forked from NytroRST/ShellcodeCompiler
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathFunctionCalls.cpp
More file actions
187 lines (150 loc) · 5.27 KB
/
FunctionCalls.cpp
File metadata and controls
187 lines (150 loc) · 5.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
#include "FunctionCalls.h"
// Static members
const int FunctionCalls::PARAMETER_TYPE_INT = 0;
const int FunctionCalls::PARAMETER_TYPE_STRING = 1;
size_t FunctionCalls::AllFunctionCallsNr;
vector<FunctionCalls::FunctionCall> FunctionCalls::AllFunctionCalls;
bool FunctionCalls::FirstFunctionCall = true;
// Add function call name
void FunctionCalls::AddFunctionCallName(string p_sFunctionName)
{
FunctionCall Function;
Function.Name = p_sFunctionName;
AllFunctionCalls.push_back(Function);
if (FirstFunctionCall) FirstFunctionCall = false;
else AllFunctionCallsNr++;
}
// Add function call int parameter
void FunctionCalls::AddFunctionCallIntParameter(string p_sIntParameter)
{
Parameter Param;
Param.Type = PARAMETER_TYPE_INT;
Param.IntValue = (size_t)stoll(p_sIntParameter);
AllFunctionCalls[AllFunctionCallsNr].Parameters.push_back(Param);
}
// Add function call string parameter
void FunctionCalls::AddFunctionCallStringParameter(string p_sStringParameter)
{
Parameter Param;
Param.Type = PARAMETER_TYPE_STRING;
Param.StringValue = p_sStringParameter;
AllFunctionCalls[AllFunctionCallsNr].Parameters.push_back(Param);
}
// Check if a function exists
bool FunctionCalls::FunctionExists(string p_sFunctionName)
{
for (size_t i = 0; i < DeclaredFunctions::AllDeclaredFunctions.size(); i++)
if (DeclaredFunctions::AllDeclaredFunctions[i].Name.compare(p_sFunctionName) == 0) return true;
return false;
}
// Put a string (function parameter) on the stack
string FunctionCalls::GeneratePutStringToStack(string p_sString)
{
string sContent = "";
size_t Len = p_sString.length();
// Check if the string was already on the stack
if (StringOffsetAddress::StringOffsetExists(p_sString)) return "";
if (Len % 4 == 0)
{
sContent = "xor eax, eax ; EAX = 0 \r\n";
sContent += "push eax ; NULL on the stack \r\n";
}
else if (Len % 4 == 1)
{
sContent = "xor eax, eax\r\n";
sContent += "mov al, 0x";
sContent += Utils::CharToHexString(p_sString[Len - 1]);
sContent += "\r\n";
sContent += "push eax\r\n";
}
else if (Len % 4 == 2)
{
sContent = "xor eax, eax\r\n";
sContent += "mov ax, 0x";
sContent += Utils::CharToHexString(p_sString[Len - 1]);
sContent += Utils::CharToHexString(p_sString[Len - 2]);
sContent += "\r\n";
sContent += "push eax\r\n";
}
else if (Len % 4 == 3)
{
sContent = "xor eax, eax\r\n";
sContent += "mov eax, 0x23";
sContent += Utils::CharToHexString(p_sString[Len - 1]);
sContent += Utils::CharToHexString(p_sString[Len - 2]);
sContent += Utils::CharToHexString(p_sString[Len - 3]);
sContent += "\r\n";
sContent += "push eax\r\n";
sContent += "sub dword [esp + 3], 0x23\r\n";
}
else cout << "Imaginary number?" << endl;
// Put the string as hex data pushes on the stack
size_t Times = Len / 4;
for (size_t i = Times; i > 0; i--)
{
sContent += "push 0x";
for (size_t j = 4; j > 0; j--)
{
sContent += Utils::CharToHexString(p_sString[i * 4 - 4 + j - 1]);
}
sContent += "\r\n";
}
// Add dtring offset
sContent += "push esp\r\n\r\n";
StringOffsetAddress::CurrentStringOffset = StringOffsetAddress::CurrentStringOffset + Times + 2;
StringOffsetAddress::AddStringOffset(p_sString);
return sContent;
}
// Generate a function call
string FunctionCalls::GenerateFunctionCall(FunctionCalls::FunctionCall p_oFunctionCall)
{
string sContent = "";
size_t NrParam = p_oFunctionCall.Parameters.size();
size_t CurrentParamNr = 1;
// First, put all string parameters on the stack
for (size_t i = 0; i < p_oFunctionCall.Parameters.size(); i++)
if (p_oFunctionCall.Parameters[i].Type == FunctionCalls::PARAMETER_TYPE_STRING) sContent += GeneratePutStringToStack(p_oFunctionCall.Parameters[i].StringValue);
// Parse all arguments (from the end)
for (size_t i = NrParam - 1; ; i--)
{
if (p_oFunctionCall.Parameters[i].Type == FunctionCalls::PARAMETER_TYPE_STRING)
{
sContent += "push dword [ESP + ";
sContent += to_string(((CurrentParamNr - 1) * 4) + ((StringOffsetAddress::CurrentStringOffset - StringOffsetAddress::GetStringOffset(p_oFunctionCall.Parameters[i].StringValue)) * 4));
sContent += "]\r\n";
}
else if (p_oFunctionCall.Parameters[i].Type == FunctionCalls::PARAMETER_TYPE_INT)
{
// If int parameter is 0, avoid NULL
if (p_oFunctionCall.Parameters[i].IntValue == 0)
{
sContent += "xor eax, eax\r\n";
sContent += "push eax\r\n";
}
else
{
sContent += "push 0x";
sContent += Utils::IntToHexString(p_oFunctionCall.Parameters[i].IntValue);
sContent += "\r\n";
}
}
else cout << "Error: Undefined parameter type!" << endl;
CurrentParamNr++;
if (i == 0) break;
}
// Call function
sContent += "call dword [ESP + ";
sContent += to_string(((NrParam - 1) * 4) + (StringOffsetAddress::CurrentStringOffset * 4) + ((FunctionOffsetAddress::CurrentFunctionOffset - FunctionOffsetAddress::GetFunctionOffset(p_oFunctionCall.Name)) * 4));
sContent += "]\r\n";
// Clean string parameters
if (StringOffsetAddress::CurrentStringOffset > 0)
{
sContent += "add ESP, ";
sContent += to_string(StringOffsetAddress::CurrentStringOffset * 4);
sContent += "\r\n";
}
// Clean global strings data
StringOffsetAddress::CurrentStringOffset = 0;
StringOffsetAddress::StringOffsets.clear();
return sContent;
}