Skip to content

LeanMind/macholibre

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits

src

src

 
 

.gitignore

.gitignore

 
 

HACKING.txt

HACKING.txt

 
 

LICENSE

LICENSE

 
 

MANIFEST.in

MANIFEST.in

 
 

NEWS.txt

NEWS.txt

 
 

README.md

README.md

 
 

README.rst

README.rst

 
 

app_store.json

app_store.json

 
 

bootstrap.py

bootstrap.py

 
 

buildout.cfg

buildout.cfg

 
 

setup.py

setup.py

 
 

Repository files navigation

macholibre

Description

macholibre is a Mach-O and Universal binary parser. It extracts information such as architectures, load commands, dynamic libraries, symbols, function imports, and tons more. Then it packs all of that information into JSON for ease of analysis and integration.

Dependencies

I tried to make this tool with as little external dependencies as possible, and I think I did pretty well on that front. The only module I import is for parsing CMS signatures. I've configured the setup.py to automatically install it with the module, but you can also install it seperately with pip or manually from github.

  • Python 2.7
    • ctypescrypto
      • ctypescrypto depends on openssl under the hood, on linux it should be installed by default but on other OS's you might have to do this yourself. Anyways, make sure the version you install has CMS capabilities.

How To

Installation

I recommend using pip to install macholibre.

pip install git+https://github.com/aaronst/macholibre.git

OS X USERS: IMPORTANT NOTES

If you run into any errors while using macholibre on OS X, try the following before creating a ticket.

Make sure your version of OpenSSL is up to date with openssl version. macholibre has been confirmed working with OpenSSL 1.0.2h 3 May 2016.

brew update
brew install openssl
brew link --force openssl

pip may install an old version of the ctypescrypto dependency that crashes on OS X. In order to fix this you'll need to install the current version from github.

pip uninstall ctypescrypto
pip install git+https://github.com/vbwagner/ctypescrypto.git

Usage

As a Module

from macholibre import macholibre

# mach-o file path
path = '/home/aaron/my_macho'

# return json
json_data = macholibre.parse(path)

# write json to file
out_file = open('/home/aaron/macholibre_output.json', 'w')
macholibre.parse(path, f=out_file)

As a Script

python macholibre.py (-r <directory|glob> | <file>) [options]
Options
  • -h: Help
  • -r: Parse directory of glob
  • -o: Specify output file
Note

For single files, make sure you put the filename first, before any options.
Also, globs need to be in quotes and paths need to be absolute.

Examples
Single File
python macholibre.py otool -o otool.json
Glob
python macholibre.py -r "machos/*" -o machos.json

Output Format

macholibre formats all of its output into a JSON blob. Check out app_store.json as an example using the App Store app.

About

Mach-O & Universal Binary Parser

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%