Miasm v2

* API has changed, so old scripts need updates
* See example for API usage
* Use tcc or llvm for jit emulation
* Go to test and run test_all.py to check install

Enjoy !

1 files changed, 42 insertions, 0 deletions

diff --git a/example/extract_pe_ressources.py b/example/extract_pe_ressources.py
new file mode 100644
index 00000000..d5c59ae5
--- /dev/null
+++ b/example/extract_pe_ressources.py
@@ -0,0 +1,42 @@
+import sys
+import struct
+from elfesteem import *
+import os
+import sys
+
+# example for extracting all pe ressources
+
+
+def extract_res(res, name_o="", num=0, lvl=-1):
+    lvl += 1
+    if not res:
+        return num
+    for x in res.resentries:
+        print "\t" * lvl, repr(x)
+        num += 1
+
+        if x.name_s:
+            name = name_o[:] + repr(x.name_s.value[::2])
+        else:
+            name = name_o[:]
+
+        if x.data:
+            print "\t" * lvl, 'data', len(x.data.s)
+            open('out/%.3d_%s.bin' % (num, name), 'w').write(str(x.data.s))
+        else:
+            print "\t" * lvl, None
+        if x.offsettosubdir:
+            num = extract_res(x.subdir, name, num, lvl + 1)
+    return num
+
+try:
+    os.stat('out')
+except:
+    os.mkdir('out')
+
+fname = sys.argv[1]
+e = pe_init.PE(open(fname, 'rb').read())
+res = e.DirRes.resdesc
+
+
+extract_res(res)