# Minimalist mutater
# handles only PUSH (68/6A), CALL (E8), and JUMPS <dword> (FF25)
# no real code analysis, but mutating our original program and using only ADD, MOV, RETN
import pefile, mypacklib
pe, oep, ib, start, size = mypacklib.load()
# mutates the original code
# (needs to parse the hex, transform the underneath assembly, and rewrite it)
mutated_code = """
bits 32
section .text valign=1 vstart=0%(start_va)08xh
""" % {
"start_va": oep + ib
}
#we need to keep track of jump targets
labels = []
pointer = oep
# parse the hex and convert in disassembly
for addr, op, arg in mypacklib.disasm(pe, oep):
# jump targets need to be taken into account
if addr + ib in labels:
mutated_code += """
_%(jump_va)i:
""" % {
# Minimalist mutater
# handles only PUSH (68/6A), CALL (E8), and JUMPS <dword> (FF25)
# no real code analysis, but mutating our original program and using only ADD, MOV, RETN
import pefile, mypacklib
pe, oep, ib, start, size = mypacklib.load()
# mutates the original code
# (needs to parse the hex, transform the underneath assembly, and rewrite it)
mutated_code = """
bits 32
section .text valign=1 vstart=0%(start_va)08xh
""" % {"start_va":oep + ib}
#we need to keep track of jump targets
labels = []
pointer = oep
# parse the hex and convert in disassembly
for addr, op, arg in mypacklib.disasm(pe, oep):
# jump targets need to be taken into account
if addr + ib in labels:
mutated_code += """
_%(jump_va)i:
""" % {"jump_va":addr + ib}
# rewrite opcodes in mutated form