added using smart pointers, added getters instead of new allocation type
This commit is contained in:
notcpuid
@@ -6,14 +6,14 @@ using namespace asmjit;
|
|||||||
c_adasm::c_adasm(c_core& g_core) : m_core(g_core) {}
|
c_adasm::c_adasm(c_core& g_core) : m_core(g_core) {}
|
||||||
|
|
||||||
void c_adasm::jmp_label_skip() {
|
void c_adasm::jmp_label_skip() {
|
||||||
Label skip_cc = m_core.m_assembler->newLabel();
|
Label skip_cc = m_core.get_assembler()->newLabel();
|
||||||
m_core.m_assembler->jz(skip_cc);
|
m_core.get_assembler()->jz(skip_cc);
|
||||||
m_core.m_assembler->jnz(skip_cc);
|
m_core.get_assembler()->jnz(skip_cc);
|
||||||
m_core.m_assembler->db(0xE9);
|
m_core.get_assembler()->db(0xE9);
|
||||||
if (m_core.obf_fake_instr) {
|
if (m_core.obf_fake_instr) {
|
||||||
for (int i = 0; i < random_value(0x1, 0x100); ++i) {
|
for (int i = 0; i < random_value(0x1, 0x100); ++i) {
|
||||||
m_core.m_assembler->db(random_value(0x10, 0xFF));
|
m_core.get_assembler()->db(random_value(0x10, 0xFF));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
m_core.m_assembler->bind(skip_cc);
|
m_core.get_assembler()->bind(skip_cc);
|
||||||
}
|
}
|
||||||
@@ -19,15 +19,15 @@ c_core::c_core(std::string input_file, std::string output_file, std::uint32_t mu
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
m_peImage = new pe_bliss::pe_base(pe_bliss::pe_factory::create_pe(pe_file));
|
m_peImage = std::make_unique<pe_bliss::pe_base>(pe_bliss::pe_factory::create_pe(pe_file));
|
||||||
if (m_peImage->get_pe_type() != pe_bliss::pe_type_32) {
|
if (m_peImage->get_pe_type() != pe_bliss::pe_type_32) {
|
||||||
print_error("Binary is not x86 architecture\n");
|
print_error("Binary is not x86 architecture\n");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
JitRuntime jitRt;
|
JitRuntime jitRt;
|
||||||
m_code = new CodeHolder();
|
m_codeHolder = std::make_unique<CodeHolder>();
|
||||||
Error init_asmjit = m_code->init(jitRt.environment(), jitRt.cpuFeatures());
|
Error init_asmjit = m_codeHolder->init(jitRt.environment(), jitRt.cpuFeatures());
|
||||||
|
|
||||||
if (init_asmjit != kErrorOk) {
|
if (init_asmjit != kErrorOk) {
|
||||||
print_error("Failed initialization\n");
|
print_error("Failed initialization\n");
|
||||||
@@ -101,14 +101,7 @@ c_core::c_core(std::string input_file, std::string output_file, std::uint32_t mu
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
m_assembler = new x86::Assembler(m_code);
|
m_assembler = std::make_unique<x86::Assembler>(m_codeHolder.get());
|
||||||
}
|
|
||||||
|
|
||||||
c_core::~c_core()
|
|
||||||
{
|
|
||||||
delete m_peImage;
|
|
||||||
delete m_code;
|
|
||||||
delete m_assembler;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void c_core::xor_function_range(xor_target_t xor_target)
|
void c_core::xor_function_range(xor_target_t xor_target)
|
||||||
@@ -240,7 +233,7 @@ void c_core::process()
|
|||||||
new_section.get_raw_data().resize(alignedSize);
|
new_section.get_raw_data().resize(alignedSize);
|
||||||
|
|
||||||
pe_bliss::section& pe_section = m_peImage->add_section(new_section);
|
