Exemplos de align em Python

Exemplo n.º 1

Arquivo: pe.py Projeto: freemanZYQ/qiling-1

    def load_dll(self, dll_name):
        dll_name = dll_name.lower().decode()

        if not dll_name.endswith(".dll"):
            dll_name = dll_name + '.dll'
        path = os.path.join(self.ql.rootfs, "dlls", dll_name)

        if not os.path.exists(path):
            raise QlErrorFileNotFound("[!] Cannot find dll in %s" % path)

        # If the dll is already loaded
        if dll_name in self.dlls:
            return self.dlls[dll_name]
        else:
            self.dlls[dll_name] = self.ql.DLL_LAST_ADDR

        self.ql.nprint("[+] Loading %s to 0x%x" % (path, self.ql.DLL_LAST_ADDR))

        # cache depends on address base
        fcache = path + ".%x.cache" % self.ql.DLL_LAST_ADDR

        # Add dll to IAT
        try:
            self.import_address_table[dll_name] = {}
        except KeyError as ke:
            pass

        if not os.path.exists(fcache):
            dll = pefile.PE(path, fast_load=True)
            dll.parse_data_directories()
            data = bytearray(dll.get_memory_mapped_image())

            for entry in dll.DIRECTORY_ENTRY_EXPORT.symbols:
                self.import_symbols[self.ql.DLL_LAST_ADDR + entry.address] = {'name': entry.name, 'ordinal': entry.ordinal}
                self.import_address_table[dll_name][entry.name] = self.ql.DLL_LAST_ADDR + entry.address
                self.import_address_table[dll_name][entry.ordinal] = self.ql.DLL_LAST_ADDR + entry.address
                self.set_cmdline(entry, data)
            if self.ql.libcache:
                # cache this dll file
                pickle.dump((data,
                    self.import_symbols,
                    self.import_address_table),
                    open(fcache, "wb"))
                self.ql.nprint("[+] Cached %s" % path)
        else:
            (data, self.import_symbols, self.import_address_table) = \
                pickle.load(open(fcache, "rb"))

        dll_base = self.ql.DLL_LAST_ADDR
        dll_len = align(len(bytes(data)), 0x1000)
        self.ql.DLL_SIZE += dll_len
        self.ql.uc.mem_map(dll_base, dll_len)
        self.ql.uc.mem_write(dll_base, bytes(data))
        self.ql.DLL_LAST_ADDR += dll_len

        # add dll to ldr data
        self.add_ldr_data_table_entry(dll_name)

        self.ql.nprint("[+] Done with loading %s" % path)
        return dll_base

Exemplo n.º 2

def hook_WideCharToMultiByte(ql, address, params):
    ret = 0

    cbMultiByte = params["cbMultiByte"]
    s_lpWideCharStr = params["lpWideCharStr"]
    lpMultiByteStr = params["lpMultiByteStr"]

    if cbMultiByte == 0:
        ret = len(s_lpWideCharStr) + 2
        ret = align(ret // 2, 2)
    else:
        s = bytes(s_lpWideCharStr, 'ascii').decode('utf-16le') + "\x00"
        ql.uc.mem_write(lpMultiByteStr, bytes(s, 'ascii'))
        ret = len(s)

    return ret