当前位置: 首页>>代码示例>>Python>>正文


Python MachO.MachO方法代码示例

本文整理汇总了Python中macholib.MachO.MachO方法的典型用法代码示例。如果您正苦于以下问题:Python MachO.MachO方法的具体用法?Python MachO.MachO怎么用?Python MachO.MachO使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在macholib.MachO的用法示例。


在下文中一共展示了MachO.MachO方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: extract_shellcode

# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def extract_shellcode(filename):
    # find offset of _text and _data and extract to bin file
    b = os.path.splitext(filename)[0]
    macho_filename = os.path.join(SRC_DIR,"%s.macho" % (b))
    fileoffset = 0
    shellcodesize = 0
    m = MachO(macho_filename)
    for (load_cmd, cmd, data) in m.headers[0].commands:
        if data:
            if hasattr(data[0], "sectname"):
                sectionName = getattr(data[0], 'sectname', '').rstrip('\0')
                if "text" in sectionName:
                    fileoffset=data[0].offset
                    shellcodesize+=data[0].size
                if "data" in sectionName:
                    shellcodesize+=data[0].size
    shellcode_filename = os.path.join(SRC_DIR,"%s_shellcode.bin" % (b))
    with open(macho_filename, 'rb') as f:
        f.seek(fileoffset, 1)
        shellcode_bytes = f.read(shellcodesize)
        with open(shellcode_filename, 'wb') as sf:
            sf.write(shellcode_bytes)
            sf.close()
        f.close()
    return shellcode_bytes 
开发者ID:fbsamples,项目名称:fbctf-2019-challenges,代码行数:27,代码来源:generate.py

示例2: get_bin_info

# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def get_bin_info(bin_file):
    """Get Binary Information."""
    logger.info('Getting Binary Information')
    m = MachO(bin_file)
    for header in m.headers:
        if header.MH_MAGIC == MH_MAGIC_64 or header.MH_MAGIC == MH_CIGAM_64:
            sz = '64-bit'
        else:
            sz = '32-bit'
        arch = CPU_TYPE_NAMES.get(
            header.header.cputype, header.header.cputype)
        subarch = get_cpu_subtype(
            header.header.cputype, header.header.cpusubtype)
        return {'endian': header.endian,
                'bit': sz,
                'arch': arch,
                'subarch': subarch} 
开发者ID:MobSF,项目名称:Mobile-Security-Framework-MobSF,代码行数:19,代码来源:binary_analysis.py

示例3: print_file

# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def print_file(fp, path):
    print(path, file=fp)
    m = MachO(path)
    for header in m.headers:
        seen = set()
        if header.MH_MAGIC == MH_MAGIC_64:
            sz = '64-bit'
        else:
            sz = '32-bit'

        print('    [%s endian=%r size=%r arch=%r]' % (header.__class__.__name__, 
                header.endian, sz, ARCH_MAP[(header.endian, sz)]), file=fp)
        for idx, name, other in header.walkRelocatables():
            if other not in seen:
                seen.add(other)
                print('\t' + other, file=fp) 
开发者ID:Lithium876,项目名称:ConTroll_Remote_Access_Trojan,代码行数:18,代码来源:macho_dump.py

示例4: fuzz

# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def fuzz(self, filename, output_filename):
    self.macho = MachO(filename)

    changes = random.randint(1, 25)
    for i in range(changes*5):
      self.do_fuzz_internal()
      if len(self.change_list) == changes:
        break

    # Copy the contents of the original file to the output file
    f = open(output_filename, "wb+")
    f.write(open(filename, "rb").read())
    f.close()

    # Update it's contents
    f = open(output_filename, "rb+")
    self.macho.write(f)
    f.close()

    # And write the .diff file
    f = open(output_filename + ".diff", "wb")
    f.write("# Original file created by 'MachO Mutator' was %s\n" % filename)
    for change in self.changes:
      print "# CHANGE: %s" % ", ".join(change)
      f.write("# CHANGE: %s\n" % ", ".join(change))
    f.close()
    
    os.system("radiff2 %s %s" % (filename, output_filename))

#----------------------------------------------------------------------- 
开发者ID:joxeankoret,项目名称:nightmare,代码行数:32,代码来源:macho_mutator.py

示例5: _get_machine_type

# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def _get_machine_type(self, path):
        try:
            pe = pefile.PE(path)
            format_ = 'PE'
            if pefile.MACHINE_TYPE[pe.FILE_HEADER.Machine].find('I386') != -1:
                arch = '32-bit'
            else:
                arch = '64-bit'
        except pefile.PEFormatError, detail:
            try:
                self._dprint(detail)
                m = MachO(path)
                format_ = 'Mach-O'
                for header in m.headers:
                    if CPU_TYPE_NAMES.get(header.header.cputype,header.header.cputype) == 'x86_64':
                    #if header.MH_MAGIC == MH_MAGIC_64:
                        arch = '64-bit'
                    else:
                        arch = '32-bit'
            except:
                try:
                    elffile = ELFFile(open(path, 'rb'))
                    format_ = 'ELF'
                    e_ident = elffile.header['e_ident']
                    if e_ident['EI_CLASS'] == 'ELFCLASS64':
                        arch = '64-bit'
                    else:
                        arch = '32-bit'
                except:                    
                    return None, None
                    #format_ = 'shellcode'
                    #arch = '32-bit' # 32-bit fixed 
开发者ID:TakahiroHaruyama,项目名称:ida_haru,代码行数:34,代码来源:bindiff.py

