SabreTools/BinaryObjectScanner
1
0
Fork 0
mirror of https://github.com/SabreTools/BinaryObjectScanner.git synced 2026-04-17 11:42:40 +00:00
Code Issues 295 Packages Projects Releases 20 Wiki Activity

Linq is friend, not food

Browse Source
This commit is contained in:
Matt Nadareski
2024-11-12 23:17:48 -05:00
parent 984ad1f642
commit 1e3aac6748
60 changed files with 263 additions and 310 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
BinaryObjectScanner/Data/StaticChecks.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Reflection;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
@@ -133,22 +132,26 @@ namespace BinaryObjectScanner.Data
List<T> classTypes = [];
// If not all types can be loaded, use the ones that could be
List<Type> assemblyTypes = [];
Type?[] assemblyTypes = [];
try
{
assemblyTypes = assembly.GetTypes().ToList<Type>();
assemblyTypes = assembly.GetTypes();
}
catch (ReflectionTypeLoadException rtle)
{
assemblyTypes = rtle.Types.Where(t => t != null)!.ToList<Type>();
assemblyTypes = [.. rtle.Types];
}
// Get information from the type param
string interfaceName = typeof(T)!.FullName!;
// Loop through all types
foreach (Type type in assemblyTypes)
foreach (Type? type in assemblyTypes)
{
// Skip invalid types
if (type == null)
continue;
// If the type isn't a class
if (!type.IsClass)
continue;

3
BinaryObjectScanner/FileType/AACSMediaKeyBlock.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
namespace BinaryObjectScanner.FileType
@@ -32,7 +31,7 @@ namespace BinaryObjectScanner.FileType
return null;
// Derive the version, if possible
var typeAndVersion = mkb.Model.Records?.FirstOrDefault(r => r?.RecordType == SabreTools.Models.AACS.RecordType.TypeAndVersion);
var typeAndVersion = Array.Find(mkb.Model.Records ?? [], r => r?.RecordType == SabreTools.Models.AACS.RecordType.TypeAndVersion);
if (typeAndVersion == null)
return "AACS (Unknown Version)";
else

2
BinaryObjectScanner/FileType/Executable.cs
View File

@@ -250,7 +250,7 @@ namespace BinaryObjectScanner.FileType
var protections = new ProtectionDictionary();
// If we have an invalid set of classes
if (checks == null || !checks.Any())
if (checks == null)
return protections;
// If we have any extractable packers

153
BinaryObjectScanner/FileType/SGA.cs
View File

@@ -1,7 +1,6 @@
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Compression.zlib;
@@ -52,16 +51,15 @@ namespace BinaryObjectScanner.FileType
/// <returns>True if all files extracted, false otherwise</returns>
public static bool ExtractAll(SabreTools.Serialization.Wrappers.SGA item, string outputDirectory)
{
// Get the number of files
int filesLength;
switch (item.Model.Header?.MajorVersion)
// Get the file count
int filesLength = item.Model.Directory switch
{
case 4: filesLength = (item.Model.Directory as SabreTools.Models.SGA.Directory4)?.Files?.Length ?? 0; break;
case 5: filesLength = (item.Model.Directory as SabreTools.Models.SGA.Directory5)?.Files?.Length ?? 0; break;
case 6: filesLength = (item.Model.Directory as SabreTools.Models.SGA.Directory6)?.Files?.Length ?? 0; break;
case 7: filesLength = (item.Model.Directory as SabreTools.Models.SGA.Directory7)?.Files?.Length ?? 0; break;
default: return false;
}
SabreTools.Models.SGA.Directory4 d4 => filesLength = d4.Files?.Length ?? 0,
SabreTools.Models.SGA.Directory5 d5 => filesLength = d5.Files?.Length ?? 0,
SabreTools.Models.SGA.Directory6 d6 => filesLength = d6.Files?.Length ?? 0,
SabreTools.Models.SGA.Directory7 d7 => filesLength = d7.Files?.Length ?? 0,
_ => 0,
};
// If we have no files
if (filesLength == 0)
@@ -85,16 +83,15 @@ namespace BinaryObjectScanner.FileType
/// <returns>True if the file extracted, false otherwise</returns>
public static bool ExtractFile(SabreTools.Serialization.Wrappers.SGA item, int index, string outputDirectory)
{
// Get the number of files
int filesLength;
switch (item.Model.Header?.MajorVersion)
// Get the file count
int filesLength = item.Model.Directory switch
{
case 4: filesLength = (item.Model.Directory as SabreTools.Models.SGA.Directory4)?.Files?.Length ?? 0; break;
case 5: filesLength = (item.Model.Directory as SabreTools.Models.SGA.Directory5)?.Files?.Length ?? 0; break;
case 6: filesLength = (item.Model.Directory as SabreTools.Models.SGA.Directory6)?.Files?.Length ?? 0; break;
case 7: filesLength = (item.Model.Directory as SabreTools.Models.SGA.Directory7)?.Files?.Length ?? 0; break;
default: return false;
}
SabreTools.Models.SGA.Directory4 d4 => filesLength = d4.Files?.Length ?? 0,
SabreTools.Models.SGA.Directory5 d5 => filesLength = d5.Files?.Length ?? 0,
SabreTools.Models.SGA.Directory6 d6 => filesLength = d6.Files?.Length ?? 0,
SabreTools.Models.SGA.Directory7 d7 => filesLength = d7.Files?.Length ?? 0,
_ => 0,
};
// If we have no files
if (filesLength == 0)
@@ -105,55 +102,53 @@ namespace BinaryObjectScanner.FileType
return false;
// Get the files
object? file;
switch (item.Model.Header?.MajorVersion)
object? file = item.Model.Directory switch
{
case 4: file = (item.Model.Directory as SabreTools.Models.SGA.Directory4)?.Files?[index]; break;
case 5: file = (item.Model.Directory as SabreTools.Models.SGA.Directory5)?.Files?[index]; break;
case 6: file = (item.Model.Directory as SabreTools.Models.SGA.Directory6)?.Files?[index]; break;
case 7: file = (item.Model.Directory as SabreTools.Models.SGA.Directory7)?.Files?[index]; break;
default: return false;
}
SabreTools.Models.SGA.Directory4 d4 => d4.Files![index],
SabreTools.Models.SGA.Directory5 d5 => d5.Files![index],
SabreTools.Models.SGA.Directory6 d6 => d6.Files![index],
SabreTools.Models.SGA.Directory7 d7 => d7.Files![index],
_ => null,
};
// If the file is invalid
if (file == null)
return false;
// Create the filename
var filename = string.Empty;
switch (item.Model.Header?.MajorVersion)
var filename = file switch
{
case 4:
case 5: filename = (file as SabreTools.Models.SGA.File4)?.Name; break;
case 6: filename = (file as SabreTools.Models.SGA.File6)?.Name; break;
case 7: filename = (file as SabreTools.Models.SGA.File7)?.Name; break;
default: return false;
}
SabreTools.Models.SGA.File4 f4 => f4.Name,
_ => null,
};
// If the filename is invalid
if (filename == null)
return false;
// Loop through and get all parent directories
var parentNames = new List<string?> { filename };
var parentNames = new List<string> { filename };
// Get the parent directory
var folder = default(object);
switch (item.Model.Header?.MajorVersion)
var folder = item.Model.Directory switch
{
case 4: folder = (item.Model.Directory as SabreTools.Models.SGA.Directory4)?.Folders?.FirstOrDefault(f => f != null && index >= f.FileStartIndex && index <= f.FileEndIndex); break;
case 5: folder = (item.Model.Directory as SabreTools.Models.SGA.Directory5)?.Folders?.FirstOrDefault(f => f != null && index >= f.FileStartIndex && index <= f.FileEndIndex); break;
case 6: folder = (item.Model.Directory as SabreTools.Models.SGA.Directory6)?.Folders?.FirstOrDefault(f => f != null && index >= f.FileStartIndex && index <= f.FileEndIndex); break;
case 7: folder = (item.Model.Directory as SabreTools.Models.SGA.Directory7)?.Folders?.FirstOrDefault(f => f != null && index >= f.FileStartIndex && index <= f.FileEndIndex); break;
default: return false;
}
SabreTools.Models.SGA.Directory4 d4 => Array.Find(d4.Folders ?? [], f => f != null && index >= f.FileStartIndex && index <= f.FileEndIndex),
SabreTools.Models.SGA.Directory5 d5 => Array.Find(d5.Folders ?? [], f => f != null && index >= f.FileStartIndex && index <= f.FileEndIndex),
SabreTools.Models.SGA.Directory6 d6 => Array.Find(d6.Folders ?? [], f => f != null && index >= f.FileStartIndex && index <= f.FileEndIndex),
SabreTools.Models.SGA.Directory7 d7 => Array.Find(d7.Folders ?? [], f => f != null && index >= f.FileStartIndex && index <= f.FileEndIndex),
_ => default(object),
};
// If we have a parent folder
if (folder != null)
{
switch (item.Model.Header?.MajorVersion)
string folderName = folder switch
{
case 4: parentNames.Add((folder as SabreTools.Models.SGA.Folder4)?.Name); break;
case 5:
case 6:
case 7: parentNames.Add((folder as SabreTools.Models.SGA.Folder5)?.Name); break;
default: return false;
}
SabreTools.Models.SGA.Folder4 f4 => f4.Name ?? string.Empty,
SabreTools.Models.SGA.Folder5 f5 => f5.Name ?? string.Empty,
_ => string.Empty,
};
parentNames.Add(folderName);
}
// TODO: Should the section name/alias be used in the path as well?
@@ -161,55 +156,45 @@ namespace BinaryObjectScanner.FileType
// Reverse and assemble the filename
parentNames.Reverse();
#if NET20 || NET35
var parentNamesArray = parentNames.Cast<string>().ToArray();
filename = parentNamesArray[0];
for (int i = 1; i < parentNamesArray.Length; i++)
filename = parentNames[0];
for (int i = 1; i < parentNames.Count; i++)
{
filename = Path.Combine(filename, parentNamesArray[i]);
filename = Path.Combine(filename, parentNames[i]);
}
#else
filename = Path.Combine(parentNames.Cast<string>().ToArray());
filename = Path.Combine(parentNames);
#endif
// Get the file offset
long fileOffset;
switch (item.Model.Header?.MajorVersion)
long fileOffset = file switch
{
case 4:
case 5: fileOffset = (file as SabreTools.Models.SGA.File4)?.Offset ?? 0; break;
case 6: fileOffset = (file as SabreTools.Models.SGA.File6)?.Offset ?? 0; break;
case 7: fileOffset = (file as SabreTools.Models.SGA.File7)?.Offset ?? 0; break;
default: return false;
}
SabreTools.Models.SGA.File4 f4 => f4.Offset,
_ => -1,
};
// Adjust the file offset
switch (item.Model.Header?.MajorVersion)
fileOffset += item.Model.Header switch
{
case 4: fileOffset += (item.Model.Header as SabreTools.Models.SGA.Header4)?.FileDataOffset ?? 0; break;
case 5: fileOffset += (item.Model.Header as SabreTools.Models.SGA.Header4)?.FileDataOffset ?? 0; break;
case 6: fileOffset += (item.Model.Header as SabreTools.Models.SGA.Header6)?.FileDataOffset ?? 0; break;
case 7: fileOffset += (item.Model.Header as SabreTools.Models.SGA.Header6)?.FileDataOffset ?? 0; break;
default: return false;
SabreTools.Models.SGA.Header4 h4 => h4.FileDataOffset,
SabreTools.Models.SGA.Header6 h6 => h6.FileDataOffset,
_ => -1,
};
// If the offset is invalid
if (fileOffset < 0)
return false;
// Get the file sizes
long fileSize, outputFileSize;
switch (item.Model.Header?.MajorVersion)
switch (file)
{
case 4:
case 5:
fileSize = (file as SabreTools.Models.SGA.File4)?.SizeOnDisk ?? 0;
outputFileSize = (file as SabreTools.Models.SGA.File4)?.Size ?? 0;
case SabreTools.Models.SGA.File4 f4:
fileSize = f4.SizeOnDisk;
outputFileSize = f4.Size;
break;
case 6:
fileSize = (file as SabreTools.Models.SGA.File6)?.SizeOnDisk ?? 0;
outputFileSize = (file as SabreTools.Models.SGA.File6)?.Size ?? 0;
break;
case 7:
fileSize = (file as SabreTools.Models.SGA.File7)?.SizeOnDisk ?? 0;
outputFileSize = (file as SabreTools.Models.SGA.File7)?.Size ?? 0;
break;
default: return false;
default:
return false;
}
// Read the compressed data directly

