check for nop before growth
JoYo
parent
d6f1f12669
commit
db785d80da
|
|
@ -4,6 +4,8 @@ from random import randint
|
||||||
import ctypes
|
import ctypes
|
||||||
import mmap
|
import mmap
|
||||||
|
|
||||||
|
from .disassemble import disasm
|
||||||
|
|
||||||
seed_shell = b''.join([
|
seed_shell = b''.join([
|
||||||
b'\x55',
|
b'\x55',
|
||||||
b'\x48\x89\xe5',
|
b'\x48\x89\xe5',
|
||||||
|
|
@ -53,14 +55,14 @@ def generation(queue: Queue, shellcode: bytes):
|
||||||
|
|
||||||
|
|
||||||
def growth(*, shellcode: bytes, length: int) -> bytes:
|
def growth(*, shellcode: bytes, length: int) -> bytes:
|
||||||
|
for mnemonic, op_str in disasm(shellcode):
|
||||||
|
if mnemonic == 'nop':
|
||||||
|
return bytes(shellcode)
|
||||||
|
|
||||||
|
if length <= len(shellcode):
|
||||||
|
return bytes(shellcode)
|
||||||
|
|
||||||
shellcode = bytearray(shellcode)
|
shellcode = bytearray(shellcode)
|
||||||
|
shellcode += b'\x90'
|
||||||
# slow growth and stop shrinking
|
|
||||||
if length > len(shellcode):
|
|
||||||
growth = 1
|
|
||||||
else:
|
|
||||||
growth = 0
|
|
||||||
|
|
||||||
shellcode = shellcode + (b'\x90' * growth)
|
|
||||||
|
|
||||||
return bytes(shellcode)
|
return bytes(shellcode)
|
||||||
|
|
|
||||||
11
sins/orm.py
11
sins/orm.py
|
|
@ -43,7 +43,7 @@ class ScrapNode(Base):
|
||||||
self.image = child
|
self.image = child
|
||||||
self.length = len(child)
|
self.length = len(child)
|
||||||
self.sha1sum
|
self.sha1sum
|
||||||
self.disasm = disasm(child)
|
self.disasm = str(disasm(child))
|
||||||
|
|
||||||
def __repr__(self):
|
def __repr__(self):
|
||||||
values = {
|
values = {
|
||||||
|
|
@ -66,12 +66,3 @@ class ScrapNode(Base):
|
||||||
self.checksum = checksum.hexdigest()
|
self.checksum = checksum.hexdigest()
|
||||||
|
|
||||||
return self.checksum
|
return self.checksum
|
||||||
|
|
||||||
|
|
||||||
def disasm(shellcode: bytes) -> str:
|
|
||||||
opcodes = list()
|
|
||||||
|
|
||||||
for opcode in capstone.disasm(shellcode, 0):
|
|
||||||
opcodes += f'{opcode.mnemonic} {opcode.op_str}\n'
|
|
||||||
|
|
||||||
return opcodes
|
|
||||||
|
|
|
||||||
17
sins/run.py
17
sins/run.py
|
|
@ -65,24 +65,21 @@ def sins():
|
||||||
seed_data = seed_file.read()
|
seed_data = seed_file.read()
|
||||||
|
|
||||||
seed = ScrapNode(child=seed_data)
|
seed = ScrapNode(child=seed_data)
|
||||||
|
|
||||||
exists = session.query(ScrapNode).filter(
|
|
||||||
ScrapNode.checksum == seed.checksum)
|
|
||||||
|
|
||||||
if exists:
|
|
||||||
seed = exists[0]
|
|
||||||
else:
|
|
||||||
session.add(seed)
|
|
||||||
session.commit()
|
|
||||||
logger.debug(f'args.seed:\n{seed}')
|
logger.debug(f'args.seed:\n{seed}')
|
||||||
elif recent:
|
elif recent:
|
||||||
seed = recent
|
seed = recent
|
||||||
logger.debug(f'recent:\n{seed}')
|
logger.debug(f'recent:\n{seed}')
|
||||||
else:
|
else:
|
||||||
seed = ScrapNode(child=seed_shell)
|
seed = ScrapNode(child=seed_shell)
|
||||||
|
logger.debug(f'seed_shell:\n{seed}')
|
||||||
|
|
||||||
|
exists = session.query(ScrapNode).filter(ScrapNode.checksum == seed.checksum).all()
|
||||||
|
|
||||||
|
if exists:
|
||||||
|
seed = exists[0]
|
||||||
|
else:
|
||||||
session.add(seed)
|
session.add(seed)
|
||||||
session.commit()
|
session.commit()
|
||||||
logger.debug(f'seed_shell:\n{seed}')
|
|
||||||
|
|
||||||
parent = seed
|
parent = seed
|
||||||
queue = Queue()
|
queue = Queue()
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue