refactor: new source files

2026-06-02 17:27:10 +00:00 · 2024-02-15 07:27:43 +00:00
parent 3b8ba16b3f
commit 8856bdae1d
7 changed files with 105 additions and 75 deletions
@@ -51,11 +51,12 @@ Plugins:

 ## Installation

+### Paths
+
 Configure `config.yaml` with: 
 * Path to Visual Studio 2022 compiler and assembler
 * Path to mash_shc and runshc: https://github.com/hasherezade/masm_shc. 

-
 `config.yaml`:
 ```yaml
 path_cl: 'C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.37.32822\bin\Hostx64\x64\cl.exe'
@@ -69,12 +70,22 @@ Make sure its the `Hostx64/x64/` one exe. Make sure to compile
 msmshc and runshc as 64bit. You can also replace runshc with
 your own shellcode loader. 

-Alternatively, you can maybe use a 64bit Visual Studio developer console or insert env paths:
+### Environment Variables
+
+Use
 ```
 "C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Auxiliary\Build\vcvars64.bat"
 ```
-And just use executable "cl.exe" and "ml64.exe". 

+or the VS developer console to find the damn environment variables, and set 
+it in your python console. In my case:
+```
+$env:INCLUDE = "C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.37.32822\include;C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.37.32822\ATLMFC\include;C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Auxiliary\VS\include;C:\Program Files (x86)\Windows Kits\10\include\10.0.22621.0\ucrt;C:\Program Files (x86)\Windows Kits\10\\include\10.0.22621.0\\um;C:\Program Files (x86)\Windows Kits\10\\include\10.0.22621.0\\shared;C:\Program Files (x86)\Windows Kits\10\\include\10.0.22621.0\\winrt;C:\Program Files (x86)\Windows Kits\10\\include\10.0.22621.0\\cppwinrt;C:\Program Files (x86)\Windows Kits\NETFXSDK\4.8\include\um"
+$env:LIB="C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.37.32822\ATLMFC\lib\x64;C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.37.32822\lib\x64;C:\Program Files (x86)\Windows Kits\NETFXSDK\4.8\lib\um\x64;C:\Program Files (x86)\Windows Kits\10\lib\10.0.22621.0\ucrt\x64;C:\Program Files (x86)\Windows Kits\10\\lib\10.0.22621.0\\um\x64"
+$env:LIBPATH="C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.37.32822\ATLMFC\lib\x64;C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.37.32822\lib\x64;C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.37.32822\lib\x86\store\references;C:\Program Files (x86)\Windows Kits\10\UnionMetadata\10.0.22621.0;C:\Program Files (x86)\Windows Kits\10\References\10.0.22621.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319"
+```
+
+### VS2022 Components

 A list of packages/components which may be required for Visual Studio 2022:
 * C++ 2022 Redistributable Update
@@ -3,7 +3,7 @@ from config import config
 import os
 import pprint
 from observer import observer
-from jinja2 import Template
+

 from project import project
 from model import *
@@ -11,66 +11,6 @@ from model import *
 use_templates = True


-def create_c_from_template():
-    plugin_allocator = ""
-    plugin_decoder = ""
-    plugin_executor = ""
-
-    with open("plugins/allocator/rwx_1.c", "r", encoding='utf-8') as file:
-        plugin_allocator = file.read()
-
-    if project.decoder_style == DecoderStyle.PLAIN_1:
-        with open("plugins/decoder/plain_1.c", "r", encoding='utf-8') as file:
-            plugin_decoder = file.read()
-    elif project.decoder_style == DecoderStyle.XOR_1:
-        with open("plugins/decoder/xor_1.c", "r", encoding='utf-8') as file:
-            plugin_decoder = file.read()
-
-    with open("plugins/executor/direct_1.c", "r", encoding='utf-8') as file:
-        plugin_executor = file.read()
-
-    
-    if project.source_style == SourceStyle.peb_walk:
-        if use_templates:
-            with open("source/peb_walk/template.c", 'r', encoding='utf-8') as file:
-                template_content = file.read()