pe_bliss::section& pe_section = m_peImage->add_section(new_section);
|
||||||
m_code->_baseAddress = pe_section.get_virtual_address();
|
m_codeHolder->_baseAddress = pe_section.get_virtual_address();
|
||||||
std::uint32_t oep = obf_call_oep ? m_peImage->get_ep() + m_peImage->get_image_base_32() : m_peImage->get_ep();
|
std::uint32_t oep = obf_call_oep ? m_peImage->get_ep() + m_peImage->get_image_base_32() : m_peImage->get_ep();
|
||||||
std::uint32_t oepvl_xor_key = random_value(128, 1024);
|
std::uint32_t oepvl_xor_key = random_value(128, 1024);
|
||||||
Label new_label = m_assembler->newLabel();
|
Label new_label = m_assembler->newLabel();
|
||||||
|
|||||||
@@ -19,7 +19,18 @@ class c_core
|
|||||||
{
|
{
|
||||||
public:
|
public:
|
||||||
c_core(std::string input_file, std::string output_file, std::uint32_t mutations_counter);
|
c_core(std::string input_file, std::string output_file, std::uint32_t mutations_counter);
|
||||||
~c_core();
|
|
||||||
|
asmjit::x86::Assembler* get_assembler() {
|
||||||
|
return m_assembler.get();
|
||||||
|
}
|
||||||
|
|
||||||
|
pe_bliss::pe_base* get_peImage() {
|
||||||
|
return m_peImage.get();
|
||||||
|
}
|
||||||
|
|
||||||
|
asmjit::CodeHolder* get_codeHolder() {
|
||||||
|
return m_codeHolder.get();
|
||||||
|
}
|
||||||
|
|
||||||
struct xor_target_t {
|
struct xor_target_t {
|
||||||
std::uintptr_t func_start;
|
std::uintptr_t func_start;
|
||||||
@@ -62,10 +73,10 @@ public:
|
|||||||
std::string m_input;
|
std::string m_input;
|
||||||
std::string m_output;
|
std::string m_output;
|
||||||
|
|
||||||
pe_bliss::pe_base* m_peImage = nullptr;
|
private:
|
||||||
|
std::unique_ptr<asmjit::x86::Assembler> m_assembler;
|
||||||
asmjit::CodeHolder* m_code = nullptr;
|
std::unique_ptr<pe_bliss::pe_base> m_peImage;
|
||||||
asmjit::x86::Assembler* m_assembler = nullptr;
|
std::unique_ptr<asmjit::CodeHolder> m_codeHolder;
|
||||||
|
|
||||||
}; extern c_core* mutator;
|
}; extern c_core* mutator;
|
||||||
|
|
||||||
|
|||||||
@@ -8,19 +8,19 @@ c_mba::c_mba(c_core& g_core) : m_core(g_core){}
|
|||||||
void c_mba::gen_math_operations() {
|
void c_mba::gen_math_operations() {
|
||||||
switch (rand() % 4) {
|
switch (rand() % 4) {
|
||||||
case 0:
|
case 0:
|
||||||
m_core.m_assembler->shr(m_core.get_rand_reg(), random_value(1, 100));
|
m_core.get_assembler()->shr(m_core.get_rand_reg(), random_value(1, 100));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 1:
|
case 1:
|
||||||
m_core.m_assembler->and_(m_core.get_rand_reg(), random_value(1, 100));
|
m_core.get_assembler()->and_(m_core.get_rand_reg(), random_value(1, 100));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 2:
|
case 2:
|
||||||
m_core.m_assembler->xor_(m_core.get_rand_reg(), random_value(1, 100));
|
m_core.get_assembler()->xor_(m_core.get_rand_reg(), random_value(1, 100));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 3:
|
case 3:
|
||||||
m_core.m_assembler->add(m_core.get_rand_reg(), random_value(1, 100));
|
m_core.get_assembler()->add(m_core.get_rand_reg(), random_value(1, 100));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
