Add support for context-map files to msfpescan (http://sourceforge.net/projects/smem-map/)

git-svn-id: file:///home/svn/framework3/trunk@5154 4d416f70-5f16-0410-b530-b9f4589650da
unstable
HD Moore 2007-10-18 16:55:23 +00:00
parent d66b6fbc56
commit ec94968d82
3 changed files with 49 additions and 6 deletions

View File

@ -218,8 +218,8 @@ module Analyze
def scan(param)
dest = param['dir']
if (param['filename'])
dest = File.join(dest, File.basename(param['filename']))
if (param['file'])
dest = File.join(dest, File.basename(param['file']))
end
FileUtils.mkdir_p(dest)
@ -235,6 +235,47 @@ module Analyze
end
end
class ContextMapDumper
attr_accessor :pe
def initialize(pe)
self.pe = pe
end
def scan(param)
dest = param['dir']
path = ''
FileUtils.mkdir_p(dest)
if(not (param['dir'] and param['file']))
$stderr.puts "No directory or file specified"
return
end
if (param['file'])
path = File.join(dest, File.basename(param['file']) + ".map")
end
fd = File.new(path, "w")
pe.all_sections.each do |section|
# Skip over known bad sections
next if section.name == ".data"
next if section.name == ".reloc"
data = section.read(0, section.size)
buff = [ 0x01, pe.rva_to_vma( section.base_rva ), data.length, data].pack("CVVA*")
fd.write(buff)
end
fd.close
end
end
# EOC
end

View File

@ -76,6 +76,10 @@ opt.on('-R', '--ripper [directory]', 'Rip all module resources to disk ') do |t|
param['dir'] = t
end
opt.on('--context-map [directory]', 'Generate context-map files') do |t|
worker = Rex::PeScan::Analyze::ContextMapDumper
param['dir'] = t
end
opt.separator('')
opt.separator('Options:')
@ -127,8 +131,6 @@ ARGV.each do |file|
pe.image_base = param['imagebase'];
end
param['filename'] = file
o = worker.new(pe)
o.scan(param)