-
Notifications
You must be signed in to change notification settings - Fork 98
/
patch_c2.py
executable file
·67 lines (52 loc) · 1.93 KB
/
patch_c2.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#!/usr/bin/env python
import argparse
import hashlib
import pathlib
import shutil
ORIGINAL_C2_MD5 = "dcd69f1dd28b02dd03dd7ed02984299a" # original C2.EXE
C2_MD5 = (
ORIGINAL_C2_MD5,
"e70acde41802ddec06c4263bb357ac30", # patched C2.EXE
)
C2_SIZE = 549888
def main():
parser = argparse.ArgumentParser(
allow_abbrev=False,
description="Path to C2.EXE of Microsoft Visual Studio 4.2.0 to disable C4786 warning",
)
parser.add_argument("path", type=pathlib.Path, help="Path of C2.EXE")
parser.add_argument(
"-f", dest="force", default=False, action="store_true", help="force"
)
args = parser.parse_args()
if not args.path.is_file():
parser.error("Input is not a file")
binary = bytearray(args.path.open("rb").read())
md5 = hashlib.md5(binary).hexdigest()
print(md5, C2_MD5)
msg_cb = parser.error if not args.force else print
if len(binary) != C2_SIZE:
msg_cb("file size is not correct")
if md5 not in C2_MD5:
msg_cb("md5 checksum does not match")
if md5 == ORIGINAL_C2_MD5:
backup = f"{args.path}.BAK"
print(f'Creating backup "{backup}"')
shutil.copyfile(args.path, backup)
def nop_patch(start, count, expected=None):
replacement = [0x90] * count
if expected:
current = list(binary[start : start + count])
assert len(expected) == count
assert current in (expected, replacement)
print(f"Nopping {count} bytes at 0x{start:08x}")
binary[start : start + count] = replacement
print(
"Disable C4786 warning: '%Fs' : identifier was truncated to '%d' characters in the debug information"
)
nop_patch(0x52F07, 5, [0xE8, 0x4F, 0xB3, 0xFE, 0xFF]) # 0x00453b07
nop_patch(0x74832, 5, [0xE8, 0x24, 0x9A, 0xFC, 0xFF]) # 0x00475432
args.path.open("wb").write(binary)
print("done")
if __name__ == "__main__":
raise SystemExit(main())