From fb23835d51407682e72c702f2f3f2df0d93e7185 Mon Sep 17 00:00:00 2001 From: Dobin Date: Mon, 19 Feb 2024 20:34:31 +0000 Subject: [PATCH] ui: nicer output --- app/views.py | 5 ++--- helper.py | 2 +- model.py | 5 +++-- pehelper.py | 2 +- phases/compiler.py | 14 +++++++------- phases/injector.py | 6 ++---- phases/templater.py | 2 +- project.py | 4 ++-- supermega.py | 4 +++- 9 files changed, 22 insertions(+), 22 deletions(-) diff --git a/app/views.py b/app/views.py index 20b7140..f95b8f5 100644 --- a/app/views.py +++ b/app/views.py @@ -43,9 +43,8 @@ def project(): # handle special cases if '_orig' in file: asm_a = data - if '_cleanup' in file: + if '_updated' in file: asm_b = data - data = highlight(data, NasmLexer(), HtmlFormatter(full=False)) elif '_shc' in file: if '.txt' in file: @@ -88,7 +87,7 @@ def project(): } log_files.append(entry) id += 1 - asm_a = "" + #asm_a = "" asm_b = "" diff --git a/helper.py b/helper.py index 3ea4573..5bbe687 100644 --- a/helper.py +++ b/helper.py @@ -13,7 +13,7 @@ SHC_VERIFY_SLEEP = 0.1 def clean_files(): - logger.info("--[ Remove old files") + logger.info("--( Remove old files") files_to_clean = [ # compile artefacts in current dir diff --git a/model.py b/model.py index 3bdb7ba..ee162f5 100644 --- a/model.py +++ b/model.py @@ -43,6 +43,7 @@ class ExeInfo(): def parse_from_exe(self, filepath): + logger.info("--[ Analyzing: {}".format(filepath)) pe = pefile.PE(filepath) if pe.FILE_HEADER.Machine != 0x8664: @@ -61,7 +62,7 @@ class ExeInfo(): self.code_section = pehelper.get_code_section(pe) self.code_virtaddr = self.code_section.VirtualAddress self.code_size = self.code_section.Misc_VirtualSize - logger.info("--[ Injectable: Chosen code section: {} at 0x{:x} size: {}".format( + logger.info("---[ Injectable: Chosen code section: {} at 0x{:x} size: {}".format( self.code_section.Name.decode().rstrip('\x00'), self.code_virtaddr, self.code_size)) @@ -93,7 +94,7 @@ class ExeInfo(): for func_name in needs: addr = pehelper.get_addr_for(self.iat, func_name) if addr == 0: - logging.info("Not available as import: {}".format(func_name)) + logging.info("---( Function not available as import: {}".format(func_name)) is_ok = False return is_ok diff --git a/pehelper.py b/pehelper.py index c752393..0749019 100644 --- a/pehelper.py +++ b/pehelper.py @@ -15,7 +15,7 @@ def extract_code_from_exe(exe_file: FilePath) -> bytes: section = get_code_section(pe) data: bytes = section.get_data() data = remove_trailing_null_bytes(data) - logger.info("---[ Extract code section size: {} / {}".format( + logger.debug("---[ Extract code section size: {} / {}".format( len(data), section.Misc_VirtualSize)) pe.close() return data diff --git a/phases/compiler.py b/phases/compiler.py index f1001ac..45f075d 100644 --- a/phases/compiler.py +++ b/phases/compiler.py @@ -21,7 +21,6 @@ def compile( logger.info("--[ Compile C to ASM: {} -> {} ".format(c_in, asm_out)) # Compile C To Assembly (text) - logger.info("---[ Make ASM from C: {} ".format(c_in)) run_process_checkret([ config.get("path_cl"), "/c", @@ -35,14 +34,14 @@ def compile( observer.add_text("carrier_asm_orig", file_readall_text(asm_out)) # Assembly text fixup (SuperMega) - logger.info("---[ Fixup : {} ".format(asm_out)) + logger.info("---[ ASM Fixup : {} ".format(asm_out)) if not fixup_asm_file(asm_out, payload_len, short_call_patching=short_call_patching): raise Exception("Error: Fixup failed") - observer.add_text("carrier_asm_fixup", file_readall_text(asm_out)) + #observer.add_text("carrier_asm_fixup", file_readall_text(asm_out)) # Assembly cleanup (masm_shc) asm_clean_file = asm_out + ".clean" - logger.info("---[ Cleanup: {} ".format(asm_out)) + logger.info("---[ ASM masm_shc: {} ".format(asm_out)) run_process_checkret([ config.get("path_masmshc"), asm_out, @@ -53,7 +52,7 @@ def compile( # Move to destination we expect shutil.move(asm_clean_file, asm_out) - observer.add_text("carrier_asm_cleanup", file_readall_text(asm_out)) + #observer.add_text("carrier_asm_cleanup", file_readall_text(asm_out)) def bytes_to_asm_db(byte_data: bytes) -> bytes: @@ -148,7 +147,8 @@ def fixup_iat_reuse(filename: FilePath, exe_info): exe_info.add_iat_resolve(func_name, randbytes) logger.info(" > Replace func name: {} with {}".format( - func_name, randbytes)) + func_name, randbytes.hex())) with open(filename, 'w') as asmfile: - asmfile.writelines(lines) \ No newline at end of file + asmfile.writelines(lines) + #observer.add_text("carrier_asm_iat_patch", file_readall_text(filename)) diff --git a/phases/injector.py b/phases/injector.py index e5e333d..f41780d 100644 --- a/phases/injector.py +++ b/phases/injector.py @@ -20,12 +20,10 @@ def inject_exe( exe_out: FilePath, inject_mode: int, ): - logger.info("--[ Injecting: {} into: {} -> {} mode {}".format( + logger.info("--[ Injecting: {} into: {} -> {} (mode: {})".format( shellcode_in, exe_in, exe_out, inject_mode )) - logger.warn("--[ Inject mode: {}".format(rbrunmode_str(inject_mode))) - - + logger.warn("---[ Inject mode: {}".format(rbrunmode_str(inject_mode))) # create copy of file exe_in to exe_out shutil.copyfile(exe_in, exe_out) diff --git a/phases/templater.py b/phases/templater.py index 0fd86b3..672c27c 100644 --- a/phases/templater.py +++ b/phases/templater.py @@ -30,7 +30,7 @@ def create_c_from_template( plugin_executor = "" logger.info("--[ Create C from template: {} {} {} {} {}".format( - source_style, alloc_style, exec_style, decoder_style, payload_len + source_style.value, alloc_style.value, exec_style.value, decoder_style.value, payload_len )) filepath = "plugins/allocator/{}.c".format(alloc_style.value) diff --git a/project.py b/project.py index a8f0677..008b3dc 100644 --- a/project.py +++ b/project.py @@ -38,13 +38,13 @@ class Project(): def load_payload(self): - logging.info("Load payload: {}".format(self.payload_path)) + logging.info("--( Load payload: {}".format(self.payload_path)) with open(self.payload_path, 'rb') as input2: self.payload_data = input2.read() def load_injectable(self): - logging.info("Load injectable: {}".format(self.inject_exe_in)) + logging.info("--( Load injectable: {}".format(self.inject_exe_in)) self.exe_info = ExeInfo() self.exe_info.parse_from_exe(self.inject_exe_in) diff --git a/supermega.py b/supermega.py index 60d401b..57e5740 100644 --- a/supermega.py +++ b/supermega.py @@ -135,7 +135,7 @@ def start(project: Project): asm_out = main_asm_file, payload_len = len(project.payload_data), short_call_patching = project.short_call_patching) - + # Decide if we can use IAT_REUSE (all function calls available as import) required_functions = phases.compiler.get_function_stubs(main_asm_file) if project.exe_info.has_all_functions(required_functions): @@ -143,6 +143,7 @@ def start(project: Project): logger.warning("--[ SourceStyle: Using IAT_REUSE".format()) # all good, patch ASM phases.compiler.fixup_iat_reuse(main_asm_file, project.exe_info) + observer.add_text("carrier_asm_updated", file_readall_text(main_asm_file)) else: # Not good, Fall back to PEB_WALK project.source_style = SourceStyle.peb_walk @@ -163,6 +164,7 @@ def start(project: Project): c_in = main_c_file, asm_out = main_asm_file, payload_len = len(project.payload_data)) + observer.add_text("carrier_asm_updated", file_readall_text(main_asm_file)) # Assemble: ASM -> Shellcode if project.generate_shc_from_asm: