Changeset 1634
- Timestamp:
- 06/21/08 20:49:48 (2 months ago)
- Files:
-
- honeytrap/trunk/src/modules/htm_cpuEmu.c (modified) (8 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
honeytrap/trunk/src/modules/htm_cpuEmu.c
r1633 r1634 164 164 165 165 int j; 166 for ( j=0;j<8;j++ )emu_cpu_reg32_set(cpu,j , 0);166 for (j=0; j<8; j++) emu_cpu_reg32_set(cpu,j , 0); 167 167 168 168 emu_memory_write_dword(mem, 0xef787c3c, 4711); … … 180 180 181 181 // write code to offset 182 int static_offset = CODE_OFFSET; 183 emu_memory_write_block(mem, static_offset, opts.scode, opts.size); 182 emu_memory_write_block(mem, CODE_OFFSET, opts.scode, opts.size); 184 183 185 184 // set eip to code 186 emu_cpu_eip_set(emu_cpu_get(e), static_offset+ opts.offset);185 emu_cpu_eip_set(emu_cpu_get(e), CODE_OFFSET + opts.offset); 187 186 emu_cpu_reg32_set(emu_cpu_get(e), esp, 0x0012fe98); 188 187 … … 191 190 192 191 emu_free(e); 192 193 logmsg(LOG_NOISY, 1, "CPU Emulation - %u bytes processed.\n", attack->a_conn.payload.size); 193 194 return(1); 194 195 } 195 196 196 197 logmsg(LOG_NOISY, 1, "CPU Emulation - %u bytes processed.\n", attack->a_conn.payload.size); 197 198 198 return(0); 199 199 } … … 202 202 // run detected asm code on emulated CPU 203 203 int run(struct emu *e) { 204 int j, ret;205 uint32_t eipsave ;204 int j, ret; 205 uint32_t eipsave = 0; 206 206 struct emu_cpu *cpu = emu_cpu_get(e); 207 207 struct emu_env *env = emu_env_new(e); 208 struct emu_hashtable *eh = NULL; 209 208 210 209 211 if (env == NULL) { 210 logmsg(LOG_ERR, 1, "CPU Emulation Error - %s.\n", emu_strerror(e));212 logmsg(LOG_ERR, 1, "CPU Emulation Error - Unable to create environment: %s.\n", emu_strerror(e)); 211 213 return -1; 212 214 } … … 216 218 emu_env_w32_export_hook(env, "ExitProcess", user_hook_ExitProcess, NULL); 217 219 emu_env_w32_export_hook(env, "ExitThread", user_hook_ExitThread, NULL); 220 218 221 emu_env_w32_export_hook(env, "CreateProcessA", user_hook_CreateProcess, NULL); 219 222 emu_env_w32_export_hook(env, "WaitForSingleObject", user_hook_WaitForSingleObject, NULL); … … 230 233 emu_env_w32_export_hook(env, "WSASocketA", user_hook_WSASocket, NULL); 231 234 232 235 opts.steps = 1000000; 233 236 234 237 // run the code 235 238 logmsg(LOG_NOISY, 1, "CPU Emulation - Running code...\n"); 236 239 237 struct emu_hashtable *eh = NULL; 238 for (eipsave=0, j=0;j<opts.steps;j++ ) { 239 if (cpu->repeat_current_instr == false) eipsave = emu_cpu_eip_get(emu_cpu_get(e)); 240 241 struct emu_env_hook *hook = NULL; 242 243 ret = 0; 240 for (j=0;j<opts.steps;j++) { 241 if ( cpu->repeat_current_instr == false ) eipsave = emu_cpu_eip_get(emu_cpu_get(e)); 242 243 struct emu_env_hook *hook = NULL; 244 ret = 0; 244 245 245 246 if ((hook = emu_env_w32_eip_check(env)) != NULL) { … … 249 250 } 250 251 } else { 251 if ((ret = emu_cpu_parse(emu_cpu_get(e))) == -1) { 252 logmsg(LOG_WARN, 1, "CPU Emulation Warning - CPU Error: %s", emu_strerror(e)); 253 break; 254 } 252 ret = emu_cpu_parse(emu_cpu_get(e)); 253 255 254 if (log_level == LOG_DEBUG) { 256 255 emu_log_level_set(emu_logging_get(e),EMU_LOG_DEBUG); … … 258 257 emu_log_level_set(emu_logging_get(e),EMU_LOG_NONE); 259 258 } 259 260 struct emu_env_hook *hook = NULL; 261 262 if ( ret != -1 ) { 263 if ( hook == NULL ) ret = emu_cpu_step(emu_cpu_get(e)); 264 else break; 265 } else { 266 logmsg(LOG_WARN, 1, "CPU Emulation Warning - CPU error: %s", emu_strerror(e)); 267 break; 268 } 260 269 } 261 270 } 271 262 272 if (eh != NULL) emu_hashtable_free(eh); 263 273
