From 31737f2845ee2be5e573cce2304cc5d99ede54b4 Mon Sep 17 00:00:00 2001 From: Dobin Date: Sun, 18 Feb 2024 22:50:47 +0000 Subject: [PATCH] feature: remove files from first pase if in second --- observer.py | 7 +++++++ phases/injector.py | 4 ++-- supermega.py | 2 +- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/observer.py b/observer.py index c1a648f..b9bb0ad 100644 --- a/observer.py +++ b/observer.py @@ -4,6 +4,7 @@ from capstone import Cs, CS_ARCH_X86, CS_MODE_64 from model import * from r2helper import r2_disas +from helper import delete_all_files_in_directory class Observer(): @@ -30,6 +31,12 @@ class Observer(): with open("logs/{}-{}".format(self.idx, filename), "w") as f: f.write(data) + def clean_files(self): + delete_all_files_in_directory("logs/") + self.idx = 0 + self.logs = [] + + def __str__(self): s = "" return s diff --git a/phases/injector.py b/phases/injector.py index afbeb9a..3c1b842 100644 --- a/phases/injector.py +++ b/phases/injector.py @@ -48,8 +48,8 @@ def inject_exe( code = extract_code_from_exe(exe_out) in_code = code[peinj.shellcodeOffsetRel:peinj.shellcodeOffsetRel+shellcode_len] jmp_code = code[peinj.backdoorOffsetRel:peinj.backdoorOffsetRel+12] - observer.add_code("backdoored_code", in_code) - observer.add_code("backdoored_jmp", jmp_code) + observer.add_code("exe_extracted_loader", in_code) + observer.add_code("exe_extracted_jmp", jmp_code) if in_code != shellcode: raise Exception("Shellcode injection error") diff --git a/supermega.py b/supermega.py index 111b488..f0c6e00 100644 --- a/supermega.py +++ b/supermega.py @@ -146,7 +146,7 @@ def start(): # Not good, Fall back to PEB_WALK project.source_style = SourceStyle.peb_walk logger.warning("--[ SourceStyle: Fall back to PEB_WALK".format()) - + observer.clean_files() clean_files() # Copy: PEB_WALK loader C files into working directory: build/ phases.templater.create_c_from_template(