-
Notifications
You must be signed in to change notification settings - Fork 32
Expand file tree
/
Copy pathgetExports.py
More file actions
24 lines (21 loc) · 1.09 KB
/
getExports.py
File metadata and controls
24 lines (21 loc) · 1.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
#!/usr/bin/env python3
# -*- coding:utf-8 -*-
import argparse
import os
import pefile
if __name__ in '__main__':
try:
parser = argparse.ArgumentParser( description = 'Extracts exports from a PE.' )
parser.add_argument( '-d', required = False, help = 'Path to original DLL on the target system', default='C:\\Windows\\System32', type = str )
parser.add_argument( '-f', required = True, help = 'Path to the source DLL', type = str )
parser.add_argument( '-o', required = True, help = 'Path to store the output', type = str )
option = parser.parse_args()
fwd_path = option.d.replace('\\','/')
PeExe = pefile.PE( option.f )
with open(option.o, "w") as outfile:
outfile.write("EXPORTS\n")
for export in PeExe.DIRECTORY_ENTRY_EXPORT.symbols:
if export.name:
outfile.write(f" {export.name.decode()}={fwd_path}/{os.path.basename(option.f)[0:-4]}.{export.name.decode()} @{export.ordinal}\n")
except Exception as e:
print( '[!] error: {}'.format( e ) )