
|
||||
|
||||
switch (sig) {
|
||||
|
||||
case SIGSEGV:
|
||||
longjmp(jmpBuf, 1);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
int main(int argc, const char **argv) {
|
||||
auto retVal = EX_SOFTWARE;
|
||||
char fileInPath[SHA_SUM_LENGTH];
|
||||
|
@ -99,9 +86,7 @@ int main(int argc, const char **argv) {
|
|||
goto MAIN_CLEANUP;
|
||||
}
|
||||
|
||||
void *picBuffer =
|
||||
mmap(NULL, picStat.st_size, PROT_READ | PROT_WRITE | PROT_EXEC,
|
||||
MAP_ANON | MAP_PRIVATE, -1, 0);
|
||||
void *picBuffer = mmap(NULL, picStat.st_size, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANON | MAP_PRIVATE, -1, 0);
|
||||
if (MAP_FAILED == picBuffer) {
|
||||
retVal = errno;
|
||||
goto MAIN_CLEANUP;
|
||||
|
@ -124,12 +109,7 @@ int main(int argc, const char **argv) {
|
|||
|
||||
signal(SIGSEGV, magic_handler);
|
||||
|
||||
if (!setjmp(jmpBuf)) {
|
||||
picFunc(picBuffer, picStat.st_size, cloneFunc, checksum);
|
||||
} else {
|
||||
retVal = errno;
|
||||
goto MAIN_CLEANUP;
|
||||
}
|
||||
|
||||
strncpy(fileInPath, checksum, SHA_SUM_LENGTH);
|
||||
|
38
sins.py
38
sins.py
|
@ -1,38 +0,0 @@
|
|||
#! /usr/bin/env python
|
||||
# encoding: utf-8
|
||||
|
||||
import mmap
|
||||
import ctypes
|
||||
|
||||
class Sins:
|
||||
def __init__(self):
|
||||
self.seed = open('./build/scrap.asm.2.o', 'rb').read()
|
||||
self.pic = self.pic_load(self.seed)
|
||||
self.callback = ctypes.PYFUNCTYPE(ctypes.c_void_p, ctypes.c_int, ctypes.py_object)(self.callme)
|
||||
|
||||
def pic_load(self, seedling):
|
||||
size = len(seedling)
|
||||
prot = (mmap.PROT_READ | mmap.PROT_WRITE | mmap.PROT_EXEC)
|
||||
page = mmap.mmap(-1, size, prot=prot)
|
||||
page.write(seedling)
|
||||
addr = ctypes.addressof((ctypes.c_char * size).from_buffer(page))
|
||||
|
||||
func = ctypes.CFUNCTYPE(ctypes.c_void_p, ctypes.c_void_p, ctypes.c_int)(addr)
|
||||
func.page = page
|
||||
func.addr = addr
|
||||
func.size = size
|
||||
|
||||
return func
|
||||
|
||||
def callme(self, picAddr, picSize):
|
||||
print('So Happy.')
|
||||
|
||||
if __name__ == '__main__':
|
||||
import pprint
|
||||
pp = pprint.PrettyPrinter()
|
||||
|
||||
sins = Sins()
|
||||
|
||||
print('pic_load')
|
||||
|
||||
pp.pprint(sins.pic(sins.callback, sins.pic.size))
|
Loading…
Reference in New Issue