refactor: fix tester, remove dlls/

app/templates/index.html

@@ -20,8 +20,8 @@
     <h3>Injectable</h3>
     <code>--inject &lt;filename.exe&gt; </code><br>
 
-    A 64-bit Windows PE executable used as a trojan. The shellcode will be injected in this EXE. 
+    A 64-bit Windows PE executable used as a trojan. The shellcode will be injected in this EXE or DLL. 
-    The original functionality of the EXE will not work anymore (it will only execute the carrier
+    The original functionality of the EXE/DLL will not work anymore (it will only execute the carrier
     with the shellcode it is carrying)
     <br>
     Located in the <code>data/binary/exes/</code> directory. <br>

app/views.py

@@ -15,16 +15,13 @@ logger = logging.getLogger("Views")
 @views.route("/")
 def index():
     return render_template('index.html')
-    return redirect("/project/default", code=302)
 
 
 @views.route("/exes/<exe_name>")
 def exe_view(exe_name):
     filepath = "{}{}".format(PATH_EXES, exe_name)
     if not os.path.exists(filepath):
-        filepath = "{}{}".format(PATH_EXES_MORE, exe_name)
+       return "File not found: {}".format(exe_name)
-        if not os.path.exists(filepath):
-            return "File not found: {}".format(exe_name)
 
     superpe = SuperPe(filepath)
 

app/views_project.py

@@ -98,7 +98,6 @@ def project(name):
     project_dir = os.path.dirname(os.getcwd() + "\\" + project_setting.project_path)
     log_files = get_logfiles(project_setting.project_path)
     exes = list_files_and_sizes(PATH_EXES)
-    #exes += list_files_and_sizes(PATH_EXES_MORE, prepend=PATH_EXES_MORE)
     shellcodes = list_files_and_sizes(PATH_SHELLCODES)
 
     carrier_names = get_template_names()

model/defs.py

@@ -9,8 +9,7 @@ VerifyFilename: FilePath = FilePath("C:\\Temp\\a")
 
 # Directory structure
 PATH_EXES = "data/binary/exes/"
-PATH_EXES_MORE = "data/binary/exes_more/"
+
-PATH_DLLS = "data/binary/dlls/"
 PATH_SHELLCODES = "data/binary/shellcodes/"
 PATH_CARRIER = "data/source/carrier/"
 PATH_DECODER = "data/source/decoder/"

tester.py

@@ -24,6 +24,11 @@ def main():
         print("{} directory does not exist".format(os.path.dirname(VerifyFilename)))
         return
     
+    if len(sys.argv) < 2:
+        print("Usage: python tester.py <test>")
+        print("Available tests: all, common, dll_loader, exe_code, exe_data, dll_code, dll_data")
+        return
+    
     match sys.argv[1]:
         case "all":
             test_common()
@@ -55,7 +60,9 @@ def test_common():
     print("Testing: COMMON A")
 
     settings = Settings("unittest")
-    settings.payload_path = FilePath(PATH_SHELLCODES + "createfile.bin")
+    settings.injectable_base = "procexp64.exe"
+    settings.payload_base = "createfile.bin"
+
     settings.verify = True
     settings.try_start_final_infected_exe = False
     settings.payload_location = PayloadLocation.CODE
@@ -66,8 +73,6 @@ def test_common():
     settings.decoder_style = "plain"
     settings.carrier_name = "alloc_rw_rwx" # important (not rx)
     settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
-    settings.inject_exe_in = FilePath(PATH_EXES + "procexp64.exe")
-    settings.inject_exe_out = FilePath(PATH_EXES + "procexp64.verify.exe")
     if not start(settings):
         return
 
@@ -104,12 +109,12 @@ def test_common():
 def test_dll_loader():
     print("Testing: DLL Loader")
     settings = Settings("unittest")
-    settings.payload_path = FilePath(PATH_SHELLCODES + "createfile.dll")
+    settings.injectable_base = "procexp64.exe"
+    settings.payload_base = "createfile.dll"
+
     settings.verify = True
     settings.try_start_final_infected_exe = False
     settings.payload_location = PayloadLocation.CODE   # important
-    settings.inject_exe_in = FilePath(PATH_EXES + "procexp64.exe")
-    settings.inject_exe_out = FilePath(PATH_EXES + "procexp64.verify.exe")
     settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
 
     print("Test DLL Loader 1/2: procexp, backdoor main, dll loader alloc")
@@ -126,7 +131,8 @@ def test_dll_loader():
 def test_exe_code():
     print("Testing: EXEs: Inject payload into .text")
     settings = Settings("unittest")
-    settings.payload_path = FilePath(PATH_SHELLCODES + "createfile.bin")
+    settings.injectable_base = "7z.exe"
+    settings.payload_base = "createfile.bin"
     settings.verify = True
     settings.try_start_final_infected_exe = False
     settings.payload_location = PayloadLocation.CODE
@@ -135,8 +141,6 @@ def test_exe_code():
     print("Test EXE 1/4: 7z, peb-walk, change-entrypoint")
     settings.carrier_name = "peb_walk"
     settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
-    settings.inject_exe_in = FilePath(PATH_EXES + "7z.exe")
-    settings.inject_exe_out = FilePath(PATH_EXES + "7z.verify.exe")
     if not start(settings):
         return
 
