Advertisement
Guest User

Smartmeter Obfuscation

a guest
May 28th, 2017
422
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 0.70 KB | None | 0 0
  1. #!/bin/sh
  2. # this script must be called 'as'
  3. # run gcc with option -B<dir of this script> to get it invoked automatically
  4.  
  5. lastarg() {
  6.     shift $(($# - 1))
  7.     echo "$1"
  8. }
  9.  
  10. # instead of a jmp, push the address and return
  11. sed -r -i -e 's/^\tjmpq?\t[*](.*)$/\tpush \1;\tretq/' $(lastarg $@)
  12. # instead of a ret, do a manual pop and jmp (clobbering a scratch register)
  13. sed -r -i -e 's/^\t(rep )?ret$/\tpop %rsi;\tjmp *%rsi/' $(lastarg $@)
  14. # instead of a direct call, push return instruction pointer and destination address, then ret
  15. sed -r -i -e 's/^\tcall\t([^*].*)$/\tpush %rax;\tlea \1(%rip), %rax;\tpush %rax;\tlea 6(%rip), %rax;\txchg 8(%rsp),%rax;\tretq;\t#call\t\1/' $(lastarg $@)
  16.  
  17.  
  18. exec as $@
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement