feature: send to avred for execution

config.yaml

@@ -5,4 +5,6 @@ path_masmshc:  'C:\Users\hacker\Source\Repos\masm_shc\out\build\x64-Debug\masm_s
 path_runshc: 'C:\Users\hacker\Source\Repos\masm_shc\out\build\x64-Debug\runshc\runshc.exe'
 #- path_shexec = r'C:\Research\hasherezade\exec_fiber\sh-exec-fiber.exe'
 
-path_sgn: 'C:\tools\sgn2.1\sgn.exe'
+path_sgn: 'C:\tools\sgn2.1\sgn.exe'
+
+avred_server: "192.168.1.1:8001"

requirements.txt

@@ -4,4 +4,5 @@ capstone
 keystone-engine
 jinja2
 Pygments
-ansi2html
+ansi2html
+requests

sender.py

@@ -0,0 +1,37 @@
+import requests as req
+import logging
+import brotli
+import os
+import time
+import shutil
+
+from config import config
+
+
+def scannerDetectsBytes(data: bytes, filename: str, useBrotli=True, verify=False):
+    params = { 'filename': filename, 'brotli': useBrotli, 'verify': verify }
+    if useBrotli:
+        scanData = brotli.compress(data)
+    else:
+        scanData = data
+
+    timeStart = time.time()
+    print("Send to exec/exe: {}".format(params))
+    res = req.post("{}/exec/exe".format(config.get("avred_server")), params=params, data=scanData, timeout=10)
+    jsonRes = res.json()
+    print("Response: {}".format(jsonRes))
+    scanTime = round(time.time() - timeStart, 3)
+
+    # basically internal server error, e.g. AMSI not working
+    if res.status_code != 200:
+        logging.error("Error Code {}: {}".format(res.status_code, res.text))
+        raise Exception("Server error, aborting")
+    
+    return jsonRes
+
+
+def main():
+    with open("data/exes/7z-verify.exe", "rb") as f:
+        data = f.read()
+    res = scannerDetectsBytes(data, "test.exe")
+    print("Answer: {}".format(res))

supermega.py

@@ -13,12 +13,10 @@ import phases.assembler
 import phases.injector
 from observer import observer
 from pe.pehelper import extract_code_from_exe_file_ep
-
+from sender import scannerDetectsBytes
 from model.project import Project
 from model.settings import Settings
 from model.defs import *
-from model.carrier import Carrier
-from model.exehost import ExeHost
 from log import setup_logging, writelog
 
 
@@ -60,7 +58,6 @@ def main():
             settings.source_style = SourceStyle.peb_walk
         elif args.sourcestyle == "iat_reuse":
             settings.source_style = SourceStyle.iat_reuse
-
     if args.alloc:
         if args.alloc == "rwx_1":
             settings.alloc_style = AllocStyle.RWX
@@ -72,7 +69,6 @@ def main():
     if args.exec:
         if args.exec == "direct_1":
             settings.exec_style = ExecStyle.CALL
-
     if args.inject:
         if args.rbrunmode == "eop":
             settings.inject_mode = InjectStyle.ChangeEntryPoint
@@ -88,7 +84,6 @@ def main():
         logger.error("Require: --shellcode <shellcode file> --inject <injectable.exe>")
         logger.info(r"Example: .\supermega.py --shellcode .\data\shellcodes\calc64.bin --inject .\data\exes\7z.exe")
         return 1
-
     if args.shellcode:
         if not os.path.isfile(args.shellcode):
             logger.info("Could not find: {}".format(args.shellcode))
@@ -191,15 +186,21 @@ def start(settings: Settings):
     
     observer.add_code("exe_final", extract_code_from_exe_file_ep(settings.inject_exe_out, 300))
 
-    # Start/verify it at the end
-    if settings.verify:
-        logger.info("--[ Verify infected exe")
-        exit_code = phases.injector.verify_injected_exe(settings.inject_exe_out)
-    elif settings.try_start_final_infected_exe:
-        logger.info("--[ Start infected exe: {}".format(settings.inject_exe_out))
-        run_process_checkret([
-            settings.inject_exe_out,
-        ], check=False)
+    if config.get("avred_server") != "":
+        with open(settings.inject_exe_out, "rb") as f:
+            data = f.read()
+        scannerDetectsBytes(data, "test.exe", useBrotli=True, verify=settings.verify)
+
+    else:
+        # Start/verify it at the end
+        if settings.verify:
+            logger.info("--[ Verify infected exe")
+            exit_code = phases.injector.verify_injected_exe(settings.inject_exe_out)
+        elif settings.try_start_final_infected_exe:
+            logger.info("--[ Start infected exe: {}".format(settings.inject_exe_out))
+            run_process_checkret([
+                settings.inject_exe_out,
+            ], check=False)
 
     # Cleanup files
     if settings.cleanup_files_on_exit: