def __init__(self, custom_methods, *args, **kwargs):
from miasm2.jitter.loader.pe import vm_load_pe, vm_load_pe_libs,\
preload_pe, libimp_pe, vm_load_pe_and_dependencies
from miasm2.os_dep import win_api_x86_32, win_api_x86_32_seh
methods = win_api_x86_32.__dict__
methods.update(custom_methods)
super(OS_Win, self).__init__(methods, *args, **kwargs)
# Import manager
libs = libimp_pe()
self.libs = libs
win_api_x86_32.winobjs.runtime_dll = libs
self.name2module = {}
fname_basename = os.path.basename(self.fname).lower()
# Load main pe
with open(self.fname) as fstream:
self.pe = vm_load_pe(self.jitter.vm,
fstream.read(),
load_hdr=self.options.load_hdr,
**kwargs)
self.name2module[fname_basename] = self.pe
# Load library
if self.options.loadbasedll:
# Load libs in memory
self.name2module.update(
vm_load_pe_libs(self.jitter.vm, self.ALL_IMP_DLL, libs,
self.modules_path, **kwargs))
# Patch libs imports
for pe in self.name2module.itervalues():
preload_pe(self.jitter.vm, pe, libs)
if self.options.dependencies:
vm_load_pe_and_dependencies(self.jitter.vm, fname_basename,
self.name2module, libs,
self.modules_path, **kwargs)
win_api_x86_32.winobjs.current_pe = self.pe
# Fix pe imports
preload_pe(self.jitter.vm, self.pe, libs)
# Library calls handler
self.jitter.add_lib_handler(libs, methods)
# Manage SEH
if self.options.use_seh:
win_api_x86_32_seh.main_pe_name = fname_basename
win_api_x86_32_seh.main_pe = self.pe
win_api_x86_32.winobjs.hcurmodule = self.pe.NThdr.ImageBase
win_api_x86_32_seh.name2module = self.name2module
win_api_x86_32_seh.init_seh(self.jitter)
win_api_x86_32_seh.set_win_fs_0(self.jitter)
self.entry_point = self.pe.rva2virt(self.pe.Opthdr.AddressOfEntryPoint)
def init_stub(self):
"""Initialize stubbing capabilities"""
if not isinstance(self.engine, MiasmEngine):
# Unsupported capability
return
# Get stubs' implementation
context = {}
for fpath in config.stubs:
execfile(fpath, context)
if not context:
return
libs = None
if isinstance(self.ctr, ContainerPE):
from miasm2.jitter.loader.pe import preload_pe, libimp_pe
libs = libimp_pe()
preload_pe(self.jitter.vm, self.ctr.executable, libs)
elif isinstance(self.ctr, ContainerELF):
from miasm2.jitter.loader.elf import preload_elf, libimp_elf
libs = libimp_elf()
preload_elf(self.jitter.vm, self.ctr.executable, libs)
else:
return
# Add associated breakpoints
self.jitter.add_lib_handler(libs, context)
def init_stub(self):
"""Initialize stubbing capabilities"""
if not isinstance(self.engine, MiasmEngine):
# Unsupported capability
return
# Get stubs' implementation
context = {}
for fpath in config.stubs:
execfile(fpath, context)
if not context:
return
libs = None
if isinstance(self.ctr, ContainerPE):
from miasm2.jitter.loader.pe import preload_pe, libimp_pe
libs = libimp_pe()
preload_pe(self.jitter.vm, self.ctr.executable, libs)
elif isinstance(self.ctr, ContainerELF):
from miasm2.jitter.loader.elf import preload_elf, libimp_elf
libs = libimp_elf()
preload_elf(self.jitter.vm, self.ctr.executable, libs)
else:
return
# Add associated breakpoints
self.jitter.add_lib_handler(libs, context)
def __init__(self, custom_methods, *args, **kwargs):
from miasm2.jitter.loader.pe import vm_load_pe, vm_load_pe_libs, preload_pe, libimp_pe
from miasm2.os_dep import win_api_x86_32
methods = win_api_x86_32.__dict__
methods.update(custom_methods)
super(OS_Win, self).__init__(methods, *args, **kwargs)
# Import manager
libs = libimp_pe()
self.libs = libs
win_api_x86_32.winobjs.runtime_dll = libs
# Load library
if self.options.loadbasedll:
all_pe = []
# Load libs in memory
all_pe = vm_load_pe_libs(self.jitter.vm, self.ALL_IMP_DLL, libs)
# Patch libs imports
for pe in all_pe.values():
preload_pe(self.jitter.vm, pe, libs)
# Load main pe
with open(self.fname) as fstream:
self.pe = vm_load_pe(self.jitter.vm, fstream.read())
win_api_x86_32.winobjs.current_pe = self.pe
# Fix pe imports
preload_pe(self.jitter.vm, self.pe, libs)
# Library calls handler
self.jitter.add_lib_handler(libs, methods)
# Manage SEH
if self.options.use_seh:
win_api_x86_32_seh.main_pe_name = self.fname
win_api_x86_32_seh.main_pe = self.pe
win_api_x86_32_seh.loaded_modules = self.ALL_IMP_DLL
win_api_x86_32_seh.init_seh(self.jitter)
