Detect executable format using Python

In this article, I am sharing with you a small Python script that lets you detect if a file is an executable file and what platform the executable is targeting.

The following formats for 32 bits and 64bits processors are supported:

Mach-O files: both regular and universal formats
Windows PE files
Linux ELF files

The script

#---------------------------------------------------------------------
EXEFLAG_NONE        = 0x0000
EXEFLAG_LINUX       = 0x0001
EXEFLAG_WINDOWS     = 0x0002
EXEFLAG_MACOS       = 0x0004
EXEFLAG_MACOS_FAT   = 0x0008
EXEFLAG_32BITS      = 0x0010
EXEFLAG_64BITS      = 0x0020

# Keep signatures sorted by size
_EXE_SIGNATURES = (
    ("\x4D\x5A", EXEFLAG_WINDOWS),
    ("\xCE\xFA\xED\xFE", EXEFLAG_MACOS | EXEFLAG_32BITS),
    ("\xCF\xFA\xED\xFE", EXEFLAG_MACOS | EXEFLAG_64BITS),
    ("\xBE\xBA\xFE\xCA", EXEFLAG_MACOS | EXEFLAG_32BITS | EXEFLAG_MACOS_FAT),
    ("\xBF\xBA\xFE\xCA", EXEFLAG_MACOS | EXEFLAG_64BITS | EXEFLAG_MACOS_FAT),
    ("\x7F\x45\x4C\x46\x01", EXEFLAG_LINUX | EXEFLAG_32BITS),
    ("\x7F\x45\x4C\x46\x02", EXEFLAG_LINUX | EXEFLAG_64BITS)
)

def get_exeflags(filepath):
    try:
        with open(filepath, "rb") as f:
            buf = ""
            buf_len = 0
            for sig, flags in _EXE_SIGNATURES:
                sig_len = len(sig)
                if buf_len < sig_len:
                    buf += f.read(sig_len - buf_len)
                    buf_len = sig_len

                if buf == sig:
                    return flags
    except:
        pass

    return EXEFLAG_NONE

Continue reading “Detect executable format using Python”

December 12, 2016December 14, 2016

MacBook keyboard keys

In this blog post, I am going to share with you how to get the lacking keyboard keys on a MacBook’s keyboard.

Essentially, you are missing the following keys:

HOME / END.
DEL key. This is different from the MacBook’s “Delete” key (which is equivalent to the “Backspace” key).
Page Up / Page Down.

Continue reading “MacBook keyboard keys”

June 14, 2016December 25, 2019

Keyboard shortcuts for working in a remote desktop Windows Machine from your MacBook

In this blog post, I am going to share with you how to get the missing keyboard keys that let you work in MS Windows via the remote desktop client under Mac OS X with the MacBook’s keyboard.

What is important to know is that when using a MacBook’s keyboard, you don’t have all the keys that you usually have on a PC keyboard.

Essentially, you are missing the following keys:

HOME / END.
DEL key. This is different from the MacBook’s “Delete” key (which is equivalent to the “Backspace” key).
INS Key.
Page Up / Page Down.
The “Windows” key.

Continue reading “Keyboard shortcuts for working in a remote desktop Windows Machine from your MacBook”

June 13, 2016

The Apple Worldwide Developers Conference (WWDC) 2016 – Highlights

In this blog post, I am going to over the highlights and takeaways from Apple’s WWDC 2016 event that took place on June 13, 2016.

The following topics will be covered:

watchOS 3
tvOS
macOS Sierra
iOS 10

Let’s get started! Continue reading “The Apple Worldwide Developers Conference (WWDC) 2016 – Highlights”

Category: macOS

Detect executable format using Python

The script

Like this:

MacBook keyboard keys

Like this:

Keyboard shortcuts for working in a remote desktop Windows Machine from your MacBook

Like this:

The Apple Worldwide Developers Conference (WWDC) 2016 – Highlights

Like this:

The script

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this: