admin/SuperMega
1
0
Fork 0
mirror of https://github.com/dobin/SuperMega synced 2026-06-02 17:27:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

feature: inject into dll basic support

Browse Source
This commit is contained in:
Dobin
2024-04-07 13:15:55 +01:00
parent f9b5dc8346
commit a488cf1b17
8 changed files with 47 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/test_derbackdoorer.py
+7 -7
View File
@@ -38,8 +38,8 @@ class DerBackdoorerTest(unittest.TestCase):
shutil.copyfile(exe_path, exe_out_path)
peinj = PeBackdoor()
result = peinj.backdoor(
pe_backdoorer = PeBackdoor()
result = pe_backdoorer.backdoor(
1, # always overwrite .text section
1, # EntryPoint change
shellcode_path,
@@ -49,7 +49,7 @@ class DerBackdoorerTest(unittest.TestCase):
self.assertTrue(result)
code = extract_code_from_exe_file(exe_out_path)
extracted_code = code[peinj.shellcodeOffsetRel:peinj.shellcodeOffsetRel+len(shellcode)]
extracted_code = code[pe_backdoorer.shellcodeOffsetRel:pe_backdoorer.shellcodeOffsetRel+len(shellcode)]
self.assertEqual(shellcode, extracted_code)
os.remove(exe_out_path)
@@ -68,8 +68,8 @@ class DerBackdoorerTest(unittest.TestCase):
shutil.copyfile(exe_path, exe_out_path)
peinj = PeBackdoor()
result = peinj.backdoor(
pe_backdoorer = PeBackdoor()
result = pe_backdoorer.backdoor(
1, # always overwrite .text section
2, # Hijack
shellcode_path,
@@ -81,13 +81,13 @@ class DerBackdoorerTest(unittest.TestCase):
# code
code = extract_code_from_exe_file(exe_out_path)
extracted_code = code[peinj.shellcodeOffsetRel:peinj.shellcodeOffsetRel+len(shellcode)]
extracted_code = code[pe_backdoorer.shellcodeOffsetRel:pe_backdoorer.shellcodeOffsetRel+len(shellcode)]
self.assertEqual(shellcode, extracted_code)
# jmp
# 48 c7 c2 d7 fb 42 00 ff d2 5b 0f b7
# 48 c7 c6 d7 fb 42 00 ff d6 5b 0f b7
jmp_code = code[peinj.backdoorOffsetRel:peinj.backdoorOffsetRel+12]
jmp_code = code[pe_backdoorer.backdoorOffsetRel:pe_backdoorer.backdoorOffsetRel+12]
self.assertEqual(jmp_code[0], 0x48)
self.assertEqual(jmp_code[1], 0xc7)
#self.assertEqual(jmp_code[2], 0x??) # variable