Skip to content

Win32-regqueryvalueexa-source pull request. #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Graymos wants to merge 61 commits into
base: master
Choose a base branch
from
Open

Win32-regqueryvalueexa-source pull request. #10

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
61 commits
Select commit Hold shift + click to select a range
e59b510
Initial WIN API integration progress
smabryCFRL Jul 21, 2025
750b7fb
Fixed SimStackArg Error
smabryCFRL Jul 22, 2025
2ad9a3b
Imported angr prototypes for Win32
smabryCFRL Jul 22, 2025
1618c9d
Successful Source-to-Sink for GetCommandLineA and CreateProcessA
smabryCFRL Jul 22, 2025
750c0c2
CreateFileA Sink
smabryCFRL Jul 22, 2025
3e92418
Print statement of what WinApi Input Functions are available
smabryCFRL Jul 22, 2025
efd8ea0
SimStackArg Error Resolved - Win32 Function additions can now handle …
smabryCFRL Jul 23, 2025
2c4c38e
Core Bug Fix, GetEnvironmentVariableA Example Included
smabryCFRL Jul 24, 2025
bb13baf
Bug Fix
smabryCFRL Jul 24, 2025
1ed3d35
Infrastructure: GetStdHandle Complete
smabryCFRL Jul 24, 2025
ae79077
Updated Description
smabryCFRL Jul 24, 2025
04942f8
CloseHandle Implemented
smabryCFRL Jul 24, 2025
ef57591
HeapAlloc complete
smabryCFRL Jul 24, 2025
6c5624e
HeapFree complete
smabryCFRL Jul 24, 2025
790611b
lstrcpya complete
smabryCFRL Jul 24, 2025
a3be248
lstrcata complete
smabryCFRL Jul 24, 2025
cc199eb
lstrlena complete
smabryCFRL Jul 24, 2025
ef3450c
Combined VirtualAlloc and VirtualFree, complete handlers
smabryCFRL Jul 24, 2025
c0d22b4
GlobalAlloc and GlobalFree complete
smabryCFRL Jul 24, 2025
d627637
LocalAlloc and LocalFree complete
smabryCFRL Jul 24, 2025
754776e
Merge GetStdHandle into staging
smabryCFRL Jul 24, 2025
4d69cd9
Merge GetStdHandle into staging
smabryCFRL Jul 24, 2025
380a0ec
Add GetCurrentProcess Handler - implements infrastructure function fo…
Jul 24, 2025
8b6e1a0
Merged Global-Alloc Global-Free
smabryCFRL Jul 24, 2025
2b47df7
Merged Heap-Alloc
smabryCFRL Jul 24, 2025
63b5ace
Merged HeapFree
smabryCFRL Jul 24, 2025
09bdbaf
Use union merge driver for Win32 handler files
smabryCFRL Jul 24, 2025
b925375
Merged LocalAlloc and LocalFree
smabryCFRL Jul 24, 2025
5d0e3d7
lstrcat merged
smabryCFRL Jul 24, 2025
9724c14
lstrcpyA merged
smabryCFRL Jul 24, 2025
162eb92
lstrlena merged
smabryCFRL Jul 24, 2025
5b2ca69
VirtualAlloc and VirtualFree merged
smabryCFRL Jul 24, 2025
75a0cf4
WIP ReadProcessMemory
Jul 24, 2025
7e9f61e
Add GetClipboardData - implements source function for getting data fr…
Jul 24, 2025
22766e1
4 Sources, 2 Sinks, 11 Infrastructure Functions
smabryCFRL Jul 25, 2025
dbe27ad
Fixed lstrcpya and lcatstra handler bug
smabryCFRL Jul 25, 2025
0a495a9
Final SetEnvironmentVariableA commit
smabryCFRL Jul 25, 2025
54a7a09
Added SetEnvironmentVariableA
smabryCFRL Jul 25, 2025
f48467e
Add AcceptEx handler – implements source for incoming connection buff…
malmanz2 Jul 25, 2025
927b59b
Added sources to rank.py for better rank scoring
smabryCFRL Jul 25, 2025
e6f8a16
Add ShellExecuteA - Sink for performing file operation / executing fi…
Jul 25, 2025
7a27616
Add GetModuleFileNameA handler - implements source function for envir…
ctaylor-22 Jul 25, 2025
d9f7a85
AcceptEX passed testing
smabryCFRL Jul 25, 2025
53b871f
AcceptEX Integration
smabryCFRL Jul 25, 2025
a074dd8
Add FindFirstFile handler - implements source function for environmen…
ctaylor-22 Jul 26, 2025
4a29c0c
Add InternetWriteFile handler - implements sink function for tainted …
malmanz2 Jul 26, 2025
971afa2
InternetWriteFile ready to merge
smabryCFRL Jul 27, 2025
850f5e8
Slight tweak to sink_list, ready to merge
smabryCFRL Jul 27, 2025
849e958
InternetWriteFile merged
smabryCFRL Jul 27, 2025
8297cc9
FindFisrtFileA ready to merge
smabryCFRL Jul 27, 2025
30d7dc9
FindFirstFileA merged
smabryCFRL Jul 27, 2025
e91bce9
GetModuleFileNameA ready to merge
smabryCFRL Jul 27, 2025
5007c09
GetModuleFileNameA merged
smabryCFRL Jul 27, 2025
39c4eb7
ReadProcessMemory ready for merge
smabryCFRL Jul 27, 2025
e092c51
Fix to rank.py
smabryCFRL Jul 27, 2025
027a3f7
Merged ReadProcessMemory
smabryCFRL Jul 27, 2025
0153423
GetClipboardData ready to merge
smabryCFRL Jul 27, 2025
fe3b802
GetClipboardData merged
smabryCFRL Jul 27, 2025
cddbdf8
merged ShellExecuteA
smabryCFRL Jul 27, 2025
967c002
Working
Graymos Jul 28, 2025
8cbca45
Working
Graymos Jul 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added .gitattributes
View file
Open in desktop
Binary file not shown.
Binary file added mango_results/cmdi_closures/0.00_sub_140001480_0x140001480_CreateProcessA_0x14000152c
View file
Open in desktop
Binary file not shown.
Binary file added mango_results/cmdi_closures/0.00_sub_140001480_0x140001480_CreateProcessA_0x140001585
View file
Open in desktop
Binary file not shown.
28 changes: 28 additions & 0 deletions mango_results/cmdi_closures/0.00_sub_140007bb0_0x140007bb0_CreateProcessA_0x140007bb0
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
sub_140007bb0(
 rcx: <BV64 TOP>,
 rdx: <BV64 TOP>,
 r8: <BV64 TOP>,
 r9: <BV64 TOP>,
 <Mem SP+0x50<8> (stack)>: <BV64 TOP>,
 <Mem SP+0x48<8> (stack)>: <BV64 TOP>,
 <Mem SP+0x40<8> (stack)>: <BV64 TOP>,
 <Mem SP+0x38<8> (stack)>: <BV64 TOP>,
 <Mem SP+0x30<4> (stack)>: "310<BV64 TOP>",
 <Mem SP+0x28<4> (stack)>: "310<BV64 TOP>",
 ) @ 0x140007bb0
|CreateProcessA(
| rcx: <BV64 TOP>,
| rdx: <BV64 TOP>,
| r8: <BV64 TOP>,
| r9: <BV64 TOP>,
| <Mem SP-0xffffffffffffffa8<8> (stack)>: <BV64 TOP>,
| <Mem SP-0xffffffffffffffb0<8> (stack)>: <BV64 TOP>,
| <Mem SP-0xffffffffffffffb8<8> (stack)>: <BV64 TOP>,
| <Mem SP-0xffffffffffffffc0<8> (stack)>: <BV64 TOP>,
| <Mem SP-0xffffffffffffffc8<4> (stack)>: "310<BV64 TOP>",
| <Mem SP-0xffffffffffffffd0<4> (stack)>: "310<BV64 TOP>",
| ) @ 0x140007bb0 -> <BV32 0x1>

