Best Python code snippet using Airtest
upx_unpacker.py
Source:upx_unpacker.py
...10);11'''12def loadlibrary(name, address):13 # Retrieve the DLL name 14 dllname = emu.get_memory_string(emu.get_memory(emu.get_register("ESP") + 4))15 16 # Make a real call to LoadLibrary and return the handle17 dllhandle = windll.kernel32.LoadLibraryA(dllname)18 emu.set_register("EAX", dllhandle)19 20 # Reset the stack and return from the handler21 return_address = emu.get_memory(emu.get_register("ESP"))22 emu.set_register("ESP", emu.get_register("ESP") + 8)23 emu.set_register("EIP", return_address)24 25 return True26 27'''28FARPROC WINAPI GetProcAddress(29 __in HMODULE hModule,30 __in LPCSTR lpProcName31);32'''33def getprocaddress(name, address):34 # Get both arguments, which are a handle and the procedure name35 handle = emu.get_memory(emu.get_register("ESP") + 4)36 proc_name = emu.get_memory(emu.get_register("ESP") + 8)37 38 # lpProcName can be a name or ordinal, if top word is null its an ordinal39 if (proc_name >> 16):40 procname = emu.get_memory_string(emu.get_memory(emu.get_register("ESP") + 8))41 else:42 procname = arg243 44 # Add the procedure to the emulator45 emu.os.add_library(handle, procname)46 import_address = emu.os.get_library_address(procname)47 48 # Return the import address49 emu.set_register("EAX", import_address)50 51 # Reset the stack and return from our handler52 return_address = emu.get_memory(emu.get_register("ESP"))53 emu.set_register("ESP", emu.get_register("ESP") + 8)54 emu.set_register("EIP", return_address)55 return True56'''57BOOL WINAPI VirtualProtect(58 __in LPVOID lpAddress,59 __in SIZE_T dwSize,60 __in DWORD flNewProtect,61 __out PDWORD lpflOldProtect62);63'''64def virtualprotect(name, address):65 # Just return TRUE66 emu.set_register("EAX", 1)67 68 # Reset the stack and return from our handler69 return_address = emu.get_memory(emu.get_register("ESP"))70 emu.set_register("ESP", emu.get_register("ESP") + 16)71 emu.set_register("EIP", return_address)72 return True73# When the unpacking routine is finished, handle the JMP to the OEP74def jmp_handler(emu, mnemonic, eip, op1, op2, op3):75 76 # The UPX1 section 77 if eip < emu.sections["UPX1"]["base"]:78 print "[*] We are jumping out of the unpacking routine."79 print "[*] OEP = 0x%08x" % eip80 # Dump the unpacked binary to disk81 dump_unpacked(emu)82 83 # We can stop emulating now84 emu.emulating = False85 86 return True87# Dump out our newly unpacked binary 88def dump_unpacked(emu):89 global outputfile90 91 fh = open(outputfile, 'wb')92 print "[*] Dumping UPX0 Section"93 base = emu.sections["UPX0"]["base"]94 length = emu.sections["UPX0"]["vsize"]95 print "[*] Base: 0x%08x Vsize: %08x" % (base, length)96 for x in range(length):97 fh.write("%c" % emu.get_memory(base + x, 1))98 99 print "[*] Dumping UPX1 Section"100 base = emu.sections["UPX1"]["base"]101 length = emu.sections["UPX1"]["vsize"]102 print "[*] Base: 0x%08x Vsize: %08x" % (base, length)103 104 for x in range(length):105 fh.write("%c" % emu.get_memory(base + x, 1))106 107 print "[*] Finished."108 109# Commandline arguments110exename = sys.argv[1]111outputfile = sys.argv[2]112# Instantiate our emulator object113emu = PEPyEmu()114if exename:115 116 # Load the binary into PyEmu117 if not emu.load(exename):118 print "[!] Problem loading %s" % exename119 sys.exit(2)...
Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.
You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.
Get 100 minutes of automation test minutes FREE!!