lief-iat-reconstruction/utils.py

from enum import Enum

import lief


class Instructions(list[int], Enum):
    RET = [0xC3]
    PUSH = [0x68]
    MOV_REG = [0xC7]
    CALL_ADDR = [0xFF, 0x15]
    JUMP_ADDR = [0xFF, 0x25]


def is_32b(pe: lief.PE.Binary):
    return pe.abstract.header.is_32


def is_little_endian(pe: lief.PE.Binary):
    return pe.abstract.header.endianness == lief.Header.ENDIANNESS.LITTLE


def hex_address_to_memory_representation(hex_addr: str, is_32b: bool, is_little_endian: bool) -> list[int]:
    adress_size = 4 if is_32b else 8
    mem_value = [0x00] * adress_size
    hex_addr = hex_addr[::-1][:-2]  # reversing order and stripping zero
    for i in range(0, adress_size):
        byte_str = hex_addr[i * 2 : (i + 1) * 2][::-1]
        mem_value[i] += int(byte_str, 16)
    if not is_little_endian:
        mem_value = mem_value[::-1]  # reverse byte order for big endian
    return mem_value


verbose = False


def print_debug(msg: str):
    if verbose:
        print(msg)


def set_verbose(value: bool):
    global verbose
    verbose = value