### Install C Examples Source: https://github.com/nodejs/postject/blob/main/vendor/lief/examples/c/CMakeLists.txt Installs the C example source files and headers to the share directory of the LIEF installation. This makes the example code available alongside the installed library. ```cmake install( DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/ DESTINATION share/LIEF/examples/c COMPONENT examples FILES_MATCHING REGEX "(.*).(hpp|h|c)$") ``` -------------------------------- ### Install Postject CLI Source: https://github.com/nodejs/postject/blob/main/README.markdown Install the postject command-line interface globally using npm. ```sh npm i -g postject ``` -------------------------------- ### Build and Install LIEF with setup.py Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Build and install LIEF using its setup.py script. This method allows for customization via command-line options. ```bash python ./setup.py [--user] install ``` -------------------------------- ### Develop LIEF with Debug and User Install Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/compilation.md Use this command for development to build LIEF with debug symbols and install it using a development link (`.egg-link`) in the user's site-packages directory. This avoids system-wide installation. ```bash $ python ./setup [--ninja] build --debug develop --user ``` -------------------------------- ### Build and Run LIEF Example Source: https://github.com/nodejs/postject/blob/main/vendor/lief/examples/cmake/external_project/README.rst Follow these steps to build the LIEF example project and run the generated executable. This involves creating a build directory, configuring with CMake, compiling, and then executing the LIEF application. ```console $ mkdir build $ cd build $ cmake .. $ make $ HelloLIEF /bin/ls # or explorer.exe or what ever ``` -------------------------------- ### Install LIEF with pip Source: https://github.com/nodejs/postject/blob/main/vendor/lief/package/README.rst Install the latest release of LIEF using pip. Ensure setuptools is up-to-date. ```console pip install setuptools --upgrade ``` ```console pip install lief ``` -------------------------------- ### Install LIEF Nightly Build Source: https://github.com/nodejs/postject/blob/main/vendor/lief/README.md Install the latest nightly build of LIEF. The --user flag can be used for user-specific installation. ```console pip install [--user] --index-url https://lief.s3-website.fr-par.scw.cloud/latest lief==0.13.0.dev0 ``` -------------------------------- ### Install and Use Postject CLI Source: https://context7.com/nodejs/postject/llms.txt The `postject` CLI tool wraps the JavaScript API for command-line usage. Install it globally for easy access. Use the `--overwrite` flag to replace existing resources. ```bash # ── Install globally ────────────────────────────────────────────────────────── npm i -g postject ``` ```bash # ── Basic usage (Linux ELF) ─────────────────────────────────────────────────── postject ./my-node-app NODE_SEA_BLOB ./sea-prep.blob \ --sentinel-fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 # Output: # Start injection of NODE_SEA_BLOB in ./my-node-app... # 💉 Injection done! ``` ```bash # ── macOS Mach-O with a custom segment name ─────────────────────────────────── postject ./my-node-app NODE_SEA_BLOB ./sea-prep.blob \ --macho-segment-name __NODE \ --sentinel-fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 ``` ```bash # ── Overwrite an already-injected resource ──────────────────────────────────── postject ./my-node-app NODE_SEA_BLOB ./sea-prep-v2.blob \ --overwrite \ --sentinel-fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 ``` ```bash # ── Print the runtime C header to stdout (then pipe into your project) ──────── postject --output-api-header > postject-api.h ``` ```bash # ── Full help ───────────────────────────────────────────────────────────────── postject -h # Usage: postject [options] # # Arguments: # filename The executable to inject into # resource_name The resource name to use # resource The resource to inject # # Options: # --macho-segment-name Name for the Mach-O segment (default: "__POSTJECT") # --sentinel-fuse Sentinel fuse string (default: POSTJECT_SENTINEL_...) # --output-api-header Output the API header to stdout # --overwrite Overwrite the resource if it already exists ``` -------------------------------- ### Find LIEF using CMake find_package() Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Example CMake code demonstrating how to find and use the LIEF library with the `find_package()` command. Specify `LIEF_DIR` if LIEF is not installed in a default system location. ```cmake # Use LIEF with 'find_package()' # ============================== # Find LIEF. If LIEF was not installed into a default system directory then # specify the following option during CMake configuration: # -DLIEF_DIR=/share/LIEF/cmake find_package(LIEF REQUIRED COMPONENTS STATIC) # COMPONENTS: - Default: STATIC ``` -------------------------------- ### Upgrade setuptools Source: