load and execute

master
JoYo 7 years ago
parent 1faad74d59
commit 70d068db22

@ -1,48 +1,53 @@
#include <stdio.h>
#include <time.h>
#include <stdlib.h>
#include <sys/mman.h>
#include <malloc.h>
#include <time.h>
#include <string.h>
#include <errno.h>
#include <sysexits.h>
#include <sys/mman.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
#include <openssl/sha.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/buffer.h>
#pragma comment(lib, "openssl/sha.lib")
char *picProto(void *picAddr, size_t picSize, void *clonePtr) {
char *(*cloneFunc)(void *, size_t) = clonePtr;
return cloneFunc(picAddr, picSize);
void picProto(void *picAddr, size_t picSize, void *clonePtr, char *checksum) {
void (*cloneFunc)(void *, size_t, char *) = clonePtr;
cloneFunc(picAddr, picSize, checksum);
return;
}
char *clone(void *picAddr, size_t picSize) {
void clone(void *picAddr, size_t picSize, char *checksum) {
auto retVal = EX_SOFTWARE;
srand((unsigned int)time(NULL));
srand(time(NULL));
unsigned int picOffset = (rand() % (picSize + 1));
unsigned char picFlip = ((char *)picAddr)[picOffset] & (rand() % 1);
((char *)picAddr)[picOffset] = ((char *)picAddr)[picOffset] & (rand() % 1);
unsigned char *digest = NULL;
SHA_CTX sha;
((char *)picAddr)[picOffset] = picFlip;
SHA1_Init(&sha);
SHA1_Update(&sha, picAddr, picSize);
SHA1_Final(digest, &sha);
unsigned char digest[SHA_DIGEST_LENGTH];
SHA1(picAddr, picSize, digest);
char *fileOutPath = NULL;
sprintf(fileOutPath, "./%s_%x.bin", digest, rand());
for (int iter = 0; iter < SHA_DIGEST_LENGTH; iter++) {
sprintf(&checksum[iter * 2], "%02x", digest[iter]);
}
FILE *fileOutHandle = fopen(fileOutPath, "wb");
FILE *fileOutHandle = fopen(checksum, "w+");
if (NULL == fileOutHandle) {
retVal = EX_SOFTWARE;
retVal = errno;
goto CLONE_CLEANUP;
}
retVal = fwrite(picAddr, 1, picSize, fileOutHandle);
if (retVal != picSize) {
retVal = EX_SOFTWARE;
retVal = errno;
goto CLONE_CLEANUP;
}
@ -51,7 +56,7 @@ CLONE_CLEANUP:
if (fileOutHandle) {
fclose(fileOutHandle);
}
return fileOutPath;
return;
}
int main(int argc, const char **argv) {
@ -60,34 +65,33 @@ int main(int argc, const char **argv) {
FILE *fileInHandle = fopen(fileInPath, "rb");
if (NULL == fileInHandle) {
retVal = EX_SOFTWARE;
retVal = errno;
goto MAIN_CLEANUP;
}
fseek(fileInHandle, 0L, SEEK_END);
size_t picBuffer_len = ftell(fileInHandle);
fseek(fileInHandle, 0L, SEEK_SET);
if (0 >= picBuffer_len) {
retVal = EX_SOFTWARE;
struct stat picStat;
fstat(fileno(fileInHandle), &picStat);
if (-1 == picStat.st_size) {
retVal = errno;
goto MAIN_CLEANUP;
}
void *picBuffer = malloc(picBuffer_len);
void *picBuffer = memalign(getpagesize(), picStat.st_size);
if (NULL == picBuffer) {
retVal = EX_SOFTWARE;
retVal = errno;
goto MAIN_CLEANUP;
}
memset(&picBuffer, 0, picBuffer_len);
retVal = mprotect(picBuffer, picBuffer_len, PROT_EXEC);
if (0 == retVal) {
retVal = EX_SOFTWARE;
retVal =
mprotect(picBuffer, picStat.st_size, PROT_READ | PROT_WRITE | PROT_EXEC);
if (0 != retVal) {
retVal = errno;
goto MAIN_CLEANUP;
}
retVal = fread(picBuffer, 1, picBuffer_len, fileInHandle);
if (retVal != picBuffer_len) {
retVal = EX_SOFTWARE;
retVal = fread(picBuffer, 1, picStat.st_size, fileInHandle);
if (retVal != picStat.st_size) {
retVal = errno;
goto MAIN_CLEANUP;
}
@ -95,10 +99,11 @@ int main(int argc, const char **argv) {
fclose(fileInHandle);
}
char *(*cloneFunc)(void *, size_t) = clone;
void *(*picFunc)(void *, size_t, void *) = picBuffer;
char checksum[(SHA_DIGEST_LENGTH * 2) + 1];
void (*cloneFunc)(void *, size_t, char *) = clone;
void (*picFunc)(void *, size_t, void *, char *) = picBuffer;
char *childPath = picFunc(picBuffer, picBuffer_len, cloneFunc);
picFunc(picBuffer, picStat.st_size, cloneFunc, &checksum);
retVal = EX_OK;
MAIN_CLEANUP:

@ -0,0 +1,20 @@
[BITS 64]
push rbp
mov rbp,rsp
sub rsp,0x30
mov QWORD [rbp-0x18],rdi
mov QWORD [rbp-0x20],rsi
mov QWORD [rbp-0x28],rdx
mov QWORD [rbp-0x30],rcx
mov rax,QWORD [rbp-0x28]
mov QWORD [rbp-0x8],rax
mov rdx,QWORD [rbp-0x30]
mov rsi,QWORD [rbp-0x20]
mov rcx,QWORD [rbp-0x18]
mov rax,QWORD [rbp-0x8]
mov rdi,rcx
call rax
nop
leave
ret
Loading…
Cancel
Save