Add support for context-map files to msfpescan (http://sourceforge.net/projects/smem-map/)
git-svn-id: file:///home/svn/framework3/trunk@5154 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
d66b6fbc56
commit
ec94968d82
|
@ -218,8 +218,8 @@ module Analyze
|
|||
def scan(param)
|
||||
dest = param['dir']
|
||||
|
||||
if (param['filename'])
|
||||
dest = File.join(dest, File.basename(param['filename']))
|
||||
if (param['file'])
|
||||
dest = File.join(dest, File.basename(param['file']))
|
||||
end
|
||||
|
||||
FileUtils.mkdir_p(dest)
|
||||
|
@ -235,6 +235,47 @@ module Analyze
|
|||
end
|
||||
end
|
||||
|
||||
class ContextMapDumper
|
||||
|
||||
attr_accessor :pe
|
||||
|
||||
def initialize(pe)
|
||||
self.pe = pe
|
||||
end
|
||||
|
||||
def scan(param)
|
||||
dest = param['dir']
|
||||
path = ''
|
||||
|
||||
FileUtils.mkdir_p(dest)
|
||||
|
||||
if(not (param['dir'] and param['file']))
|
||||
$stderr.puts "No directory or file specified"
|
||||
return
|
||||
end
|
||||
|
||||
if (param['file'])
|
||||
path = File.join(dest, File.basename(param['file']) + ".map")
|
||||
end
|
||||
|
||||
fd = File.new(path, "w")
|
||||
pe.all_sections.each do |section|
|
||||
|
||||
# Skip over known bad sections
|
||||
next if section.name == ".data"
|
||||
next if section.name == ".reloc"
|
||||
|
||||
data = section.read(0, section.size)
|
||||
buff = [ 0x01, pe.rva_to_vma( section.base_rva ), data.length, data].pack("CVVA*")
|
||||
|
||||
fd.write(buff)
|
||||
|
||||
end
|
||||
|
||||
fd.close
|
||||
end
|
||||
end
|
||||
|
||||
# EOC
|
||||
|
||||
end
|
||||
|
|
|
@ -76,6 +76,10 @@ opt.on('-R', '--ripper [directory]', 'Rip all module resources to disk ') do |t|
|
|||
param['dir'] = t
|
||||
end
|
||||
|
||||
opt.on('--context-map [directory]', 'Generate context-map files') do |t|
|
||||
worker = Rex::PeScan::Analyze::ContextMapDumper
|
||||
param['dir'] = t
|
||||
end
|
||||
|
||||
opt.separator('')
|
||||
opt.separator('Options:')
|
||||
|
@ -127,8 +131,6 @@ ARGV.each do |file|
|
|||
pe.image_base = param['imagebase'];
|
||||
end
|
||||
|
||||
param['filename'] = file
|
||||
|
||||
o = worker.new(pe)
|
||||
o.scan(param)
|
||||
|
||||
|
|
Loading…
Reference in New Issue