From ffcbec3f817fe7a8d7b66efbabb6b9f4fb7a8b95 Mon Sep 17 00:00:00 2001 From: Dobin Date: Wed, 21 Feb 2024 20:26:53 +0000 Subject: [PATCH] feature: cmdline arg to chose alloc, decoder, exec --- supermega.py | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/supermega.py b/supermega.py index 57e5740..94a768b 100644 --- a/supermega.py +++ b/supermega.py @@ -29,6 +29,9 @@ def main(): parser = argparse.ArgumentParser(description='SuperMega shellcode loader') parser.add_argument('--shellcode', type=str, help='The path to the file of your payload shellcode') parser.add_argument('--inject', type=str, help='The path to the file where we will inject ourselves in') + parser.add_argument('--alloc', type=str, help='Template: which allocator plugin') + parser.add_argument('--decoder', type=str, help='Template: which decoder plugin') + parser.add_argument('--exec', type=str, help='Template: which exec plugin') parser.add_argument('--rbrunmode', type=str, help='Redbackdoorer run argument (1 EAP, 2 hijack)') parser.add_argument('--start-injected', action='store_true', help='Dev: Start the generated infected executable at the end') parser.add_argument('--start-loader-shellcode', action='store_true', help='Dev: Start the loader shellcode (without payload)') @@ -80,6 +83,18 @@ def main(): if args.short_call_patching: project.short_call_patching = True + if args.alloc: + if args.alloc == "rwx_1": + project.alloc_style = AllocStyle.RWX + if args.decoder: + if args.decoder == "plain_1": + project.decoder_style = DecoderStyle.PLAIN_1 + elif args.decoder == "xor_1": + project.decoder_style = DecoderStyle.XOR_1 + if args.exec: + if args.exec == "direct_1": + project.exec_style = ExecStyle.CALL + if args.rbrunmode: if args.rbrunmode == "1" or args.rbrunmode == "2": project.inject_mode = int(args.rbrunmode)