mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-15 01:17:36 +00:00
GitBook: [master] one page and 2 assets modified
This commit is contained in:
parent
2d9895ef0b
commit
fd860f0e04
3 changed files with 18 additions and 2 deletions
BIN
.gitbook/assets/image (507).png
Normal file
BIN
.gitbook/assets/image (507).png
Normal file
Binary file not shown.
After Width: | Height: | Size: 27 KiB |
BIN
.gitbook/assets/image (535).png
Normal file
BIN
.gitbook/assets/image (535).png
Normal file
Binary file not shown.
After Width: | Height: | Size: 27 KiB |
|
@ -97,7 +97,7 @@ As you may be thinking usually a universal binary compiled for 2 architectures *
|
||||||
|
|
||||||
### Mach-o Format
|
### Mach-o Format
|
||||||
|
|
||||||
* Header
|
* **Header**
|
||||||
|
|
||||||
The header contains basic information about the file, such as magic bytes to identify it as a Mach-O file and information about the target architecture. You can find it in: `mdfind loader.h | grep -i mach-o | grep -E "loader.h$"`
|
The header contains basic information about the file, such as magic bytes to identify it as a Mach-O file and information about the target architecture. You can find it in: `mdfind loader.h | grep -i mach-o | grep -E "loader.h$"`
|
||||||
|
|
||||||
|
@ -106,14 +106,30 @@ struct mach_header {
|
||||||
uint32_t magic; /* mach magic number identifier */
|
uint32_t magic; /* mach magic number identifier */
|
||||||
cpu_type_t cputype; /* cpu specifier (e.g. I386) */
|
cpu_type_t cputype; /* cpu specifier (e.g. I386) */
|
||||||
cpu_subtype_t cpusubtype; /* machine specifier */
|
cpu_subtype_t cpusubtype; /* machine specifier */
|
||||||
uint32_t filetype; /* type of file */
|
uint32_t filetype; /* type of file (usage and alignment for the file) */
|
||||||
uint32_t ncmds; /* number of load commands */
|
uint32_t ncmds; /* number of load commands */
|
||||||
uint32_t sizeofcmds; /* the size of all the load commands */
|
uint32_t sizeofcmds; /* the size of all the load commands */
|
||||||
uint32_t flags; /* flags */
|
uint32_t flags; /* flags */
|
||||||
};
|
};
|
||||||
```
|
```
|
||||||
|
|
||||||
|
* **load-commands region**
|
||||||
|
|
||||||
|
This specifies the **layout of the file in memory**. It contains the **location of the symbol table**, the main thread context at the beginning of execution, and which shared libraries are required.
|
||||||
|
|
||||||
|
* **data region**
|
||||||
|
|
||||||
|
The heart of the file is the final region, the data, which consists of a number of segments as laid out in the load-commands region. **Each segment can contain a number of data sections**. Each of these sections **contains code or data** of one particular type.
|
||||||
|
|
||||||
|
![](../../.gitbook/assets/image%20%28507%29.png)
|
||||||
|
|
||||||
|
#### Get the info
|
||||||
|
|
||||||
|
```bash
|
||||||
|
otool -f /bin/ls #Get universal headers info
|
||||||
|
otool -h /bin/ls #get the Mach header
|
||||||
|
otool -l /bin/ls #Get Load commands
|
||||||
|
```
|
||||||
|
|
||||||
## References
|
## References
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue