Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Blocked on many samples #30

Closed
ManSoSec opened this issue May 3, 2017 · 7 comments
Closed

Blocked on many samples #30

ManSoSec opened this issue May 3, 2017 · 7 comments
Assignees

Comments

@ManSoSec
Copy link

ManSoSec commented May 3, 2017

Hi,

LIEF (Python interface) is blocked on many binaries during calling parse method and produce the following messages:
Unable to find the section associated with CERTIFICATE_TABLE
Unable to find the section associated with BASE_RELOCATION_TABLE

Sample:451774a07ed807c10a67f68201540928f8cba9c4a620f5fe1062ba2da56eb552

Then the process finishes after blocking for a few minutes:
"Process finished with exit code 137"

Debugging is not also possible.

Would you please let me know how I can fix it? Thanks!!

@romainthomas
Copy link
Member

Hi,
Thanks for the sample, I can reproduce the bug and I'll look on it

@ManSoSec
Copy link
Author

ManSoSec commented May 3, 2017

Thank you very much!
This is another sample: 2cfb9406ac9553c350a333f573a56226419f74747d7a6bdde24cbd81b1d7be4a

romainthomas added a commit that referenced this issue May 3, 2017
Note: This sample seems signed with LIEF is not able to parse the
complete signature (related to #3)
@ManSoSec
Copy link
Author

ManSoSec commented May 3, 2017

It seems that it was a setup file. Is there any attribute in LIEF to discriminate between PE setup executables and non-setup executables?

Thanks!

@romainthomas
Copy link
Member

From a format point of view there is no property that discriminate a setup executables from a normal one.

We could use the overlay as heuristic but I don't think is very reliable

@ManSoSec
Copy link
Author

ManSoSec commented May 3, 2017

Right! Thank you very much!

romainthomas added a commit that referenced this issue Jul 18, 2017
romainthomas added a commit that referenced this issue Jul 18, 2017
Note: This sample seems signed with LIEF is not able to parse the
complete signature (related to #3)
romainthomas added a commit that referenced this issue Jan 17, 2022
romainthomas added a commit that referenced this issue Jan 17, 2022
Note: This sample seems signed with LIEF is not able to parse the
complete signature (related to #3)
@emiliocini
Copy link

This still happen with dll files, do you need samples ?

@romainthomas
Copy link
Member

If it is still applicable with the master branch, yes please.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants