mirror of
https://github.com/dobin/SuperMega
synced 2026-06-03 01:27:11 +00:00
feature: resolve dll imports
This commit is contained in:
Dobin
+10
-3
@@ -14,11 +14,19 @@
|
|||||||
|
|
||||||
<div class="col-6">
|
<div class="col-6">
|
||||||
{% if iat|length > 0 %}
|
{% if iat|length > 0 %}
|
||||||
<h2> Imports - IAT </h2>
|
|
||||||
|
<h2> IAT Imports DLLs</h2>
|
||||||
|
<ul>
|
||||||
|
{% for dll_resolve in resolved_dlls %}
|
||||||
|
<li> {{ dll_resolve.dllname }}: {{ dll_resolve.cdll_res }} : {{ dll_resolve.path_res }}</li>
|
||||||
|
{% endfor%}
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
<h2> IAT Imports functions</h2>
|
||||||
{% for dll in iat %}
|
{% for dll in iat %}
|
||||||
<ul>
|
<ul>
|
||||||
{% for entry in iat[dll] %}
|
{% for entry in iat[dll] %}
|
||||||
<li> {{ entry.dll_name }}: {{ entry.func_name }} ({{ entry.iat_vaddr | hexint }})</li>
|
<li> {{ entry.dll_name }}: {{ entry.func_name }} </li>
|
||||||
{% endfor%}
|
{% endfor%}
|
||||||
</ul>
|
</ul>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
@@ -26,7 +34,6 @@
|
|||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<div class="col-6">
|
<div class="col-6">
|
||||||
|
|
||||||
{% if exports|length > 0 %}
|
{% if exports|length > 0 %}
|
||||||
|
|||||||
@@ -125,6 +125,10 @@
|
|||||||
Data Section largest: {{ data_sect_largest_gap_size}} <br>
|
Data Section largest: {{ data_sect_largest_gap_size}} <br>
|
||||||
-> Payload len: {{ payload_len}} <br>
|
-> Payload len: {{ payload_len}} <br>
|
||||||
{{ project_dir }} <br>
|
{{ project_dir }} <br>
|
||||||
|
Unresolved dlls: <br>
|
||||||
|
{% for dll in unresolved_dlls %}
|
||||||
|
{{ dll }} <br>
|
||||||
|
{% endfor %}
|
||||||
<a href="/exes/{{project.settings.inject_exe_in | basename}}">EXE INFO</a>
|
<a href="/exes/{{project.settings.inject_exe_in | basename}}">EXE INFO</a>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ from typing import List, Tuple
|
|||||||
|
|
||||||
from pe.superpe import SuperPe
|
from pe.superpe import SuperPe
|
||||||
from model.defs import *
|
from model.defs import *
|
||||||
|
from pe.dllresolver import resolve_dlls
|
||||||
|
|
||||||
views = Blueprint('views', __name__)
|
views = Blueprint('views', __name__)
|
||||||
logger = logging.getLogger("Views")
|
logger = logging.getLogger("Views")
|
||||||
@@ -20,8 +21,10 @@ def index():
|
|||||||
def exe_view(exe_name):
|
def exe_view(exe_name):
|
||||||
path = "{}/{}".format(PATH_EXES, exe_name)
|
path = "{}/{}".format(PATH_EXES, exe_name)
|
||||||
superpe = SuperPe(path)
|
superpe = SuperPe(path)
|
||||||
|
|
||||||
return render_template('exe.html',
|
return render_template('exe.html',
|
||||||
superpe=superpe,
|
superpe=superpe,
|
||||||
|
resolved_dlls=resolve_dlls(superpe),
|
||||||
iat=superpe.get_iat_entries(),
|
iat=superpe.get_iat_entries(),
|
||||||
exports=superpe.get_exports_full(),
|
exports=superpe.get_exports_full(),
|
||||||
)
|
)
|
||||||
|
|||||||
@@ -22,6 +22,8 @@ from helper import run_process_checkret, run_exe
|
|||||||
from model.project import prepare_project
|
from model.project import prepare_project
|
||||||
from pe.superpe import SuperPe
|
from pe.superpe import SuperPe
|
||||||
from model.exehost import ExeHost
|
from model.exehost import ExeHost
|
||||||
|
import pe.dllresolver
|
||||||
|
|
||||||
|
|
||||||
logger = logging.getLogger("ViewsProjects")
|
logger = logging.getLogger("ViewsProjects")
|
||||||
|
|
||||||
@@ -56,6 +58,7 @@ def project(name):
|
|||||||
data_sect_size = 0
|
data_sect_size = 0
|
||||||
data_sect_largest_gap_size = 0
|
data_sect_largest_gap_size = 0
|
||||||
payload_len = 0
|
payload_len = 0
|
||||||
|
unresolved_dlls = []
|
||||||
|
|
||||||
# when we select a shellcode
|
# when we select a shellcode
|
||||||
if project.settings.payload_path != "":
|
if project.settings.payload_path != "":
|
||||||
@@ -73,6 +76,8 @@ def project(name):
|
|||||||