https://github.com/nodejs/postject/blob/main/vendor/lief/README.md Ensure you have an updated version of setuptools before installing LIEF. ```console pip install setuptools --upgrade ``` -------------------------------- ### Build C Example Executables Source: https://github.com/nodejs/postject/blob/main/vendor/lief/examples/c/CMakeLists.txt Iterates through the collected C example source files and creates an executable target for each. It configures include directories, compile options (including platform-specific ones for MSVC and GCC/Clang), C standard, and links against the LIEF library. ```cmake if (LIEF_C_API) foreach(example ${LIEF_C_EXAMPLES}) string(REGEX REPLACE ".c$" "" output_target "c_${example}") string(REGEX REPLACE ".c$" "" output_name "${example}") add_executable("${output_target}" "${example}") target_include_directories(${output_target} PUBLIC $) if (MSVC) set_property(TARGET "${output_target}" PROPERTY LINK_FLAGS /NODEFAULTLIB:MSVCRT) target_compile_options("${output_target}" PUBLIC ${LIEF_CRT}) endif() set(LIEF_EXAMPLES_C_FLAGS) CHECK_C_COMPILER_FLAG("-ansi" HAS_ANSI) if (HAS_ANSI) set(LIEF_EXAMPLES_C_FLAGS ${LIEF_EXAMPLES_C_FLAGS} -ansi) endif() set_property(TARGET "${output_target}" PROPERTY C_STANDARD 99) set_property(TARGET "${output_target}" PROPERTY C_STANDARD_REQUIRED ON) target_compile_options("${output_target}" PRIVATE ${LIEF_EXAMPLES_C_FLAGS}) if(CMAKE_COMPILER_IS_GNUCXX OR CMAKE_CXX_COMPILER_ID MATCHES "Clang") if (UNIX) if (LIEF_FORCE32) target_compile_options("${output_target}" PRIVATE -m32) set_property(TARGET "${output_target}" PROPERTY LINK_FLAGS -m32) endif() endif() endif() set_target_properties("${output_target}" PROPERTIES OUTPUT_NAME "${output_name}") target_link_libraries ("${output_target}" LIB_LIEF) endforeach() endif() ``` -------------------------------- ### dex2oat Command Example Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/10_android_formats.md This command demonstrates the transformation of DEX files into OAT format. ```bash /system/bin/dex2oat --compiler-filter=speed ``` -------------------------------- ### Install LIEF using pip Source: https://github.com/nodejs/postject/blob/main/vendor/lief/README.md Install the latest stable release of the LIEF library using pip. ```console pip install lief ``` -------------------------------- ### Install and Push Files with ADB Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/09_frida_lief.md Commands to install the modified APK and push the Frida script to the device. Ensure the script has execute permissions. ```bash $ adb shell install new.apk $ adb push myscript.js /data/local/tmp $ adb shell chmod 777 /data/local/tmp/myscript.js ``` -------------------------------- ### PE Load Configuration JSON Structure Example Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/changelog.md This is an example of the JSON structure representing a PE file's Load Configuration Table, as generated by `lief.to_json`. It includes various fields related to security and configuration. ```javascript { 'characteristics': 248, 'code_integrity': { 'catalog': 0, 'catalog_offset': 0, 'flags': 0, 'reserved': 0 }, 'critical_section_default_timeout': 0, 'csd_version': 0, 'editlist': 0, ... 'guard_cf_check_function_pointer': 5368782848, 'guard_cf_dispatch_function_pointer': 5368782864, 'guard_cf_function_count': 15, 'guard_cf_function_table': 5368778752, 'guard_flags': 66816, 'guard_long_jump_target_count': 0, 'guard_long_jump_target_table': 0, 'guard_rf_failure_routine': 5368713280, 'guard_rf_failure_routine_function_pointer': 5368782880, ... } ``` -------------------------------- ### Install Vendorpull Source: https://github.com/nodejs/postject/blob/main/vendor/vendorpull/README.md Run this command in the root of your repository to install vendorpull. It will be placed in the 'vendor/vendorpull' directory and configured to manage itself. ```sh /bin/sh -c "$(curl -fsSL https://raw.githubusercontent.com/jviotti/vendorpull/master/bootstrap -H 'Cache-Control: no-cache, no-store, must-revalidate')" ``` -------------------------------- ### Compile LIEF with Python Bindings Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/compilation.md Build LIEF including Python bindings using the `setup.py` script. Options like `--ninja` can speed up compilation, and `--user` installs to the user's site-packages directory. ```bash $ git clone https://github.com/lief-project/LIEF.git $ cd LIEF $ python ./setup.py [--ninja] build install [--user] ``` -------------------------------- ### Build and Run LIEF Example (CMake) Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Commands to compile a project linked with LIEF using CMake and then run the compiled executable with an argument. ```console $ mkdir build $ cd build $ cmake -DLIEF_DIR=/share/LIEF/cmake .. $ make $ HelloLIEF /bin/ls # or explorer.exe or whatever ``` -------------------------------- ### OAT Dynamic Symbols Example (Text) Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/10_android_formats.md This output shows example dynamic symbols