LIEF
v0.15.1
Blog • Documentação • Sobre
O objetivo deste projeto é fornecer uma biblioteca multiplataforma para analisar, modificar e abstrair os formatos ELF, PE e MachO.
Principais características :
Recursos estendidos :
find_package (LIEF REQUIRED)
target_link_libraries (my-project LIEF::LIEF)
[ package ]
name = " my-awesome-project "
version = " 0.0.1 "
edition = " 2021 "
[ dependencies ]
lief = " 0.15.1 "
Para instalar a versão mais recente (lançamento):
pip install lief
Para instalar a compilação noturna:
pip install [--user] --force-reinstall --index-url https://lief.s3-website.fr-par.scw.cloud/latest lief==0.16.0.dev0
Aqui estão os guias para instalar ou integrar o LIEF:
import lief
# ELF
binary = lief . parse ( "/usr/bin/ls" )
for section in binary . sections :
print ( section . name , section . virtual_address )
# PE
binary = lief . parse ( "C: \ Windows \ explorer.exe" )
if rheader := pe . rich_header :
print ( rheader . key )
# Mach-O
binary = lief . parse ( "/usr/bin/ls" )
for fixup in binary . dyld_chained_fixups :
print ( fixup )
use lief :: Binary ;
use lief :: pe :: debug :: Entries :: CodeViewPDB ;
if let Some ( Binary :: PE ( pe ) ) = Binary :: parse ( path . as_str ( ) ) {
for entry in pe . debug ( ) {
if let CodeViewPDB ( pdb_view ) = entry {
println ! ( "{}" , pdb_view . filename ( ) ) ;
}
}
}
# include < LIEF/LIEF.hpp >
int main ( int argc, char ** argv) {
// ELF
if (std::unique_ptr< const LIEF::ELF::Binary> elf = LIEF::ELF::Parser::parse ( " /bin/ls " )) {
for ( const LIEF::ELF::Section& section : elf-> sections ()) {
std::cout << section-> name () << ' ' << section-> virtual_address () << ' n ' ;
}
}
// PE
if (std::unique_ptr< const LIEF::PE::Binary> pe = LIEF::PE::Parser::parse ( " C: \ Windows \ explorer.exe " )) {
if ( const LIEF::PE::RichHeader* rheader : pe-> rich_header ()) {
std::cout << rheader-> key () << ' n ' ;
}
}
// Mach-O
if (std::unique_ptr<LIEF::MachO::FatBinary> macho = LIEF::MachO::Parser::parse ( " /bin/ls " )) {
for ( const LIEF::MachO::DyldChainedFixups& fixup : macho-> dyld_chained_fixups ()) {
std::cout << fixup << ' n ' ;
}
}
return 0 ;
}
# include < LIEF/LIEF.h >
int main ( int argc, char ** argv) {
Elf_Binary_t* elf = elf_parse ( " /usr/bin/ls " );
Elf_Section_t** sections = elf-> sections ;
for ( size_t i = 0 ; sections[i] != NULL ; ++i) {
printf ( " %s n " , sections[i]-> name );
}
elf_binary_destroy (elf);
return 0 ;
}
Romain Thomas (@ rh0main) - Quarkslab
LIEF é fornecido sob a licença Apache 2.0.
@MISC { LIEF ,
author = " Romain Thomas " ,
title = " LIEF - Library to Instrument Executable Formats " ,
howpublished = " https://lief.quarkslab.com/ " ,
month = " apr " ,
year = " 2017 "
}