Class: Rex::MachParsey::Mach

Inherits:
MachBase show all
Defined in:
lib/rex/machparsey/mach.rb

Constant Summary

Constants inherited from MachBase

Rex::MachParsey::MachBase::CPU_SUBTYPE_BIG_ENDIAN, Rex::MachParsey::MachBase::CPU_SUBTYPE_LITTLE_ENDIAN, Rex::MachParsey::MachBase::CPU_TYPE_ARM, Rex::MachParsey::MachBase::CPU_TYPE_I386, Rex::MachParsey::MachBase::CPU_TYPE_POWERPC, Rex::MachParsey::MachBase::CPU_TYPE_POWERPC64, Rex::MachParsey::MachBase::CPU_TYPE_X86_64, Rex::MachParsey::MachBase::LC_DYSYMTAB, Rex::MachParsey::MachBase::LC_FVMFILE, Rex::MachParsey::MachBase::LC_IDENT, Rex::MachParsey::MachBase::LC_IDFVMLIB, Rex::MachParsey::MachBase::LC_ID_DYLIB, Rex::MachParsey::MachBase::LC_ID_DYLINKER, Rex::MachParsey::MachBase::LC_LOADFVMLIB, Rex::MachParsey::MachBase::LC_LOAD_DYLIB, Rex::MachParsey::MachBase::LC_LOAD_DYLINKER, Rex::MachParsey::MachBase::LC_PREBOUND_DYLIB, Rex::MachParsey::MachBase::LC_PREPAGE, Rex::MachParsey::MachBase::LC_SEGMENT, Rex::MachParsey::MachBase::LC_SEGMENT_64, Rex::MachParsey::MachBase::LC_SYMSEG, Rex::MachParsey::MachBase::LC_SYMTAB, Rex::MachParsey::MachBase::LC_THREAD, Rex::MachParsey::MachBase::LC_UNIXTHREAD, Rex::MachParsey::MachBase::LOAD_COMMAND_LSB, Rex::MachParsey::MachBase::LOAD_COMMAND_MSB, Rex::MachParsey::MachBase::LOAD_COMMAND_SIZE, Rex::MachParsey::MachBase::MACH_HEADER_64_LSB, Rex::MachParsey::MachBase::MACH_HEADER_64_MSB, Rex::MachParsey::MachBase::MACH_HEADER_LSB, Rex::MachParsey::MachBase::MACH_HEADER_MSB, Rex::MachParsey::MachBase::MACH_HEADER_SIZE, Rex::MachParsey::MachBase::MACH_HEADER_SIZE_64, Rex::MachParsey::MachBase::MH_CIGAM, Rex::MachParsey::MachBase::MH_CIGAM_64, Rex::MachParsey::MachBase::MH_MAGIC, Rex::MachParsey::MachBase::MH_MAGIC_64, Rex::MachParsey::MachBase::SEGMENT_COMMAND_64_LSB, Rex::MachParsey::MachBase::SEGMENT_COMMAND_64_MSB, Rex::MachParsey::MachBase::SEGMENT_COMMAND_LSB, Rex::MachParsey::MachBase::SEGMENT_COMMAND_MSB, Rex::MachParsey::MachBase::SEGMENT_COMMAND_SIZE, Rex::MachParsey::MachBase::SEGMENT_COMMAND_SIZE_64

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(isource, offset = 0, fat = false) ⇒ Mach

Returns a new instance of Mach.



15
16
17
18
19
20
21
22
23
24
 
# File 'lib/rex/machparsey/mach.rb', line 15

def initialize(isource, offset = 0, fat = false)
	_parse_mach_header(isource, offset)
	if fat == true
		self.fat_offset = offset
	else
		self.fat_offset = 0
	end

	self.isource = isource
end

Instance Attribute Details

#archObject

Returns the value of attribute arch.



13
14
15
 
# File 'lib/rex/machparsey/mach.rb', line 13

def arch
  @arch
end

#bitsObject

Returns the value of attribute bits.