found within an OAT file, indicating different data sections like 'oatdata' and 'oatexec'. ```text oatdata OBJECT GLOBAL 1000 1262000 oatexec OBJECT GLOBAL 1263000 10d4060 oatlastword OBJECT GLOBAL 233705c 4 oatbss OBJECT GLOBAL 2338000 f5050 oatbsslastword OBJECT GLOBAL 242d04c 4 ``` -------------------------------- ### Parse and Print PE Binary with LIEF C++ Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Example C++ code demonstrating how to parse a PE binary (e.g., explorer.exe) and print its details using the LIEF library. ```cpp #include "stdafx.h" #include int main() { std::unique_ptr pe_binary = LIEF::PE::Parser::parse("C:\\Windows\\explorer.exe"); std::cout << *pe_binary << std::endl; return 0; } ``` -------------------------------- ### Integrate LIEF into Project (FetchContent) Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Example of how to add LIEF as an executable target and link it within your project after using FetchContent. ```cmake # Add our executable # ================== add_executable(HelloLIEF main.cpp) if(MSVC) set_property(TARGET HelloLIEF PROPERTY LINK_FLAGS /NODEFAULTLIB:MSVCRT) endif() # Enable C++11 set_property(TARGET HelloLIEF PROPERTY CXX_STANDARD 11 PROPERTY CXX_STANDARD_REQUIRED ON) # Link the executable with LIEF target_link_libraries(HelloLIEF PUBLIC LIEF::LIEF) ``` -------------------------------- ### Example Crackme Binary Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/05_elf_infect_plt_got.md A basic C program used as an example crackme that performs a XOR operation on a flag. It checks user input against a hardcoded password. ```c #include #include #include // Damn_YoU_Got_The_Flag char password[] = "\x18\x3d\x31\x32\x03\x05\x33\x09\x03\x1b\x33\x28\x03\x08\x34\x39\x03\x1a\x30\x3d\x3b"; inline int check(char* input); int check(char* input) { for (int i = 0; i < sizeof(password) - 1; ++i) { password[i] ^= 0x5c; } return memcmp(password, input, sizeof(password) - 1); } int main(int argc, char **argv) { if (argc != 2) { printf("Usage: %s \n", argv[0]); return EXIT_FAILURE; } if (strlen(argv[1]) == (sizeof(password) - 1) && check(argv[1]) == 0) { puts("You got it !!"); return EXIT_SUCCESS; } puts("Wrong"); return EXIT_FAILURE; } ``` -------------------------------- ### Swap Icons Between PE Files Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/07_pe_resource.md This example demonstrates how to parse two PE files, access their respective resource managers and icon lists, and then swap the icons between them. This is useful for customizing application appearances. ```python mfc = lief.parse("mfc.exe") cmd = lief.parse("cmd.exe") mfc_rsrc_manager = mfc.resources_manager cmd_rsrc_manager = cmd.resources_manager mfc_icons = mfc_rsrc_manager.icons cmd_icons = cmd_rsrc_manager.icons for i in range(min(len(mfc_icons), len(cmd_icons))): mfc_rsrc_manager.change_icon(mfc_icons[i], cmd_icons[i]) ``` -------------------------------- ### Configure LIEF Compilation with spdlog Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/changelog.md Specify the installation directory for spdlog during LIEF's compilation to potentially improve build times. This can be done via setup.py or CMake. ```console $ python ./setup.py --spdlog-dir=path/to/lib/cmake/spdlog [...] ``` ```console $ cmake -DLIEF_EXTERNAL_SPDLOG=ON -Dspdlog_DIR=path/to/lib/cmake/spdlog ... ``` -------------------------------- ### Read ELF Binary Information (ls) Source: https://github.com/nodejs/postject/blob/main/vendor/lief/tests/elf/CMakeLists.txt This example uses the `elf_reader.py` script to display all information about an ELF binary. It's useful for inspecting the contents of an ELF file. ```cmake add_test(EXAMPLE_PYTHON_elf_reader_ls ${CMAKE_COMMAND} -E env "PYTHONPATH=${PYTHONENV}" ${PYTHON_EXECUTABLE} ${LIEF_EXAMPLES_DIRECTORY}/python/elf_reader.py --all ${LIEF_SAMPLES_DIRECTORY}/ELF/ELF32_x86_binary_ls.bin) ``` ```cmake add_test(EXAMPLE_PYTHON_elf_reader_arm ${CMAKE_COMMAND} -E env "PYTHONPATH=${PYTHONENV}" ${PYTHON_EXECUTABLE} ${LIEF_EXAMPLES_DIRECTORY}/python/elf_reader.py --all ${LIEF_SAMPLES_DIRECTORY}/ELF/ELF32_ARM_binary_ls.bin) ``` -------------------------------- ### Install LIEF Python Wheel Package (Older Versions) Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Installs a specific LIEF Python wheel package, typically for older versions or specific Python versions. ```bash pip install pylief-VERSION.zip ``` ```bash pip install lief-XX.YY.ZZ_py35.tar.gz ``` -------------------------------- ### Add Python MachO Reader Example Test (libc) Source: https://github.com/nodejs/postject/blob/main/vendor/lief/tests/macho/CMakeLists.txt Adds a CMake test for the Python MachO reader example, targeting the 'libc' dylib. It configures the environment and runs the reader script with the specified dylib. ```cmake add_test(EXAMPLE_PYTHON_macho_reader_libc ${CMAKE_COMMAND} -E env "PYTHONPATH=${PYTHONENV}" ${PYTHON_EXECUTABLE} ${LIEF_EXAMPLES_DIRECTORY}/python/macho_reader.py --all ${LIEF_SAMPLES_DIRECTORY}/MachO/FAT_MachO_x86_x86-64_library_libc.dylib) ``` -------------------------------- ### Parse