3
BinaryObjectScanner/FileType/VPK.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.IO.Extensions;
@@ -138,7 +137,7 @@ namespace BinaryObjectScanner.FileType
// If we have preload data, prepend it
if (data != null && directoryItem.PreloadData != null)
data = directoryItem.PreloadData.Concat(data).ToArray();
data = [.. directoryItem.PreloadData, .. data];
}
// If there is nothing to write out

3
BinaryObjectScanner/FileType/XZP.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
namespace BinaryObjectScanner.FileType
@@ -90,7 +89,7 @@ namespace BinaryObjectScanner.FileType
return false;
// Get the associated directory item
var directoryItem = item.Model.DirectoryItems.Where(di => di?.FileNameCRC == directoryEntry.FileNameCRC).FirstOrDefault();
var directoryItem = Array.Find(item.Model.DirectoryItems, di => di?.FileNameCRC == directoryEntry.FileNameCRC);
if (directoryItem == null)
return false;

3
BinaryObjectScanner/Packer/AdvancedInstaller.cs
View File

@@ -1,4 +1,3 @@
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
@@ -20,7 +19,7 @@ namespace BinaryObjectScanner.Packer
var strs = pex.GetFirstSectionStrings(".rdata");
if (strs != null)
{
if (strs.Any(s => s.Contains("Software\\Caphyon\\Advanced Installer")))
if (strs.Exists(s => s.Contains("Software\\Caphyon\\Advanced Installer")))
return "Caphyon Advanced Installer";
}

5
BinaryObjectScanner/Packer/DotFuscator.cs
View File

@@ -1,5 +1,4 @@
using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
namespace BinaryObjectScanner.Packer
@@ -19,7 +18,7 @@ namespace BinaryObjectScanner.Packer
var strs = pex.GetFirstSectionStrings(".text");
if (strs != null)
{
if (strs.Any(s => s.Contains("DotfuscatorAttribute")))
if (strs.Exists(s => s.Contains("DotfuscatorAttribute")))
return "dotFuscator";
}

5
BinaryObjectScanner/Packer/GenteeInstaller.cs
View File

@@ -1,4 +1,3 @@
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
@@ -20,10 +19,10 @@ namespace BinaryObjectScanner.Packer
var strs = pex.GetFirstSectionStrings(".data") ?? pex.GetFirstSectionStrings("DATA");
if (strs != null)
{
if (strs.Any(s => s.Contains("Gentee installer")))
if (strs.Exists(s => s.Contains("Gentee installer")))
return "Gentee Installer";
if (strs.Any(s => s.Contains("ginstall.dll")))
if (strs.Exists(s => s.Contains("ginstall.dll")))
return "Gentee Installer";
}

5
BinaryObjectScanner/Packer/HyperTechCrackProof.cs
View File

@@ -1,4 +1,4 @@
using System.Linq;
using System;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
@@ -22,7 +22,8 @@ namespace BinaryObjectScanner.Packer
// This check may be overly limiting, as it excludes the sample provided to DiE (https://github.com/horsicq/Detect-It-Easy/issues/102).
// TODO: Find further samples and invesitgate if the "peC" section is only present on specific versions.
bool peCSection = pex.ContainsSection("peC", exact: true);
bool importTableMatch = (pex.Model.ImportTable?.ImportDirectoryTable?.Any(idte => idte?.Name == "KeRnEl32.dLl") ?? false);
bool importTableMatch = Array.Exists(pex.Model.ImportTable?.ImportDirectoryTable ?? [],
idte => idte?.Name == "KeRnEl32.dLl");
if (peCSection && importTableMatch)
return "HyperTech CrackProof";

3
BinaryObjectScanner/Packer/InnoSetup.cs
View File

@@ -1,5 +1,4 @@
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Content;
@@ -40,7 +39,7 @@ namespace BinaryObjectScanner.Packer
var strs = pex.GetFirstSectionStrings(".data") ?? pex.GetFirstSectionStrings("DATA");
if (strs != null)
{
var str = strs.FirstOrDefault(s => s.StartsWith("Inno Setup Setup Data"));
var str = strs.Find(s => s.StartsWith("Inno Setup Setup Data"));
if (str != null)
{
return str.Replace("Inno Setup Setup Data", "Inno Setup")

3
BinaryObjectScanner/Packer/InstallerVISE.cs
View File

@@ -1,4 +1,3 @@
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
@@ -21,7 +20,7 @@ namespace BinaryObjectScanner.Packer
var strs = pex.GetFirstSectionStrings(".data") ?? pex.GetFirstSectionStrings("DATA");
if (strs != null)
{
if (strs.Any(s => s.Contains("ViseMain")))
if (strs.Exists(s => s.Contains("ViseMain")))
return "Installer VISE";
}

5
BinaryObjectScanner/Packer/MicrosoftCABSFX.cs
View File

@@ -1,5 +1,4 @@
using System;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
@@ -29,7 +28,7 @@ namespace BinaryObjectScanner.Packer
var strs = pex.GetFirstSectionStrings(".data") ?? pex.GetFirstSectionStrings("DATA");
if (strs != null)
{
if (strs.Any(s => s.Contains("wextract_cleanup")))
if (strs.Exists(s => s.Contains("wextract_cleanup")))
return $"Microsoft CAB SFX {GetVersion(pex)}";
}
@@ -39,7 +38,7 @@ namespace BinaryObjectScanner.Packer
{
// This detects a different but similar type of SFX that uses Microsoft CAB files.
// Further research is needed to see if it's just a different version or entirely separate.
if (strs.Any(s => s.Contains("MSCFu")))
if (strs.Exists(s => s.Contains("MSCFu")))
return $"Microsoft CAB SFX {GetVersion(pex)}";
}

3
BinaryObjectScanner/Packer/NSIS.cs
View File

@@ -1,4 +1,3 @@
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
@@ -23,7 +22,7 @@ namespace BinaryObjectScanner.Packer
var strs = pex.GetFirstSectionStrings(".data") ?? pex.GetFirstSectionStrings("DATA");
if (strs != null)
{
if (strs.Any(s => s.Contains("NullsoftInst")))
if (strs.Exists(s => s.Contains("NullsoftInst")))
return "NSIS";
}

