export script so i can view in ghidra

master
JoYo 2019-03-07 02:17:42 +00:00
parent a628370365
commit 3505a51bc3
5 changed files with 42 additions and 8 deletions

View File

@ -3,4 +3,11 @@ ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install -y \ RUN apt-get update && apt-get install -y \
python3-capstone \ python3-capstone \
python3-setuptools \
python3-sqlalchemy python3-sqlalchemy
RUN mkdir /app/
ADD sins/ /app/sins/
ADD setup.py /app/
WORKDIR /app/
RUN python3 setup.py install

View File

@ -7,7 +7,5 @@ services:
build: build:
context: . context: .
volumes: volumes:
- ${PWD}:/app
- scraps:/out - scraps:/out
working_dir: /app command: sins -o /out/
command: python3 -m sins -o /out/

View File

@ -8,6 +8,7 @@ setup(
entry_points={ entry_points={
'console_scripts': [ 'console_scripts': [
'sins = sins:sins', 'sins = sins:sins',
'sins_export = sins:export',
], ],
}, },
) )

View File

@ -1,5 +1,5 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
from .run import sins from .run import sins, export
from .mutation import generation, mutate from .mutation import generation, mutate
from .orm import db_config, ScrapNode from .orm import db_config, ScrapNode
from .disassemble import disasm, objdump from .disassemble import disasm, objdump

View File

@ -13,13 +13,40 @@ from .orm import db_config, ScrapNode
from .disassemble import objdump from .disassemble import objdump
def export():
now = '{0:%Y%m%dT%H%M%S}'.format(datetime.utcnow())
parser = ArgumentParser(
description='export recent scrap shellcode.')
parser.add_argument('-v', '--verbose', action='count')
parser.add_argument('-db', '--database', default='/out/sins.sqlite',
help='path to scrap database.')
parser.add_argument('-o', '--out_path',
help='path to export scrap shellcode.')
args = parser.parse_args()
level = logging.DEBUG if args.verbose else logging.INFO
logging.basicConfig(level=level, format='%(message)s')
logging.info(now)
db_path = Path(args.database)
session = db_config(db_path)
logging.info(f'db_path: {db_path}')
recent = session.query(ScrapNode).order_by(desc('ctime')).first()
logging.info(f'recent: {recent}')
out_path = Path(f'{args.out_path}/scrap-{recent.checksum[:8]}.bin')
with out_path.open('wb') as file:
file.write(recent.image)
def sins(): def sins():
now = '{0:%Y%m%dT%H%M%S}'.format(datetime.utcnow()) now = '{0:%Y%m%dT%H%M%S}'.format(datetime.utcnow())
parser = ArgumentParser( parser = ArgumentParser(
description='position independent code (PIC) mutation experiment.') description='position independent code (PIC) mutation experiment.')
parser.add_argument('-v', '--verbose', action='count') parser.add_argument('-v', '--verbose', action='count')
parser.add_argument('-s', '--seed', help='path to PIC image.') parser.add_argument('-s', '--seed', help='path to PIC image.')
parser.add_argument('-o', '--output', help='path to results directory.') parser.add_argument('-o', '--out_path', help='path to results directory.')
parser.add_argument('-l', '--lineage', default=10, parser.add_argument('-l', '--lineage', default=10,
help='max count of unsuccessful generation.') help='max count of unsuccessful generation.')
args = parser.parse_args() args = parser.parse_args()
@ -42,8 +69,8 @@ def sins():
logger.info(now) logger.info(now)
if args.output: if args.out_path:
db_path = Path(f'{args.output}/sins.sqlite') db_path = Path(f'{args.out_path}/sins.sqlite')
else: else:
temp_dir = TemporaryDirectory() temp_dir = TemporaryDirectory()
db_path = Path(f'{temp_dir.name}/sins.sqlite') db_path = Path(f'{temp_dir.name}/sins.sqlite')
@ -67,7 +94,8 @@ def sins():
seed = ScrapNode(child=seed_shell) seed = ScrapNode(child=seed_shell)
logger.debug(f'seed_shell:\n{seed}') logger.debug(f'seed_shell:\n{seed}')
exists = session.query(ScrapNode).filter(ScrapNode.checksum == seed.checksum).all() exists = session.query(ScrapNode).filter(
ScrapNode.checksum == seed.checksum).all()
if exists: if exists:
seed = exists[0] seed = exists[0]