win_api_x86_32_seh.set_win_fs_0(self.jitter)
self.entry_point = self.pe.rva2virt(self.pe.Opthdr.AddressOfEntryPoint)
def __init__(self, custom_methods, *args, **kwargs):
from miasm2.jitter.loader.pe import vm_load_pe, vm_load_pe_libs, preload_pe, libimp_pe
from miasm2.os_dep import win_api_x86_32
methods = win_api_x86_32.__dict__
methods.update(custom_methods)
super(OS_Win, self).__init__(methods, *args, **kwargs)
# Import manager
libs = libimp_pe()
self.libs = libs
win_api_x86_32.winobjs.runtime_dll = libs
# Load library
if self.options.loadbasedll:
all_pe = []
# Load libs in memory
all_pe = vm_load_pe_libs(self.jitter.vm, self.ALL_IMP_DLL, libs)
# Patch libs imports
for pe in all_pe.values():
preload_pe(self.jitter.vm, pe, libs)
# Load main pe
with open(self.fname) as fstream:
self.pe = vm_load_pe(self.jitter.vm, fstream.read())
win_api_x86_32.winobjs.current_pe = self.pe
# Fix pe imports
preload_pe(self.jitter.vm, self.pe, libs)
# Library calls handler
self.jitter.add_lib_handler(libs, methods)
# Manage SEH
if self.options.use_seh:
win_api_x86_32_seh.main_pe_name = self.fname
win_api_x86_32_seh.main_pe = self.pe
win_api_x86_32_seh.loaded_modules = self.ALL_IMP_DLL
win_api_x86_32_seh.init_seh(self.jitter)
win_api_x86_32_seh.set_win_fs_0(self.jitter)
self.entry_point = self.pe.rva2virt(self.pe.Opthdr.AddressOfEntryPoint)
def __init__(self, custom_methods, *args, **kwargs):
from miasm2.jitter.loader.pe import vm_load_pe, preload_pe, libimp_pe
super(OS_Win, self).__init__(custom_methods, *args, **kwargs)
# Import manager
libs = libimp_pe()
self.libs = libs
win_api_x86_32.winobjs.runtime_dll = libs
# Load library
if self.options.loadbasedll:
all_pe = []
# Load libs in memory
for dll_fname in self.ALL_IMP_DLL:
fname = os.path.join('win_dll', dll_fname)
e_lib = vm_load_pe(self.jitter.vm, fname)
libs.add_export_lib(e_lib, dll_fname)
all_pe.append(e_lib)
# Patch libs imports
for pe in all_pe:
preload_pe(self.jitter.vm, pe, libs)
# Load main pe
self.pe = vm_load_pe(self.jitter.vm, self.fname)
# Fix pe imports
preload_pe(self.jitter.vm, self.pe, libs)
# Library calls handler
self.jitter.add_lib_handler(libs, custom_methods)
# Manage SEH
if self.options.use_seh:
win_api_x86_32_seh.main_pe_name = self.fname
win_api_x86_32_seh.main_pe = self.pe
win_api_x86_32_seh.loaded_modules = self.ALL_IMP_DLL
win_api_x86_32_seh.init_seh(self.jitter)
win_api_x86_32_seh.set_win_fs_0(self.jitter)
self.entry_point = self.pe.rva2virt(self.pe.Opthdr.AddressOfEntryPoint)
def __init__(self, custom_methods, *args, **kwargs):
from miasm2.jitter.loader.pe import vm_load_pe, vm_load_pe_libs,\
preload_pe, libimp_pe, vm_load_pe_and_dependencies
from miasm2.os_dep import win_api_x86_32, win_api_x86_32_seh
methods = win_api_x86_32.__dict__
methods.update(custom_methods)
super(OS_Win, self).__init__(methods, *args, **kwargs)
# Import manager
libs = libimp_pe()
self.libs = libs
win_api_x86_32.winobjs.runtime_dll = libs
self.name2module = {}
fname_basename = os.path.basename(self.fname).lower()
# Load main pe
with open(self.fname) as fstream:
self.pe = vm_load_pe(self.jitter.vm, fstream.read(),
load_hdr=self.options.load_hdr, **kwargs)
self.name2module[fname_basename] = self.pe
# Load library
if self.options.loadbasedll:
# Load libs in memory
self.name2module.update(vm_load_pe_libs(self.jitter.vm,
self.ALL_IMP_DLL,
libs,
self.modules_path,
**kwargs))
# Patch libs imports
for pe in self.name2module.itervalues():
preload_pe(self.jitter.vm, pe, libs)
if self.options.dependencies:
vm_load_pe_and_dependencies(self.jitter.vm,
fname_basename,
self.name2module,
libs,
self.modules_path,
**kwargs)
win_api_x86_32.winobjs.current_pe = self.pe
# Fix pe imports
preload_pe(self.jitter.vm, self.pe, libs)
# Library calls handler
self.jitter.add_lib_handler(libs, methods)
# Manage SEH
if self.options.use_seh:
win_api_x86_32_seh.main_pe_name = fname_basename
win_api_x86_32_seh.main_pe = self.pe
win_api_x86_32.winobjs.hcurmodule = self.pe.NThdr.ImageBase
win_api_x86_32_seh.name2module = self.name2module
win_api_x86_32_seh.init_seh(self.jitter)
win_api_x86_32_seh.set_win_fs_0(self.jitter)
self.entry_point = self.pe.rva2virt(
self.pe.Opthdr.AddressOfEntryPoint)