0

I have a .lib file that was compiled from C++ and would like to be able to do some of the same things you can do with .so files using BFD in Linux. Are there any alternatives or ways to get BFD to work with .lib files? Thanks!

BinaryBrother
  • 1
  • 2
  • What specifically are *some of the same things*? – Ken White Aug 03 '18 at 01:57
  • The most important functions would be bfd_openr and bfd_canonicalize_symtab. I am basically trying to get addresses. – BinaryBrother Aug 03 '18 at 02:05
  • You're probably going to need something from one of the compiler tool chains to get that on Windows. There's nothing built in to the OS to provide that, AFAIK. – Ken White Aug 03 '18 at 02:14
  • MSVC has a utility called dumpbin that will provide this info, IIRC, and the old Borland (now Embarcadero C++ Builder and Delphi) have tdump, either of which will work with .obj, .lib and .dll files. I'm sure gcc must have something similar that works in Windows. – Ken White Aug 03 '18 at 02:39
  • 1
    It looks like dumpbin produces the type of output I need by doing dumpbin /EXPORTS. I will keep looking in to how to get that process in a C++ executable. – BinaryBrother Aug 03 '18 at 03:30
  • This sounds a lot like you are trying to force a Linux solution onto Windows, which could well be an [XY Problem](http://xyproblem.info). What are you ultimately trying to accomplish? – IInspectable Aug 03 '18 at 07:58
  • @IInspectable Sorry if I stated this poorly. I am trying to get the offset of specific functions from a shared .lib file from C++, which will ultimately be used for some memory mapping work. – BinaryBrother Aug 03 '18 at 13:53
  • Again, what are you *ultimately* trying to accomplish? The previous comment merely explained another step in your proposed solution. Which may just be the wrong way to go about whatever it is that you are trying to do. – IInspectable Aug 03 '18 at 13:57
  • My project has to do with analysis of shared memory and caching. I need to obtain the memory offset of a function from a .lib file and use that address for the MapViewOfFile function in order to track that function in shared cache memory. – BinaryBrother Aug 03 '18 at 14:54
  • That's just a more detailed description of how you plan to solve your problem, but still doesn't explain, what the problem is. There could be better, more reliable, easier solutions, but we cannot recommend any of those, unless we know, what the problem is. – IInspectable Aug 04 '18 at 07:28
  • OP: "[...] libbfd provides a common interface for reading and parsing all popular binary formats, compiled for a wide variety of architectures. This includes ELF and PE files for x86 and x86-64 machines." So what's the problem in opening .dlls with this? You will still have to write a framework to work with libbfd, but other than that u can basicly load anything – clockw0rk Jul 26 '19 at 01:27

1 Answers1

1

Windows is not really a fully open source project but you could definitely try to write a parser yourself for the .lib, .exe, and .dll files. There is plenty of information on these file formats and definitely enough to parse them accurately. I really couldn’t find a library that would parse Window’s binaries but hey maybe I just can’t google well.

Bayleef
  • 185
  • 2
  • 10
  • Thanks you for the response! I had the same issue googling so I came here to ask, seems like I may have to do the parsing myself. – BinaryBrother Aug 03 '18 at 02:36
  • i think this is what you are looking for: https://practicalbinaryanalysis.com/ .... u will need books for this topic since google won't give u good detailed information about cracking / reverse engineering – clockw0rk Jul 26 '19 at 01:29