Documentation
¶
Index ¶
- Constants
- Variables
- func GetFileSize(filePath string) (int, error)
- type Blueprint
- func (bp *Blueprint) AddCallOver(payload []byte) ([]byte, error)
- func (bp *Blueprint) Analyze() error
- func (bp *Blueprint) Assemble(asm string) ([]byte, bool)
- func (bp *Blueprint) AssemblePayload() ([]byte, error)
- func (bp *Blueprint) CompileStub(payload []byte) ([]byte, error)
- func (bp *Blueprint) GetAPIResolverBlockAssembly() (string, error)
- func (bp *Blueprint) GetLoaderAssembly() (string, error)
Constants ¶
const CRC32 = `` /* 4621-byte string literal not displayed */
CRC32 https://github.com/M0HX/CRC32_API
const CRC64 = `` /* 5422-byte string literal not displayed */
CRC64 https://github.com/M0HX/CRC32_API
const FixedLoaderX64 = `` /* 5974-byte string literal not displayed */
FixedLoaderX64 contains the 64 bit PE loader for non-relocatable PE files
const FixedLoaderX86 = `` /* 5709-byte string literal not displayed */
FixedLoaderX86 contains the 64 bit PE loader for non-relocatable PE files
const IAT32 = `` /* 4921-byte string literal not displayed */
IAT32 https://github.com/EgeBalci/IAT_API
const IAT64 = `` /* 5462-byte string literal not displayed */
IAT64 https://github.com/EgeBalci/IAT_API
const LoaderX64 = `` /* 8856-byte string literal not displayed */
LoaderX64 contains the 64 bit PE loader for relocatable PE files
const LoaderX86 = `` /* 7382-byte string literal not displayed */
LoaderX86 contains the 32 bit PE loader for relocatable PE files
const VERSION = "3.1.0"
VERSION number
Variables ¶
var STUB32 = "" /* 227328-byte string literal not displayed */
STUB32 contains the empty 32 bit PE file used for creating amber stub
var STUB64 = "" /* 234840-byte string literal not displayed */
STUB64 contains the empty 64 bit PE file used for creating amber stub
Functions ¶
func GetFileSize ¶
GetFileSize retrieves the size of the file with given file path
Types ¶
type Blueprint ¶
type Blueprint struct {
// Parameters...
FileName string
FullFileName string
FileSize int
IAT bool
Resource bool
IgnoreIntegrity bool
BuildStub bool
CustomStubName string
CustomStub []byte
// PE specs...
Architecture int
SizeOfImage uint32
ImageBase uint64
AddressOfEntry uint32
Subsystem uint16
ImportTable uint64
ExportTable uint64
RelocTable uint64
ImportAdressTable uint64
HasBoundedImports bool
HasDelayedImports bool
HasTLSCallbacks bool
HasRelocData bool
IsCLR bool
IsDLL bool
// contains filtered or unexported fields
}
Blueprint structure contains PE specs, tool parameters and OS spesific info
func (*Blueprint) AddCallOver ¶
AddCallOver function adds a call instruction over the end of the given payload address of the payload will be pushed to the stack and execution will continiou after the end of payload
func (*Blueprint) AssemblePayload ¶
AssemblePayload generates the binary stub bla bla...
func (*Blueprint) CompileStub ¶
CompileStub generates the final stub file with given payload
func (*Blueprint) GetAPIResolverBlockAssembly ¶
GetAPIResolverBlockAssembly returns the corresponding API resolver block assembly code based on the given blueprint strunct
func (*Blueprint) GetLoaderAssembly ¶
GetLoaderAssembly returns the corresponding PE loader assembly code based on the given blueprint strunct
Source Files