[SUGGESTION] add 32 or 64 bit architecture to (or aside) BinaryMagic function

https://github.com/Binject/binjection/blob/605d46e35debc5565e439b10894f3529a08b0390/bj/utils.go#L50
So here is my suggestion if you like it I am happy to implement it and make a PR:
My suggestion is to look for the architecture type 32 or 64 bit in the magic header in addition to the file type.

After looking at this three sites I am confident that this is an very easy task:
- https://learn.microsoft.com/en-us/windows/win32/debug/pe-format for pe file
- https://en.wikipedia.org/wiki/Executable_and_Linkable_Format for elf file
- https://en.wikipedia.org/wiki/Mach-O for macho file

I think because of backwards compatibility it is not a viable option to extend the `BinaryMagic` function therefor I would implement this feature in a new function `ArchType` or so.
I got to this issue because I read the [injection code for executable files in the backdoorfactory](https://github.com/Binject/backdoorfactory/blob/5be9dc0edeadb4a405f6a902f4c5f45e13e0eb4b/main.go#L247C1-L247C6) repo and stumbled upon a [todo-comment](https://github.com/Binject/backdoorfactory/blob/5be9dc0edeadb4a405f6a902f4c5f45e13e0eb4b/main.go#L261) with the arch type.
I will fix that too just thought I can start here to make it a nicer fix 😄.



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[SUGGESTION] add 32 or 64 bit architecture to (or aside) BinaryMagic function #8

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development