LIEF - Library to Instrument Executable Formats.

January 24, 2018
The purpose of this project is to provide a cross platform library which can parse, modify and abstract ELF, PE and MachO formats.
Main features:
  • Parsing: LIEF can parse ELF, PE, MachO and provides an user-friendly API to access to format internals.
  • Modify: LIEF enables to modify some parts of these formats
  • Abstract: Three formats have common features like sections, symbols, entry point... LIEF factors them.
  • API: LIEF can be used in C, C++ and Python

    Downloads / Install

    First:
    pip install setuptools --upgrade
    To install the latest version:
    pip install lief
    To install the latest commit:
    pip install https://github.com/lief-project/packages/raw/                             lief-master-latest/pylief-0.8.3.dev.zip

    Getting started

    Python

    import lief
# ELF
binary = lief.parse("/usr/bin/ls")
print(binary)

# PE
binary = lief.parse("C:\\Windows\\explorer.exe")
print(binary)

# Mach-O
binary = lief.parse("/usr/bin/ls")
print(binary)

    C++

    #include <LIEF/LIEF.hpp>
int main(int argc, const char** argv) {
  LIEF::ELF::Binary*   elf   = LIEF::ELF::Parser::parse("/usr/bin/ls");
  LIEF::PE::Binary*    pe    = LIEF::PE::Parser::parse("C:\\Windows\\explorer.exe");
  LIEF::MachO::Binary* macho = LIEF::MachO::Parser::parse("/usr/bin/ls");

  std::cout << *elf   << std::endl;
  std::cout << *pe    << std::endl;
  std::cout << *macho << std::endl;

  delete elf;
  delete pe;
  delete macho;
}

    C

    #include <LIEF/LIEF.h>
int main(int argc, const char** argv) {

  Elf_Binary_t*    elf_binary     = elf_parse("/usr/bin/ls");
  Pe_Binary_t*     pe_binary      = pe_parse("C:\\Windows\\explorer.exe");
  Macho_Binary_t** macho_binaries = macho_parse("/usr/bin/ls");

  Pe_Section_t**    pe_sections    = pe_binary->sections;
  Elf_Section_t**   elf_sections   = elf_binary->sections;
  Macho_Section_t** macho_sections = macho_binaries[0]->sections;

  for (size_t i = 0; pe_sections[i] != NULL; ++i) {
    printf("%s\n", pe_sections[i]->name)
  }

  for (size_t i = 0; elf_sections[i] != NULL; ++i) {
    printf("%s\n", elf_sections[i]->name)
  }

  for (size_t i = 0; macho_sections[i] != NULL; ++i) {
    printf("%s\n", macho_sections[i]->name)
  }

  elf_binary_destroy(elf_binary);
  pe_binary_destroy(pe_binary);
  macho_binaries_destroy(macho_binaries);
}

Source and download

Post a Comment

No comments

Subscribe to: Post Comments ( Atom )