Git/mgeeky-Penetration-Testing-Tools
1
0
Fork 0
mirror of https://github.com/mgeeky/Penetration-Testing-Tools.git synced 2024-12-04 08:15:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fixed findSymbols.py

Browse Source
This commit is contained in:
Mariusz B. / mgeeky 2021-10-23 13:31:09 +02:00
parent 79f3c03c7b
commit eda974768d
1 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
windows/findSymbols.py
View File

@ -246,6 +246,14 @@ def processDir(args, regexes, path, results, uniqueSymbols, filesProcessed, symb
for file in glob.glob(os.path.join(path, '**'), recursive=args.recurse): for file in glob.glob(os.path.join(path, '**'), recursive=args.recurse):
try: try:
if len(args.extension) > 0:
skip = False
for ext in args.extension:
if not file.lower().endswith(f'.{ext}'):
skip = True
if skip:
continue
if os.path.isfile(file): if os.path.isfile(file):
looks_like_pe = False looks_like_pe = False
with open(file, 'rb') as f: with open(file, 'rb') as f:
@ -254,7 +262,9 @@ def processDir(args, regexes, path, results, uniqueSymbols, filesProcessed, symb
looks_like_pe = (mz[0] == ord('M') and mz[1] == ord('Z')) or (mz[1] == ord('M') and mz[0] == ord('Z')) looks_like_pe = (mz[0] == ord('M') and mz[1] == ord('Z')) or (mz[1] == ord('M') and mz[0] == ord('Z'))
if looks_like_pe: filePaths.append(file) if looks_like_pe: filePaths.append(file)
except:
except Exception as e:
verbose(args, f'[-] Could not open file: ({file}). Exception: {e}')
continue continue
cpu_count = multiprocessing.cpu_count() cpu_count = multiprocessing.cpu_count()
@ -265,6 +275,9 @@ def processDir(args, regexes, path, results, uniqueSymbols, filesProcessed, symb
arguments = [[args, regexes, _path, results, uniqueSymbols, filesProcessed, symbolsProcessed] for _path in filePaths] arguments = [[args, regexes, _path, results, uniqueSymbols, filesProcessed, symbolsProcessed] for _path in filePaths]
out(f'[.] Will scan {len(filePaths)} files...') out(f'[.] Will scan {len(filePaths)} files...')
if len(filePaths) > 5000:
out(f'[.] Be patient that\'s gonna take a long while...')
res = pool.map(processFileWorker, arguments) res = pool.map(processFileWorker, arguments)
except KeyboardInterrupt: except KeyboardInterrupt:
@ -283,6 +296,7 @@ def opts(argv):
params.add_argument('-r', '--recurse', action='store_true', help='If <path> is a directory, perform recursive scan.') params.add_argument('-r', '--recurse', action='store_true', help='If <path> is a directory, perform recursive scan.')
params.add_argument('-v', '--verbose', action='store_true', help='Verbose mode.') params.add_argument('-v', '--verbose', action='store_true', help='Verbose mode.')
params.add_argument('-f', '--format', choices=['text', 'json'], default='text', help='Output format. Text or JSON.') params.add_argument('-f', '--format', choices=['text', 'json'], default='text', help='Output format. Text or JSON.')
params.add_argument('-E', '--extension', default=[], action='append', help='Extensions of files to scan. By default will scan all files. Can be repeated: -E exe -E dll')
sorting = params.add_argument_group('Output sorting') sorting = params.add_argument_group('Output sorting')
sorting.add_argument('-u', '--unique', action='store_true', help = 'Return unique symbols only. The first symbol with a name that occurs in results, will be returned.') sorting.add_argument('-u', '--unique', action='store_true', help = 'Return unique symbols only. The first symbol with a name that occurs in results, will be returned.')
@ -325,6 +339,10 @@ def opts(argv):
for not_module in args.not_module: for not_module in args.not_module:
regexes['not-module'].append((not_module, re.compile(accomodate_rex(not_module), re.I))) regexes['not-module'].append((not_module, re.compile(accomodate_rex(not_module), re.I)))
for i in range(len(args.extension)):
args.extension[i] = args.extension[i].lower()
if args.extension[i].startswith('.'): args.extension[i] = args.extension[i][1:]
return args, regexes return args, regexes
def main(): def main():
@ -334,7 +352,7 @@ def main():
symbolsProcessed = Manager().Value('i', 0) symbolsProcessed = Manager().Value('i', 0)
out(''' out('''
:: scanSymbols.py - Searches PE Import/Exports based on supplied conditions. :: findSymbols.py - Finds PE Import/Exports based on supplied filters.
Mariusz B. / mgeeky, '21 Mariusz B. / mgeeky, '21
<mb [at] binary-offensive.com> <mb [at] binary-offensive.com>