admin/SuperMega
1
0
Fork 0
mirror of https://github.com/dobin/SuperMega synced 2026-06-03 01:27:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: rename central data structures

Browse Source
This commit is contained in:
Dobin
2024-04-07 11:34:13 +01:00
parent de73d5452e
commit a03c267070
12 changed files with 66 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/templates/project.html
+4 -20
View File
@@ -84,31 +84,23 @@
<!-- row 3 --> <!-- row 3 -->
<div class="col-3"> <div class="col-3">
<select class="form-select" name="source_style" aria-label="SOURCESTYLE" onchange="this.form.submit()"> <select class="form-select" name="source_style" aria-label="SOURCESTYLE" onchange="this.form.submit()">
{% for name, value in sourcestyles %} {% for name, value in function_invoke_styles %}
<option value="{{name}}" <option value="{{name}}"
{% if name in project.settings.source_style.value %} selected {% endif %} {% if name in project.settings.source_style.value %} selected {% endif %}
>{{value}}</option> >{{value}}</option>
{% endfor %} {% endfor %}
</select> </select>
<select class="form-select" name="inject_mode" aria-label="INJECTSTYLE" onchange="this.form.submit()"> <select class="form-select" name="carrier_invoke_style" aria-label="INJECTSTYLE" onchange="this.form.submit()">
{% for name, value in injectstyles %} {% for name, value in carrier_invoke_styles %}
<option value="{{name}}" <option value="{{name}}"
{% if value in project.settings.inject_mode.value %} selected {% endif %} {% if value in project.settings.carrier_invoke_style.value %} selected {% endif %}
>{{value}}</option> >{{value}}</option>
{% endfor %} {% endfor %}
</select> </select>
</div> </div>
<div class="col-3"> <div class="col-3">
<select class="form-select" name="alloc_style" aria-label="ALLOCSTYLE" onchange="this.form.submit()">
{% for name, value in allocstyles %}
<option value="{{name}}"
{% if value in project.settings.alloc_style.value %} selected {% endif %}
>{{value}}</option>
{% endfor %}
</select>
<select class="form-select" name="decoder_style" aria-label="DECODERESTYLE" onchange="this.form.submit()"> <select class="form-select" name="decoder_style" aria-label="DECODERESTYLE" onchange="this.form.submit()">
{% for name, value in decoderstyles %} {% for name, value in decoderstyles %}
<option value="{{name}}" <option value="{{name}}"
@@ -116,14 +108,6 @@
>{{value}}</option> >{{value}}</option>
{% endfor %} {% endfor %}
</select> </select>
<select class="form-select" name="exec_style" aria-label="EXECSTYLE" onchange="this.form.submit()">
{% for name, value in execstyles %}
<option value="{{name}}"
{% if value in project.settings.exec_style.value %} selected {% endif %}
>{{value}}</option>
{% endfor %}
</select>
</div> </div>
</div> </div>
</form> </form>
app/templates/project_add_get.html
+3 -15
View File
@@ -35,13 +35,7 @@
</select> </select>
<select class="form-select" name="source_style" aria-label="SOURCESTYLE"> <select class="form-select" name="source_style" aria-label="SOURCESTYLE">
{% for name, value in sourcestyles %} {% for name, value in function_invoke_styles %}
<option value="{{name}}">{{value}}</option>
{% endfor %}
</select>
<select class="form-select" name="alloc_style" aria-label="ALLOCSTYLE">
{% for name, value in allocstyles %}
<option value="{{name}}">{{value}}</option> <option value="{{name}}">{{value}}</option>
{% endfor %} {% endfor %}
</select> </select>
@@ -52,14 +46,8 @@
{% endfor %} {% endfor %}
</select> </select>
<select class="form-select" name="exec_style" aria-label="EXECSTYLE"> <select class="form-select" name="carrier_invoke_style" aria-label="INJECTSTYLE">
{% for name, value in execstyles %} {% for name, value in carrier_invoke_styles %}
<option value="{{name}}">{{value}}</option>
{% endfor %}
</select>
<select class="form-select" name="inject_mode" aria-label="INJECTSTYLE">
{% for name, value in injectstyles %}
<option value="{{name}}">{{value}}</option> <option value="{{name}}">{{value}}</option>
{% endfor %} {% endfor %}
</select> </select>
app/views_project.py
