def add_export_lib(self, e, name): self.all_exported_lib.append(e) # will add real lib addresses to database if name in self.name2off: ad = self.name2off[name] else: log.debug('new lib %s', name) ad = e.NThdr.ImageBase libad = ad self.name2off[name] = ad self.libbase2lastad[ad] = ad + 0x1 self.lib_imp2ad[ad] = {} self.lib_imp2dstad[ad] = {} self.libbase_ad += 0x1000 ads = get_export_name_addr_list(e) todo = ads # done = [] while todo: # for imp_ord_or_name, ad in ads: imp_ord_or_name, ad = todo.pop() # if export is a redirection, search redirected dll # and get function real addr ret = is_redirected_export(e, ad) if ret: exp_dname, exp_fname = ret # log.debug('export redirection %s' % imp_ord_or_name) # log.debug('source %s %s' % (exp_dname, exp_fname)) exp_dname = exp_dname + '.dll' exp_dname = exp_dname.lower() # if dll auto refes in redirection if exp_dname == name: libad_tmp = self.name2off[exp_dname] if not exp_fname in self.lib_imp2ad[libad_tmp]: # schedule func todo = [(imp_ord_or_name, ad)] + todo continue elif not exp_dname in self.name2off: raise ValueError('load %r first' % exp_dname) c_name = canon_libname_libfunc(exp_dname, exp_fname) libad_tmp = self.name2off[exp_dname] ad = self.lib_imp2ad[libad_tmp][exp_fname] # log.debug('%s' % hex(ad)) # if not imp_ord_or_name in self.lib_imp2dstad[libad]: # self.lib_imp2dstad[libad][imp_ord_or_name] = set() # self.lib_imp2dstad[libad][imp_ord_or_name].add(dst_ad) # log.debug('new imp %s %s' % (imp_ord_or_name, hex(ad))) self.lib_imp2ad[libad][imp_ord_or_name] = ad name_inv = dict([(x[1], x[0]) for x in self.name2off.items()]) c_name = canon_libname_libfunc(name_inv[libad], imp_ord_or_name) self.fad2cname[ad] = c_name self.fad2info[ad] = libad, imp_ord_or_name
def add_export_lib(self, e, name): self.all_exported_lib.append(e) # will add real lib addresses to database if name in self.name2off: ad = self.name2off[name] else: log.debug('new lib %s', name) ad = e.NThdr.ImageBase libad = ad self.name2off[name] = ad self.libbase2lastad[ad] = ad + 0x1 self.lib_imp2ad[ad] = {} self.lib_imp2dstad[ad] = {} self.libbase_ad += 0x1000 ads = get_export_name_addr_list(e) todo = ads # done = [] while todo: # for imp_ord_or_name, ad in ads: imp_ord_or_name, ad = todo.pop() # if export is a redirection, search redirected dll # and get function real addr ret = is_redirected_export(e, ad) if ret: exp_dname, exp_fname = ret # log.debug('export redirection %s' % imp_ord_or_name) # log.debug('source %s %s' % (exp_dname, exp_fname)) exp_dname = exp_dname + '.dll' exp_dname = exp_dname.lower() # if dll auto refes in redirection if exp_dname == name: libad_tmp = self.name2off[exp_dname] if not exp_fname in self.lib_imp2ad[libad_tmp]: # schedule func todo = [(imp_ord_or_name, ad)] + todo continue elif not exp_dname in self.name2off: raise ValueError('load %r first' % exp_dname) c_name = canon_libname_libfunc(exp_dname, exp_fname) libad_tmp = self.name2off[exp_dname] ad = self.lib_imp2ad[libad_tmp][exp_fname] # log.debug('%s' % hex(ad)) # if not imp_ord_or_name in self.lib_imp2dstad[libad]: # self.lib_imp2dstad[libad][imp_ord_or_name] = set() # self.lib_imp2dstad[libad][imp_ord_or_name].add(dst_ad) # log.debug('new imp %s %s' % (imp_ord_or_name, hex(ad))) self.lib_imp2ad[libad][imp_ord_or_name] = ad name_inv = dict([(x[1], x[0]) for x in self.name2off.items()]) c_name = canon_libname_libfunc( name_inv[libad], imp_ord_or_name) self.fad2cname[ad] = c_name self.fad2info[ad] = libad, imp_ord_or_name
def preload_elf(vm, e, runtime_lib, patch_vm_imp=True, loc_db=None): # XXX quick hack fa = get_import_address_elf(e) dyn_funcs = {} for (libname, libfunc), ads in fa.items(): # Quick hack - if a symbol is already known, do not stub it if loc_db and loc_db.get_name_location(libfunc) is not None: continue for ad in ads: ad_base_lib = runtime_lib.lib_get_add_base(libname) ad_libfunc = runtime_lib.lib_get_add_func(ad_base_lib, libfunc, ad) libname_s = canon_libname_libfunc(libname, libfunc) dyn_funcs[libname_s] = ad_libfunc if patch_vm_imp: log.debug('patch 0x%x 0x%x %s', ad, ad_libfunc, libfunc) set_endianness = { elf_csts.ELFDATA2MSB: ">", elf_csts.ELFDATA2LSB: "<", elf_csts.ELFDATANONE: "" }[e.sex] vm.set_mem( ad, struct.pack(set_endianness + cstruct.size2type[e.size], ad_libfunc)) return runtime_lib, dyn_funcs
def preload_pe(vm, e, runtime_lib, patch_vm_imp=True): fa = get_import_address_pe(e) dyn_funcs = {} # log.debug('imported funcs: %s' % fa) for (libname, libfunc), ads in fa.items(): for ad in ads: ad_base_lib = runtime_lib.lib_get_add_base(libname) ad_libfunc = runtime_lib.lib_get_add_func(ad_base_lib, libfunc, ad) libname_s = canon_libname_libfunc(libname, libfunc) dyn_funcs[libname_s] = ad_libfunc if patch_vm_imp: vm.set_mem(ad, struct.pack(cstruct.size2type[e._wsize], ad_libfunc)) return dyn_funcs
def preload_pe(vm, e, runtime_lib, patch_vm_imp=True): fa = get_import_address_pe(e) dyn_funcs = {} # log.debug('imported funcs: %s' % fa) for (libname, libfunc), ads in fa.items(): for ad in ads: ad_base_lib = runtime_lib.lib_get_add_base(libname) ad_libfunc = runtime_lib.lib_get_add_func(ad_base_lib, libfunc, ad) libname_s = canon_libname_libfunc(libname, libfunc) dyn_funcs[libname_s] = ad_libfunc if patch_vm_imp: vm.set_mem( ad, struct.pack(cstruct.size2type[e._wsize], ad_libfunc)) return dyn_funcs
def preload_elf(vm, e, runtime_lib, patch_vm_imp=True): # XXX quick hack fa = get_import_address_elf(e) dyn_funcs = {} # log.debug('imported funcs: %s' % fa) for (libname, libfunc), ads in fa.items(): for ad in ads: ad_base_lib = runtime_lib.lib_get_add_base(libname) ad_libfunc = runtime_lib.lib_get_add_func(ad_base_lib, libfunc, ad) libname_s = canon_libname_libfunc(libname, libfunc) dyn_funcs[libname_s] = ad_libfunc if patch_vm_imp: log.debug('patch 0x%x 0x%x %s', ad, ad_libfunc, libfunc) set_endianness = { elf_csts.ELFDATA2MSB: ">", elf_csts.ELFDATA2LSB: "<", elf_csts.ELFDATANONE: "" }[e.sex] vm.set_mem(ad, struct.pack(set_endianness + cstruct.size2type[e.size], ad_libfunc)) return runtime_lib, dyn_funcs
def preload_elf(vm, e, runtime_lib, patch_vm_imp=True): # XXX quick hack fa = get_import_address_elf(e) dyn_funcs = {} for (libname, libfunc), ads in fa.items(): for ad in ads: ad_base_lib = runtime_lib.lib_get_add_base(libname) ad_libfunc = runtime_lib.lib_get_add_func(ad_base_lib, libfunc, ad) libname_s = canon_libname_libfunc(libname, libfunc) dyn_funcs[libname_s] = ad_libfunc if patch_vm_imp: log.debug('patch 0x%x 0x%x %s', ad, ad_libfunc, libfunc) set_endianness = { elf_csts.ELFDATA2MSB: ">", elf_csts.ELFDATA2LSB: "<", elf_csts.ELFDATANONE: "" }[e.sex] vm.set_mem( ad, struct.pack(set_endianness + cstruct.size2type[e.size], ad_libfunc)) return runtime_lib, dyn_funcs
def preload_elf(vm, e, runtime_lib, patch_vm_imp=True, loc_db=None): # XXX quick hack fa = get_import_address_elf(e) dyn_funcs = {} for (libname, libfunc), ads in fa.items(): # Quick hack - if a symbol is already known, do not stub it if loc_db and loc_db.get_name_location(libfunc) is not None: continue for ad in ads: ad_base_lib = runtime_lib.lib_get_add_base(libname) ad_libfunc = runtime_lib.lib_get_add_func(ad_base_lib, libfunc, ad) libname_s = canon_libname_libfunc(libname, libfunc) dyn_funcs[libname_s] = ad_libfunc if patch_vm_imp: log.debug('patch 0x%x 0x%x %s', ad, ad_libfunc, libfunc) set_endianness = { elf_csts.ELFDATA2MSB: ">", elf_csts.ELFDATA2LSB: "<", elf_csts.ELFDATANONE: "" }[e.sex] vm.set_mem(ad, struct.pack(set_endianness + cstruct.size2type[e.size], ad_libfunc)) return runtime_lib, dyn_funcs
def add_export_lib(self, e, name): if name in self.created_redirected_imports: log.error("%r has previously been created due to redirect\ imports due to %r. Change the loading order.", name, self.created_redirected_imports[name]) raise RuntimeError('Bad import: loading previously created import') self.all_exported_lib.append(e) # will add real lib addresses to database if name in self.name2off: ad = self.name2off[name] if e is not None and name in self.fake_libs: log.error( "You are trying to load %r but it has been faked previously. Try loading this module earlier.", name) raise RuntimeError("Bad import") else: log.debug('new lib %s', name) ad = e.NThdr.ImageBase libad = ad self.name2off[name] = ad self.libbase2lastad[ad] = ad + 0x1 self.lib_imp2ad[ad] = {} self.lib_imp2dstad[ad] = {} self.libbase_ad += 0x1000 ads = get_export_name_addr_list(e) todo = ads # done = [] while todo: # for imp_ord_or_name, ad in ads: imp_ord_or_name, ad = todo.pop() # if export is a redirection, search redirected dll # and get function real addr ret = is_redirected_export(e, ad) if ret: exp_dname, exp_fname = ret exp_dname = exp_dname + '.dll' exp_dname = exp_dname.lower() # if dll auto refes in redirection if exp_dname == name: libad_tmp = self.name2off[exp_dname] if not exp_fname in self.lib_imp2ad[libad_tmp]: # schedule func todo = [(imp_ord_or_name, ad)] + todo continue else: # import redirected lib from non loaded dll if not exp_dname in self.name2off: self.created_redirected_imports.setdefault( exp_dname, set()).add(name) # Ensure import entry is created new_lib_base = self.lib_get_add_base(exp_dname) # Ensure function entry is created _ = self.lib_get_add_func(new_lib_base, exp_fname) c_name = canon_libname_libfunc(exp_dname, exp_fname) libad_tmp = self.name2off[exp_dname] ad = self.lib_imp2ad[libad_tmp][exp_fname] self.lib_imp2ad[libad][imp_ord_or_name] = ad name_inv = dict([(x[1], x[0]) for x in self.name2off.items()]) c_name = canon_libname_libfunc( name_inv[libad], imp_ord_or_name) self.fad2cname[ad] = c_name self.fad2info[ad] = libad, imp_ord_or_name
def add_export_lib(self, e, name): if name in self.created_redirected_imports: log.error( "%r has previously been created due to redirect\ imports due to %r. Change the loading order.", name, self.created_redirected_imports[name]) raise RuntimeError('Bad import: loading previously created import') self.all_exported_lib.append(e) # will add real lib addresses to database if name in self.name2off: ad = self.name2off[name] if e is not None and name in self.fake_libs: log.error( "You are trying to load %r but it has been faked previously. Try loading this module earlier.", name) raise RuntimeError("Bad import") else: log.debug('new lib %s', name) ad = e.NThdr.ImageBase libad = ad self.name2off[name] = ad self.libbase2lastad[ad] = ad + 0x1 self.lib_imp2ad[ad] = {} self.lib_imp2dstad[ad] = {} self.libbase_ad += 0x1000 ads = get_export_name_addr_list(e) todo = ads # done = [] while todo: # for imp_ord_or_name, ad in ads: imp_ord_or_name, ad = todo.pop() # if export is a redirection, search redirected dll # and get function real addr ret = is_redirected_export(e, ad) if ret: exp_dname, exp_fname = ret exp_dname = exp_dname + '.dll' exp_dname = exp_dname.lower() # if dll auto refes in redirection if exp_dname == name: libad_tmp = self.name2off[exp_dname] if not exp_fname in self.lib_imp2ad[libad_tmp]: # schedule func todo = [(imp_ord_or_name, ad)] + todo continue else: # import redirected lib from non loaded dll if not exp_dname in self.name2off: self.created_redirected_imports.setdefault( exp_dname, set()).add(name) # Ensure import entry is created new_lib_base = self.lib_get_add_base(exp_dname) # Ensure function entry is created _ = self.lib_get_add_func(new_lib_base, exp_fname) c_name = canon_libname_libfunc(exp_dname, exp_fname) libad_tmp = self.name2off[exp_dname] ad = self.lib_imp2ad[libad_tmp][exp_fname] self.lib_imp2ad[libad][imp_ord_or_name] = ad name_inv = dict([(x[1], x[0]) for x in self.name2off.items()]) c_name = canon_libname_libfunc(name_inv[libad], imp_ord_or_name) self.fad2cname[ad] = c_name self.fad2info[ad] = libad, imp_ord_or_name