exehost = ExeHost(project.settings.inject_exe_in)
|
exehost = ExeHost(project.settings.inject_exe_in)
|
||||||
exehost.init()
|
exehost.init()
|
||||||
data_sect_largest_gap_size = exehost.get_rdata_relocmanager().find_largest_gap()
|
data_sect_largest_gap_size = exehost.get_rdata_relocmanager().find_largest_gap()
|
||||||
|
unresolved_dlls = pe.dllresolver.unresolved_dlls(superpe)
|
||||||
|
|
||||||
|
|
||||||
project_dir = os.path.dirname(os.path.abspath(project.settings.inject_exe_out))
|
project_dir = os.path.dirname(os.path.abspath(project.settings.inject_exe_out))
|
||||||
log_files = get_logfiles(project.settings.main_dir)
|
log_files = get_logfiles(project.settings.main_dir)
|
||||||
@@ -109,6 +114,7 @@ def project(name):
|
|||||||
data_sect_size=data_sect_size,
|
data_sect_size=data_sect_size,
|
||||||
data_sect_largest_gap_size=data_sect_largest_gap_size,
|
data_sect_largest_gap_size=data_sect_largest_gap_size,
|
||||||
payload_len=payload_len,
|
payload_len=payload_len,
|
||||||
|
unresolved_dlls=unresolved_dlls,
|
||||||
)
|
)
|
||||||
|
|
||||||
def list_files_and_sizes(directory, prepend=""):
|
def list_files_and_sizes(directory, prepend=""):
|
||||||
|
|||||||
@@ -0,0 +1,61 @@
|
|||||||
|
import sys
|
||||||
|
import ctypes
|
||||||
|
import os
|
||||||
|
|
||||||
|
from pe.superpe import SuperPe
|
||||||
|
|
||||||
|
|
||||||
|
class DllResolve():
|
||||||
|
def __init__(self, dllname, cdll_res, path_res):
|
||||||
|
self.dllname = dllname
|
||||||
|
self.cdll_res = cdll_res
|
||||||
|
self.path_res = path_res
|
||||||
|
|
||||||
|
|
||||||
|
def all_dll_exist(superpe):
|
||||||
|
for dll_name in superpe.get_iat_entries():
|
||||||
|
if not check_dll_availability(dll_name):
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
|
def unresolved_dlls(superpe):
|
||||||
|
res = []
|
||||||
|
for dll_name in superpe.get_iat_entries():
|
||||||
|
if not check_dll_availability(dll_name):
|
||||||
|
res.append(dll_name)
|
||||||
|
return res
|
||||||
|
|
||||||
|
|
||||||
|
def resolve_dlls(superpe):
|
||||||
|
res = []
|
||||||
|
for dll_name in superpe.get_iat_entries():
|
||||||
|
res.append(resolve_dll(dll_name))
|
||||||
|
return res
|
||||||
|
|
||||||
|
|
||||||
|
def resolve_dll(dllname):
|
||||||
|
cdll_res = check_dll_availability(dllname)
|
||||||
|
path_res = search_for_dll(dllname)
|
||||||
|
return DllResolve(dllname, cdll_res, path_res)
|
||||||
|
|
||||||
|
|
||||||
|
def check_dll_availability(dll_name):
|
||||||
|
try:
|
||||||
|
_ = ctypes.CDLL(dll_name)
|
||||||
|
return True
|
||||||
|
except OSError:
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def search_for_dll(dll_name):
|
||||||
|
paths = [
|
||||||
|
os.getcwd(), # Current directory
|
||||||
|
os.environ.get('SYSTEMROOT', '') + '\\System32', # System directory
|
||||||
|
os.environ.get('SYSTEMROOT', ''), # Windows directory
|
||||||
|
] + os.environ.get('PATH', '').split(';') # PATH directories
|
||||||
|
|
||||||
|
for path in paths:
|
||||||
|
full_path = os.path.join(path, dll_name)
|
||||||
|
if os.path.exists(full_path):
|
||||||
|
return full_path
|
||||||
|
return None
|
||||||
@@ -0,0 +1,24 @@
|
|||||||
|
from typing import List
|
||||||
|
import unittest
|
||||||
|
|
||||||
|
from model.defs import *
|
||||||
|
from pe.superpe import SuperPe
|
||||||
|
|
||||||
|
from pe.dllresolver import *
|
||||||
|
|
||||||
|
|
||||||
|
class DllResolverTest(unittest.TestCase):
|
||||||
|
|
||||||
|
def test_dllresolver(self):
|
||||||
|
filename = "data/binary/exes/7z.exe"
|
||||||
|
superpe = SuperPe(filename)
|
||||||
|
|
||||||
|
self.assertTrue(all_dll_exist(superpe))
|
||||||
|
|
||||||
|
dlls = resolve_dlls(superpe)
|
||||||
|
self.assertEqual(len(dlls), 5)
|
||||||
|
|
||||||
|
dlls = unresolved_dlls(superpe)
|
||||||
|
self.assertEqual(len(dlls), 0)
|
||||||
|
|
||||||
|
|
||||||
Reference in New Issue
Block a user