-                observer.add_text("main_c_template", template_content)
-
-            template = Template(template_content)
-            rendered_template = template.render({
-                'plugin_allocator': plugin_allocator,
-                'plugin_decoder': plugin_decoder,
-                'plugin_executor': plugin_executor,
-            })
-            with open("build/main.c", "w", encoding='utf-8') as file:
-                file.write(rendered_template)
-                observer.add_text("main_c_rendered", rendered_template)
-            shutil.copy("source/peb_walk/peb_lookup.h", "build/peb_lookup.h")
-
-        else:
-            observer.add_text("main_c", file_readall_text("source/peb_walk/main.c"))
-            shutil.copy("source/peb_walk/main.c", "build/main.c")
-            shutil.copy("source/peb_walk/peb_lookup.h", "build/peb_lookup.h")
-
-    elif project.source_style == SourceStyle.iat_reuse:
-        if use_templates:
-            with open("source/iat_reuse/template.c", 'r', encoding='utf-8') as file:
-                template_content = file.read()
-                observer.add_text("main_c_template", template_content)
-            template = Template(template_content)
-            rendered_template = template.render({
-                'plugin_allocator': plugin_allocator,
-                'plugin_decoder': plugin_decoder,
-                'plugin_executor': plugin_executor,
-            })
-            with open("build/main.c", "w", encoding='utf-8') as file:
-                file.write(rendered_template)
-                observer.add_text("main_c_rendered", rendered_template)
-        else:
-            observer.add_text("main_c", file_readall_text("source/iat_reuse/main.c"))
-            shutil.copy("source/iat_reuse/main.c", "build/main.c")
-
-
 def make_c_to_asm(c_file, asm_file, payload_len, capabilities: ExeCapabilities):
    print("--[ C to ASM: {} -> {} ]".format(c_file, asm_file))

@@ -81,8 +21,6 @@ def make_c_to_asm(c_file, asm_file, payload_len, capabilities: ExeCapabilities):
        "fixup": "",
    }

-    # 
-
    # Phase 1: C To Assembly
    print("---[ Make ASM from C: {} ]".format(c_file))
    run_process_checkret([
@@ -0,0 +1,78 @@
+from jinja2 import Template
+import pprint
+import shutil
+
+from helper import *
+from config import config
+from project import project
+from model import *
+from observer import observer
+
+use_templates = True
+
+
+# INPUT:
+#   plugins/
+#   source/
+#
+# Output:
+#   build/main.c
+#   build/*.h
+def create_c_from_template():
+    plugin_allocator = ""
+    plugin_decoder = ""
+    plugin_executor = ""
+
+    with open("plugins/allocator/rwx_1.c", "r", encoding='utf-8') as file:
+        plugin_allocator = file.read()
+
+    if project.decoder_style == DecoderStyle.PLAIN_1:
+        with open("plugins/decoder/plain_1.c", "r", encoding='utf-8') as file:
+            plugin_decoder = file.read()
+    elif project.decoder_style == DecoderStyle.XOR_1:
+        with open("plugins/decoder/xor_1.c", "r", encoding='utf-8') as file:
+            plugin_decoder = file.read()
+
+    with open("plugins/executor/direct_1.c", "r", encoding='utf-8') as file:
+        plugin_executor = file.read()
+
+    
+    if project.source_style == SourceStyle.peb_walk:
+        if use_templates:
+            with open("source/peb_walk/template.c", 'r', encoding='utf-8') as file:
+                template_content = file.read()
+                observer.add_text("main_c_template", template_content)
+
+            template = Template(template_content)
+            rendered_template = template.render({
+                'plugin_allocator': plugin_allocator,
+                'plugin_decoder': plugin_decoder,
+                'plugin_executor': plugin_executor,
+            })
+            with open("build/main.c", "w", encoding='utf-8') as file:
+                file.write(rendered_template)
