Class: Rex::PeScan::Analyze::ContextMapDumper
- Inherits:
-
Object
- Object
- Rex::PeScan::Analyze::ContextMapDumper
- Defined in:
- lib/rex/pescan/analyze.rb
Instance Attribute Summary collapse
-
#pe ⇒ Object
Returns the value of attribute pe.
Instance Method Summary collapse
-
#initialize(pe) ⇒ ContextMapDumper
constructor
A new instance of ContextMapDumper.
- #scan(param) ⇒ Object
Constructor Details
#initialize(pe) ⇒ ContextMapDumper
Returns a new instance of ContextMapDumper.
307 308 309 |
# File 'lib/rex/pescan/analyze.rb', line 307 def initialize(pe) self.pe = pe end |
Instance Attribute Details
#pe ⇒ Object
Returns the value of attribute pe.
305 306 307 |
# File 'lib/rex/pescan/analyze.rb', line 305 def pe @pe end |
Instance Method Details
#scan(param) ⇒ Object
311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 |
# File 'lib/rex/pescan/analyze.rb', line 311 def scan(param) dest = param['dir'] path = '' ::FileUtils.mkdir_p(dest) if(not (param['dir'] and param['file'])) $stderr.puts "No directory or file specified" return end if (param['file']) path = File.join(dest, File.basename(param['file']) + ".map") end fd = File.new(path, "wb") pe.all_sections.each do |section| # Skip over known bad sections next if section.name == ".data" next if section.name == ".reloc" offset = 0 while offset < section.size byte = section.read(offset, 1)[0] if byte != 0 chunkbase = pe.rva_to_vma(section.base_rva) + offset data = '' while byte != 0 data << byte offset += 1 byte = 0 byte = section.read(offset, 1)[0] if offset < section.size end buff = nil buff = [ 0x01, chunkbase, data.length, data].pack("CNNA*") if data.length > 0 fd.write(buff) if buff end offset += 1 end end fd.close end |