JoYo
/
scrap-is-not-scrap
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: JoYo:0b709669b08a459569cd774e31e30d8b83787c04
Branches Tags
JoYo:master
...
compare: JoYo:38706feff61c807983e00e284484faf1f4cf9fc5
Branches Tags
JoYo:master

2 Commits
0b709669b0 ... 38706feff6

Author SHA1 Message Date
JoYo 38706feff6 max op length assumed 2019-02-24 06:38:33 +00:00
JoYo ad6277c0ee capstone isn't disassembling the whole block, dumb heuristics for growth 2019-02-24 06:34:26 +00:00
1 changed files with 11 additions and 4 deletions
Show Stats Expand all files Collapse all files

15
sins/mutation.py
View File

@ -55,13 +55,20 @@ def generation(queue: Queue, shellcode: bytes):
def growth(*, shellcode: bytes, length: int) -> bytes: def growth(*, shellcode: bytes, length: int) -> bytes:
for mnemonic, op_str in disasm(shellcode):
if mnemonic == 'nop':
return bytes(shellcode)
if length <= len(shellcode): if length <= len(shellcode):
return bytes(shellcode) return bytes(shellcode)
opcodes = disasm(shellcode)
max_op_len = 15
if len(shellcode) > len(opcodes) * max_op_len:
return bytes(shellcode)
for mnemonic, op_str in opcodes:
if mnemonic == 'nop':
return bytes(shellcode)
shellcode = bytearray(shellcode) shellcode = bytearray(shellcode)
shellcode += b'\x90' shellcode += b'\x90'