Executable Formats in Python Source: https://github.com/nodejs/postject/blob/main/vendor/lief/README.md Demonstrates parsing ELF, PE, and Mach-O binaries using the LIEF Python API. Requires the 'lief' package to be installed. ```python import lief # ELF binary = lief.parse("/usr/bin/ls") print(binary) # PE binary = lief.parse("C:\\Windows\\explorer.exe") print(binary) # Mach-O binary = lief.parse("/usr/bin/ls") print(binary) ``` -------------------------------- ### Compile LIEF with CMake Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Steps to build LIEF from source using CMake, including setting the LIEF installation directory and compiling the project. ```cmake add_executable(HelloLIEF main.cpp) if(MSVC) set_property(TARGET HelloLIEF PROPERTY LINK_FLAGS /NODEFAULTLIB:MSVCRT) endif() # Enable C++11 set_property(TARGET HelloLIEF PROPERTY CXX_STANDARD 11 PROPERTY CXX_STANDARD_REQUIRED ON) # Link the executable with LIEF target_link_libraries(HelloLIEF PRIVATE LIEF::LIEF) ``` -------------------------------- ### Unstrip ELF Binary Source: https://github.com/nodejs/postject/blob/main/vendor/lief/tests/elf/CMakeLists.txt This example utilizes the `elf_unstrip.py` script to add symbol information back to a stripped ELF binary. This is helpful for debugging or analysis of binaries that have had their symbols removed. ```cmake add_test(EXAMPLE_PYTHON_elf_unstrip ${CMAKE_COMMAND} -E env "PYTHONPATH=${PYTHONENV}" ${PYTHON_EXECUTABLE} ${LIEF_EXAMPLES_DIRECTORY}/python/elf_unstrip.py ${LIEF_SAMPLES_DIRECTORY}/ELF/ELF64_x86-64_binary_ls.bin ${CMAKE_CURRENT_BINARY_DIR}/ls_unstriped) ``` -------------------------------- ### Convert ELF to JSON Source: https://github.com/nodejs/postject/blob/main/vendor/lief/tests/elf/CMakeLists.txt This example shows how to convert an ELF binary into a JSON representation using the `elf_json.py` script. This is useful for programmatic analysis and inspection of ELF file structures. ```cmake add_test(EXAMPLE_PYTHON_elf_json ${CMAKE_COMMAND} -E env "PYTHONPATH=${PYTHONENV}" ${PYTHON_EXECUTABLE} ${LIEF_EXAMPLES_DIRECTORY}/python/elf_json.py ${LIEF_SAMPLES_DIRECTORY}/ELF/ELF64_x86-64_binary_ls.bin) ``` -------------------------------- ### Build Postject WASM core and bundle dist/ using npm scripts Source: https://context7.com/nodejs/postject/llms.txt This script uses Emscripten (emcmake) to compile the C++ LIEF-based injection engine to WebAssembly and esbuild to bundle the result with api.js into a self-contained dist/api.js. Ensure Node.js >= 14 and prerequisites like CMake, Ninja, and emsdk are installed. ```sh # Prerequisites: CMake, Ninja, emsdk (emcmake on PATH), Node.js ≥ 14 # Install JS dev dependencies npm install # Compile C++ → WASM, bundle JS, compile test binaries npm run build # Equivalent manual steps: # emcmake cmake -G Ninja .. # cmake --build . -j$(nproc) # esbuild api.js --bundle --platform=node --outfile=../dist/api.js # Artifacts produced: # dist/api.js – bundled Node.js library (WASM inlined) # dist/cli.js – CLI entry point # dist/postject-api.h – C runtime header # Run the test suite (requires a successful build first) npm test ``` -------------------------------- ### Compile LIEF with External Dependencies Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/compilation.md Example CMake configuration to compile LIEF while using external versions of its dependencies. This involves setting specific CMake options and providing the installation directories for the external libraries. ```console $ cmake .. -GNinja \ -DLIEF_OPT_NLOHMANN_JSON_EXTERNAL=ON \ -Dnlohmann_json_DIR=/lief-third-party/json/install/lib/cmake/nlohmann_json \ -DLIEF_OPT_MBEDTLS_EXTERNAL=on \ -DMbedTLS_DIR=/lief-third-party/mbedtls/install/cmake \ -DLIEF_OPT_EXTERNAL_LEAF=on \ -DLIEF_EXTERNAL_LEAF_DIR=/lief-third-party/leaf/include/cmake ``` -------------------------------- ### LIEF setup.py Build Options Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Lists available options for customizing the LIEF build process when using `setup.py`. ```bash python ./setup.py --help ... --lief-test Build and make tests --ninja Use Ninja as build system --sdk Build SDK package --lief-no-json Disable JSON module --lief-no-logging Disable logging module --lief-no-elf Disable ELF module --lief-no-pe Disable PE module --lief-no-macho Disable Mach-O module --lief-no-android Disable Android formats --lief-no-art Disable ART module --lief-no-vdex Disable VDEX module --lief-no-oat Disable OAT module --lief-no-dex Disable DEX module ``` -------------------------------- ### Configure LIEF CMake Arguments Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Defines CMake arguments for building LIEF, including installation prefix, build type, and disabling optional components like documentation, Python API, examples, and tests. Conditional arguments for MSVC are also included. ```cmake set(LIEF_CMAKE_ARGS -DCMAKE_INSTALL_PREFIX= -DCMAKE_BUILD_TYPE=RelWithDebInfo -DLIEF_DOC=OFF -DLIEF_PYTHON_API=OFF -DLIEF_EXAMPLES=OFF -DLIEF_TESTS=OFF ) if(MSVC) list(APPEND ${LIEF_CMAKE_ARGS} -DLIEF_USE_CRT_RELEASE=MT) endif() ``` -------------------------------- ### Postject CLI Help Source: https://github.com/nodejs/postject/blob/main/README.markdown Display help information for the postject command-line utility, outlining its usage and options for injecting resources into executables. ```sh $ postject -h Usage: postject [options] Inject arbitrary read-only resources into an executable for use at runtime Arguments: filename The executable to inject into resource_name The resource name to use (section name on Mach-O and ELF, resource name for PE) resource The resource to inject Options: --macho-segment-name Name for the Mach-O segment (default: "__POSTJECT") --output-api-header Output the API header to stdout --overwrite Overwrite the resource if it already exists -h, --help display help for command ``` -------------------------------- ### Install LIEF Nightly Python Package Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Use this command to install the latest development version of the LIEF Python package. The `--no-cache-dir` flag may be necessary if you have a previous nightly version installed. ```bash pip install [--user] --index-url https://lief-project.github.io/packages lief ``` -------------------------------- ### Get Android Version String Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/10_android_formats.md Get the version string for a given Android version enum. ```APIDOC ## Get Android Version String ### Description Get the version string for a given Android version enum. ### Method `lief.Android.version_string(android_version: lief.Android.ANDROID_VERSIONS) -> str` ### Parameters * **android_version** (lief.Android.ANDROID_VERSIONS) - Required - The Android version enum. ### Response * **str** - The version string of the Android version (e.g., '8.0.0'). ### Example ```python import lief version_str = lief.Android.version_string(lief.Android.ANDROID_VERSIONS.VERSION_800) print(version_str) # Output: '8.0.0' ``` ``` -------------------------------- ### Get Android Code Name Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/10_android_formats.md Get the code name for a given Android version enum. ```APIDOC ## Get Android Code Name ### Description Get the code name for a given Android version enum. ### Method `lief.Android.code_name(android_version: lief.Android.ANDROID_VERSIONS) -> str` ### Parameters * **android_version** (lief.Android.ANDROID_VERSIONS) - Required - The Android version enum. ### Response * **str** - The code name of the Android version (e.g., 'Oreo'). ### Example ```python import lief code_name = lief.Android.code_name(lief.Android.ANDROID_VERSIONS.VERSION_800) print(code_name) # Output: 'Oreo' ``` ``` -------------------------------- ### Define LIEF C Example Targets Source: https://github.com/nodejs/postject/blob/main/vendor/lief/examples/c/CMakeLists.txt This section defines CMake variables to list the C example source files for different LIEF formats (ELF, PE, MachO). It then conditionally adds these examples to a combined list based on which LIEF modules are enabled. ```cmake set(LIEF_ELF_C_EXAMPLES elf_reader.c) set(LIEF_PE_C_EXAMPLES pe_reader.c) set(LIEF_MACHO_C_EXAMPLES macho_reader.c) set(LIEF_C_EXAMPLES) if (LIEF_ELF) set(LIEF_C_EXAMPLES "${LIEF_C_EXAMPLES}" "${LIEF_ELF_C_EXAMPLES}") endif() if (LIEF_PE) set(LIEF_C_EXAMPLES "${LIEF_C_EXAMPLES}" "${LIEF_PE_C_EXAMPLES}") endif() if (LIEF_MACHO) set(LIEF_C_EXAMPLES "${LIEF_C_EXAMPLES}" "${LIEF_MACHO_C_EXAMPLES}") endif() ``` -------------------------------- ### Build Postject Source: https://github.com/nodejs/postject/blob/main/README.markdown Execute the build command to compile postject. The final output, including the main entry point 'main.js', will be located in the 'dist/' directory. ```sh $ npm run build ``` -------------------------------- ### Build and Write PE Executable Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/02_pe_from_scratch.md Uses the LIEF Builder to construct the PE executable. It's configured to rebuild the import table, and then the resulting binary is written to a file named 'pe_from_scratch.exe'. ```python builder = lief.PE.Builder(binary32) builder.build_imports(True) builder.build() builder.write("pe_from_scratch.exe") ``` -------------------------------- ### Sample Application Code Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/04_elf_hooking.md This C code is a sample application that uses the 'exp' function from the math library. It takes an integer argument and prints the result of exp(a). ```c #include #include #include int main(int argc, char **argv) { if (argc != 2) { printf("Usage: %s \n", argv[0]); exit(-1); } int a = atoi(argv[1]); printf("exp(%d) = %f\n", a, exp(a)); return 0; } ``` -------------------------------- ### Test Postject Source: https://github.com/nodejs/postject/blob/main/README.markdown Run the test suite for postject using the npm test command. ```sh $ npm test ``` -------------------------------- ### Pull All Dependencies Source: https://github.com/nodejs/postject/blob/main/vendor/vendorpull/README.md Execute this command from your project's root to download and vendor all dependencies listed in the DEPENDENCIES file. ```sh ./vendor/vendorpull/pull ``` -------------------------------- ### Load Binary and Library with LIEF Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/03_elf_change_symbols.md Initializes LIEF by parsing the target binary ('hashme') and the shared library ('libm.so.6') that contains the functions to be manipulated. ```python #!