Exemplo n.º 1
0
    def add_api_hook(self, cb, module='', api_name='', argc=0, call_conv=None, emu=None,
                     enable_wild_cards=True):
        """
        Add an API level hook (e.g. kernel32.CreateFile) here
        """

        contains_wild_cards = False
        if enable_wild_cards:
            for wc in ['?', '*', '[', ']']:
                if wc in api_name:
                    contains_wild_cards = True
                    break

        if not emu:
            emu = self
        hook = common.ApiHook(emu, self.emu_eng, cb, module, api_name, argc, call_conv)
        _hooks = self.hooks.get(common.HOOK_API)
        api = (module + '.' + api_name).lower()
        if not _hooks:
            if not contains_wild_cards:
                obj = ({api: hook}, [hook, ])
            else:
                obj = ({}, [hook, ])
            self.hooks.update({common.HOOK_API: obj})
        else:
            quick_look, wild_list = _hooks
            if not contains_wild_cards:
                quick_look.update({api: hook})
            else:
                wild_list.append(hook)
Exemplo n.º 2
0
 def add_api_hook(self, cb, module='', api_name='', argc=0, call_conv=None, emu=None):
     """
     Add an API level hook (e.g. kernel32.CreateFile) here
     """
     if not emu:
         emu = self
     hook = common.ApiHook(emu, self.emu_eng, cb, module, api_name, argc, call_conv)
     hl = self.hooks.get(common.HOOK_API)
     if not hl:
         self.hooks.update({common.HOOK_API: [hook, ]})
     else:
         hl.append(hook)
Exemplo n.º 3
0
    def add_api_hook(self,
                     cb,
                     module='',
                     api_name='',
                     argc=0,
                     call_conv=None,
                     emu=None) -> common.ApiHook:
        """
        Add an API level hook (e.g. kernel32.CreateFile) here
        """
        module = module.lower()
        api_name = api_name.lower()

        wildcard_module, wildcard_api = False, False
        for wc in ['?', '*', '[', ']']:
            if wc in module:
                wildcard_module = True
            if wc in api_name:
                wildcard_api = True

        if not emu:
            emu = self
        hook = common.ApiHook(emu, self.emu_eng, cb, module, api_name, argc,
                              call_conv)
        _hooks: MODULE_LEVEL = self.hooks.get(common.HOOK_API)

        api_dictionary = ({api_name: [hook]}, wildcard_api)
        if not _hooks:
            # First addition
            obj = ({module: api_dictionary}, wildcard_module)
        else:
            module_dict, previous_wildcard_module = _hooks
            try:
                api_dict, previous_wildcard_api = module_dict[module]
            except KeyError:
                # The module asked is not present, so we just add the api dictionary
                module_dict[module] = api_dictionary
            else:
                # The module asked is present, so we can just add the hook
                api_dict.setdefault(api_name, []).append(hook)
                module_dict[module] = (api_dict,
                                       previous_wildcard_api | wildcard_api)
            obj = (module_dict, previous_wildcard_module | wildcard_module)
        self.hooks.update({common.HOOK_API: obj})
        return hook