archive
/
PurpleDome
mirror of https://github.com/avast/PurpleDome
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
develop
polishing2
presentation_gpn_2022
more_unit_tests
extending_page
main
caldera_4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd765456f39'
${ noResults }
PurpleDome/tools/insert_shellcode.py

60 lines
2.0 KiB
Python
Raw Normal View History Unescape Escape

Adding tool to patch a shellcode into a C code file
3 years ago
#!/usr/bin/env python3
# Inserts multi line shellcode into a C-file with a placeholder shellcode. Overwriting the placeholder
#
import re
import argparse
def replace(args):
""" Replace a specified placeholder part in a file with the shellcode in the shellcode file
:param original_file:
:param placeholder_pattern:
:param shellcode_file:
:param out_file:
:return:
"""
original_file = args.original_file
placeholder_pattern = args.placeholder_pattern
shellcode_file = args.shellcode_file
out_file = args.out_file
with open(shellcode_file, "rt") as fh:
replacement = fh.read()
with open(original_file, "rt") as fh:
original = fh.read()
s = re.split(placeholder_pattern, original, maxsplit=1, flags=re.S)
print(s[0], replacement, s[1])
with open(out_file, "wt") as fh:
fh.write(s[0])
fh.write(replacement)
fh.write(s[1])
# res = re.sub(placeholder_pattern, replacement, original)
# print(res)
def create_parser():
""" Creates the parser for the command line arguments"""
parser = argparse.ArgumentParser("A tool to patch a shellcode into a C source file")
parser.set_defaults(func=replace)
parser.set_defaults(placeholder_pattern=r'unsigned char \w*\[\] =.{0,1}"\\x\d\d[^;]*".{0,1};')
parser.add_argument('--original_file', default="../tests/data/insert_shellcode/babymetal.cpp", help="The original C code with a shellcode to replace")
parser.add_argument('--shellcode_file', default="../tests/data/insert_shellcode/shellcode.c", help="The shellcode C snippet to insert into the original file")
parser.add_argument('--out_file', default="patched.c", help="The resulting patched file")
return parser
if __name__ == "__main__":
arguments = create_parser().parse_args()
arguments.func(arguments)
# replace("../tests/data/insert_shellcode/babymetal.cpp", r'unsigned char \w*\[\] =.{0,1}"\\x\d\d[^;]*".{0,1};', "../tests/data/insert_shellcode/shellcode.c", "result.txt")