def MakeManifestResourceRow(): return construct.Struct('ManifestResourceRow', construct.ULInt32('Offset'), construct.ULInt32('Flags'), MDTag.StringHeapRef.parse('Name'), MDTag.Implementation.parse('Implementation') )
def MakeAssemblyRefOSRow(): return construct.Struct('AssemblyRefOSRow', construct.ULInt32('OSPlatformID'), construct.ULInt32('OSMajorVersion'), construct.ULInt32('OSMinorVersion'), MDTag.AssemblyRefRId.parse('AssemblyRef') )
def MakeExportedTypeRow(): return construct.Struct('ExportedTypeRow', construct.ULInt32('Flags'), construct.ULInt32('TypeDefId'), MDTag.StringHeapRef.parse('TypeName'), MDTag.StringHeapRef.parse('TypeNamespace'), MDTag.Implementation.parse('Implementation') )
def MakeAssemblyRow(): return construct.Struct('AssemblyRow', construct.ULInt32('HashAlgId'), construct.ULInt16('MajorVersion'), construct.ULInt16('MinorVersion'), construct.ULInt16('BuildNumber'), construct.ULInt16('RevisionNumber'), construct.ULInt32('Flags'), MDTag.BlobHeapRef.parse('PublicKey'), MDTag.StringHeapRef.parse('Name'), MDTag.StringHeapRef.parse('Culture') )
def MakeTypeDefRow(): return construct.Struct('TypeDefRow', construct.ULInt32('Flags'), MDTag.StringHeapRef.parse('Name'), MDTag.StringHeapRef.parse('Namespace'), MDTag.TypeDefOrRef.parse('Extends'), MDTag.FieldRef.parse('FieldList'), MDTag.MethodRef.parse('MethodList') )
def MakeFileRow(): return construct.Struct('FileRow', construct.ULInt32('Flags'), MDTag.StringHeapRef.parse('Name'), MDTag.BlobHeapRef.parse('HashValue') )
def MakeAssemblyRefProcessorRow(): return construct.Struct('AssemblyRefProcessorRow', construct.ULInt32('Processor'), MDTag.AssemblyRefRId.parse('AssemblyRef') )
def MakeAssemblyOSRow(): return construct.Struct('AssemblyOSRow', construct.ULInt32('OSPlatformID'), construct.ULInt32('OSMajorVersion'), construct.ULInt32('OSMinorVersion') )
def MakeAssemblyProcessorRow(): return construct.Struct('AssemblyProcessorRow', construct.ULInt32('Processor') )
def MakeEnCMapRow(): return construct.Struct('EnCMapRow', construct.ULInt32('Token') )
def MakeEnCLogRow(): return construct.Struct('EnCLogRow', construct.ULInt32('Token'), construct.ULInt32('FuncCode') )
def MakeFieldLayoutRow(): return construct.Struct('FieldLayoutRow', construct.ULInt32('Offset'), MDTag.FieldRId.parse('Field') )
def MakeClassLayoutRow(): return construct.Struct('ClassLayoutRow', construct.ULInt16('PackingSize'), construct.ULInt32('ClassSize'), MDTag.TypeDefRId.parse('Parent') )
def MakeImageDataDirectory(name): return construct.Struct(name, MakeRva('VirtualAddress'), construct.ULInt32('Size') )
def MakeRva(name): return construct.Embed(construct.Struct('EmbeddedRva', construct.ULInt32(name), construct.Value('VA', lambda ctx: idaapi.get_imagebase() + ctx[name]) ))
import construct_legacy as construct import ida_entry import idaapi import idautils import idc import io import struct ImageFileHeader = construct.Struct('ImageFileHeader', construct.Enum(construct.ULInt16('Machine'), IMAGE_FILE_MACHINE_I386 = 0x014c, IMAGE_FILE_MACHINE_AMD64 = 0x8664, IMAGE_FILE_MACHINE_ARMNT = 0x01c4 ), construct.ULInt16('NumberOfSections'), construct.ULInt32('TimeDateStamp'), construct.ULInt32('PointerToSymbolTable'), construct.ULInt32('NumberOfSymbols'), construct.ULInt16('SizeOfOptionalHeader'), construct.ULInt16('Characteristics') ) def MakeRva(name): return construct.Embed(construct.Struct('EmbeddedRva', construct.ULInt32(name), construct.Value('VA', lambda ctx: idaapi.get_imagebase() + ctx[name]) )) def MakeImageDataDirectory(name): return construct.Struct(name, MakeRva('VirtualAddress'),