Exemple #1
0
def setup(ql):
    ql.heap = Heap(ql, ql.commos.HEAP_BASE_ADDR,
                   ql.commos.HEAP_BASE_ADDR + ql.commos.HEAP_SIZE)
    ql.hook_mem_unmapped(ql_x86_windows_hook_mem_error)

    # setup gdt
    if ql.arch == QL_X86:
        ql_x86_setup_gdt_segment_fs(ql, FS_SEGMENT_ADDR, FS_SEGMENT_SIZE)
        ql_x86_setup_gdt_segment_gs(ql, GS_SEGMENT_ADDR, GS_SEGMENT_SIZE)
        ql_x86_setup_gdt_segment_ds(ql)
        ql_x86_setup_gdt_segment_cs(ql)
        ql_x86_setup_gdt_segment_ss(ql)
    elif ql.arch == QL_X8664:
        ql_x8664_set_gs(ql)

    # handle manager
    ql.handle_manager = HandleManager()
    # registry manger
    ql.registry_manager = RegistryManager(ql)
    # clipboard
    ql.clipboard = Clipboard(ql)
    # fibers
    ql.fiber_manager = FiberManager(ql)
    # Place to set errors for retrieval by GetLastError()
    # thread manager
    main_thread = Thread(ql)
    ql.thread_manager = ThreadManager(ql, main_thread)
    new_handle = Handle(thread=main_thread)
    ql.handle_manager.append(new_handle)
    # user configuration
    ql.config = ql_init_configuration(ql)
    # variables used inside hooks
    ql.hooks_variables = {}
Exemple #2
0
def setup_windows32(ql):
    ql.FS_SEGMENT_ADDR = 0x6000
    ql.FS_SEGMENT_SIZE = 0x6000
    ql.STRUCTERS_LAST_ADDR = ql.FS_SEGMENT_ADDR

    ql.GS_SEGMENT_ADDR = 0x5000
    ql.GS_SEGMENT_SIZE = 0x1000

    ql.PE_IMAGE_BASE = 0
    ql.PE_IMAGE_SIZE = 0
    ql.DEFAULT_IMAGE_BASE = 0x400000
    ql.entry_point = 0

    ql.HEAP_BASE_ADDR = 0x5000000
    ql.HEAP_SIZE = 0x5000000

    ql.DLL_BASE_ADDR = 0x10000000
    ql.DLL_SIZE = 0
    ql.DLL_LAST_ADDR = ql.DLL_BASE_ADDR

    ql.heap = Heap(ql, ql.HEAP_BASE_ADDR, ql.HEAP_BASE_ADDR + ql.HEAP_SIZE)
    ql.hook_mem_unmapped(ql_x86_windows_hook_mem_error)

    ql.RUN = True

    # New set GDT Share with Linux
    ql_x86_setup_gdt_segment_fs(ql, ql.FS_SEGMENT_ADDR, ql.FS_SEGMENT_SIZE)
    ql_x86_setup_gdt_segment_gs(ql, ql.GS_SEGMENT_ADDR, ql.GS_SEGMENT_SIZE)
    ql_x86_setup_gdt_segment_ds(ql)
    ql_x86_setup_gdt_segment_cs(ql)
    ql_x86_setup_gdt_segment_ss(ql)

    # handle manager
    ql.handle_manager = HandleManager()
    # registry manger
    ql.registry_manager = RegistryManager(ql)
    # clipboard
    ql.clipboard = Clipboard(ql)
    # fibers
    ql.fiber_manager = FiberManager(ql)
    # Place to set errors for retrieval by GetLastError()
    ql.last_error = 0
    # thread manager
    main_thread = Thread(ql)
    ql.thread_manager = ThreadManager(ql, main_thread)
    new_handle = Handle(thread=main_thread)
    ql.handle_manager.append(new_handle)
    # user configuration
    ql.config = init_configuration(ql)
    # variables used inside hooks
    ql.hooks_variables = {}
Exemple #3
0
def windows_setup64(ql):
    ql.STRUCTERS_LAST_ADDR = GS_SEGMENT_ADDR

    ql.PE_IMAGE_BASE = 0
    ql.PE_IMAGE_SIZE = 0
    ql.DEFAULT_IMAGE_BASE = 0x140000000
    ql.entry_point = 0

    ql.HEAP_BASE_ADDR = 0x500000000
    ql.HEAP_SIZE = 0x5000000

    ql.DLL_BASE_ADDR = 0x7ffff0000000
    ql.DLL_SIZE = 0
    ql.DLL_LAST_ADDR = ql.DLL_BASE_ADDR

    ql.RUN = True

    ql.heap = Heap(ql, ql.HEAP_BASE_ADDR, ql.HEAP_BASE_ADDR + ql.HEAP_SIZE)
    ql.hook_mem_unmapped(ql_x86_windows_hook_mem_error)

    # setup gdt
    set_pe64_gdt(ql)

    # handle manager
    ql.handle_manager = HandleManager()
    # registry manger
    ql.registry_manager = RegistryManager(ql)
    # clipboard manager
    ql.clipboard = Clipboard(ql)
    # fibers
    ql.fiber_manager = FiberManager(ql)
    # Place to set errors for retrieval by GetLastError()
    ql.last_error = 0
    # thread manager
    main_thread = Thread(ql)
    ql.thread_manager = ThreadManager(ql, main_thread)
    new_handle = Handle(thread=main_thread)
    ql.handle_manager.append(new_handle)
    # user configuration
    ql.config = ql_init_configuration(ql)
    # variables used inside hooks
    ql.hooks_variables = {}
Exemple #4
0
def windows_setup64(ql):

    ql.GS_SEGMENT_ADDR = 0x6000
    ql.GS_SEGMENT_SIZE = 0x8000
    ql.STRUCTERS_LAST_ADDR = ql.GS_SEGMENT_ADDR

    ql.DLL_BASE_ADDR = 0x7ffff0000000
    ql.DLL_SIZE = 0
    ql.DLL_LAST_ADDR = ql.DLL_BASE_ADDR

    ql.HEAP_BASE_ADDR = 0x500000000
    ql.HEAP_SIZE = 0x5000000

    ql.PE_IMAGE_BASE = 0
    ql.PE_IMAGE_SIZE = 0
    ql.DEFAULT_IMAGE_BASE = 0x140000000
    ql.entry_point = 0

    ql.RUN = True

    ql.heap = Heap(ql, ql.HEAP_BASE_ADDR, ql.HEAP_BASE_ADDR + ql.HEAP_SIZE)

    # setup gdt
    set_pe64_gdt(ql)

    # handle manager
    ql.handle_manager = HandleManager()
    # registry manger
    ql.registry_manager = RegistryManager(ql)
    # clipboard manager
    ql.clipboard = Clipboard(ql)
    # fibers
    ql.fiber_manager = FiberManager(ql)
    # Place to set errors for retrieval by GetLastError()
    ql.last_error = 0
    # thread manager
    main_thread = Thread(ql)
    ql.thread_manager = ThreadManager(ql, main_thread)
    new_handle = Handle(thread=main_thread)
    ql.handle_manager.append(new_handle)