This repository was archived by the owner on Dec 25, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.py
More file actions
77 lines (57 loc) · 2.89 KB
/
main.py
File metadata and controls
77 lines (57 loc) · 2.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
import os
import sys
import time
import internal
import threading
import progressbar
from driver_class import Driver
cwd = os.path.dirname( sys.executable ) if hasattr( sys, "frozen" ) else os.path.dirname( os.path.realpath( sys.argv[ 0 ] ) )
main_thread = threading.current_thread( )
suspect_functions = [ "MmMapIoSpace", "MmUnmapIoSpace", "MmGetPhysicalAddress",
"ZwMapViewOfSection", "MmGetSystemRoutineAddress", "MmMapIoSpaceEx"]
def get_driver_info_callback( path, file ):
thread = threading.current_thread( )
driver = Driver( path, file )
if not driver.have_device:
setattr( thread, "driver", False )
return
for func in suspect_functions:
if not func in driver.content:
continue
driver.increase_severity( 1 )
setattr( thread, "driver", driver )
return
os.system( "title Possible Vulnerable Driver Tracker" )
os.system( "cls" )
print( "Possible Vulnerable Driver Tracker\n\t\tBy M47Z\n" )
search_dir = os.path.abspath( input( "Directory To Search: " ).lower( ).replace( "system32", "sysnative" ).replace( "syswow64", "system32" ) )
os.system( "cls" )
with progressbar.ProgressBar( max_value=internal.count_files_by_extension( search_dir, ".sys" ) ) as bar:
print( "[+] Searching For All Possible Vulnerable Drivers\n" )
setattr( main_thread, "progress", 0 )
setattr( main_thread, "bar", bar )
threads_list = internal.iterate_all_drivers_in_path( search_dir, get_driver_info_callback )
drivers_list = [ ]
for thread in threads_list:
while getattr( thread, "driver", None ) == None:
time.sleep( 0.025 )
if getattr( thread, "driver", None ) != False:
drivers_list.append( getattr( thread, "driver", None ) )
setattr( main_thread, "progress", getattr( main_thread, "progress", 0 ) + 1 )
getattr( main_thread, "bar", None ).update( getattr( main_thread, "progress", 0 ) )
if not os.path.isdir( "\\".join( ( cwd, "result" ) ) ):
os.mkdir( "\\".join( ( cwd, "result" ) ) )
for file in os.listdir( "\\".join( ( cwd, "result" ) ) ):
os.remove( "\\".join( ( cwd, "result", file ) ) )
for i in range( 1, len( suspect_functions ) + 1 ):
filtered_drivers_list = list( filter( lambda driver: driver.severity == i, drivers_list ) )
if not len( filtered_drivers_list ) > 0:
continue
file = open( "\\".join( ( cwd, "result", ".".join( ( str(i), "txt" ) ) ) ), "w" )
for driver in filtered_drivers_list:
driver_path = ( "" if driver.path[ len( driver.path ) - 1: ] == "\\" else "\\" ).join( ( driver.path, driver.name ) )
driver_path = driver_path.replace( "system32", "syswow64" ).replace( "sysnative", "system32" )
file.write( "{}\n".format( driver_path ) )
file.close( )
print( "\n\nPress Any Key to Exit" )
os.system( "pause>nul" )