/usr/bin/env python3 import lief hashme = lief.parse("hashme") libm = lief.parse("/usr/lib/libm.so.6") ``` -------------------------------- ### Add Python MachO Reader Example Test (ls) Source: https://github.com/nodejs/postject/blob/main/vendor/lief/tests/macho/CMakeLists.txt Adds a CMake test for the Python MachO reader example, specifically for the 'ls' binary. It sets the PYTHONPATH and executes the reader script with the target binary. ```cmake add_test(EXAMPLE_PYTHON_macho_reader_ls ${CMAKE_COMMAND} -E env "PYTHONPATH=${PYTHONENV}" ${PYTHON_EXECUTABLE} ${LIEF_EXAMPLES_DIRECTORY}/python/macho_reader.py --all ${LIEF_SAMPLES_DIRECTORY}/MachO/MachO64_x86-64_binary_ls.bin) ``` -------------------------------- ### Integrate LIEF using FetchContent (CMake >= 3.11) Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Demonstrates using CMake's FetchContent module to download and integrate LIEF into your project, with specific handling for older CMake versions. ```cmake cmake_minimum_required(VERSION 3.11) # URL of the LIEF repo (Can be your fork) set(LIEF_GIT_URL "https://github.com/lief-project/LIEF.git") # LIEF's version to be used (can be 'master') set(LIEF_VERSION 0.12.0) include(FetchContent) FetchContent_Declare(LIEF GIT_REPOSITORY "${LIEF_GIT_URL}" GIT_TAG ${LIEF_VERSION} # You may specify an existing LIEF source directory if you don't want to # download. Just comment out the above ``GIT_*`` commands and uncoment the # following ``SOURCE_DIR`` line #SOURCE_DIR "${CMAKE_CURRENT_LIST_DIR}/../../.." ) if(${CMAKE_VERSION} VERSION_LESS "3.14.0") # CMake 3.11 to 3.13 needs more verbose method to make LIEF available FetchContent_GetProperties(LIEF) if(NOT LIEF_POPULATED) FetchContent_Populate(LIEF) add_subdirectory(${LIEF_SOURCE_DIR} ${LIEF_BINARY_DIR}) endif() else() # CMake 3.14+ has single function to make LIEF available (recommended) FetchContent_MakeAvailable(LIEF) endif() ``` -------------------------------- ### Build and Run LIEF CMake Project Source: https://github.com/nodejs/postject/blob/main/vendor/lief/examples/cmake/add_subdirectory/README.rst Follow these steps to build the LIEF CMake project and run the generated executable. This involves creating a build directory, configuring with CMake, compiling, and then executing the tool. ```console $ mkdir build $ cd build $ cmake .. $ make $ HelloLIEF /bin/ls # or explorer.exe or whatever ``` -------------------------------- ### Get OAT Version Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/10_android_formats.md Retrieve the OAT version from an ODEX file, which corresponds to the Android version it targets. ```APIDOC ## Get OAT Version ### Description Retrieve the OAT version from an ODEX file. ### Method `lief.OAT.version(filepath: str) -> int` ### Parameters * **filepath** (str) - Required - Path to the ODEX file. ### Response * **int** - The OAT version (e.g., 64 for Android 6.0). ### Example ```python import lief # From Android 6 version_6 = lief.OAT.version("classes.odex") print(version_6) # Output: 64 # From Android 7 version_7 = lief.OAT.version("classes.odex") print(version_7) # Output: 88 ``` ``` -------------------------------- ### Get Android Version from OAT Version Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/10_android_formats.md Convert an OAT version number to its corresponding Android version enum. ```APIDOC ## Get Android Version from OAT Version ### Description Convert an OAT version number to its corresponding Android version enum. ### Method `lief.OAT.android_version(oat_version: int) -> lief.Android.ANDROID_VERSIONS` ### Parameters * **oat_version** (int) - Required - The OAT version number. ### Response * **lief.Android.ANDROID_VERSIONS** - The Android version enum (e.g., `ANDROID_VERSIONS.VERSION_601`). ### Example ```python import lief android_version_800 = lief.OAT.android_version(124) print(android_version_800) # Output: lief.Android.ANDROID_VERSIONS.VERSION_800 ``` ``` -------------------------------- ### Configure Visual Studio for LIEF Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Configuration steps for Visual Studio to use the LIEF SDK, including setting the build type, include directories, library paths, and handling C++ keywords. ```text First the build type must be set to `Release`: ![image](_static/windows_sdk/s1.png) Then we need to specify the location of the LIEF include directory: ![image](_static/windows_sdk/s2.png) and the location of the `LIEF.lib` library: ![image](_static/windows_sdk/s5.png) As `LIEF.lib` was compiled with the `\MT` flag we have to set it: ![image](_static/windows_sdk/s3.png) LIEF makes use of `and, or, not` C++ keywords. As **MSVC** doesn’t support these keywords by default, we need to add the special file `iso646.h`: ![image](_static/windows_sdk/s4.png) ``` -------------------------------- ### Integrate LIEF using add_subdirectory Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/installation.md Example of how to add LIEF as a submodule to your project using CMake's add_subdirectory command. ```cmake # If you have LIEF as a submodule in a directory, then you can add it to this # project with ``add_subdirectory`` # NOTE: This submodule does not exist for this example, but it does the same # thing as FetchContent without the download part set(vendorLIEF_submodule_dir "${CMAKE_CURRENT_LIST_DIR}/LIEF") if(EXISTS "${vendorLIEF_submodule_dir}") add_subdirectory("${vendorLIEF_submodule_dir}") ``` -------------------------------- ### Get OAT Version with LIEF Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/10_android_formats.md Retrieve the OAT version from an ODEX file. This is useful for determining the Android version compatibility. ```python import lief lief.OAT.version("classes.odex") # From Android 6 64 lief.OAT.version("classes.odex") # From Android 7 88 ``` -------------------------------- ### Configuring LIEF Logger in Python Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/changelog.md Provides examples of how to configure the LIEF logger in Python. You can disable, enable, or set the logging level. ```python from lief import Logger Logger.disable() Logger.enable() Logger.set_level(lief.LOGGING_LEVEL.INFO) ``` -------------------------------- ### postject_options_init(options) Source: https://context7.com/nodejs/postject/llms.txt Initializes a `postject_options` struct to safe defaults by setting all pointer fields to NULL. This function should always be called before setting individual fields in the struct to prevent the use of uninitialized memory. ```APIDOC ## postject_options_init(options) ### Description Initializes an options struct to safe defaults. ### Parameters - **options** (struct postject_options*) - A pointer to the `postject_options` struct to initialize. ### Usage ```c #include "postject-api.h" struct postject_options opts; postject_options_init(&opts); // all fields → NULL // Now selectively set only what you need opts.macho_segment_name = "__MYAPP"; // opts.elf_section_name, opts.macho_section_name, etc. remain NULL (use defaults) size_t size = 0; const void* blob = postject_find_resource("config.json", &size, &opts); ``` ``` -------------------------------- ### Get Android Version from OAT Version Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/10_android_formats.md Convert an OAT version number to its corresponding Android version enum and then to a human-readable string. ```python lief.OAT.android_version(64) ANDROID_VERSIONS.VERSION_601 lief.OAT.android_version(124) ANDROID_VERSIONS.VERSION_800 lief.Android.code_name(lief.Android.ANDROID_VERSIONS.VERSION_800) 'Oreo' lief.Android.version_string(lief.Android.ANDROID_VERSIONS.VERSION_800) "8.0.0" ``` -------------------------------- ### Fetch LIEF using FetchContent (CMake 3.11+) Source: https://github.com/nodejs/postject/blob/main/vendor/lief/examples/cmake/add_subdirectory/CMakeLists.txt Downloads and integrates LIEF using CMake's FetchContent module. This is an alternative to using a local submodule, suitable for CMake versions 3.11 and later. ```cmake cmake_minimum_required(VERSION 3.11) # URL of the LIEF repo (Can be your fork) set(LIEF_GIT_URL "https://github.com/lief-project/LIEF.git") # LIEF's version to be used (can be 'master') set(LIEF_VERSION 0.12.0) include(FetchContent) FetchContent_Declare(LIEF GIT_REPOSITORY "${LIEF_GIT_URL}" GIT_TAG ${LIEF_VERSION} # You may specify an existing LIEF source directory if you don't want to # download. Just comment out the above ``GIT_*`` commands and uncoment the # following ``SOURCE_DIR`` line #SOURCE_DIR "${CMAKE_CURRENT_LIST_DIR}/../../.." ) ``` -------------------------------- ### Testing the Patched Library Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/04_elf_hooking.md These console commands demonstrate how to test the effect of the hook. The first command runs the application without the hook, showing the standard 'exp' result. The second command, after setting LD_LIBRARY_PATH to the current directory, runs the application again, demonstrating the hooked 'exp' function's output. ```bash $ ./do_math.bin 1 exp(1) = 2.718282 LD_LIBRARY_PATH=. ./do_math.bin 1 exp(1) = 2.000000 ``` -------------------------------- ### Create a PE Binary Object Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/02_pe_from_scratch.md Initializes a new PE binary object. Specify the binary name and its type (PE32 or PE32_PLUS). The constructor automatically sets up essential PE structures like DosHeader, Header, OptionalHeader, and an empty DataDirectory. ```python from lief import PE binary32 = PE.Binary("pe_from_scratch", PE.PE_TYPE.PE32) ``` -------------------------------- ### Iterate DEX Classes Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/10_android_formats.md Iterate through the classes within a DEX file using the `classes` attribute. This example prints classes that have an associated source filename. ```python for cls in dex.classes: if cls.source_filename: print(cls) ``` -------------------------------- ### Get PE Resource Section Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/07_pe_resource.md Retrieves the section containing the PE resource table. This is useful for understanding where resource data is stored within the binary. ```python binary = lief.parse("C:\\Windows\\explorer.exe") if binary.has_resources: rsrc_directory = binary.data_directory(lief.PE.DATA_DIRECTORY.RESOURCE_TABLE) if rsrc_directory.has_section: print(rsrc_directory.section) ``` -------------------------------- ### Compile and Run Crackme Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/08_elf_bin2lib.md Compile the C code into an ELF executable and test its functionality with different inputs. Note the use of `-fvisibility=hidden` to prevent automatic function exports. ```console $ gcc crackme101.c -O0 -fPIE -pie -Wl,-strip-all,--hash-style=sysv -o crackme101.bin -fvisibility=hidden $ ./crackme101.bin foo Wrong! $ ./crackme101.bin easy Well done! ``` -------------------------------- ### Obfuscate ELF Symbols Source: https://github.com/nodejs/postject/blob/main/vendor/lief/tests/elf/CMakeLists.txt This example uses the `elf_symbol_obfuscation.py` script to obfuscate the symbols within an ELF binary. This can be useful for making binaries harder to reverse engineer. ```cmake add_test(EXAMPLE_PYTHON_elf_symbol_obfuscation ${CMAKE_COMMAND} -E env "PYTHONPATH=${PYTHONENV}" ${PYTHON_EXECUTABLE} ${LIEF_EXAMPLES_DIRECTORY}/python/elf_symbol_obfuscation.py ${LIEF_SAMPLES_DIRECTORY}/ELF/ELF32_x86_binary_ls.bin ${CMAKE_CURRENT_BINARY_DIR}/ls_symbol_obfuscated) ``` -------------------------------- ### Parse PE Binary with LIEF Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/01_play_with_formats.md Similar to ELF, use `lief.parse()` or `lief.PE.parse()` to create a `PE.Binary` object from a Windows executable file path. ```python import lief binary = lief.parse("C:\\Windows\\explorer.exe") ``` -------------------------------- ### Initialize postject_options struct with safe defaults Source: https://context7.com/nodejs/postject/llms.txt Always call postject_options_init() before setting individual fields in a postject_options struct to ensure no uninitialized memory is used. This function sets all pointer fields to NULL. ```c #include "postject-api.h" struct postject_options opts; postject_options_init(&opts); // all fields → NULL // Now selectively set only what you need opts.macho_segment_name = "__MYAPP"; // opts.elf_section_name, opts.macho_section_name, etc. remain NULL (use defaults) size_t size = 0; const void* blob = postject_find_resource("config.json", &size, &opts); ``` -------------------------------- ### Get PE Imphash with LIEF Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/changelog.md Compares the PE Imphash generated by LIEF with the one generated by pefile and Virus Total. Useful for binary analysis and threat intelligence. ```python pe = lief.parse("example.exe") vt_imphash = lief.PE.get_imphash(pe, lief.PE.IMPHASH_MODE.PEFILE) lief_imphash = lief.PE.get_imphash(pe, lief.PE.IMPHASH_MODE.DEFAULT) ``` -------------------------------- ### Parse Binaries with LIEF in C Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/getting_started.md Demonstrates parsing ELF, PE, and Mach-O binaries using C functions like `elf_parse`, `pe_parse`, and `macho_parse`. Includes iterating through sections and memory management. ```c #include int main(int argc, const char** argv) { Elf_Binary_t* elf_binary = elf_parse("/usr/bin/ls"); Pe_Binary_t* pe_binary = pe_parse("C:\\Windows\\explorer.exe"); Macho_Binary_t** macho_binaries = macho_parse("/usr/bin/ls"); Pe_Section_t** pe_sections = pe_binary->sections; Elf_Section_t** elf_sections = elf_binary->sections; Macho_Section_t** macho_sections = macho_binaries[0]->sections; for (size_t i = 0; pe_sections[i] != NULL; ++i) { printf("%s\n", pe_sections[i]->name) } for (size_t i = 0; elf_sections[i] != NULL; ++i) { printf("%s\n", elf_sections[i]->name) } for (size_t i = 0; macho_sections[i] != NULL; ++i) { printf("%s\n", macho_sections[i]->name) } elf_binary_destroy(elf_binary); pe_binary_destroy(pe_binary); macho_binaries_destroy(macho_binaries); } ``` -------------------------------- ### Get DEX File Type from OAT/VDEX Source: https://github.com/nodejs/postject/blob/main/vendor/lief/doc/sphinx/tutorials/10_android_formats.md Demonstrates how to obtain the `lief.DEX.File` type when parsing OAT or VDEX files. This confirms the successful extraction of DEX file objects. ```python >>> oat = lief.parse("SecSettings2.odex") >>> type(oat.dex_files[0]) _pylief.DEX.File >>> vdex = lief.VDEX.parse("SecSettings2.odex") >>> type(vdex.dex_files[0]) _pylief.DEX.File ```