@@ -144,17 +148,15 @@ def test_exe_code():
     print("Test EXE 2/4: 7z, peb-walk, hijack main")
     settings.carrier_name = "peb_walk"
     settings.carrier_invoke_style = CarrierInvokeStyle.BackdoorCallInstr
-    settings.inject_exe_in = FilePath(PATH_EXES + "7z.exe")
-    settings.inject_exe_out = FilePath(PATH_EXES + "7z.verify.exe")
     if not start(settings):
         return
+    
+    settings.injectable_base = "procexp64.exe"
 
     # procexp, iat-reuse, change-entrypoint
     print("Test EXE 3/4: procexp, iat-reuse, change-entrypoint")
     settings.carrier_name = "alloc_rw_rwx"
     settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
-    settings.inject_exe_in = FilePath(PATH_EXES + "procexp64.exe")
-    settings.inject_exe_out = FilePath(PATH_EXES + "procexp64.verify.exe")
     if not start(settings):
         return
 
@@ -162,8 +164,6 @@ def test_exe_code():
     print("Test EXE 4/4: procexp, iat-reuse, backdoor")
     settings.carrier_name = "alloc_rw_rwx"
     settings.carrier_invoke_style = CarrierInvokeStyle.BackdoorCallInstr
-    settings.inject_exe_in = FilePath(PATH_EXES + "procexp64.exe")
-    settings.inject_exe_out = FilePath(PATH_EXES + "procexp64.verify.exe")
     if not start(settings):
         return
 
@@ -171,7 +171,9 @@ def test_exe_code():
 def test_exe_data():
     print("Testing: EXEs: Inject into .data")
     settings = Settings("unittest")
-    settings.payload_path = FilePath(PATH_SHELLCODES + "createfile.bin")
+    settings.injectable_base = "7z.exe"
+    settings.payload_base = "createfile.bin"
+
     settings.verify = True
     settings.try_start_final_infected_exe = False
     settings.payload_location = PayloadLocation.DATA
@@ -180,8 +182,6 @@ def test_exe_data():
     print("Test EXE 1/4: 7z, peb-walk, change-entrypoint")
     settings.carrier_name = "peb_walk"
     settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
-    settings.inject_exe_in = FilePath(PATH_EXES + "7z.exe")
-    settings.inject_exe_out = FilePath(PATH_EXES + "7z.verify.exe")
     if not start(settings):
         return
 
@@ -189,17 +189,15 @@ def test_exe_data():
     print("Test EXE 2/4: 7z, peb-walk, hijack main")
     settings.carrier_name = "peb_walk"
     settings.carrier_invoke_style = CarrierInvokeStyle.BackdoorCallInstr
-    settings.inject_exe_in = FilePath(PATH_EXES + "7z.exe")
-    settings.inject_exe_out = FilePath(PATH_EXES + "7z.verify.exe")
     if not start(settings):
         return
 
+    settings.injectable_base = "procexp64.exe"
+
     # procexp, iat-reuse, change-entrypoint
     print("Test EXE 3/4: procexp, iat-reuse, change-entrypoint")
     settings.carrier_name = "alloc_rw_rwx"
     settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
-    settings.inject_exe_in = FilePath(PATH_EXES + "procexp64.exe")
-    settings.inject_exe_out = FilePath(PATH_EXES + "procexp64.verify.exe")
     if not start(settings):
         return
     
@@ -207,8 +205,6 @@ def test_exe_data():
     print("Test EXE 4/4: procexp, iat-reuse, backdoor")
     settings.carrier_name = "alloc_rw_rwx"
     settings.carrier_invoke_style = CarrierInvokeStyle.BackdoorCallInstr
-    settings.inject_exe_in = FilePath(PATH_EXES + "procexp64.exe")
-    settings.inject_exe_out = FilePath(PATH_EXES + "procexp64.verify.exe")
     if not start(settings):
         return
 