+11 -22
View File
@@ -65,11 +65,9 @@ def project(name):
for file in os.listdir(PATH_SHELLCODES): for file in os.listdir(PATH_SHELLCODES):
shellcodes.append(file) shellcodes.append(file)
sourcestyles = [(color.name, color.value) for color in SourceStyle] function_invoke_styles = [(color.name, color.value) for color in FunctionInvokeStyle]
allocstyles = [(color.name, color.value) for color in AllocStyle]
decoderstyles = [(color.name, color.value) for color in DecoderStyle] decoderstyles = [(color.name, color.value) for color in DecoderStyle]
execstyles = [(color.name, color.value) for color in ExecStyle] carrier_invoke_styles = [(color.name, color.value) for color in CarrierInvokeStyle]
injectstyles = [(color.name, color.value) for color in InjectStyle]
return render_template('project.html', return render_template('project.html',
project_name = name, project_name = name,
@@ -79,11 +77,9 @@ def project(name):
exes=exes, exes=exes,
shellcodes=shellcodes, shellcodes=shellcodes,
sourcestyles=sourcestyles, function_invoke_styles=function_invoke_styles,
allocstyles=allocstyles,
decoderstyles=decoderstyles, decoderstyles=decoderstyles,
execstyles=execstyles, carrier_invoke_styles=carrier_invoke_styles,
injectstyles=injectstyles,
log_files=log_files, log_files=log_files,
is_64=is_64, is_64=is_64,
@@ -110,13 +106,10 @@ def add_project():
settings.inject_exe_out = request.form['exe'].replace(".exe", ".infected.exe") settings.inject_exe_out = request.form['exe'].replace(".exe", ".infected.exe")
source_style = request.form['source_style'] source_style = request.form['source_style']
settings.source_style = SourceStyle[source_style] settings.source_style = FunctionInvokeStyle[source_style]
inject_mode = request.form['inject_mode'] carrier_invoke_style = request.form['carrier_invoke_style']
settings.inject_mode = InjectStyle[inject_mode] settings.carrier_invoke_style = CarrierInvokeStyle[carrier_invoke_style]
alloc_style = request.form['alloc_style']
settings.alloc_style = AllocStyle[alloc_style]
decoder_style = request.form['decoder_style'] decoder_style = request.form['decoder_style']
settings.decoder_style = DecoderStyle[decoder_style] settings.decoder_style = DecoderStyle[decoder_style]
@@ -147,20 +140,16 @@ def add_project():
for file in os.listdir(PATH_SHELLCODES): for file in os.listdir(PATH_SHELLCODES):
shellcodes.append(file) shellcodes.append(file)
sourcestyles = [(color.name, color.value) for color in SourceStyle] function_invoke_styles = [(color.name, color.value) for color in FunctionInvokeStyle]
allocstyles = [(color.name, color.value) for color in AllocStyle]
decoderstyles = [(color.name, color.value) for color in DecoderStyle] decoderstyles = [(color.name, color.value) for color in DecoderStyle]
execstyles = [(color.name, color.value) for color in ExecStyle] carrier_invoke_styles = [(color.name, color.value) for color in CarrierInvokeStyle]
injectstyles = [(color.name, color.value) for color in InjectStyle]
return render_template('project_add_get.html', return render_template('project_add_get.html',
exes=exes, exes=exes,
shellcodes=shellcodes, shellcodes=shellcodes,
sourcestyles=sourcestyles, function_invoke_styles=function_invoke_styles,
allocstyles=allocstyles,
decoderstyles=decoderstyles, decoderstyles=decoderstyles,
execstyles=execstyles, carrier_invoke_styles=carrier_invoke_styles,
injectstyles=injectstyles,
) )
helper.py
+5 -5
View File
@@ -107,14 +107,14 @@ def file_readall_binary(filepath) -> bytes:
return data return data
def rbrunmode_str(rbrunmode): def carrier_invoke_style_str(carrier_invoke_style):
rbrunmode = str(rbrunmode) carrier_invoke_style = str(carrier_invoke_style)
if rbrunmode == "1": if carrier_invoke_style == "1":
return "change address of entrypoint" return "change address of entrypoint"
elif rbrunmode == "2": elif carrier_invoke_style == "2":
return "hijack branching instruction in entrypoint" return "hijack branching instruction in entrypoint"
else: else:
return "Invalid: {}".format(rbrunmode) return "Invalid: {}".format(carrier_invoke_style)