13
BinaryObjectScanner/Packer/UPX.cs
View File

@@ -1,5 +1,4 @@
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Text.RegularExpressions;
using BinaryObjectScanner.Interfaces;
@@ -24,13 +23,13 @@ namespace BinaryObjectScanner.Packer
return null;
// Check header padding strings
if (pex.HeaderPaddingStrings?.Any() == true)
if (pex.HeaderPaddingStrings != null && pex.HeaderPaddingStrings.Count > 0)
{
var match = pex.HeaderPaddingStrings.FirstOrDefault(s => s.Contains("UPX!"));
var match = pex.HeaderPaddingStrings.Find(s => s.Contains("UPX!"));
//if (match != null)
// return "UPX";
match = pex.HeaderPaddingStrings.FirstOrDefault(s => s.StartsWith("$Id: UPX"));
match = pex.HeaderPaddingStrings.Find(s => s.StartsWith("$Id: UPX"));
if (match != null)
{
var regexMatch = _oldUpxVersionMatch.Match(match);
@@ -40,8 +39,8 @@ namespace BinaryObjectScanner.Packer
return "UPX (Unknown Version)";
}
match = pex.HeaderPaddingStrings.FirstOrDefault(s => _upxVersionMatch.IsMatch(s));
if (match != null && pex.HeaderPaddingStrings.Any(s => s == "UPX!"))
match = pex.HeaderPaddingStrings.Find(s => _upxVersionMatch.IsMatch(s));
if (match != null && pex.HeaderPaddingStrings.Exists(s => s == "UPX!"))
{
var regexMatch = _upxVersionMatch.Match(match);
if (regexMatch.Success)
@@ -49,7 +48,7 @@ namespace BinaryObjectScanner.Packer
else
return "UPX (Unknown Version)";
}
else if (match != null && pex.HeaderPaddingStrings.Any(s => s == "NOS "))
else if (match != null && pex.HeaderPaddingStrings.Exists(s => s == "NOS "))
{
var regexMatch = _upxVersionMatch.Match(match);
if (regexMatch.Success)

5
BinaryObjectScanner/Packer/WiseInstaller.cs
View File

@@ -1,7 +1,6 @@
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.IO.Extensions;
using SabreTools.Matching;
@@ -59,7 +58,7 @@ namespace BinaryObjectScanner.Packer
var strs = pex.GetFirstSectionStrings(".data") ?? pex.GetFirstSectionStrings("DATA");
if (strs != null)
{
if (strs.Any(s => s.Contains("WiseMain")))
if (strs.Exists(s => s.Contains("WiseMain")))
return "Wise Installation Wizard Module";
}
@@ -67,7 +66,7 @@ namespace BinaryObjectScanner.Packer
strs = pex.GetFirstSectionStrings(".rdata");
if (strs != null)
{
if (strs.Any(s => s.Contains("WiseMain")))
if (strs.Exists(s => s.Contains("WiseMain")))
return "Wise Installation Wizard Module";
}

8
BinaryObjectScanner/Protection/ActiveMARK.cs
View File

@@ -82,8 +82,8 @@ namespace BinaryObjectScanner.Protection
var strs = pex.GetLastSectionStrings(".data");
if (strs != null)
{
if (strs.Any(s => s.Contains("MPRMMGVA"))
&& strs.Any(s => s.Contains("This application cannot run with an active debugger in memory.")))
if (strs.Exists(s => s.Contains("MPRMMGVA"))
&& strs.Exists(s => s.Contains("This application cannot run with an active debugger in memory.")))
{
return "ActiveMARK 6.x";
}
@@ -103,7 +103,7 @@ namespace BinaryObjectScanner.Protection
// Get the overlay data, if it exists
if (pex.OverlayStrings != null)
{
if (pex.OverlayStrings.Any(s => s.Contains("TMSAMVOH")))
if (pex.OverlayStrings.Exists(s => s.Contains("TMSAMVOH")))
return "ActiveMARK";
}
@@ -111,7 +111,7 @@ namespace BinaryObjectScanner.Protection
strs = pex.GetLastSectionStrings(".bss");
if (strs != null)
{
if (strs.Any(s => s.Contains("TMSAMVOF")))
if (strs.Exists(s => s.Contains("TMSAMVOF")))
return "ActiveMARK";
}

15
BinaryObjectScanner/Protection/AlphaROM.cs
View File

@@ -1,5 +1,4 @@
using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
namespace BinaryObjectScanner.Protection
@@ -57,10 +56,10 @@ namespace BinaryObjectScanner.Protection
var strs = pex.GetFirstSectionStrings(".data") ?? pex.GetFirstSectionStrings("DATA");
if (strs != null)
{
if (strs.Any(s => s.Contains("\\SETTEC")))
if (strs.Exists(s => s.Contains("\\SETTEC")))
return "Alpha-ROM";
if (strs.Any(s => s.Contains("SETTEC0000")))
if (strs.Exists(s => s.Contains("SETTEC0000")))
return "Alpha-ROM";
}
@@ -68,13 +67,13 @@ namespace BinaryObjectScanner.Protection
strs = pex.GetFirstSectionStrings(".rdata");
if (strs != null)
{
if (strs.Any(s => s.Contains("This Game is Japan Only")))
if (strs.Exists(s => s.Contains("This Game is Japan Only")))
return "Alpha-ROM";
// Found in "Filechk.exe" in Redump entry 115358.
if (strs.Any(s => s.Contains("AlphaCheck.exe")))
if (strs.Exists(s => s.Contains("AlphaCheck.exe")))
return "Alpha-ROM";
// Found in "Uninstall.exe" in Redump entry 115358.
if (strs.Any(s => s.Contains("AlphaCheck.dat")))
if (strs.Exists(s => s.Contains("AlphaCheck.dat")))
return "Alpha-ROM";
}
@@ -82,7 +81,7 @@ namespace BinaryObjectScanner.Protection
if (pex.OverlayStrings != null)
{
// Found in Redump entry 84122.
if (pex.OverlayStrings.Any(s => s.Contains("SETTEC0000")))
if (pex.OverlayStrings.Exists(s => s.Contains("SETTEC0000")))
return "Alpha-ROM";
}

6
BinaryObjectScanner/Protection/Armadillo.cs
View File

@@ -1,4 +1,4 @@
using System.Linq;
using System;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
@@ -36,13 +36,13 @@ namespace BinaryObjectScanner.Protection
// Loop through all "extension" sections -- usually .data1 or .text1
if (pex.SectionNames != null)
{
foreach (var sectionName in pex.SectionNames.Where(s => s != null && s.EndsWith("1")))
foreach (var sectionName in Array.FindAll(pex.SectionNames, s => s != null && s.EndsWith("1")))
{
// Get the section strings, if they exist
var strs = pex.GetFirstSectionStrings(sectionName);
if (strs != null)
{
if (strs.Any(s => s.Contains("ARMDEBUG")))
if (strs.Exists(s => s.Contains("ARMDEBUG")))
return "Armadillo";
}
}

10
BinaryObjectScanner/Protection/ByteShield.cs
View File

@@ -95,7 +95,7 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "LineRider2.exe" in Redump entry 6236
if (strs.Any(s => s?.Contains("ByteShield") == true))
if (strs.Exists(s => s?.Contains("ByteShield") == true))
return "ByteShield";
}
@@ -104,15 +104,15 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "ByteShield.dll" in Redump entry 6236
if (strs.Any(s => s?.Contains("Byte|Shield") == true))
if (strs.Exists(s => s?.Contains("Byte|Shield") == true))
return "ByteShield Component Module";
// Found in "ByteShield.dll" in Redump entry 6236
else if (strs.Any(s => s?.Contains("Byteshield0") == true))
else if (strs.Exists(s => s?.Contains("Byteshield0") == true))
return "ByteShield Component Module";
// Found in "ByteShield.dll" in Redump entry 6236
else if (strs.Any(s => s?.Contains("ByteShieldLoader") == true))
else if (strs.Exists(s => s?.Contains("ByteShieldLoader") == true))
return "ByteShield Component Module";
}
@@ -122,7 +122,7 @@ namespace BinaryObjectScanner.Protection
{
// TODO: Figure out if this specifically indicates if the file is encrypted
// Found in "LineRider2.bbz" in Redump entry 6236
if (strs.Any(s => s?.Contains("ByteShield") == true))
if (strs.Exists(s => s?.Contains("ByteShield") == true))
return "ByteShield";
}

2
BinaryObjectScanner/Protection/CDDVDCops.cs
View File

@@ -231,7 +231,7 @@ namespace BinaryObjectScanner.Protection
#if NET20 || NET35 || NET40
byte[] versionBytes = new byte[4];
Array.Copy(fileContent, positions[0] + 15, versionBytes, 0, 4);
char[] version = versionBytes.Select(b => (char)b).ToArray();
char[] version = Array.ConvertAll(versionBytes, b => (char)b);
#else
char[] version = new ArraySegment<byte>(fileContent, positions[0] + 15, 4).Select(b => (char)b).ToArray();
#endif

3
BinaryObjectScanner/Protection/CDGuard.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -46,7 +45,7 @@ namespace BinaryObjectScanner.Protection
if (pex.Model.ImportTable?.ImportDirectoryTable != null)
{
// Found in "Randevu.exe" in Redump entry 97142.
bool match = pex.Model.ImportTable.ImportDirectoryTable.Any(idte => idte?.Name != null && idte.Name.Equals("cdguard.dll", StringComparison.OrdinalIgnoreCase));
bool match = Array.Exists(pex.Model.ImportTable.ImportDirectoryTable, idte => idte?.Name != null && idte.Name.Equals("cdguard.dll", StringComparison.OrdinalIgnoreCase));
if (match)
return "CD-Guard Copy Protection System";
}

5
BinaryObjectScanner/Protection/CDSHiELDSE.cs
View File

@@ -1,5 +1,4 @@
using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
namespace BinaryObjectScanner.Protection
@@ -27,7 +26,7 @@ namespace BinaryObjectScanner.Protection
var strs = pex.GetFirstSectionStrings("code") ?? pex.GetFirstSectionStrings("CODE");
if (strs != null)
{
if (strs.Any(s => s.Contains("~0017.tmp")))
if (strs.Exists(s => s.Contains("~0017.tmp")))
return "CDSHiELD SE";
}

