Class: Rex::MachParsey::MachBase

Inherits:
Object
  • Object
show all
Defined in:
lib/rex/machparsey/machbase.rb

Direct Known Subclasses

Mach

Defined Under Namespace

Classes: LoadCommand, MachHeader, Segment, Thread

Constant Summary collapse

MH_MAGIC =
0xfeedface
MH_MAGIC_64 =
0xfeedfacf
MH_CIGAM =
0xcefaedfe
MH_CIGAM_64 =
0xcffaedfe
MACH_HEADER_SIZE =
28
MACH_HEADER_SIZE_64 =
32
MACH_HEADER_LSB =
Rex::Struct2::CStructTemplate.new(
  ['uint32v', 'magic',	 0],
  ['uint32v', 'cputype',   0],
  ['uint32v', 'cpusubtype',0],
  ['uint32v', 'filetype',	 0],
  ['uint32v', 'ncmds',	 0],
  ['uint32v', 'sizeofcmds',0],
  ['uint32v', 'flags',	 0]
)
MACH_HEADER_MSB =
Rex::Struct2::CStructTemplate.new(
  ['uint32n', 'magic',	 0],
  ['uint32n', 'cputype',   0],
  ['uint32n', 'cpusubtype',0],
  ['uint32n', 'filetype',	 0],
  ['uint32n', 'ncmds',	 0],
  ['uint32n', 'sizeofcmds',0],
  ['uint32n', 'flags',	 0]
)
MACH_HEADER_64_LSB =
Rex::Struct2::CStructTemplate.new(
  ['uint32v', 'magic',	 0],
  ['uint32v', 'cputype',   0],
  ['uint32v', 'cpusubtype',0],
  ['uint32v', 'filetype',	 0],
  ['uint32v', 'ncmds',	 0],
  ['uint32v', 'sizeofcmds',0],
  ['uint32v', 'flags',	 0],
  ['uint32v', 'reserved',	 0]
)
MACH_HEADER_64_MSB =
Rex::Struct2::CStructTemplate.new(
  ['uint32n', 'magic',	 0],
  ['uint32n', 'cputype',   0],
  ['uint32n', 'cpusubtype',0],
  ['uint32n', 'filetype',	 0],
  ['uint32n', 'ncmds',	 0],
  ['uint32n', 'sizeofcmds',0],
  ['uint32n', 'flags',	 0],
  ['uint32n', 'reserved',	 0]
)
CPU_TYPE_I386 =

cpu types for Mach-O binaries

0x7
CPU_TYPE_X86_64 =
0x01000007
CPU_TYPE_ARM =
0xC
CPU_TYPE_POWERPC =
0x12
CPU_TYPE_POWERPC64 =
0x01000012
CPU_SUBTYPE_LITTLE_ENDIAN =
0
CPU_SUBTYPE_BIG_ENDIAN =
1
LC_SEGMENT =

/* segment of this file to be mapped */

0x1
LC_SYMTAB =
0x2
LC_SYMSEG =
0x3
LC_THREAD =

/* link-edit stab symbol table info */ /* link-edit gdb symbol table info (obsolete) */ /* thread */

0x4
LC_UNIXTHREAD =
0x5
LC_LOADFVMLIB =
0x6
LC_IDFVMLIB =
0x7
LC_IDENT =
0x8
LC_FVMFILE =
0x9
LC_PREPAGE =
0xa
LC_DYSYMTAB =
0xb
LC_LOAD_DYLIB =
0xc
LC_ID_DYLIB =
0xd
LC_LOAD_DYLINKER =

/* unix thread (includes a stack) */ /* load a specified fixed VM shared library */ /* fixed VM shared library identification */ /* object identification info (obsolete) */ /* fixed VM file inclusion (internal use) */ /* prepage command (internal use) */ /* dynamic link-edit symbol table info */ /* load a dynamicly linked shared library */ /* dynamicly linked shared lib identification */ /* load a dynamic linker */

0xe
LC_ID_DYLINKER =

/* dynamic linker identification */

0xf
LC_PREBOUND_DYLIB =

/* modules prebound for a dynamicly */

0x10
LC_SEGMENT_64 =

/* segment of this file to be mapped */

0x19
LOAD_COMMAND_SIZE =
8
LOAD_COMMAND_LSB =
Rex::Struct2::CStructTemplate.new(
  ['uint32v','cmd',0],
  ['uint32v','cmdsize',0]
)
LOAD_COMMAND_MSB =
Rex::Struct2::CStructTemplate.new(
  ['uint32n','cmd',0],
  ['uint32n','cmdsize',0]
)
SEGMENT_COMMAND_SIZE =
56
SEGMENT_COMMAND_LSB =
Rex::Struct2::CStructTemplate.new(
  ['uint32v', 'cmd',  0],
  ['uint32v', 'cmdsize',  0],
  ['string',  'segname',  16, ''],
  ['uint32v', 'vmaddr', 0],
  ['uint32v', 'vmsize', 0],
  ['uint32v', 'fileoff',  0],
  ['uint32v', 'filesize', 0],
  ['uint32v', 'maxprot',  0],
  ['uint32v', 'initprot', 0],
  ['uint32v', 'nsects', 0],
  ['uint32v', 'flags',  0]
)
SEGMENT_COMMAND_MSB =
Rex::Struct2::CStructTemplate.new(
  ['uint32n', 'cmd',  0],
  ['uint32n', 'cmdsize',  0],
  ['string',  'segname',  16, ''],
  ['uint32n', 'vmaddr', 0],
  ['uint32n', 'vmsize', 0],
  ['uint32n', 'fileoff',  0],
  ['uint32n', 'filesize', 0],
  ['uint32n', 'maxprot',  0],
  ['uint32n', 'initprot', 0],
  ['uint32n', 'nsects', 0],
  ['uint32n', 'flags',  0]
)
SEGMENT_COMMAND_SIZE_64 =
72
SEGMENT_COMMAND_64_LSB =
Rex::Struct2::CStructTemplate.new(
  ['uint32v', 'cmd',  0],
  ['uint32v', 'cmdsize',  0],
  ['string',  'segname',  16, ''],
  ['uint64v', 'vmaddr', 0],
  ['uint64v', 'vmsize', 0],
  ['uint64v', 'fileoff',  0],
  ['uint64v', 'filesize', 0],
  ['uint32v', 'maxprot',  0],
  ['uint32v', 'initprot', 0],
  ['uint32v', 'nsects', 0],
  ['uint32v', 'flags',  0]
)
SEGMENT_COMMAND_64_MSB =
Rex::Struct2::CStructTemplate.new(
  ['uint32n', 'cmd',  0],
  ['uint32n', 'cmdsize',  0],
  ['string',  'segname',  16, ''],
  ['uint64n', 'vmaddr', 0],
  ['uint64n', 'vmsize', 0],
  ['uint64n', 'fileoff',  0],
  ['uint64n', 'filesize', 0],
  ['uint32n', 'maxprot',  0],
  ['uint32n', 'initprot', 0],
  ['uint32n', 'nsects', 0],
  ['uint32n', 'flags',  0]
)