class ContainerELF(Container):
"Container abstraction for ELF"
def parse(self, data, vm=None):
from miasm2.jitter.loader.elf import vm_load_elf, guess_arch
from elfesteem import elf_init
# Parse signature
if not data.startswith('\x7fELF'):
raise ContainerSignatureException()
# Build executable instance
try:
if vm is not None:
self._executable = vm_load_elf(vm, data)
else:
self._executable = elf_init.ELF(data)
except Exception, error:
raise ContainerParsingException('Cannot read ELF: %s' % error)
# Guess the architecture
self._arch = guess_arch(self._executable)
# Build the bin_stream instance and set the entry point
try:
self._bin_stream = bin_stream_elf(self._executable.virt)
self._entry_point = self._executable.Ehdr.entry
except Exception, error:
raise ContainerParsingException('Cannot read ELF: %s' % error)
class ContainerPE(Container):
"Container abstraction for PE"
def parse(self, data, vm=None):
from miasm2.jitter.loader.pe import vm_load_pe, guess_arch
from elfesteem import pe_init
# Parse signature
if not data.startswith('MZ'):
raise ContainerSignatureException()
# Build executable instance
try:
if vm is not None:
self._executable = vm_load_pe(vm, data)
else:
self._executable = pe_init.PE(data)
except Exception, error:
raise ContainerParsingException('Cannot read PE: %s' % error)
# Check instance validity
if not self._executable.isPE() or \
self._executable.NTsig.signature_value != 0x4550:
raise ContainerSignatureException()
# Guess the architecture
self._arch = guess_arch(self._executable)
# Build the bin_stream instance and set the entry point
try:
self._bin_stream = bin_stream_pe(self._executable.virt)
ep_detected = self._executable.Opthdr.AddressOfEntryPoint
self._entry_point = self._executable.rva2virt(ep_detected)
except Exception, error:
raise ContainerParsingException('Cannot read PE: %s' % error)