`dissect.cstruct.utils`#

Module Contents#

Functions#

`hexdump`	Hexdump some data.
`dumpstruct`	Dump a structure or parsed structure instance.
`pack`	Pack an integer value to a given bit size, endianness.
`unpack`	Unpack an integer value from a given bit size, endianness and sign.
`p8`	Pack an 8 bit integer.
`p16`	Pack a 16 bit integer.
`p32`	Pack a 32 bit integer.
`p64`	Pack a 64 bit integer.
`u8`	Unpack an 8 bit integer.
`u16`	Unpack a 16 bit integer.
`u32`	Unpack a 32 bit integer.
`u64`	Unpack a 64 bit integer.
`swap`	Swap the endianness of an integer with a given bit size.
`swap16`	Swap the endianness of a 16 bit integer.
`swap32`	Swap the endianness of a 32 bit integer.
`swap64`	Swap the endianness of a 64 bit integer.

Attributes#

`COLOR_RED`
`COLOR_GREEN`
`COLOR_YELLOW`
`COLOR_BLUE`
`COLOR_PURPLE`
`COLOR_CYAN`
`COLOR_WHITE`
`COLOR_NORMAL`
`COLOR_BG_RED`
`COLOR_BG_GREEN`
`COLOR_BG_YELLOW`
`COLOR_BG_BLUE`
`COLOR_BG_PURPLE`
`COLOR_BG_CYAN`
`COLOR_BG_WHITE`
`PRINTABLE`
`ENDIANNESS_MAP`
`Palette`

dissect.cstruct.utils.COLOR_RED = '\x1b[1;31m'#

dissect.cstruct.utils.COLOR_GREEN = '\x1b[1;32m'#

dissect.cstruct.utils.COLOR_YELLOW = '\x1b[1;33m'#

dissect.cstruct.utils.COLOR_BLUE = '\x1b[1;34m'#

dissect.cstruct.utils.COLOR_PURPLE = '\x1b[1;35m'#

dissect.cstruct.utils.COLOR_CYAN = '\x1b[1;36m'#

dissect.cstruct.utils.COLOR_WHITE = '\x1b[1;37m'#

dissect.cstruct.utils.COLOR_NORMAL = '\x1b[1;0m'#

dissect.cstruct.utils.COLOR_BG_RED = '\x1b[1;41m\x1b[1;37m'#

dissect.cstruct.utils.COLOR_BG_GREEN = '\x1b[1;42m\x1b[1;37m'#

dissect.cstruct.utils.COLOR_BG_YELLOW = '\x1b[1;43m\x1b[1;37m'#

dissect.cstruct.utils.COLOR_BG_BLUE = '\x1b[1;44m\x1b[1;37m'#

dissect.cstruct.utils.COLOR_BG_PURPLE = '\x1b[1;45m\x1b[1;37m'#

dissect.cstruct.utils.COLOR_BG_CYAN = '\x1b[1;46m\x1b[1;37m'#

dissect.cstruct.utils.COLOR_BG_WHITE = '\x1b[1;47m\x1b[1;30m'#

dissect.cstruct.utils.PRINTABLE#

dissect.cstruct.utils.ENDIANNESS_MAP#

dissect.cstruct.utils.Palette#

dissect.cstruct.utils.hexdump(data: bytes, palette=None, offset: int = 0, prefix: str = '', output: str = 'print')#

Hexdump some data.

Parameters:

data – Bytes to hexdump.
palette – Colorize the hexdump using this color pattern.
offset – Byte offset of the hexdump.
prefix – Optional prefix.
output – Output format, can be ‘print’, ‘generator’ or ‘string’.

dissect.cstruct.utils.dumpstruct(obj, data: bytes = None, offset: int = 0, color: bool = True, output: str = 'print')#

Dump a structure or parsed structure instance.

Prints a colorized hexdump and parsed structure output.

Parameters:

obj – Structure or Instance to dump.
data – Bytes to parse the Structure on, if obj is not a parsed Instance.
offset – Byte offset of the hexdump.
output – Output format, can be ‘print’ or ‘string’.

dissect.cstruct.utils.pack(value: int, size: int = None, endian: str = 'little') → bytes#

Pack an integer value to a given bit size, endianness.

Parameters:

value – Value to pack.
size – Integer size in bits.
endian – Endianness to use (little, big, network, <, > or !)

dissect.cstruct.utils.unpack(value: bytes, size: int = None, endian: str = 'little', sign: bool = False) → int#

Unpack an integer value from a given bit size, endianness and sign.

Parameters:

value – Value to unpack.
size – Integer size in bits.
endian – Endianness to use (little, big, network, <, > or !)
sign – Signedness of the integer.

dissect.cstruct.utils.p8(value: int, endian: str = 'little') → bytes#

Pack an 8 bit integer.

Parameters:

value – Value to pack.
endian – Endianness to use (little, big, network, <, > or !)

dissect.cstruct.utils.p16(value: int, endian: str = 'little') → bytes#

Pack a 16 bit integer.

Parameters:

value – Value to pack.
endian – Endianness to use (little, big, network, <, > or !)

dissect.cstruct.utils.p32(value: int, endian: str = 'little') → bytes#

Pack a 32 bit integer.

Parameters:

value – Value to pack.
endian – Endianness to use (little, big, network, <, > or !)

dissect.cstruct.utils.p64(value: int, endian: str = 'little') → bytes#

Pack a 64 bit integer.

Parameters:

value – Value to pack.
endian – Endianness to use (little, big, network, <, > or !)

dissect.cstruct.utils.u8(value: bytes, endian: str = 'little', sign: bool = False) → int#

Unpack an 8 bit integer.

Parameters:

value – Value to unpack.
endian – Endianness to use (little, big, network, <, > or !)
sign – Signedness of the integer.

dissect.cstruct.utils.u16(value: bytes, endian: str = 'little', sign: bool = False) → int#

Unpack a 16 bit integer.

Parameters:

value – Value to unpack.
endian – Endianness to use (little, big, network, <, > or !)
sign – Signedness of the integer.

dissect.cstruct.utils.u32(value: bytes, endian: str = 'little', sign: bool = False) → int#

Unpack a 32 bit integer.

Parameters:

value – Value to unpack.
endian – Endianness to use (little, big, network, <, > or !)
sign – Signedness of the integer.

dissect.cstruct.utils.u64(value: bytes, endian: str = 'little', sign: bool = False) → int#

Unpack a 64 bit integer.

Parameters:

value – Value to unpack.
endian – Endianness to use (little, big, network, <, > or !)
sign – Signedness of the integer.

dissect.cstruct.utils.swap(value: int, size: int)#

Swap the endianness of an integer with a given bit size.

Parameters:

value – Integer to swap.
size – Integer size in bits.

dissect.cstruct.utils.swap16(value: int) → int#

Swap the endianness of a 16 bit integer.

Parameters:: value – Integer to swap.

dissect.cstruct.utils.swap32(value: int) → int#

Swap the endianness of a 32 bit integer.

Parameters:: value – Integer to swap.

dissect.cstruct.utils.swap64(value: int) → int#

Swap the endianness of a 64 bit integer.

Parameters:: value – Integer to swap.

dissect.cstruct.utils#

Module Contents#

Functions#

Attributes#

`dissect.cstruct.utils`#