def build_a_section(name, size, offset, characteristics):
log('build_a_section:'+hex(size)+':'+hex(offset)+":"+hex(characteristics))
name = name.ljust(8, '\x00')
new_section = name + l32(size) + l32(offset) + l32(size)
new_section += l32(offset) + l32(0) + l32(0)
new_section += l16(0) + l16(0) + l32(characteristics)
return new_section
def get_new_section_pointer(data):
nt_header_pointer = l32(data[0x3c:0x40])
size_of_optional_header_pointer = nt_header_pointer + 0x14
section_pointer = nt_header_pointer+0x18+l16(data[size_of_optional_header_pointer:size_of_optional_header_pointer+2])
number_of_section_pointer = nt_header_pointer + 6
number_of_section = l16(data[number_of_section_pointer:number_of_section_pointer+2])
return section_pointer + 0x28*number_of_section
def generate_section_info_from_data(data):
nt_header_pointer = l32(data[0x3c:0x40])
size_of_optional_header_pointer = nt_header_pointer + 0x14
section_pointer = nt_header_pointer+0x18+l16(data[size_of_optional_header_pointer:size_of_optional_header_pointer+2])
number_of_section_pointer = nt_header_pointer + 6
number_of_section = l16(data[number_of_section_pointer:number_of_section_pointer+2])
section_infos = parse_section(data, section_pointer, number_of_section)
return section_infos
def add_pe_section(infile, outfile, name, virtual_size, virtual_address, size_of_raw_data, pointer_to_raw_data, characteristics):
log('add pe section:'+name+':'+hex(virtual_address)+':'+hex(pointer_to_raw_data))
name = name.ljust(8, '\x00')
pointer_to_relocation = 0 #在obj文件中使用,重定位的偏移
pointer_to_line_numbers = 0 #在符号表的偏移(供调试用)
number_of_relocations = 0 #在obj文件中使用,重定位项的数目
number_of_line_number = 0 #行号表中行号的数目
new_section = name + l32(virtual_size) + l32(virtual_address) + l32(size_of_raw_data)
new_section += l32(pointer_to_raw_data) + l32(pointer_to_relocation) + l32(pointer_to_line_numbers)
new_section += l16(number_of_relocations) + l16(number_of_line_number) + l32(characteristics)
f = open(infile, 'rb')
data = f.read()
f.close()
index = get_new_section_pointer(data)
dos_header_pointer = 0
dos_header_e_lfanew_offset = 0x3c
nt_header_pointer = l32(data[dos_header_e_lfanew_offset:dos_header_e_lfanew_offset+0x4])
nt_header_file_header_offset = 4
file_header_pointer = nt_header_pointer + nt_header_file_header_offset
file_header_number_of_section_offset = 2
number_of_section_pointer = file_header_pointer + file_header_number_of_section_offset
size_of_image_pointer = nt_header_pointer + 0x50
if len(data) < pointer_to_raw_data:
data = data.ljust(pointer_to_raw_data + size_of_raw_data, '\x61')
elif len(data) < pointer_to_raw_data + size_of_raw_data:
data = data[0:pointer_to_raw_data].ljust(pointer_to_raw_data + size_of_raw_data, '\x61')
else:
data = data[0:pointer_to_raw_data] + '\x61'*size_of_raw_data + data[pointer_to_raw_data+size_of_raw_data:]
data = data[0:index] + new_section + data[index+len(new_section):]
#add number of sections
#print hex(number_of_section_pointer)
old_number_of_section = l16(data[number_of_section_pointer:number_of_section_pointer+2])
#print hex(old_number_of_section)
data = data[0:number_of_section_pointer] + l16(old_number_of_section+1) + data[number_of_section_pointer+2:]
#modify sizeofimage
new_size_of_image = virtual_address + virtual_size
data = data[0:size_of_image_pointer] + l32(new_size_of_image) + data[size_of_image_pointer+4:]
f = open(outfile, 'wb')
f.write(data)
f.close()
def fix_pe_section(data):
log('fix_pe_section')
def set_data(data, index, value):
return data[0:index]+value+data[index+len(value):]
nt_header_pointer = l32(data[0x3c:0x40])
size_of_optional_header_pointer = nt_header_pointer + 0x14
section_pointer = nt_header_pointer+0x18+l16(data[size_of_optional_header_pointer:size_of_optional_header_pointer+2])
number_of_section_pointer = nt_header_pointer + 6
number_of_section = l16(data[number_of_section_pointer:number_of_section_pointer+2])
for i in range(number_of_section):
rva_size = l32(data[section_pointer+i*0x28+8:section_pointer+i*0x28+0xc])
rva = l32(data[section_pointer+i*0x28+0xc:section_pointer+i*0x28+0x10])
file_size = l32(data[section_pointer+i*0x28+0x10:section_pointer+i*0x28+0x14])
file_offset = l32(data[section_pointer+i*0x28+0x14:section_pointer+i*0x28+0x18])
if file_size < rva_size: #.bss ?? to do
#print 'fix file_size:'+hex(rva_size)
data = set_data(data, section_pointer+i*0x28+0x10, l32(rva_size))
return data
def rebuild_section(data, map_info):
def set_data(data, index, value):
return data[0:index]+value+data[index+len(value):]
nt_header_pointer = l32(data[0x3c:0x40])
size_of_optional_header_pointer = nt_header_pointer + 0x14
section_pointer = nt_header_pointer+0x18+l16(data[size_of_optional_header_pointer:size_of_optional_header_pointer+2])
number_of_section_pointer = nt_header_pointer + 6
data = set_data(data, number_of_section_pointer, l32(len(map_info)))
index = 0
for map in map_info:
offset = map[0]
size = map[1]
character = map[2]
#log('offset='+hex(offset)+';size='+hex(size)+';character='+hex(character))
name = str(index)
section = build_a_section(name, size, offset, character)
data = set_data(data, section_pointer+0x28*index, section)
index += 1
return data
def build_import_by_name(name):
hint = 0
import_by_name = l16(hint)+name
return import_by_name
