def command_set(self, *args, **kwargs):
if not self.current_module:
return
key, _, value = args[0].partition(" ")
if key in self.current_module.options:
if key == "file":
if str(self.current_module) == "payloads/obfuscator/obfuscate":
result = self.__set_file_for_obfuscator(value)
if not result or result == 2:
return
elif str(self.current_module).split("/")[1] == "generator":
if not self.__set_file(value):
return
elif key == "encoder":
if not self.__set_encoder(value):
return
elif key == "method":
if not self.__set_method(value):
alert.error(f"Invalid obfuscation method {value}")
return
try:
setattr(self.current_module, key, value)
self.current_module.module_attributes[key][0] = value
if kwargs.get("glob", False):
GLOBAL_OPTS[key] = value
alert.info(f"{key} => {value}")
except AttributeError:
alert.error(f"Failed to set {key} -> {value}")
else:
alert.error(
f"You can't set option '{key}'.\nAvailable options: {self.current_module.options}"
)
def _show_methods(self, *args, **kwargs):
if not hasattr(self.current_module, "obfuscate_methods"):
alert.error("This module doesn't support obfuscate")
else:
alert.info(
f"Available obfuscate methods: {self.current_module.obfuscate_methods}"
)
def __set_file(self, value):
# Parse file extension to set arguments automatically
file_name, file_ext = os.path.splitext(value)
# If no extension, we try shebang. Have to deal with binary files
if not file_ext:
alert.error(
f"{value} might be a valid file. But shebang parsing isn't supported."
)
else:
if file_ext == ".py":
module_type = "python"
elif file_ext.lower() == ".js":
module_type = "javascript"
elif file_ext.lower() == ".pl":
module_type = "perl"
elif file_ext.lower() == ".rb":
module_type = "ruby"
elif file_ext.lower().startswith(".php"):
module_type = "php"
elif file_ext.lower() == ".c":
module_type = "c"
else:
alert.error("Obfuscate is not supported for this language")
# Remove obfuscate methods and options
self.current_module.obfuscate_methods = []
self.current_module.obfuscate_options = []
return 2
alert.info(
f"Detected {module_type} language. Obfuscation is available.")
setattr(self.current_module, "type", module_type)
if "type" in self.current_module.module_attributes.keys():
self.current_module.module_attributes["type"][0] = module_type
else:
self.current_module.module_attributes.update(
{"type": [module_type, "File type"]})
from owasp_zsc.libs import obfuscate
module_path = obfuscate.__path__[0].split("ZSC/")[1]
module = importlib.import_module(
f"{module_path.replace('/', '.')}.{module_type}")
obfuscate_module = getattr(module, "Obfuscator")()
self.current_module.obfuscate_methods = [
os.path.splitext(x)[0]
for x in os.listdir(f"{module_path}/{module_type}")
if x.endswith(".py") and not x.startswith("__")
]
obfuscate_opts = []
for k, v in obfuscate_module.module_attributes.items():
self.current_module.module_attributes.update({k: v})
setattr(self.current_module, k, v[0])
obfuscate_opts.append(k)
if obfuscate_opts:
self.current_module.obfuscate_options = obfuscate_opts
return True
def run(self):
if not self.file:
alert.error("File option is required")
return
if not self.method:
alert.error("An obfuscation method is required")
return
from owasp_zsc.libs import obfuscate
import importlib
try:
module_path = obfuscate.__path__[0].split("owasp_zsc")[1].replace(
"/", ".")
module = importlib.import_module(
f"owasp_zsc{module_path}.{self.type}.{self.method}")
module = getattr(module, "ObfuscateModule")()
if hasattr(module, "times"):
setattr(module, "times", self.times
) # FIX submodule doesn't take new times from options
alert.info("Getting file content")
content = open(self.file).read()
if not content.strip():
alert.error("File is empty!")
return
alert.info("Obfuscating file content")
obfuscated_content = module.start(content)
alert.info("Generating obfuscated script")
f = open(self.file, "w")
f.write(obfuscated_content)
f.close()
alert.info("Completed. Your file is obfuscated.")
except AttributeError:
traceback.print_exc()
alert.error("Invalid module")
except:
traceback.print_exc()
def handle_generate(self, name=""):
alert.info("Generating payload")
asm_code = self.generate()
arch, module = name.split(".")[-2:]
if not arch:
alert.error("Invalid arch of module")
return
if self.encoder:
asm_code = self.handle_encode(arch, module, self.encoder, asm_code)
from owasp_zsc.libs import opcoder
opcode_path = f"{opcoder.__path__[0].split('ZSC/')[1].replace('/', '.')}.{arch}"
opcode_module = importlib.import_module(opcode_path)
opcode = getattr(opcode_module, "convert")(asm_code)
if not self.file:
alert.info("ASM code:")
print(asm_code)
if opcode:
alert.info("Opcode:")
print(f"\"{opcode}\"")
else:
alert.warn("No opcode is available")
else:
# We do generate code here. Scope: C, ASM, Nim, ...
# if file is asm, we don't have to have opcode
ext = os.path.splitext(self.file)[1]
if ext.lower() == ".asm":
alert.info("ASM file. Only write ASM code.")
try:
open(self.file, "w").write(asm_code)
alert.info(f"ASM code is written at {self.file}")
if arch.endswith("x86"):
# alert.info("Compile binary commands:")
# DEBUG compile binaries for easier test
folder = os.path.split(self.file)[0]
folder = os.getcwd() if not folder else folder
os.system(f"as {self.file} --32 -o {folder}/out.o")
os.system(
f"ld -m elf_i386 -o {folder}/out {folder}/out.o")
alert.info(f"Binary is compiled at {folder}/out")
# print(f"as {self.file} --32 -o <out.o>")
# print(f"ld -m elf_i386 -o <out_binary> <out.o>")
else:
print(f" as {self.file} -o <out.o>")
print(f" ld -o <out_binary> <out.o>")
except:
alert.error(f"Failed to write ASM code to {self.file}")
return False
return True