leommxj/getpdb.py

## getpdb.py
import lief
import argparse
import urllib.request
from tqdm import tqdm

URL = "http://msdl.microsoft.com/download/symbols/{}/{}{}/{}"

class DownloadProgressBar(tqdm):
    def update_to(self, b=1, bsize=1, tsize=None):
        if tsize is not None:
            self.total = tsize
        self.update(b * bsize - self.n)


def download_url(url, output_path):
    with DownloadProgressBar(unit='B', unit_scale=True,
                             miniters=1, desc=url.split('/')[-1]) as t:
        urllib.request.urlretrieve(url, filename=output_path, reporthook=t.update_to)

def magic_swap(sig):
    r = []
    r = r + sig[3::-1]
    r = r + sig[5:3:-1]
    r = r + sig[7:5:-1]
    r = r + sig[8:]
    return r

def main(args):
    pefile = lief.PE.parse(args.filename)
    if not pefile.has_debug:
        print("No Debug Dict")
        return 0

    for d in pefile.debug:
        if d.has_code_view:
            cv = d.code_view
            if isinstance(cv,lief.PE.CodeViewPDB):
                sig = magic_swap(cv.signature)
                sigstr = "".join(["{:02X}".format(i) for i in sig])
                pdbname = cv.filename
                if args.output:
                    output = args.output
                else:
                    output = pdbname
                url = URL.format(pdbname, sigstr, cv.age, cv.filename)
                print("getting pdb from : {}".format(url))
                download_url(url, output)


if __name__ == '__main__':
    parser = argparse.ArgumentParser()
    parser.add_argument('filename', type=str, help='target pe file name')
    parser.add_argument('-o', dest='output', type=str, help='output path')
    args = parser.parse_args()
    main(args)
	import lief
	import argparse
	import urllib.request
	from tqdm import tqdm

	URL = "http://msdl.microsoft.com/download/symbols/{}/{}{}/{}"

	class DownloadProgressBar(tqdm):
	def update_to(self, b=1, bsize=1, tsize=None):
	if tsize is not None:
	self.total = tsize
	self.update(b * bsize - self.n)


	def download_url(url, output_path):
	with DownloadProgressBar(unit='B', unit_scale=True,
	miniters=1, desc=url.split('/')[-1]) as t:
	urllib.request.urlretrieve(url, filename=output_path, reporthook=t.update_to)

	def magic_swap(sig):
	r = []
	r = r + sig[3::-1]
	r = r + sig[5:3:-1]
	r = r + sig[7:5:-1]
	r = r + sig[8:]
	return r

	def main(args):
	pefile = lief.PE.parse(args.filename)
	if not pefile.has_debug:
	print("No Debug Dict")
	return 0

	for d in pefile.debug:
	if d.has_code_view:
	cv = d.code_view
	if isinstance(cv,lief.PE.CodeViewPDB):
	sig = magic_swap(cv.signature)
	sigstr = "".join(["{:02X}".format(i) for i in sig])
	pdbname = cv.filename
	if args.output:
	output = args.output
	else:
	output = pdbname
	url = URL.format(pdbname, sigstr, cv.age, cv.filename)
	print("getting pdb from : {}".format(url))
	download_url(url, output)




	if __name__ == '__main__':
	parser = argparse.ArgumentParser()
	parser.add_argument('filename', type=str, help='target pe file name')
	parser.add_argument('-o', dest='output', type=str, help='output path')
	args = parser.parse_args()
	main(args)