Example #1
0
 def display(self, before=''):
     print before + green("[+]")+" NList item :"
     print before + "\t- n_strx : 0x%08x" % self.n_strx
     print before + "\t- n_type : 0x%02x" % self.n_type
     print before + "\t- n_sect : 0x%02x" % self.n_sect
     print before + "\t- n_desc : 0x%04x" % self.n_desc
     print before + "\t- n_value : 0x%x" % self.n_value
Example #2
0
 def display(self, before=''):
     print before + green("[+]")+" LC_SYMTAB"
     print before + "\t- symoff : 0x%x" % self.symoff
     print before + "\t- nsyms : %d" % self.nsyms
     for sym in self.syms:
         sym.display(before=before+"\t")
     print before + "\t- stroff : 0x%x" % self.stroff
     print before + "\t- strsize : %d (0x%x)" % (self.strsize, self.strsize)
     print before + "\t- strings : "+str(self.strs)
Example #3
0
 def display(self, before=''):
     print before + green("[+]") + " LC_SYMTAB"
     print before + "\t- symoff : 0x%x" % self.symoff
     print before + "\t- nsyms : %d" % self.nsyms
     for sym in self.syms:
         sym.display(before=before + "\t")
     print before + "\t- stroff : 0x%x" % self.stroff
     print before + "\t- strsize : %d (0x%x)" % (self.strsize, self.strsize)
     print before + "\t- strings : " + str(self.strs)
Example #4
0
 def display(self, before=''):
     print before + green("[+]")+" %s" % ("LC_DYLD_INFO_ONLY" if self.cmd == LC_DYLD_INFO_ONLY else "LC_DYLD_INFO")
     print before + "\t- rebase_off : 0x%x" % self.rebase_off
     print before + "\t- rebase_size : %d (0x%x)" % (self.rebase_size, self.rebase_size)
     print before + "\t- bind_off : 0x%x" % self.bind_off
     print before + "\t- bind_size : %d (0x%x)" % (self.bind_size, self.bind_size)
     print before + "\t- weak_bind_off : 0x%x" % self.weak_bind_off
     print before + "\t- weak_bind_size : %d (0x%x)" % (self.weak_bind_size, self.weak_bind_size)
     print before + "\t- lazy_bind_off : 0x%x" % self.lazy_bind_off
     print before + "\t- lazy_bind_size : %d (0x%x)" % (self.lazy_bind_size, self.lazy_bind_size)
     print before + "\t- export_off : 0x%x" % self.export_off
     print before + "\t- export_size : %d (0x%x)" % (self.export_size, self.export_size)
Example #5
0
 def display(self, before=''):
     print before + green("[+]")+" %s" % self.sectname
     print before + "\t- addr :0x%x" % self.addr
     print before + "\t- size : 0x%x" % self.size
     print before + "\t- offset : 0x%x" % self.offset
     print before + "\t- align : 0x%x" % self.align
     print before + "\t- reloff : 0x%x" % self.reloff
     print before + "\t- nreloc : 0x%x" % self.nreloc
     print before + "\t- flags : 0x%x - %s" % (self.flags, ", ".join(self.display_flags()))
     print before + "\t- reserved1 : 0x%x" % self.reserved1
     print before + "\t- reserved2 : 0x%x" % self.reserved2
     if self.arch != 32:
         print before + "\t- reserved3 : 0x%x" % self.reserved3
Example #6
0
 def display(self, before=''):
     print before + green("[+]")+" %s" % ("LC_THREAD" if self.cmd == LC_THREAD else "LC_UNIXTHREAD")
     if self.flavor == x86_THREAD_STATE32:
         print before + "\teax = 0x%08x\tebx = 0x%08x\tecx = 0x%08x\tedx = 0x%08x" % (self.eax, self.ebx, self.ecx, self.edx)
         print before + "\tedi = 0x%08x\tesi = 0x%08x\tebp = 0x%08x\tesp = 0x%08x" % (self.edi, self.esi, self.ebp, self.esp)
         print before + "\tss = 0x%08x\t\teflags = 0x%08x\teip = 0x%08x\tcs = 0x%08x" % (self.ss, self.eflags, self.eip, self.cs)
