{"id":29056505,"url":"https://github.com/tahadraidia/dabu","last_synced_at":"2026-05-02T17:32:46.309Z","repository":{"id":300953683,"uuid":"981568704","full_name":"tahadraidia/dabu","owner":"tahadraidia","description":".NET Assembly Blob Unpacker","archived":false,"fork":false,"pushed_at":"2025-07-25T23:35:35.000Z","size":342,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-07-26T06:36:10.560Z","etag":null,"topics":["assemblies","binary","dotnet","unity","unpacker","xamarin","xamarin-android"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tahadraidia.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-11T12:07:56.000Z","updated_at":"2025-07-25T23:35:38.000Z","dependencies_parsed_at":"2025-06-24T12:40:53.361Z","dependency_job_id":null,"html_url":"https://github.com/tahadraidia/dabu","commit_stats":null,"previous_names":["tahadraidia/dabu"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/tahadraidia/dabu","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tahadraidia%2Fdabu","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tahadraidia%2Fdabu/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tahadraidia%2Fdabu/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tahadraidia%2Fdabu/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tahadraidia","download_url":"https://codeload.github.com/tahadraidia/dabu/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tahadraidia%2Fdabu/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274186556,"owners_count":25237613,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-08T02:00:09.813Z","response_time":121,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["assemblies","binary","dotnet","unity","unpacker","xamarin","xamarin-android"],"created_at":"2025-06-27T05:02:06.232Z","updated_at":"2026-05-02T17:32:46.269Z","avatar_url":"https://github.com/tahadraidia.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# DABU - .NET Assembly Blob Unpacker\r\nDABU is a tool for unpacking .NET assemblies (DLL files) from an `assemblies.blob` file. It is implemented in C and exposes an interface for easy integration and portability across other programming languages.\r\n\r\n- A cli tool can be found under `cli` directory.\r\n- Python bindings can be found under `py` directory.\r\n- Java bindings are planned and currently in the pipe line.\r\n\r\n## C Library Interface\r\nDABU exposes a minimal C interface to enable easy integration into other projects or languages. Here's a summary of the core API:\r\n\r\n```C\r\n#ifndef _DABU_H\r\n#define _DABU_H\r\n\r\n#define MAX_NAME 1024\r\n\r\n#include \u003cstdint.h\u003e\r\n\r\ntypedef struct assembly_T {\r\n    char name[MAX_NAME];\r\n    size_t size;\r\n    struct assembly_T *next;\r\n} assembly_T;\r\n\r\ntypedef struct block_T block_T;\r\n\r\nsize_t\r\nassemblies_dump(block_T **, const char *, assembly_T **, const bool);\r\n\r\nvoid\r\nblock_free(block_T **block);\r\n\r\n#endif\r\n```\r\n\r\n`assemblies_dump()` accepts:  \r\n- **IN** `block_T**`: memory arena pointer   \r\n- **IN** `const char*`:  Path to blob file   \r\n- **OUT** `assembly_T**`: linked list of assemblies found   \r\n- **IN** `bool`: whether to extract DLLs to disk   \r\n\r\n### Example (C)\r\n\r\n```C\r\n#include \u003cstdio.h\u003e\r\n#include \u003cstdlib.h\u003e\r\n#include \"dabu.h\"\r\n\r\n...