def disassembleUnmappedBuffer(self, file_content):
loader = MemoryFileLoader(file_content, map_file=True)
file_content = loader.getData()
binary_info = BinaryInfo(file_content)
binary_info.raw_data = loader.getRawData()
binary_info.file_path = ""
binary_info.base_addr = loader.getBaseAddress()
binary_info.bitness = loader.getBitness()
binary_info.code_areas = loader.getCodeAreas()
start = datetime.datetime.utcnow()
try:
smda_report = self._disassemble(binary_info, timeout=self.config.TIMEOUT)
if self.config.STORE_BUFFER:
smda_report.buffer = file_content
except Exception as exc:
LOGGER.error("An error occurred while disassembling unmapped buffer.")
# print("-> an error occured (", str(exc), ").")
smda_report = self._createErrorReport(start, exc)
return smda_report
def disassembleFile(self, file_path, pdb_path=""):
loader = FileLoader(file_path, map_file=True)
file_content = loader.getData()
binary_info = BinaryInfo(file_content)
binary_info.raw_data = loader.getRawData()
binary_info.file_path = file_path
binary_info.base_addr = loader.getBaseAddress()
binary_info.bitness = loader.getBitness()
binary_info.code_areas = loader.getCodeAreas()
start = datetime.datetime.utcnow()
try:
self.disassembler.addPdbFile(binary_info, pdb_path)
smda_report = self._disassemble(binary_info,
timeout=self.config.TIMEOUT)
if self.config.STORE_BUFFER:
smda_report.buffer = file_content
except Exception as exc:
print("-> an error occured (", str(exc), ").")
smda_report = self._createErrorReport(start, exc)
return smda_report
def setUpClass(cls):
super(SmdaIntegrationTestSuite, cls).setUpClass()
disasm = Disassembler(config)
# load encrypted Asprox
with open(
os.path.join(config.PROJECT_ROOT, "tests",
"asprox_0x008D0000_xored"), "rb") as f_binary:
binary = f_binary.read()
decrypted_asprox = bytearray()
for index, byte in enumerate(binary):
if isinstance(byte, str):
byte = ord(byte)
decrypted_asprox.append(byte ^ (index % 256))
cls.asprox_binary = decrypted_asprox
cls.asprox_disassembly = disasm.disassembleBuffer(
bytes(decrypted_asprox), 0x8D0000)
# load encrypted Cutwail
with open(os.path.join(config.PROJECT_ROOT, "tests", "cutwail_xored"),
"rb") as f_binary:
binary = f_binary.read()
decrypted_cutwail = bytearray()
for index, byte in enumerate(binary):
if isinstance(byte, str):
byte = ord(byte)
decrypted_cutwail.append(byte ^ (index % 256))
cls.cutwail_binary = decrypted_cutwail
# run FileLoader and disassemble as file
loader = FileLoader("/", map_file=True)
loader._loadFile(decrypted_cutwail)
file_content = loader.getData()
binary_info = BinaryInfo(file_content)
binary_info.raw_data = loader.getRawData()
binary_info.file_path = ""
binary_info.base_addr = loader.getBaseAddress()
binary_info.bitness = loader.getBitness()
binary_info.code_areas = loader.getCodeAreas()
cls.cutwail_disassembly = disasm._disassemble(binary_info)
cls.cutwail_unmapped_disassembly = disasm.disassembleUnmappedBuffer(
decrypted_cutwail)
def disassembleFile(self, file_path, pdb_path=""):
loader = FileLoader(file_path, map_file=True)
file_content = loader.getData()
binary_info = BinaryInfo(file_content)
binary_info.raw_data = loader.getRawData()
# we want the SHA256 of the unmapped file not how we mapped it to memory
binary_info.sha256 = hashlib.sha256(binary_info.raw_data).hexdigest()
binary_info.file_path = file_path
binary_info.base_addr = loader.getBaseAddress()
binary_info.bitness = loader.getBitness()
binary_info.code_areas = loader.getCodeAreas()
start = datetime.datetime.utcnow()
try:
self.disassembler.addPdbFile(binary_info, pdb_path)
smda_report = self._disassemble(binary_info, timeout=self.config.TIMEOUT)
if self.config.STORE_BUFFER:
smda_report.buffer = file_content
except Exception as exc:
LOGGER.error("An error occurred while disassembling file.")
# print("-> an error occured (", str(exc), ").")
smda_report = self._createErrorReport(start, exc)
return smda_report