admin/SuperMega
1
0
Fork 0
mirror of https://github.com/dobin/SuperMega synced 2026-06-03 01:27:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

feature: check function size of eop dll func

Browse Source
This commit is contained in:
Dobin
2024-04-14 18:20:32 +01:00
parent 4fb7b9f88e
commit 3bbff69cdf
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
phases/injector.py
+12
View File
@@ -49,6 +49,18 @@ def inject_exe(
# Special case. put it at the beginning of the exported DLL function # Special case. put it at the beginning of the exported DLL function
logger.info("--[ Overwrite DLL function {} with shellcode".format(settings.dllfunc)) logger.info("--[ Overwrite DLL function {} with shellcode".format(settings.dllfunc))
rva = pe_backdoorer.getExportEntryPoint(settings.dllfunc) rva = pe_backdoorer.getExportEntryPoint(settings.dllfunc)
# Size and sanity checks
exports = superpe.get_exports_full()
for exp in exports:
if exp["name"] == settings.dllfunc:
if l >= exp["size"]:
raise Exception("Shellcode too large: {} > {} exported function {}".format(
l, exp["size"], settings.dllfunc
))
break
# Inject
shellcode_offset = superpe.get_physical_address(rva) shellcode_offset = superpe.get_physical_address(rva)
logger.info(f'---[ Using DLL Export "{settings.dllfunc}" at RVA 0x{rva:X} offset 0x{shellcode_offset:X} to overwrite') logger.info(f'---[ Using DLL Export "{settings.dllfunc}" at RVA 0x{rva:X} offset 0x{shellcode_offset:X} to overwrite')
superpe.pe.set_bytes_at_offset(shellcode_offset, main_shc) superpe.pe.set_bytes_at_offset(shellcode_offset, main_shc)