本文整理汇总了Python中macholib.MachO.MachO方法的典型用法代码示例。如果您正苦于以下问题:Python MachO.MachO方法的具体用法?Python MachO.MachO怎么用?Python MachO.MachO使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类macholib.MachO
的用法示例。
在下文中一共展示了MachO.MachO方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: extract_shellcode
# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def extract_shellcode(filename):
# find offset of _text and _data and extract to bin file
b = os.path.splitext(filename)[0]
macho_filename = os.path.join(SRC_DIR,"%s.macho" % (b))
fileoffset = 0
shellcodesize = 0
m = MachO(macho_filename)
for (load_cmd, cmd, data) in m.headers[0].commands:
if data:
if hasattr(data[0], "sectname"):
sectionName = getattr(data[0], 'sectname', '').rstrip('\0')
if "text" in sectionName:
fileoffset=data[0].offset
shellcodesize+=data[0].size
if "data" in sectionName:
shellcodesize+=data[0].size
shellcode_filename = os.path.join(SRC_DIR,"%s_shellcode.bin" % (b))
with open(macho_filename, 'rb') as f:
f.seek(fileoffset, 1)
shellcode_bytes = f.read(shellcodesize)
with open(shellcode_filename, 'wb') as sf:
sf.write(shellcode_bytes)
sf.close()
f.close()
return shellcode_bytes
示例2: get_bin_info
# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def get_bin_info(bin_file):
"""Get Binary Information."""
logger.info('Getting Binary Information')
m = MachO(bin_file)
for header in m.headers:
if header.MH_MAGIC == MH_MAGIC_64 or header.MH_MAGIC == MH_CIGAM_64:
sz = '64-bit'
else:
sz = '32-bit'
arch = CPU_TYPE_NAMES.get(
header.header.cputype, header.header.cputype)
subarch = get_cpu_subtype(
header.header.cputype, header.header.cpusubtype)
return {'endian': header.endian,
'bit': sz,
'arch': arch,
'subarch': subarch}
示例3: print_file
# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def print_file(fp, path):
print(path, file=fp)
m = MachO(path)
for header in m.headers:
seen = set()
if header.MH_MAGIC == MH_MAGIC_64:
sz = '64-bit'
else:
sz = '32-bit'
print(' [%s endian=%r size=%r arch=%r]' % (header.__class__.__name__,
header.endian, sz, ARCH_MAP[(header.endian, sz)]), file=fp)
for idx, name, other in header.walkRelocatables():
if other not in seen:
seen.add(other)
print('\t' + other, file=fp)
示例4: fuzz
# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def fuzz(self, filename, output_filename):
self.macho = MachO(filename)
changes = random.randint(1, 25)
for i in range(changes*5):
self.do_fuzz_internal()
if len(self.change_list) == changes:
break
# Copy the contents of the original file to the output file
f = open(output_filename, "wb+")
f.write(open(filename, "rb").read())
f.close()
# Update it's contents
f = open(output_filename, "rb+")
self.macho.write(f)
f.close()
# And write the .diff file
f = open(output_filename + ".diff", "wb")
f.write("# Original file created by 'MachO Mutator' was %s\n" % filename)
for change in self.changes:
print "# CHANGE: %s" % ", ".join(change)
f.write("# CHANGE: %s\n" % ", ".join(change))
f.close()
os.system("radiff2 %s %s" % (filename, output_filename))
#-----------------------------------------------------------------------
示例5: _get_machine_type
# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def _get_machine_type(self, path):
try:
pe = pefile.PE(path)
format_ = 'PE'
if pefile.MACHINE_TYPE[pe.FILE_HEADER.Machine].find('I386') != -1:
arch = '32-bit'
else:
arch = '64-bit'
except pefile.PEFormatError, detail:
try:
self._dprint(detail)
m = MachO(path)
format_ = 'Mach-O'
