feature: DLL support

app/templates/project.html

@@ -12,7 +12,7 @@
 
 
         <div class="row">
-            <!-- Buttons -->
+            <!-- Row 1: Buttons -->
             <div class="col-3">
                 <div class="row">
                     <div class="col-6">
@@ -46,7 +46,7 @@
                 {% endif %}
             </div>
 
-            <!-- Input files -->
+            <!-- Row 2: Input files -->
             <div class="col-3">
                 <!-- leave this here or it will fuck up layout -->
                 <form method="POST" enctype="multipart/form-data" action="/project_add">
@@ -74,14 +74,24 @@
                     >
                     {{exe}}</option>
                     {% endfor %}
-
                 </select>
+
+                {% if exports != None %}
+                <select class="form-select" name="dllfunc" aria-label="DLLFUNC" onchange="this.form.submit()">
+                    {% for export in exports %}
+                    <option value="{{export}}"
+                        {% if export in project.settings.dllfunc %} selected {% endif %}
+                    >
+                    {{export}}</option>
+                    {% endfor %}
+                </select>  
+                {% endif %}
                 
                 Is x64: {{ is_64}} <br>
                 Is Dotnet: {{ is_dotnet}}
             </div>
 
-            <!-- row 3 -->
+            <!-- Row 3: settings -->
             <div class="col-3">
                 <select class="form-select" name="source_style" aria-label="SOURCESTYLE" onchange="this.form.submit()">
                     {% for name, value in function_invoke_styles %}
@@ -100,6 +110,8 @@
                 </select>
             
             </div>
+
+            <!-- Row 4: more settings -->
             <div class="col-3">
                 <select class="form-select" name="decoder_style" aria-label="DECODERESTYLE" onchange="this.form.submit()">
                     {% for name, value in decoderstyles %}

app/templates/project_add_get.html

@@ -19,38 +19,8 @@
     <input type="text" name="project_name" class="form-control" placeholder="Projekt name" aria-label="PROJECTNAME" aria-describedby="basic-addon1">
 
     <input type="text" name="comment" class="hidden form-control" 
-    placeholder="Comment" value=""
-    aria-label="PROJECTNAME" aria-describedby="basic-addon1">
-
-    <select class="form-select" name="shellcode" aria-label="SHELLCODE">
-        {% for shellcode in shellcodes %}
-        <option value="{{shellcode}}">{{shellcode}}</option>
-        {% endfor %}
-    </select>
-
-    <select class="form-select" name="exe" aria-label="EXE">
-        {% for exe in exes %}
-        <option value="{{exe}}">{{exe}}</option>
-        {% endfor %}
-    </select>
-
-    <select class="form-select" name="source_style" aria-label="SOURCESTYLE">
-        {% for name, value in function_invoke_styles %}
-        <option value="{{name}}">{{value}}</option>
-        {% endfor %}
-    </select>
-
-    <select class="form-select" name="decoder_style" aria-label="DECODERESTYLE">
-        {% for name, value in decoderstyles %}
-        <option value="{{name}}">{{value}}</option>
-        {% endfor %}
-    </select>
-
-    <select class="form-select" name="carrier_invoke_style" aria-label="INJECTSTYLE">
-        {% for name, value in carrier_invoke_styles %}
-        <option value="{{name}}">{{value}}</option>
-        {% endfor %}
-    </select>
+        placeholder="Comment" value=""
+        aria-label="PROJECTNAME" aria-describedby="basic-addon1">
 
     <button class="btn btn-primary" type="submit" value="save">Save</button>
 

app/views_project.py

@@ -48,20 +48,28 @@ def project(name):
     if os.path.exists(exe_path):
         is_built = True
 
-    superpe = SuperPe(project.settings.inject_exe_in)
-    is_64 = superpe.is_64()
-    is_dotnet = superpe.is_dotnet()
+    exports = None
+    is_64 = False
+    is_dotnet = False
+
+    # Only when we selected an input file
+    if project.settings.inject_exe_in != "":
+        superpe = SuperPe(project.settings.inject_exe_in)
+        is_64 = superpe.is_64()
+        is_dotnet = superpe.is_dotnet()
+        if superpe.is_dll():
+            exports = [ "", "BZ2_blockSort" ]
 
     project_dir = os.path.dirname(os.path.abspath(project.settings.inject_exe_out))
     log_files = get_logfiles(project.settings.main_dir)
 
-    exes = []
+    exes = [ "" ]
     for file in os.listdir(PATH_EXES):
         exes.append(PATH_EXES + file)
     for file in os.listdir(PATH_EXES_MORE):
         exes.append(PATH_EXES_MORE + file)
 
-    shellcodes = []
+    shellcodes = [ "" ]
     for file in os.listdir(PATH_SHELLCODES):
         shellcodes.append(file)
 
