refactor: datareuse fixups into project.carrier as transport

2026-06-03 01:27:11 +00:00 · 2024-02-25 18:20:37 +00:00
parent 430f105240
commit 462f23d8cf
6 changed files with 89 additions and 48 deletions
@@ -1,12 +1,12 @@
 from typing import Dict, List
 import logging

-from model.exehost import ExeHost
+from model.exehost import DataReuseEntry

-logger = logging.getLogger("ExeHost")
+logger = logging.getLogger("Carrier")


-class IatEntry():
+class IatRequest():
    def __init__(self, name: str, placeholder: bytes):
        self.name: str = name           # Function Name, like "VirtualAlloc"
        self.placeholder: bytes = placeholder    # Random bytes as placeholder
@@ -15,7 +15,8 @@ class IatEntry():

 class Carrier():
    def __init__(self):
-        self.iat_requests: List[IatEntry] = []
+        self.iat_requests: List[IatRequest] = []
+        self.reusedata_fixups: List[DataReuseEntry] = []


    def init(self):
@@ -23,8 +24,14 @@ class Carrier():


    def add_iat_request(self, func_name: str, placeholder: bytes):
-        self.iat_requests.append(IatEntry(func_name, placeholder))
+        self.iat_requests.append(IatRequest(func_name, placeholder))

-
-    def get_all_iat_requests(self) -> List[IatEntry]:
+    def get_all_iat_requests(self) -> List[IatRequest]:
        return self.iat_requests
+
+
+    def set_datareuse_fixups(self, fixups: List[DataReuseEntry]):
+        self.reusedata_fixups = fixups
+
+    def get_all_reusedata_fixups(self) -> List[DataReuseEntry]:
+        return self.reusedata_fixups
@@ -10,6 +10,28 @@ from peparser.misc import get_physical_address
 logger = logging.getLogger("ExeHost")


+class RelocEntry():
+    def __init__(self, rva: int, base_rva: int, type: str):
+        self.rva: int = rva
+        self.base_rva: int = base_rva
+        self.type: str = type
+
+
+class IatEntry():
+    def __init__(self, dll_name, func_name, func_addr):
+        self.dll_name = dll_name
+        self.func_name = func_name
+        self.func_addr = func_addr
+
+
+class DataReuseEntry():
+    def __init__(self, string_ref: str, register: str, randbytes: bytes):
+        self.string_ref = string_ref
+        self.register = register
+        self.randbytes = randbytes
+        self.data = b''
+        self.addr = 0
+

 class ExeHost():
    def __init__(self, filepath: FilePath):
@@ -21,7 +43,7 @@ class ExeHost():
        self.superpe: SuperPe = None

        self.iat = {}  # Dict[str, List[Dict[str, str]]]
-        
+        self.base_relocs = []

        self.image_base: int = 0
        self.dynamic_base: bool = False
@@ -30,7 +52,6 @@ class ExeHost():
        self.code_size: int = 0
        self.code_section = None
        
-        self.base_relocs = []
        self.rwx_section = None

        self.ep = None