Provide a load_bytes method?

Question

Provide a load_bytes method?

Closed this issue 2 years ago · 2 comments

I wanted to drop a line and say thanks again for making scemu a lib and for improving performance. I have experienced an improvement from 500-600ms to 100-150ms so color me happy. 👍

I also wanted to ask if you have any interest in adding a method to load bytes from memory instead of from a file (which makes total sense when dealing with a shell but as a lib the byte code can come from snippets that don't exist in an external file.

I've been using

fn load_bytes(map: &mut Mem64, bytes: &[u8]) -> bool {
    let bytes_len: u64 = bytes.len().try_into().unwrap();
    map.set_bottom(map.get_base() + bytes_len);
    map.mem = bytes.to_vec();
    true
}

fn load_code_bytes(emu: &mut Emu, bytes: &[u8]) {
    if emu.cfg.verbose >= 1 {
        println!("Loading shellcode from bytes");
    }
    if !load_bytes(emu.maps.get_mem("code"), bytes) {
        println!("shellcode not found!");
        std::process::exit(1);
    }
}

I had load_code_bytes as a method for Emu when I was using the scemu code, but with the lib the above has worked but would be nice as a method again.

Answer 1 · 2023-07-03T19:13:27.000Z

hello Thell, I'm glad to hear from you again,
It makes totally sense loading code from bytes.

mem64 has write_bytes(addr, vec)

    fn load_code_bytes(&mut self, bytes: &[u8]) {                                                                                          
        if self.cfg.verbose >= 1 {  
            println!("Loading shellcode from bytes");  
        }  
        let code = self.maps.get_mem("code"); 
        let base = code.get_base(); 
        code.write_bytes(base, bytes.to_vec());                                                                                 
    }

btw internally I should use &[u8] instead of vector on write_bytes, I will fix it.
thanks.

Answer 2 · 2023-07-03T19:47:08.000Z

Testing it from pyscemu:

it detects the infinite loop in jump 100 :)