model/defs.py
+3 -11
View File
@@ -23,34 +23,26 @@ PATH_WEB_PROJECT = "projects/"
# Correlated with real template files # Correlated with real template files
# in data/plugins/ # in data/plugins/
class AllocStyle(Enum):
RWX = "rwx_1"
#RW_X = "rw_x"
#REUSE = "reuse"
class DecoderStyle(Enum): class DecoderStyle(Enum):
PLAIN_1 = "plain_1" PLAIN_1 = "plain_1"
XOR_1 = "xor_1" XOR_1 = "xor_1"
class ExecStyle(Enum):
CALL = "direct_1"
#JMP = "jump",
#FIBER = "fiber",
class DataRefStyle(Enum): class DataRefStyle(Enum):
APPEND = 1 APPEND = 1
class InjectStyle(Enum): class CarrierInvokeStyle(Enum):
ChangeEntryPoint = "change AddressOfEntryPoint" ChangeEntryPoint = "change AddressOfEntryPoint"
BackdoorCallInstr = "hijack branching instruction in entrypoint" BackdoorCallInstr = "hijack branching instruction in entrypoint"
class SourceStyle(Enum):
class FunctionInvokeStyle(Enum):
peb_walk = "peb_walk" peb_walk = "peb_walk"
iat_reuse = "iat_reuse" iat_reuse = "iat_reuse"
class PeRelocEntry(): class PeRelocEntry():
def __init__(self, rva: int, base_rva: int, type: str): def __init__(self, rva: int, base_rva: int, type: str):
self.rva: int = rva self.rva: int = rva
model/settings.py
+2 -4
View File
@@ -9,15 +9,13 @@ class Settings():
self.payload_path: FilePath = "" self.payload_path: FilePath = ""
# Settings # Settings
self.source_style: SourceStyle = SourceStyle.peb_walk self.source_style: FunctionInvokeStyle = FunctionInvokeStyle.peb_walk
self.alloc_style: AllocStyle = AllocStyle.RWX
self.exec_style: ExecStyle = ExecStyle.CALL
self.decoder_style: DecoderStyle = DecoderStyle.XOR_1 self.decoder_style: DecoderStyle = DecoderStyle.XOR_1
self.dataref_style: DataRefStyle = DataRefStyle.APPEND self.dataref_style: DataRefStyle = DataRefStyle.APPEND
self.short_call_patching: bool = False self.short_call_patching: bool = False
# Injectable # Injectable
self.inject_mode: InjectStyle = InjectStyle.BackdoorCallInstr self.carrier_invoke_style: CarrierInvokeStyle = CarrierInvokeStyle.BackdoorCallInstr
self.inject_exe_in: FilePath = "" self.inject_exe_in: FilePath = ""
self.inject_exe_out: FilePath = "" self.inject_exe_out: FilePath = ""
pe/derbackdoorer.py
+5 -5
View File
@@ -19,9 +19,9 @@ logger = logging.getLogger("DerBackdoorer")
class PeBackdoor: class PeBackdoor:
def __init__(self, superpe: SuperPe, main_shc: bytes, inject_mode: InjectStyle): def __init__(self, superpe: SuperPe, main_shc: bytes, carrier_invoke_style: CarrierInvokeStyle):
self.superpe: SuperPe = superpe self.superpe: SuperPe = superpe
self.runMode: InjectStyle = inject_mode self.carrier_invoke_style: CarrierInvokeStyle = carrier_invoke_style
self.shellcodeData: bytes = main_shc self.shellcodeData: bytes = main_shc
# Working # Working
@@ -72,17 +72,17 @@ Trailing {sect_name} bytes:
def setupShellcodeEntryPoint(self): def setupShellcodeEntryPoint(self):
if self.runMode == InjectStyle.ChangeEntryPoint: if self.carrier_invoke_style == CarrierInvokeStyle.ChangeEntryPoint:
rva = self.superpe.pe.get_rva_from_offset(self.shellcodeOffset) rva = self.superpe.pe.get_rva_from_offset(self.shellcodeOffset)
self.superpe.set_entrypoint(rva) self.superpe.set_entrypoint(rva)
logger.info(f'Address Of Entry Point changed to: RVA 0x{rva:X}') logger.info(f'Address Of Entry Point changed to: RVA 0x{rva:X}')
return True return True
elif self.runMode == InjectStyle.BackdoorCallInstr: elif self.carrier_invoke_style == CarrierInvokeStyle.BackdoorCallInstr:
return self.backdoorEntryPoint() return self.backdoorEntryPoint()
#elif self.runMode == int(PeBackdoor.SupportedRunModes.HijackExport): #elif self.carrier_invoke_style == int(PeBackdoor.Supportedcarrier_invoke_styles.HijackExport):
# addr = self.getExportEntryPoint() # addr = self.getExportEntryPoint()
# if addr == -1: # if addr == -1:
# logger.critical('Could not find any export entry point to hijack! Specify existing DLL Exported function with -e/--export!') # logger.critical('Could not find any export entry point to hijack! Specify existing DLL Exported function with -e/--export!')
