[ADD] alteration on SectionPermissions

packing-box · Jul 23, 2024 · 0acd1e7 · 0acd1e7
1 parent 546032b
commit 0acd1e7
Show file tree

Hide file tree

Showing 17 changed files with 467 additions and 22,161 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,9 +1,10 @@
 *.exe
-*.exe.bak
+*.bak
 *.o
 *.zip
 .vscode
 *.elf
 *.cpp
 raw_size_editor
 exe/*
+docs/site/*
diff --git a/Makefile b/Makefile
@@ -7,7 +7,7 @@ FILE=upx_7z.exe
 
 
 # Compiler flags
-CXXFLAGS = -Wall -std=c++11
+CXXFLAGS = -Wall -std=c++17
 
 # LIEF library
 LIEF = -I/usr/local/LIEF/include/LIEF -L/usr/local/LIEF/lib -lLIEF
@@ -36,14 +36,5 @@ PEBinary.o: $(DIR_CLASSES)/PEBinary.cpp $(DIR_CLASSES)/PEBinary.hpp
 PEBinaryModifiers.o: $(DIR_CLASSES)/PEBinaryModifiers.cpp $(DIR_CLASSES)/PEBinaryModifiers.hpp
 	$(CXX) $(PARAMS) -c $(DIR_CLASSES)/PEBinaryModifiers.cpp $(LIEF)
 
-run_test: $(EXEC)
-	rm -f output_$(FILE)
-	rm -f $(FILE) && cp $(FILE).bak $(FILE) && sha256sum $(FILE)
-	./$(EXEC) $(FILE) && sha256sum output_$(FILE)
-	wine output_$(FILE)
-
-raw_size_editor: $(SOURCE_DIR)/edit_raw_size.cpp
-	$(CXX) $(PARAMS) -o raw_size_editor $(SOURCE_DIR)/edit_raw_size.cpp
-
 clean:
 	rm -f *.o $(EXEC) 
diff --git a/README.md b/README.md
@@ -38,7 +38,7 @@ In the current version, the tool focuses on the PE file format and the most comm
 
 
 Description: This program applies some alterations to a PE file. 
- Note that when no alteration is specified ALL of them will be applied, if at least one is specified only selected ones will be applied
+ Note that when no alteration is specified ALL non-overlapping alterations will be applied, if at least one is specified only selected ones will be applied
 
 Usage: ./notpacked++ <input_file>
 

diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml
@@ -7,6 +7,7 @@ nav:
   - Introduction: index.md
   - 'Quick Start': quickstart.md
   - Alterations: alterations.md
+  - Installation: installation.md
 extra:
   generator: false
   social:

diff --git a/docs/pages/index.md b/docs/pages/index.md
@@ -16,13 +16,13 @@ In the current version, the tool focuses on the PE file format and the most comm
 - [Getting Started](#getting-started)
 - [Installation](installation.md)
 - [Alterations](alterations.md)
-- [Usage](quick_start.md)
+- [Usage](quickstart.md)
 
 ## Getting Started
 
 To get started with NotPacked++, you can either download the latest release from the [releases page](https://github.com/packing-box/packer-masking-tool/releases) or build it from source.
 
-- [Quick Start Guide](quick_start.md) : A quick guide to get you started with NotPacked++
+- [Quick Start Guide](quickstart.md) : A quick guide to get you started with NotPacked++
 - [Installation](installation.md) : Instructions on how to install dependencies and build NotPacked++
 
 

diff --git a/docs/pages/installation.md b/docs/pages/installation.md
@@ -15,7 +15,7 @@ You can install LIEF by running the following command:
 ```bash
 ./install_lief.sh
 ```
-Or you can use the Dockerfile provided in the repository to build the tool, it will install all the dependencies for you.
+Or you can use the **Dockerfile** provided in the repository to build the tool, it will install all the dependencies for you.
 
 ### Building NotPacked++
 Once you have installed the dependencies, you can build the tool by running the following command:

diff --git a/docs/pages/quickstart.md b/docs/pages/quickstart.md
@@ -42,12 +42,15 @@ This will apply all alterations to the input file.
 
 ### Use case 2: Selected alterations
 `notpacked++ input.exe --add-api --fill-zero`
+
 This will only apply the following :
+
 - `--add-api`: Add 20 common API imports
 - `--fill-zero`: Fill sections with zeros from their raw size to their virtual size.
 
 ### Use case 3: Output file
 `notpacked++ input.exe -o output.exe`
+
 > Note: If no output file is specified, the output file will be named `output_<inputFilename>.exe`
 
 ### Soon to come

diff --git a/notpacked++ b/notpacked++
diff --git a/src/classes/PEBinary.cpp b/src/classes/PEBinary.cpp
@@ -286,3 +286,9 @@ std::string PEBinary::execute_command(const std::string& command) {
     std::cout << "Result: " << result << std::endl;
     return result;
 }
+
+
+void PEBinary::update_section_permissions(  const std::vector<uint8_t>& pre_data, const std::vector<uint8_t>& post_data, size_t nb_deadcode )
+{
+    PEBinaryModifiers::update_section_permissions(pe, pre_data, post_data, nb_deadcode);
+}
diff --git a/src/classes/PEBinary.hpp b/src/classes/PEBinary.hpp
@@ -37,6 +37,11 @@ class PEBinary {
     void move_entrypoint_to_new_section(const std::string& name, uint32_t characteristics=0, const std::vector<uint8_t>& pre_data={}, const std::vector<uint8_t>& post_data={});
     void move_entrypoint_to_slack_space(const std::string& section_name);
     bool set_checksum(uint32_t checksum);
+    void update_section_permissions(
+                                    const std::vector<uint8_t>& pre_data={},
+                                    const std::vector<uint8_t>& post_data={},
+                                    size_t nb_deadcode=128
+                                    );
 
 private:
     std::string filename;

diff --git a/src/classes/PEBinaryAlterations.cpp b/src/classes/PEBinaryAlterations.cpp
@@ -19,6 +19,22 @@ class PEBinaryAlterations {
         }
     }
 
+    static void update_section_permissions_and_move_ep(PEBinary& binary){
+        try
+        {
+            // -- Update the permissions of the sections --
+            //std::vector<uint8_t> pre_data = Utilities::generateRandomBytes(64);
+            //std::vector<uint8_t> post_data = Utilities::generateRandomBytes(64);
+            //size_t nb_deadcode = 128;
+            // TODO: use pre_data and post_data
+            binary.update_section_permissions();
+        }
+        catch(const std::exception& e)
+        {
+            std::cerr << "[Error] " << e.what() << '\n';
+        }
+    }
+
     static void move_entrypoint_to_new_low_entropy_section(PEBinary& binary){
         // this function is for moving the entry point to a new section with low entropy and common related name