From 3ac57b1c0cca1dabe48b573ce6dcafaac0882f6a Mon Sep 17 00:00:00 2001 From: Matt Nadareski Date: Sat, 17 Jul 2021 23:40:16 -0700 Subject: [PATCH] Fix static matcher issues (fixes #51) Note: This may result in slower, but more accurate, scans --- BurnOutSharp/Matching/ContentMatch.cs | 5 + BurnOutSharp/PackerType/AdvancedInstaller.cs | 31 ++-- BurnOutSharp/PackerType/Armadillo.cs | 23 +-- BurnOutSharp/PackerType/CExe.cs | 35 ++-- BurnOutSharp/PackerType/EXEStealth.cs | 31 ++-- BurnOutSharp/PackerType/InnoSetup.cs | 39 ++-- BurnOutSharp/PackerType/InstallerVISE.cs | 25 ++- BurnOutSharp/PackerType/NSIS.cs | 41 ++--- BurnOutSharp/PackerType/SetupFactory.cs | 69 ++++--- BurnOutSharp/PackerType/UPX.cs | 71 ++++--- BurnOutSharp/PackerType/WinRARSFX.cs | 27 ++- BurnOutSharp/PackerType/dotFuscator.cs | 27 ++- BurnOutSharp/ProtectionType/ActiveMARK.cs | 33 ++-- BurnOutSharp/ProtectionType/AlphaROM.cs | 17 +- BurnOutSharp/ProtectionType/Bitpool.cs | 32 ++-- BurnOutSharp/ProtectionType/CDCheck.cs | 31 ++-- BurnOutSharp/ProtectionType/CDCops.cs | 31 ++-- BurnOutSharp/ProtectionType/CDKey.cs | 31 ++-- BurnOutSharp/ProtectionType/CDLock.cs | 29 ++- BurnOutSharp/ProtectionType/CDSHiELDSE.cs | 17 +- .../ProtectionType/CactusDataShield.cs | 29 ++- .../ProtectionType/CengaProtectDVD.cs | 17 +- BurnOutSharp/ProtectionType/CodeLock.cs | 39 ++-- BurnOutSharp/ProtectionType/CopyKiller.cs | 25 ++- BurnOutSharp/ProtectionType/DVDCops.cs | 25 ++- BurnOutSharp/ProtectionType/ElectronicArts.cs | 173 +++++++++--------- BurnOutSharp/ProtectionType/GFWL.cs | 17 +- BurnOutSharp/ProtectionType/ImpulseReactor.cs | 61 +++--- BurnOutSharp/ProtectionType/Intenium.cs | 17 +- BurnOutSharp/ProtectionType/JoWooDXProt.cs | 53 +++--- BurnOutSharp/ProtectionType/KeyLock.cs | 25 ++- BurnOutSharp/ProtectionType/LaserLock.cs | 61 +++--- BurnOutSharp/ProtectionType/MediaMaxCD3.cs | 31 ++-- .../ProtectionType/OnlineRegistration.cs | 31 ++-- BurnOutSharp/ProtectionType/Origin.cs | 17 +- BurnOutSharp/ProtectionType/PSXAntiModchip.cs | 69 ++++--- BurnOutSharp/ProtectionType/ProtectDisc.cs | 23 +-- BurnOutSharp/ProtectionType/RingPROTECH.cs | 26 ++- BurnOutSharp/ProtectionType/SVKProtector.cs | 17 +- BurnOutSharp/ProtectionType/SafeDisc.cs | 85 +++++---- BurnOutSharp/ProtectionType/SafeLock.cs | 17 +- BurnOutSharp/ProtectionType/SecuROM.cs | 89 +++++---- BurnOutSharp/ProtectionType/SmartE.cs | 17 +- BurnOutSharp/ProtectionType/SolidShield.cs | 141 +++++++------- BurnOutSharp/ProtectionType/StarForce.cs | 167 +++++++++-------- BurnOutSharp/ProtectionType/Sysiphus.cs | 39 ++-- BurnOutSharp/ProtectionType/Tages.cs | 51 +++--- BurnOutSharp/ProtectionType/ThreePLock.cs | 45 +++-- .../ProtectionType/ThreeTwoOneStudios.cs | 33 ++-- .../ProtectionType/VOBProtectCDDVD.cs | 37 ++-- BurnOutSharp/ProtectionType/WTMCDProtect.cs | 58 +++--- BurnOutSharp/ProtectionType/XCP.cs | 64 +++---- .../ProtectionType/XtremeProtector.cs | 17 +- 53 files changed, 1053 insertions(+), 1208 deletions(-) diff --git a/BurnOutSharp/Matching/ContentMatch.cs b/BurnOutSharp/Matching/ContentMatch.cs index d5f87629..0abce19c 100644 --- a/BurnOutSharp/Matching/ContentMatch.cs +++ b/BurnOutSharp/Matching/ContentMatch.cs @@ -59,6 +59,11 @@ namespace BurnOutSharp.Matching for (int i = reverse ? End : Start; reverse ? i > Start : i < End; i += reverse ? -1 : 1) { + // If we somehow have an invalid end and we haven't matched, return + if (i > stack.Length) + return (false, -1); + + // Check to see if the values are equal if (EqualAt(stack, i)) return (true, i); } diff --git a/BurnOutSharp/PackerType/AdvancedInstaller.cs b/BurnOutSharp/PackerType/AdvancedInstaller.cs index f204d8f7..f3491d5e 100644 --- a/BurnOutSharp/PackerType/AdvancedInstaller.cs +++ b/BurnOutSharp/PackerType/AdvancedInstaller.cs @@ -6,26 +6,23 @@ namespace BurnOutSharp.PackerType // TODO: Add extraction and verify that all versions are detected public class AdvancedInstaller : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // Software\Caphyon\Advanced Installer - new ContentMatchSet(new byte?[] - { - 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, - 0x5C, 0x43, 0x61, 0x70, 0x68, 0x79, 0x6F, 0x6E, - 0x5C, 0x41, 0x64, 0x76, 0x61, 0x6E, 0x63, 0x65, - 0x64, 0x20, 0x49, 0x6E, 0x73, 0x74, 0x61, 0x6C, - 0x6C, 0x65, 0x72 - }, "Caphyon Advanced Installer"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // Software\Caphyon\Advanced Installer + new ContentMatchSet(new byte?[] + { + 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, + 0x5C, 0x43, 0x61, 0x70, 0x68, 0x79, 0x6F, 0x6E, + 0x5C, 0x41, 0x64, 0x76, 0x61, 0x6E, 0x63, 0x65, + 0x64, 0x20, 0x49, 0x6E, 0x73, 0x74, 0x61, 0x6C, + 0x6C, 0x65, 0x72 + }, "Caphyon Advanced Installer"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/PackerType/Armadillo.cs b/BurnOutSharp/PackerType/Armadillo.cs index 4b1014ab..072aa6ae 100644 --- a/BurnOutSharp/PackerType/Armadillo.cs +++ b/BurnOutSharp/PackerType/Armadillo.cs @@ -5,22 +5,19 @@ namespace BurnOutSharp.PackerType { public class Armadillo : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // .nicode + (char)0x00 - new ContentMatchSet(new byte?[] { 0x2E, 0x6E, 0x69, 0x63, 0x6F, 0x64, 0x65, 0x00 }, "Armadillo"), - - // ARMDEBUG - new ContentMatchSet(new byte?[] { 0x41, 0x52, 0x4D, 0x44, 0x45, 0x42, 0x55, 0x47 }, "Armadillo"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // .nicode + (char)0x00 + new ContentMatchSet(new byte?[] { 0x2E, 0x6E, 0x69, 0x63, 0x6F, 0x64, 0x65, 0x00 }, "Armadillo"), + + // ARMDEBUG + new ContentMatchSet(new byte?[] { 0x41, 0x52, 0x4D, 0x44, 0x45, 0x42, 0x55, 0x47 }, "Armadillo"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/PackerType/CExe.cs b/BurnOutSharp/PackerType/CExe.cs index 325c0808..b81fee90 100644 --- a/BurnOutSharp/PackerType/CExe.cs +++ b/BurnOutSharp/PackerType/CExe.cs @@ -8,31 +8,28 @@ namespace BurnOutSharp.PackerType // http://www.scottlu.com/Content/CExe.html public class CExe : IContentCheck, IScannable { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // %Wo�a6.�a6.�a6.�a6.�{6.�.).�f6.��).�`6.��0.�`6.� - new ContentMatchSet( - new ContentMatch(new byte?[] - { - 0x25, 0x57, 0x6F, 0xC1, 0x61, 0x36, 0x01, 0x92, - 0x61, 0x36, 0x01, 0x92, 0x61, 0x36, 0x01, 0x92, - 0x61, 0x36, 0x00, 0x92, 0x7B, 0x36, 0x01, 0x92, - 0x03, 0x29, 0x12, 0x92, 0x66, 0x36, 0x01, 0x92, - 0x89, 0x29, 0x0A, 0x92, 0x60, 0x36, 0x01, 0x92, - 0xD9, 0x30, 0x07, 0x92, 0x60, 0x36, 0x01, 0x92 - }, end: 200), "CExe"), - }; - /// public bool ShouldScan(byte[] magic) => true; /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // %Wo�a6.�a6.�a6.�a6.�{6.�.).�f6.��).�`6.��0.�`6.� + new ContentMatchSet( + new ContentMatch(new byte?[] + { + 0x25, 0x57, 0x6F, 0xC1, 0x61, 0x36, 0x01, 0x92, + 0x61, 0x36, 0x01, 0x92, 0x61, 0x36, 0x01, 0x92, + 0x61, 0x36, 0x00, 0x92, 0x7B, 0x36, 0x01, 0x92, + 0x03, 0x29, 0x12, 0x92, 0x66, 0x36, 0x01, 0x92, + 0x89, 0x29, 0x0A, 0x92, 0x60, 0x36, 0x01, 0x92, + 0xD9, 0x30, 0x07, 0x92, 0x60, 0x36, 0x01, 0x92 + }, end: 200), "CExe"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/PackerType/EXEStealth.cs b/BurnOutSharp/PackerType/EXEStealth.cs index ac63fde4..31d1f464 100644 --- a/BurnOutSharp/PackerType/EXEStealth.cs +++ b/BurnOutSharp/PackerType/EXEStealth.cs @@ -5,26 +5,23 @@ namespace BurnOutSharp.PackerType { public class EXEStealth : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // ??[[__[[_ + (char)0x00 + {{ + (char)0x0 + (char)0x00 + {{ + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x0 + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00 + ?;??;?? - new ContentMatchSet(new byte?[] - { - 0x3F, 0x3F, 0x5B, 0x5B, 0x5F, 0x5F, 0x5B, 0x5B, - 0x5F, 0x00, 0x7B, 0x7B, 0x00, 0x00, 0x7B, 0x7B, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x20, 0x3F, 0x3B, 0x3F, 0x3F, 0x3B, 0x3F, - 0x3F - }, "EXE Stealth"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // ??[[__[[_ + (char)0x00 + {{ + (char)0x0 + (char)0x00 + {{ + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x0 + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00 + ?;??;?? + new ContentMatchSet(new byte?[] + { + 0x3F, 0x3F, 0x5B, 0x5B, 0x5F, 0x5F, 0x5B, 0x5B, + 0x5F, 0x00, 0x7B, 0x7B, 0x00, 0x00, 0x7B, 0x7B, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x20, 0x3F, 0x3B, 0x3F, 0x3F, 0x3B, 0x3F, + 0x3F + }, "EXE Stealth"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/PackerType/InnoSetup.cs b/BurnOutSharp/PackerType/InnoSetup.cs index 0c5b4abd..e833d41c 100644 --- a/BurnOutSharp/PackerType/InnoSetup.cs +++ b/BurnOutSharp/PackerType/InnoSetup.cs @@ -9,33 +9,30 @@ namespace BurnOutSharp.PackerType { public class InnoSetup : IContentCheck, IScannable { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // Inno Setup Setup Data ( - new ContentMatchSet(new byte?[] - { - 0x49, 0x6E, 0x6E, 0x6F, 0x20, 0x53, 0x65, 0x74, - 0x75, 0x70, 0x20, 0x53, 0x65, 0x74, 0x75, 0x70, - 0x20, 0x44, 0x61, 0x74, 0x61, 0x20, 0x28 - }, GetVersion, "Inno Setup"), - - // Inno - new ContentMatchSet( - new ContentMatch(new byte?[] { 0x49, 0x6E, 0x6E, 0x6F }, start: 0x30, end: 0x31), - GetOldVersion, - "Inno Setup"), - }; - /// public bool ShouldScan(byte[] magic) => true; /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // Inno Setup Setup Data ( + new ContentMatchSet(new byte?[] + { + 0x49, 0x6E, 0x6E, 0x6F, 0x20, 0x53, 0x65, 0x74, + 0x75, 0x70, 0x20, 0x53, 0x65, 0x74, 0x75, 0x70, + 0x20, 0x44, 0x61, 0x74, 0x61, 0x20, 0x28 + }, GetVersion, "Inno Setup"), + + // Inno + new ContentMatchSet( + new ContentMatch(new byte?[] { 0x49, 0x6E, 0x6E, 0x6F }, start: 0x30, end: 0x31), + GetOldVersion, + "Inno Setup"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/PackerType/InstallerVISE.cs b/BurnOutSharp/PackerType/InstallerVISE.cs index ae940d4c..15957b36 100644 --- a/BurnOutSharp/PackerType/InstallerVISE.cs +++ b/BurnOutSharp/PackerType/InstallerVISE.cs @@ -6,26 +6,23 @@ namespace BurnOutSharp.PackerType { public class InstallerVISE : IContentCheck, IScannable { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - //TODO: Add exact version detection for Windows builds, make sure versions before 3.X are detected as well, and detect the Mac builds. - - // ViseMain - new ContentMatchSet( - new ContentMatch(new byte?[] { 0x56, 0x69, 0x73, 0x65, 0x4D, 0x61, 0x69, 0x6E }, start: 0xE0A4, end: 0xE0A5), - "Installer VISE"), - }; - /// public bool ShouldScan(byte[] magic) => true; /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + //TODO: Add exact version detection for Windows builds, make sure versions before 3.X are detected as well, and detect the Mac builds. + + // ViseMain + new ContentMatchSet( + new ContentMatch(new byte?[] { 0x56, 0x69, 0x73, 0x65, 0x4D, 0x61, 0x69, 0x6E }, start: 0xE0A4, end: 0xE0A5), + "Installer VISE"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } // TODO: Add Installer VISE extraction diff --git a/BurnOutSharp/PackerType/NSIS.cs b/BurnOutSharp/PackerType/NSIS.cs index 25b85960..d0607c13 100644 --- a/BurnOutSharp/PackerType/NSIS.cs +++ b/BurnOutSharp/PackerType/NSIS.cs @@ -8,31 +8,28 @@ namespace BurnOutSharp.PackerType { public class NSIS : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // Nullsoft Install System - new ContentMatchSet(new byte?[] - { - 0x4e, 0x75, 0x6c, 0x6c, 0x73, 0x6f, 0x66, 0x74, - 0x20, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, - 0x20, 0x53, 0x79, 0x73, 0x74, 0x65, 0x6d - }, GetVersion, "NSIS"), - - // NullsoftInst - new ContentMatchSet(new byte?[] - { - 0x4e, 0x75, 0x6c, 0x6c, 0x73, 0x6f, 0x66, 0x74, - 0x49, 0x6e, 0x73, 0x74 - }, "NSIS"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // Nullsoft Install System + new ContentMatchSet(new byte?[] + { + 0x4e, 0x75, 0x6c, 0x6c, 0x73, 0x6f, 0x66, 0x74, + 0x20, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c, + 0x20, 0x53, 0x79, 0x73, 0x74, 0x65, 0x6d + }, GetVersion, "NSIS"), + + // NullsoftInst + new ContentMatchSet(new byte?