def test_rm_symbols(tmp_path):
bin_path = pathlib.Path(
get_sample("MachO/MachO64_x86-64_binary_sym2remove.bin"))
original = lief.parse(bin_path.as_posix())
output = f"{tmp_path}/{bin_path.name}"
for s in ["__ZL6BANNER", "_remove_me"]:
assert original.can_remove_symbol(s)
original.remove_symbol(s)
original.write(output)
new = lief.parse(output)
checked, err = lief.MachO.check_layout(new)
assert checked, err
assert new.get_symbol("__ZL6BANNER") is None
assert new.get_symbol("_remove_me") is None
if is_osx():
assert run_program(bin_path.as_posix())
stdout = run_program(output)
print(stdout)
assert re.search(r'Hello World', stdout) is not None
def test_unexport(tmp_path):
bin_path = pathlib.Path(
get_sample("MachO/MachO64_x86-64_binary_sym2remove.bin"))
original = lief.parse(bin_path.as_posix())
output = f"{tmp_path}/{bin_path.name}"
exported = {s.name for s in original.symbols if s.has_export_info}
assert "_remove_me" in exported
original.unexport("_remove_me")
original.write(output)
new = lief.parse(output)
exported = {s.name for s in new.symbols if s.has_export_info}
assert "_remove_me" not in exported
checked, err = lief.MachO.check_layout(new)
assert checked, err
if is_osx():
assert run_program(bin_path.as_posix())
stdout = run_program(output)
print(stdout)
assert re.search(r'Hello World', stdout) is not None
def test_ssh(tmp_path):
bin_path = pathlib.Path(get_sample("MachO/MachO64_x86-64_binary_sshd.bin"))
output = patch(tmp_path, bin_path)
new = lief.parse(output)
checked, err = lief.MachO.check_layout(new)
assert checked, err
if is_osx():
stdout = run_program(output, args=["--help"])
print(stdout)
assert re.search(r'LIEF says hello :\)', stdout) is not None
def test_arm64_all(tmp_path):
bin_path = pathlib.Path(get_sample("MachO/MachO64_AArch64_binary_all.bin"))
output = patch(tmp_path, bin_path)
new = lief.parse(output)
checked, err = lief.MachO.check_layout(new)
assert checked, err
if is_apple_m1():
stdout = run_program(output)
print(stdout)
assert re.search(r'LIEF says hello :\)', stdout) is not None
def test_crypt_and_hash(tmp_path):
bin_path = pathlib.Path(
get_sample(
"MachO/9edfb04c55289c6c682a25211a4b30b927a86fe50b014610d04d6055bd4ac23d_crypt_and_hash.macho"
))
output = patch(tmp_path, bin_path)
new = lief.parse(output)
checked, err = lief.MachO.check_layout(new)
assert checked, err
if is_apple_m1():
stdout = run_program(output)
print(stdout)
assert re.search(r'LIEF says hello :\)', stdout) is not None
def test_all(tmp_path):
bin_path = pathlib.Path(get_sample("MachO/FAT_MachO_x86-x86-64-binary_fatall.bin"))
original = lief.MachO.parse(bin_path.as_posix())
output = f"{tmp_path}/{bin_path.name}"
assert len(original) == 2
original.write(output)
new = lief.MachO.parse(output)
checked, err = lief.MachO.check_layout(new)
assert checked, err
if is_osx():
stdout = run_program(output)
print(stdout)
assert re.search(r'Hello World', stdout) is not None
def test_ssh(tmp_path):
bin_path = pathlib.Path(get_sample("MachO/MachO64_x86-64_binary_sshd.bin"))
original = lief.parse(bin_path.as_posix())
output = f"{tmp_path}/sshd_injected.bin"
library_path = f"{tmp_path}/libexample.dylib"
compile(library_path, extra_flags=["-arch", "x86_64"])
original.add_library(library_path)
original.remove_signature()
original.write(output)
new = lief.parse(output)
checked, err = lief.MachO.check_layout(new)
assert checked, err
stdout = run_program(output, ["--help"])
print(stdout)
assert re.search(r'CTOR CALLED', stdout) is not None
def test_crypt_and_hash(tmp_path):
bin_path = pathlib.Path(
get_sample(
"MachO/9edfb04c55289c6c682a25211a4b30b927a86fe50b014610d04d6055bd4ac23d_crypt_and_hash.macho"
))
original = lief.parse(bin_path.as_posix())
output = f"{tmp_path}/crypt_and_hash.bin"
library_path = f"{tmp_path}/libexample.dylib"
compile(library_path, extra_flags=["-arch", "arm64"])
original.add_library(library_path)
original.remove_signature()
original.write(output)
new = lief.parse(output)
checked, err = lief.MachO.check_layout(new)
assert checked, err
stdout = run_program(output)
print(stdout)
assert re.search(r'CTOR CALLED', stdout) is not None