check for nop before growth
JoYo
parent
d6f1f12669
commit
db785d80da
|
|
@ -4,6 +4,8 @@ from random import randint
|
|||
import ctypes
|
||||
import mmap
|
||||
|
||||
from .disassemble import disasm
|
||||
|
||||
seed_shell = b''.join([
|
||||
b'\x55',
|
||||
b'\x48\x89\xe5',
|
||||
|
|
@ -53,14 +55,14 @@ def generation(queue: Queue, shellcode: bytes):
|
|||
|
||||
|
||||
def growth(*, shellcode: bytes, length: int) -> bytes:
|
||||
for mnemonic, op_str in disasm(shellcode):
|
||||
if mnemonic == 'nop':
|
||||
return bytes(shellcode)
|
||||
|
||||
if length <= len(shellcode):
|
||||
return bytes(shellcode)
|
||||
|
||||
shellcode = bytearray(shellcode)
|
||||
|
||||
# slow growth and stop shrinking
|
||||
if length > len(shellcode):
|
||||
growth = 1
|
||||
else:
|
||||
growth = 0
|
||||
|
||||
shellcode = shellcode + (b'\x90' * growth)
|
||||
shellcode += b'\x90'
|
||||
|
||||
return bytes(shellcode)
|
||||
|
|
|
|||
11
sins/orm.py
11
sins/orm.py
|
|
@ -43,7 +43,7 @@ class ScrapNode(Base):
|
|||
self.image = child
|
||||
self.length = len(child)
|
||||
self.sha1sum
|
||||
self.disasm = disasm(child)
|
||||
self.disasm = str(disasm(child))
|
||||
|
||||
def __repr__(self):
|
||||
values = {
|
||||
|
|
@ -66,12 +66,3 @@ class ScrapNode(Base):
|
|||
self.checksum = checksum.hexdigest()
|
||||
|
||||
return self.checksum
|
||||
|
||||
|
||||
def disasm(shellcode: bytes) -> str:
|
||||
opcodes = list()
|
||||
|
||||
for opcode in capstone.disasm(shellcode, 0):
|
||||
opcodes += f'{opcode.mnemonic} {opcode.op_str}\n'
|
||||
|
||||
return opcodes
|
||||
|
|
|
|||
17
sins/run.py
17
sins/run.py
|
|
@ -65,24 +65,21 @@ def sins():
|
|||
seed_data = seed_file.read()
|
||||
|
||||
seed = ScrapNode(child=seed_data)
|
||||
|
||||
exists = session.query(ScrapNode).filter(
|
||||
ScrapNode.checksum == seed.checksum)
|
||||
|
||||
if exists:
|
||||
seed = exists[0]
|
||||
else:
|
||||
session.add(seed)
|
||||
session.commit()
|
||||
logger.debug(f'args.seed:\n{seed}')
|
||||
elif recent:
|
||||
seed = recent
|
||||
logger.debug(f'recent:\n{seed}')
|
||||
else:
|
||||
seed = ScrapNode(child=seed_shell)
|
||||
logger.debug(f'seed_shell:\n{seed}')
|
||||
|
||||
exists = session.query(ScrapNode).filter(ScrapNode.checksum == seed.checksum).all()
|
||||
|
||||
if exists:
|
||||
seed = exists[0]
|
||||
else:
|
||||
session.add(seed)
|
||||
session.commit()
|
||||
logger.debug(f'seed_shell:\n{seed}')
|
||||
|
||||
parent = seed
|
||||
queue = Queue()
|
||||
|
|
|
|||
Loading…
Reference in New Issue