Skip to main content

some utils to help analysis macho files,include util to find which module call the symbol and the dependencies between the modules

Project description

MachoAnalysis is a collection of utils written in python2 to help developers analysis Mach-O Binaries.At this time,it can help us to figure out which module call some target functions,and the dependencies between the modules in a binary.

UseAge

To figure out which module call some target functions,you can do this in your python script:

import macho_analysis;

module_array = macho_analysis.utils.findCallingSymbolModule("_NSLog","linkmap_path","disassemblyfile_path")];

The findCallingSymbolModule function take three arguments,which are the name of the symbol(in this case,is the _NSLog),the path to the linkmap file which is generated by xcode, and the path to disassembly code file generated by otool(otool -t -V -arch [arch] [macho_path]) util in xcode app.It returns an array contains the name of all the modules that call the symbol.

To find the dependencies between the modules,you can do this in your python script:

import macho_analysis;

lib_dep_hash = macho_analysis.utils.findDependency(lib_path_array,'armv7');

The findDependency function takes two arguments,the first is an array contains the paths to the libs,and the second is the arch name which will be passed to the nm utils in the xcode.It returns a dictionary,the key is the lib name,and its value is also a dictionary,which map the lib’s undefined symbol to the module that defines it.

Prerequisites

We need xcode to run this tool.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

macho_analysis-0.011.tar.gz (4.6 kB view details)

Uploaded Source

File details

Details for the file macho_analysis-0.011.tar.gz.

File metadata

File hashes

Hashes for macho_analysis-0.011.tar.gz
Algorithm Hash digest
SHA256 8d3f14283a26050bf284678bc142f945b22e174a932b3d4164d752a5816189bb
MD5 1f57b414d2bdd7431a41a416ab41f363
BLAKE2b-256 e6cb2436c77189e7c50ef5bffbaba5740d0b596dec9c3f6895281f274e69495a

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page