phases/compiler.py
+2 -2
View File
@@ -62,7 +62,7 @@ def compile(
asm_out: FilePath, asm_out: FilePath,
payload_len: int, payload_len: int,
carrier: Carrier, carrier: Carrier,
source_style: SourceStyle, source_style: FunctionInvokeStyle,
exe_host: ExeHost, exe_host: ExeHost,
short_call_patching: bool = False, short_call_patching: bool = False,
): ):
@@ -111,7 +111,7 @@ def compile(
asm_clean_file asm_clean_file
)) ))
if source_style == SourceStyle.iat_reuse: if source_style == FunctionInvokeStyle.iat_reuse:
fixup_iat_reuse(asm_clean_file, carrier) fixup_iat_reuse(asm_clean_file, carrier)
observer.add_text_file("carrier_asm_updated", file_readall_text(asm_clean_file)) observer.add_text_file("carrier_asm_updated", file_readall_text(asm_clean_file))
phases/injector.py
+4 -4
View File
@@ -23,8 +23,8 @@ def inject_exe(
shellcode_in = project.payload.payload_path shellcode_in = project.payload.payload_path
exe_in = settings.inject_exe_in exe_in = settings.inject_exe_in
exe_out = settings.inject_exe_out exe_out = settings.inject_exe_out
inject_mode: InjectStyle = settings.inject_mode carrier_invoke_style: CarrierInvokeStyle = settings.carrier_invoke_style
source_style: SourceStyle = settings.source_style source_style: FunctionInvokeStyle = settings.source_style
logger.info("--[ Injecting: {} + {} -> {}".format( logger.info("--[ Injecting: {} + {} -> {}".format(
shellcode_in, exe_in, exe_out shellcode_in, exe_in, exe_out
@@ -42,7 +42,7 @@ def inject_exe(
# superpe is a representation of the exe file. We gonna modify it, and save it at the end. # superpe is a representation of the exe file. We gonna modify it, and save it at the end.
superpe = SuperPe(exe_in) superpe = SuperPe(exe_in)
peinj = PeBackdoor(superpe, main_shc, inject_mode) peinj = PeBackdoor(superpe, main_shc, carrier_invoke_style)
if not peinj.injectShellcode(): if not peinj.injectShellcode():
logger.error('Could not inject shellcode into PE file!') logger.error('Could not inject shellcode into PE file!')
@@ -53,7 +53,7 @@ def inject_exe(
return False return False
logger.info("--[ Rewrite placeholders with their data") logger.info("--[ Rewrite placeholders with their data")
if source_style == SourceStyle.iat_reuse: if source_style == FunctionInvokeStyle.iat_reuse:
injected_fix_iat(superpe, project.carrier, project.exe_host) injected_fix_iat(superpe, project.carrier, project.exe_host)
if True: if True:
phases/templater.py
+2 -2
View File
@@ -24,7 +24,7 @@ def create_c_from_template(settings: Settings, payload_len: int):
}) })
# C Template: peb_walk # C Template: peb_walk
if settings.source_style == SourceStyle.peb_walk: if settings.source_style == FunctionInvokeStyle.peb_walk:
with open(settings.template_path, 'r', encoding='utf-8') as file: with open(settings.template_path, 'r', encoding='utf-8') as file:
template_content = file.read() template_content = file.read()
observer.add_text_file("main_c_template", template_content) observer.add_text_file("main_c_template", template_content)
@@ -39,7 +39,7 @@ def create_c_from_template(settings: Settings, payload_len: int):
observer.add_text_file("main_c_rendered", rendered_template) observer.add_text_file("main_c_rendered", rendered_template)
# C Template: iat_reuse # C Template: iat_reuse
elif settings.source_style == SourceStyle.iat_reuse: elif settings.source_style == FunctionInvokeStyle.iat_reuse:
with open(PATH_IAT_REUSE + "template.c", 'r', encoding='utf-8') as file: with open(PATH_IAT_REUSE + "template.c", 'r', encoding='utf-8') as file:
template_content = file.read() template_content = file.read()
observer.add_text_file("main_c_template", template_content) observer.add_text_file("main_c_template", template_content)
supermega.py
+16 -27
View File
@@ -29,11 +29,9 @@ def main():
parser = argparse.ArgumentParser(description='SuperMega shellcode loader') parser = argparse.ArgumentParser(description='SuperMega shellcode loader')
parser.add_argument('--shellcode', type=str, help='The path to the file of your payload shellcode') parser.add_argument('--shellcode', type=str, help='The path to the file of your payload shellcode')
parser.add_argument('--inject', type=str, help='The path to the file where we will inject ourselves in') parser.add_argument('--inject', type=str, help='The path to the file where we will inject ourselves in')
parser.add_argument('--sourcestyle', type=str, help='peb_walk or iat_reuse') parser.add_argument('--function_invoke_style', type=str, help='peb_walk or iat_reuse')
#parser.add_argument('--alloc', type=str, help='Template: which allocator plugin')
parser.add_argument('--decoder', type=str, help='Template: which decoder plugin') parser.add_argument('--decoder', type=str, help='Template: which decoder plugin')
#parser.add_argument('--exec', type=str, help='Template: which exec plugin') parser.add_argument('--carrier_invoke', type=str, help='Redbackdoorer run argument (1 EAP, 2 hijack)')
parser.add_argument('--rbrunmode', type=str, help='Redbackdoorer run argument (1 EAP, 2 hijack)')
parser.add_argument('--start-injected', action='store_true', help='Dev: Start the generated infected executable at the end') parser.add_argument('--start-injected', action='store_true', help='Dev: Start the generated infected executable at the end')
parser.add_argument('--start-loader-shellcode', action='store_true', help='Dev: Start the loader shellcode (without payload)') parser.add_argument('--start-loader-shellcode', action='store_true', help='Dev: Start the loader shellcode (without payload)')
parser.add_argument('--start-final-shellcode', action='store_true', help='Debug: Start the final shellcode (loader + payload)') parser.add_argument('--start-final-shellcode', action='store_true', help='Debug: Start the final shellcode (loader + payload)')
@@ -53,31 +51,25 @@ def main():
if args.short_call_patching: if args.short_call_patching:
settings.short_call_patching = True settings.short_call_patching = True
if args.sourcestyle: if args.function_invoke_style:
if args.sourcestyle == "peb_walk": if args.function_invoke_style == "peb_walk":
settings.source_style = SourceStyle.peb_walk settings.source_style = FunctionInvokeStyle.peb_walk
elif args.sourcestyle == "iat_reuse": elif args.function_invoke_style == "iat_reuse":
settings.source_style = SourceStyle.iat_reuse settings.source_style = FunctionInvokeStyle.iat_reuse
#if args.alloc:
# if args.alloc == "rwx_1":
# settings.alloc_style = AllocStyle.RWX
if args.decoder: if args.decoder:
if args.decoder == "plain_1": if args.decoder == "plain_1":
