From 185c8fadb7f692c7d1afc158cc7dcfbc935ce25b Mon Sep 17 00:00:00 2001
From: Dobin Rutishauser <dobin.rutishauser@gmail.com>
Date: Tue, 25 Jun 2024 09:41:14 +0200
Subject: [PATCH] refactor: remove DecoderStyles enum

---
 app/templates/project.html                       |  6 +++---
 app/views_project.py                             | 16 +++++-----------
 data/source/carrier/dll_loader_alloc/template.c  |  1 +
 data/source/carrier/dll_loader_change/template.c |  1 +
 model/defs.py                                    |  7 -------
 model/settings.py                                |  2 +-
 phases/assembler.py                              |  8 ++++----
 phases/injector.py                               |  1 -
 phases/templater.py                              |  2 +-
 supermega.py                                     | 11 +++--------
 10 files changed, 19 insertions(+), 36 deletions(-)

diff --git a/app/templates/project.html b/app/templates/project.html
index e499656..7c29071 100644
--- a/app/templates/project.html
+++ b/app/templates/project.html
@@ -212,10 +212,10 @@
                     <div class="col-sm-7">
                         <select class="form-select" name="decoder_style" id="decoder_style"
                                 aria-label="DECODERESTYLE" onchange="this.form.submit()">
-                            {% for name, value in decoderstyles %}
+                            {% for name in decoder_styles %}
                                 <option value="{{name}}"
-                                    {% if value in project.settings.decoder_style.value %} selected {% endif %}
-                                >{{value}}
+                                    {% if name in project.settings.decoder_style %} selected {% endif %}
+                                >{{name}}
                             </option>
                             {% endfor %}
                         </select>
diff --git a/app/views_project.py b/app/views_project.py
index 6d26acc..8aa3fdb 100644
--- a/app/views_project.py
+++ b/app/views_project.py
@@ -98,7 +98,6 @@ def project(name):
     shellcodes = list_files_and_sizes(PATH_SHELLCODES)
 
     carrier_names = get_template_names()
-    decoderstyles = [(color.name, color.value) for color in DecoderStyle]
     carrier_invoke_styles = [(color.name, color.value) for color in CarrierInvokeStyle]
     payload_locations = [(color.name, color.value) for color in PayloadLocation]
 
@@ -106,6 +105,8 @@ def project(name):
     antiemulation_styles = list_files(PATH_ANTIEMULATION)
     decoy_styles = list_files(PATH_DECOY)
     virtualprotect_styles = list_files(PATH_VIRTUALPROTECT)
+    decoder_styles = list_files(PATH_DECODER)
+
 
     return render_template('project.html', 
         project_name = name,
@@ -116,7 +117,7 @@ def project(name):
         exes=exes,
         shellcodes=shellcodes,
         carrier_names=carrier_names,
-        decoderstyles=decoderstyles,
+        decoder_styles=decoder_styles,
         carrier_invoke_styles=carrier_invoke_styles,
         payload_locations=payload_locations,
         exports=exports,
@@ -181,7 +182,7 @@ def add_project():
                 "data/binary/exes/procexp64.exe",
                 ""
             )
-            settings.decoder_style = DecoderStyle.XOR_2
+            settings.decoder_style = "xor_2"
             settings.carrier_name = "alloc_rw_rx"
             settings.carrier_invoke_style = CarrierInvokeStyle.BackdoorCallInstr
             settings.payload_location = PayloadLocation.CODE
@@ -201,22 +202,15 @@ def add_project():
             )
 
             settings.fix_missing_iat = True if request.form.get('fix_missing_iat') != None else False
-
             settings.carrier_name = request.form['carrier_name']
-            
             settings.plugin_antiemulation = request.form['antiemulation']
             settings.plugin_decoy = request.form['decoy']
             settings.plugin_guardrail = request.form['guardrail']
-
             carrier_invoke_style = request.form['carrier_invoke_style']
             settings.carrier_invoke_style = CarrierInvokeStyle[carrier_invoke_style]
-
-            decoder_style = request.form['decoder_style']
-            settings.decoder_style = DecoderStyle[decoder_style]
-
+            settings.decoder_style = request.form['decoder_style']
             payload_location = request.form['payload_location']
             settings.payload_location = PayloadLocation[payload_location]
-
             settings.plugin_guardrail_data = request.form.get('guardrail_data', '')
             settings.plugin_virtualprotect = request.form.get('virtualprotect')
 
diff --git a/data/source/carrier/dll_loader_alloc/template.c b/data/source/carrier/dll_loader_alloc/template.c
index 4a2b8e5..055c371 100644
--- a/data/source/carrier/dll_loader_alloc/template.c
+++ b/data/source/carrier/dll_loader_alloc/template.c
@@ -150,6 +150,7 @@ DWORD_PTR load_dll(LPVOID dllBytes, DWORD_PTR *ret_dllBase, DWORD *ret_aoep) {
 
