admin/SuperMega
1
0
Fork 0
mirror of https://github.com/dobin/SuperMega synced 2026-06-03 01:27:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

feature: aslr/relocs for exe in ExeCapabilities

Browse Source
This commit is contained in:
Dobin
2024-02-11 12:03:39 +00:00
parent 49b8c45b67
commit 0753290fe6
1 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
model.py
+21
View File
@@ -52,6 +52,10 @@ class ExeCapabilities():
self.capabilities: Dict[str, Capability] = {} self.capabilities: Dict[str, Capability] = {}
self.image_base = 0 self.image_base = 0
self.text_virtaddr = 0 self.text_virtaddr = 0
self.dynamic_base = False
self.iat = {}
self.base_relocs = []
for cap in capabilities: for cap in capabilities:
self.capabilities[cap] = Capability(cap) self.capabilities[cap] = Capability(cap)
@@ -63,6 +67,12 @@ class ExeCapabilities():
# image base # image base
self.image_base = pe.OPTIONAL_HEADER.ImageBase self.image_base = pe.OPTIONAL_HEADER.ImageBase
# dynamic base / ASLR
if pe.OPTIONAL_HEADER.DllCharacteristics & pefile.DLL_CHARACTERISTICS['IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE']:
self.dynamic_base = True
else:
self.dynamic_base = False
# .text virtual address # .text virtual address
for section in pe.sections: for section in pe.sections:
if section.Name.decode().rstrip('\x00') == '.text': if section.Name.decode().rstrip('\x00') == '.text':
@@ -72,6 +82,17 @@ class ExeCapabilities():
iat = pehelper.extract_iat(pe) iat = pehelper.extract_iat(pe)
for _, cap in self.capabilities.items(): for _, cap in self.capabilities.items():
cap.addr = pehelper.get_addr_for(iat, cap.name) cap.addr = pehelper.get_addr_for(iat, cap.name)
self.iat = iat
# relocs
for base_reloc in pe.DIRECTORY_ENTRY_BASERELOC:
for entry in base_reloc.entries:
entry_rva = entry.rva
reloc_type = pefile.RELOCATION_TYPE[entry.type][0]
self.base_relocs.append({
'rva': entry_rva,
'type': reloc_type,
})
def get(self, func_name): def get(self, func_name):