def main(pe_fn, new_pe_fn, json_dir, dump_count, redirects_fn, debug): if debug: Logger.enable() Logger.set_level(lief.LOGGING_LEVEL.DEBUG) # DEBUG = True verbose_print("opening existing pe: file={}".format(pe_fn)) with open(pe_fn, 'rb') as fd: pe_bytes = list(fd.read()) binary = lief.parse(pe_bytes) impscan_obj, ldr_fn, oep = parse_impscan_json(json_dir, dump_count) if not len(impscan_obj.raw): verbose_print("warning: zero import functions found") sys.exit(1337) imports_to_add = reconstruct_imports(ldr_fn, redirects_fn, impscan_obj) verbose_print(f"found {len(imports_to_add)} libraries with " f"{sum([len(v) for k,v in imports_to_add.items()])}" " new import functions") fix_oep(binary, oep) virtual_size = get_virtual_memory_size(binary) padded_virtual_size = align(virtual_size) fix_sections(binary.sections, padded_virtual_size) restore_section_data(binary, pe_bytes) fix_image_size(binary, padded_virtual_size) fix_section_mem_protections(binary) fix_checksum(binary) fix_dll_characteristics(binary) add_new_imports(binary, imports_to_add) binary = build_imports(binary) remove_iat_dir(binary) patch_iat(binary, impscan_obj) save_build(binary, new_pe_fn) sys.exit(0)
import unittest import lief import tempfile import logging import os from subprocess import Popen import subprocess import stat import re import sys from unittest import TestCase from utils import get_sample from lief import Logger Logger.set_level(lief.LOGGING_LEVEL.WARNING) CURRENT_DIRECTORY = os.path.dirname(os.path.abspath(__file__)) def run_program(path, args=None): # Make sure the program had exec permission st = os.stat(path) os.chmod(path, st.st_mode | stat.S_IEXEC) prog_args = path if not args else [path] + args p = Popen(prog_args, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) stdout, _ = p.communicate() stdout = stdout.decode("utf8") return stdout
# Description # ----------- # Print information about an ELF binary import lief from lief import ELF import sys import os import traceback import textwrap from lief import Logger Logger.set_level(lief.LOGGING_LEVEL.FATAL) from optparse import OptionParser terminal_rows, terminal_columns = 100, 100 try: terminal_rows, terminal_columns = os.popen('stty size', 'r').read().split() except ValueError: pass terminal_columns = int(terminal_columns) terminal_rows = int(terminal_rows) class exceptions_handler(object): func = None
#!/usr/bin/env python import unittest import logging import os import sys import stat import re import subprocess import tempfile import shutil import lief from lief import Logger Logger.set_level(lief.LOGGING_LEVEL.INFO) from subprocess import Popen from unittest import TestCase from utils import get_sample CURRENT_DIRECTORY = os.path.dirname(os.path.abspath(__file__)) STUB = lief.parse(os.path.join(CURRENT_DIRECTORY, "hello_lief.bin")) LIBADD_C = """\ #include <stdlib.h> #include <stdio.h> int add(int a, int b); int add(int a, int b) { printf("%d + %d = %d\\n", a, b, a + b); return a + b; }
#!/usr/bin/env python import unittest import lief import logging import pprint import json import os from lief import Logger Logger.set_level(lief.LOGGING_LEVEL.DEBUG) #Logger.set_level(lief.LOGGING_LEVEL.DEBUG) from unittest import TestCase from utils import get_sample CURRENT_DIR = os.path.abspath(os.path.dirname(__file__)) class TestVDEX(TestCase): def setUp(self): self.logger = logging.getLogger(__name__) def test_vdex06(self): telecom = lief.VDEX.parse( get_sample('VDEX/VDEX_06_AArch64_Telecom.vdex')) # 1 Dex File registred self.assertEqual(len(telecom.dex_files), 1) dex_file = telecom.dex_files[0]
#!/usr/bin/env python # -*- coding: utf-8 -*- # # Description # ----------- # Print information about a PE file import lief from lief import PE from lief.PE import oid_to_string from lief import Logger Logger.set_level(lief.LOGGING_LEVEL.GLOBAL) from optparse import OptionParser import sys import traceback class exceptions_handler(object): func = None def __init__(self, exceptions, on_except_callback=None): self.exceptions = exceptions self.on_except_callback = on_except_callback def __call__(self, *args, **kwargs): if self.func is None: self.func = args[0] return self try: return self.func(*args, **kwargs)
# -*- coding: utf-8 -*- # Description # ----------- # Print information about an ELF binary import lief from lief import ELF import sys import os import traceback import textwrap from lief import Logger Logger.set_level(lief.LOGGING_LEVEL.ERROR) from optparse import OptionParser terminal_rows, terminal_columns = 100, 100 try: terminal_rows, terminal_columns = os.popen('stty size', 'r').read().split() except ValueError: pass terminal_columns = int(terminal_columns) terminal_rows = int(terminal_rows) class exceptions_handler(object): func = None