         print before + "\tds = 0x%08x\t\tes = 0x%08x\t\tfs = 0x%08x\t\tgs = 0x%08x" % (self.ds, self.es, self.fs, self.gs)
     elif self.flavor == x86_THREAD_STATE64:
         print before + "\trax = 0x%016x\trbx = 0x%016x\trcx = 0x%016x\trdx = 0x%016x" % (self.rax, self.rbx, self.rcx, self.rdx)
         print before + "\trdi = 0x%016x\trsi = 0x%016x\trbp = 0x%016x\trsp = 0x%016x" % (self.rdi, self.rsi, self.rbp, self.rsp)
         print before + "\t r8 = 0x%016x\t r9 = 0x%016x\tr10 = 0x%016x\tr11 = 0x%016x" % (self.r8, self.r9, self.r10, self.r11)
         print before + "\tr12 = 0x%016x\tr13 = 0x%016x\tr14 = 0x%016x\tr15 = 0x%016x" % (self.r12, self.r13, self.r14, self.r15)
         print before + "\trip = 0x%016x\trflags = 0x%016x\t cs = 0x%016x\t fs = 0x%016x" % (self.rip, self.rflags, self.cs, self.fs)
         print before + "\t gs = 0x%016x" % self.gs
Example #7
0
 def display(self, before=''):
     print before + green("[+]")+" %s" % self.segname
     print before + "\t- vmaddr : 0x%x" % self.vmaddr
     print before + "\t- vmsize : 0x%x" % self.vmsize
     print before + "\t- fileoff : 0x%x" % self.fileoff
     print before + "\t- filesize : 0x%x" % self.filesize
     print before + "\t- maxprot : 0x%x (%s)" % (self.maxprot, display_protection(self.maxprot))
     print before + "\t- initprot : 0x%x (%s)" % (self.initprot, display_protection(self.initprot))
     print before + "\t- nsects : %d" % self.nsects
     print before + "\t- flags : 0x%x - %s" % (self.flags, ", ".join(self.display_flags()))
     if len(self.sections) != 0:
         print before + "\t[*] Sections (%d) :" % len(self.sections)
         for section in self.sections:
             section.display(before=before+"\t\t")
Example #8
0
 def display(self, before=''):
     print before + green("[+]") + " %s" % self.sectname
     print before + "\t- addr :0x%x" % self.addr
     print before + "\t- size : 0x%x" % self.size
     print before + "\t- offset : 0x%x" % self.offset
     print before + "\t- align : 0x%x" % self.align
     print before + "\t- reloff : 0x%x" % self.reloff
     print before + "\t- nreloc : 0x%x" % self.nreloc
     print before + "\t- flags : 0x%x - %s" % (self.flags, ", ".join(
         self.display_flags()))
     print before + "\t- reserved1 : 0x%x" % self.reserved1
     print before + "\t- reserved2 : 0x%x" % self.reserved2
     if self.arch != 32:
         print before + "\t- reserved3 : 0x%x" % self.reserved3
    def display(self, before=''):
        name = ''
        if self.cmd == LC_CODE_SIGNATURE:
            name = 'LC_CODE_SIGNATURE'
        elif self.cmd == LC_SEGMENT_SPLIT_INFO:
            name = 'LC_SEGMENT_SPLIT_INFO'
        elif self.cmd == LC_FUNCTION_STARTS:
            name = 'LC_FUNCTION_STARTS'
        elif self.cmd == LC_DATA_IN_CODE:
            name = 'LC_DATA_IN_CODE'
        elif self.cmd == LC_DYLIB_CODE_SIGN_DRS:
            name = 'LC_DYLIB_CODE_SIGN_DRS'
        else:
            raise Exception('WHAT DA F**K')

        print before + green("[+]") + " %s" % name
        print before + "\t- dataoff : 0x%x" % self.dataoff
        print before + "\t- datasize : 0x%x" % self.datasize
Example #10
0
    def display(self, before=''):
        name = ''
        if self.cmd == LC_CODE_SIGNATURE:
            name = 'LC_CODE_SIGNATURE'
        elif self.cmd == LC_SEGMENT_SPLIT_INFO:
            name = 'LC_SEGMENT_SPLIT_INFO'
        elif self.cmd == LC_FUNCTION_STARTS:
            name = 'LC_FUNCTION_STARTS'
