Kapalı

Functions to operate in Mach-O files (x86-64)

Hi,

I need some functions that operates on Mach-O files (x86/x64). I don’t know much about the Mach-O file format, but hopefully the following functionality can be implemented (I have this functionality for PE files):

Function 1: AppendToLastSection

This function will receive a filename, and a pointer to a buffer and its size that will be appended to the last section of the given Mach-O filename.

Function 2: GetRVAtoAppendToLastSection

This function returns the RVA of the last memory address (+1) in the last section. So, we can know at which RVA will start our buffer that will be appended to the last section

Function 3: GetRAWtoAppendToLastSection

This function returns the RAW file offset of the last byte (+1) in last section. So, we can know at which RAW address where it will start our buffer that will be appended to the last section

Function 4: AppendToNewSection

This function is the same as Function1 but instead of appending the buffer to the last section it will create a new section in the Mach-O file and copy the buffer on the new section.

Function 5: GetRVAtoAppendToNewSection

This function is the same as Function2 but for the new section

Function 6: GetRAWtoAppendToLastSection

This function is the same as Function3 but for the new section

Function 7: RedirectEntryPoint

This function will redirect the entry point of a given filename to a given RVA. So, we can for example redirect the entry point to the buffer that we have copied into the last or new section.

Function 8: GetRVAsCallToAPI

The idea of this function is that we can detect where in the code sections a specific API is called. So, you have to examine in all code sections where a CALL instruction (0xE8 or 0xFF15 opcodes) is located and check if it points to the given API name.

This function receives:

Filename: Name of the Mach-O file

APIName: Name of the API to search

BufferRVAout: This is a buffer that it will contain all RVAs (DWORDs) found in the file that points to the API and the type of CALL found (if it was from a “CALL API_Name (0xe8 opcode)” or “CALL [API_NAME (0xFF15 opcode). BufferRVAout is an array of structures like:

typedef struct sAPIinfo

{

DWORD rva;

BYTE type_call;

}

Function 9: DestroyCodeAtRVA

This function receives a filename (Mach-O) and an RVA and size to destroy in the file. The function will write random values in the file at the offsets that corresponds to RVA and RVA+size.

Function 10: StripLibrary

This functions removes from the import table in a given Mach-O file the linking with a specific library. So, after calling that function, the file won’t require that given library to run.

REQUERIMENTS:

1) Please, provide working examples to check the functions (under Windows)

2) The solutions must be coded in Visual Studio in either C or C++

3) Please, provide well designed code (modular, commented…)

4) Please, if you are not able to implement any of the functions or it’s not possible to do it in Mach-O file format, please, let me know. I don’t want to start a project and in the middle of the implementation you say that any of the above functions is not possible to implement for Mach-O (x86/x64)

Beceriler: C Programlama, C++ Programlama, x86/x64 Çevirici

Daha fazlasını görün: mach import function, mach x64, struct programming, search structures, programming instruction, pointer programming, programming typedef, programming pointer, cplusplus struct, cplusplus programming examples, cplusplus array, search o, o search, x86, raw file, o, mach , appending, size function, file byte array, opcode, visual studio implement, visual studio 2013, api programming examples, x64 instruction

İşveren Hakkında:
( 62 değerlendirme ) Jerez de la Frontera, Spain

Proje NO: #4388287

2 freelancer bu iş için ortalamada 607$ teklif veriyor

WangJinHao

Hello. I can help you. Please check my PM! Thanks.

in 15 gün içinde1575$ USD
(3 Değerlendirme)
3.3
sky98794

hello, sir. i'm ready for you. please read PM. thanks

in 7 gün içinde735$ USD
(2 Değerlendirme)
2.8
SaSTechnologies

Please look into PM. I am an expert in File Handling through C/C++.

in 14 gün içinde714$ USD
(1 Değerlendirme)
0.5
blackgrapes3

It's an easy task for us.We have gone through your requirements and we are ready to start the work immediately on your project. We will send you the complete list of company's projects and portfolio once you reply us b Daha fazlası

in 25 gün içinde737$ USD
(0 Değerlendirme)
0.0
joebullet67

Dear rtm2k, I am experienced Software Engineer and Software Architect working who is able to work in multitude of languages including but not limited to Assembly, C, C++. I have read, understood and studied OS X ABI M Daha fazlası

in 7 gün içinde500$ USD
(0 Değerlendirme)
0.0
ptNVXktUOYUg

Hello, We are freelance software developers. If you contact us, we can give a quote for your project and we can discuss the details. w w w . so l v er . i o

in 3 gün içinde550$ USD
(0 Değerlendirme)
0.0