8
BinaryObjectScanner/Protection/CactusDataShield.cs
View File

@@ -1,5 +1,4 @@
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Content;
@@ -18,14 +17,13 @@ namespace BinaryObjectScanner.Protection
var contentMatchSets = new List<ContentMatchSet>
{
// CDSPlayer
new(new byte?[] { 0x43, 0x44, 0x53, 0x50, 0x6C, 0x61, 0x79, 0x65, 0x72 }, "Cactus Data Shield 200"),
new([0x43, 0x44, 0x53, 0x50, 0x6C, 0x61, 0x79, 0x65, 0x72], "Cactus Data Shield 200"),
// yucca.cds
new(new byte?[] { 0x79, 0x75, 0x63, 0x63, 0x61, 0x2E, 0x63, 0x64, 0x73 }, "Cactus Data Shield 200"),
new([0x79, 0x75, 0x63, 0x63, 0x61, 0x2E, 0x63, 0x64, 0x73], "Cactus Data Shield 200"),
};
if (contentMatchSets != null && contentMatchSets.Any())
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchSets, includeDebug);
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchSets, includeDebug);
}
return null;

7
BinaryObjectScanner/Protection/ChosenBytesCodeLock.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -40,13 +39,13 @@ namespace BinaryObjectScanner.Protection
var strs = pex.GetFirstSectionStrings(".text");
if (strs != null)
{
if (strs.Any(s => s.Contains("CODE-LOCK.OCX")))
if (strs.Exists(s => s.Contains("CODE-LOCK.OCX")))
return "ChosenBytes Code-Lock";
if (strs.Any(s => s.Contains("Code-Lock.ocx")))
if (strs.Exists(s => s.Contains("Code-Lock.ocx")))
return "ChosenBytes Code-Lock";
if (strs.Any(s => s.Contains("CodeLock.Secure")))
if (strs.Exists(s => s.Contains("CodeLock.Secure")))
return "ChosenBytes Code-Lock";
}

4
BinaryObjectScanner/Protection/CopyLok.cs
View File

@@ -1,4 +1,4 @@
using System.Linq;
using System;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
@@ -33,7 +33,7 @@ namespace BinaryObjectScanner.Protection
// If there are more than 2 icd-prefixed sections, then we have a match
// Though this is the same name that SafeDisc uses for protected executables, this seems to be a coincidence.
// Found in Redump entries 31557, 31674, 31675, 31708, 38239, 44210, and 53929.
int icdSectionCount = pex.SectionNames?.Count(s => s.StartsWith("icd")) ?? 0;
int icdSectionCount = Array.FindAll(pex.SectionNames ?? [], s => s.StartsWith("icd")).Length;
if (icdSectionCount >= 2)
return "CopyLok / CodeLok";

4
BinaryObjectScanner/Protection/CopyX.cs
View File

@@ -77,7 +77,7 @@ namespace BinaryObjectScanner.Protection
// TODO: This might need to check every single section. Unsure until more samples are acquired.
// TODO: TKKG also has an NE 3.1x executable with a reference. This can be added later.
// Samples: Redump ID 108150
if (pex.OverlayStrings.Any(s => s.Contains("optgraph.dll")))
if (pex.OverlayStrings.Exists(s => s.Contains("optgraph.dll")))
return "copy-X [Check disc for physical ring]";
}
@@ -85,7 +85,7 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Samples: Redump ID 82475, German Emergency 2 Deluxe, Redump ID 48393
if (strs.Any(s => s.Contains("optgraph.dll")))
if (strs.Exists(s => s.Contains("optgraph.dll")))
return "copy-X [Check disc for physical ring]";
}

7
BinaryObjectScanner/Protection/CrypKey.cs
View File

@@ -1,5 +1,4 @@
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -29,15 +28,15 @@ namespace BinaryObjectScanner.Protection
// Full string:
// *CrypKey Instant 2.0 security i(32 - bit) *
// *Copyright(c) 1996 Kenonic Controls Ltd. *
if (strs.Any(s => s.Contains("CrypKey Instant 2.0 security")))
if (strs.Exists(s => s.Contains("CrypKey Instant 2.0 security")))
return "CrypKey Instant 2.0";
// Generic check to catch unknown CrypKey Instant versions.
if (strs.Any(s => s.Contains("CrypKey Instant")))
if (strs.Exists(s => s.Contains("CrypKey Instant")))
return "CrypKey Instant (Unknown version - Please report to us on GitHub)";
// Generic check to catch unknown CrypKey products.
if (strs.Any(s => s.Contains("CrypKey")))
if (strs.Exists(s => s.Contains("CrypKey")))
return "CrypKey (Unknown version - Please report to us on GitHub)";
}

6
BinaryObjectScanner/Protection/ElectronicArts.cs
View File

@@ -36,7 +36,7 @@ namespace BinaryObjectScanner.Protection
var strs = pex.GetFirstSectionStrings(".data") ?? pex.GetFirstSectionStrings("DATA");
if (strs != null)
{
if (strs.Any(s => s.Contains("EReg Config Form")))
if (strs.Exists(s => s.Contains("EReg Config Form")))
return "EA CdKey Registration Module";
}
@@ -44,7 +44,7 @@ namespace BinaryObjectScanner.Protection
strs = pex.GetFirstSectionStrings(".rdata");
if (strs != null)
{
if (strs.Any(s => s.Contains("GenericEA")) && strs.Any(s => s.Contains("Activation")))
if (strs.Exists(s => s.Contains("GenericEA")) && strs.Exists(s => s.Contains("Activation")))
return "EA DRM Protection";
}
@@ -52,7 +52,7 @@ namespace BinaryObjectScanner.Protection
strs = pex.GetFirstSectionStrings(".text");
if (strs != null)
{
if (strs.Any(s => s.Contains("GenericEA")) && strs.Any(s => s.Contains("Activation")))
if (strs.Exists(s => s.Contains("GenericEA")) && strs.Exists(s => s.Contains("Activation")))
return "EA DRM Protection";
}

9
BinaryObjectScanner/Protection/Engine32.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -28,8 +27,8 @@ namespace BinaryObjectScanner.Protection
// Detects Engine32 within the game executables that contain it.
if (pex.Model.ImportTable?.ImportDirectoryTable != null && pex.Model.ImportTable?.HintNameTable != null)
{
bool importDirectoryTableMatch = pex.Model.ImportTable.ImportDirectoryTable.Any(idte => idte?.Name != null && idte.Name.Equals("ENGINE32.DLL", StringComparison.OrdinalIgnoreCase));
bool hintNameTableMatch = pex.Model.ImportTable?.HintNameTable.Any(ihne => ihne?.Name == "InitEngine") ?? false;
bool importDirectoryTableMatch = Array.Exists(pex.Model.ImportTable.ImportDirectoryTable, idte => idte?.Name != null && idte.Name.Equals("ENGINE32.DLL", StringComparison.OrdinalIgnoreCase));
bool hintNameTableMatch = Array.Exists(pex.Model.ImportTable?.HintNameTable ?? [], ihne => ihne?.Name == "InitEngine");
// The Hint/Name Table Entry "DeinitEngine" is present in every tested sample, aside from TOCA Race Driver 2 (Redump entries 104593-104596).
@@ -40,8 +39,8 @@ namespace BinaryObjectScanner.Protection
// Detects Engine32 within the file "engine32.dll".
if (pex.Model.ExportTable?.ExportNameTable?.Strings != null)
{
bool exportNameTableMatch1 = pex.Model.ExportTable.ExportNameTable.Strings.Any(s => s == "engine32.dll");
bool exportNameTableMatch2 = pex.Model.ExportTable.ExportNameTable.Strings.Any(s => s == "DeinitEngine");
bool exportNameTableMatch1 = Array.Exists(pex.Model.ExportTable.ExportNameTable.Strings, s => s == "engine32.dll");
bool exportNameTableMatch2 = Array.Exists(pex.Model.ExportTable.ExportNameTable.Strings, s => s == "DeinitEngine");
if (exportNameTableMatch1 && exportNameTableMatch2)
return "Engine32";

4
BinaryObjectScanner/Protection/GFWL.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -27,8 +26,7 @@ namespace BinaryObjectScanner.Protection
// Get the import directory table
if (pex.Model.ImportTable?.ImportDirectoryTable != null)
{
bool match = pex.Model.ImportTable.ImportDirectoryTable.Any(idte => idte?.Name == "xlive.dll");
if (match)
if (Array.Exists(pex.Model.ImportTable.ImportDirectoryTable, idte => idte?.Name == "xlive.dll"))
return "Games for Windows LIVE";
}

3
BinaryObjectScanner/Protection/Gefest.cs
View File

@@ -1,5 +1,4 @@
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -30,7 +29,7 @@ namespace BinaryObjectScanner.Protection
// Get the header padding strings, if it exists
if (pex.HeaderPaddingStrings != null)
{
var match = pex.HeaderPaddingStrings.FirstOrDefault(s => s.Contains("Gefest Protection System"));
var match = pex.HeaderPaddingStrings.Find(s => s.Contains("Gefest Protection System"));
if (match != null)
return $"Gefest Protection System {GetVersion(match)}";
}

3
BinaryObjectScanner/Protection/HexaLock.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -60,7 +59,7 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "The Sudoku Challenge Collection.exe" in "The Sudoku Challenge! Collection" by Play at Joe's.
if (strs.Any(s => s.Contains("mfint.dll")))
if (strs.Exists(s => s.Contains("mfint.dll")))
return "Hexalock Autolock";
}

