Class: Msf::Payload::MachO

Inherits:

Object

• Object
• Msf::Payload::MachO

Defined in:

lib/msf/core/payload/macho.rb

Instance Method Summary

• #entrypoint ⇒ Object
• #flatten ⇒ Object

  Return the VM respresentation of a macho file.

• #initialize(data) ⇒ MachO constructor

  A new instance of MachO.

• #raw ⇒ Object
• #to_dylib(name) ⇒ Object

Constructor Details

#initialize(data) ⇒ MachO

Returns a new instance of MachO.

# File 'lib/msf/core/payload/macho.rb', line 6

def initialize(data)
  @macho = MachO::MachOFile.new_from_bin(data)
end

Instance Method Details

#entrypoint ⇒ Object

# File 'lib/msf/core/payload/macho.rb', line 10

def entrypoint
  main_func = @macho[:LC_MAIN].first
  main_func.entryoff
end

#flatten ⇒ Object

Return the VM respresentation of a macho file

# File 'lib/msf/core/payload/macho.rb', line 18

def flatten
  raw_data = @macho.serialize
  min = -1
  max = 0
  for segment in @macho.segments
    next if segment.segname == MachO::LoadCommands::SEGMENT_NAMES[:SEG_PAGEZERO]
    if min == -1 or min > segment.vmaddr
      min = segment.vmaddr
    end
    if max < segment.vmaddr + segment.vmsize
      max = segment.vmaddr + segment.vmsize
    end
  end

  output_data = "\x00" * (max - min)
  for segment in @macho.segments
    for section in segment.sections
      flat_addr = section.addr - min
      section_data = raw_data[section.offset, section.size]
      if section_data
        output_data[flat_addr, section_data.size] = section_data
      end
    end
  end

  output_data
end

#raw ⇒ Object

# File 'lib/msf/core/payload/macho.rb', line 56

def raw
  @macho.serialize
end

#to_dylib(name) ⇒ Object

# File 'lib/msf/core/payload/macho.rb', line 46

def to_dylib(name)
  new_lc = MachO::LoadCommands::LoadCommand.create(:LC_ID_DYLIB, "@executable_path/#{name}.dylib", 0, 0, 0)
  @macho.add_command(new_lc)

  raw_data = @macho.serialize
  raw_data[12] = MachO::Headers::MH_DYLIB.chr
  raw_data[36,7] = "__ZERO\x00"
  raw_data
end