def windows_setup64(ql):
ql.STRUCTERS_LAST_ADDR = GS_SEGMENT_ADDR
ql.PE_IMAGE_BASE = 0
ql.PE_IMAGE_SIZE = 0
ql.DEFAULT_IMAGE_BASE = 0x140000000
ql.entry_point = 0
ql.HEAP_BASE_ADDR = 0x500000000
ql.HEAP_SIZE = 0x5000000
ql.DLL_BASE_ADDR = 0x7ffff0000000
ql.DLL_SIZE = 0
ql.DLL_LAST_ADDR = ql.DLL_BASE_ADDR
ql.RUN = True
ql.heap = Heap(ql, ql.HEAP_BASE_ADDR, ql.HEAP_BASE_ADDR + ql.HEAP_SIZE)
ql.hook_mem_unmapped(ql_x86_windows_hook_mem_error)
# setup gdt
set_pe64_gdt(ql)
# handle manager
ql.handle_manager = HandleManager()
# registry manger
ql.registry_manager = RegistryManager(ql)
# clipboard manager
ql.clipboard = Clipboard(ql)
# fibers
ql.fiber_manager = FiberManager(ql)
# Place to set errors for retrieval by GetLastError()
ql.last_error = 0
# thread manager
main_thread = Thread(ql)
ql.thread_manager = ThreadManager(ql, main_thread)
new_handle = Handle(thread=main_thread)
ql.handle_manager.append(new_handle)
# user configuration
ql.config = ql_init_configuration(ql)
# variables used inside hooks
ql.hooks_variables = {}
def windows_setup64(ql):
ql.GS_SEGMENT_ADDR = 0x6000
ql.GS_SEGMENT_SIZE = 0x8000
ql.STRUCTERS_LAST_ADDR = ql.GS_SEGMENT_ADDR
ql.DLL_BASE_ADDR = 0x7ffff0000000
ql.DLL_SIZE = 0
ql.DLL_LAST_ADDR = ql.DLL_BASE_ADDR
ql.HEAP_BASE_ADDR = 0x500000000
ql.HEAP_SIZE = 0x5000000
ql.PE_IMAGE_BASE = 0
ql.PE_IMAGE_SIZE = 0
ql.DEFAULT_IMAGE_BASE = 0x140000000
ql.entry_point = 0
ql.RUN = True
ql.heap = Heap(ql, ql.HEAP_BASE_ADDR, ql.HEAP_BASE_ADDR + ql.HEAP_SIZE)
# setup gdt
set_pe64_gdt(ql)
# handle manager
ql.handle_manager = HandleManager()
# registry manger
ql.registry_manager = RegistryManager(ql)
# clipboard manager
ql.clipboard = Clipboard(ql)
# fibers
ql.fiber_manager = FiberManager(ql)
# Place to set errors for retrieval by GetLastError()
ql.last_error = 0
# thread manager
main_thread = Thread(ql)
ql.thread_manager = ThreadManager(ql, main_thread)
new_handle = Handle(thread=main_thread)
ql.handle_manager.append(new_handle)
def load(self):
if self.ql.ostype == QL_MACOS:
if not self.ql.shellcoder:
from qiling.loader.macho import QlLoaderMacho
self.er = QlLoaderMacho(self.ql, self.ql.path,
self.ql.os.stack_sp, [self.ql.path],
self.ql.os.envs, self.ql.os.apples, 1)
self.er.loadMacho()
self.ql.os.macho_task.min_offset = page_align_end(
self.er.vm_end_addr, PAGE_SIZE)
self.ql.stack_address = (int(self.ql.stack_sp))
elif self.ql.ostype == QL_WINDOWS:
from qiling.loader.pe import QlLoaderPE
if self.ql.path and not self.ql.shellcoder:
self.er = QlLoaderPE(self.ql, path=self.ql.path)
else:
self.er = QlLoaderPE(
self.ql,
dlls=[b"ntdll.dll", b"kernel32.dll", b"user32.dll"])
self.ql.heap = Heap(self.ql, self.er.HEAP_BASE_ADDR,
self.er.HEAP_BASE_ADDR + self.er.HEAP_SIZE)
self.ql.os.setupComponents()
self.er.load()
elif self.ql.ostype in (QL_LINUX, QL_FREEBSD):
if not self.ql.shellcoder:
from qiling.loader.elf import QlLoaderELF
self.er = QlLoaderELF(self.ql.path, self.ql)
if self.er.load_with_ld(self.ql,
self.ql.stack_address +
self.ql.stack_size,
argv=self.ql.argv,
env=self.ql.env):
raise QlErrorFileType("Unsupported FileType")
self.ql.stack_address = (int(self.ql.new_stack))