12
BinaryObjectScanner/Protection/ImpulseReactor.cs
View File

@@ -1,6 +1,6 @@
using System.Collections.Generic;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -33,16 +33,16 @@ namespace BinaryObjectScanner.Protection
return $"Stardock Product Activation {pex.GetInternalVersion()}";
// TODO: Check for CVP* instead?
bool containsCheck = pex.Model.ExportTable?.ExportNameTable?.Strings?.Any(s => s?.StartsWith("CVPInitializeClient") ?? false) ?? false;
bool containsCheck = Array.Exists(pex.Model.ExportTable?.ExportNameTable?.Strings ?? [], s => s?.StartsWith("CVPInitializeClient") ?? false);
bool containsCheck2 = false;
// Get the .rdata section strings, if they exist
var strs = pex.GetFirstSectionStrings(".rdata");
if (strs != null)
{
containsCheck2 = strs.Any(s => s.EndsWith("ATTLIST"))
&& strs.Any(s => s.Equals("ELEMENT"))
&& strs.Any(s => s.StartsWith("NOTATION"));
containsCheck2 = strs.Exists(s => s.EndsWith("ATTLIST"))
&& strs.Exists(s => s.Equals("ELEMENT"))
&& strs.Exists(s => s.StartsWith("NOTATION"));
}
if (containsCheck && containsCheck2)

7
BinaryObjectScanner/Protection/JoWood.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Content;
@@ -24,8 +23,8 @@ namespace BinaryObjectScanner.Protection
// Get the .ext section, if it exists
if (pex.ContainsSection(".ext ", exact: true))
{
bool importTableMatches = (pex.Model.ImportTable?.ImportDirectoryTable?.Any(idte => idte?.Name == "kernel32.dll") ?? false)
&& (pex.Model.ImportTable?.HintNameTable?.Any(s => s?.Name == "VirtualProtect") ?? false);
bool importTableMatches = Array.Exists(pex.Model.ImportTable?.ImportDirectoryTable ?? [], idte => idte?.Name == "kernel32.dll")
&& Array.Exists(pex.Model.ImportTable?.HintNameTable ?? [], s => s?.Name == "VirtualProtect");
// Get the .dcrtext section, if it exists
if (pex.ContainsSection(".dcrtext") && importTableMatches)
@@ -77,7 +76,7 @@ namespace BinaryObjectScanner.Protection
#if NET20 || NET35 || NET40
byte[] versionBytes = new byte[8];
Array.Copy(fileContent, position + 67, versionBytes, 0, 8);
char[] version = versionBytes.Select(b => (char)b).ToArray();
char[] version = Array.ConvertAll(versionBytes, b => (char)b);
#else
char[] version = new ArraySegment<byte>(fileContent, position + 67, 8).Select(b => (char)b).ToArray();
#endif

3
BinaryObjectScanner/Protection/KalypsoLauncher.cs
View File

@@ -1,5 +1,4 @@
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -49,7 +48,7 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "TFT.exe" in Redump entry 95617.
if (strs.Any(s => s.Contains("@KalypsoLauncherXml")))
if (strs.Exists(s => s.Contains("@KalypsoLauncherXml")))
return "Kalypso Launcher";
}

3
BinaryObjectScanner/Protection/LabelGate.cs
View File

@@ -1,7 +1,6 @@
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -41,7 +40,7 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "START.EXE" (Redump entry 95010 and product ID SVWC-7185).
if (strs.Any(s => s.Contains("LGCD2_LAUNCH")))
if (strs.Exists(s => s.Contains("LGCD2_LAUNCH")))
return "LabelGate CD2";
}

25
BinaryObjectScanner/Protection/LaserLok.cs
View File

@@ -1,7 +1,6 @@
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -68,10 +67,10 @@ namespace BinaryObjectScanner.Protection
bool containsCheck = pex.StubExecutableData?.FirstPosition(check, out position) ?? false;
// Check the executable tables
bool containsCheck2 = (pex.Model.ImportTable?.HintNameTable?.Any(hnte => hnte?.Name == "GetModuleHandleA") ?? false)
&& (pex.Model.ImportTable?.HintNameTable?.Any(hnte => hnte?.Name == "GetProcAddress") ?? false)
&& (pex.Model.ImportTable?.HintNameTable?.Any(hnte => hnte?.Name == "LoadLibraryA") ?? false)
&& (pex.Model.ImportTable?.ImportDirectoryTable?.Any(idte => idte?.Name == "KERNEL32.dll") ?? false);
bool containsCheck2 = Array.Exists(pex.Model.ImportTable?.HintNameTable ?? [], hnte => hnte?.Name == "GetModuleHandleA")
&& Array.Exists(pex.Model.ImportTable?.HintNameTable ?? [], hnte => hnte?.Name == "GetProcAddress")
&& Array.Exists(pex.Model.ImportTable?.HintNameTable ?? [], hnte => hnte?.Name == "LoadLibraryA")
&& Array.Exists(pex.Model.ImportTable?.ImportDirectoryTable ?? [], idte => idte?.Name == "KERNEL32.dll");
int position2 = -1;
@@ -172,13 +171,13 @@ namespace BinaryObjectScanner.Protection
#if NET20 || NET35 || NET40
byte[] temp = new byte[2];
Array.Copy(sectionContent, index, temp, 0, 2);
day = new string(temp.Select(b => (char)b).ToArray());
day = new string(Array.ConvertAll(temp, b => (char)b));
index += 3;
Array.Copy(sectionContent, index, temp, 0, 2);
month = new string(temp.Select(b => (char)b).ToArray());
month = new string(Array.ConvertAll(temp, b => (char)b));
index += 3;
Array.Copy(sectionContent, index, temp, 0, 2);
year = "20" + new string(temp.Select(b => (char)b).ToArray());
year = "20" + new string(Array.ConvertAll(temp, b => (char)b));
#else
day = new string(new ArraySegment<byte>(sectionContent, index, 2).Select(b => (char)b).ToArray());
index += 3;
@@ -193,13 +192,13 @@ namespace BinaryObjectScanner.Protection
#if NET20 || NET35 || NET40
byte[] temp = new byte[2];
Array.Copy(sectionContent, index, temp, 0, 2);
day = new string(temp.Select(b => (char)b).ToArray());
day = new string(Array.ConvertAll(temp, b => (char)b));
index += 3;
Array.Copy(sectionContent, index, temp, 0, 2);
month = new string(temp.Select(b => (char)b).ToArray());
month = new string(Array.ConvertAll(temp, b => (char)b));
index += 3;
Array.Copy(sectionContent, index, temp, 0, 2);
year = "20" + new string(temp.Select(b => (char)b).ToArray());
year = "20" + new string(Array.ConvertAll(temp, b => (char)b));
#else
day = new string(new ArraySegment<byte>(sectionContent, index, 2).Select(b => (char)b).ToArray());
index += 3;
@@ -221,7 +220,7 @@ namespace BinaryObjectScanner.Protection
#if NET20 || NET35 || NET40
byte[] temp = new byte[4];
Array.Copy(sectionContent, position + 76, temp, 0, 4);
return new string(temp.Select(b => (char)b).ToArray());
return new string(Array.ConvertAll(temp, b => (char)b));
#else
return new string(new ArraySegment<byte>(sectionContent, position + 76, 4).Select(b => (char)b).ToArray());
#endif
@@ -242,7 +241,7 @@ namespace BinaryObjectScanner.Protection
#if NET20 || NET35 || NET40
byte[] temp = new byte[7];
Array.Copy(fileContent, 71, temp, 0, 7);
char[] version = temp.Select(b => (char)b).ToArray();
char[] version = Array.ConvertAll(temp, b => (char)b);
#else
char[] version = new ArraySegment<byte>(fileContent, 71, 7).Select(b => (char)b).ToArray();
#endif

2
BinaryObjectScanner/Protection/Macrovision.CDilla.cs
View File

@@ -138,7 +138,7 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "DJMixStation\DJMixStation.exe" in IA item "ejay_nestle_trial".
if (strs.Any(s => s.Contains("SOFTWARE\\C-Dilla\\RTS")))
if (strs.Exists(s => s.Contains("SOFTWARE\\C-Dilla\\RTS")))
return "C-Dilla License Management System";
}

4
BinaryObjectScanner/Protection/Macrovision.CactusDataShield.cs
View File

@@ -42,10 +42,10 @@ namespace BinaryObjectScanner.Protection
var strs = pex.GetFirstSectionStrings(".data") ?? pex.GetFirstSectionStrings("DATA");
if (strs != null)
{
if (strs.Any(s => s.Contains("\\*.CDS")))
if (strs.Exists(s => s.Contains("\\*.CDS")))
return "Cactus Data Shield 200";
if (strs.Any(s => s.Contains("DATA.CDS")))
if (strs.Exists(s => s.Contains("DATA.CDS")))
return "Cactus Data Shield 200";
}

3
BinaryObjectScanner/Protection/Macrovision.FLEXnet.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Linq;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
using SabreTools.Serialization.Wrappers;
@@ -61,7 +60,7 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "FLEXLM.CPL", "INSTALLS.EXE", "LMGR326B.DLL", "LMGRD.EXE", and "TAKEFIVE.EXE" in IA item "prog-17_202403".
if (strs.Any(s => s.Contains("FLEXlm License Manager")))
if (strs.Exists(s => s.Contains("FLEXlm License Manager")))
return "FlexLM";
}

