def unpack(self, data, offset=0):
StructFormatter.unpack(self, data, offset)
if self.ELFMAG0 != 0x7F or self.ELFMAG != b"ELF":
raise ElfError("Wrong magic number, not an ELF file ?")
if self.EI_DATA not in (ELFDATA2LSB, ELFDATA2MSB):
logger.info("No endianess specified in ELF header.")
return self
def unpack(self, data, offset=0, psize=0):
StructFormatter.unpack(self, data, offset)
offset += 12
self.modulus = data[offset:offset + self.nlen]
offset += self.nlen
self.exponent = data[offset:offset + self.elen]
return self
def unpack(self, data, offset=0, psize=0):
StructFormatter.unpack(self, data, offset)
assert self.cmd == HAB_CMD_UNLK
if self.len > self.size():
nb = (self.len - self.size()) // 4
val = RawField("I", nb, fname="val", forder=">")
offset += self.size()
self.val = val.unpack(data, offset)
return self
def unpack(self, data, offset=0, psize=0):
StructFormatter.unpack(self, data, offset)
assert self.cmd == HAB_CMD_AUT_DAT
if self.len > self.size():
offset += self.size()
nb = (self.len - self.size()) // 4
blks = RawField("I", fcount=nb, fname="blks", forder=">")
self.func_formatter(blks=self.blks_format)
self.blks = blks.unpack(data, offset)
return self
def unpack(self, data, offset=0, psize=0):
StructFormatter.unpack(self, data, offset)
assert self.cmd == HAB_CMD_INS_KEY
if self.len > self.size():
nb = (self.len - self.size()) // 4
crt_hsh = RawField("I", nb, fname="crt_hsh")
self.address_formatter("crt_hsh")
offset += self.size()
self.crt_hsh = crt_hsh.unpack(data, offset)
return self
def unpack(self, data, offset=0, psize=0):
StructFormatter.unpack(self, data, offset)
assert self.cmd == HAB_CMD_CHK_DAT
self.flags = self.par >> 3
self.bytes = self.par & 0x7
if self.len > 8:
cnt = RawField("I", fname="count")
offset += self.size()
self.count = cnt.unpack(data, offset)
return self
def unpack(self, data, offset=0, psize=0):
StructFormatter.unpack(self, data, offset)
assert self.header.tag == HAB_TAG_CSF
csfend = offset + self.header.length
offset += self.size()
self.cmds = []
while offset < csfend:
k = self.CMD(data, offset)
self.cmds.append(k)
offset += k.size()
return self
def unpack(self, data, offset=0, psize=0):
StructFormatter.unpack(self, data, offset)
assert self.header.tag == HAB_TAG_CRT
crtend = offset + self.header.length
offset += self.size()
crt = data[offset:crtend]
if crt[0] == HAB_KEY_PUBLIC:
while offset < csfend:
k = PublicKey(data, offset)
self.keys.append(k)
offset += k.size()
else:
self.data = crt
return self
def unpack(self, data, offset=0, psize=0):
magic = data[offset:offset + 2]
if magic == b"\x0b\x01":
logger.verbose("PE32 Magic found")
elif magic == b"\x0b\x02":
logger.verbose("PE32+ Magic found")
f = self.fields
f.pop(8)
for x in (8, 23, 24, 25, 26):
f[x].typename = "Q"
elif magic == b"\x07\x01":
logger.info("ROM Magic found (unsupported)")
else:
logger.error("unknown Magic")
# parse structure
self.DataDirectories = {}
StructFormatter.unpack(self, data, offset)
l = offset + len(self)
dnames = (
"ExportTable",
"ImportTable",
"ResourceTable",
"ExceptionTable",
"CertificateTable",
"BaseRelocationTable",
"Debug",
"Architecture",
"GlobalPtr",
"TLSTable",
"LoadConfigTable",
"BoundImport",
"IAT",
"DelayImportDescriptor",
"CLRRuntimeHeader",
"Reserved",
)
for dn in range(min(self.NumberOfRvaAndSizes, len(dnames))):
d = DataDirectory(data, offset=l)
self.DataDirectories[dnames[dn]] = d
l += len(d)
return self
def __len__(self):
baselen = StructFormatter.__len__(self)
auxtlen = sum([len(s) for s in self.AuxSymbols], 0)
return baselen + auxtlen
def __len__(self):
baselen = StructFormatter.__len__(self)
dirslen = sum(map(len, self.DataDirectories.values()))
return baselen + dirslen
def __str__(self):
s = StructFormatter.__str__(self) + "\n"
cname = self.__class__.__name__
s += self.strkey("r_type", cname)
return s
def __str__(self):
s = StructFormatter.__str__(self)
if hasattr(self, "blks"):
s += "\nblks: %s\n" % (self.blks_format(0, self.blks))
return s