@@ -80,6 +88,7 @@ def project(name):
         function_invoke_styles=function_invoke_styles,
         decoderstyles=decoderstyles,
         carrier_invoke_styles=carrier_invoke_styles,
+        exports=exports,
 
         log_files=log_files,
         is_64=is_64,
@@ -95,62 +104,47 @@ def add_project():
         project_name = request.form['project_name']
         comment = request.form['comment']
 
-        settings.payload_path = PATH_SHELLCODES + request.form['shellcode']
-        if request.form['shellcode'] == "createfile.bin":
-            settings.verify = True
-            settings.try_start_final_infected_exe = False
+        # new project?
+        if storage.get_project(project_name) == None:
+            # add new project
+            project = WebProject(project_name, settings)
+            project.comment = comment
+            storage.add_project(project)
+        
+        # update project
         else:
-            settings.cleanup_files_on_exit = False
+            settings.payload_path = PATH_SHELLCODES + request.form['shellcode']
+            if request.form['shellcode'] == "createfile.bin":
+                settings.verify = True
+                settings.try_start_final_infected_exe = False
+            else:
+                settings.cleanup_files_on_exit = False
 
-        settings.inject_exe_in = request.form['exe']
-        settings.inject_exe_out = request.form['exe'].replace(".exe", ".infected.exe")
+            if 'dllfunc' in request.form:
+                settings.dllfunc = request.form['dllfunc']
 
-        source_style = request.form['source_style']
-        settings.source_style = FunctionInvokeStyle[source_style]
+            settings.inject_exe_in = request.form['exe']
+            settings.inject_exe_out = request.form['exe'].replace(".exe", ".infected.exe")
 
-        carrier_invoke_style = request.form['carrier_invoke_style']
-        settings.carrier_invoke_style = CarrierInvokeStyle[carrier_invoke_style]
+            source_style = request.form['source_style']
+            settings.source_style = FunctionInvokeStyle[source_style]
 
-        decoder_style = request.form['decoder_style']
-        settings.decoder_style = DecoderStyle[decoder_style]
+            carrier_invoke_style = request.form['carrier_invoke_style']
+            settings.carrier_invoke_style = CarrierInvokeStyle[carrier_invoke_style]
+
+            decoder_style = request.form['decoder_style']
+            settings.decoder_style = DecoderStyle[decoder_style]
 
-        if storage.get_project(project_name) != None:
             # overwrite project
             project = storage.get_project(project_name)
             project.settings = settings
             project.comment = comment
             storage.save_project(project)
-        else:
-            # add new project
-            project = WebProject(project_name, settings)
-            project.comment = comment
-            storage.add_project(project)
 
         return redirect("/project/{}".format(project_name), code=302)
     
     else: # GET
-        exes = []
-        for file in os.listdir(PATH_EXES):
-            exes.append(PATH_EXES + file)
-            
-        for file in os.listdir(PATH_EXES_MORE):
-            exes.append(PATH_EXES_MORE + file)
-
-        shellcodes = []
-        for file in os.listdir(PATH_SHELLCODES):
-            shellcodes.append(file)
-
-        function_invoke_styles = [(color.name, color.value) for color in FunctionInvokeStyle]
-        decoderstyles = [(color.name, color.value) for color in DecoderStyle]
-        carrier_invoke_styles = [(color.name, color.value) for color in CarrierInvokeStyle]
-
-        return render_template('project_add_get.html', 
-            exes=exes,
-            shellcodes=shellcodes,
-            function_invoke_styles=function_invoke_styles,
-            decoderstyles=decoderstyles,
-            carrier_invoke_styles=carrier_invoke_styles,
-        )
+        return render_template('project_add_get.html')
 
 
 def supermega_thread(settings: Settings):
@@ -164,6 +158,12 @@ def build_project(project_name):
     global thread_running
 
     project = storage.get_project(project_name)
+
+    if project.settings.inject_exe_in.endswith(".dll"):
+        if project.settings.dllfunc == "":
+            logger.error("DLL injection requires a DLL function name")
+            return redirect("/project/{}".format(project_name), code=302)
+
     project.settings.try_start_final_infected_exe = False
     prepare_project(project_name, project.settings)
     thread = Thread(target=supermega_thread, args=(project.settings, ))
@@ -224,7 +224,7 @@ def start_project(project_name):
             logger.info("--[ Verify infected exe")
             exit_code = verify_injected_exe(project.settings.inject_exe_out)
         elif no_exec == False:
-            run_exe(project.settings.inject_exe_out)
+            run_exe(project.settings.inject_exe_out, dllfunc=project.settings.dllfunc, check=False)
         elif no_exec == True:
             dirname = os.path.dirname(os.path.abspath(project.settings.inject_exe_out))
             logger.info("--[ Open folder: {}".format(dirname))