Beispiel #1
0
    def loadmodule(modulename, lnk):
        st = linker.coffexecutable()
        symlookup = {}

        pe = modulelookup[modulename].load()['Pe']
        print('using', modulename, 'from memory address',
              '%x' % pe.parent.getoffset())

        st.load(pe.parent, modulename)
        symlookup[modulename] = {k: st[k] for k in st.getglobals()}

        for module, name in (tuple(k.split('!')) for k in lnk.getglobals()
                             if '!' in k and lnk[k] is None):
            if module != modulename:
                continue
            fullname = '%s!%s' % (module, name)
            s = symlookup[module]

            try:
                lnk[fullname] = s[fullname]
            except KeyError:
                # XXX: shell32.dll tries to import from user32.dll!Ordinal2000...which doesn't exist
                #      OFT: 800007d0 FT: 77D15AA6 HINT: N/A Name: Ordinal: 000007d0
                print("Some crazy module wants to import from %s" % fullname)
            continue
        return st
Beispiel #2
0
        def loadmodule(modulename, lnk, lookup):
            st = linker.coffexecutable()

            symlookup = {}
            if modulename in lookup:
                pe = modulelookup[modulename].load()['Pe']
                print('using', modulename, 'from memory address',
                      '%x' % pe.parent.getoffset())

                st.load(pe.parent, modulename)
                symlookup[modulename] = dict(
                    ((k, st[k]) for k in st.getglobals()))

                #            raise NotImplementedError
                # Somehow a few of our exports in the iat don't get set
                # this is in coffexecutable

                for module, name in (tuple(k.split('!'))
                                     for k in lnk.getglobals()
                                     if '!' in k and lnk[k] is None):
                    if module != modulename:
                        continue
                    fullname = '%s!%s' % (module, name)
                    s = symlookup[module]

                    try:
                        lnk[fullname] = s[fullname]
                    except KeyError:
                        # XXX: shell32.dll tries to import from user32.dll!Ordinal2000...which doesn't exist
                        #      OFT: 800007d0 FT: 77D15AA6 HINT: N/A Name: Ordinal: 000007d0
                        print("Some crazy module wants to import from %s" %
                              fullname)

                return

            #        print('reading',modulename,'from disk')

            failure = True
            search = list(searchpath)
            path = search.pop(0)
            while failure:
                fullpath = (path + '/' + modulename)
                try:
                    st.open(fullpath)
                    print('loaded module from %s' % fullpath)
                    failure = False
                except IOError:
                    print('unable to locate %s, trying next searchpath' %
                          fullpath)
                    path = search.pop(0)
                    continue
                continue
            lnk.add(st)
Beispiel #3
0
        def loadmodule(modulename, lnk, lookup):
            st = linker.coffexecutable()

            symlookup = {}
            if modulename in lookup:
                pe = modulelookup[modulename].load()['Pe']
                print 'using',modulename,'from memory address', '%x'% pe.parent.getoffset()

                st.load(pe.parent,modulename)
                symlookup[modulename] = dict( ((k, st[k]) for k in st.getglobals()) )

                #            raise NotImplementedError
                # Somehow a few of our exports in the iat don't get set
                # this is in coffexecutable

                for module,name in ( tuple(k.split('!')) for k in lnk.getglobals() if '!' in k and lnk[k] is None ):
                    if module != modulename:
                        continue
                    fullname = '%s!%s'%(module,name)
                    s = symlookup[module]

                    try:
                        lnk[fullname] = s[fullname]
                    except KeyError:
                        # XXX: shell32.dll tries to import from user32.dll!Ordinal2000...which doesn't exist
                        #      OFT: 800007d0 FT: 77D15AA6 HINT: N/A Name: Ordinal: 000007d0
                        print "Some crazy module wants to import from %s"% fullname

                return

            #        print 'reading',modulename,'from disk'

            failure = True
            search = list(searchpath)
            path = search.pop(0)
            while failure:
                fullpath = (path + '/' + modulename)
                try:
                    st.open(fullpath)
                    print 'loaded module from %s'% fullpath
                    failure = False
                except IOError:
                    print 'unable to locate %s, trying next searchpath'% fullpath
                    path = search.pop(0)
                    continue
                continue
            lnk.add(st)
Beispiel #4
0
    def openmodule(modulename, lnk):
        st = linker.coffexecutable()

        failure = True
        search = list(searchpath)
        path = search.pop(0)
        while failure:
            fullpath = (path + '/' + modulename)
            try:
                st.open(fullpath)
                print('loaded module from %s' % fullpath)
                failure = False
            except IOError:
                print('unable to locate %s, trying next searchpath' % fullpath)
                path = search.pop(0)
                continue
            continue
        return st
Beispiel #5
0
    def openmodule(modulename, lnk):
        st = linker.coffexecutable()

        failure = True
        search = list(searchpath)
        path = search.pop(0)
        while failure:
            fullpath = (path + '/' + modulename)
            try:
                st.open(fullpath)
                print 'loaded module from %s'% fullpath
                failure = False
            except IOError:
                print 'unable to locate %s, trying next searchpath'% fullpath
                path = search.pop(0)
                continue
            continue
        return st
Beispiel #6
0
    def loadmodule(modulename, lnk):
        st = linker.coffexecutable()
        symlookup = {}

        pe = modulelookup[modulename].load()['Pe']
        print 'using',modulename,'from memory address', '%x'% pe.parent.getoffset()

        st.load(pe.parent,modulename)
        symlookup[modulename] = dict( ((k, st[k]) for k in st.getglobals()) )

        for module,name in ( tuple(k.split('!')) for k in lnk.getglobals() if '!' in k and lnk[k] is None ):
            if module != modulename:
                continue
            fullname = '%s!%s'%(module,name)
            s = symlookup[module]

            try:
                lnk[fullname] = s[fullname]
            except KeyError:
                # XXX: shell32.dll tries to import from user32.dll!Ordinal2000...which doesn't exist
                #      OFT: 800007d0 FT: 77D15AA6 HINT: N/A Name: Ordinal: 000007d0
                print "Some crazy module wants to import from %s"% fullname
            continue
        return st