for header in m.headers:
if CPU_TYPE_NAMES.get(header.header.cputype,header.header.cputype) == 'x86_64':
#if header.MH_MAGIC == MH_MAGIC_64:
arch = '64-bit'
else:
arch = '32-bit'
except:
try:
elffile = ELFFile(open(path, 'rb'))
format_ = 'ELF'
e_ident = elffile.header['e_ident']
if e_ident['EI_CLASS'] == 'ELFCLASS64':
arch = '64-bit'
else:
arch = '32-bit'
except:
return None, None
#format_ = 'shellcode'
#arch = '32-bit' # 32-bit fixed
示例6: __init__
# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def __init__(self, file_path):
super(MachOExecutable, self).__init__(file_path)
self.helper = MachO(self.fp)
if self.helper.fat:
raise Exception('MachO fat binaries are not supported at this time')
self.architecture = self._identify_arch()
if self.architecture is None:
raise Exception('Architecture is not recognized')
logging.debug('Initialized {} {} with file \'{}\''.format(self.architecture, type(self).__name__, file_path))
self.pack_endianness = self.helper.headers[0].endian
self.sections = []
for lc, cmd, data in self.helper.headers[0].commands:
if lc.cmd in (LC_SEGMENT, LC_SEGMENT_64):
for section in data:
self.sections.append(section_from_macho_section(section, cmd))
self.executable_segment = [cmd for lc, cmd, _ in self.helper.headers[0].commands
if lc.cmd in (LC_SEGMENT, LC_SEGMENT_64) and cmd.initprot & 0x4][0]
self.libraries = [fp.rstrip('\x00') for lc, cmd, fp in self.helper.headers[0].commands if lc.cmd == LC_LOAD_DYLIB]
示例7: run_file
# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def run_file(self, pathname, caller=None):
assert isinstance(pathname, (str, unicode))
self.msgin(2, "run_file", pathname)
m = self.findNode(pathname)
if m is None:
if not os.path.exists(pathname):
raise ValueError('%r does not exist' % (pathname,))
m = self.createNode(MachO, pathname)
self.createReference(caller, m, edge_data='run_file')
self.scan_node(m)
self.msgout(2, '')
return m
示例8: load_file
# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def load_file(self, name, caller=None):
assert isinstance(name, (str, unicode))
self.msgin(2, "load_file", name)
m = self.findNode(name)
if m is None:
newname = self.locate(name)
if newname is not None and newname != name:
return self.load_file(newname, caller=caller)
if os.path.exists(name):
m = self.createNode(MachO, name)
self.scan_node(m)
else:
m = self.createNode(MissingMachO, name)
self.msgout(2, '')
return m
示例9: check_architectures
# 需要导入模块: from macholib import MachO [as 别名]
# 或者: from macholib.MachO import MachO [as 别名]
def check_architectures(app):
'''
info检查是否支持64位
demo:armv7, arm64, armv7s
'''
from macholib import MachO, mach_o
m = MachO.MachO(app)
arcs = []
for header in m.headers:
cpu_type = header.header.cputype
cpu_subtype = header.header.cpusubtype
arch = str(mach_o.CPU_TYPE_NAMES.get(cpu_type, cpu_type)).lower()
if cpu_type == 12:
if cpu_subtype == 0:
arch = 'armall'
elif cpu_subtype == 5:
arch = 'armv4t'
elif cpu_subtype == 6:
arch = 'armv6'
elif cpu_subtype == 7:
arch = 'armv5tej'
elif cpu_subtype == 8:
arch = 'arm_xscale'
elif cpu_subtype == 9:
arch = 'armv7'
elif cpu_subtype == 10:
arch = 'armv7f'
elif cpu_subtype == 11:
arch = 'armv7s'
elif cpu_subtype == 12:
arch = 'armv7k'
elif cpu_subtype == 13:
arch = 'armv8'
elif cpu_subtype == 14:
arch = 'armv6m'
elif cpu_subtype == 15:
arch = 'armv7m'
elif cpu_subtype == 16:
arch = 'armv7em'
elif cpu_type == 16777228:
arch = 'arm64'
arcs.append(arch)
return arcs
#检查app是否被xcode ghost感染