[] + { + 0x4e, 0x75, 0x6c, 0x6c, 0x73, 0x6f, 0x66, 0x74, + 0x49, 0x6e, 0x73, 0x74 + }, "NSIS"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } public static string GetVersion(string file, byte[] fileContent, List positions) diff --git a/BurnOutSharp/PackerType/SetupFactory.cs b/BurnOutSharp/PackerType/SetupFactory.cs index 6297be0d..9331bb34 100644 --- a/BurnOutSharp/PackerType/SetupFactory.cs +++ b/BurnOutSharp/PackerType/SetupFactory.cs @@ -6,48 +6,45 @@ namespace BurnOutSharp.PackerType { public class SetupFactory : IContentCheck, IScannable { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // S.e.t.u.p. .F.a.c.t.o.r.y. - new ContentMatchSet(new byte?[] - { - 0x53, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00, - 0x70, 0x00, 0x20, 0x00, 0x46, 0x00, 0x61, 0x00, - 0x63, 0x00, 0x74, 0x00, 0x6F, 0x00, 0x72, 0x00, - 0x79, 0x00 - }, GetVersion, "Setup Factory"), - - // Longer version of the check that can be used if false positves become an issue: - // S.e.t.u.p. .F.a.c.t.o.r.y. .i.s. .a. .t.r.a.d.e.m.a.r.k. .o.f. .I.n.d.i.g.o. .R.o.s.e. .C.o.r.p.o.r.a.t.i.o.n. - // new ContentMatchSet(new byte?[] - // { - // 0x53, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00, - // 0x70, 0x00, 0x20, 0x00, 0x46, 0x00, 0x61, 0x00, - // 0x63, 0x00, 0x74, 0x00, 0x6F, 0x00, 0x72, 0x00, - // 0x79, 0x00, 0x20, 0x00, 0x69, 0x00, 0x73, 0x00, - // 0x20, 0x00, 0x61, 0x00, 0x20, 0x00, 0x74, 0x00, - // 0x72, 0x00, 0x61, 0x00, 0x64, 0x00, 0x65, 0x00, - // 0x6D, 0x00, 0x61, 0x00, 0x72, 0x00, 0x6B, 0x00, - // 0x20, 0x00, 0x6F, 0x00, 0x66, 0x00, 0x20, 0x00, - // 0x49, 0x00, 0x6E, 0x00, 0x64, 0x00, 0x69, 0x00, - // 0x67, 0x00, 0x6F, 0x00, 0x20, 0x00, 0x52, 0x00, - // 0x6F, 0x00, 0x73, 0x00, 0x65, 0x00, 0x20, 0x00, - // 0x43, 0x00, 0x6F, 0x00, 0x72, 0x00, 0x70, 0x00, - // 0x6F, 0x00, 0x72, 0x00, 0x61, 0x00, 0x74, 0x00, - // 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00 - // }, GetVersion, "Setup Factory"), - }; - /// public bool ShouldScan(byte[] magic) => true; /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // S.e.t.u.p. .F.a.c.t.o.r.y. + new ContentMatchSet(new byte?[] + { + 0x53, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00, + 0x70, 0x00, 0x20, 0x00, 0x46, 0x00, 0x61, 0x00, + 0x63, 0x00, 0x74, 0x00, 0x6F, 0x00, 0x72, 0x00, + 0x79, 0x00 + }, GetVersion, "Setup Factory"), + + // Longer version of the check that can be used if false positves become an issue: + // S.e.t.u.p. .F.a.c.t.o.r.y. .i.s. .a. .t.r.a.d.e.m.a.r.k. .o.f. .I.n.d.i.g.o. .R.o.s.e. .C.o.r.p.o.r.a.t.i.o.n. + // new ContentMatchSet(new byte?[] + // { + // 0x53, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00, + // 0x70, 0x00, 0x20, 0x00, 0x46, 0x00, 0x61, 0x00, + // 0x63, 0x00, 0x74, 0x00, 0x6F, 0x00, 0x72, 0x00, + // 0x79, 0x00, 0x20, 0x00, 0x69, 0x00, 0x73, 0x00, + // 0x20, 0x00, 0x61, 0x00, 0x20, 0x00, 0x74, 0x00, + // 0x72, 0x00, 0x61, 0x00, 0x64, 0x00, 0x65, 0x00, + // 0x6D, 0x00, 0x61, 0x00, 0x72, 0x00, 0x6B, 0x00, + // 0x20, 0x00, 0x6F, 0x00, 0x66, 0x00, 0x20, 0x00, + // 0x49, 0x00, 0x6E, 0x00, 0x64, 0x00, 0x69, 0x00, + // 0x67, 0x00, 0x6F, 0x00, 0x20, 0x00, 0x52, 0x00, + // 0x6F, 0x00, 0x73, 0x00, 0x65, 0x00, 0x20, 0x00, + // 0x43, 0x00, 0x6F, 0x00, 0x72, 0x00, 0x70, 0x00, + // 0x6F, 0x00, 0x72, 0x00, 0x61, 0x00, 0x74, 0x00, + // 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00 + // }, GetVersion, "Setup Factory"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/PackerType/UPX.cs b/BurnOutSharp/PackerType/UPX.cs index b7c39549..22ec30e1 100644 --- a/BurnOutSharp/PackerType/UPX.cs +++ b/BurnOutSharp/PackerType/UPX.cs @@ -6,46 +6,43 @@ namespace BurnOutSharp.PackerType { public class UPX : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // UPX! - new ContentMatchSet(new byte?[] { 0x55, 0x50, 0x58, 0x21 }, GetVersion, "UPX"), - - // NOS - new ContentMatchSet(new byte?[] { 0x4E, 0x4F, 0x53, 0x20 }, GetVersion, "UPX (NOS Variant)"), - - new ContentMatchSet( - new List - { - // UPX0 - new byte?[] { 0x55, 0x50, 0x58, 0x30 }, - - // UPX1 - new byte?[] { 0x55, 0x50, 0x58, 0x31 }, - }, - "UPX (Unknown Version)" - ), - - new ContentMatchSet( - new List - { - // NOS0 - new byte?[] { 0x4E, 0x4F, 0x53, 0x30 }, - - // NOS1 - new byte?[] { 0x4E, 0x4F, 0x53, 0x31 }, - }, - "UPX (NOS Variant) (Unknown Version)" - ), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // UPX! + new ContentMatchSet(new byte?[] { 0x55, 0x50, 0x58, 0x21 }, GetVersion, "UPX"), + + // NOS + new ContentMatchSet(new byte?[] { 0x4E, 0x4F, 0x53, 0x20 }, GetVersion, "UPX (NOS Variant)"), + + new ContentMatchSet( + new List + { + // UPX0 + new byte?[] { 0x55, 0x50, 0x58, 0x30 }, + + // UPX1 + new byte?[] { 0x55, 0x50, 0x58, 0x31 }, + }, + "UPX (Unknown Version)" + ), + + new ContentMatchSet( + new List + { + // NOS0 + new byte?[] { 0x4E, 0x4F, 0x53, 0x30 }, + + // NOS1 + new byte?[] { 0x4E, 0x4F, 0x53, 0x31 }, + }, + "UPX (NOS Variant) (Unknown Version)" + ), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } public static string GetVersion(string file, byte[] fileContent, List positions) diff --git a/BurnOutSharp/PackerType/WinRARSFX.cs b/BurnOutSharp/PackerType/WinRARSFX.cs index 8d98b335..3c3db7dc 100644 --- a/BurnOutSharp/PackerType/WinRARSFX.cs +++ b/BurnOutSharp/PackerType/WinRARSFX.cs @@ -9,27 +9,24 @@ namespace BurnOutSharp.PackerType { public class WinRARSFX : IContentCheck, IScannable { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // Software\WinRAR SFX - new ContentMatchSet(new byte?[] - { - 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, - 0x5C, 0x57, 0x69, 0x6E, 0x52, 0x41, 0x52, 0x20, - 0x53, 0x46, 0x58 - }, "WinRAR SFX"), - }; - /// public bool ShouldScan(byte[] magic) => true; /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // Software\WinRAR SFX + new ContentMatchSet(new byte?[] + { + 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, + 0x5C, 0x57, 0x69, 0x6E, 0x52, 0x41, 0x52, 0x20, + 0x53, 0x46, 0x58 + }, "WinRAR SFX"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } public Dictionary> Scan(Scanner scanner, string file) diff --git a/BurnOutSharp/PackerType/dotFuscator.cs b/BurnOutSharp/PackerType/dotFuscator.cs index b82c42cc..e68f6d03 100644 --- a/BurnOutSharp/PackerType/dotFuscator.cs +++ b/BurnOutSharp/PackerType/dotFuscator.cs @@ -5,24 +5,21 @@ namespace BurnOutSharp.PackerType { public class dotFuscator : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // DotfuscatorAttribute - new ContentMatchSet(new byte?[] - { - 0x44, 0x6F, 0x74, 0x66, 0x75, 0x73, 0x63, 0x61, - 0x74, 0x6F, 0x72, 0x41, 0x74, 0x74, 0x72, 0x69, - 0x62, 0x75, 0x74, 0x65 - }, "dotFuscator"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // DotfuscatorAttribute + new ContentMatchSet(new byte?[] + { + 0x44, 0x6F, 0x74, 0x66, 0x75, 0x73, 0x63, 0x61, + 0x74, 0x6F, 0x72, 0x41, 0x74, 0x74, 0x72, 0x69, + 0x62, 0x75, 0x74, 0x65 + }, "dotFuscator"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/ActiveMARK.cs b/BurnOutSharp/ProtectionType/ActiveMARK.cs index ae57d777..db94da3c 100644 --- a/BurnOutSharp/ProtectionType/ActiveMARK.cs +++ b/BurnOutSharp/ProtectionType/ActiveMARK.cs @@ -5,27 +5,24 @@ namespace BurnOutSharp.ProtectionType { public class ActiveMARK : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // TMSAMVOF - new ContentMatchSet(new byte?[] { 0x54, 0x4D, 0x53, 0x41, 0x4D, 0x56, 0x4F, 0x46 }, "ActiveMARK"), - - // " " + (char)0xC2 + (char)0x16 + (char)0x00 + (char)0xA8 + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0xB8 + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0x86 + (char)0xC8 + (char)0x16 + (char)0x00 + (char)0x9A + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0x10 + (char)0xC2 + (char)0x16 + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x20, 0xC2, 0x16, 0x00, 0xA8, 0xC1, 0x16, 0x00, - 0xB8, 0xC1, 0x16, 0x00, 0x86, 0xC8, 0x16, 0x00, - 0x9A, 0xC1, 0x16, 0x00, 0x10, 0xC2, 0x16, 0x00 - }, "ActiveMARK 5"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // TMSAMVOF + new ContentMatchSet(new byte?[] { 0x54, 0x4D, 0x53, 0x41, 0x4D, 0x56, 0x4F, 0x46 }, "ActiveMARK"), + + // " " + (char)0xC2 + (char)0x16 + (char)0x00 + (char)0xA8 + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0xB8 + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0x86 + (char)0xC8 + (char)0x16 + (char)0x00 + (char)0x9A + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0x10 + (char)0xC2 + (char)0x16 + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x20, 0xC2, 0x16, 0x00, 0xA8, 0xC1, 0x16, 0x00, + 0xB8, 0xC1, 0x16, 0x00, 0x86, 0xC8, 0x16, 0x00, + 0x9A, 0xC1, 0x16, 0x00, 0x10, 0xC2, 0x16, 0x00 + }, "ActiveMARK 5"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/AlphaROM.cs b/BurnOutSharp/ProtectionType/AlphaROM.cs index 07e36807..80ff9e17 100644 --- a/BurnOutSharp/ProtectionType/AlphaROM.cs +++ b/BurnOutSharp/ProtectionType/AlphaROM.cs @@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType { public class AlphaROM : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // SETTEC - new ContentMatchSet(new byte?[] { 0x53, 0x45, 0x54, 0x54, 0x45, 0x43 }, "Alpha-ROM"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // SETTEC + new ContentMatchSet(new byte?[] { 0x53, 0x45, 0x54, 0x54, 0x45, 0x43 }, "Alpha-ROM"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/Bitpool.cs b/BurnOutSharp/ProtectionType/Bitpool.cs index 6d2c204f..62c220d9 100644 --- a/BurnOutSharp/ProtectionType/Bitpool.cs +++ b/BurnOutSharp/ProtectionType/Bitpool.cs @@ -1,5 +1,5 @@ -using System.Collections.Generic; -using BurnOutSharp.Matching; +using BurnOutSharp.Matching; +using System.Collections.Generic; namespace BurnOutSharp.ProtectionType { @@ -11,25 +11,21 @@ namespace BurnOutSharp.ProtectionType /// public class Bitpool : IContentCheck, IPathCheck { - - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // Sometimes found in CD.IDX - // BITPOOL.RSC - new ContentMatchSet(new byte?[] - { - 0x42, 0x49, 0x54, 0x50, 0x4F, 0x4F, 0x4C, 0x2E, - 0x52, 0x53, 0x43 - }, "Bitpool"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // Sometimes found in CD.IDX + // BITPOOL.RSC + new ContentMatchSet(new byte?[] + { + 0x42, 0x49, 0x54, 0x50, 0x4F, 0x4F, 0x4C, 0x2E, + 0x52, 0x53, 0x43 + }, "Bitpool"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/CDCheck.cs b/BurnOutSharp/ProtectionType/CDCheck.cs index ef5f524b..c1e269a1 100644 --- a/BurnOutSharp/ProtectionType/CDCheck.cs +++ b/BurnOutSharp/ProtectionType/CDCheck.cs @@ -5,26 +5,23 @@ namespace BurnOutSharp.ProtectionType { public class CDCheck : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // MGS CDCheck - new ContentMatchSet(new byte?[] - { - 0x4D, 0x47, 0x53, 0x20, 0x43, 0x44, 0x43, 0x68, - 0x65, 0x63, 0x6B - }, "Microsoft Game Studios CD Check"), - - // CDCheck - new ContentMatchSet(new byte?[] { 0x43, 0x44, 0x43, 0x68, 0x65, 0x63, 0x6B }, "Executable-Based CD Check"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // MGS CDCheck + new ContentMatchSet(new byte?[] + { + 0x4D, 0x47, 0x53, 0x20, 0x43, 0x44, 0x43, 0x68, + 0x65, 0x63, 0x6B + }, "Microsoft Game Studios CD Check"), + + // CDCheck + new ContentMatchSet(new byte?[] { 0x43, 0x44, 0x43, 0x68, 0x65, 0x63, 0x6B }, "Executable-Based CD Check"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } // These content checks are too broad to be useful diff --git a/BurnOutSharp/ProtectionType/CDCops.cs b/BurnOutSharp/ProtectionType/CDCops.cs index e4f7abed..acb2ae08 100644 --- a/BurnOutSharp/ProtectionType/CDCops.cs +++ b/BurnOutSharp/ProtectionType/CDCops.cs @@ -7,26 +7,23 @@ namespace BurnOutSharp.ProtectionType { public class CDCops : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // CD-Cops, ver. - new ContentMatchSet(new byte?[] - { - 0x43, 0x44, 0x2D, 0x43, 0x6F, 0x70, 0x73, 0x2C, - 0x20, 0x20, 0x76, 0x65, 0x72, 0x2E, 0x20 - }, GetVersion, "CD-Cops"), - - // .grand + (char)0x00 - new ContentMatchSet(new byte?[] { 0x2E, 0x67, 0x72, 0x61, 0x6E, 0x64, 0x00 }, "CD-Cops"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // CD-Cops, ver. + new ContentMatchSet(new byte?[] + { + 0x43, 0x44, 0x2D, 0x43, 0x6F, 0x70, 0x73, 0x2C, + 0x20, 0x20, 0x76, 0x65, 0x72, 0x2E, 0x20 + }, GetVersion, "CD-Cops"), + + // .grand + (char)0x00 + new ContentMatchSet(new byte?