export script so i can view in ghidra

2019-03-07 02:17:42 +00:00 · 2019-03-07 02:17:42 +00:00 · 3505a51bc3
parent a628370365
commit 3505a51bc3
5 changed files with 42 additions and 8 deletions
--- a/7
+++ b/7
@ -3,4 +3,11 @@ ENV DEBIAN_FRONTEND=noninteractive

 RUN apt-get update && apt-get install -y \
  python3-capstone \
+  python3-setuptools \
  python3-sqlalchemy
+
+RUN mkdir /app/
+ADD sins/ /app/sins/
+ADD setup.py /app/
+WORKDIR /app/
+RUN python3 setup.py install
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -7,7 +7,5 @@ services:
    build:
      context: .
    volumes:
-      - ${PWD}:/app
      - scraps:/out
-    working_dir: /app
-    command: python3 -m sins -o /out/
+    command: sins -o /out/
--- a/setup.py
+++ b/setup.py
@ -8,6 +8,7 @@ setup(
    entry_points={
        'console_scripts': [
            'sins = sins:sins',
+            'sins_export = sins:export',
        ],
    },
 )
--- a/sins/init.py
+++ b/sins/init.py
@ -1,5 +1,5 @@
 #!/usr/bin/env python3
-from .run import sins
+from .run import sins, export
 from .mutation import generation, mutate
 from .orm import db_config, ScrapNode
 from .disassemble import disasm, objdump
--- a/sins/run.py
+++ b/sins/run.py
@ -13,13 +13,40 @@ from .orm import db_config, ScrapNode
 from .disassemble import objdump


+def export():
+    now = '{0:%Y%m%dT%H%M%S}'.format(datetime.utcnow())
+    parser = ArgumentParser(
+        description='export recent scrap shellcode.')
+    parser.add_argument('-v', '--verbose', action='count')
+    parser.add_argument('-db', '--database', default='/out/sins.sqlite',
+                        help='path to scrap database.')
+    parser.add_argument('-o', '--out_path',
+                        help='path to export scrap shellcode.')
+    args = parser.parse_args()
+
+    level = logging.DEBUG if args.verbose else logging.INFO
+    logging.basicConfig(level=level, format='%(message)s')
+    logging.info(now)
+
+    db_path = Path(args.database)
+    session = db_config(db_path)
+    logging.info(f'db_path: {db_path}')
+    recent = session.query(ScrapNode).order_by(desc('ctime')).first()
+    logging.info(f'recent: {recent}')
+
+    out_path = Path(f'{args.out_path}/scrap-{recent.checksum[:8]}.bin')
+
+    with out_path.open('wb') as file:
+        file.write(recent.image)
+
+
 def sins():
    now = '{0:%Y%m%dT%H%M%S}'.format(datetime.utcnow())
    parser = ArgumentParser(
        description='position independent code (PIC) mutation experiment.')
    parser.add_argument('-v', '--verbose', action='count')
    parser.add_argument('-s', '--seed', help='path to PIC image.')
-    parser.add_argument('-o', '--output', help='path to results directory.')
+    parser.add_argument('-o', '--out_path', help='path to results directory.')
    parser.add_argument('-l', '--lineage', default=10,
                        help='max count of unsuccessful generation.')
    args = parser.parse_args()
@ -42,8 +69,8 @@ def sins():

    logger.info(now)

-    if args.output:
-        db_path = Path(f'{args.output}/sins.sqlite')
+    if args.out_path:
+        db_path = Path(f'{args.out_path}/sins.sqlite')
    else:
        temp_dir = TemporaryDirectory()
        db_path = Path(f'{temp_dir.name}/sins.sqlite')
@ -67,7 +94,8 @@ def sins():
        seed = ScrapNode(child=seed_shell)
        logger.debug(f'seed_shell:\n{seed}')

-    exists = session.query(ScrapNode).filter(ScrapNode.checksum == seed.checksum).all()
+    exists = session.query(ScrapNode).filter(
+        ScrapNode.checksum == seed.checksum).all()

    if exists:
        seed = exists[0]