Compare commits

...

5 Commits

Author SHA1 Message Date
mike1k cdf3b77f18 Removed requirement of -x64 arg for 64bit binaries.
3 years ago
mike1k 328d0c9f6a
Merge pull request #5 from lguilhermee/patch-1
3 years ago
mike1k e8687c86f8
Merge pull request #2 from gmh5225/dev
3 years ago
Lucas Guilherme b40c98ec98
Fixed wrong byte order
3 years ago
gmh5225 7efb166788
Support /FIXED
3 years ago

@ -19,7 +19,6 @@ PERSES by default works off a command line. Listed below are the arguments requr
| `-s` or `--symbol` | Symbol or list of symbols to be mutated. This requires a linked `.map` file. | :x: | | `-s` or `--symbol` | Symbol or list of symbols to be mutated. This requires a linked `.map` file. | :x: |
| `--map` | Map file to be linked. IDA Pro `.map` files must have their extension replaced with `.ida`. | :x: | | `--map` | Map file to be linked. IDA Pro `.map` files must have their extension replaced with `.ida`. | :x: |
| `--list` | List of functions to be mutated. Each entry must envelop one line and be formatted as `0x1000:0x2000` where `0x1000` is the start and `0x2000` is the end of the routine. | :x: | | `--list` | List of functions to be mutated. Each entry must envelop one line and be formatted as `0x1000:0x2000` where `0x1000` is the start and `0x2000` is the end of the routine. | :x: |
| `--x64` | Used to indicate that the file is of 64bit architecture (AMD64). | :heavy_check_mark: |
| `--rets` | Allow PERSES to build a `RET` gadget pool used to create `JMP`s to random locations. | :x: | | `--rets` | Allow PERSES to build a `RET` gadget pool used to create `JMP`s to random locations. | :x: |
| `--scan` | Force PERSES to scan for code protection markers. | :x: | | `--scan` | Force PERSES to scan for code protection markers. | :x: |

@ -5,18 +5,18 @@
#define PERSES_MUTATION_START() \ #define PERSES_MUTATION_START() \
{\ {\
__nop();\
__nop();\
__debugbreak();\ __debugbreak();\
__debugbreak();\ __debugbreak();\
__nop();\
__nop();\
_disable();\ _disable();\
} }
#define PERSES_MUTATION_END() \ #define PERSES_MUTATION_END() \
{\ {\
_enable();\ _enable();\
__debugbreak();\
__debugbreak();\
__nop();\ __nop();\
__nop();\ __nop();\
__debugbreak();\
__debugbreak();\
} }

@ -1,6 +1,7 @@
#include "perses.hpp" #include "perses.hpp"
#include <argparse/argparse.hpp> #include <argparse/argparse.hpp>
template<int BitSize> template<int BitSize>
void createApplication(perses::X86BinaryApplication<BitSize>* app, argparse::ArgumentParser& args) void createApplication(perses::X86BinaryApplication<BitSize>* app, argparse::ArgumentParser& args)
{ {
@ -101,10 +102,6 @@ int main(int argc, char* argv[])
args.add_argument("-f", "--file") args.add_argument("-f", "--file")
.help("Input file path.") .help("Input file path.")
.required(); .required();
args.add_argument("-x64")
.help("Required for X64 PE files.")
.default_value(false)
.implicit_value(true);
args.add_argument("-a", "--address") args.add_argument("-a", "--address")
.help("Address(es) to mutate") .help("Address(es) to mutate")
.remaining(); .remaining();
@ -145,10 +142,19 @@ int main(int argc, char* argv[])
if (!std::filesystem::exists(filepath)) if (!std::filesystem::exists(filepath))
{ {
logger()->critical("Unable to find file: {}.", filepath); logger()->critical("Unable to find file: {}.", filepath);
return 0; return 1;
}
// Determine arch. type automatically.
DWORD type = 0ul;
if (!GetBinaryTypeA(filepath.c_str(), &type) && GetLastError() != ERROR_BAD_EXE_FORMAT)
{
logger()->critical("Are you sure this is a executable file?");
return 1;
} }
if (args.get<bool>("-x64")) if (type == SCS_64BIT_BINARY)
{ {
createApplication(new perses::X86BinaryApplication<PERSES_64BIT>(filepath), args); createApplication(new perses::X86BinaryApplication<PERSES_64BIT>(filepath), args);
} }

@ -37,11 +37,14 @@ X86BA_TEMPLATE void X86BinaryApplication<BitSize>::loadFromFile(std::string_view
_originalRelocs.clear(); _originalRelocs.clear();
_peFile.getRelocDir().forEachEntry( if (_peFile.getRelocDir().isPresent())
[this](pe::BlockEntry const& entry) {
{ _peFile.getRelocDir().forEachEntry(
_originalRelocs.insert(entry.getRva()); [this](pe::BlockEntry const& entry)
}); {
_originalRelocs.insert(entry.getRva());
});
}
// printf("* - Number of relocations: 0x%x\n", _originalRelocs.size()); // printf("* - Number of relocations: 0x%x\n", _originalRelocs.size());
} }
@ -714,7 +717,10 @@ X86BA_TEMPLATE bool X86BinaryApplication<BitSize>::transformRoutines()
} }
// Guesstimate.. Fix this.. // Guesstimate.. Fix this..
_peFile.getRelocDir().extend(((_routines.size() + 0x3) & ~0x3) * 0x100); if (_peFile.getRelocDir().isPresent())
{
_peFile.getRelocDir().extend(((_routines.size() + 0x3) & ~0x3) * 0x100);
}
for (auto& rtn : _routines) for (auto& rtn : _routines)
{ {
@ -856,36 +862,39 @@ X86BA_TEMPLATE void X86BinaryApplication<BitSize>::compile()
// //
// Append all relocations // Append all relocations
for (auto it = _relocBlocks.begin(); it != _relocBlocks.end(); ++it) if (_peFile.getRelocDir().isPresent())
{ {
u32 rva = it->first; for (auto it = _relocBlocks.begin(); it != _relocBlocks.end(); ++it)
std::vector<RelocationEntry> const &entries = it->second; {
u32 rva = it->first;
std::vector<RelocationEntry> const& entries = it->second;
if (entries.empty()) if (entries.empty())
continue; continue;
// Pad the amount of relocs to ensure 32bit alignment // Pad the amount of relocs to ensure 32bit alignment
size_t relocEntrySize = (entries.size() + 0x3) & ~0x3; size_t relocEntrySize = (entries.size() + 0x3) & ~0x3;
size_t numHandled = 0ull; size_t numHandled = 0ull;
// Create the BlockStream and add all relocatables. // Create the BlockStream and add all relocatables.
pe::BlockStream bs = _peFile.getRelocDir().createBlock(rva, relocEntrySize); pe::BlockStream bs = _peFile.getRelocDir().createBlock(rva, relocEntrySize);
if (!bs.valid()) if (!bs.valid())
continue; continue;
// printf("relocEntrySize: 0x%llx entries\n", relocEntrySize); // printf("relocEntrySize: 0x%llx entries\n", relocEntrySize);
for (auto& entry : entries) for (auto& entry : entries)
{ {
bs.append(entry.type, entry.offset); bs.append(entry.type, entry.offset);
++numHandled; ++numHandled;
} }
// Pad. // Pad.
for (size_t handled = numHandled; handled < relocEntrySize; ++handled) for (size_t handled = numHandled; handled < relocEntrySize; ++handled)
{ {
bs.append(pe::RelocationType::REL_BASED_ABSOLUTE, 0); bs.append(pe::RelocationType::REL_BASED_ABSOLUTE, 0);
}
} }
} }

Loading…
Cancel
Save