@@ -37,142 +37,142 @@ void c_mba::mba_code(c_mba::options opt) {
|
|||||||
|
|
||||||
case 0: {
|
case 0: {
|
||||||
|
|
||||||
Label new_label = m_core.m_assembler->newLabel();
|
Label new_label = m_core.get_assembler()->newLabel();
|
||||||
gen_math_operations();
|
gen_math_operations();
|
||||||
|
|
||||||
// create new jump equal to label
|
// create new jump equal to label
|
||||||
m_core.m_assembler->je(new_label);
|
m_core.get_assembler()->je(new_label);
|
||||||
|
|
||||||
// load x and y into regs
|
// load x and y into regs
|
||||||
m_core.m_assembler->mov(x86::eax, x86::edi);
|
m_core.get_assembler()->mov(x86::eax, x86::edi);
|
||||||
m_core.m_assembler->mov(x86::ebx, x86::esi);
|
m_core.get_assembler()->mov(x86::ebx, x86::esi);
|
||||||
|
|
||||||
// calculate in eax: (X | Y)
|
// calculate in eax: (X | Y)
|
||||||
// store result in stack
|
// store result in stack
|
||||||
m_core.m_assembler->or_(x86::eax, x86::ebx); // eax = X | Y
|
m_core.get_assembler()->or_(x86::eax, x86::ebx); // eax = X | Y
|
||||||
m_core.m_assembler->push(x86::eax);
|
m_core.get_assembler()->push(x86::eax);
|
||||||
|
|
||||||
// calculate in eax: (X & Y)
|
// calculate in eax: (X & Y)
|
||||||
m_core.m_assembler->mov(x86::eax, x86::edi);
|
m_core.get_assembler()->mov(x86::eax, x86::edi);
|
||||||
m_core.m_assembler->and_(x86::eax, x86::ebx);
|
m_core.get_assembler()->and_(x86::eax, x86::ebx);
|
||||||
|
|
||||||
// get (X | Y) from stack and substraction (X & Y)
|
// get (X | Y) from stack and substraction (X & Y)
|
||||||
// store result in ecx
|
// store result in ecx
|
||||||
m_core.m_assembler->pop(x86::ecx);
|
m_core.get_assembler()->pop(x86::ecx);
|
||||||
m_core.m_assembler->sub(x86::ecx, x86::eax);
|
m_core.get_assembler()->sub(x86::ecx, x86::eax);
|
||||||
|
|
||||||
m_core.m_assembler->mov(x86::eax, x86::ecx);
|
m_core.get_assembler()->mov(x86::eax, x86::ecx);
|
||||||
|
|
||||||
// store result in stack and manipulate it
|
// store result in stack and manipulate it
|
||||||
m_core.m_assembler->push(x86::eax);
|
m_core.get_assembler()->push(x86::eax);
|
||||||
m_core.m_assembler->mov(x86::ebx, x86::eax);
|
m_core.get_assembler()->mov(x86::ebx, x86::eax);
|
||||||
m_core.m_assembler->xor_(x86::ebx, x86::edi);
|
m_core.get_assembler()->xor_(x86::ebx, x86::edi);
|
||||||
|
|
||||||
// its loc
|
// its loc
|
||||||
m_core.m_assembler->bind(new_label);
|
m_core.get_assembler()->bind(new_label);
|
||||||
|
|
||||||
// store base pointer and push new from stack
|
// store base pointer and push new from stack
|
||||||
m_core.m_assembler->push(x86::rbp);
|
m_core.get_assembler()->push(x86::rbp);
|
||||||
m_core.m_assembler->mov(x86::rbp, x86::rsp);
|
m_core.get_assembler()->mov(x86::rbp, x86::rsp);
|
||||||
gen_math_operations();
|
gen_math_operations();
|
||||||
|
|
||||||
// restore base pointer
|
// restore base pointer
|
||||||
m_core.m_assembler->pop(x86::rbp);
|
m_core.get_assembler()->pop(x86::rbp);
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
case 1: {
|
case 1: {
|
||||||
|
|
||||||
Label new_label = m_core.m_assembler->newLabel();
|