[] { 0x2E, 0x67, 0x72, 0x61, 0x6E, 0x64, 0x00 }, "CD-Cops"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/CDKey.cs b/BurnOutSharp/ProtectionType/CDKey.cs index eb8f115d..8a2e7a2a 100644 --- a/BurnOutSharp/ProtectionType/CDKey.cs +++ b/BurnOutSharp/ProtectionType/CDKey.cs @@ -5,26 +5,23 @@ namespace BurnOutSharp.ProtectionType { public class CDKey : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // I + (char)0x00 + n + (char)0x00 + t + (char)0x00 + e + (char)0x00 + r + (char)0x00 + n + (char)0x00 + a + (char)0x00 + l + (char)0x00 + N + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + + (char)0x00 + + (char)0x00 + C + (char)0x00 + D + (char)0x00 + K + (char)0x00 + e + (char)0x00 + y + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x49, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x00, - 0x72, 0x00, 0x6E, 0x00, 0x61, 0x00, 0x6C, 0x00, - 0x4E, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00, - 0x00, 0x00, 0x43, 0x00, 0x44, 0x00, 0x4B, 0x00, - 0x65, 0x00, 0x79, 0x00 - }, Utilities.GetFileVersion, "CD-Key / Serial"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // I + (char)0x00 + n + (char)0x00 + t + (char)0x00 + e + (char)0x00 + r + (char)0x00 + n + (char)0x00 + a + (char)0x00 + l + (char)0x00 + N + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + + (char)0x00 + + (char)0x00 + C + (char)0x00 + D + (char)0x00 + K + (char)0x00 + e + (char)0x00 + y + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x49, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x00, + 0x72, 0x00, 0x6E, 0x00, 0x61, 0x00, 0x6C, 0x00, + 0x4E, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00, + 0x00, 0x00, 0x43, 0x00, 0x44, 0x00, 0x4B, 0x00, + 0x65, 0x00, 0x79, 0x00 + }, Utilities.GetFileVersion, "CD-Key / Serial"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/CDLock.cs b/BurnOutSharp/ProtectionType/CDLock.cs index ba0d7a77..e1aef99c 100644 --- a/BurnOutSharp/ProtectionType/CDLock.cs +++ b/BurnOutSharp/ProtectionType/CDLock.cs @@ -5,25 +5,22 @@ namespace BurnOutSharp.ProtectionType { public class CDLock : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // 2 + (char)0xF2 + (char)0x02 + (char)0x82 + (char)0xC3 + (char)0xBC + (char)0x0B + $ + (char)0x99 + (char)0xAD + 'C + (char)0xE4 + (char)0x9D + st + (char)0x99 + (char)0xFA + 2$ + (char)0x9D + )4 + (char)0xFF + t - new ContentMatchSet(new byte?[] - { - 0x32, 0xF2, 0x02, 0x82, 0xC3, 0xBC, 0x0B, 0x24, - 0x99, 0xAD, 0x27, 0x43, 0xE4, 0x9D, 0x73, 0x74, - 0x99, 0xFA, 0x32, 0x24, 0x9D, 0x29, 0x34, 0xFF, - 0x74 - }, "CD-Lock"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // 2 + (char)0xF2 + (char)0x02 + (char)0x82 + (char)0xC3 + (char)0xBC + (char)0x0B + $ + (char)0x99 + (char)0xAD + 'C + (char)0xE4 + (char)0x9D + st + (char)0x99 + (char)0xFA + 2$ + (char)0x9D + )4 + (char)0xFF + t + new ContentMatchSet(new byte?[] + { + 0x32, 0xF2, 0x02, 0x82, 0xC3, 0xBC, 0x0B, 0x24, + 0x99, 0xAD, 0x27, 0x43, 0xE4, 0x9D, 0x73, 0x74, + 0x99, 0xFA, 0x32, 0x24, 0x9D, 0x29, 0x34, 0xFF, + 0x74 + }, "CD-Lock"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/CDSHiELDSE.cs b/BurnOutSharp/ProtectionType/CDSHiELDSE.cs index 49af5250..4fa47284 100644 --- a/BurnOutSharp/ProtectionType/CDSHiELDSE.cs +++ b/BurnOutSharp/ProtectionType/CDSHiELDSE.cs @@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType { public class CDSHiELDSE : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // ~0017.tmp - new ContentMatchSet(new byte?[] { 0x7E, 0x30, 0x30, 0x31, 0x37, 0x2E, 0x74, 0x6D, 0x70 }, "CDSHiELD SE"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // ~0017.tmp + new ContentMatchSet(new byte?[] { 0x7E, 0x30, 0x30, 0x31, 0x37, 0x2E, 0x74, 0x6D, 0x70 }, "CDSHiELD SE"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/CactusDataShield.cs b/BurnOutSharp/ProtectionType/CactusDataShield.cs index 30af3b18..ac13e5ae 100644 --- a/BurnOutSharp/ProtectionType/CactusDataShield.cs +++ b/BurnOutSharp/ProtectionType/CactusDataShield.cs @@ -9,25 +9,22 @@ namespace BurnOutSharp.ProtectionType { public class CactusDataShield : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // DATA.CDS - new ContentMatchSet(new byte?[] { 0x44, 0x41, 0x54, 0x41, 0x2E, 0x43, 0x44, 0x53 }, "Cactus Data Shield 200"), - - // \*.CDS - new ContentMatchSet(new byte?[] { 0x5C, 0x2A, 0x2E, 0x43, 0x44, 0x53 }, "Cactus Data Shield 200"), - - // CDSPlayer - new ContentMatchSet(new byte?[] { 0x43, 0x44, 0x53, 0x50, 0x6C, 0x61, 0x79, 0x65, 0x72 }, "Cactus Data Shield 200"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // DATA.CDS + new ContentMatchSet(new byte?[] { 0x44, 0x41, 0x54, 0x41, 0x2E, 0x43, 0x44, 0x53 }, "Cactus Data Shield 200"), + + // \*.CDS + new ContentMatchSet(new byte?[] { 0x5C, 0x2A, 0x2E, 0x43, 0x44, 0x53 }, "Cactus Data Shield 200"), + + // CDSPlayer + new ContentMatchSet(new byte?[] { 0x43, 0x44, 0x53, 0x50, 0x6C, 0x61, 0x79, 0x65, 0x72 }, "Cactus Data Shield 200"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/CengaProtectDVD.cs b/BurnOutSharp/ProtectionType/CengaProtectDVD.cs index 9c3cd013..13c8c35d 100644 --- a/BurnOutSharp/ProtectionType/CengaProtectDVD.cs +++ b/BurnOutSharp/ProtectionType/CengaProtectDVD.cs @@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType { public class CengaProtectDVD : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // .cenega - new ContentMatchSet(new byte?[] { 0x2E, 0x63, 0x65, 0x6E, 0x65, 0x67, 0x61 }, "Cenega ProtectDVD"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // .cenega + new ContentMatchSet(new byte?[] { 0x2E, 0x63, 0x65, 0x6E, 0x65, 0x67, 0x61 }, "Cenega ProtectDVD"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/CodeLock.cs b/BurnOutSharp/ProtectionType/CodeLock.cs index 815da25c..1a4b2a75 100644 --- a/BurnOutSharp/ProtectionType/CodeLock.cs +++ b/BurnOutSharp/ProtectionType/CodeLock.cs @@ -5,30 +5,27 @@ namespace BurnOutSharp.ProtectionType { public class CodeLock : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - /// TODO: Verify if these are OR or AND - private static readonly List contentMatchers = new List - { - // icd1 + (char)0x00 - new ContentMatchSet(new byte?[] { 0x69, 0x63, 0x64, 0x31, 0x00 }, "Code Lock"), - - // icd2 + (char)0x00 - new ContentMatchSet(new byte?[] { 0x69, 0x63, 0x64, 0x32, 0x00 }, "Code Lock"), - - // CODE-LOCK.OCX - new ContentMatchSet(new byte?[] - { - 0x43, 0x4F, 0x44, 0x45, 0x2D, 0x4C, 0x4F, 0x43, - 0x4B, 0x2E, 0x4F, 0x43, 0x58 - }, "Code Lock"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + // TODO: Verify if these are OR or AND + var matchers = new List + { + // icd1 + (char)0x00 + new ContentMatchSet(new byte?[] { 0x69, 0x63, 0x64, 0x31, 0x00 }, "Code Lock"), + + // icd2 + (char)0x00 + new ContentMatchSet(new byte?[] { 0x69, 0x63, 0x64, 0x32, 0x00 }, "Code Lock"), + + // CODE-LOCK.OCX + new ContentMatchSet(new byte?[] + { + 0x43, 0x4F, 0x44, 0x45, 0x2D, 0x4C, 0x4F, 0x43, + 0x4B, 0x2E, 0x4F, 0x43, 0x58 + }, "Code Lock"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/CopyKiller.cs b/BurnOutSharp/ProtectionType/CopyKiller.cs index e4bb6cc8..e4ebdb64 100644 --- a/BurnOutSharp/ProtectionType/CopyKiller.cs +++ b/BurnOutSharp/ProtectionType/CopyKiller.cs @@ -5,23 +5,20 @@ namespace BurnOutSharp.ProtectionType { public class CopyKiller : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // Tom Commander - new ContentMatchSet(new byte?[] - { - 0x54, 0x6F, 0x6D, 0x20, 0x43, 0x6F, 0x6D, 0x6D, - 0x61, 0x6E, 0x64, 0x65, 0x72 - }, "CopyKiller"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // Tom Commander + new ContentMatchSet(new byte?[] + { + 0x54, 0x6F, 0x6D, 0x20, 0x43, 0x6F, 0x6D, 0x6D, + 0x61, 0x6E, 0x64, 0x65, 0x72 + }, "CopyKiller"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/DVDCops.cs b/BurnOutSharp/ProtectionType/DVDCops.cs index 47e0eea9..788d82ef 100644 --- a/BurnOutSharp/ProtectionType/DVDCops.cs +++ b/BurnOutSharp/ProtectionType/DVDCops.cs @@ -7,23 +7,20 @@ namespace BurnOutSharp.ProtectionType { public class DVDCops : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // DVD-Cops, ver. - new ContentMatchSet(new byte?[] - { - 0x44, 0x56, 0x44, 0x2D, 0x43, 0x6F, 0x70, 0x73, - 0x2C, 0x20, 0x20, 0x76, 0x65, 0x72, 0x2E, 0x20 - }, GetVersion, "DVD-Cops"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // DVD-Cops, ver. + new ContentMatchSet(new byte?[] + { + 0x44, 0x56, 0x44, 0x2D, 0x43, 0x6F, 0x70, 0x73, + 0x2C, 0x20, 0x20, 0x76, 0x65, 0x72, 0x2E, 0x20 + }, GetVersion, "DVD-Cops"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } public static string GetVersion(string file, byte[] fileContent, List positions) diff --git a/BurnOutSharp/ProtectionType/ElectronicArts.cs b/BurnOutSharp/ProtectionType/ElectronicArts.cs index 79809c1c..73972937 100644 --- a/BurnOutSharp/ProtectionType/ElectronicArts.cs +++ b/BurnOutSharp/ProtectionType/ElectronicArts.cs @@ -5,93 +5,6 @@ namespace BurnOutSharp.ProtectionType { public class ElectronicArts : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // EASTL - //new ContentMatchSet(new byte?[] { 0x45, 0x41, 0x53, 0x54, 0x4C }, "Cucko (EA Custom)"), - - // R + (char)0x00 + e + (char)0x00 + g + (char)0x00 + i + (char)0x00 + s + (char)0x00 + t + (char)0x00 + r + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + C + (char)0x00 + o + (char)0x00 + d + (char)0x00 + e + (char)0x00 + + (char)0x00 + i + (char)0x00 + n + (char)0x00 + s + (char)0x00 + t + (char)0x00 + a + (char)0x00 + l + (char)0x00 + l + (char)0x00 + e + (char)0x00 + r + (char)0x00 + + (char)0x00 + p + (char)0x00 + r + (char)0x00 + o + (char)0x00 + g + (char)0x00 + r + (char)0x00 + a + (char)0x00 + m + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x52, 0x00, 0x65, 0x00, 0x67, 0x00, 0x69, 0x00, - 0x73, 0x00, 0x74, 0x00, 0x72, 0x00, 0x61, 0x00, - 0x74, 0x00, 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00, - 0x20, 0x00, 0x43, 0x00, 0x6F, 0x00, 0x64, 0x00, - 0x65, 0x00, 0x20, 0x00, 0x69, 0x00, 0x6E, 0x00, - 0x73, 0x00, 0x74, 0x00, 0x61, 0x00, 0x6C, 0x00, - 0x6C, 0x00, 0x65, 0x00, 0x72, 0x00, 0x20, 0x00, - 0x70, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x67, 0x00, - 0x72, 0x00, 0x61, 0x00, 0x6D, 0x00 - }, Utilities.GetFileVersion, "EA CdKey Registration Module"), - - // R + (char)0x00 + e + (char)0x00 + g + (char)0x00 + i + (char)0x00 + s + (char)0x00 + t + (char)0x00 + r + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + c + (char)0x00 + o + (char)0x00 + d + (char)0x00 + e + (char)0x00 + + (char)0x00 + i + (char)0x00 + n + (char)0x00 + s + (char)0x00 + t + (char)0x00 + a + (char)0x00 + l + (char)0x00 + l + (char)0x00 + e + (char)0x00 + r + (char)0x00 + + (char)0x00 + p + (char)0x00 + r + (char)0x00 + o + (char)0x00 + g + (char)0x00 + r + (char)0x00 + a + (char)0x00 + m + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x52, 0x00, 0x65, 0x00, 0x67, 0x00, 0x69, 0x00, - 0x73, 0x00, 0x74, 0x00, 0x72, 0x00, 0x61, 0x00, - 0x74, 0x00, 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00, - 0x20, 0x00, 0x63, 0x00, 0x6F, 0x00, 0x64, 0x00, - 0x65, 0x00, 0x20, 0x00, 0x69, 0x00, 0x6E, 0x00, - 0x73, 0x00, 0x74, 0x00, 0x61, 0x00, 0x6C, 0x00, - 0x6C, 0x00, 0x65, 0x00, 0x72, 0x00, 0x20, 0x00, - 0x70, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x67, 0x00, - 0x72, 0x00, 0x61, 0x00, 0x6D, 0x00 - }, Utilities.GetFileVersion, "EA CdKey Registration Module"), - - // A + (char)0x00 + b + (char)0x00 + o + (char)0x00 + u + (char)0x00 + t + (char)0x00 + + (char)0x00 + C + (char)0x00 + D + (char)0x00 + K + (char)0x00 + e + (char)0x00 + y + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x41, 0x00, 0x62, 0x00, 0x6F, 0x00, 0x75, 0x00, - 0x74, 0x00, 0x20, 0x00, 0x43, 0x00, 0x44, 0x00, - 0x4B, 0x00, 0x65, 0x00, 0x79, 0x00 - }, Utilities.GetFileVersion, "EA CdKey Registration Module"), - - // I + (char)0x00 + n + (char)0x00 + t + (char)0x00 + e + (char)0x00 + r + (char)0x00 + n + (char)0x00 + a + (char)0x00 + l + (char)0x00 + N + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + + (char)0x00 + + (char)0x00 + C + (char)0x00 + D + (char)0x00 + C + (char)0x00 + o + (char)0x00 + d + (char)0x00 + e + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x49, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x00, - 0x72, 0x00, 0x6E, 0x00, 0x61, 0x00, 0x6C, 0x00, - 0x4E, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00, - 0x00, 0x00, 0x43, 0x00, 0x44, 0x00, 0x43, 0x00, - 0x6F, 0x00, 0x64, 0x00, 0x65, 0x00 - }, Utilities.GetFileVersion, "EA CdKey Registration Module"), - - // EReg Config Form - new ContentMatchSet(new byte?