示例6: __init__

# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def __init__(self, file_path):
        super(MachOExecutable, self).__init__(file_path)

        self.helper = MachO(self.fp)

        if self.helper.fat:
            raise Exception('MachO fat binaries are not supported at this time')

        self.architecture = self._identify_arch()

        if self.architecture is None:
            raise Exception('Architecture is not recognized')

        logging.debug('Initialized {} {} with file \'{}\''.format(self.architecture, type(self).__name__, file_path))

        self.pack_endianness = self.helper.headers[0].endian

        self.sections = []
        for lc, cmd, data in self.helper.headers[0].commands:
            if lc.cmd in (LC_SEGMENT, LC_SEGMENT_64):
                for section in data:
                    self.sections.append(section_from_macho_section(section, cmd))

        self.executable_segment = [cmd for lc, cmd, _ in self.helper.headers[0].commands
                                   if lc.cmd in (LC_SEGMENT, LC_SEGMENT_64) and cmd.initprot & 0x4][0]

        self.libraries = [fp.rstrip('\x00') for lc, cmd, fp in self.helper.headers[0].commands if lc.cmd == LC_LOAD_DYLIB] 
开发者ID:osirislab,项目名称:dispatch,代码行数:29,代码来源:macho_executable.py

示例7: run_file

# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def run_file(self, pathname, caller=None):
        assert isinstance(pathname, (str, unicode))
        self.msgin(2, "run_file", pathname)
        m = self.findNode(pathname)
        if m is None:
            if not os.path.exists(pathname):
                raise ValueError('%r does not exist' % (pathname,))
            m = self.createNode(MachO, pathname)
            self.createReference(caller, m, edge_data='run_file')
            self.scan_node(m)
        self.msgout(2, '')
        return m 
开发者ID:Lithium876,项目名称:ConTroll_Remote_Access_Trojan,代码行数:14,代码来源:MachOGraph.py

示例8: load_file

# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def load_file(self, name, caller=None):
        assert isinstance(name, (str, unicode))
        self.msgin(2, "load_file", name)
        m = self.findNode(name)
        if m is None:
            newname = self.locate(name)
            if newname is not None and newname != name:
                return self.load_file(newname, caller=caller)
            if os.path.exists(name):
                m = self.createNode(MachO, name)
                self.scan_node(m)
            else:
                m = self.createNode(MissingMachO, name)
        self.msgout(2, '')
        return m 
开发者ID:Lithium876,项目名称:ConTroll_Remote_Access_Trojan,代码行数:17,代码来源:MachOGraph.py

示例9: check_architectures

# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def check_architectures(app):
    '''
    info检查是否支持64位
    demo:armv7, arm64, armv7s
    '''
    from macholib import MachO, mach_o

    m = MachO.MachO(app)
    arcs = []
    for header in m.headers:
        cpu_type = header.header.cputype
        cpu_subtype = header.header.cpusubtype
        arch = str(mach_o.CPU_TYPE_NAMES.get(cpu_type, cpu_type)).lower()
        if cpu_type == 12:
            if cpu_subtype == 0:
                arch = 'armall'
            elif cpu_subtype == 5:
                arch = 'armv4t'
            elif cpu_subtype == 6:
                arch = 'armv6'
            elif cpu_subtype == 7:
                arch = 'armv5tej'
            elif cpu_subtype == 8:
                arch = 'arm_xscale'
            elif cpu_subtype == 9:
                arch = 'armv7'
            elif cpu_subtype == 10:
                arch = 'armv7f'
            elif cpu_subtype == 11:
                arch = 'armv7s'
            elif cpu_subtype == 12:
                arch = 'armv7k'
            elif cpu_subtype == 13:
                arch = 'armv8'
            elif cpu_subtype == 14:
                arch = 'armv6m'
            elif cpu_subtype == 15:
                arch = 'armv7m'
            elif cpu_subtype == 16:
                arch = 'armv7em'
            
        elif cpu_type == 16777228:
            arch = 'arm64'

        arcs.append(arch)
    return arcs


#检查app是否被xcode ghost感染 
开发者ID:NetEaseGame,项目名称:iOS-private-api-checker,代码行数:51,代码来源:app_utils.py


注:本文中的macholib.MachO.MachO方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。