-
Notifications
You must be signed in to change notification settings - Fork 512
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
extract import / export symbols from stripped elf binaries #2142
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
great!
Do you have an example binary that we can include as a test case? Otherwise, the logic looks good to me.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
great, thanks!
Co-authored-by: Willi Ballenthin <wballenthin@google.com>
@ygasparis please pull the latest changes from master so we can run final tests and get this merged 🚀 |
* features: add aarch64 arch
…andiant#2132) * relax pyproject dependency versions and introduce requirements.txt closes mandiant#2053 closes mandiant#2079 * pyproject: document dev/build profile dependency policies * changelog * doc: installation: describe requirements.txt usage * pyproject: don't use dnfile 0.15 yet --------- Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
Bumps [pyinstaller](https://github.com/pyinstaller/pyinstaller) from 6.7.0 to 6.8.0. - [Release notes](https://github.com/pyinstaller/pyinstaller/releases) - [Changelog](https://github.com/pyinstaller/pyinstaller/blob/develop/doc/CHANGES.rst) - [Commits](pyinstaller/pyinstaller@v6.7.0...v6.8.0) --- updated-dependencies: - dependency-name: pyinstaller dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…nt#2093) * feat(capa2sarif): add new sarif conversion script converting json output to sarif schema, update dependencies, and update changelog * fix(capa2sarif): removing copy and paste transcription errors * fix(capa2sarif): remove dependencies from pyproject toml to guarded import statements * chore(capa2sarif): adding node in readme specifying dependency and applied auto formatter for styling * style(capa2sarif): applied import sorting and fixed typo in invocations function * test(capa2sarif): adding simple test for capa to sarif conversion script using existing result document * style(capa2sarif): fixing typo in version string in usage * style(capa2sarif): isort failing due to reordering of typehint imports * style(capa2sarif): fixing import order as isort on local machine was not updating code --------- Co-authored-by: ReversingWithMe <ryanv@rewith.me> Co-authored-by: Willi Ballenthin <wballenthin@google.com>
Bumps [setuptools](https://github.com/pypa/setuptools) from 69.5.1 to 70.0.0. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst) - [Commits](pypa/setuptools@v69.5.1...v70.0.0) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* dnfile 0.15.0 changed API * deduplicate str() calls and isort fixes * revert accidental change to imports ordering * add table variable annotation --------- Co-authored-by: Moritz <mr-tz@users.noreply.github.com> Co-authored-by: mr-tz <moritz.raabe@mandiant.com>
Co-authored-by: Willi Ballenthin <wballenthin@google.com>
* elf: read segment memory size * elf: add routine to read mapped memory * elf: better detect OS for binaries compiled by Go * elf: guess OS from Go source filenames * changelog * elf: mypy * merge * elf: add OS detection based on vDSO strings * elf: document VTGrep searches * elf: describe further technique to identify Go binaries * elf: search for `.go.buildinfo` section via @yelhamer * black * elf: detect Alpine Linux ident * elf: log interest symtab entries * tests: add test for OS detection by Go buildinfo * loader: handle missing viv modules * pre-commit: run deptry before tests (which are slow) * loader: describe removing viv symbolic switch solver * pyproject: add PyGithub for deptry * black
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.4.7 to 0.4.8. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@v0.4.7...v0.4.8) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Willi Ballenthin <wballenthin@google.com>
closes #2096
Checklist