        elif self.cmd == LC_DATA_IN_CODE:
            name = 'LC_DATA_IN_CODE'
        elif self.cmd == LC_DYLIB_CODE_SIGN_DRS:
            name = 'LC_DYLIB_CODE_SIGN_DRS'
        else:
            raise Exception('WHAT DA F**K')

        print before + green("[+]")+" %s" % name
        print before + "\t- dataoff : 0x%x" % self.dataoff
        print before + "\t- datasize : 0x%x" % self.datasize
Example #11
0
    def display(self, before=''):
        name = ''
        if self.cmd == LC_LOAD_DYLIB:
            name = 'LC_LOAD_DYLIB'
        elif self.cmd == LC_LOAD_WEAK_DYLIB:
            name = 'LC_LOAD_WEAK_DYLIB'
        elif self.cmd == LC_REEXPORT_DYLIB:
            name = 'LC_REEXPORT_DYLIB'
        elif self.cmd == LC_ID_DYLIB:
            name = 'LC_ID_DYLIB'
        else:
            raise Exception('FUUUUUUUUU')

        print before + green("[+]")+" %s" % name
        print before + "\t- name : %s" % self.name
        print before + "\t- timestamp : %s" % datetime.fromtimestamp(self.timestamp).strftime('%Y-%m-%d %H:%M:%S')
        print before + "\t- current_version : %s" % int32_to_version(self.current_version)
        print before + "\t- compatibility_version : %s" % int32_to_version(self.compatibility_version)
Example #12
0
 def display(self, before=''):
     print before + green("[+]") + " %s" % ("LC_DYLD_INFO_ONLY"
                                            if self.cmd == LC_DYLD_INFO_ONLY
                                            else "LC_DYLD_INFO")
     print before + "\t- rebase_off : 0x%x" % self.rebase_off
     print before + "\t- rebase_size : %d (0x%x)" % (self.rebase_size,
                                                     self.rebase_size)
     print before + "\t- bind_off : 0x%x" % self.bind_off
     print before + "\t- bind_size : %d (0x%x)" % (self.bind_size,
                                                   self.bind_size)
     print before + "\t- weak_bind_off : 0x%x" % self.weak_bind_off
     print before + "\t- weak_bind_size : %d (0x%x)" % (self.weak_bind_size,
                                                        self.weak_bind_size)
     print before + "\t- lazy_bind_off : 0x%x" % self.lazy_bind_off
     print before + "\t- lazy_bind_size : %d (0x%x)" % (self.lazy_bind_size,
                                                        self.lazy_bind_size)
     print before + "\t- export_off : 0x%x" % self.export_off
     print before + "\t- export_size : %d (0x%x)" % (self.export_size,
                                                     self.export_size)
Example #13
0
 def display(self, before=''):
     print before + green("[+]") + " LC_DYSYMTAB"
     print before + "\t- ilocalsym : 0x%x" % self.ilocalsym
     print before + "\t- nlocalsym : 0x%x" % self.nlocalsym
     print before + "\t- iextdefsym : 0x%x" % self.iextdefsym
     print before + "\t- nextdefsym : 0x%x" % self.nextdefsym
     print before + "\t- iundefsym : 0x%x" % self.iundefsym
     print before + "\t- nundefsym : 0x%x" % self.nundefsym
     print before + "\t- tocoff : 0x%x" % self.tocoff
     print before + "\t- ntoc : %d" % self.ntoc
     print before + "\t- modtaboff : 0x%x" % self.modtaboff
     print before + "\t- nmodtab : 0x%x" % self.nmodtab
     print before + "\t- extrefsymoff : 0x%x" % self.extrefsymoff
     print before + "\t- nextrefsym : 0x%x" % self.nextrefsym
     print before + "\t- indirectsymoff : 0x%x" % self.indirectsymoff
     print before + "\t- nindirectsyms : 0x%x" % self.nindirectsyms