15
BinaryObjectScanner/Protection/Macrovision.SafeCast.cs
View File

@@ -46,11 +46,9 @@ namespace BinaryObjectScanner.Protection
// Check for the CDAC01AA name string.
if (nex.Model.ResidentNameTable != null)
{
bool cdac01aaNameFound = nex.Model.ResidentNameTable
.Select(rnte => rnte?.NameString == null ? string.Empty : Encoding.ASCII.GetString(rnte.NameString))
.Any(s => s.Contains("CDAC01AA"));
if (cdac01aaNameFound)
var residentNames = Array.ConvertAll(nex.Model.ResidentNameTable,
rnte => rnte?.NameString == null ? string.Empty : Encoding.ASCII.GetString(rnte.NameString));
if (Array.Exists(residentNames, s => s.Contains("CDAC01AA")))
return "SafeCast";
}
@@ -84,8 +82,11 @@ namespace BinaryObjectScanner.Protection
// Get the import directory table, if it exists
if (pex.Model.ImportTable?.ImportDirectoryTable != null)
{
if (pex.Model.ImportTable.ImportDirectoryTable.Any(idte => idte?.Name != null && idte.Name.Equals("CdaC14BA.dll", StringComparison.OrdinalIgnoreCase)))
if (Array.Exists(pex.Model.ImportTable.ImportDirectoryTable,
idte => idte?.Name != null && idte.Name.Equals("CdaC14BA.dll", StringComparison.OrdinalIgnoreCase)))
{
return "SafeCast";
}
}
// Get the dialog box resources
@@ -99,7 +100,7 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "DJMixStation\DJMixStation.exe" in IA item "ejay_nestle_trial".
if (strs.Any(s => s.Contains("SOFTWARE\\C-Dilla\\SafeCast")))
if (strs.Exists(s => s.Contains("SOFTWARE\\C-Dilla\\SafeCast")))
return "SafeCast";
}

14
BinaryObjectScanner/Protection/Macrovision.SafeDisc.cs
View File

@@ -50,13 +50,11 @@ namespace BinaryObjectScanner.Protection
return null;
// Found in Redump entry 57986.
bool hintNameTableMatch = pex.Model.ImportTable?.HintNameTable?.Any(ihne => ihne?.Name == "LTDLL_Authenticate") ?? false;
if (hintNameTableMatch)
if (Array.Exists(pex.Model.ImportTable?.HintNameTable ?? [], ihne => ihne?.Name == "LTDLL_Authenticate"))
return "SafeDisc Lite";
// Found in Redump entry 57986.
bool importTableMatch = pex.Model.ImportTable?.ImportDirectoryTable?.Any(idte => idte?.Name == "ltdll.dll") ?? false;
if (importTableMatch)
if (Array.Exists(pex.Model.ImportTable?.ImportDirectoryTable ?? [], idte => idte?.Name == "ltdll.dll"))
return "SafeDisc Lite";
// Get the .data/DATA section strings, if they exist
@@ -64,15 +62,15 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in Redump entries 14928, 25579, 32751.
if (strs.Any(s => s.Contains("LTDLL_Initialise")))
if (strs.Exists(s => s.Contains("LTDLL_Initialise")))
return "SafeDisc Lite";
if (strs.Any(s => s.Contains("LTDLL_Authenticate")))
if (strs.Exists(s => s.Contains("LTDLL_Authenticate")))
return "SafeDisc Lite";
if (strs.Any(s => s.Contains("LTDLL_Unwrap")))
if (strs.Exists(s => s.Contains("LTDLL_Unwrap")))
return "SafeDisc Lite";
// Present in "Setup.exe" from the earlier "safedisc.exe" driver update provided by Macrovision.
if (strs.Any(s => s.Contains("Failed to get the DRVMGT.DLL Setup API address")))
if (strs.Exists(s => s.Contains("Failed to get the DRVMGT.DLL Setup API address")))
return "Macrovision SecDrv Update Installer";
}

12
BinaryObjectScanner/Protection/Macrovision.cs
View File

@@ -440,11 +440,11 @@ namespace BinaryObjectScanner.Protection
if (sectionStrings != null)
{
// If we don't have the "BoG_" string, the section isn't protected.
if (!sectionStrings.Any(s => s.Contains("BoG_")))
if (!sectionStrings.Exists(s => s.Contains("BoG_")))
return null;
// If we have the "BoG_" string but not the full "BoG_ *90.0&!! Yy>" string, the section has had the portion of the section that included the version number removed or obfuscated (Redump entry 40337).
if (!sectionStrings.Any(s => s.Contains("BoG_ *90.0&!! Yy>")))
if (!sectionStrings.Exists(s => s.Contains("BoG_ *90.0&!! Yy>")))
return newVersion ? "Macrovision Protected Application [Version Expunged]" : null;
}
@@ -631,13 +631,13 @@ namespace BinaryObjectScanner.Protection
if (resultsList.Contains("Macrovision Protected Application"))
{
if (resultsList.Contains("Macrovision Protected Application [Version Expunged]"))
resultsList = resultsList.Where(r => r != "Macrovision Protected Application").ToList();
resultsList = resultsList.FindAll(r => r != "Macrovision Protected Application");
else if (resultsList.Contains("Macrovision Protected Application (Entry point not present in the stxt371 section. Executable is either unprotected or nonfunctional)"))
resultsList = resultsList.Where(r => r != "Macrovision Protected Application").ToList();
resultsList = resultsList.FindAll(r => r != "Macrovision Protected Application");
else if (resultsList.Contains("Macrovision Protected Application (Generic detection - Report to us on GitHub)"))
resultsList = resultsList.Where(r => r != "Macrovision Protected Application").ToList();
resultsList = resultsList.FindAll(r => r != "Macrovision Protected Application");
else if (resultsList.Contains("Macrovision Protected Application (Report this to us on GitHub)"))
resultsList = resultsList.Where(r => r != "Macrovision Protected Application").ToList();
resultsList = resultsList.FindAll(r => r != "Macrovision Protected Application");
}
// Get distinct and order

4
BinaryObjectScanner/Protection/MediaMax.cs
View File

@@ -48,14 +48,14 @@ namespace BinaryObjectScanner.Protection
var strs = pex.GetFirstSectionStrings(".data") ?? pex.GetFirstSectionStrings("DATA");
if (strs != null)
{
if (strs.Any(s => s.Contains("CD3 Launch Error")))
if (strs.Exists(s => s.Contains("CD3 Launch Error")))
return "MediaMax CD-3";
}
// Get the export name table
if (pex.Model.ExportTable?.ExportNameTable?.Strings != null)
{
if (pex.Model.ExportTable.ExportNameTable.Strings.Any(s => s == "DllInstallSbcp"))
if (Array.Exists(pex.Model.ExportTable.ExportNameTable.Strings, s => s == "DllInstallSbcp"))
return "MediaMax CD-3";
}

6
BinaryObjectScanner/Protection/ProtectDisc.cs
View File

@@ -61,7 +61,7 @@ namespace BinaryObjectScanner.Protection
var strs = pex.GetSectionStrings(sections.Length - 2);
if (strs != null)
{
var str = strs.FirstOrDefault(s => s.Contains("VOB ProtectCD"));
var str = strs.Find(s => s.Contains("VOB ProtectCD"));
if (str != null)
return $"VOB ProtectCD {GetOldVersion(str)}";
}
@@ -177,7 +177,7 @@ namespace BinaryObjectScanner.Protection
#if NET20 || NET35 || NET40
temp = new byte[6];
Array.Copy(fileContent, index, temp, 0, 6);
if (new string(temp.Select(b => (char)b).ToArray()) == "Henrik")
if (new string(Array.ConvertAll(temp, b => (char)b)) == "Henrik")
#else
if (new string(new ArraySegment<byte>(fileContent, index, 6).Select(b => (char)b).ToArray()) == "Henrik")
#endif
@@ -206,7 +206,7 @@ namespace BinaryObjectScanner.Protection
#if NET20 || NET35 || NET40
temp = new byte[6];
Array.Copy(fileContent, index, temp, 0, 6);
char[] arrBuild = temp.Select(b => (char)b).ToArray();
char[] arrBuild = Array.ConvertAll(temp, b => (char)b);
#else
char[] arrBuild = new ArraySegment<byte>(fileContent, index, 6).Select(b => (char)b).ToArray();
#endif

