Class: Rex::MachParsey::Mach

Inherits:
MachBase show all
Defined in:
lib/rex/machparsey/mach.rb

Constant Summary

Constants inherited from MachBase

Rex::MachParsey::MachBase::CPU_SUBTYPE_BIG_ENDIAN, Rex::MachParsey::MachBase::CPU_SUBTYPE_LITTLE_ENDIAN, Rex::MachParsey::MachBase::CPU_TYPE_ARM, Rex::MachParsey::MachBase::CPU_TYPE_I386, Rex::MachParsey::MachBase::CPU_TYPE_POWERPC, Rex::MachParsey::MachBase::CPU_TYPE_POWERPC64, Rex::MachParsey::MachBase::CPU_TYPE_X86_64, Rex::MachParsey::MachBase::LC_DYSYMTAB, Rex::MachParsey::MachBase::LC_FVMFILE, Rex::MachParsey::MachBase::LC_IDENT, Rex::MachParsey::MachBase::LC_IDFVMLIB, Rex::MachParsey::MachBase::LC_ID_DYLIB, Rex::MachParsey::MachBase::LC_ID_DYLINKER, Rex::MachParsey::MachBase::LC_LOADFVMLIB, Rex::MachParsey::MachBase::LC_LOAD_DYLIB, Rex::MachParsey::MachBase::LC_LOAD_DYLINKER, Rex::MachParsey::MachBase::LC_PREBOUND_DYLIB, Rex::MachParsey::MachBase::LC_PREPAGE, Rex::MachParsey::MachBase::LC_SEGMENT, Rex::MachParsey::MachBase::LC_SEGMENT_64, Rex::MachParsey::MachBase::LC_SYMSEG, Rex::MachParsey::MachBase::LC_SYMTAB, Rex::MachParsey::MachBase::LC_THREAD, Rex::MachParsey::MachBase::LC_UNIXTHREAD, Rex::MachParsey::MachBase::LOAD_COMMAND_LSB, Rex::MachParsey::MachBase::LOAD_COMMAND_MSB, Rex::MachParsey::MachBase::LOAD_COMMAND_SIZE, Rex::MachParsey::MachBase::MACH_HEADER_64_LSB, Rex::MachParsey::MachBase::MACH_HEADER_64_MSB, Rex::MachParsey::MachBase::MACH_HEADER_LSB, Rex::MachParsey::MachBase::MACH_HEADER_MSB, Rex::MachParsey::MachBase::MACH_HEADER_SIZE, Rex::MachParsey::MachBase::MACH_HEADER_SIZE_64, Rex::MachParsey::MachBase::MH_CIGAM, Rex::MachParsey::MachBase::MH_CIGAM_64, Rex::MachParsey::MachBase::MH_MAGIC, Rex::MachParsey::MachBase::MH_MAGIC_64, Rex::MachParsey::MachBase::SEGMENT_COMMAND_64_LSB, Rex::MachParsey::MachBase::SEGMENT_COMMAND_64_MSB, Rex::MachParsey::MachBase::SEGMENT_COMMAND_LSB, Rex::MachParsey::MachBase::SEGMENT_COMMAND_MSB, Rex::MachParsey::MachBase::SEGMENT_COMMAND_SIZE, Rex::MachParsey::MachBase::SEGMENT_COMMAND_SIZE_64

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(isource, offset = 0, fat = false) ⇒ Mach

Returns a new instance of Mach.



14
15
16
17
18
19
20
21
22
23
 
# File 'lib/rex/machparsey/mach.rb', line 14

def initialize(isource, offset = 0, fat = false)
  _parse_mach_header(isource, offset)
  if fat == true
    self.fat_offset = offset
  else
    self.fat_offset = 0
  end

  self.isource = isource
end

Instance Attribute Details

#archObject

Returns the value of attribute arch.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def arch
  @arch
end

#bitsObject

Returns the value of attribute bits.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def bits
  @bits
end

#endianObject

Returns the value of attribute endian.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def endian
  @endian
end

#fat_offsetObject

Returns the value of attribute fat_offset.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def fat_offset
  @fat_offset
end

#isourceObject

Returns the value of attribute isource.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def isource
  @isource
end

#mach_headerObject

Returns the value of attribute mach_header.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def mach_header
  @mach_header
end

#segmentsObject

Returns the value of attribute segments.



12
13
14
 
# File 'lib/rex/machparsey/mach.rb', line 12

def segments
  @segments
end

Class Method Details

.new_from_file(filename, disk_backed = false) ⇒ Object 



61
62
63
64
65
66
67
68
69
70
71
72
 
# File 'lib/rex/machparsey/mach.rb', line 61

def self.new_from_file(filename, disk_backed = false)

  file = ::File.open(filename, "rb")

  if disk_backed
    return self.new(ImageSource::Disk.new(file))
  else
    obj = new_from_string(file.read)
    file.close
    return obj
  end
end

.new_from_string(data) ⇒ Object 



74
75
76
 
# File 'lib/rex/machparsey/mach.rb', line 74

def self.new_from_string(data)
  return self.new(ImageSource::Memory.new(data))
end

Instance Method Details

#_parse_mach_header(isource, offset) ⇒ Object 



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# File 'lib/rex/machparsey/mach.rb', line 25

def _parse_mach_header(isource, offset)
  self.mach_header = MachHeader.new(isource.read(offset, MACH_HEADER_SIZE_64))
  bits = mach_header.bits
  endian = mach_header.endian
  ncmds = mach_header.ncmds

  if bits == BITS_32
    offset += MACH_HEADER_SIZE
  else
    offset += MACH_HEADER_SIZE_64
  end


  segments = []
  ncmds.times do
    load_command = LoadCommand.new(isource.read(offset, LOAD_COMMAND_SIZE), endian)

    case load_command.cmd
      when LC_SEGMENT
        segments << Segment.new(isource.read(offset, SEGMENT_COMMAND_SIZE), bits, endian)
      when LC_SEGMENT_64
        segments << Segment.new(isource.read(offset, SEGMENT_COMMAND_SIZE_64), bits, endian)
    end

    offset += load_command.cmdsize
  end

  self.mach_header = mach_header
  self.segments = segments
  self.isource = isource
  self.bits = bits
  self.endian = endian

  return segments
end

#closeObject 



98
99
100
 
# File 'lib/rex/machparsey/mach.rb', line 98

def close
  isource.close
end

#index(*args) ⇒ Object 



94
95
96
 
# File 'lib/rex/machparsey/mach.rb', line 94

def index(*args)
  isource.index(*args)
end

#ptr_32?Boolean

Returns:

  • (Boolean) 


82
83
84
 
# File 'lib/rex/machparsey/mach.rb', line 82

def ptr_32?
  ptr_64? == false
end

#ptr_64?Boolean

Returns:

  • (Boolean) 


78
79
80
 
# File 'lib/rex/machparsey/mach.rb', line 78

def ptr_64?
  mach_header.bits == BITS_64
end

#ptr_s(vaddr) ⇒ Object 



86
87
88
 
# File 'lib/rex/machparsey/mach.rb', line 86

def ptr_s(vaddr)
  (ptr_32?) ? ("0x%.8x" % vaddr) : ("0x%.16x" % vaddr)
end

#read(offset, len) ⇒ Object 



90
91
92
 
# File 'lib/rex/machparsey/mach.rb', line 90

def read(offset, len)
  isource.read(fat_offset + offset, len)
end