Skip to content

Latest commit

 

History

History
182 lines (139 loc) · 5.5 KB

USECASES.md

File metadata and controls

182 lines (139 loc) · 5.5 KB

How to Use

General Information About Target Binary

  • Description: With this feature you can get general information from target MACH-O binary.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.get_binary_info()

wm1

List Segments

  • Description: This method is for parsing and listing segments.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.get_segments()

wm2

Get Target Segment Information

  • Description: With this method you can get additional information about the target segment.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.segment_info("__TEXT")

wm3

Dump Segment Buffer

  • Description: This method is for extracting content of the target segment.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.dump_segment("__TEXT")

wm9

List Sections

  • Description: This method is for parsing and listing sections.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.get_sections()

wm4

Get Target Section Information

  • Description: With this method you can get additional information about the target section.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.section_info("__text")

wm5

Dump Section Buffer

  • Description: This method is for extracting content of the target section.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.dump_section("__text")

wmm1

Get DYLIB Information

  • Description: This method is for get all information about the Dynamic Libraries.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.get_dylib_names()

wm6

Get WEAK DYLIB Information

  • Description: This method is for get all information about the Weak Dynamic Libraries.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.get_weak_dylib_names()

wm7

Dump Strings

  • Description: This method can get and list string values from the target binary file.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.get_strings()

wm8

Gather Application Identifier

  • Description: This method returns application identifier name. (For example "com.example.app")
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.application_identifier()

wmm2

Gather Code Signature Information

  • Description: This method is for getting information about code signature section.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.code_signature_info()

wmm3

Getting LC_SYMTAB Information

  • Description: This method returns information about LC_SYMTAB.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.get_symtab_info()

wmm4

List SYMTAB Strings

  • Description: This method returns string values contained in LC_SYMTAB.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.dump_symtab_strings()

wmm5

Gather Information About Dynamic Linking Editor (LC_DYLD_INFO)

  • Description: This method returns information about LC_DYLD_INFO.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.get_dyld_info()

wmm7

Parsing Property List Data

from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
plist = wm.get_plists()

for pl in plist[0].iter():
    if pl.text:
        print(pl.text)

wmm8

Locating Entrypoint Offset

  • Description: This method returns entrypoint offset of the target binary.
from wh1tem0cha import Wh1teM0cha

wm = Wh1teM0cha("target_binary_file")
wm.get_entrypoint()

wmm6