本文整理匯總了Python中pefile.MACHINE_TYPE屬性的典型用法代碼示例。如果您正苦於以下問題:Python pefile.MACHINE_TYPE屬性的具體用法?Python pefile.MACHINE_TYPE怎麽用?Python pefile.MACHINE_TYPE使用的例子?那麽, 這裏精選的屬性代碼示例或許可以為您提供幫助。您也可以進一步了解該屬性所在類pefile
的用法示例。
在下文中一共展示了pefile.MACHINE_TYPE屬性的9個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: get_info
# 需要導入模塊: import pefile [as 別名]
# 或者: from pefile import MACHINE_TYPE [as 別名]
def get_info(filename):
pe = pefile.PE(filename)
fn = os.path.basename(filename) # file name
fs = os.path.getsize(filename) # file size (in byte)
ts = pe.FILE_HEADER.TimeDateStamp # timestamp
dl = pe.FILE_HEADER.IMAGE_FILE_DLL # dll
sc = pe.FILE_HEADER.NumberOfSections # sections
#print "Optional Header:\t\t", hex(pe.OPTIONAL_HEADER.ImageBase)
#print "Address Of Entry Point:\t\t", hex(pe.OPTIONAL_HEADER.AddressOfEntryPoint)
#print "Subsystem:\t\t\t", pefile.SUBSYSTEM_TYPE[pe.OPTIONAL_HEADER.Subsystem]
#machine = 0
#machine = pe.FILE_HEADER.Machine
#print "Required CPU type:\t\t", pefile.MACHINE_TYPE[machine]
#print "Number of RVA and Sizes:\t", pe.OPTIONAL_HEADER.NumberOfRvaAndSizes
return fn, fs, ts, dl, sc
# Check for version info & metadata
示例2: set_arch_name
# 需要導入模塊: import pefile [as 別名]
# 或者: from pefile import MACHINE_TYPE [as 別名]
def set_arch_name(self):
# TODO ARM
# TODO Should we check these flags ?
# pefile.OPTIONAL_HEADER_MAGIC_PE
# pefile.OPTIONAL_HEADER_MAGIC_PE_PLUS
# return pefile.MACHINE_TYPE[self.pe.FILE_HEADER.Machine]
if self.pe.FILE_HEADER.Machine == 0x014c:
self.arch = "x86"
if self.pe.FILE_HEADER.Machine == 0x8664:
self.arch = "x64"
示例3: hintDisasm
# 需要導入模塊: import pefile [as 別名]
# 或者: from pefile import MACHINE_TYPE [as 別名]
def hintDisasm(self):
if self.PE.FILE_HEADER.Machine & pefile.MACHINE_TYPE['IMAGE_FILE_MACHINE_AMD64'] == pefile.MACHINE_TYPE['IMAGE_FILE_MACHINE_AMD64']:
return DisasmViewMode.Disasm_x86_64bit
if self.PE.FILE_HEADER.Machine & pefile.MACHINE_TYPE['IMAGE_FILE_MACHINE_I386'] == pefile.MACHINE_TYPE['IMAGE_FILE_MACHINE_I386']:
return DisasmViewMode.Disasm_x86_32bit
return DisasmViewMode.Disasm_x86_32bit
示例4: _get_machine_type
# 需要導入模塊: import pefile [as 別名]
# 或者: from pefile import MACHINE_TYPE [as 別名]
def _get_machine_type(self, path):
try:
pe = pefile.PE(path)
format_ = 'PE'
if pefile.MACHINE_TYPE[pe.FILE_HEADER.Machine].find('I386') != -1:
arch = '32-bit'
else:
arch = '64-bit'
except pefile.PEFormatError, detail:
try:
self._dprint(detail)
m = MachO(path)
format_ = 'Mach-O'
for header in m.headers:
if CPU_TYPE_NAMES.get(header.header.cputype,header.header.cputype) == 'x86_64':
#if header.MH_MAGIC == MH_MAGIC_64:
arch = '64-bit'
else:
arch = '32-bit'
except:
try:
elffile = ELFFile(open(path, 'rb'))
format_ = 'ELF'
e_ident = elffile.header['e_ident']
if e_ident['EI_CLASS'] == 'ELFCLASS64':
arch = '64-bit'
else:
arch = '32-bit'
except:
return None, None
#format_ = 'shellcode'
#arch = '32-bit' # 32-bit fixed
示例5: _get_arch_pe
# 需要導入模塊: import pefile [as 別名]
# 或者: from pefile import MACHINE_TYPE [as 別名]
def _get_arch_pe(self, pe_file):
# get arch
if pe_file.FILE_HEADER.Machine == pefile.MACHINE_TYPE['IMAGE_FILE_MACHINE_I386']:
return arch.ARCH_X86
elif pe_file.FILE_HEADER.Machine == pefile.MACHINE_TYPE['IMAGE_FILE_MACHINE_AMD64']:
return arch.ARCH_X86
elif pe_file.FILE_HEADER.Machine == pefile.MACHINE_TYPE['IMAGE_FILE_MACHINE_ARM']:
return arch.ARCH_ARM
elif pe_file.FILE_HEADER.Machine == pefile.MACHINE_TYPE['IMAGE_FILE_MACHINE_THUMB']:
return arch.ARCH_ARM
else:
raise Exception("Machine not supported.")
示例6: _get_arch_mode_pe
# 需要導入模塊: import pefile [as 別名]
# 或者: from pefile import MACHINE_TYPE [as 別名]
def _get_arch_mode_pe(self, pe_file):
# get arch mode
if pe_file.FILE_HEADER.Machine == pefile.MACHINE_TYPE['IMAGE_FILE_MACHINE_I386']:
return arch.ARCH_X86_MODE_32
elif pe_file.FILE_HEADER.Machine == pefile.MACHINE_TYPE['IMAGE_FILE_MACHINE_AMD64']:
return arch.ARCH_X86_MODE_64
elif pe_file.FILE_HEADER.Machine == pefile.MACHINE_TYPE['IMAGE_FILE_MACHINE_ARM']:
return arch.ARCH_ARM_MODE_ARM
elif pe_file.FILE_HEADER.Machine == pefile.MACHINE_TYPE['IMAGE_FILE_MACHINE_THUMB']:
return arch.ARCH_ARM_MODE_THUMB
else:
raise Exception("Machine not supported.")
示例7: check_compatibility
# 需要導入模塊: import pefile [as 別名]
# 或者: from pefile import MACHINE_TYPE [as 別名]
def check_compatibility(cls, spec, obj):
if hasattr(spec, 'read') and hasattr(spec, 'seek'):
pe = pefile.PE(data=spec.read(), fast_load=True)
else:
pe = pefile.PE(spec, fast_load=True)
arch = archinfo.arch_from_id(pefile.MACHINE_TYPE[pe.FILE_HEADER.Machine])
return arch == obj.arch
#
# Public methods
#
示例8: _identify_arch
# 需要導入模塊: import pefile [as 別名]
# 或者: from pefile import MACHINE_TYPE [as 別名]
def _identify_arch(self):
machine = pefile.MACHINE_TYPE[self.helper.FILE_HEADER.Machine]
if machine == 'IMAGE_FILE_MACHINE_I386':
return ARCHITECTURE.X86
elif machine == 'IMAGE_FILE_MACHINE_AMD64':
return ARCHITECTURE.X86_64
elif machine == 'IMAGE_FILE_MACHINE_ARM':
return ARCHITECTURE.ARM
else:
return None
示例9: __init__
# 需要導入模塊: import pefile [as 別名]
# 或者: from pefile import MACHINE_TYPE [as 別名]
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.segments = self.sections # in a PE, sections and segments have the same meaning
self.os = 'windows'
if self.binary is None:
self._pe = pefile.PE(data=self._binary_stream.read(), fast_load=True)
self._parse_pe_non_reloc_data_directories()
elif self.binary in self._pefile_cache: # these objects are not mutated, so they are reusable within a process
self._pe = self._pefile_cache[self.binary]
else:
self._pe = pefile.PE(self.binary, fast_load=True)
self._parse_pe_non_reloc_data_directories()
if not self.is_main_bin:
# only cache shared libraries, the main binary will not be reused
self._pefile_cache[self.binary] = self._pe
if self.arch is None:
self.set_arch(archinfo.arch_from_id(pefile.MACHINE_TYPE[self._pe.FILE_HEADER.Machine]))
self.mapped_base = self.linked_base = self._pe.OPTIONAL_HEADER.ImageBase
self._entry = AT.from_rva(self._pe.OPTIONAL_HEADER.AddressOfEntryPoint, self).to_lva()
if hasattr(self._pe, 'DIRECTORY_ENTRY_IMPORT'):
self.deps = [entry.dll.decode().lower() for entry in self._pe.DIRECTORY_ENTRY_IMPORT]
else:
self.deps = []
if self.binary is not None and not self.is_main_bin:
self.provides = os.path.basename(self.binary).lower()
else:
self.provides = None
self.tls_index_address = None
self.tls_callbacks = None
self.supports_nx = self._pe.OPTIONAL_HEADER.DllCharacteristics & 0x100 != 0
self.pic = self.pic or self._pe.OPTIONAL_HEADER.DllCharacteristics & 0x40 != 0
if hasattr(self._pe, 'DIRECTORY_ENTRY_LOAD_CONFIG'):
self.load_config = {name: value['Value'] for name, value in self._pe.DIRECTORY_ENTRY_LOAD_CONFIG.struct.dump_dict().items() if name != 'Structure'}
else:
self.load_config = {}
self._exports = {}
self._ordinal_exports = {}
self._symbol_cache = self._exports # same thing
self._handle_imports()
self._handle_exports()
if self.loader._perform_relocations:
# parse base relocs
self._pe.parse_data_directories(directories=(pefile.DIRECTORY_ENTRY['IMAGE_DIRECTORY_ENTRY_BASERELOC'],))
self.__register_relocs()
# parse TLS
self._register_tls()
# parse sections
self._register_sections()
self.linking = 'dynamic' if self.deps else 'static'
self.jmprel = self._get_jmprel()
self.memory.add_backer(0, self._pe.get_memory_mapped_image())