forked from vrolife/qiling-il2cpp-dump
-
Notifications
You must be signed in to change notification settings - Fork 0
/
libc.py
43 lines (35 loc) · 1.21 KB
/
libc.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
import io
from elftools.elf.elffile import ELFFile, DynamicSegment
def read_so(info, memory, soname):
so_addr = 0
so_end = 0
so_data = io.BytesIO()
for region in info["regions"]:
file = region["file"]
if so_addr == 0 and not file.endswith(soname):
continue
if so_addr == 0:
so_addr = region['begin']
so_end = region['end']
else:
if region['begin'] != so_end:
break
else:
so_end = region['end']
size = region["end"] - region["begin"]
memory.seek(region["saved_offset"], 0)
mem = memory.read(size)
so_data.write(mem)
del mem
return so_data, so_addr, so_end
def get_funcs(info, memory, soname, names):
data, addr, end = read_so(info, memory, soname)
elf = ELFFile(data)
for seg in elf.iter_segments(): # type: Segment
if isinstance(seg, DynamicSegment):
def get_sym(name):
offset = seg.get_symbol_by_name(name)[0].entry.st_value
if offset == 0:
raise KeyError(f'symbol not found: {name}')
return addr + offset
return list(map(get_sym, names))