     print before + "\t- extreloff : 0x%x" % self.extreloff
     print before + "\t- nextrel : 0x%x" % self.nextrel
     print before + "\t- locreloff : 0x%x" % self.locreloff
     print before + "\t- nlocrel : 0x%x" % self.nlocrel
Example #14
0
 def display(self, before=''):
     print before + green("[+]")+" LC_DYSYMTAB"
     print before + "\t- ilocalsym : 0x%x" % self.ilocalsym
     print before + "\t- nlocalsym : 0x%x" % self.nlocalsym
     print before + "\t- iextdefsym : 0x%x" % self.iextdefsym
     print before + "\t- nextdefsym : 0x%x" % self.nextdefsym
     print before + "\t- iundefsym : 0x%x" % self.iundefsym
     print before + "\t- nundefsym : 0x%x" % self.nundefsym
     print before + "\t- tocoff : 0x%x" % self.tocoff
     print before + "\t- ntoc : %d" % self.ntoc
     print before + "\t- modtaboff : 0x%x" % self.modtaboff
     print before + "\t- nmodtab : 0x%x" % self.nmodtab
     print before + "\t- extrefsymoff : 0x%x" % self.extrefsymoff
     print before + "\t- nextrefsym : 0x%x" % self.nextrefsym
     print before + "\t- indirectsymoff : 0x%x" % self.indirectsymoff
     print before + "\t- nindirectsyms : 0x%x" % self.nindirectsyms
     print before + "\t- extreloff : 0x%x" % self.extreloff
     print before + "\t- nextrel : 0x%x" % self.nextrel
     print before + "\t- locreloff : 0x%x" % self.locreloff
     print before + "\t- nlocrel : 0x%x" % self.nlocrel
Example #15
0
    def display(self, before=''):
        name = ''
        if self.cmd == LC_LOAD_DYLIB:
            name = 'LC_LOAD_DYLIB'
        elif self.cmd == LC_LOAD_WEAK_DYLIB:
            name = 'LC_LOAD_WEAK_DYLIB'
        elif self.cmd == LC_REEXPORT_DYLIB:
            name = 'LC_REEXPORT_DYLIB'
        elif self.cmd == LC_ID_DYLIB:
            name = 'LC_ID_DYLIB'
        else:
            raise Exception('FUUUUUUUUU')

        print before + green("[+]") + " %s" % name
        print before + "\t- name : %s" % self.name
        print before + "\t- timestamp : %s" % datetime.fromtimestamp(
            self.timestamp).strftime('%Y-%m-%d %H:%M:%S')
        print before + "\t- current_version : %s" % int32_to_version(
            self.current_version)
        print before + "\t- compatibility_version : %s" % int32_to_version(
            self.compatibility_version)
 def display(self, before=''):
     print before + green("[+]") + " %s" % (
         "LC_THREAD" if self.cmd == LC_THREAD else "LC_UNIXTHREAD")
     if self.flavor == x86_THREAD_STATE32:
         print before + "\teax = 0x%08x\tebx = 0x%08x\tecx = 0x%08x\tedx = 0x%08x" % (
             self.eax, self.ebx, self.ecx, self.edx)
         print before + "\tedi = 0x%08x\tesi = 0x%08x\tebp = 0x%08x\tesp = 0x%08x" % (
             self.edi, self.esi, self.ebp, self.esp)
         print before + "\tss = 0x%08x\t\teflags = 0x%08x\teip = 0x%08x\tcs = 0x%08x" % (
             self.ss, self.eflags, self.eip, self.cs)
         print before + "\tds = 0x%08x\t\tes = 0x%08x\t\tfs = 0x%08x\t\tgs = 0x%08x" % (
             self.ds, self.es, self.fs, self.gs)
     elif self.flavor == x86_THREAD_STATE64:
         print before + "\trax = 0x%016x\trbx = 0x%016x\trcx = 0x%016x\trdx = 0x%016x" % (
             self.rax, self.rbx, self.rcx, self.rdx)
         print before + "\trdi = 0x%016x\trsi = 0x%016x\trbp = 0x%016x\trsp = 0x%016x" % (
             self.rdi, self.rsi, self.rbp, self.rsp)
         print before + "\t r8 = 0x%016x\t r9 = 0x%016x\tr10 = 0x%016x\tr11 = 0x%016x" % (
