Compare commits
No commits in common. "a6283703657eb4077a7fdab03da6b056a132dff5" and "38706feff61c807983e00e284484faf1f4cf9fc5" have entirely different histories.
a628370365
...
38706feff6
|
@ -2,4 +2,3 @@
|
||||||
from .run import sins
|
from .run import sins
|
||||||
from .mutation import generation, mutate
|
from .mutation import generation, mutate
|
||||||
from .orm import db_config, ScrapNode
|
from .orm import db_config, ScrapNode
|
||||||
from .disassemble import disasm, objdump
|
|
||||||
|
|
|
@ -4,8 +4,7 @@ import json
|
||||||
|
|
||||||
capstone = Cs(CS_ARCH_X86, CS_MODE_64)
|
capstone = Cs(CS_ARCH_X86, CS_MODE_64)
|
||||||
|
|
||||||
|
def disasm(shellcode: bytes)->list:
|
||||||
def disasm(shellcode: bytes) -> list:
|
|
||||||
opcodes = list()
|
opcodes = list()
|
||||||
|
|
||||||
for opcode in capstone.disasm(shellcode, 0):
|
for opcode in capstone.disasm(shellcode, 0):
|
||||||
|
@ -13,8 +12,7 @@ def disasm(shellcode: bytes) -> list:
|
||||||
|
|
||||||
return opcodes
|
return opcodes
|
||||||
|
|
||||||
|
def objdump(shellcode: bytes)->str:
|
||||||
def objdump(shellcode: bytes) -> str:
|
|
||||||
opcodes = str()
|
opcodes = str()
|
||||||
|
|
||||||
for opcode in capstone.disasm(shellcode, 0):
|
for opcode in capstone.disasm(shellcode, 0):
|
||||||
|
|
|
@ -54,14 +54,20 @@ def generation(queue: Queue, shellcode: bytes):
|
||||||
queue.put(result)
|
queue.put(result)
|
||||||
|
|
||||||
|
|
||||||
def growth(*, shellcode: bytes, objdump: str) -> bytes:
|
def growth(*, shellcode: bytes, length: int) -> bytes:
|
||||||
|
if length <= len(shellcode):
|
||||||
|
return bytes(shellcode)
|
||||||
|
|
||||||
|
opcodes = disasm(shellcode)
|
||||||
|
|
||||||
max_op_len = 15
|
max_op_len = 15
|
||||||
|
|
||||||
if len(shellcode) > objdump.count('\n') * max_op_len:
|
if len(shellcode) > len(opcodes) * max_op_len:
|
||||||
return bytes(shellcode)
|
return bytes(shellcode)
|
||||||
|
|
||||||
if objdump.count('nop'):
|
for mnemonic, op_str in opcodes:
|
||||||
return bytes(shellcode)
|
if mnemonic == 'nop':
|
||||||
|
return bytes(shellcode)
|
||||||
|
|
||||||
shellcode = bytearray(shellcode)
|
shellcode = bytearray(shellcode)
|
||||||
shellcode += b'\x90'
|
shellcode += b'\x90'
|
||||||
|
|
|
@ -6,6 +6,9 @@ from sqlalchemy import LargeBinary, Column, ForeignKey, Integer, String, DateTim
|
||||||
from sqlalchemy.ext.declarative import declarative_base
|
from sqlalchemy.ext.declarative import declarative_base
|
||||||
from sqlalchemy.orm import Session, relationship, backref
|
from sqlalchemy.orm import Session, relationship, backref
|
||||||
from sqlalchemy.orm.collections import attribute_mapped_collection
|
from sqlalchemy.orm.collections import attribute_mapped_collection
|
||||||
|
import json
|
||||||
|
|
||||||
|
from .disassemble import objdump
|
||||||
|
|
||||||
now = '{0:%Y%m%dT%H%M%S}'.format(datetime.utcnow())
|
now = '{0:%Y%m%dT%H%M%S}'.format(datetime.utcnow())
|
||||||
Base = declarative_base()
|
Base = declarative_base()
|
||||||
|
@ -40,6 +43,7 @@ class ScrapNode(Base):
|
||||||
self.image = child
|
self.image = child
|
||||||
self.length = len(child)
|
self.length = len(child)
|
||||||
self.sha1sum
|
self.sha1sum
|
||||||
|
self.objdump = objdump(child)
|
||||||
|
|
||||||
def __repr__(self):
|
def __repr__(self):
|
||||||
values = {
|
values = {
|
||||||
|
|
13
sins/run.py
13
sins/run.py
|
@ -10,7 +10,6 @@ import logging
|
||||||
|
|
||||||
from .mutation import generation, mutate, seed_shell, growth
|
from .mutation import generation, mutate, seed_shell, growth
|
||||||
from .orm import db_config, ScrapNode
|
from .orm import db_config, ScrapNode
|
||||||
from .disassemble import objdump
|
|
||||||
|
|
||||||
|
|
||||||
def sins():
|
def sins():
|
||||||
|
@ -95,21 +94,15 @@ def sins():
|
||||||
lineage += 1
|
lineage += 1
|
||||||
continue
|
continue
|
||||||
|
|
||||||
if result != len(scrap):
|
if not result:
|
||||||
lineage += 1
|
lineage += 1
|
||||||
continue
|
continue
|
||||||
|
|
||||||
opcodes = objdump(scrap)
|
scrap = growth(shellcode=scrap, length=result)
|
||||||
ops_count = opcodes.count('\n')
|
|
||||||
|
|
||||||
logger.debug({'result': result, 'ops': ops_count})
|
|
||||||
|
|
||||||
scrap = growth(shellcode=scrap, objdump=opcodes)
|
|
||||||
|
|
||||||
parent = ScrapNode(child=scrap, parent_id=parent.id)
|
parent = ScrapNode(child=scrap, parent_id=parent.id)
|
||||||
parent.objdump = opcodes
|
|
||||||
session.add(parent)
|
session.add(parent)
|
||||||
session.commit()
|
session.commit()
|
||||||
|
|
||||||
logger.info(parent)
|
logger.info(f'scrap:\n{parent}')
|
||||||
lineage = 0
|
lineage = 0
|
||||||
|
|
Loading…
Reference in New Issue