28
BinaryObjectScanner/Protection/RainbowSentinel.cs
View File

@@ -209,11 +209,11 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "ADESKSYS.DLL"/"WINADMIN.EXE"/"WINQUERY.EXE" in BA entry "Autodesk AutoCAD LT 98 (1998) (CD) [English] [Dutch]", folder "\netsetup\SUPPORT\IPX".
if (strs.Any(s => s.Contains("Rainbow SentinelSuperPro")))
if (strs.Exists(s => s.Contains("Rainbow SentinelSuperPro")))
return "Rainbow Sentinel SuperPro";
// Found in "SETUPAXP.EXE", "SETUPMPS.EXE", and "SETUPPPC.EXE" in IA item "czchip199707cd".
if (strs.Any(s => s.Contains("Sentinel Driver Setup Program")))
if (strs.Exists(s => s.Contains("Sentinel Driver Setup Program")))
return "Rainbow Sentinel";
}
@@ -222,23 +222,23 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "SP32W.DLL" in IA item "pcwkcd-1296".
if (strs.Any(s => s.Contains("SentinelPro WIN32 DLL")))
if (strs.Exists(s => s.Contains("SentinelPro WIN32 DLL")))
return "Rainbow SentinelPro";
// Found in "NKWIN32.DLL" in IA item "czchip199707cd".
if (strs.Any(s => s.Contains("NetSentinel-C Windows NT Driver DLL")))
if (strs.Exists(s => s.Contains("NetSentinel-C Windows NT Driver DLL")))
return "Rainbow NetSentinel-C Windows NT Driver";
// Found in "NSLMS32.DLL" in IA item "czchip199707cd".
if (strs.Any(s => s.Contains("NetSentinel 32-Bit Windows DLL")))
if (strs.Exists(s => s.Contains("NetSentinel 32-Bit Windows DLL")))
return "Rainbow NetSentinel Win32 Driver";
// Found in "W32EDITD.EXE" and "W32EDITO.EXE" in IA item "czchip199707cd".
if (strs.Any(s => s.Contains("NetSentinel-C Editor for Windows")))
if (strs.Exists(s => s.Contains("NetSentinel-C Editor for Windows")))
return "NetSentinel-C Editor for Win32";
// Generic case to catch undetected versions.
if (strs.Any(s => s.Contains("SentinelPro")))
if (strs.Exists(s => s.Contains("SentinelPro")))
return "Rainbow SentinelPro (Unknown Version - Please report to us on GitHub)";
}
@@ -247,7 +247,7 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "WINMON.exe" in IA item "czchip199707cd".
if (strs.Any(s => s.Contains("NetSentinel Monitor")))
if (strs.Exists(s => s.Contains("NetSentinel Monitor")))
return "Rainbow NetSentinel Monitor";
}
@@ -257,28 +257,28 @@ namespace BinaryObjectScanner.Protection
{
// Found in "ACLT.HWL" in BA entry "Autodesk AutoCAD LT 98 (1998) (CD) [English] [Dutch]", folder "\aclt\DRV\W95LOCK".
// Found in "ACAD.HWL" in BA entry "Autodesk AutoCAD r14 (1997)" and IA item "auto-cad-r14-cdrom".
if (strs.Any(s => s.Contains("\\\\.\\SENTINEL.VXD")))
if (strs.Exists(s => s.Contains("\\\\.\\SENTINEL.VXD")))
return "Rainbow Sentinel";
// Found in "ADESKSYS.DLL" in BA entry "Autodesk AutoCAD LT 98 (1998) (CD) [English] [Dutch]", folder "\netsetup\SUPPORT\IPX".
// TODO: Investigate "Elan License Manager" mentioned here.
if (strs.Any(s => s.Contains("Rainbow SentinelSuperPro")))
if (strs.Exists(s => s.Contains("Rainbow SentinelSuperPro")))
return "Rainbow Sentinel SuperPro";
// Found in "F1321_dorapro.exe" in IA item "chip-cds-2001-08".
if (strs.Any(s => s.Contains("modSentinelSuperPro")))
if (strs.Exists(s => s.Contains("modSentinelSuperPro")))
return "Rainbow Sentinel SuperPro";
// Found in "F1321_dorapro.exe" in IA item "chip-cds-2001-08".
if (strs.Any(s => s.Contains("clsSentinelSuperPro")))
if (strs.Exists(s => s.Contains("clsSentinelSuperPro")))
return "Rainbow Sentinel SuperPro";
// Found in "SENTSTRT.EXE" in IA item "czchip199707cd".
if (strs.Any(s => s.Contains("Sentinel Driver Startup Program")))
if (strs.Exists(s => s.Contains("Sentinel Driver Startup Program")))
return "Rainbow Sentinel";
// Found in "SETUPX86.EXE" in IA item "czchip199707cd".
if (strs.Any(s => s.Contains("Sentinel Windows NT Driver Setup")))
if (strs.Exists(s => s.Contains("Sentinel Windows NT Driver Setup")))
return "Rainbow Sentinel";
}

3
BinaryObjectScanner/Protection/RealArcade.cs
View File

@@ -1,5 +1,4 @@
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -29,7 +28,7 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "rebound.exe" in the installation directory for "Rebound" in IA item "Nova_RealArcadeCD_USA".
if (strs.Any(s => s.Contains("RngInterstitialDLL")))
if (strs.Exists(s => s.Contains("RngInterstitialDLL")))
return "RealArcade";
}

8
BinaryObjectScanner/Protection/Roxxe.cs
View File

@@ -27,7 +27,7 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Found in "Owar.exe" in IA item "game4u-22-cd".
if (strs.Any(s => s.Contains("TRCHANGER.INI")))
if (strs.Exists(s => s.Contains("TRCHANGER.INI")))
return "Roxxe";
}
@@ -38,14 +38,14 @@ namespace BinaryObjectScanner.Protection
{
// Found in "Owar.exe" in IA items "game4u-22-cd" and "original-war".
// These checks are less reliable, as they are still found in a version of the game that appears to have patched out Roxxe (the version present in IA item "original-war").
if (strs.Any(s => s.Contains("PRRT01")))
if (strs.Exists(s => s.Contains("PRRT01")))
return "Roxxe (Possibly remnants)";
if (strs.Any(s => s.Contains("CommonPRRT")))
if (strs.Exists(s => s.Contains("CommonPRRT")))
return "Roxxe (Possibly remnants)";
// Currently overmatches, will likely be a viable check when better Delphi executable parsing is available.
// if (strs.Any(s => s.Contains("roxe")))
// if (strs.Exists(s => s.Contains("roxe")))
// return "Roxxe (Possibly remnants)";
}

7
BinaryObjectScanner/Protection/SecuROM.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
@@ -63,7 +62,7 @@ namespace BinaryObjectScanner.Protection
// Search after the last section
if (pex.OverlayStrings != null)
{
if (pex.OverlayStrings.Any(s => s == "AddD"))
if (pex.OverlayStrings.Exists(s => s == "AddD"))
return $"SecuROM {GetV4Version(pex)}";
}
@@ -102,9 +101,9 @@ namespace BinaryObjectScanner.Protection
if (strs != null)
{
// Both have the identifier found within `.rdata` but the version is within `.data`
if (strs.Any(s => s.Contains("/secuexp")))
if (strs.Exists(s => s.Contains("/secuexp")))
return $"SecuROM {GetV8WhiteLabelVersion(pex)} (White Label)";
else if (strs.Any(s => s.Contains("SecuExp.exe")))
else if (strs.Exists(s => s.Contains("SecuExp.exe")))
return $"SecuROM {GetV8WhiteLabelVersion(pex)} (White Label)";
}

3
BinaryObjectScanner/Protection/SmartE.cs
View File

@@ -1,5 +1,4 @@
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -21,7 +20,7 @@ namespace BinaryObjectScanner.Protection
var strs = pex.GetSectionStrings(sections.Length - 1);
if (strs != null)
{
if (strs.Any(s => s.Contains("BITARTS")))
if (strs.Exists(s => s.Contains("BITARTS")))
return "SmartE";
}

4
BinaryObjectScanner/Protection/SoftLock.cs
View File

@@ -69,10 +69,10 @@ namespace BinaryObjectScanner.Protection
// Get strings from .section, if possible
var strings = pex.GetFirstSectionStrings(".section");
if (strings != null && strings.Any())
if (strings != null && strings.Count > 0)
{
// Found in "TafseerVer4.exe" in IA item "TAFSEERVER4SETUP"
if (strings.Any(s => s?.Contains("SOFTLOCKPROTECTION") == true))
if (strings.Exists(s => s?.Contains("SOFTLOCKPROTECTION") == true))
return "SoftLock";
}

11
BinaryObjectScanner/Protection/SolidShield.cs
View File

@@ -84,7 +84,7 @@ namespace BinaryObjectScanner.Protection
var strs = pex.GetSectionStrings(i);
if (strs != null)
{
var str = strs.FirstOrDefault(s => s.Contains("Solidshield "));
var str = strs.Find(s => s.Contains("Solidshield "));
if (str != null)
return $"SolidShield EXE Wrapper {str.Substring("Solidshield ".Length)}";
}
@@ -93,16 +93,13 @@ namespace BinaryObjectScanner.Protection
// Get the import directory table, if it exists
if (pex.Model.ImportTable?.ImportDirectoryTable != null)
{
bool match = pex.Model.ImportTable.ImportDirectoryTable.Any(idte => idte?.Name == "dvm.dll");
if (match)
if (Array.Exists(pex.Model.ImportTable.ImportDirectoryTable, idte => idte?.Name == "dvm.dll"))
return "SolidShield EXE Wrapper v1";
match = pex.Model.ImportTable.ImportDirectoryTable.Any(idte => idte?.Name == "activation.x86.dll");
if (match)
if (Array.Exists(pex.Model.ImportTable.ImportDirectoryTable, idte => idte?.Name == "activation.x86.dll"))
return "SolidShield EXE Wrapper v2";
match = pex.Model.ImportTable.ImportDirectoryTable.Any(idte => idte?.Name == "activation.x64.dll");
if (match)
if (Array.Exists(pex.Model.ImportTable.ImportDirectoryTable, idte => idte?.Name == "activation.x64.dll"))
return "SolidShield EXE Wrapper v2";
}

3
BinaryObjectScanner/Protection/StarForce.cs
View File

@@ -1,6 +1,5 @@
using System;
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -83,7 +82,7 @@ namespace BinaryObjectScanner.Protection
if (pex.Model.ExportTable?.ExportNameTable?.Strings != null)
{
// TODO: Should we just check for "PSA_*" instead of a single entry?
if (pex.Model.ExportTable.ExportNameTable.Strings.Any(s => s == "PSA_GetDiscLabel"))
if (Array.Exists(pex.Model.ExportTable.ExportNameTable.Strings, s => s == "PSA_GetDiscLabel"))
return $"StarForce {pex.GetInternalVersion()}";
}

