def preload_elf(vm, e, runtime_lib, patch_vm_imp=True, loc_db=None): # XXX quick hack fa = get_import_address_elf(e) dyn_funcs = {} for (libname, libfunc), ads in viewitems(fa): # Quick hack - if a symbol is already known, do not stub it if loc_db and loc_db.get_name_location(libfunc) is not None: continue for ad in ads: ad_base_lib = runtime_lib.lib_get_add_base(libname) ad_libfunc = runtime_lib.lib_get_add_func(ad_base_lib, libfunc, ad) libname_s = canon_libname_libfunc(libname, libfunc) dyn_funcs[libname_s] = ad_libfunc if patch_vm_imp: log.debug('patch 0x%x 0x%x %s', ad, ad_libfunc, libfunc) set_endianness = { elf_csts.ELFDATA2MSB: ">", elf_csts.ELFDATA2LSB: "<", elf_csts.ELFDATANONE: "" }[e.sex] vm.set_mem( ad, struct.pack(set_endianness + cstruct.size2type[e.size], ad_libfunc)) return runtime_lib, dyn_funcs
def preload_pe(vm, e, runtime_lib, patch_vm_imp=True): fa = get_import_address_pe(e) dyn_funcs = {} # log.debug('imported funcs: %s' % fa) for (libname, libfunc), ads in viewitems(fa): for ad in ads: ad_base_lib = runtime_lib.lib_get_add_base(libname) ad_libfunc = runtime_lib.lib_get_add_func(ad_base_lib, libfunc, ad) libname_s = canon_libname_libfunc(libname, libfunc) dyn_funcs[libname_s] = ad_libfunc if patch_vm_imp: vm.set_mem( ad, struct.pack(cstruct.size2type[e._wsize], ad_libfunc)) return dyn_funcs
def add_function(self, dllname, imp_ord_or_name, addr): assert isinstance(dllname, str) assert isinstance(imp_ord_or_name, (int, str)) libad = self.name2off[dllname] c_name = canon_libname_libfunc(dllname, imp_ord_or_name) update_entry = True if addr in self.fad2info: known_libad, known_imp_ord_or_name = self.fad2info[addr] if isinstance(imp_ord_or_name, int): update_entry = False self.cname2addr[c_name] = addr log.debug("Add func %s %s", hex(addr), c_name) if update_entry: log.debug("Real Add func %s %s", hex(addr), c_name) self.fad2cname[addr] = c_name self.fad2info[addr] = libad, imp_ord_or_name
def preload_elf(vm, e, runtime_lib, patch_vm_imp=True, loc_db=None): # XXX quick hack fa = get_import_address_elf(e) dyn_funcs = {} for (libname, libfunc), ads in viewitems(fa): # Quick hack - if a symbol is already known, do not stub it if loc_db and loc_db.get_name_location(libfunc) is not None: continue for ad in ads: ad_base_lib = runtime_lib.lib_get_add_base(libname) ad_libfunc = runtime_lib.lib_get_add_func(ad_base_lib, libfunc, ad) libname_s = canon_libname_libfunc(libname, libfunc) dyn_funcs[libname_s] = ad_libfunc if patch_vm_imp: log.debug('patch 0x%x 0x%x %s', ad, ad_libfunc, libfunc) set_endianness = { elf_csts.ELFDATA2MSB: ">", elf_csts.ELFDATA2LSB: "<", elf_csts.ELFDATANONE: "" }[e.sex] vm.set_mem(ad, struct.pack(set_endianness + cstruct.size2type[e.size], ad_libfunc)) return runtime_lib, dyn_funcs
def add_export_lib(self, e, name): if name in self.created_redirected_imports: log.error("%r has previously been created due to redirect\ imports due to %r. Change the loading order.", name, self.created_redirected_imports[name]) raise RuntimeError('Bad import: loading previously created import') self.all_exported_lib.append(e) # will add real lib addresses to database if name in self.name2off: ad = self.name2off[name] if e is not None and name in self.fake_libs: log.error( "You are trying to load %r but it has been faked previously. Try loading this module earlier.", name) raise RuntimeError("Bad import") else: log.debug('new lib %s', name) ad = e.NThdr.ImageBase libad = ad self.name2off[name] = ad self.libbase2lastad[ad] = ad + 0x1 self.lib_imp2ad[ad] = {} self.lib_imp2dstad[ad] = {} self.libbase_ad += 0x1000 ads = get_export_name_addr_list(e) todo = ads # done = [] while todo: # for imp_ord_or_name, ad in ads: imp_ord_or_name, ad = todo.pop() # if export is a redirection, search redirected dll # and get function real addr ret = is_redirected_export(e, ad) if ret: exp_dname, exp_fname = ret exp_dname = exp_dname + b'.dll' exp_dname = exp_dname.lower() # if dll auto refes in redirection if exp_dname == name: libad_tmp = self.name2off[exp_dname] if not exp_fname in self.lib_imp2ad[libad_tmp]: # schedule func todo = [(imp_ord_or_name, ad)] + todo continue else: # import redirected lib from non loaded dll if not exp_dname in self.name2off: self.created_redirected_imports.setdefault( exp_dname, set()).add(name) # Ensure import entry is created new_lib_base = self.lib_get_add_base(exp_dname) # Ensure function entry is created _ = self.lib_get_add_func(new_lib_base, exp_fname) libad_tmp = self.name2off[exp_dname] ad = self.lib_imp2ad[libad_tmp][exp_fname] self.lib_imp2ad[libad][imp_ord_or_name] = ad name_inv = dict( (value, key) for key, value in viewitems(self.name2off) ) c_name = canon_libname_libfunc( name_inv[libad], imp_ord_or_name) self.fad2cname[ad] = c_name self.cname2addr[c_name] = ad log.debug("Add func %s %s", hex(ad), c_name) self.fad2info[ad] = libad, imp_ord_or_name