no message

0bj3ct · Feb 13, 2015 · f87344a · f87344a
1 parent fd65d21
commit f87344a
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 9 deletions.
diff --git a/core/fat.py b/core/fat.py
@@ -7,6 +7,8 @@
 from ctypes import *
 
 FAT_MAGIC = 0xcafebabeL
+FAT_CIGAM = 0xbebafecaL
+
 class fat_header(Structure):
     _fields_ = (
         ('magic', c_uint),

diff --git a/core/loader.py b/core/loader.py
@@ -183,8 +183,6 @@ class load_command(Structure):
 class lc_str(c_uint):
     pass
 
-p_str16 = pypackable('p_str16', str, '16s')
-
 vm_prot_t = c_uint
 class segment_command(Structure):
     _fields_ = (

diff --git a/core/macho_header.py b/core/macho_header.py
@@ -4,10 +4,48 @@
 #description: macho文件格式头解析模块
 
 import sys
+import loader
+import fat
+import nlist
 
+(
+    FILE_FAT, FILE_MACHO64, FILE_MACHO
+) = range(0x1, 0x3)
+
+filetype = {
+    FAT_MAGIC : FILE_FAT,
+    FAT_CIGAM : FILE_FAT,
+    MH_MAGIC  : FILE_MACHO,
+    MH_CIGAM  : FILE_MACHO,
+    MH_MAGIC_64:FILE_MACHO64,
+    MH_CIGAM_64:FILE_MACHO64
+}
+
+class file_t(object):
+    def __init__(self, filepath):
+        super(file_t,self).__init__()
+        self.filepath = filepath
+        self.fp = open(self.filepath,'rb+')
+        magic = self.fp.read(4)
+        self.file_type = filetype[magic]
+        self.macho_header = [];
+        if self.filetype is FILE_FAT:
+            nfat_arch = self.fp.read(4)
+            for i in xrange (0,nfat_arch):
+                self.fat_arch = self.fp.read(len(fat.fat_arch));
+                offset = self.fat_arch.offset
+                self.fp.seek(offset)
+                self.macho_header.append(macho_header_t(fp))
+        else:
+            self.macho_header.append(macho_header_t(fp))
 class macho_header_t(object):
-	"""docstring for macho_header_t"""
-	def __init__(self, arg):
-		super(macho_header_t, self).__init__()
-		self.arg = arg
-
+    """docstring for macho_header_t"""
+    def __init__(self, fp):
+        super(macho_header_t, self).__init__()
+        self.arg = arg
+        '''macho_64'''
+        if 1:
+            pass
+        '''macho'''
+        '''else:
+            pass'''
diff --git a/core/macho_main.py b/core/macho_main.py
@@ -4,9 +4,10 @@
 #description: macho解析的主模块
 
 import sys
-
+import macho_header
 
 def main():
-    print "test"
+    file_macho = macho_header.file_t("/Volumes/2/work/projects/kiwisec_func_check/kiwisec_func_check/test/iOS_test")
+    print file_macho.file_type
 if __name__ == '__main__':
     main()