Label new_label = m_core.get_assembler()->newLabel();
|
||||||
|
|
||||||
gen_math_operations();
|
gen_math_operations();
|
||||||
|
|
||||||
// create new jump equal to label
|
// create new jump equal to label
|
||||||
m_core.m_assembler->je(new_label);
|
m_core.get_assembler()->je(new_label);
|
||||||
|
|
||||||
// load x and y into regs
|
// load x and y into regs
|
||||||
m_core.m_assembler->mov(x86::eax, x86::edi);
|
m_core.get_assembler()->mov(x86::eax, x86::edi);
|
||||||
m_core.m_assembler->mov(x86::ebx, x86::esi);
|
m_core.get_assembler()->mov(x86::ebx, x86::esi);
|
||||||
|
|
||||||
// calculate in eax: (X & Y)
|
// calculate in eax: (X & Y)
|
||||||
// store result in stack
|
// store result in stack
|
||||||
m_core.m_assembler->and_(x86::eax, x86::ebx);
|
m_core.get_assembler()->and_(x86::eax, x86::ebx);
|
||||||
m_core.m_assembler->push(x86::eax);
|
m_core.get_assembler()->push(x86::eax);
|
||||||
|
|
||||||
// calculate in eax: (X | Y)
|
// calculate in eax: (X | Y)
|
||||||
m_core.m_assembler->mov(x86::eax, x86::edi);
|
m_core.get_assembler()->mov(x86::eax, x86::edi);
|
||||||
m_core.m_assembler->or_(x86::eax, x86::ebx);
|
m_core.get_assembler()->or_(x86::eax, x86::ebx);
|
||||||
|
|
||||||
// get (X & Y) from stack and addition (X | Y)
|
// get (X & Y) from stack and addition (X | Y)
|
||||||
// store result in ecx
|
// store result in ecx
|
||||||
m_core.m_assembler->pop(x86::ecx);
|
m_core.get_assembler()->pop(x86::ecx);
|
||||||
m_core.m_assembler->add(x86::ecx, x86::eax);
|
m_core.get_assembler()->add(x86::ecx, x86::eax);
|
||||||
|
|
||||||
m_core.m_assembler->mov(x86::eax, x86::ecx);
|
m_core.get_assembler()->mov(x86::eax, x86::ecx);
|
||||||
|
|
||||||
// store result in stack and manipulate it
|
// store result in stack and manipulate it
|
||||||
m_core.m_assembler->push(x86::eax);
|
m_core.get_assembler()->push(x86::eax);
|
||||||
m_core.m_assembler->mov(x86::ebx, x86::eax);
|
m_core.get_assembler()->mov(x86::ebx, x86::eax);
|
||||||
m_core.m_assembler->xor_(x86::ebx, x86::edi);
|
m_core.get_assembler()->xor_(x86::ebx, x86::edi);
|
||||||
|
|
||||||
// its loc
|
// its loc
|
||||||
m_core.m_assembler->bind(new_label);
|
m_core.get_assembler()->bind(new_label);
|
||||||
|
|
||||||
// store base pointer and push new from stack
|
// store base pointer and push new from stack
|
||||||
m_core.m_assembler->push(x86::rbp);
|
m_core.get_assembler()->push(x86::rbp);
|
||||||
m_core.m_assembler->mov(x86::rbp, x86::rsp);
|
m_core.get_assembler()->mov(x86::rbp, x86::rsp);
|
||||||
gen_math_operations();
|
gen_math_operations();
|
||||||
|
|
||||||
// restore base pointer
|
// restore base pointer
|
||||||
m_core.m_assembler->pop(x86::rbp);
|
m_core.get_assembler()->pop(x86::rbp);
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
case 2: {
|
case 2: {
|
||||||
Label new_label = m_core.m_assembler->newLabel();
|
Label new_label = m_core.get_assembler()->newLabel();
|
||||||
|
|
||||||
// create new jump equal to label
|
// create new jump equal to label
|
||||||
m_core.m_assembler->je(new_label);
|
m_core.get_assembler()->je(new_label);
|
||||||
|
|