[] - { - 0x45, 0x52, 0x65, 0x67, 0x20, 0x43, 0x6F, 0x6E, - 0x66, 0x69, 0x67, 0x20, 0x46, 0x6F, 0x72, 0x6D - }, Utilities.GetFileVersion, "EA CdKey Registration Module"), - - // ereg.ea-europe.com - new ContentMatchSet(new byte?[] - { - 0x65, 0x72, 0x65, 0x67, 0x2E, 0x65, 0x61, 0x2D, - 0x65, 0x75, 0x72, 0x6F, 0x70, 0x65, 0x2E, 0x63, - 0x6F, 0x6D - }, Utilities.GetFileVersion, "EA CdKey Registration Module"), - - // GenericEA + (char)0x00 + (char)0x00 + (char)0x00 + Activation - new ContentMatchSet(new byte?[] - { - 0x47, 0x65, 0x6E, 0x65, 0x72, 0x69, 0x63, 0x45, - 0x41, 0x00, 0x00, 0x00, 0x41, 0x63, 0x74, 0x69, - 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E - }, "EA DRM Protection"), - - // E + (char)0x00 + A + (char)0x00 + + (char)0x00 + D + (char)0x00 + R + (char)0x00 + M + (char)0x00 + + (char)0x00 + H + (char)0x00 + e + (char)0x00 + l + (char)0x00 + p + (char)0x00 + e + (char)0x00 + r + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x45, 0x00, 0x41, 0x00, 0x20, 0x00, 0x44, 0x00, - 0x52, 0x00, 0x4D, 0x00, 0x20, 0x00, 0x48, 0x00, - 0x65, 0x00, 0x6C, 0x00, 0x70, 0x00, 0x65, 0x00, - 0x72, 0x00 - }, "EA DRM Protection"), - }; - // TODO: Verify this doesn't over-match // TODO: Do more research into the Cucko protection: // - Reference to `EASTL` and `EAStdC` are standard for EA products and does not indicate Cucko by itself @@ -99,7 +12,91 @@ namespace BurnOutSharp.ProtectionType /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // EASTL + //new ContentMatchSet(new byte?[] { 0x45, 0x41, 0x53, 0x54, 0x4C }, "Cucko (EA Custom)"), + + // R + (char)0x00 + e + (char)0x00 + g + (char)0x00 + i + (char)0x00 + s + (char)0x00 + t + (char)0x00 + r + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + C + (char)0x00 + o + (char)0x00 + d + (char)0x00 + e + (char)0x00 + + (char)0x00 + i + (char)0x00 + n + (char)0x00 + s + (char)0x00 + t + (char)0x00 + a + (char)0x00 + l + (char)0x00 + l + (char)0x00 + e + (char)0x00 + r + (char)0x00 + + (char)0x00 + p + (char)0x00 + r + (char)0x00 + o + (char)0x00 + g + (char)0x00 + r + (char)0x00 + a + (char)0x00 + m + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x52, 0x00, 0x65, 0x00, 0x67, 0x00, 0x69, 0x00, + 0x73, 0x00, 0x74, 0x00, 0x72, 0x00, 0x61, 0x00, + 0x74, 0x00, 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00, + 0x20, 0x00, 0x43, 0x00, 0x6F, 0x00, 0x64, 0x00, + 0x65, 0x00, 0x20, 0x00, 0x69, 0x00, 0x6E, 0x00, + 0x73, 0x00, 0x74, 0x00, 0x61, 0x00, 0x6C, 0x00, + 0x6C, 0x00, 0x65, 0x00, 0x72, 0x00, 0x20, 0x00, + 0x70, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x67, 0x00, + 0x72, 0x00, 0x61, 0x00, 0x6D, 0x00 + }, Utilities.GetFileVersion, "EA CdKey Registration Module"), + + // R + (char)0x00 + e + (char)0x00 + g + (char)0x00 + i + (char)0x00 + s + (char)0x00 + t + (char)0x00 + r + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + c + (char)0x00 + o + (char)0x00 + d + (char)0x00 + e + (char)0x00 + + (char)0x00 + i + (char)0x00 + n + (char)0x00 + s + (char)0x00 + t + (char)0x00 + a + (char)0x00 + l + (char)0x00 + l + (char)0x00 + e + (char)0x00 + r + (char)0x00 + + (char)0x00 + p + (char)0x00 + r + (char)0x00 + o + (char)0x00 + g + (char)0x00 + r + (char)0x00 + a + (char)0x00 + m + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x52, 0x00, 0x65, 0x00, 0x67, 0x00, 0x69, 0x00, + 0x73, 0x00, 0x74, 0x00, 0x72, 0x00, 0x61, 0x00, + 0x74, 0x00, 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00, + 0x20, 0x00, 0x63, 0x00, 0x6F, 0x00, 0x64, 0x00, + 0x65, 0x00, 0x20, 0x00, 0x69, 0x00, 0x6E, 0x00, + 0x73, 0x00, 0x74, 0x00, 0x61, 0x00, 0x6C, 0x00, + 0x6C, 0x00, 0x65, 0x00, 0x72, 0x00, 0x20, 0x00, + 0x70, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x67, 0x00, + 0x72, 0x00, 0x61, 0x00, 0x6D, 0x00 + }, Utilities.GetFileVersion, "EA CdKey Registration Module"), + + // A + (char)0x00 + b + (char)0x00 + o + (char)0x00 + u + (char)0x00 + t + (char)0x00 + + (char)0x00 + C + (char)0x00 + D + (char)0x00 + K + (char)0x00 + e + (char)0x00 + y + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x41, 0x00, 0x62, 0x00, 0x6F, 0x00, 0x75, 0x00, + 0x74, 0x00, 0x20, 0x00, 0x43, 0x00, 0x44, 0x00, + 0x4B, 0x00, 0x65, 0x00, 0x79, 0x00 + }, Utilities.GetFileVersion, "EA CdKey Registration Module"), + + // I + (char)0x00 + n + (char)0x00 + t + (char)0x00 + e + (char)0x00 + r + (char)0x00 + n + (char)0x00 + a + (char)0x00 + l + (char)0x00 + N + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + + (char)0x00 + + (char)0x00 + C + (char)0x00 + D + (char)0x00 + C + (char)0x00 + o + (char)0x00 + d + (char)0x00 + e + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x49, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x00, + 0x72, 0x00, 0x6E, 0x00, 0x61, 0x00, 0x6C, 0x00, + 0x4E, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00, + 0x00, 0x00, 0x43, 0x00, 0x44, 0x00, 0x43, 0x00, + 0x6F, 0x00, 0x64, 0x00, 0x65, 0x00 + }, Utilities.GetFileVersion, "EA CdKey Registration Module"), + + // EReg Config Form + new ContentMatchSet(new byte?[] + { + 0x45, 0x52, 0x65, 0x67, 0x20, 0x43, 0x6F, 0x6E, + 0x66, 0x69, 0x67, 0x20, 0x46, 0x6F, 0x72, 0x6D + }, Utilities.GetFileVersion, "EA CdKey Registration Module"), + + // ereg.ea-europe.com + new ContentMatchSet(new byte?[] + { + 0x65, 0x72, 0x65, 0x67, 0x2E, 0x65, 0x61, 0x2D, + 0x65, 0x75, 0x72, 0x6F, 0x70, 0x65, 0x2E, 0x63, + 0x6F, 0x6D + }, Utilities.GetFileVersion, "EA CdKey Registration Module"), + + // GenericEA + (char)0x00 + (char)0x00 + (char)0x00 + Activation + new ContentMatchSet(new byte?[] + { + 0x47, 0x65, 0x6E, 0x65, 0x72, 0x69, 0x63, 0x45, + 0x41, 0x00, 0x00, 0x00, 0x41, 0x63, 0x74, 0x69, + 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E + }, "EA DRM Protection"), + + // E + (char)0x00 + A + (char)0x00 + + (char)0x00 + D + (char)0x00 + R + (char)0x00 + M + (char)0x00 + + (char)0x00 + H + (char)0x00 + e + (char)0x00 + l + (char)0x00 + p + (char)0x00 + e + (char)0x00 + r + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x45, 0x00, 0x41, 0x00, 0x20, 0x00, 0x44, 0x00, + 0x52, 0x00, 0x4D, 0x00, 0x20, 0x00, 0x48, 0x00, + 0x65, 0x00, 0x6C, 0x00, 0x70, 0x00, 0x65, 0x00, + 0x72, 0x00 + }, "EA DRM Protection"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/GFWL.cs b/BurnOutSharp/ProtectionType/GFWL.cs index a0de6de3..0a3b4d84 100644 --- a/BurnOutSharp/ProtectionType/GFWL.cs +++ b/BurnOutSharp/ProtectionType/GFWL.cs @@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType { public class GFWL : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // xlive.dll - new ContentMatchSet(new byte?[] { 0x78, 0x6C, 0x69, 0x76, 0x65, 0x2E, 0x64, 0x6C, 0x6C }, "Games for Windows - Live"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // xlive.dll + new ContentMatchSet(new byte?[] { 0x78, 0x6C, 0x69, 0x76, 0x65, 0x2E, 0x64, 0x6C, 0x6C }, "Games for Windows - Live"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/ImpulseReactor.cs b/BurnOutSharp/ProtectionType/ImpulseReactor.cs index aca6e5be..400e0897 100644 --- a/BurnOutSharp/ProtectionType/ImpulseReactor.cs +++ b/BurnOutSharp/ProtectionType/ImpulseReactor.cs @@ -5,46 +5,43 @@ namespace BurnOutSharp.ProtectionType { public class ImpulseReactor : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List + /// + public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - new ContentMatchSet(new List + var matchers = new List { + new ContentMatchSet(new List + { + // CVPInitializeClient + new byte?[] + { + 0x43, 0x56, 0x50, 0x49, 0x6E, 0x69, 0x74, 0x69, + 0x61, 0x6C, 0x69, 0x7A, 0x65, 0x43, 0x6C, 0x69, + 0x65, 0x6E, 0x74 + }, + + // A + (char)0x00 + T + (char)0x00 + T + (char)0x00 + L + (char)0x00 + I + (char)0x00 + S + (char)0x00 + T + (char)0x00 + (char)0x00 + (char)0x00 + E + (char)0x00 + L + (char)0x00 + E + (char)0x00 + M + (char)0x00 + E + (char)0x00 + N + (char)0x00 + T + (char)0x00 + (char)0x00 + (char)0x00 + N + (char)0x00 + O + (char)0x00 + T + (char)0x00 + A + (char)0x00 + T + (char)0x00 + I + (char)0x00 + O + (char)0x00 + N + (char)0x00 + new byte?[] + { + 0x41, 0x00, 0x54, 0x00, 0x54, 0x00, 0x4C, 0x00, + 0x49, 0x00, 0x53, 0x00, 0x54, 0x00, 0x00, 0x00, + 0x45, 0x00, 0x4C, 0x00, 0x45, 0x00, 0x4D, 0x00, + 0x45, 0x00, 0x4E, 0x00, 0x54, 0x00, 0x00, 0x00, + 0x4E, 0x00, 0x4F, 0x00, 0x54, 0x00, 0x41, 0x00, + 0x54, 0x00, 0x49, 0x00, 0x4F, 0x00, 0x4E + }, + }, Utilities.GetFileVersion, "Impulse Reactor"), + // CVPInitializeClient - new byte?[] + new ContentMatchSet(new byte?[] { 0x43, 0x56, 0x50, 0x49, 0x6E, 0x69, 0x74, 0x69, 0x61, 0x6C, 0x69, 0x7A, 0x65, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74 - }, + }, "Impulse Reactor"), + }; - // A + (char)0x00 + T + (char)0x00 + T + (char)0x00 + L + (char)0x00 + I + (char)0x00 + S + (char)0x00 + T + (char)0x00 + (char)0x00 + (char)0x00 + E + (char)0x00 + L + (char)0x00 + E + (char)0x00 + M + (char)0x00 + E + (char)0x00 + N + (char)0x00 + T + (char)0x00 + (char)0x00 + (char)0x00 + N + (char)0x00 + O + (char)0x00 + T + (char)0x00 + A + (char)0x00 + T + (char)0x00 + I + (char)0x00 + O + (char)0x00 + N + (char)0x00 - new byte?[] - { - 0x41, 0x00, 0x54, 0x00, 0x54, 0x00, 0x4C, 0x00, - 0x49, 0x00, 0x53, 0x00, 0x54, 0x00, 0x00, 0x00, - 0x45, 0x00, 0x4C, 0x00, 0x45, 0x00, 0x4D, 0x00, - 0x45, 0x00, 0x4E, 0x00, 0x54, 0x00, 0x00, 0x00, - 0x4E, 0x00, 0x4F, 0x00, 0x54, 0x00, 0x41, 0x00, - 0x54, 0x00, 0x49, 0x00, 0x4F, 0x00, 0x4E - }, - }, Utilities.GetFileVersion, "Impulse Reactor"), - - // CVPInitializeClient - new ContentMatchSet(new byte?[] - { - 0x43, 0x56, 0x50, 0x49, 0x6E, 0x69, 0x74, 0x69, - 0x61, 0x6C, 0x69, 0x7A, 0x65, 0x43, 0x6C, 0x69, - 0x65, 0x6E, 0x74 - }, "Impulse Reactor"), - }; - - /// - public string CheckContents(string file, byte[] fileContent, bool includePosition = false) - { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/Intenium.cs b/BurnOutSharp/ProtectionType/Intenium.cs index 6adb4c40..082f6af9 100644 --- a/BurnOutSharp/ProtectionType/Intenium.cs +++ b/BurnOutSharp/ProtectionType/Intenium.cs @@ -21,19 +21,16 @@ namespace BurnOutSharp.ProtectionType * - NO NESTED PRMS SUPPORTED - 4E 4F 20 4E 45 53 54 45 44 20 50 52 4D 53 20 53 55 50 50 4F 52 54 45 44 */ - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // Trial + (char)0x00 + P - new ContentMatchSet(new byte?[] { 0x54, 0x72, 0x69, 0x61, 0x6C, 0x00, 0x50 }, "INTENIUM Trial & Buy Protection"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // Trial + (char)0x00 + P + new ContentMatchSet(new byte?[] { 0x54, 0x72, 0x69, 0x61, 0x6C, 0x00, 0x50 }, "INTENIUM Trial & Buy Protection"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/JoWooDXProt.cs b/BurnOutSharp/ProtectionType/JoWooDXProt.cs index bb67b492..a5928931 100644 --- a/BurnOutSharp/ProtectionType/JoWooDXProt.cs +++ b/BurnOutSharp/ProtectionType/JoWooDXProt.cs @@ -7,37 +7,34 @@ namespace BurnOutSharp.ProtectionType { public class JoWooDXProt : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // @HC09 - new ContentMatchSet(new byte?[] { 0x40, 0x48, 0x43, 0x30, 0x39, 0x20, 0x20, 0x20, 0x20 }, "JoWooD X-Prot v2"), - - new ContentMatchSet(new List - { - // .ext - new byte?[] { 0x2E, 0x65, 0x78, 0x74, 0x20, 0x20, 0x20, 0x20 }, - - // kernel32.dll + (char)0x00 + (char)0x00 + (char)0x00 + VirtualProtect - new byte?[] - { - 0x6B, 0x65, 0x72, 0x6E, 0x65, 0x6C, 0x33, 0x32, - 0x2E, 0x64, 0x6C, 0x6C, 0x00, 0x00, 0x00, 0x56, - 0x69, 0x72, 0x74, 0x75, 0x61, 0x6C, 0x50, 0x72, - 0x6F, 0x74, 0x65, 0x63, 0x74 - }, - }, GetVersion, "JoWooD X-Prot"), - - // .ext - new ContentMatchSet(new byte?[] { 0x2E, 0x65, 0x78, 0x74, 0x20, 0x20, 0x20, 0x20 }, "JoWooD X-Prot v1"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // @HC09 + new ContentMatchSet(new byte?[] { 0x40, 0x48, 0x43, 0x30, 0x39, 0x20, 0x20, 0x20, 0x20 }, "JoWooD X-Prot v2"), + + new ContentMatchSet(new List + { + // .ext + new byte?[] { 0x2E, 0x65, 0x78, 0x74, 0x20, 0x20, 0x20, 0x20 }, + + // kernel32.dll + (char)0x00 + (char)0x00 + (char)0x00 + VirtualProtect + new byte?[] + { + 0x6B, 0x65, 0x72, 0x6E, 0x65, 0x6C, 0x33, 0x32, + 0x2E, 0x64, 0x6C, 0x6C, 0x00, 0x00, 0x00, 0x56, + 0x69, 0x72, 0x74, 0x75, 0x61, 0x6C, 0x50, 0x72, + 0x6F, 0x74, 0x65, 0x63, 0x74 + }, + }, GetVersion, "JoWooD X-Prot"), + + // .ext + new ContentMatchSet(new byte?