Class: Rex::MachParsey::Mach

Inherits:
MachBase show all
Defined in:
lib/rex/machparsey/mach.rb

Constant Summary

Constants inherited from MachBase

Rex::MachParsey::MachBase::CPU_SUBTYPE_BIG_ENDIAN, Rex::MachParsey::MachBase::CPU_SUBTYPE_LITTLE_ENDIAN, Rex::MachParsey::MachBase::CPU_TYPE_ARM, Rex::MachParsey::MachBase::CPU_TYPE_I386, Rex::MachParsey::MachBase::CPU_TYPE_POWERPC, Rex::MachParsey::MachBase::CPU_TYPE_POWERPC64, Rex::MachParsey::MachBase::CPU_TYPE_X86_64, Rex::MachParsey::MachBase::LC_DYSYMTAB, Rex::MachParsey::MachBase::LC_FVMFILE, Rex::MachParsey::MachBase::LC_IDENT, Rex::MachParsey::MachBase::LC_IDFVMLIB, Rex::MachParsey::MachBase::LC_ID_DYLIB, Rex::MachParsey::MachBase::LC_ID_DYLINKER, Rex::MachParsey::MachBase::LC_LOADFVMLIB, Rex::MachParsey::MachBase::LC_LOAD_DYLIB, Rex::MachParsey::MachBase::LC_LOAD_DYLINKER, Rex::MachParsey::MachBase::LC_PREBOUND_DYLIB, Rex::MachParsey::MachBase::LC_PREPAGE, Rex::MachParsey::MachBase::LC_SEGMENT, Rex::MachParsey::MachBase::LC_SEGMENT_64, Rex::MachParsey::MachBase::LC_SYMSEG, Rex::MachParsey::MachBase::LC_SYMTAB, Rex::MachParsey::MachBase::LC_THREAD, Rex::MachParsey::MachBase::LC_UNIXTHREAD, Rex::MachParsey::MachBase::LOAD_COMMAND_LSB, Rex::MachParsey::MachBase::LOAD_COMMAND_MSB, Rex::MachParsey::MachBase::LOAD_COMMAND_SIZE, Rex::MachParsey::MachBase::MACH_HEADER_64_LSB, Rex::MachParsey::MachBase::MACH_HEADER_64_MSB, Rex::MachParsey::MachBase::MACH_HEADER_LSB, Rex::MachParsey::MachBase::MACH_HEADER_MSB, Rex::MachParsey::MachBase::MACH_HEADER_SIZE, Rex::MachParsey::MachBase::MACH_HEADER_SIZE_64, Rex::MachParsey::MachBase::MH_CIGAM, Rex::MachParsey::MachBase::MH_CIGAM_64, Rex::MachParsey::MachBase::MH_MAGIC, Rex::MachParsey::MachBase::MH_MAGIC_64, Rex::MachParsey::MachBase::SEGMENT_COMMAND_64_LSB, Rex::MachParsey::MachBase::SEGMENT_COMMAND_64_MSB, Rex::MachParsey::MachBase::SEGMENT_COMMAND_LSB, Rex::MachParsey::MachBase::SEGMENT_COMMAND_MSB, Rex::MachParsey::MachBase::SEGMENT_COMMAND_SIZE, Rex::MachParsey::MachBase::SEGMENT_COMMAND_SIZE_64

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(isource, offset = 0, fat = false) ⇒ Mach

Returns a new instance of Mach.



14
15
16
17
18
19
20
21
22
23
 
# File 'lib/rex/machparsey/mach.rb', line 14

def initialize(isource, offset = 0, fat = false)
	_parse_mach_header(isource, offset)
	if fat == true
		self.fat_offset = offset
	else
		self.fat_offset = 0
	end

	self.isource = isource
end

Instance Attribute Details

#archObject

Returns the value of attribute arch.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def arch
  @arch
end

#bitsObject

Returns the value of attribute bits.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def bits
  @bits
end

#endianObject

Returns the value of attribute endian.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def endian
  @endian
end

#fat_offsetObject

Returns the value of attribute fat_offset.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def fat_offset
  @fat_offset
end

#isourceObject

Returns the value of attribute isource.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def isource
  @isource
end

#mach_headerObject

Returns the value of attribute mach_header.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def mach_header
  @mach_header
end

#segmentsObject

Returns the value of attribute segments.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def segments
  @segments
end

Class Method Details

.new_from_file(filename, disk_backed = false) ⇒ Object 



61
62
63
64
65
66
67
68
69
70
71
72
 
# File 'lib/rex/machparsey/mach.rb', line 61

def self.new_from_file(filename, disk_backed = false)

	file = ::File.open(filename, "rb")

	if disk_backed
		return self.new(ImageSource::Disk.new(file))
	else
		obj = new_from_string(file.read)
		file.close
		return obj
	end
end

.new_from_string(data) ⇒ Object 



74
75
76
 
# File 'lib/rex/machparsey/mach.rb', line 74

def self.new_from_string(data)
	return self.new(ImageSource::Memory.new(data))
end

Instance Method Details

#_parse_mach_header(isource, offset) ⇒ Object 



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# File 'lib/rex/machparsey/mach.rb', line 25

def _parse_mach_header(isource, offset)
	self.mach_header = MachHeader.new(isource.read(offset, MACH_HEADER_SIZE_64))
	bits = mach_header.bits
	endian = mach_header.endian
	ncmds = mach_header.ncmds

	if bits == BITS_32
		offset += MACH_HEADER_SIZE
	else
		offset += MACH_HEADER_SIZE_64
	end


	segments = []
	ncmds.times do
		load_command = LoadCommand.new(isource.read(offset, LOAD_COMMAND_SIZE), endian)

		case load_command.cmd
			when LC_SEGMENT
				segments << Segment.new(isource.read(offset, SEGMENT_COMMAND_SIZE), bits, endian)
			when LC_SEGMENT_64
				segments << Segment.new(isource.read(offset, SEGMENT_COMMAND_SIZE_64), bits, endian)
		end

		offset += load_command.cmdsize
	end

	self.mach_header = mach_header
	self.segments = segments	
	self.isource = isource
	self.bits = bits
	self.endian = endian

	return segments
end

#closeObject 



98
99
100
 
# File 'lib/rex/machparsey/mach.rb', line 98

def close
	isource.close
end

#index(*args) ⇒ Object 



94
95
96
 
# File 'lib/rex/machparsey/mach.rb', line 94

def index(*args)
	isource.index(*args)
end

#ptr_32?Boolean

Returns:

  • (Boolean) 


82
83
84
 
# File 'lib/rex/machparsey/mach.rb', line 82

def ptr_32?
	ptr_64? == false
end

#ptr_64?Boolean

Returns:

  • (Boolean) 


78
79
80
 
# File 'lib/rex/machparsey/mach.rb', line 78

def ptr_64?
	mach_header.bits == BITS_64		
end

#ptr_s(vaddr) ⇒ Object 



86
87
88
 
# File 'lib/rex/machparsey/mach.rb', line 86

def ptr_s(vaddr)
	(ptr_32?) ? ("0x%.8x" % vaddr) : ("0x%.16x" % vaddr)
end

#read(offset, len) ⇒ Object 



90
91
92
 
# File 'lib/rex/machparsey/mach.rb', line 90

def read(offset, len)
	isource.read(fat_offset + offset, len)
end