admin/SuperMega
1
0
Fork 0
mirror of https://github.com/dobin/SuperMega synced 2026-06-02 17:27:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

feature: in-place dll loader (support)

Browse Source
This commit is contained in:
Dobin Rutishauser
2024-06-16 08:28:20 +02:00
parent 63c670850f
commit a1815ab7fe
3 changed files with 47 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
phases/injector.py
+7 -1
View File
@@ -17,7 +17,7 @@ from model.defs import *
logger = logging.getLogger("Injector")
def inject_exe(main_shc: bytes, settings: Settings, carrier: Carrier):
def inject_exe(main_shc: bytes, settings: Settings, carrier: Carrier, project: Project):
exe_in = settings.inject_exe_in
exe_out = settings.inject_exe_out
carrier_invoke_style: CarrierInvokeStyle = settings.carrier_invoke_style
@@ -90,6 +90,12 @@ def inject_exe(main_shc: bytes, settings: Settings, carrier: Carrier):
shellcode_offset += sect.PointerToRawData
shellcode_rva = superpe.pe.get_rva_from_offset(shellcode_offset)
# Aligning the payload (not carrier!) to page size is important for dll_loader_change
if settings.carrier_name == "dll_loader_change":
# align shellcode_rva minus an offset to page size
shellcode_rva = align_to_page_size(shellcode_rva, shellcode_len - project.payload.len)
shellcode_offset = superpe.pe.get_offset_from_rva(shellcode_rva)
logger.info("---( Inject: Write Shellcode to offset:0x{:X} (rva:0x{:X})".format(
shellcode_offset, shellcode_rva))