def __init__(self, custom_methods, *args, **kwargs):
from miasm2.jitter.loader.pe import vm_load_pe, vm_load_pe_libs,\
preload_pe, libimp_pe, vm_load_pe_and_dependencies
from miasm2.os_dep import win_api_x86_32, win_api_x86_32_seh
methods = win_api_x86_32.__dict__
methods.update(custom_methods)
super(OS_Win, self).__init__(methods, *args, **kwargs)
# Import manager
libs = libimp_pe()
self.libs = libs
win_api_x86_32.winobjs.runtime_dll = libs
self.name2module = {}
fname_basename = os.path.basename(self.fname).lower()
# Load main pe
with open(self.fname) as fstream:
self.pe = vm_load_pe(self.jitter.vm,
fstream.read(),
load_hdr=self.options.load_hdr,
**kwargs)
self.name2module[fname_basename] = self.pe
# Load library
if self.options.loadbasedll:
# Load libs in memory
self.name2module.update(
vm_load_pe_libs(self.jitter.vm, self.ALL_IMP_DLL, libs,
self.modules_path, **kwargs))
# Patch libs imports
for pe in self.name2module.itervalues():
preload_pe(self.jitter.vm, pe, libs)
if self.options.dependencies:
vm_load_pe_and_dependencies(self.jitter.vm, fname_basename,
self.name2module, libs,
self.modules_path, **kwargs)
win_api_x86_32.winobjs.current_pe = self.pe
# Fix pe imports
preload_pe(self.jitter.vm, self.pe, libs)
# Library calls handler
self.jitter.add_lib_handler(libs, methods)
# Manage SEH
if self.options.use_seh:
win_api_x86_32_seh.main_pe_name = fname_basename
win_api_x86_32_seh.main_pe = self.pe
win_api_x86_32.winobjs.hcurmodule = self.pe.NThdr.ImageBase
win_api_x86_32_seh.name2module = self.name2module
win_api_x86_32_seh.init_seh(self.jitter)
win_api_x86_32_seh.set_win_fs_0(self.jitter)
self.entry_point = self.pe.rva2virt(self.pe.Opthdr.AddressOfEntryPoint)
def parse(self, data, vm=None):
from miasm2.jitter.loader.pe import vm_load_pe, guess_arch
from elfesteem import pe_init
# Parse signature
if not data.startswith('MZ'):
raise ContainerSignatureException()
# Build executable instance
try:
if vm is not None:
self._executable = vm_load_pe(vm, data)
else:
self._executable = pe_init.PE(data)
except Exception, error:
raise ContainerParsingException('Cannot read PE: %s' % error)
def __init__(self, custom_methods, *args, **kwargs):
from miasm2.jitter.loader.pe import vm_load_pe, vm_load_pe_libs, preload_pe, libimp_pe
from miasm2.os_dep import win_api_x86_32
methods = win_api_x86_32.__dict__
methods.update(custom_methods)
super(OS_Win, self).__init__(methods, *args, **kwargs)
# Import manager
libs = libimp_pe()
self.libs = libs
win_api_x86_32.winobjs.runtime_dll = libs
# Load library
if self.options.loadbasedll:
all_pe = []
# Load libs in memory
all_pe = vm_load_pe_libs(self.jitter.vm, self.ALL_IMP_DLL, libs)
# Patch libs imports
for pe in all_pe.values():
preload_pe(self.jitter.vm, pe, libs)
# Load main pe
with open(self.fname) as fstream:
self.pe = vm_load_pe(self.jitter.vm, fstream.read())
win_api_x86_32.winobjs.current_pe = self.pe
# Fix pe imports
preload_pe(self.jitter.vm, self.pe, libs)
# Library calls handler
self.jitter.add_lib_handler(libs, methods)
# Manage SEH
if self.options.use_seh:
win_api_x86_32_seh.main_pe_name = self.fname
win_api_x86_32_seh.main_pe = self.pe
win_api_x86_32_seh.loaded_modules = self.ALL_IMP_DLL
win_api_x86_32_seh.init_seh(self.jitter)
win_api_x86_32_seh.set_win_fs_0(self.jitter)
self.entry_point = self.pe.rva2virt(self.pe.Opthdr.AddressOfEntryPoint)