[] { 0x2E, 0x65, 0x78, 0x74, 0x20, 0x20, 0x20, 0x20 }, "JoWooD X-Prot v1"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } public static string GetVersion(string file, byte[] fileContent, List positions) diff --git a/BurnOutSharp/ProtectionType/KeyLock.cs b/BurnOutSharp/ProtectionType/KeyLock.cs index a4a4e17b..d65b8cad 100644 --- a/BurnOutSharp/ProtectionType/KeyLock.cs +++ b/BurnOutSharp/ProtectionType/KeyLock.cs @@ -5,23 +5,20 @@ namespace BurnOutSharp.ProtectionType { public class KeyLock : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // KEY-LOCK COMMAND - new ContentMatchSet(new byte?[] - { - 0x4B, 0x45, 0x59, 0x2D, 0x4C, 0x4F, 0x43, 0x4B, - 0x20, 0x43, 0x4F, 0x4D, 0x4D, 0x41, 0x4E, 0x44 - }, "Key-Lock (Dongle)"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // KEY-LOCK COMMAND + new ContentMatchSet(new byte?[] + { + 0x4B, 0x45, 0x59, 0x2D, 0x4C, 0x4F, 0x43, 0x4B, + 0x20, 0x43, 0x4F, 0x4D, 0x4D, 0x41, 0x4E, 0x44 + }, "Key-Lock (Dongle)"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/LaserLock.cs b/BurnOutSharp/ProtectionType/LaserLock.cs index d5facccc..120240a1 100644 --- a/BurnOutSharp/ProtectionType/LaserLock.cs +++ b/BurnOutSharp/ProtectionType/LaserLock.cs @@ -9,37 +9,6 @@ namespace BurnOutSharp.ProtectionType // TODO: Figure out how to use GetContentMatches here public class LaserLock : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // :\\LASERLOK\\LASERLOK.IN + (char)0x00 + C:\\NOMOUSE.SP - new ContentMatchSet(new byte?[] - { - 0x3A, 0x5C, 0x5C, 0x4C, 0x41, 0x53, 0x45, 0x52, - 0x4C, 0x4F, 0x4B, 0x5C, 0x5C, 0x4C, 0x41, 0x53, - 0x45, 0x52, 0x4C, 0x4F, 0x4B, 0x2E, 0x49, 0x4E, - 0x00, 0x43, 0x3A, 0x5C, 0x5C, 0x4E, 0x4F, 0x4D, - 0x4F, 0x55, 0x53, 0x45, 0x2E, 0x53, 0x50 - }, "LaserLock 3"), - - // LASERLOK_INIT + (char)0xC + LASERLOK_RUN + (char)0xE + LASERLOK_CHECK + (char)0xF + LASERLOK_CHECK2 + (char)0xF + LASERLOK_CHECK3 - new ContentMatchSet(new byte?[] - { - 0x4C, 0x41, 0x53, 0x45, 0x52, 0x4C, 0x4F, 0x4B, - 0x5F, 0x49, 0x4E, 0x49, 0x54, 0x0C, 0x4C, 0x41, - 0x53, 0x45, 0x52, 0x4C, 0x4F, 0x4B, 0x5F, 0x52, - 0x55, 0x4E, 0x0E, 0x4C, 0x41, 0x53, 0x45, 0x52, - 0x4C, 0x4F, 0x4B, 0x5F, 0x43, 0x48, 0x45, 0x43, - 0x4B, 0x0F, 0x4C, 0x41, 0x53, 0x45, 0x52, 0x4C, - 0x4F, 0x4B, 0x5F, 0x43, 0x48, 0x45, 0x43, 0x4B, - 0x32, 0x0F, 0x4C, 0x41, 0x53, 0x45, 0x52, 0x4C, - 0x4F, 0x4B, 0x5F, 0x43, 0x48, 0x45, 0x43, 0x4B, - 0x33 - }, "LaserLock 5"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { @@ -61,7 +30,35 @@ namespace BurnOutSharp.ProtectionType if (file != null && string.Equals(Path.GetFileName(file), "NOMOUSE.SP", StringComparison.OrdinalIgnoreCase)) return $"LaserLock {GetVersion16Bit(fileContent)}" + (includePosition ? $" (Index 71)" : string.Empty); - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // :\\LASERLOK\\LASERLOK.IN + (char)0x00 + C:\\NOMOUSE.SP + new ContentMatchSet(new byte?[] + { + 0x3A, 0x5C, 0x5C, 0x4C, 0x41, 0x53, 0x45, 0x52, + 0x4C, 0x4F, 0x4B, 0x5C, 0x5C, 0x4C, 0x41, 0x53, + 0x45, 0x52, 0x4C, 0x4F, 0x4B, 0x2E, 0x49, 0x4E, + 0x00, 0x43, 0x3A, 0x5C, 0x5C, 0x4E, 0x4F, 0x4D, + 0x4F, 0x55, 0x53, 0x45, 0x2E, 0x53, 0x50 + }, "LaserLock 3"), + + // LASERLOK_INIT + (char)0xC + LASERLOK_RUN + (char)0xE + LASERLOK_CHECK + (char)0xF + LASERLOK_CHECK2 + (char)0xF + LASERLOK_CHECK3 + new ContentMatchSet(new byte?[] + { + 0x4C, 0x41, 0x53, 0x45, 0x52, 0x4C, 0x4F, 0x4B, + 0x5F, 0x49, 0x4E, 0x49, 0x54, 0x0C, 0x4C, 0x41, + 0x53, 0x45, 0x52, 0x4C, 0x4F, 0x4B, 0x5F, 0x52, + 0x55, 0x4E, 0x0E, 0x4C, 0x41, 0x53, 0x45, 0x52, + 0x4C, 0x4F, 0x4B, 0x5F, 0x43, 0x48, 0x45, 0x43, + 0x4B, 0x0F, 0x4C, 0x41, 0x53, 0x45, 0x52, 0x4C, + 0x4F, 0x4B, 0x5F, 0x43, 0x48, 0x45, 0x43, 0x4B, + 0x32, 0x0F, 0x4C, 0x41, 0x53, 0x45, 0x52, 0x4C, + 0x4F, 0x4B, 0x5F, 0x43, 0x48, 0x45, 0x43, 0x4B, + 0x33 + }, "LaserLock 5"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/MediaMaxCD3.cs b/BurnOutSharp/ProtectionType/MediaMaxCD3.cs index f95c2ba1..8994278c 100644 --- a/BurnOutSharp/ProtectionType/MediaMaxCD3.cs +++ b/BurnOutSharp/ProtectionType/MediaMaxCD3.cs @@ -5,26 +5,23 @@ namespace BurnOutSharp.ProtectionType { public class MediaMaxCD3 : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // Cd3Ctl - new ContentMatchSet(new byte?[] { 0x43, 0x64, 0x33, 0x43, 0x74, 0x6C }, "MediaMax CD-3"), - - // DllInstallSbcp - new ContentMatchSet(new byte?[] - { - 0x44, 0x6C, 0x6C, 0x49, 0x6E, 0x73, 0x74, 0x61, - 0x6C, 0x6C, 0x53, 0x62, 0x63, 0x70 - }, "MediaMax CD-3"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // Cd3Ctl + new ContentMatchSet(new byte?[] { 0x43, 0x64, 0x33, 0x43, 0x74, 0x6C }, "MediaMax CD-3"), + + // DllInstallSbcp + new ContentMatchSet(new byte?[] + { + 0x44, 0x6C, 0x6C, 0x49, 0x6E, 0x73, 0x74, 0x61, + 0x6C, 0x6C, 0x53, 0x62, 0x63, 0x70 + }, "MediaMax CD-3"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/OnlineRegistration.cs b/BurnOutSharp/ProtectionType/OnlineRegistration.cs index 46aae111..dcad8605 100644 --- a/BurnOutSharp/ProtectionType/OnlineRegistration.cs +++ b/BurnOutSharp/ProtectionType/OnlineRegistration.cs @@ -5,26 +5,23 @@ namespace BurnOutSharp.ProtectionType { public class OnlineRegistration : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // I + (char)0x00 + n + (char)0x00 + t + (char)0x00 + e + (char)0x00 + r + (char)0x00 + n + (char)0x00 + a + (char)0x00 + l + (char)0x00 + N + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + + (char)0x00 + + (char)0x00 + E + (char)0x00 + R + (char)0x00 + e + (char)0x00 + g + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x49, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x00, - 0x72, 0x00, 0x6E, 0x00, 0x61, 0x00, 0x6C, 0x00, - 0x4E, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00, - 0x00, 0x00, 0x45, 0x00, 0x52, 0x00, 0x65, 0x00, - 0x67, 0x00 - }, Utilities.GetFileVersion, "Executable-Based Online Registration"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // I + (char)0x00 + n + (char)0x00 + t + (char)0x00 + e + (char)0x00 + r + (char)0x00 + n + (char)0x00 + a + (char)0x00 + l + (char)0x00 + N + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + + (char)0x00 + + (char)0x00 + E + (char)0x00 + R + (char)0x00 + e + (char)0x00 + g + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x49, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x00, + 0x72, 0x00, 0x6E, 0x00, 0x61, 0x00, 0x6C, 0x00, + 0x4E, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00, + 0x00, 0x00, 0x45, 0x00, 0x52, 0x00, 0x65, 0x00, + 0x67, 0x00 + }, Utilities.GetFileVersion, "Executable-Based Online Registration"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/Origin.cs b/BurnOutSharp/ProtectionType/Origin.cs index 4a47996c..37a7b37c 100644 --- a/BurnOutSharp/ProtectionType/Origin.cs +++ b/BurnOutSharp/ProtectionType/Origin.cs @@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType { public class Origin : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // O + (char)0x00 + r + (char)0x00 + i + (char)0x00 + g + (char)0x00 + i + (char)0x00 + n + (char)0x00 + S + (char)0x00 + e + (char)0x00 + t + (char)0x00 + u + (char)0x00 + p + (char)0x00 + . + (char)0x00 + e + (char)0x00 + x + (char)0x00 + e + (char)0x00 - new ContentMatchSet(new byte?[] { 0x4F, 0x00, 0x72, 0x00, 0x69, 0x00, 0x67, 0x00, 0x69, 0x00, 0x6E, 0x00, 0x53, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00, 0x70, 0x00, 0x2E, 0x00, 0x65, 0x00, 0x78, 0x00, 0x65, 0x00 }, "Origin"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // O + (char)0x00 + r + (char)0x00 + i + (char)0x00 + g + (char)0x00 + i + (char)0x00 + n + (char)0x00 + S + (char)0x00 + e + (char)0x00 + t + (char)0x00 + u + (char)0x00 + p + (char)0x00 + . + (char)0x00 + e + (char)0x00 + x + (char)0x00 + e + (char)0x00 + new ContentMatchSet(new byte?[] { 0x4F, 0x00, 0x72, 0x00, 0x69, 0x00, 0x67, 0x00, 0x69, 0x00, 0x6E, 0x00, 0x53, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00, 0x70, 0x00, 0x2E, 0x00, 0x65, 0x00, 0x78, 0x00, 0x65, 0x00 }, "Origin"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/PSXAntiModchip.cs b/BurnOutSharp/ProtectionType/PSXAntiModchip.cs index 57d6c7b7..b4548c89 100644 --- a/BurnOutSharp/ProtectionType/PSXAntiModchip.cs +++ b/BurnOutSharp/ProtectionType/PSXAntiModchip.cs @@ -5,47 +5,44 @@ namespace BurnOutSharp.ProtectionType { public class PSXAntiModchip : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // SOFTWARE TERMINATED\nCONSOLE MAY HAVE BEEN MODIFIED\n CALL 1-888-780-7690 - new ContentMatchSet(new byte?[] - { - 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x4F, 0x46, - 0x54, 0x57, 0x41, 0x52, 0x45, 0x20, 0x54, 0x45, - 0x52, 0x4D, 0x49, 0x4E, 0x41, 0x54, 0x45, 0x44, - 0x5C, 0x6E, 0x43, 0x4F, 0x4E, 0x53, 0x4F, 0x4C, - 0x45, 0x20, 0x4D, 0x41, 0x59, 0x20, 0x48, 0x41, - 0x56, 0x45, 0x20, 0x42, 0x45, 0x45, 0x4E, 0x20, - 0x4D, 0x4F, 0x44, 0x49, 0x46, 0x49, 0x45, 0x44, - 0x5C, 0x6E, 0x20, 0x20, 0x20, 0x20, 0x20, 0x43, - 0x41, 0x4C, 0x4C, 0x20, 0x31, 0x2D, 0x38, 0x38, - 0x38, 0x2D, 0x37, 0x38, 0x30, 0x2D, 0x37, 0x36, - 0x39, 0x30 - }, "PlayStation Anti-modchip (English)"), - - // 強制終了しました。\n本体が改造されている\nおそれがあります。 - new ContentMatchSet(new byte?[] - { - 0x5F, 0x37, 0x52, 0x36, 0x7D, 0x42, 0x4E, 0x86, - 0x30, 0x57, 0x30, 0x7E, 0x30, 0x57, 0x30, 0x5F, - 0x30, 0x02, 0x5C, 0x6E, 0x67, 0x2C, 0x4F, 0x53, - 0x30, 0x4C, 0x65, 0x39, 0x90, 0x20, 0x30, 0x55, - 0x30, 0x8C, 0x30, 0x66, 0x30, 0x44, 0x30, 0x8B, - 0x5C, 0x6E, 0x30, 0x4A, 0x30, 0x5D, 0x30, 0x8C, - 0x30, 0x4C, 0x30, 0x42, 0x30, 0x8A, 0x30, 0x7E, - 0x30, 0x59, 0x30, 0x02 - }, "PlayStation Anti-modchip (Japanese)"), - }; - // TODO: Figure out PSX binary header so this can be checked explicitly // TODO: Detect Red Hand protection /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // SOFTWARE TERMINATED\nCONSOLE MAY HAVE BEEN MODIFIED\n CALL 1-888-780-7690 + new ContentMatchSet(new byte?[] + { + 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x4F, 0x46, + 0x54, 0x57, 0x41, 0x52, 0x45, 0x20, 0x54, 0x45, + 0x52, 0x4D, 0x49, 0x4E, 0x41, 0x54, 0x45, 0x44, + 0x5C, 0x6E, 0x43, 0x4F, 0x4E, 0x53, 0x4F, 0x4C, + 0x45, 0x20, 0x4D, 0x41, 0x59, 0x20, 0x48, 0x41, + 0x56, 0x45, 0x20, 0x42, 0x45, 0x45, 0x4E, 0x20, + 0x4D, 0x4F, 0x44, 0x49, 0x46, 0x49, 0x45, 0x44, + 0x5C, 0x6E, 0x20, 0x20, 0x20, 0x20, 0x20, 0x43, + 0x41, 0x4C, 0x4C, 0x20, 0x31, 0x2D, 0x38, 0x38, + 0x38, 0x2D, 0x37, 0x38, 0x30, 0x2D, 0x37, 0x36, + 0x39, 0x30 + }, "PlayStation Anti-modchip (English)"), + + // 強制終了しました。\n本体が改造されている\nおそれがあります。 + new ContentMatchSet(new byte?[] + { + 0x5F, 0x37, 0x52, 0x36, 0x7D, 0x42, 0x4E, 0x86, + 0x30, 0x57, 0x30, 0x7E, 0x30, 0x57, 0x30, 0x5F, + 0x30, 0x02, 0x5C, 0x6E, 0x67, 0x2C, 0x4F, 0x53, + 0x30, 0x4C, 0x65, 0x39, 0x90, 0x20, 0x30, 0x55, + 0x30, 0x8C, 0x30, 0x66, 0x30, 0x44, 0x30, 0x8B, + 0x5C, 0x6E, 0x30, 0x4A, 0x30, 0x5D, 0x30, 0x8C, + 0x30, 0x4C, 0x30, 0x42, 0x30, 0x8A, 0x30, 0x7E, + 0x30, 0x59, 0x30, 0x02 + }, "PlayStation Anti-modchip (Japanese)"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/ProtectDisc.cs b/BurnOutSharp/ProtectionType/ProtectDisc.cs index b201a61d..907a6726 100644 --- a/BurnOutSharp/ProtectionType/ProtectDisc.cs +++ b/BurnOutSharp/ProtectionType/ProtectDisc.cs @@ -10,22 +10,19 @@ namespace BurnOutSharp.ProtectionType { public class ProtectDisc : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // HúMETINF - new ContentMatchSet(new byte?[] { 0x48, 0xFA, 0x4D, 0x45, 0x54, 0x49, 0x4E, 0x46 }, GetVersion76till10, "ProtectDisc"), - - // ACE-PCD - new ContentMatchSet(new byte?[] { 0x41, 0x43, 0x45, 0x2D, 0x50, 0x43, 0x44 }, GetVersion6till8, "ProtectDisc"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // HúMETINF + new ContentMatchSet(new byte?[] { 0x48, 0xFA, 0x4D, 0x45, 0x54, 0x49, 0x4E, 0x46 }, GetVersion76till10, "ProtectDisc"), + + // ACE-PCD + new ContentMatchSet(new byte?