||||||
// load x and y into regs
|
// load x and y into regs
|
||||||
m_core.m_assembler->mov(x86::eax, x86::edi);
|
m_core.get_assembler()->mov(x86::eax, x86::edi);
|
||||||
m_core.m_assembler->mov(x86::ebx, x86::esi);
|
m_core.get_assembler()->mov(x86::ebx, x86::esi);
|
||||||
|
|
||||||
// calculate in eax: (X & Y)
|
// calculate in eax: (X & Y)
|
||||||
// store result in stack
|
// store result in stack
|
||||||
m_core.m_assembler->xor_(x86::eax, x86::ebx);
|
m_core.get_assembler()->xor_(x86::eax, x86::ebx);
|
||||||
m_core.m_assembler->neg(x86::eax);
|
m_core.get_assembler()->neg(x86::eax);
|
||||||
m_core.m_assembler->push(x86::eax);
|
m_core.get_assembler()->push(x86::eax);
|
||||||
|
|
||||||
// calculate in eax: (X | Y)
|
// calculate in eax: (X | Y)
|
||||||
m_core.m_assembler->mov(x86::eax, x86::edi);
|
m_core.get_assembler()->mov(x86::eax, x86::edi);
|
||||||
m_core.m_assembler->neg(x86::eax);
|
m_core.get_assembler()->neg(x86::eax);
|
||||||
m_core.m_assembler->and_(x86::eax, x86::ebx);
|
m_core.get_assembler()->and_(x86::eax, x86::ebx);
|
||||||
|
|
||||||
// get (X & Y) from stack and addition (X | Y)
|
// get (X & Y) from stack and addition (X | Y)
|
||||||
// store result in ecx
|
// store result in ecx
|
||||||
m_core.m_assembler->pop(x86::ecx);
|
m_core.get_assembler()->pop(x86::ecx);
|
||||||
m_core.m_assembler->add(x86::ecx, x86::eax);
|
m_core.get_assembler()->add(x86::ecx, x86::eax);
|
||||||
|
|
||||||
m_core.m_assembler->mov(x86::eax, x86::ecx);
|
m_core.get_assembler()->mov(x86::eax, x86::ecx);
|
||||||
|
|
||||||
// store result in stack and manipulate it
|
// store result in stack and manipulate it
|
||||||
m_core.m_assembler->push(x86::eax);
|
m_core.get_assembler()->push(x86::eax);
|
||||||
m_core.m_assembler->mov(x86::ebx, x86::eax);
|
m_core.get_assembler()->mov(x86::ebx, x86::eax);
|
||||||
m_core.m_assembler->xor_(x86::ebx, x86::edi);
|
m_core.get_assembler()->xor_(x86::ebx, x86::edi);
|
||||||
|
|
||||||
// its loc
|
// its loc
|
||||||
m_core.m_assembler->bind(new_label);
|
m_core.get_assembler()->bind(new_label);
|
||||||
|
|
||||||
// store base pointer and push new from stack
|
// store base pointer and push new from stack
|
||||||
m_core.m_assembler->push(x86::rbp);
|
m_core.get_assembler()->push(x86::rbp);
|
||||||
m_core.m_assembler->mov(x86::rbp, x86::rsp);
|
m_core.get_assembler()->mov(x86::rbp, x86::rsp);
|
||||||
gen_math_operations();
|
gen_math_operations();
|
||||||
|
|
||||||
// restore base pointer
|
// restore base pointer
|
||||||
m_core.m_assembler->pop(x86::rbp);
|
m_core.get_assembler()->pop(x86::rbp);
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -31,7 +31,7 @@ int main(int argc, char* argv[])
|
|||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
packer = new c_core(argv[1], argv[2], mut_count);
|
auto packer = std::make_unique<c_core>(argv[1], argv[2], mut_count);
|
||||||
|
|
||||||
print_info("mutations count: %i\n", mut_count);
|
print_info("mutations count: %i\n", mut_count);
|
||||||
packer->process();
|
packer->process();
|
||||||
|
|||||||
Reference in New Issue
Block a user