 {{plugin_executionguardrail}}
 
+{{plugin_virtualprotect}}
 
 int main()
 {
diff --git a/data/source/carrier/dll_loader_change/template.c b/data/source/carrier/dll_loader_change/template.c
index e6d71a1..af0fad2 100644
--- a/data/source/carrier/dll_loader_change/template.c
+++ b/data/source/carrier/dll_loader_change/template.c
@@ -184,6 +184,7 @@ DWORD_PTR load_dll(LPVOID dllBase, DWORD_PTR *ret_dllBase, DWORD *ret_aoep) {
 
 {{plugin_executionguardrail}}
 
+{{plugin_virtualprotect}}
 
 int main()
 {
diff --git a/model/defs.py b/model/defs.py
index ca04df4..44f3af7 100644
--- a/model/defs.py
+++ b/model/defs.py
@@ -23,13 +23,6 @@ PATH_VIRTUALPROTECT = "data/source/virtualprotect/"
 PATH_WEB_PROJECT = "projects/"
 
 
-# Correlated with real template files
-# in data/plugins/
-class DecoderStyle(Enum):
-    PLAIN_1 = "plain_1"
-    XOR_1 = "xor_1"
-    XOR_2 = "xor_2"
-
 
 class PayloadLocation(Enum):
     CODE = ".text"
diff --git a/model/settings.py b/model/settings.py
index e54e0f2..6203313 100644
--- a/model/settings.py
+++ b/model/settings.py
@@ -11,7 +11,7 @@ class Settings():
 
         # Settings
         self.carrier_name: str = ""
-        self.decoder_style: DecoderStyle = DecoderStyle.XOR_1
+        self.decoder_style: str = "xor_2"
         self.short_call_patching: bool = False
 
         self.plugin_antiemulation = "none"
diff --git a/phases/assembler.py b/phases/assembler.py
index 29b46cf..3471a4d 100644
--- a/phases/assembler.py
+++ b/phases/assembler.py
@@ -25,15 +25,15 @@ def asm_to_shellcode(asm_in: FilePath, build_exe: FilePath) -> bytes:
     return code
 
 
-def encode_payload(payload: bytes, decoder_style: DecoderStyle) -> bytes:
-    if decoder_style == DecoderStyle.PLAIN_1:
+def encode_payload(payload: bytes, decoder_style: str) -> bytes:
+    if decoder_style == "plain":
         return bytes(payload)
-    elif decoder_style == DecoderStyle.XOR_1:
+    elif decoder_style == "xor_1":
         xor_key = config.xor_key
         logger.info("---[ XOR payload with key 0x{:X}".format(xor_key))
         xored = bytes([byte ^ xor_key for byte in payload])
         return bytes(xored)
-    elif decoder_style == DecoderStyle.XOR_2:
+    elif decoder_style == "xor_2":
         xor_key = config.xor_key2
         logger.info("---[ XOR2 payload with key {}".format(xor_key))
         xored = bytearray(payload)
diff --git a/phases/injector.py b/phases/injector.py
index b5c282e..3f54408 100644
--- a/phases/injector.py
+++ b/phases/injector.py
@@ -83,7 +83,6 @@ class Injector():
         # Patch IAT (if necessary and wanted)
         self.injectable_patch_iat()
 
-        # DEL BOTH
         carrier_shc_len = len(self.carrier_shc)
         carrier_offset: int = 0  # file offset
 
diff --git a/phases/templater.py b/phases/templater.py
index f8173e9..312fab8 100644
--- a/phases/templater.py
+++ b/phases/templater.py
@@ -47,7 +47,7 @@ def create_c_from_template(settings: Settings, payload_len: int):
 
     # Plugin: Decoder
     filepath_decoder = PATH_DECODER + "{}.c".format(
-        settings.decoder_style.value)
+        settings.decoder_style)
     with open(filepath_decoder, "r", encoding='utf-8') as file:
         plugin_decoder = file.read()
         plugin_decoder = Template(plugin_decoder).render({
diff --git a/supermega.py b/supermega.py
index 127f8b0..67aad9f 100644
--- a/supermega.py
+++ b/supermega.py
@@ -56,12 +56,7 @@ def main():
     if args.carrier:
         settings.carrier_name = args.carrier
     if args.decoder:
-        if args.decoder == "plain_1":
-            settings.decoder_style = DecoderStyle.PLAIN_1
-        elif args.decoder == "xor_1":
-            settings.decoder_style = DecoderStyle.XOR_1
-        elif args.decoder == "xor_2":
-            settings.decoder_style = DecoderStyle.XOR_2
+        settings.decoder_style = args.decoder
     if args.inject:
         if args.carrier_invoke == "eop":
             settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
@@ -114,7 +109,7 @@ def start(settings: Settings) -> int:
     prepare_project(settings.project_name, settings)
 
     # Do the thing and catch the errors
-    if False:
+    if True:
         start_real(settings)
     else:
         try:
@@ -148,7 +143,7 @@ def start_real(settings: Settings):
     logger.info("--[ Config:  {}  {}  {}  {}".format(
         project.settings.carrier_name, 
         settings.payload_location.value,
-        project.settings.decoder_style.value,
+        project.settings.decoder_style,
         project.settings.carrier_invoke_style.value))
 
     logger.info("--[ Plugins: AntiEmulation={}  Decoy={}  Guardrail={}".format(