13
14
15
 
# File 'lib/rex/machparsey/mach.rb', line 13

def bits
  @bits
end

#endianObject

Returns the value of attribute endian.



13
14
15
 
# File 'lib/rex/machparsey/mach.rb', line 13

def endian
  @endian
end

#fat_offsetObject

Returns the value of attribute fat_offset.



13
14
15
 
# File 'lib/rex/machparsey/mach.rb', line 13

def fat_offset
  @fat_offset
end

#isourceObject

Returns the value of attribute isource.



13
14
15
 
# File 'lib/rex/machparsey/mach.rb', line 13

def isource
  @isource
end

#mach_headerObject

Returns the value of attribute mach_header.



13
14
15
 
# File 'lib/rex/machparsey/mach.rb', line 13

def mach_header
  @mach_header
end

#segmentsObject

Returns the value of attribute segments.



13
14
15
 
# File 'lib/rex/machparsey/mach.rb', line 13

def segments
  @segments
end

Class Method Details

.new_from_file(filename, disk_backed = false) ⇒ Object 



62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'lib/rex/machparsey/mach.rb', line 62

def self.new_from_file(filename, disk_backed = false)

	file = ::File.open(filename, "rb")

	if disk_backed
		return self.new(ImageSource::Disk.new(file))
	else
		obj = new_from_string(file.read)
		file.close
		return obj
	end
end

.new_from_string(data) ⇒ Object 



75
76
77
 
# File 'lib/rex/machparsey/mach.rb', line 75

def self.new_from_string(data)
	return self.new(ImageSource::Memory.new(data))
end

Instance Method Details

#_parse_mach_header(isource, offset) ⇒ Object 



26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
# File 'lib/rex/machparsey/mach.rb', line 26

def _parse_mach_header(isource, offset)
	self.mach_header = MachHeader.new(isource.read(offset, MACH_HEADER_SIZE_64))
	bits = mach_header.bits
	endian = mach_header.endian
	ncmds = mach_header.ncmds

	if bits == BITS_32
		offset += MACH_HEADER_SIZE
	else
		offset += MACH_HEADER_SIZE_64
	end


	segments = []
	ncmds.times do
		load_command = LoadCommand.new(isource.read(offset, LOAD_COMMAND_SIZE), endian)

		case load_command.cmd
			when LC_SEGMENT
				segments << Segment.new(isource.read(offset, SEGMENT_COMMAND_SIZE), bits, endian)
			when LC_SEGMENT_64
				segments << Segment.new(isource.read(offset, SEGMENT_COMMAND_SIZE_64), bits, endian)
		end

		offset += load_command.cmdsize
	end

	self.mach_header = mach_header
	self.segments = segments
	self.isource = isource
	self.bits = bits
	self.endian = endian

	return segments
end

#closeObject 



99
100
101
 
# File 'lib/rex/machparsey/mach.rb', line 99

def close
	isource.close
end

#index(*args) ⇒ Object 



95
96
97
 
# File 'lib/rex/machparsey/mach.rb', line 95

def index(*args)
	isource.index(*args)
end

#ptr_32?Boolean

Returns:

  • (Boolean) 


83
84
85
 
# File 'lib/rex/machparsey/mach.rb', line 83

def ptr_32?
	ptr_64? == false
end

#ptr_64?Boolean

Returns:

  • (Boolean) 


79
80
81
 
# File 'lib/rex/machparsey/mach.rb', line 79

def ptr_64?
	mach_header.bits == BITS_64
end

#ptr_s(vaddr) ⇒ Object 



87
88
89
 
# File 'lib/rex/machparsey/mach.rb', line 87

def ptr_s(vaddr)
	(ptr_32?) ? ("0x%.8x" % vaddr) : ("0x%.16x" % vaddr)
end

#read(offset, len) ⇒ Object 



91
92
93
 
# File 'lib/rex/machparsey/mach.rb', line 91

def read(offset, len)
	isource.read(fat_offset + offset, len)
end