+                observer.add_text("main_c_rendered", rendered_template)
+            shutil.copy("source/peb_walk/peb_lookup.h", "build/peb_lookup.h")
+
+        else:
+            observer.add_text("main_c", file_readall_text("source/peb_walk/main.c"))
+            shutil.copy("source/peb_walk/main.c", "build/main.c")
+            shutil.copy("source/peb_walk/peb_lookup.h", "build/peb_lookup.h")
+
+    elif project.source_style == SourceStyle.iat_reuse:
+        if use_templates:
+            with open("source/iat_reuse/template.c", 'r', encoding='utf-8') as file:
+                template_content = file.read()
+                observer.add_text("main_c_template", template_content)
+            template = Template(template_content)
+            rendered_template = template.render({
+                'plugin_allocator': plugin_allocator,
+                'plugin_decoder': plugin_decoder,
+                'plugin_executor': plugin_executor,
+            })
+            with open("build/main.c", "w", encoding='utf-8') as file:
+                file.write(rendered_template)
+                observer.add_text("main_c_rendered", rendered_template)
+        else:
+            observer.add_text("main_c", file_readall_text("source/iat_reuse/main.c"))
+            shutil.copy("source/iat_reuse/main.c", "build/main.c")
@@ -8,9 +8,12 @@ import pickle
 from model import *
 from config import config
 from pehelper import *
-from phases.ctoasm import *
-from phases.asmtoshc import *
-from phases.shctoexe import *
+
+import phases.templater
+import phases.compiler
+import phases.assembler
+import phases.injector
+
 from observer import observer
 from project import project

@@ -109,7 +112,7 @@ def start():
    print("--[ SourceStyle: {}".format(project.source_style.name))

    # Copy: loader C files into working directory: build/
-    create_c_from_template()
+    phases.templater.create_c_from_template()

    # Convert: C -> ASM
    if project.generate_asm_from_c:
@@ -118,14 +121,14 @@ def start():
            data_payload = input2.read()
            payload_length = len(data_payload)
            #observer.add_text("payload_asm_orig", str(data_payload))
-        asm = make_c_to_asm(main_c_file, main_asm_file, payload_length, project.exe_capabilities)
+        asm = phases.compiler.make_c_to_asm(main_c_file, main_asm_file, payload_length, project.exe_capabilities)
        observer.add_text("payload_asm_orig", asm["initial"])
        observer.add_text("payload_asm_cleanup", asm["cleanup"])
        observer.add_text("payload_asm_fixup", asm["fixup"])

    # Convert: ASM -> Shellcode
    if project.generate_shc_from_asm:
-        code = make_shc_from_asm(main_asm_file, main_exe_file, main_shc_file)
+        code = phases.assembler.make_shc_from_asm(main_asm_file, main_exe_file, main_shc_file)
        observer.add_code("generate_shc_from_asm", code) 
    
    # Try: Starting the shellcode (rarely useful)
@@ -135,7 +138,7 @@ def start():

    # Merge shellcode/loader with payload
    if project.dataref_style == DataRefStyle.APPEND:
-        merge_loader_payload(main_shc_file)
+        phases.assembler.merge_loader_payload(main_shc_file)

        if project.verify and project.source_style == SourceStyle.peb_walk:
            print("--[ Verify final shellcode ]")
@@ -169,10 +172,10 @@ def start():
    if project.inject:
        #debug_data["original_exe"] = file_readall_binary(options["inject_exe_in"])

-        inject_exe(main_shc_file)
+        phases.injector.inject_exe(main_shc_file)
        if project.verify:
            print("--[ Verify final exe ]")
-            if verify_injected_exe(project.inject_exe_out):
+            if phases.injector.verify_injected_exe(project.inject_exe_out):
                #debug_data["infected_exe"] = file_readall_binary(options["inject_exe_out"])
                pass