[] { 0x41, 0x43, 0x45, 0x2D, 0x50, 0x43, 0x44 }, GetVersion6till8, "ProtectDisc"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } public static string GetVersion6till8(string file, byte[] fileContent, List positions) diff --git a/BurnOutSharp/ProtectionType/RingPROTECH.cs b/BurnOutSharp/ProtectionType/RingPROTECH.cs index a7acf9e2..2ecff1b0 100644 --- a/BurnOutSharp/ProtectionType/RingPROTECH.cs +++ b/BurnOutSharp/ProtectionType/RingPROTECH.cs @@ -5,24 +5,20 @@ namespace BurnOutSharp.ProtectionType { public class RingPROTECH : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - /// TODO: Investigate as this may be over-matching - private static readonly List contentMatchers = new List - { - // (char)0x00 + Allocator + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x00, 0x41, 0x6C, 0x6C, 0x6F, 0x63, 0x61, 0x74, - 0x6F, 0x72, 0x00, 0x00, 0x00, 0x00 - }, "Ring PROTECH [Check disc for physical ring]"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // (char)0x00 + Allocator + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x00, 0x41, 0x6C, 0x6C, 0x6F, 0x63, 0x61, 0x74, + 0x6F, 0x72, 0x00, 0x00, 0x00, 0x00 + }, "Ring PROTECH [Check disc for physical ring]"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/SVKProtector.cs b/BurnOutSharp/ProtectionType/SVKProtector.cs index 618cc6a5..5090d84e 100644 --- a/BurnOutSharp/ProtectionType/SVKProtector.cs +++ b/BurnOutSharp/ProtectionType/SVKProtector.cs @@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType { public class SVKProtector : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // ?SVKP + (char)0x00 + (char)0x00 - new ContentMatchSet(new byte?[] { 0x3F, 0x53, 0x56, 0x4B, 0x50, 0x00, 0x00 }, "SVK Protector"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // ?SVKP + (char)0x00 + (char)0x00 + new ContentMatchSet(new byte?[] { 0x3F, 0x53, 0x56, 0x4B, 0x50, 0x00, 0x00 }, "SVK Protector"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/SafeDisc.cs b/BurnOutSharp/ProtectionType/SafeDisc.cs index 415d9da2..4bb3eb29 100644 --- a/BurnOutSharp/ProtectionType/SafeDisc.cs +++ b/BurnOutSharp/ProtectionType/SafeDisc.cs @@ -9,49 +9,6 @@ namespace BurnOutSharp.ProtectionType { public class SafeDisc : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - new ContentMatchSet(new List - { - // BoG_ *90.0&!! Yy> - new byte?[] - { - 0x42, 0x6F, 0x47, 0x5F, 0x20, 0x2A, 0x39, 0x30, - 0x2E, 0x30, 0x26, 0x21, 0x21, 0x20, 0x20, 0x59, - 0x79, 0x3E - }, - - // product activation library - new byte?[] - { - 0x70, 0x72, 0x6F, 0x64, 0x75, 0x63, 0x74, 0x20, - 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x69, - 0x6F, 0x6E, 0x20, 0x6C, 0x69, 0x62, 0x72, 0x61, - 0x72, 0x79 - }, - }, GetVersion, "SafeCast"), - - // BoG_ *90.0&!! Yy> - new ContentMatchSet(new byte?[] - { - 0x42, 0x6F, 0x47, 0x5F, 0x20, 0x2A, 0x39, 0x30, - 0x2E, 0x30, 0x26, 0x21, 0x21, 0x20, 0x20, 0x59, - 0x79, 0x3E - }, GetVersion, "SafeDisc"), - - // (char)0x00 + (char)0x00 + BoG_ - new ContentMatchSet(new byte?[] { 0x00, 0x00, 0x42, 0x6F, 0x47, 0x5F }, Get320to4xVersion, "SafeDisc"), - - // stxt774 - new ContentMatchSet(new byte?[] { 0x73, 0x74, 0x78, 0x74, 0x37, 0x37, 0x34 }, Get320to4xVersion, "SafeDisc"), - - // stxt371 - new ContentMatchSet(new byte?[] { 0x73, 0x74, 0x78, 0x74, 0x33, 0x37, 0x31 }, Get320to4xVersion, "SafeDisc"), - }; - /// /// Set of all PathMatchSets for this protection /// @@ -83,7 +40,47 @@ namespace BurnOutSharp.ProtectionType /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + new ContentMatchSet(new List + { + // BoG_ *90.0&!! Yy> + new byte?[] + { + 0x42, 0x6F, 0x47, 0x5F, 0x20, 0x2A, 0x39, 0x30, + 0x2E, 0x30, 0x26, 0x21, 0x21, 0x20, 0x20, 0x59, + 0x79, 0x3E + }, + + // product activation library + new byte?[] + { + 0x70, 0x72, 0x6F, 0x64, 0x75, 0x63, 0x74, 0x20, + 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x69, + 0x6F, 0x6E, 0x20, 0x6C, 0x69, 0x62, 0x72, 0x61, + 0x72, 0x79 + }, + }, GetVersion, "SafeCast"), + + // BoG_ *90.0&!! Yy> + new ContentMatchSet(new byte?[] + { + 0x42, 0x6F, 0x47, 0x5F, 0x20, 0x2A, 0x39, 0x30, + 0x2E, 0x30, 0x26, 0x21, 0x21, 0x20, 0x20, 0x59, + 0x79, 0x3E + }, GetVersion, "SafeDisc"), + + // (char)0x00 + (char)0x00 + BoG_ + new ContentMatchSet(new byte?[] { 0x00, 0x00, 0x42, 0x6F, 0x47, 0x5F }, Get320to4xVersion, "SafeDisc"), + + // stxt774 + new ContentMatchSet(new byte?[] { 0x73, 0x74, 0x78, 0x74, 0x37, 0x37, 0x34 }, Get320to4xVersion, "SafeDisc"), + + // stxt371 + new ContentMatchSet(new byte?[] { 0x73, 0x74, 0x78, 0x74, 0x33, 0x37, 0x31 }, Get320to4xVersion, "SafeDisc"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/SafeLock.cs b/BurnOutSharp/ProtectionType/SafeLock.cs index e0cc0092..08732593 100644 --- a/BurnOutSharp/ProtectionType/SafeLock.cs +++ b/BurnOutSharp/ProtectionType/SafeLock.cs @@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType { public class SafeLock : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // SafeLock - new ContentMatchSet(new byte?[] { 0x53, 0x61, 0x66, 0x65, 0x4C, 0x6F, 0x63, 0x6B }, "SafeLock"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // SafeLock + new ContentMatchSet(new byte?[] { 0x53, 0x61, 0x66, 0x65, 0x4C, 0x6F, 0x63, 0x6B }, "SafeLock"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/SecuROM.cs b/BurnOutSharp/ProtectionType/SecuROM.cs index c395ba2a..186a42e0 100644 --- a/BurnOutSharp/ProtectionType/SecuROM.cs +++ b/BurnOutSharp/ProtectionType/SecuROM.cs @@ -7,55 +7,52 @@ namespace BurnOutSharp.ProtectionType { public class SecuROM : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // AddD + (char)0x03 + (char)0x00 + (char)0x00 + (char)0x00) - new ContentMatchSet(new byte?[] { 0x41, 0x64, 0x64, 0x44, 0x03, 0x00, 0x00, 0x00 }, GetV4Version, "SecuROM"), - - // (char)0xCA + (char)0xDD + (char)0xDD + (char)0xAC + (char)0x03 - new ContentMatchSet(new byte?[] { 0xCA, 0xDD, 0xDD, 0xAC, 0x03 }, GetV5Version, "SecuROM"), - - // .securom + (char)0xE0 + (char)0xC0 - new ContentMatchSet(new byte?[] - { - 0x2E, 0x73, 0x65, 0x63, 0x75, 0x72, 0x6F, 0x6D, - 0xE0, 0xC0 - }, GetV7Version, "SecuROM"), - - // .securom - new ContentMatchSet(new byte?[] { 0x2E, 0x73, 0x65, 0x63, 0x75, 0x72, 0x6F, 0x6D }, GetV7Version, "SecuROM"), - - // _and_play.dll + (char)0x00 + drm_pagui_doit - new ContentMatchSet(new byte?[] - { - 0x5F, 0x61, 0x6E, 0x64, 0x5F, 0x70, 0x6C, 0x61, - 0x79, 0x2E, 0x64, 0x6C, 0x6C, 0x00, 0x64, 0x72, - 0x6D, 0x5F, 0x70, 0x61, 0x67, 0x75, 0x69, 0x5F, - 0x64, 0x6F, 0x69, 0x74 - }, Utilities.GetFileVersion, "SecuROM Product Activation"), - - // S + (char)0x00 + e + (char)0x00 + c + (char)0x00 + u + (char)0x00 + R + (char)0x00 + O + (char)0x00 + M + (char)0x00 + + (char)0x00 + P + (char)0x00 + A + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x53, 0x00, 0x65, 0x00, 0x63, 0x00, 0x75, 0x00, - 0x52, 0x00, 0x4F, 0x00, 0x4D, 0x00, 0x20, 0x00, - 0x50, 0x00, 0x41, 0x00 - }, Utilities.GetFileVersion, "SecuROM Product Activation"), - - // .cms_t + (char)0x00 - new ContentMatchSet(new byte?[] { 0x2E, 0x63, 0x6D, 0x73, 0x5F, 0x74, 0x00 }, "SecuROM 1-3"), - - // .cms_d + (char)0x00 - new ContentMatchSet(new byte?[] { 0x2E, 0x63, 0x6D, 0x73, 0x5F, 0x64, 0x00 }, "SecuROM 1-3"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // AddD + (char)0x03 + (char)0x00 + (char)0x00 + (char)0x00) + new ContentMatchSet(new byte?[] { 0x41, 0x64, 0x64, 0x44, 0x03, 0x00, 0x00, 0x00 }, GetV4Version, "SecuROM"), + + // (char)0xCA + (char)0xDD + (char)0xDD + (char)0xAC + (char)0x03 + new ContentMatchSet(new byte?[] { 0xCA, 0xDD, 0xDD, 0xAC, 0x03 }, GetV5Version, "SecuROM"), + + // .securom + (char)0xE0 + (char)0xC0 + new ContentMatchSet(new byte?[] + { + 0x2E, 0x73, 0x65, 0x63, 0x75, 0x72, 0x6F, 0x6D, + 0xE0, 0xC0 + }, GetV7Version, "SecuROM"), + + // .securom + new ContentMatchSet(new byte?[] { 0x2E, 0x73, 0x65, 0x63, 0x75, 0x72, 0x6F, 0x6D }, GetV7Version, "SecuROM"), + + // _and_play.dll + (char)0x00 + drm_pagui_doit + new ContentMatchSet(new byte?[] + { + 0x5F, 0x61, 0x6E, 0x64, 0x5F, 0x70, 0x6C, 0x61, + 0x79, 0x2E, 0x64, 0x6C, 0x6C, 0x00, 0x64, 0x72, + 0x6D, 0x5F, 0x70, 0x61, 0x67, 0x75, 0x69, 0x5F, + 0x64, 0x6F, 0x69, 0x74 + }, Utilities.GetFileVersion, "SecuROM Product Activation"), + + // S + (char)0x00 + e + (char)0x00 + c + (char)0x00 + u + (char)0x00 + R + (char)0x00 + O + (char)0x00 + M + (char)0x00 + + (char)0x00 + P + (char)0x00 + A + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x53, 0x00, 0x65, 0x00, 0x63, 0x00, 0x75, 0x00, + 0x52, 0x00, 0x4F, 0x00, 0x4D, 0x00, 0x20, 0x00, + 0x50, 0x00, 0x41, 0x00 + }, Utilities.GetFileVersion, "SecuROM Product Activation"), + + // .cms_t + (char)0x00 + new ContentMatchSet(new byte?[] { 0x2E, 0x63, 0x6D, 0x73, 0x5F, 0x74, 0x00 }, "SecuROM 1-3"), + + // .cms_d + (char)0x00 + new ContentMatchSet(new byte?[] { 0x2E, 0x63, 0x6D, 0x73, 0x5F, 0x64, 0x00 }, "SecuROM 1-3"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/SmartE.cs b/BurnOutSharp/ProtectionType/SmartE.cs index c11c30cd..3d5bfce7 100644 --- a/BurnOutSharp/ProtectionType/SmartE.cs +++ b/BurnOutSharp/ProtectionType/SmartE.cs @@ -6,19 +6,16 @@ namespace BurnOutSharp.ProtectionType { public class SmartE : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // BITARTS - new ContentMatchSet(new byte?[] { 0x42, 0x49, 0x54, 0x41, 0x52, 0x54, 0x53 }, "SmartE"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // BITARTS + new ContentMatchSet(new byte?[] { 0x42, 0x49, 0x54, 0x41, 0x52, 0x54, 0x53 }, "SmartE"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/SolidShield.cs b/BurnOutSharp/ProtectionType/SolidShield.cs index 24f0b095..4be20abc 100644 --- a/BurnOutSharp/ProtectionType/SolidShield.cs +++ b/BurnOutSharp/ProtectionType/SolidShield.cs @@ -8,77 +8,6 @@ namespace BurnOutSharp.ProtectionType { public class SolidShield : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // D + (char)0x00 + V + (char)0x00 + M + (char)0x00 + + (char)0x00 + L + (char)0x00 + i + (char)0x00 + b + (char)0x00 + r + (char)0x00 + a + (char)0x00 + r + (char)0x00 + y + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x44, 0x00, 0x56, 0x00, 0x4D, 0x00, 0x20, 0x00, - 0x4C, 0x00, 0x69, 0x00, 0x62, 0x00, 0x72, 0x00, - 0x61, 0x00, 0x72, 0x00, 0x79, 0x00 - }, Utilities.GetFileVersion, "SolidShield"), - - // S + (char)0x00 + o + (char)0x00 + l + (char)0x00 + i + (char)0x00 + d + (char)0x00 + s + (char)0x00 + h + (char)0x00 + i + (char)0x00 + e + (char)0x00 + l + (char)0x00 + d + (char)0x00 + + (char)0x00 + L + (char)0x00 + i + (char)0x00 + b + (char)0x00 + r + (char)0x00 + a + (char)0x00 + r + (char)0x00 + y + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x53, 0x00, 0x6F, 0x00, 0x6C, 0x00, 0x69, 0x00, - 0x64, 0x00, 0x73, 0x00, 0x68, 0x00, 0x69, 0x00, - 0x65, 0x00, 0x6C, 0x00, 0x64, 0x00, 0x20, 0x00, - 0x4C, 0x00, 0x69, 0x00, 0x62, 0x00, 0x72, 0x00, - 0x61, 0x00, 0x72, 0x00, 0x79, 0x00 - }, GetFileVersion, "SolidShield Core.dll"), - - // S + (char)0x00 + o + (char)0x00 + l + (char)0x00 + i + (char)0x00 + d + (char)0x00 + s + (char)0x00 + h + (char)0x00 + i + (char)0x00 + e + (char)0x00 + l + (char)0x00 + d + (char)0x00 + + (char)0x00 + A + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + v + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + L + (char)0x00 + i + (char)0x00 + b + (char)0x00 + r + (char)0x00 + a + (char)0x00 + r + (char)0x00 + y + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x53, 0x00, 0x6F, 0x00, 0x6C, 0x00, 0x69, 0x00, - 0x64, 0x00, 0x73, 0x00, 0x68, 0x00, 0x69, 0x00, - 0x65, 0x00, 0x6C, 0x00, 0x64, 0x00, 0x20, 0x00, - 0x41, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00, - 0x76, 0x00, 0x61, 0x00, 0x74, 0x00, 0x69, 0x00, - 0x6F, 0x00, 0x6E, 0x00, 0x20, 0x00, 0x4C, 0x00, - 0x69, 0x00, 0x62, 0x00, 0x72, 0x00, 0x61, 0x00, - 0x72, 0x00, 0x79, 0x00 - }, GetFileVersion, "SolidShield Core.dll"), - - // (char)0xEF + (char)0xBE + (char)0xAD + (char)0xDE - new ContentMatchSet(new byte?[] { 0xEF, 0xBE, 0xAD, 0xDE }, GetExeWrapperVersion, "SolidShield"), - - // A + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + v + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + M + (char)0x00 + a + (char)0x00 + n + (char)0x00 + a + (char)0x00 + g + (char)0x00 + e + (char)0x00 + r + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x41, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00, - 0x76, 0x00, 0x61, 0x00, 0x74, 0x00, 0x69, 0x00, - 0x6f, 0x00, 0x6e, 0x00, 0x20, 0x00, 0x4d, 0x00, - 0x61, 0x00, 0x6e, 0x00, 0x61, 0x00, 0x67, 0x00, - 0x65, 0x00, 0x72, 0x00 - }, GetFileVersion, "SolidShield Activation Manager Module"), - - // dvm.dll - new ContentMatchSet(new byte?[] { 0x64, 0x76, 0x6D, 0x2E, 0x64, 0x6C, 0x6C }, "SolidShield EXE Wrapper"), - - // (char)0xAD + (char)0xDE + (char)0xFE + (char)0xCA - new ContentMatchSet(new byte?[] { 0xAD, 0xDE, 0xFE, 0xCA }, GetVersionPlusTages, "SolidShield"), - - // Solidshield - new ContentMatchSet(new byte?[] - { - 0x53, 0x6F, 0x6C, 0x69, 0x64, 0x73, 0x68, 0x69, - 0x65, 0x6C, 0x64 - }, GetVersion, "SolidShield"), - - // B + (char)0x00 + I + (char)0x00 + N + (char)0x00 + (char)0x7 + (char)0x00 + I + (char)0x00 + D + (char)0x00 + R + (char)0x00 + _ + (char)0x00 + S + (char)0x00 + G + (char)0x00 + T + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x42, 0x00, 0x49, 0x00, 0x4E, 0x00, 0x07, 0x00, - 0x49, 0x00, 0x44, 0x00, 0x52, 0x00, 0x5F, 0x00, - 0x53, 0x00, 0x47, 0x00, 0x54, 0x00 - }, "SolidShield"), - }; - /// /// Set of all PathMatchSets for this protection /// @@ -93,7 +22,75 @@ namespace BurnOutSharp.ProtectionType /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // D + (char)0x00 + V + (char)0x00 + M + (char)0x00 + + (char)0x00 + L + (char)0x00 + i + (char)0x00 + b + (char)0x00 + r + (char)0x00 + a + (char)0x00 + r + (char)0x00 + y + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x44, 0x00, 0x56, 0x00, 0x4D, 0x00, 0x20, 0x00, + 0x4C, 0x00, 0x69, 0x00, 0x62, 0x00, 0x72, 0x00, + 0x61, 0x00, 0x72, 0x00, 0x79, 0x00 + }, Utilities.GetFileVersion, "SolidShield"), + + // S + (char)0x00 + o + (char)0x00 + l + (char)0x00 + i + (char)0x00 + d + (char)0x00 + s + (char)0x00 + h + (char)0x00 + i + (char)0x00 + e + (char)0x00 + l + (char)0x00 + d + (char)0x00 + + (char)0x00 + L + (char)0x00 + i + (char)0x00 + b + (char)0x00 + r + (char)0x00 + a + (char)0x00 + r + (char)0x00 + y + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x53, 0x00, 0x6F, 0x00, 0x6C, 0x00, 0x69, 0x00, + 0x64, 0x00, 0x73, 0x00, 0x68, 0x00, 0x69, 0x00, + 0x65, 0x00, 0x6C, 0x00, 0x64, 0x00, 0x20, 0x00, + 0x4C, 0x00, 0x69, 0x00, 0x62, 0x00, 0x72, 0x00, + 0x61, 0x00, 0x72, 0x00, 0x79, 0x00 + }, GetFileVersion, "SolidShield Core.dll"), + + // S + (char)0x00 + o + (char)0x00 + l + (char)0x00 + i + (char)0x00 + d + (char)0x00 + s + (char)0x00 + h + (char)0x00 + i + (char)0x00 + e + (char)0x00 + l + (char)0x00 + d + (char)0x00 + + (char)0x00 + A + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + v + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + L + (char)0x00 + i + (char)0x00 + b + (char)0x00 + r + (char)0x00 + a + (char)0x00 + r + (char)0x00 + y + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x53, 0x00, 0x6F, 0x00, 0x6C, 0x00, 0x69, 0x00, + 0x64, 0x00, 0x73, 0x00, 0x68, 0x00, 0x69, 0x00, + 0x65, 0x00, 0x6C, 0x00, 0x64, 0x00, 0x20, 0x00, + 0x41, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00, + 0x76, 0x00, 0x61, 0x00, 0x74, 0x00, 0x69, 0x00, + 0x6F, 0x00, 0x6E, 0x00, 0x20, 0x00, 0x4C, 0x00, + 0x69, 0x00, 0x62, 0x00, 0x72, 0x00, 0x61, 0x00, + 0x72, 0x00, 0x79, 0x00 + }, GetFileVersion, "SolidShield Core.dll"), + + // (char)0xEF + (char)0xBE + (char)0xAD + (char)0xDE + new ContentMatchSet(new byte?[] { 0xEF, 0xBE, 0xAD, 0xDE }, GetExeWrapperVersion, "SolidShield"), + + // A + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + v + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + M + (char)0x00 + a + (char)0x00 + n + (char)0x00 + a + (char)0x00 + g + (char)0x00 + e + (char)0x00 + r + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x41, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00, + 0x76, 0x00, 0x61, 0x00, 0x74, 0x00, 0x69, 0x00, + 0x6f, 0x00, 0x6e, 0x00, 0x20, 0x00, 0x4d, 0x00, + 0x61, 0x00, 0x6e, 0x00, 0x61, 0x00, 0x67, 0x00, + 0x65, 0x00, 0x72, 0x00 + }, GetFileVersion, "SolidShield Activation Manager Module"), + + // dvm.dll + new ContentMatchSet(new byte?[] { 0x64, 0x76, 0x6D, 0x2E, 0x64, 0x6C, 0x6C }, "SolidShield EXE Wrapper"), + + // (char)0xAD + (char)0xDE + (char)0xFE + (char)0xCA + new ContentMatchSet(new byte?[] { 0xAD, 0xDE, 0xFE, 0xCA }, GetVersionPlusTages, "SolidShield"), + + // Solidshield + new ContentMatchSet(new byte?[] + { + 0x53, 0x6F, 0x6C, 0x69, 0x64, 0x73, 0x68, 0x69, + 0x65, 0x6C, 0x64 + }, GetVersion, "SolidShield"), + + // B + (char)0x00 + I + (char)0x00 + N + (char)0x00 + (char)0x7 + (char)0x00 + I + (char)0x00 + D + (char)0x00 + R + (char)0x00 + _ + (char)0x00 + S + (char)0x00 + G + (char)0x00 + T + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x42, 0x00, 0x49, 0x00, 0x4E, 0x00, 0x07, 0x00, + 0x49, 0x00, 0x44, 0x00, 0x52, 0x00, 0x5F, 0x00, + 0x53, 0x00, 0x47, 0x00, 0x54, 0x00 + }, "SolidShield"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/StarForce.cs b/BurnOutSharp/ProtectionType/StarForce.cs index 9de633f4..205c9d33 100644 --- a/BurnOutSharp/ProtectionType/StarForce.cs +++ b/BurnOutSharp/ProtectionType/StarForce.cs @@ -6,15 +6,47 @@ namespace BurnOutSharp.ProtectionType { public class StarForce : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List + /// + public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - new ContentMatchSet(new List + var matchers = new List { + new ContentMatchSet(new List + { + // ( + (char)0x00 + c + (char)0x00 + ) + (char)0x00 + + (char)0x00 + P + (char)0x00 + r + (char)0x00 + o + (char)0x00 + t + (char)0x00 + e + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + T + (char)0x00 + e + (char)0x00 + c + (char)0x00 + h + (char)0x00 + n + (char)0x00 + o + (char)0x00 + l + (char)0x00 + o + (char)0x00 + g + (char)0x00 + y + (char)0x00 + new byte?[] + { + 0x28, 0x00, 0x63, 0x00, 0x29, 0x00, 0x20, 0x00, + 0x50, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x74, 0x00, + 0x65, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00, + 0x6F, 0x00, 0x6E, 0x00, 0x20, 0x00, 0x54, 0x00, + 0x65, 0x00, 0x63, 0x00, 0x68, 0x00, 0x6E, 0x00, + 0x6F, 0x00, 0x6C, 0x00, 0x6F, 0x00, 0x67, 0x00, + 0x79, 0x00 + }, + + // // PSA_GetDiscLabel + // new byte?[] + // { + // 0x50, 0x53, 0x41, 0x5F, 0x47, 0x65, 0x74, 0x44, + // 0x69, 0x73, 0x63, 0x4C, 0x61, 0x62, 0x65, 0x6C + // }, + + // (c) Protection Technology + // new byte?[] + // { + // 0x28, 0x63, 0x29, 0x20, 0x50, 0x72, 0x6F, 0x74, + // 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x54, + // 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, 0x67, + // 0x79 + // }, + + // TradeName + new byte?[] { 0x54, 0x72, 0x61, 0x64, 0x65, 0x4E, 0x61, 0x6D, 0x65 }, + }, GetVersion, "StarForce"), + // ( + (char)0x00 + c + (char)0x00 + ) + (char)0x00 + + (char)0x00 + P + (char)0x00 + r + (char)0x00 + o + (char)0x00 + t + (char)0x00 + e + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + T + (char)0x00 + e + (char)0x00 + c + (char)0x00 + h + (char)0x00 + n + (char)0x00 + o + (char)0x00 + l + (char)0x00 + o + (char)0x00 + g + (char)0x00 + y + (char)0x00 - new byte?[] + new ContentMatchSet(new byte?[] { 0x28, 0x00, 0x63, 0x00, 0x29, 0x00, 0x20, 0x00, 0x50, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x74, 0x00, @@ -23,100 +55,65 @@ namespace BurnOutSharp.ProtectionType 0x65, 0x00, 0x63, 0x00, 0x68, 0x00, 0x6E, 0x00, 0x6F, 0x00, 0x6C, 0x00, 0x6F, 0x00, 0x67, 0x00, 0x79, 0x00 - }, + }, Utilities.GetFileVersion, "StarForce"), - // // PSA_GetDiscLabel - // new byte?[] - // { - // 0x50, 0x53, 0x41, 0x5F, 0x47, 0x65, 0x74, 0x44, - // 0x69, 0x73, 0x63, 0x4C, 0x61, 0x62, 0x65, 0x6C - // }, + new ContentMatchSet(new List + { + // Protection Technology, Ltd. + new byte?[] + { + 0x50, 0x72, 0x6F, 0x74, 0x65, 0x63, 0x74, 0x69, + 0x6F, 0x6E, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E, + 0x6F, 0x6C, 0x6F, 0x67, 0x79, 0x2C, 0x20, 0x4C, + 0x74, 0x64, 0x2E + }, - // (c) Protection Technology - // new byte?[] - // { - // 0x28, 0x63, 0x29, 0x20, 0x50, 0x72, 0x6F, 0x74, - // 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x54, - // 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, 0x67, - // 0x79 - // }, + // // PSA_GetDiscLabel + // new byte?[] + // { + // 0x50, 0x53, 0x41, 0x5F, 0x47, 0x65, 0x74, 0x44, + // 0x69, 0x73, 0x63, 0x4C, 0x61, 0x62, 0x65, 0x6C + // }, - // TradeName - new byte?[] { 0x54, 0x72, 0x61, 0x64, 0x65, 0x4E, 0x61, 0x6D, 0x65 }, - }, GetVersion, "StarForce"), + // (c) Protection Technology + // new byte?[] + // { + // 0x28, 0x63, 0x29, 0x20, 0x50, 0x72, 0x6F, 0x74, + // 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x54, + // 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, 0x67, + // 0x79 + // }, - // ( + (char)0x00 + c + (char)0x00 + ) + (char)0x00 + + (char)0x00 + P + (char)0x00 + r + (char)0x00 + o + (char)0x00 + t + (char)0x00 + e + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + T + (char)0x00 + e + (char)0x00 + c + (char)0x00 + h + (char)0x00 + n + (char)0x00 + o + (char)0x00 + l + (char)0x00 + o + (char)0x00 + g + (char)0x00 + y + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x28, 0x00, 0x63, 0x00, 0x29, 0x00, 0x20, 0x00, - 0x50, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x74, 0x00, - 0x65, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00, - 0x6F, 0x00, 0x6E, 0x00, 0x20, 0x00, 0x54, 0x00, - 0x65, 0x00, 0x63, 0x00, 0x68, 0x00, 0x6E, 0x00, - 0x6F, 0x00, 0x6C, 0x00, 0x6F, 0x00, 0x67, 0x00, - 0x79, 0x00 - }, Utilities.GetFileVersion, "StarForce"), + // TradeName + new byte?[] { 0x54, 0x72, 0x61, 0x64, 0x65, 0x4E, 0x61, 0x6D, 0x65 }, + }, GetVersion, "StarForce"), - new ContentMatchSet(new List - { // Protection Technology, Ltd. - new byte?[] + new ContentMatchSet(new byte?[] { 0x50, 0x72, 0x6F, 0x74, 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, 0x67, 0x79, 0x2C, 0x20, 0x4C, 0x74, 0x64, 0x2E - }, + }, Utilities.GetFileVersion, "StarForce"), - // // PSA_GetDiscLabel - // new byte?[] - // { - // 0x50, 0x53, 0x41, 0x5F, 0x47, 0x65, 0x74, 0x44, - // 0x69, 0x73, 0x63, 0x4C, 0x61, 0x62, 0x65, 0x6C - // }, + // .sforce + new ContentMatchSet(new byte?[] { 0x2E, 0x73, 0x66, 0x6F, 0x72, 0x63, 0x65 }, "StarForce 3-5"), - // (c) Protection Technology - // new byte?[] - // { - // 0x28, 0x63, 0x29, 0x20, 0x50, 0x72, 0x6F, 0x74, - // 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x54, - // 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, 0x67, - // 0x79 - // }, + // .brick + new ContentMatchSet(new byte?[] { 0x2E, 0x62, 0x72, 0x69, 0x63, 0x6B }, "StarForce 3-5"), - // TradeName - new byte?[] { 0x54, 0x72, 0x61, 0x64, 0x65, 0x4E, 0x61, 0x6D, 0x65 }, - }, GetVersion, "StarForce"), + // P + (char)0x00 + r + (char)0x00 + o + (char)0x00 + t + (char)0x00 + e + (char)0x00 + c + (char)0x00 + t + (char)0x00 + e + (char)0x00 + d + (char)0x00 + + (char)0x00 + M + (char)0x00 + o + (char)0x00 + d + (char)0x00 + u + (char)0x00 + l + (char)0x00 + e + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x50, 0x00, 0x72, 0x00, 0x6f, 0x00, 0x74, 0x00, + 0x65, 0x00, 0x63, 0x00, 0x74, 0x00, 0x65, 0x00, + 0x64, 0x00, 0x20, 0x00, 0x4d, 0x00, 0x6f, 0x00, + 0x64, 0x00, 0x75, 0x00, 0x6c, 0x00, 0x65, 0x00 + }, "StarForce 5"), + }; - // Protection Technology, Ltd. - new ContentMatchSet(new byte?[] - { - 0x50, 0x72, 0x6F, 0x74, 0x65, 0x63, 0x74, 0x69, - 0x6F, 0x6E, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E, - 0x6F, 0x6C, 0x6F, 0x67, 0x79, 0x2C, 0x20, 0x4C, - 0x74, 0x64, 0x2E - }, Utilities.GetFileVersion, "StarForce"), - - // .sforce - new ContentMatchSet(new byte?[] { 0x2E, 0x73, 0x66, 0x6F, 0x72, 0x63, 0x65 }, "StarForce 3-5"), - - // .brick - new ContentMatchSet(new byte?[] { 0x2E, 0x62, 0x72, 0x69, 0x63, 0x6B }, "StarForce 3-5"), - - // P + (char)0x00 + r + (char)0x00 + o + (char)0x00 + t + (char)0x00 + e + (char)0x00 + c + (char)0x00 + t + (char)0x00 + e + (char)0x00 + d + (char)0x00 + + (char)0x00 + M + (char)0x00 + o + (char)0x00 + d + (char)0x00 + u + (char)0x00 + l + (char)0x00 + e + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x50, 0x00, 0x72, 0x00, 0x6f, 0x00, 0x74, 0x00, - 0x65, 0x00, 0x63, 0x00, 0x74, 0x00, 0x65, 0x00, - 0x64, 0x00, 0x20, 0x00, 0x4d, 0x00, 0x6f, 0x00, - 0x64, 0x00, 0x75, 0x00, 0x6c, 0x00, 0x65, 0x00 - }, "StarForce 5"), - }; - - /// - public string CheckContents(string file, byte[] fileContent, bool includePosition = false) - { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/Sysiphus.cs b/BurnOutSharp/ProtectionType/Sysiphus.cs index 6a51bec4..1ca62331 100644 --- a/BurnOutSharp/ProtectionType/Sysiphus.cs +++ b/BurnOutSharp/ProtectionType/Sysiphus.cs @@ -5,30 +5,27 @@ namespace BurnOutSharp.ProtectionType { public class Sysiphus : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // V SUHPISYSDVD - new ContentMatchSet(new byte?