fix: small bugfixes

2026-06-02 17:27:10 +00:00 · 2024-05-29 08:28:23 +01:00
parent 0e08fde15d
commit 854c41300e
4 changed files with 14 additions and 9 deletions
@@ -170,13 +170,15 @@ def round_up_to_multiple_of_8(x):


 def ui_string_decode(data):
-    if len(data) > 32:
-        return "Data with len {}".format(len(data))
-    elif b"\x00\x00" in data:
-        return "(utf16) " + data.decode("utf-16le")
-    else:
-        return "(utf8) " + data.decode("utf-8")
-
+    try:
+        if len(data) > 32:
+            return "Data with len {}".format(len(data))
+        elif b"\x00\x00" in data:
+            return "(utf16) " + data.decode("utf-16le")
+        else:
+            return "(utf8) " + data.decode("utf-8")
+    except Exception as e:
+        logger.warn("ui_string_decode: {}".format(e))

 def ascii_to_hex_bytes(ascii_bytes):
    hex_escaped = ''.join(f'\\x{byte:02x}' for byte in ascii_bytes)
@@ -269,7 +269,7 @@ class SuperPe():
            if self.pe.DIRECTORY_ENTRY_EXPORT.symbols == 0:
                return []
        except Exception as e:
-            logger.warn("No exports found")
+            logger.warn("get_exports_full(): No exports found in PE")
            return []
        res = []
        for e in self.pe.DIRECTORY_ENTRY_EXPORT.symbols:
@@ -180,6 +180,9 @@ def convert_asm_db_to_bytes(line: str) -> bytes:
            value += str.encode(part.split('\'')[1])
        elif part.endswith('H') or part.endswith('H,'):
            hex = part.split('H')[0]
+            if len(hex) == 3:
+                # 09cH,
+                hex = hex[1:]
            value += bytes.fromhex(hex)
    return value

@@ -28,7 +28,7 @@ def inject_exe(main_shc: bytes, settings: Settings, carrier: Carrier):
    shellcode_len = len(main_shc)
    code_sect_size = carrier.superpe.get_code_section().Misc_VirtualSize
    if shellcode_len + CODE_INJECT_SIZE_CHECK_ADD > code_sect_size:
-        raise Exception("Error: Shellcode size {}+{} too small for target code section {}".format(
+        raise Exception("Error: Shellcode size {}+{} too big for target code section {}".format(
            shellcode_len, CODE_INJECT_SIZE_CHECK_ADD, code_sect_size
        ))