\r\n\r\nint\r\nmain(int argc, char *argv[])\r\n{\r\n    const char *file = NULL;\r\n\r\n    //TODO: parse flag to handle dlls extraction\r\n    if (argc \u003e= 2 \u0026\u0026 argv[1] \u0026\u0026 *argv[1])\r\n        file = argv[1];\r\n    else\r\n        help(argv[0]);\r\n\r\n    if (file \u0026\u0026 (strlen(file) \u003e 1))\r\n    {\r\n            assembly_T *list = NULL;\r\n            block_T *block = NULL;\r\n\r\n            size_t count = assemblies_dump(\u0026block, file, \u0026list, false);\r\n\r\n            if (list \u0026\u0026 count \u003e 0)\r\n            {\r\n                    assembly_T *iter = list;\r\n                    while (iter)\r\n                    {\r\n                            if (iter-\u003ename[0]) printf(\"%s\\n\", iter-\u003ename);\r\n                            iter = iter-\u003enext;\r\n                    }\r\n            }\r\n\r\n            block_free(\u0026block);\r\n    }\r\n\r\n    return 0;\r\n}\r\n```\r\n\r\n### CLI TOOL\r\n\r\n##### Build\r\n\r\n```sh\r\ncd cli\r\nmkdir build\r\ncd build\r\ncmake ../ -G Ninja\r\nninja\r\n```\r\n\r\n##### Usage\r\n\r\n```sh\r\n./dabu_cli assemblies.blob\r\n\r\n```\r\n\r\nOutputs a list of DLLs found in the blob. Add flags for extraction options. \r\n\r\n### Fuzzing\r\n\r\nAFL++ was used to harden the parser against malformed .blob inputs.\r\n\r\n##### Build for Fuzzing\r\n\r\n```sh\r\nmkdir fuzz \u0026\u0026 cd fuzz\r\ncmake ../ -DFUZZ=ON\r\n```\r\n\r\n##### Run a Session\r\n\r\n```\r\nafl-fuzz -i in -o out -- ./fuzz_dabu_cli @@\r\n```\r\n- Ensure a valid `.blob` file is placed in `in/` directory.  \r\n- The binary `fuzz_dabu_cli` is AFL-instrumented.  \r\n\r\n\r\n##### Example Session: `7b99dd42d268d8b1826941096e5be55348641003`\r\n\r\n- Observed: Segmentation faults, assertions failures  \r\n- Fixes: Applied and verified in the follow up sessions   \r\n\r\n###### Befores Fixes:\r\n\r\n![](cli/fuzz/sc/discovery_7b99dd42d268d8b1826941096e5be55348641003.png)\r\n\r\n###### After Fixes:\r\n\r\n![](cli/fuzz/sc/bugfixes_7b99dd42d268d8b1826941096e5be55348641003.png)\r\n\r\n## Python Bindings\r\n\r\nDABU exposes a simple Python API built using CPython’s C-API.\r\n\r\n### Exposed API\r\n\r\n```C\r\n...\r\n\r\nstatic PyObject* dabu_dump(PyObject* self, PyObject* args) {\r\n    const char *path = NULL;\r\n    int dump = 0;\r\n    \r\n    if (!PyArg_ParseTuple(args, \"si\", \u0026path, \u0026dump)) {\r\n        return PyList_New(0);\r\n    }\r\n\r\n...\r\n```\r\n\r\n##### Python Method Table\r\n\r\n```C\r\nstatic PyMethodDef methods[] = {\r\n    {\"dump\", dabu_dump, METH_VARARGS, \"Unpacks DLLs from the assemblies.blob file and returns a list of DLLs, or an empty list on failure.\"},\r\n    {NULL, NULL, 0, NULL}\r\n};\r\n```\r\n\r\n#### Build and Install\r\n\r\n```sh\r\ncd py\r\npy .\\setup.py build\r\npy .\\setup.py install\r\n```\r\n\r\n##### Example Usage\r\n\r\n```py\r\nimport re\r\nfrom sys import argv\r\nfrom dabu import dump\r\n\r\n# Filter common system assemblies\r\nregex = r'^(System\\.|Mono\\.|.*_Microsoft|Microsoft|Xamarin|mscorlib|Newtonsoft|Java.Interop)'\r\n\r\nif __name__ == \"__main__\":\r\n\tif (len(argv) - 1) \u003c 1:\r\n\t\tprint(\"{} \u003cblob path\u003e\".format(argv[0]));\r\n\t\texit(0);\r\n\tblob = argv[1]\r\n\tpattern = re.compile(regex)\r\n\tassemblies = dump(blob, False)\r\n\tif (len(assemblies) \u003e 0):\r\n\t\tdlls = list(filter(lambda i: not pattern.match(i['name']), assemblies))\r\n\t\tprint(dlls)\r\n\r\n```\r\n\r\nSee `py/example.py` for usage of `dabu` module.\r\n\r\n#### TODOs\r\n- [ ] Add CLI flags for disk extraction  \r\n- [ ] Fuzz Python C extension  \r\n- [ ] Finalize Java binding via JNI  \r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftahadraidia%2Fdabu","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftahadraidia%2Fdabu","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftahadraidia%2Fdabu/lists"}