BINARY: test_GetModuleFileNameA_program.exe
INPUT SOURCES:
UNKNOWN
28 changes: 28 additions & 0 deletions mango_results/cmdi_closures/0.00_sub_140007ca8_0x140007ca8_CreateProcessA_0x140007ca8
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
sub_140007ca8(
 rcx: <BV64 TOP>,
 rdx: <BV64 TOP>,
 r8: <BV64 TOP>,
 r9: <BV64 TOP>,
 <Mem SP+0x50<8> (stack)>: <BV64 TOP>,
 <Mem SP+0x48<8> (stack)>: <BV64 TOP>,
 <Mem SP+0x40<8> (stack)>: <BV64 TOP>,
 <Mem SP+0x38<8> (stack)>: <BV64 TOP>,
 <Mem SP+0x30<4> (stack)>: "310<BV64 TOP>",
 <Mem SP+0x28<4> (stack)>: "310<BV64 TOP>",
 ) @ 0x140007ca8
|CreateProcessA(
| rcx: <BV64 TOP>,
| rdx: <BV64 TOP>,
| r8: <BV64 TOP>,
| r9: <BV64 TOP>,
| <Mem SP-0xffffffffffffffa8<8> (stack)>: <BV64 TOP>,
| <Mem SP-0xffffffffffffffb0<8> (stack)>: <BV64 TOP>,
| <Mem SP-0xffffffffffffffb8<8> (stack)>: <BV64 TOP>,
| <Mem SP-0xffffffffffffffc0<8> (stack)>: <BV64 TOP>,
| <Mem SP-0xffffffffffffffc8<4> (stack)>: "310<BV64 TOP>",
| <Mem SP-0xffffffffffffffd0<4> (stack)>: "310<BV64 TOP>",
| ) @ 0x140007ca8 -> <BV32 0x1>

BINARY: test_FindFirstFileA_program.exe
INPUT SOURCES:
UNKNOWN
Binary file added mango_results/cmdi_closures/0.70_sub_140001480_0x140001480_CreateProcessA_0x14000152c
View file
Open in desktop
Binary file not shown.
Loading