@@ -216,7 +212,8 @@ def test_exe_data():
 def test_dll_code():
     print("Testing: DLLs code")
     settings = Settings("unittest")
-    settings.payload_path = FilePath(PATH_SHELLCODES + "createfile.bin")
+    settings.injectable_base = "libbz2.dll"
+    settings.payload_base = "createfile.bin"
     settings.verify = True
     settings.try_start_final_infected_exe = False
     settings.payload_location = PayloadLocation.CODE
@@ -224,16 +221,12 @@ def test_dll_code():
     print("Test DLL 1/4: libbz2.dll, peb-walk, change-entrypoint dllMain (func=None)")
     settings.carrier_name = "peb_walk"
     settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
-    settings.inject_exe_in = FilePath(PATH_DLLS + "libbz2.dll")
-    settings.inject_exe_out = FilePath(PATH_DLLS + "libbz2.verify.dll")
     if not start(settings):
         return
 
     print("Test DLL 2/4: libbz2.dll, peb-walk, hijack dllMain (func=None)")
     settings.carrier_name = "peb_walk"
     settings.carrier_invoke_style = CarrierInvokeStyle.BackdoorCallInstr
-    settings.inject_exe_in = FilePath(PATH_DLLS + "libbz2.dll")
-    settings.inject_exe_out = FilePath(PATH_DLLS + "libbz2.verify.dll")
     if not start(settings):
         return
 
@@ -241,8 +234,6 @@ def test_dll_code():
     settings.dllfunc = "BZ2_bzDecompress"
     settings.carrier_name = "peb_walk"
     settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
-    settings.inject_exe_in = FilePath(PATH_DLLS + "libbz2.dll")
-    settings.inject_exe_out = FilePath(PATH_DLLS + "libbz2.verify.dll")
     if not start(settings):
         return
 
@@ -250,8 +241,6 @@ def test_dll_code():
     settings.dllfunc = "BZ2_bzdopen"
     settings.carrier_name = "peb_walk"
     settings.carrier_invoke_style = CarrierInvokeStyle.BackdoorCallInstr
-    settings.inject_exe_in = FilePath(PATH_DLLS + "libbz2.dll")
-    settings.inject_exe_out = FilePath(PATH_DLLS + "libbz2.verify.dll")
     if not start(settings):
         return
 
@@ -259,7 +248,9 @@ def test_dll_code():
 def test_dll_data():
     print("Testing: DLLs data")
     settings = Settings("unittest")
-    settings.payload_path = FilePath(PATH_SHELLCODES + "createfile.bin")
+    settings.injectable_base = "libbz2.dll"
+    settings.payload_base = "createfile.bin"
+
     settings.verify = True
     settings.try_start_final_infected_exe = False
     settings.payload_location = PayloadLocation.DATA
@@ -267,16 +258,12 @@ def test_dll_data():
     print("Test DLL 1/4: libbz2.dll, peb-walk, change-entrypoint dllMain (func=None)")
     settings.carrier_name = "peb_walk"
     settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
-    settings.inject_exe_in = FilePath(PATH_DLLS + "libbz2.dll")
-    settings.inject_exe_out = FilePath(PATH_DLLS + "libbz2.verify.dll")
     if not start(settings):
         return
 
     print("Test DLL 2/4: libbz2.dll, peb-walk, hijack dllMain (func=None)")
     settings.carrier_name = "peb_walk"
     settings.carrier_invoke_style = CarrierInvokeStyle.BackdoorCallInstr
-    settings.inject_exe_in = FilePath(PATH_DLLS + "libbz2.dll")
-    settings.inject_exe_out = FilePath(PATH_DLLS + "libbz2.verify.dll")
     if not start(settings):
         return
 
@@ -284,8 +271,6 @@ def test_dll_data():
     settings.dllfunc = "BZ2_bzDecompress"
     settings.carrier_name = "peb_walk"
     settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
-    settings.inject_exe_in = FilePath(PATH_DLLS + "libbz2.dll")
-    settings.inject_exe_out = FilePath(PATH_DLLS + "libbz2.verify.dll")
     if not start(settings):
         return
 
@@ -293,8 +278,6 @@ def test_dll_data():
     settings.dllfunc = "BZ2_bzdopen"
     settings.carrier_name = "peb_walk"
     settings.carrier_invoke_style = CarrierInvokeStyle.BackdoorCallInstr
-    settings.inject_exe_in = FilePath(PATH_DLLS + "libbz2.dll")
-    settings.inject_exe_out = FilePath(PATH_DLLS + "libbz2.verify.dll")
     if not start(settings):
         return
     

tests/test_derbackdoorer.py

@@ -24,7 +24,7 @@ class DerBackdoorerTest(unittest.TestCase):
 
 
     def test_function_backdoorer_dll(self):
-        superpe = SuperPe(PATH_DLLS + "TestDLL.dll")
+        superpe = SuperPe(PATH_EXES + "TestDLL.dll")
         function_backdoorer = FunctionBackdoorer(superpe)
 
         addr = function_backdoorer.find_suitable_instruction_addr(superpe.get_entrypoint())

tests/test_superpe.py

@@ -70,7 +70,7 @@ class SuperPeTest(unittest.TestCase):
 
 
     def test_dll(self):
-        dll_filepath = PATH_DLLS + "TestDLL.dll"
+        dll_filepath = PATH_EXES + "TestDLL.dll"
         superpe = SuperPe(dll_filepath)
 
         # Properties