Python ULInt64 Exemples, construct.macros.ULInt64 Python Exemples

Exemple #1

0

Afficher le fichier

from hfs import HFSVolume, HFSFile
from keystore.keybag import Keybag
from structs import HFSPlusVolumeHeader, kHFSPlusFileRecord, getString
from construct import Struct, ULInt16, ULInt32, String
from Crypto.Cipher import AES
from construct.macros import ULInt64, Padding
from structs import kHFSRootParentID
import hashlib
"""
iOS >= 4 raw images
http://opensource.apple.com/source/xnu/xnu-1699.22.73/bsd/hfs/hfs_cprotect.c
http://opensource.apple.com/source/xnu/xnu-1699.22.73/bsd/sys/cprotect.h
"""

cp_root_xattr = Struct("cp_root_xattr", ULInt16("major_version"),
                       ULInt16("minor_version"), ULInt64("flags"),
                       ULInt32("reserved1"), ULInt32("reserved2"),
                       ULInt32("reserved3"), ULInt32("reserved4"))

cprotect_xattr = Struct("cprotect_xattr", ULInt16("xattr_major_version"),
                        ULInt16("xattr_minor_version"), ULInt32("flags"),
                        ULInt32("persistent_class"), ULInt32("key_size"),
                        String("persistent_key", length=0x28))

cprotect4_xattr = Struct(
    "cprotect_xattr", ULInt16("xattr_major_version"),
    ULInt16("xattr_minor_version"), ULInt32("flags"),
    ULInt32("persistent_class"), ULInt32("key_size"), Padding(20),
    String("persistent_key", length=lambda ctx: ctx["key_size"]))

#HAX: flags set in finderInfo[3] to tell if the image was already decrypted

Exemple #2

0

Afficher le fichier

Fichier : afc.py Projet : nikolajjakubets/pymobiledevice

AFC_FOPEN_WR       = 0x00000004  # w+  O_RDWR   | O_CREAT  | O_TRUNC
AFC_FOPEN_APPEND   = 0x00000005  # a   O_WRONLY | O_APPEND | O_CREAT
AFC_FOPEN_RDAPPEND = 0x00000006  # a+  O_RDWR   | O_APPEND | O_CREAT

AFC_HARDLINK = 1
AFC_SYMLINK  = 2

AFC_LOCK_SH = 1 | 4  # shared lock
AFC_LOCK_EX = 2 | 4  # exclusive lock
AFC_LOCK_UN = 8 | 4  # unlock


AFCMAGIC = "CFA6LPAA"
AFCPacket = Struct("AFCPacket",
                   String("magic", 8,),
                   ULInt64("entire_length"),
                   ULInt64("this_length"),
                   ULInt64("packet_num"),
                   ULInt64("operation")
                   )
#typedef struct {
#    uint64_t filehandle, size;
#} AFCFilePacket;


class AFCError(IOError):
    lookup_table = {
        AFC_E_SUCCESS: "Success",
        AFC_E_UNKNOWN_ERROR: "Unknown error",
        AFC_E_OP_HEADER_INVALID: "OP header invalid",
        AFC_E_NO_RESOURCES: "No resources",

Exemple #3

0

Afficher le fichier

from construct import Struct, ULInt16,ULInt32, String
from Crypto.Cipher import AES
from construct.macros import ULInt64, Padding
from structs import kHFSRootParentID
import hashlib

"""
iOS >= 4 raw images
http://opensource.apple.com/source/xnu/xnu-1699.22.73/bsd/hfs/hfs_cprotect.c
http://opensource.apple.com/source/xnu/xnu-1699.22.73/bsd/sys/cprotect.h
"""

cp_root_xattr = Struct("cp_root_xattr",
    ULInt16("major_version"),
    ULInt16("minor_version"),
    ULInt64("flags"),
    ULInt32("reserved1"),
    ULInt32("reserved2"),
    ULInt32("reserved3"),
    ULInt32("reserved4")
)

cprotect_xattr = Struct("cprotect_xattr",
    ULInt16("xattr_major_version"),
    ULInt16("xattr_minor_version"),
    ULInt32("flags"),
    ULInt32("persistent_class"),
    ULInt32("key_size"),
    String("persistent_key", length=0x28)
)