settings.decoder_style = DecoderStyle.PLAIN_1 settings.decoder_style = DecoderStyle.PLAIN_1
elif args.decoder == "xor_1": elif args.decoder == "xor_1":
settings.decoder_style = DecoderStyle.XOR_1 settings.decoder_style = DecoderStyle.XOR_1
#if args.exec:
# if args.exec == "direct_1":
# settings.exec_style = ExecStyle.CALL
if args.inject: if args.inject:
if args.rbrunmode == "eop": if args.carrier_invoke == "eop":
settings.inject_mode = InjectStyle.ChangeEntryPoint settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
elif args.rbrunmode == "backdoor": elif args.carrier_invoke == "backdoor":
settings.inject_mode = InjectStyle.BackdoorCallInstr settings.carrier_invoke_style = CarrierInvokeStyle.BackdoorCallInstr
else: else:
logging.error("Invalid mode, use one of:") logging.error("Invalid mode, use one of:")
for i in ["eop", "backdoor"]: for i in ["eop", "backdoor"]:
logging.error(" {} {}".format(i, rbrunmode_str(i))) logging.error(" {} {}".format(i, carrier_invoke_style_str(i)))
return return
if not args.shellcode or not args.inject: if not args.shellcode or not args.inject:
@@ -141,13 +133,10 @@ def start_real(settings: Settings):
project = Project(settings) project = Project(settings)
project.init() project.init()
logger.warning("--I SourceStyle: {} Inject Mode: {} ".format( logger.warning("--I FunctionInvokeStyle: {} Inject Mode: {} DecoderStyle: {}".format(
project.settings.source_style.value, project.settings.inject_mode.value)) project.settings.source_style.value,
logger.warning("--I Loader modules: Alloc: {} Decoder: {} Exec: {}".format( project.settings.carrier_invoke_style.value,
project.settings.alloc_style.value, project.settings.decoder_style.value))
project.settings.decoder_style.value,
project.settings.exec_style.value
))
# Create: Carrier C source files from template (C->C) # Create: Carrier C source files from template (C->C)
phases.templater.create_c_from_template(settings, project.payload.len) phases.templater.create_c_from_template(settings, project.payload.len)
tester.py
+8 -8
View File
@@ -19,8 +19,8 @@ def main():
settings.try_start_final_infected_exe = False settings.try_start_final_infected_exe = False
# 7z, peb-walk, change-entrypoint # 7z, peb-walk, change-entrypoint
settings.source_style = SourceStyle.peb_walk settings.source_style = FunctionInvokeStyle.peb_walk
settings.inject_mode = InjectStyle.ChangeEntryPoint settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
settings.inject_exe_in = PATH_EXES + "7z.exe" settings.inject_exe_in = PATH_EXES + "7z.exe"
settings.inject_exe_out = PATH_EXES + "7z.verify.exe" settings.inject_exe_out = PATH_EXES + "7z.verify.exe"
if start(settings) != 0: if start(settings) != 0:
@@ -28,8 +28,8 @@ def main():
return 1 return 1
# 7z, peb-walk, hijack # 7z, peb-walk, hijack
settings.source_style = SourceStyle.peb_walk settings.source_style = FunctionInvokeStyle.peb_walk
settings.inject_mode = InjectStyle.BackdoorCallInstr settings.carrier_invoke_style = CarrierInvokeStyle.BackdoorCallInstr
settings.inject_exe_in = PATH_EXES + "7z.exe" settings.inject_exe_in = PATH_EXES + "7z.exe"
settings.inject_exe_out = PATH_EXES + "7z.verify.exe" settings.inject_exe_out = PATH_EXES + "7z.verify.exe"
if start(settings) != 0: if start(settings) != 0:
@@ -37,8 +37,8 @@ def main():
return 1 return 1
# procexp, iat-reuse, change-entrypoint # procexp, iat-reuse, change-entrypoint
settings.source_style = SourceStyle.iat_reuse settings.source_style = FunctionInvokeStyle.iat_reuse
settings.inject_mode = InjectStyle.ChangeEntryPoint settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
settings.inject_exe_in = PATH_EXES + "procexp64.exe" settings.inject_exe_in = PATH_EXES + "procexp64.exe"
settings.inject_exe_out = PATH_EXES + "procexp64.verify.exe" settings.inject_exe_out = PATH_EXES + "procexp64.verify.exe"
if start(settings) != 0: if start(settings) != 0:
@@ -46,8 +46,8 @@ def main():
return 1 return 1
# procexp, iat-reuse, change-entrypoint # procexp, iat-reuse, change-entrypoint
settings.source_style = SourceStyle.iat_reuse settings.source_style = FunctionInvokeStyle.iat_reuse
settings.inject_mode = InjectStyle.ChangeEntryPoint settings.carrier_invoke_style = CarrierInvokeStyle.ChangeEntryPoint
settings.inject_exe_in = PATH_EXES + "procexp64.exe" settings.inject_exe_in = PATH_EXES + "procexp64.exe"
settings.inject_exe_out = PATH_EXES + "procexp64.verify.exe" settings.inject_exe_out = PATH_EXES + "procexp64.verify.exe"
if start(settings) != 0: if start(settings) != 0: