RE FORUM
[REVERSE ENGINEERING] => Tools => Topic started by: DARKER on March 23, 2017, 08:06:27 AM
-
Reading and writing binary formats is hard, especially if it's interchange format that should work across multitude of platforms and languages.
Have you ever found yourself writing repetitive, error-prone and hard-to-debug code that reads binary data structures from file / network stream and somehow represents them in memory for easier access?
Kaitai Struct tries to make this job easier — you only have to describe binary format once and then everybody can use it from their programming languages — cross-language, cross-platform.
http://kaitai.io/index.html#what-is-it
-
To vypada zajimave, skoda, ze prakticky existuje (zatim?) jenom minimalni podpora pro bezny formaty: http://kaitai.io/index.html#format-gallery
-
Viac menej ide o to ze si mozes riesit vlastne veci, tie public veci co su tam zverejnene su vacsinou nezaujimave :)
je k tomu inac aj visualizer https://github.com/kaitai-io/kaitai_struct_visualizer
-
Bylo by super, kdyby uz tam meli podporu pro COFF, PE, ELF atd. Nechce se nekomu vytvorit Kaitai Struct pro ELF?
:)
-
tu su formaty ktore su k dispozicii, zatial toho vela nie je
https://github.com/kaitai-io/kaitai_struct_formats
-
Jsou tam toho mraky, i ELF a PE :) Diky za link, to mi uniklo.
-
Tak smula, parsovani ELF ksy haze nejakou chybu:
kaitai-struct-compiler.bat --target csharp kaitai_struct_formats\executable\elf.ksy/instances/strings/size: invalid type: expected integer, got SwitchType(Attribute(Attribute(Name(identifier(_root)),identifier(header)),identifier(bits)),Map(EnumByLabel(identifier(bits),identifier(b32)) -> IntMultiType(false,Width4,le), EnumByLabel(identifier(bits),identifier(b64)) -> IntMultiType(false,Width8,le)))
Jeste jsem zkousel microsoft_pe.ksy, ten parsovat jde.