NanoCore.py 文件源码

python
阅读 19 收藏 0 点赞 0 评论 0
项目:CAPE 作者: ctxis 项目源码 文件源码 
def get_codedconfig(data):
    coded_config = None

    try:
        pe = pe = pype32.PE(data=data)
        m = pe.ntHeaders.optionalHeader.dataDirectory[14].info
        for i in m.directory.resources.info:
            if i['name'] == "Data.bin":
                coded_config = i["data"]
    except:
        pe = pefile.PE(data=data)
        for entry in pe.DIRECTORY_ENTRY_RESOURCE.entries:
            if str(entry.name) == "RC_DATA" or "RCData":
                new_dirs = entry.directory
                for res in new_dirs.entries:
                    data_rva = res.directory.entries[0].data.struct.OffsetToData
                    size = res.directory.entries[0].data.struct.Size
                    data = pe.get_memory_mapped_image()[data_rva:data_rva+size]
                    coded_config = data
                    # Icons can get in the way.
                    if coded_config.startswith('\x28\x00\x00'):
                        break
    return coded_config
您未登录,请先登录后再评论
评论列表
文章目录


问题


面经


文章

微信
公众号

扫码关注公众号