             self.r8, self.r9, self.r10, self.r11)
         print before + "\tr12 = 0x%016x\tr13 = 0x%016x\tr14 = 0x%016x\tr15 = 0x%016x" % (
             self.r12, self.r13, self.r14, self.r15)
         print before + "\trip = 0x%016x\trflags = 0x%016x\t cs = 0x%016x\t fs = 0x%016x" % (
             self.rip, self.rflags, self.cs, self.fs)
         print before + "\t gs = 0x%016x" % self.gs
Example #17
0
 def display(self, before=''):
     print before + green(
         "[+]") + " %s" % ("LC_DYLD_ENVIRONMENT" if self.cmd
                           == LC_DYLD_ENVIRONMENT else "LC_LOAD_DYLINKER")
     print before + "\t - path : %s" % self.path
Example #18
0
 def display(self, before=''):
     print before + green("[+]") + " LC_UUID"
     print before + "\t- uuid : %02X%02X%02X%02X-%02X%02X-%02X%02X-%02X%02X-%02X%02X%02X%02X%02X%02X" \
         % (self.uuid[0], self.uuid[1], self.uuid[2], self.uuid[3], self.uuid[4], self.uuid[5], self.uuid[6], \
         self.uuid[7], self.uuid[8], self.uuid[9], self.uuid[10], self.uuid[11], self.uuid[12], \
         self.uuid[13], self.uuid[14], self.uuid[15])
 def display(self, before=''):
     print before + green("[+]")+" %s" % ("LC_VERSION_MIN_MACOSX" if self.cmd == LC_VERSION_MIN_MACOSX else "LC_VERSION_MIN_IPHONEOS")
     print before + "\t- version : %s" % int32_to_version(self.version)
     print before + "\t- sdk : %s" % int32_to_version(self.sdk)
Example #20
0
 def display(self, before=''):
     print before + green("[+]")+" LC_MAIN"
     print before + "\t- entryoff : 0x%x" % self.entryoff
     print before + "\t- stacksize : 0x%x" % self.stacksize
Example #21
0
 def display(self, before=''):
     print before + green("[+]")+" %s" % ("LC_DYLD_ENVIRONMENT" if self.cmd == LC_DYLD_ENVIRONMENT else "LC_LOAD_DYLINKER")
     print before + "\t - path : %s" % self.path
Example #22
0
 def display(self, before=''):
     print before + green("[+]") + " LC_RPATH"
     print before + "\t- path : %s" % repr(self.path)
 def display(self, before=''):
     print before + green("[+]")+" LC_SOURCE_VERSION"
     print before + "\t- version : %s" % int64_to_version(self.version)
Example #24
0
 def display(self, before=""):
     print before + green("[+]") + " LC_RPATH"
     print before + "\t- path : %s" % repr(self.path)
Example #25
0
 def display(self, before=''):
     print before + green("[+]") + " LC_ENCRYPTION_INFO"
     print before + "\t- cryptoff : 0x%x" % self.cryptoff
     print before + "\t- cryptsize : 0x%x" % self.cryptsize
     print before + "\t- crypptid : 0x%x" % self.cryptid
Example #26
0
 def display(self, before=''):
     print before + green("[+]") + " LC_MAIN"
     print before + "\t- entryoff : 0x%x" % self.entryoff
     print before + "\t- stacksize : 0x%x" % self.stacksize
Example #27
0
 def display(self, before=''):
     print before + green("[+]")+" LC_UUID"
     print before + "\t- uuid : %02X%02X%02X%02X-%02X%02X-%02X%02X-%02X%02X-%02X%02X%02X%02X%02X%02X" \
         % (self.uuid[0], self.uuid[1], self.uuid[2], self.uuid[3], self.uuid[4], self.uuid[5], self.uuid[6], \
         self.uuid[7], self.uuid[8], self.uuid[9], self.uuid[10], self.uuid[11], self.uuid[12], \
         self.uuid[13], self.uuid[14], self.uuid[15])
Example #28
0
 def display(self, before=''):
     print before + green("[+]")+" LC_ENCRYPTION_INFO"
     print before + "\t- cryptoff : 0x%x" % self.cryptoff
     print before + "\t- cryptsize : 0x%x" % self.cryptsize
     print before + "\t- crypptid : 0x%x" % self.cryptid