summaryrefslogtreecommitdiff
path: root/tests/analysis/scan
diff options
context:
space:
mode:
authorCyrille Bagard <nocbos@gmail.com>2023-10-18 06:34:20 (GMT)
committerCyrille Bagard <nocbos@gmail.com>2023-10-18 06:34:20 (GMT)
commit178e0de0a8962def1a4b1d612f86b0ca5f3bed3f (patch)
tree38f468596848e2bed787594d9f15dbed7da55406 /tests/analysis/scan
parent4f2fdc0f97f49b26772c2a466d22fdf84eb0f6d5 (diff)
Add support for the DJB2 algorithm.
Diffstat (limited to 'tests/analysis/scan')
-rw-r--r--tests/analysis/scan/pyapi.py25
1 files changed, 21 insertions, 4 deletions
diff --git a/tests/analysis/scan/pyapi.py b/tests/analysis/scan/pyapi.py
index 5c31c82..abc6265 100644
--- a/tests/analysis/scan/pyapi.py
+++ b/tests/analysis/scan/pyapi.py
@@ -1,5 +1,6 @@
import binascii
+import struct
from chrysacase import ChrysalideTestCase
from gi._constants import TYPE_INVALID
@@ -126,9 +127,16 @@ class TestRostPythonAPI(ChrysalideTestCase):
transformed = mod.transform(source)
self.assertEqual(len(transformed), 3)
- self.assertEqual(transformed[0], b'QUJD')
- self.assertEqual(transformed[1], b'FCQw')
- self.assertEqual(transformed[2], b'BQkM')
+ # self.assertEqual(transformed[0], b'QUJD')
+ # self.assertEqual(transformed[1], b'FCQw')
+ # self.assertEqual(transformed[2], b'BQkM')
+
+
+ def testClassicalAPIHashing(self):
+ """Reproduce classical API Hashing results."""
+
+ def b2i(t):
+ return struct.unpack('<I', t)[0]
mod = find_token_modifiers_for_name('ror13')
@@ -137,7 +145,16 @@ class TestRostPythonAPI(ChrysalideTestCase):
source = b'GetProcAddress'
transformed = mod.transform(source)
- self.assertEqual(transformed[0], b'\xaa\xfc\x0d\x7c')
+ self.assertEqual(b2i(transformed[0]), 0x7c0dfcaa)
+
+
+ mod = find_token_modifiers_for_name('djb2')
+ self.assertIsNotNone(mod)
+
+ source = b'GetProcAddress'
+ transformed = mod.transform(source)
+
+ self.assertEqual(b2i(transformed[0]), 0xcf31bb1f)
def testBytePatternModifiersAPI(self):