Kristal-g · October 24, 2020 19:15
diff --git a/mutate_signed_pe.py b/mutate_signed_pe.py
 import sys
 import secrets

 # pefile==2019.4.18
 import pefile

 if len(sys.argv) < 3:
    print("Usage: mutate_signed_pe.py <pe_path> <mod_factor>")
    exit(0)


 # File to modify
 fname = sys.argv[1]

 # Should be aligned
 bytes_to_add = secrets.token_bytes(8 * int(sys.argv[2]))

 pe = pefile.PE(fname)
 sig_offset = pe.OPTIONAL_HEADER.DATA_DIRECTORY[pefile.DIRECTORY_ENTRY["IMAGE_DIRECTORY_ENTRY_SECURITY"]].VirtualAddress
 sig_len = pe.OPTIONAL_HEADER.DATA_DIRECTORY[pefile.DIRECTORY_ENTRY["IMAGE_DIRECTORY_ENTRY_SECURITY"]].Size

 new_sig_size = sig_len + len(bytes_to_add)

 # Change Security Directory size
 pe.OPTIONAL_HEADER.DATA_DIRECTORY[pefile.DIRECTORY_ENTRY["IMAGE_DIRECTORY_ENTRY_SECURITY"]].Size = new_sig_size

 # Change Sig size
 pe.set_dword_at_offset(sig_offset, new_sig_size)

 # Add the data
 pe.__data__ += bytes_to_add

 # generate checksum
 # save checksum and file    
 pe.OPTIONAL_HEADER.CheckSum = pe.generate_checksum()

 pe.write(fname)
 pe.close()
	import sys
	import secrets

	# pefile==2019.4.18
	import pefile

	if len(sys.argv) < 3:
	print("Usage: mutate_signed_pe.py <pe_path> <mod_factor>")
	exit(0)


	# File to modify
	fname = sys.argv[1]

	# Should be aligned
	bytes_to_add = secrets.token_bytes(8 * int(sys.argv[2]))

	pe = pefile.PE(fname)
	sig_offset = pe.OPTIONAL_HEADER.DATA_DIRECTORY[pefile.DIRECTORY_ENTRY["IMAGE_DIRECTORY_ENTRY_SECURITY"]].VirtualAddress
	sig_len = pe.OPTIONAL_HEADER.DATA_DIRECTORY[pefile.DIRECTORY_ENTRY["IMAGE_DIRECTORY_ENTRY_SECURITY"]].Size

	new_sig_size = sig_len + len(bytes_to_add)

	# Change Security Directory size
	pe.OPTIONAL_HEADER.DATA_DIRECTORY[pefile.DIRECTORY_ENTRY["IMAGE_DIRECTORY_ENTRY_SECURITY"]].Size = new_sig_size

	# Change Sig size
	pe.set_dword_at_offset(sig_offset, new_sig_size)

	# Add the data
	pe.__data__ += bytes_to_add

	# generate checksum
	# save checksum and file
	pe.OPTIONAL_HEADER.CheckSum = pe.generate_checksum()

	pe.write(fname)
	pe.close()