Skip to content

nohupped/LIEF

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

204 Commits

.github

.github

 
 

api

api

 
 

cmake

cmake

 
 

doc

doc

 
 

examples

examples

 
 

include/LIEF

include/LIEF

 
 

package

package

 
 

scripts

scripts

 
 

src

src

 
 

tests

tests

 
 

.appveyor.yml

.appveyor.yml

 
 

.dockerignore

.dockerignore

 
 

.travis.yml

.travis.yml

 
 

AUTHORS

AUTHORS

 
 

Acknowledgements

Acknowledgements

 
 

CHANGELOG

CHANGELOG

 
 

CMakeLists.txt

CMakeLists.txt

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

circle.yml

circle.yml

 
 

Repository files navigation


       

The purpose of this project is to provide a cross platform library which can parse, modify and abstract ELF, PE and MachO formats.

Main features:

  • Parsing: LIEF can parse ELF, PE, MachO and provides an user-friendly API to access to format internals.
  • Modify: LIEF enables to modify some parts of these formats
  • Abstract: Three formats have common features like sections, symbols, entry point... LIEF factors them.
  • API: LIEF can be used in C, C++ and Python

Downloads / Install

Pre-built packages are automatically generated and uploaded by continuous integration services.

Latest tagged version can be downloaded in the Release section.

Pre-built packages from the master's latest commit are automatically uploaded in the lief-project/packages repository:

⚠️ master SDK packages have a same name as tagged packages (e.g. LIEF-0.7.0-Linux.tar.gz) ⚠️

⚠️ master Python package has dev suffix (e.g. pylief-0.7.0.dev.zip) ⚠️

Linux Windows - x86 Windows - x86-64 OSX
SDK SDK SDK SDK

Python
SDK SDK SDK SDK
Python 2.7 Python 2.7 Python 2.7 Python 2.7
Python 3.5 Python 3.5 Python 3.5 Python 3.5
Python 3.6 Python 3.6 Python 3.6 Python 3.6

Here one can find guides to install or integrate LIEF:

Getting started

Python

import lief
# ELF
binary = lief.parse("/usr/bin/ls")
print(binary)

# PE
binary = lief.parse("C:\\Windows\\explorer.exe")
print(binary)

# Mach-O
binary = lief.parse("/usr/bin/ls")
print(binary)

C++

#include <LIEF/LIEF.hpp>
int main(int argc, const char** argv) {
  LIEF::ELF::Binary*   elf   = LIEF::ELF::Parser::parse("/usr/bin/ls");
  LIEF::PE::Binary*    pe    = LIEF::PE::Parser::parse("C:\\Windows\\explorer.exe");
  LIEF::MachO::Binary* macho = LIEF::MachO::Parser::parse("/usr/bin/ls");

  std::cout << *elf   << std::endl;
  std::cout << *pe    << std::endl;
  std::cout << *macho << std::endl;

  delete elf;
  delete pe;
  delete macho;
}

C

#include <LIEF/LIEF.h>
int main(int argc, const char** argv) {

  Elf_Binary_t*    elf_binary     = elf_parse("/usr/bin/ls");
  Pe_Binary_t*     pe_binary      = pe_parse("C:\\Windows\\explorer.exe");
  Macho_Binary_t** macho_binaries = macho_parse("/usr/bin/ls");

  Pe_Section_t**    pe_sections    = pe_binary->sections;
  Elf_Section_t**   elf_sections   = elf_binary->sections;
  Macho_Section_t** macho_sections = macho_binaries[0]->sections;

  for (size_t i = 0; pe_sections[i] != NULL; ++i) {
    printf("%s\n", pe_sections[i]->name)
  }

  for (size_t i = 0; elf_sections[i] != NULL; ++i) {
    printf("%s\n", elf_sections[i]->name)
  }

  for (size_t i = 0; macho_sections[i] != NULL; ++i) {
    printf("%s\n", macho_sections[i]->name)
  }

  elf_binary_destroy(elf_binary);
  pe_binary_destroy(pe_binary);
  macho_binaries_destroy(macho_binaries);
}

Documentation

Contact

Authors

Romain Thomas (@rh0main) - Quarkslab

About

LIEF - Library to Instrument Executable Formats

lief.quarkslab.com

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

3 tags

Packages

No packages published

Languages

  • C++ 94.6%
  • CMake 2.2%
  • Python 2.1%
  • Other 1.1%