[] - { - 0x56, 0x20, 0x53, 0x55, 0x48, 0x50, 0x49, 0x53, - 0x59, 0x53, 0x44, 0x56, 0x44 - }, GetVersion, "Sysiphus DVD"), - - // V SUHPISYSDVD - new ContentMatchSet(new byte?[] - { - 0x56, 0x20, 0x53, 0x55, 0x48, 0x50, 0x49, 0x53, - 0x59, 0x53 - }, GetVersion, "Sysiphus"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // V SUHPISYSDVD + new ContentMatchSet(new byte?[] + { + 0x56, 0x20, 0x53, 0x55, 0x48, 0x50, 0x49, 0x53, + 0x59, 0x53, 0x44, 0x56, 0x44 + }, GetVersion, "Sysiphus DVD"), + + // V SUHPISYSDVD + new ContentMatchSet(new byte?[] + { + 0x56, 0x20, 0x53, 0x55, 0x48, 0x50, 0x49, 0x53, + 0x59, 0x53 + }, GetVersion, "Sysiphus"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } public static string GetVersion(string file, byte[] fileContent, List positions) diff --git a/BurnOutSharp/ProtectionType/Tages.cs b/BurnOutSharp/ProtectionType/Tages.cs index ad080eee..877e5705 100644 --- a/BurnOutSharp/ProtectionType/Tages.cs +++ b/BurnOutSharp/ProtectionType/Tages.cs @@ -9,36 +9,33 @@ namespace BurnOutSharp.ProtectionType // TODO: Figure out how to use path check framework here public class Tages : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // protected-tages-runtime.exe - new ContentMatchSet(new byte?[] - { - 0x70, 0x72, 0x6F, 0x74, 0x65, 0x63, 0x74, 0x65, - 0x64, 0x2D, 0x74, 0x61, 0x67, 0x65, 0x73, 0x2D, - 0x72, 0x75, 0x6E, 0x74, 0x69, 0x6D, 0x65, 0x2E, - 0x65, 0x78, 0x65 - }, Utilities.GetFileVersion, "TAGES"), - - // tagesprotection.com - new ContentMatchSet(new byte?[] - { - 0x74, 0x61, 0x67, 0x65, 0x73, 0x70, 0x72, 0x6F, - 0x74, 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x2E, - 0x63, 0x6F, 0x6D - }, Utilities.GetFileVersion, "TAGES"), - - // (char)0xE8 + u + (char)0x00 + (char)0x00 + (char)0x00 + (char)0xE8 - new ContentMatchSet(new byte?[] { 0xE8, 0x75, 0x00, 0x00, 0x00, 0xE8 }, GetVersion, "TAGES"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // protected-tages-runtime.exe + new ContentMatchSet(new byte?[] + { + 0x70, 0x72, 0x6F, 0x74, 0x65, 0x63, 0x74, 0x65, + 0x64, 0x2D, 0x74, 0x61, 0x67, 0x65, 0x73, 0x2D, + 0x72, 0x75, 0x6E, 0x74, 0x69, 0x6D, 0x65, 0x2E, + 0x65, 0x78, 0x65 + }, Utilities.GetFileVersion, "TAGES"), + + // tagesprotection.com + new ContentMatchSet(new byte?[] + { + 0x74, 0x61, 0x67, 0x65, 0x73, 0x70, 0x72, 0x6F, + 0x74, 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x2E, + 0x63, 0x6F, 0x6D + }, Utilities.GetFileVersion, "TAGES"), + + // (char)0xE8 + u + (char)0x00 + (char)0x00 + (char)0x00 + (char)0xE8 + new ContentMatchSet(new byte?[] { 0xE8, 0x75, 0x00, 0x00, 0x00, 0xE8 }, GetVersion, "TAGES"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/ThreePLock.cs b/BurnOutSharp/ProtectionType/ThreePLock.cs index e34e2151..6dc32a72 100644 --- a/BurnOutSharp/ProtectionType/ThreePLock.cs +++ b/BurnOutSharp/ProtectionType/ThreePLock.cs @@ -5,33 +5,30 @@ namespace BurnOutSharp.ProtectionType { public class ThreePLock : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - new ContentMatchSet(new List - { - // .ldr - new byte?[] { 0x2E, 0x6C, 0x64, 0x72 }, - - // .ldt - new byte?[] { 0x2E, 0x6C, 0x64, 0x74 }, - }, "3PLock"), - - // This produced false positives in some DirectX 9.0c installer files - // "Y" + (char)0xC3 + "U" + (char)0x8B + (char)0xEC + (char)0x83 + (char)0xEC + "0SVW" - // new ContentMatchSet(new byte?[] - // { - // 0x59, 0xC3, 0x55, 0x8B, 0xEC, 0x83, 0xEC, 0x30, - // 0x53, 0x56, 0x57 - // }, "3PLock"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + new ContentMatchSet(new List + { + // .ldr + new byte?[] { 0x2E, 0x6C, 0x64, 0x72 }, + + // .ldt + new byte?[] { 0x2E, 0x6C, 0x64, 0x74 }, + }, "3PLock"), + + // This produced false positives in some DirectX 9.0c installer files + // "Y" + (char)0xC3 + "U" + (char)0x8B + (char)0xEC + (char)0x83 + (char)0xEC + "0SVW" + // new ContentMatchSet(new byte?[] + // { + // 0x59, 0xC3, 0x55, 0x8B, 0xEC, 0x83, 0xEC, 0x30, + // 0x53, 0x56, 0x57 + // }, "3PLock"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/ThreeTwoOneStudios.cs b/BurnOutSharp/ProtectionType/ThreeTwoOneStudios.cs index 844daf99..358abdba 100644 --- a/BurnOutSharp/ProtectionType/ThreeTwoOneStudios.cs +++ b/BurnOutSharp/ProtectionType/ThreeTwoOneStudios.cs @@ -5,27 +5,24 @@ namespace BurnOutSharp.ProtectionType { public class ThreeTwoOneStudios : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // 3 + (char)0x00 + 1 + 2 + (char)0x00 + 1 + (char)0x00 + S + (char)0x00 + t + (char)0x00 + u + (char)0x00 + d + (char)0x00 + i + (char)0x00 + o + (char)0x00 + s + (char)0x00 + + (char)0x00 + A + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + v + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 - new ContentMatchSet(new byte?[] - { - 0x33, 0x00, 0x32, 0x00, 0x31, 0x00, 0x53, 0x00, - 0x74, 0x00, 0x75, 0x00, 0x64, 0x00, 0x69, 0x00, - 0x6F, 0x00, 0x73, 0x00, 0x20, 0x00, 0x41, 0x00, - 0x63, 0x00, 0x74, 0x00, 0x69, 0x00, 0x76, 0x00, - 0x61, 0x00, 0x74, 0x00, 0x69, 0x00, 0x6F, 0x00, - 0x6E, 0x00 - }, "321Studios Online Activation"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // 3 + (char)0x00 + 1 + 2 + (char)0x00 + 1 + (char)0x00 + S + (char)0x00 + t + (char)0x00 + u + (char)0x00 + d + (char)0x00 + i + (char)0x00 + o + (char)0x00 + s + (char)0x00 + + (char)0x00 + A + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + v + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + new ContentMatchSet(new byte?[] + { + 0x33, 0x00, 0x32, 0x00, 0x31, 0x00, 0x53, 0x00, + 0x74, 0x00, 0x75, 0x00, 0x64, 0x00, 0x69, 0x00, + 0x6F, 0x00, 0x73, 0x00, 0x20, 0x00, 0x41, 0x00, + 0x63, 0x00, 0x74, 0x00, 0x69, 0x00, 0x76, 0x00, + 0x61, 0x00, 0x74, 0x00, 0x69, 0x00, 0x6F, 0x00, + 0x6E, 0x00 + }, "321Studios Online Activation"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } } diff --git a/BurnOutSharp/ProtectionType/VOBProtectCDDVD.cs b/BurnOutSharp/ProtectionType/VOBProtectCDDVD.cs index 5535da85..f730f208 100644 --- a/BurnOutSharp/ProtectionType/VOBProtectCDDVD.cs +++ b/BurnOutSharp/ProtectionType/VOBProtectCDDVD.cs @@ -10,29 +10,26 @@ namespace BurnOutSharp.ProtectionType { public class VOBProtectCDDVD : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // VOB ProtectCD - new ContentMatchSet(new byte?[] - { - 0x56, 0x4F, 0x42, 0x20, 0x50, 0x72, 0x6F, 0x74, - 0x65, 0x63, 0x74, 0x43, 0x44 - }, GetOldVersion, "VOB ProtectCD/DVD"), - - // DCP-BOV + (char)0x00 + (char)0x00 - new ContentMatchSet(new byte?[] { 0x44, 0x43, 0x50, 0x2D, 0x42, 0x4F, 0x56, 0x00, 0x00 }, GetVersion, "VOB ProtectCD/DVD"), - - // .vob.pcd - new ContentMatchSet(new byte?[] { 0x2E, 0x76, 0x6F, 0x62, 0x2E, 0x70, 0x63, 0x64 }, "VOB ProtectCD"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // VOB ProtectCD + new ContentMatchSet(new byte?[] + { + 0x56, 0x4F, 0x42, 0x20, 0x50, 0x72, 0x6F, 0x74, + 0x65, 0x63, 0x74, 0x43, 0x44 + }, GetOldVersion, "VOB ProtectCD/DVD"), + + // DCP-BOV + (char)0x00 + (char)0x00 + new ContentMatchSet(new byte?[] { 0x44, 0x43, 0x50, 0x2D, 0x42, 0x4F, 0x56, 0x00, 0x00 }, GetVersion, "VOB ProtectCD/DVD"), + + // .vob.pcd + new ContentMatchSet(new byte?[] { 0x2E, 0x76, 0x6F, 0x62, 0x2E, 0x70, 0x63, 0x64 }, "VOB ProtectCD"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/WTMCDProtect.cs b/BurnOutSharp/ProtectionType/WTMCDProtect.cs index d97c0ed2..ca704fa4 100644 --- a/BurnOutSharp/ProtectionType/WTMCDProtect.cs +++ b/BurnOutSharp/ProtectionType/WTMCDProtect.cs @@ -5,40 +5,36 @@ namespace BurnOutSharp.ProtectionType { public class WTMCDProtect : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - - // This string is found in the .imp files associated with this protection. - // WTM76545 - new ContentMatchSet(new byte?[] { 0x57, 0x54, 0x4D, 0x37, 0x36, 0x35, 0x34, 0x35 }, "WTM CD Protect"), - - // Found in the copy protected setup used by this protection. - // wtmdum.imp - new ContentMatchSet(new byte?[] { 0x77, 0x74, 0x6D, 0x64, 0x75, 0x6D, 0x2E, 0x69, 0x6D, 0x70 }, "WTM CD Protect"), - - // WTM DIGITAL Photo Protect - new ContentMatchSet(new byte?[] - { - 0x57, 0x54, 0x4D, 0x20, 0x44, 0x49, 0x47, 0x49, - 0x54, 0x41, 0x4C, 0x20, 0x50, 0x68, 0x6F, 0x74, - 0x6F, 0x20, 0x50, 0x72, 0x6F, 0x74, 0x65, 0x63, - 0x74 - }, "WTM Protection Viewer"), - - // WTM Copy Protection Viewer - new ContentMatchSet(new byte?[] - { - 0x48, 0x61, 0x6E, 0x73, 0x70, 0x65, 0x74, 0x65, 0x72 - }, "WTM Protection Viewer"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // This string is found in the .imp files associated with this protection. + // WTM76545 + new ContentMatchSet(new byte?[] { 0x57, 0x54, 0x4D, 0x37, 0x36, 0x35, 0x34, 0x35 }, "WTM CD Protect"), + + // Found in the copy protected setup used by this protection. + // wtmdum.imp + new ContentMatchSet(new byte?[] { 0x77, 0x74, 0x6D, 0x64, 0x75, 0x6D, 0x2E, 0x69, 0x6D, 0x70 }, "WTM CD Protect"), + + // WTM DIGITAL Photo Protect + new ContentMatchSet(new byte?[] + { + 0x57, 0x54, 0x4D, 0x20, 0x44, 0x49, 0x47, 0x49, + 0x54, 0x41, 0x4C, 0x20, 0x50, 0x68, 0x6F, 0x74, + 0x6F, 0x20, 0x50, 0x72, 0x6F, 0x74, 0x65, 0x63, + 0x74 + }, "WTM Protection Viewer"), + + // WTM Copy Protection Viewer + new ContentMatchSet(new byte?[] + { + 0x48, 0x61, 0x6E, 0x73, 0x70, 0x65, 0x74, 0x65, 0x72 + }, "WTM Protection Viewer"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/XCP.cs b/BurnOutSharp/ProtectionType/XCP.cs index 15a2ac60..e9924066 100644 --- a/BurnOutSharp/ProtectionType/XCP.cs +++ b/BurnOutSharp/ProtectionType/XCP.cs @@ -10,43 +10,39 @@ namespace BurnOutSharp.ProtectionType // TODO: Figure out how to use path check framework here public class XCP : IContentCheck, IPathCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - - // Found in GO.EXE - // XCP.DAT - new ContentMatchSet(new byte?[] { 0x58, 0x43, 0x50, 0x2E, 0x44, 0x41, 0x54 }, "XCP"), - - // Found in GO.EXE - // XCPPlugins.dll - new ContentMatchSet(new byte?[] - { - 0x58, 0x43, 0x50, 0x50, 0x6C, 0x75, 0x67, 0x69, - 0x6E, 0x73, 0x2E, 0x64, 0x6C, 0x6C - }, "XCP"), - - // Found in GO.EXE - // XCPPhoenix.dll - new ContentMatchSet(new byte?[] - { - 0x58, 0x43, 0x50, 0x50, 0x68, 0x6F, 0x65, 0x6E, - 0x69, 0x78, 0x2E, 0x64, 0x6C, 0x6C - }, "XCP"), - - // xcpdrive - new ContentMatchSet(new byte?[] - { - 0x78, 0x63, 0x70, 0x64, 0x72, 0x69, 0x76, 0x65 - }, "XCP"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // Found in GO.EXE + // XCP.DAT + new ContentMatchSet(new byte?[] { 0x58, 0x43, 0x50, 0x2E, 0x44, 0x41, 0x54 }, "XCP"), + + // Found in GO.EXE + // XCPPlugins.dll + new ContentMatchSet(new byte?[] + { + 0x58, 0x43, 0x50, 0x50, 0x6C, 0x75, 0x67, 0x69, + 0x6E, 0x73, 0x2E, 0x64, 0x6C, 0x6C + }, "XCP"), + + // Found in GO.EXE + // XCPPhoenix.dll + new ContentMatchSet(new byte?[] + { + 0x58, 0x43, 0x50, 0x50, 0x68, 0x6F, 0x65, 0x6E, + 0x69, 0x78, 0x2E, 0x64, 0x6C, 0x6C + }, "XCP"), + + // xcpdrive + new ContentMatchSet(new byte?[] + { + 0x78, 0x63, 0x70, 0x64, 0x72, 0x69, 0x76, 0x65 + }, "XCP"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } /// diff --git a/BurnOutSharp/ProtectionType/XtremeProtector.cs b/BurnOutSharp/ProtectionType/XtremeProtector.cs index 0793eb04..09a3611e 100644 --- a/BurnOutSharp/ProtectionType/XtremeProtector.cs +++ b/BurnOutSharp/ProtectionType/XtremeProtector.cs @@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType { public class XtremeProtector : IContentCheck { - /// - /// Set of all ContentMatchSets for this protection - /// - private static readonly List contentMatchers = new List - { - // XPROT - new ContentMatchSet(new byte?[] { 0x58, 0x50, 0x52, 0x4F, 0x54, 0x20, 0x20, 0x20 }, "Xtreme-Protector"), - }; - /// public string CheckContents(string file, byte[] fileContent, bool includePosition = false) { - return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition); + var matchers = new List + { + // XPROT + new ContentMatchSet(new byte?[] { 0x58, 0x50, 0x52, 0x4F, 0x54, 0x20, 0x20, 0x20 }, "Xtreme-Protector"), + }; + + return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition); } } }