7
BinaryObjectScanner/Protection/Sysiphus.cs
View File

@@ -1,5 +1,4 @@
using System;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
@@ -19,7 +18,7 @@ namespace BinaryObjectScanner.Protection
var strs = pex.GetFirstSectionStrings(".data") ?? pex.GetFirstSectionStrings("DATA");
if (strs != null)
{
var str = strs.FirstOrDefault(s => s.Contains("V SUHPISYS"));
var str = strs.Find(s => s.Contains("V SUHPISYS"));
if (str != null)
return $"Sysiphus {GetVersion(str)}";
}
@@ -30,7 +29,9 @@ namespace BinaryObjectScanner.Protection
private static string GetVersion(string matchedString)
{
// The string is reversed
matchedString = new string(matchedString.Reverse().ToArray()).Trim();
var matchedChars = matchedString.ToCharArray();
Array.Reverse(matchedChars);
matchedString = new string(matchedChars).Trim();
// Check for the DVD extra string
bool isDVD = matchedString.StartsWith("DVD");

3
BinaryObjectScanner/Protection/Themida.cs
View File

@@ -1,5 +1,4 @@
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
@@ -39,7 +38,7 @@ namespace BinaryObjectScanner.Protection
{
// Found in "uDigital Theatre.exe" in http://downloads.fyxm.net/ArcSoft-TotalMedia-23085.html (https://web.archive.org/web/20221114042838/http://files.fyxm.net/23/23085/totalmediatheatre3platinum_retail_tbyb_all.exe).
// TODO: Investigate "uDRMCheck.dll" in the same product to see if it's related to Themida, or if it's a different form of DRM.
if (strs.Any(s => s.Contains("Themida")))
if (strs.Exists(s => s.Contains("Themida")))
return "Themida";
}

7
BinaryObjectScanner/Protection/WTMCDProtect.cs
View File

@@ -1,5 +1,4 @@
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -34,7 +33,7 @@ namespace BinaryObjectScanner.Protection
var strs = pex.GetFirstSectionStrings("code") ?? pex.GetFirstSectionStrings("CODE");
if (strs != null)
{
if (strs.Any(s => s.Contains("wtmdum.imp")))
if (strs.Exists(s => s.Contains("wtmdum.imp")))
return "WTM CD Protect";
}
@@ -42,9 +41,9 @@ namespace BinaryObjectScanner.Protection
strs = pex.GetFirstSectionStrings(".text");
if (strs != null)
{
if (strs.Any(s => s.Contains("WTM DIGITAL Photo Protect")))
if (strs.Exists(s => s.Contains("WTM DIGITAL Photo Protect")))
return "WTM Protection Viewer";
else if (strs.Any(s => s.Contains("WTM Copy Protection Viewer")))
else if (strs.Exists(s => s.Contains("WTM Copy Protection Viewer")))
return "WTM Protection Viewer";
}

8
BinaryObjectScanner/Protection/XCP.cs
View File

@@ -23,16 +23,16 @@ namespace BinaryObjectScanner.Protection
List<string>? strs = pex.GetFirstSectionStrings(".rdata");
if (strs != null)
{
if (strs.Any(s => s.Contains("XCP.DAT")))
if (strs.Exists(s => s.Contains("XCP.DAT")))
return "XCP";
if (strs.Any(s => s.Contains("xcpdrive")))
if (strs.Exists(s => s.Contains("xcpdrive")))
return "XCP";
if (strs.Any(s => s.Contains("XCPPlugins.dll")))
if (strs.Exists(s => s.Contains("XCPPlugins.dll")))
return "XCP";
if (strs.Any(s => s.Contains("XCPPhoenix.dll")))
if (strs.Exists(s => s.Contains("XCPPhoenix.dll")))
return "XCP";
}

11
BinaryObjectScanner/ProtectionDictionary.cs
View File

@@ -4,7 +4,6 @@ using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using System.IO;
using System.Linq;
namespace BinaryObjectScanner
{
@@ -85,7 +84,7 @@ namespace BinaryObjectScanner
public void ClearEmptyKeys()
{
// Get a list of all of the keys
var keys = Keys.ToList();
List<string> keys = [.. Keys];
// Iterate and reset keys
for (int i = 0; i < keys.Count; i++)
@@ -94,7 +93,7 @@ namespace BinaryObjectScanner
string key = keys[i];
// If the key is empty, remove it
if (this[key] == null || !this[key].Any())
if (this[key] == null || this[key].Count == 0)
#if NET20 || NET35
Remove(key);
#else
@@ -113,7 +112,7 @@ namespace BinaryObjectScanner
pathToPrepend = (pathToPrepend ?? "ARCHIVE").TrimEnd(Path.DirectorySeparatorChar);
// Get a list of all of the keys
var keys = Keys.ToList();
List<string> keys = [.. Keys];
// Iterate and reset keys
for (int i = 0; i < keys.Count; i++)
@@ -143,7 +142,7 @@ namespace BinaryObjectScanner
return;
// Get a list of all of the keys
var keys = Keys.ToList();
List<string> keys = [.. Keys];
// Iterate and reset keys
for (int i = 0; i < keys.Count; i++)
@@ -173,7 +172,7 @@ namespace BinaryObjectScanner
/// <param name="values">Queue to get data from</param>
private void AddRangeToKey(string key, IEnumerable<string> values)
{
if (values == null || !values.Any())
if (values == null)
return;
foreach (string value in values)

29
BinaryObjectScanner/Scanner.cs
View File

@@ -79,7 +79,7 @@ namespace BinaryObjectScanner
public ProtectionDictionary GetProtections(List<string>? paths)
{
// If we have no paths, we can't scan
if (paths == null || !paths.Any())
if (paths == null || paths.Count == 0)
return [];
// Set a starting starting time for debug output
@@ -100,7 +100,7 @@ namespace BinaryObjectScanner
if (Directory.Exists(path))
{
// Enumerate all files at first for easier access
var files = IOExtensions.SafeEnumerateFiles(path, "*", SearchOption.AllDirectories).ToList();
var files = IOExtensions.SafeGetFiles(path, "*", SearchOption.AllDirectories).ToList();
// Scan for path-detectable protections
if (_options.ScanPaths)
@@ -127,18 +127,20 @@ namespace BinaryObjectScanner
if (_options.ScanPaths)
{
var filePathProtections = HandlePathChecks(file, files: null);
if (filePathProtections != null && filePathProtections.Any())
if (filePathProtections != null && filePathProtections.Count > 0)
protections.Append(filePathProtections);
}
// Scan for content-detectable protections
var fileProtections = GetInternalProtections(file);
if (fileProtections != null && fileProtections.Any())
if (fileProtections != null && fileProtections.Count > 0)
protections.Append(fileProtections);
// Checkpoint
protections.TryGetValue(file, out var fullProtectionList);
var fullProtection = fullProtectionList != null && fullProtectionList.Any() ? string.Join(", ", [.. fullProtectionList]) : null;
var fullProtection = fullProtectionList != null && fullProtectionList.Count > 0
? string.Join(", ", [.. fullProtectionList])
: null;
_fileProgress?.Report(new ProtectionProgress(reportableFileName, (i + 1) / (float)files.Count, fullProtection ?? string.Empty));
}
}
@@ -158,18 +160,20 @@ namespace BinaryObjectScanner
if (_options.ScanPaths)
{
var filePathProtections = HandlePathChecks(path, files: null);
if (filePathProtections != null && filePathProtections.Any())
if (filePathProtections != null && filePathProtections.Count > 0)
protections.Append(filePathProtections);
}
// Scan for content-detectable protections
var fileProtections = GetInternalProtections(path);
if (fileProtections != null && fileProtections.Any())
if (fileProtections != null && fileProtections.Count > 0)
protections.Append(fileProtections);
// Checkpoint
protections.TryGetValue(path, out var fullProtectionList);
var fullProtection = fullProtectionList != null && fullProtectionList.Any() ? string.Join(", ", [.. fullProtectionList]) : null;
var fullProtection = fullProtectionList != null && fullProtectionList.Count > 0
? string.Join(", ", [.. fullProtectionList])
: null;
_fileProgress?.Report(new ProtectionProgress(reportableFileName, 1, fullProtection ?? string.Empty));
}
@@ -354,15 +358,14 @@ namespace BinaryObjectScanner
/// <param name="path">Path of the file or directory to check</param>
/// <param name="scanner">Scanner object to use for options and scanning</param>
/// <returns>Set of protections in file, null on error</returns>
private static ProtectionDictionary HandlePathChecks(string path, IEnumerable<string>? files)
private static ProtectionDictionary HandlePathChecks(string path, List<string>? files)
{
// Create the output dictionary
var protections = new ProtectionDictionary();
// Preprocess the list of files
files = files?
.Select(f => f.Replace(Path.AltDirectorySeparatorChar, Path.DirectorySeparatorChar))?
.ToList();
.ConvertAll(f => f.Replace(Path.AltDirectorySeparatorChar, Path.DirectorySeparatorChar));
// Iterate through all checks
StaticChecks.PathCheckClasses.IterateWithAction(checkClass =>
@@ -380,7 +383,7 @@ namespace BinaryObjectScanner
/// <param name="impl">IPathCheck class representing the file type</param>
/// <param name="path">Path of the file or directory to check</param>
/// <returns>Set of protections in path, empty on error</returns>
private static List<string> PerformPathCheck(IPathCheck impl, string? path, IEnumerable<string>? files)
private static List<string> PerformPathCheck(IPathCheck impl, string? path, List<string>? files)
{
// If we have an invalid path
if (string.IsNullOrEmpty(path))
@@ -398,7 +401,7 @@ namespace BinaryObjectScanner
}
// If we have a directory path
if (Directory.Exists(path) && files?.Any() == true)
if (Directory.Exists(path) && files != null && files.Count > 0)
{
var subProtections = impl.CheckDirectoryPath(path!, files);
if (subProtections != null)