From 439c141c2ce14fe5a8342e56a13050d389a7acdb Mon Sep 17 00:00:00 2001 From: Matt Nadareski Date: Thu, 9 Mar 2023 23:52:58 -0500 Subject: [PATCH] Move packer scans to their own library --- .../PackerType => BinaryObjectScanner.Packer}/ASPack.cs | 2 +- .../AdvancedInstaller.cs | 2 +- .../PackerType => BinaryObjectScanner.Packer}/Armadillo.cs | 2 +- .../AutoPlayMediaStudio.cs | 2 +- BinaryObjectScanner.Packer/BinaryObjectScanner.Packer.csproj | 4 ++++ .../PackerType => BinaryObjectScanner.Packer}/CExe.cs | 2 +- .../PackerType => BinaryObjectScanner.Packer}/EXEStealth.cs | 2 +- .../EmbeddedExecutable.cs | 2 +- .../GenteeInstaller.cs | 2 +- .../HyperTechCrackProof.cs | 2 +- .../PackerType => BinaryObjectScanner.Packer}/InnoSetup.cs | 2 +- .../InstallAnywhere.cs | 2 +- .../InstallerVISE.cs | 2 +- .../IntelInstallationFramework.cs | 2 +- .../MicrosoftCABSFX.cs | 2 +- .../PackerType => BinaryObjectScanner.Packer}/NSIS.cs | 2 +- .../PackerType => BinaryObjectScanner.Packer}/PECompact.cs | 2 +- .../PackerType => BinaryObjectScanner.Packer}/Petite.cs | 2 +- .../SetupFactory.cs | 2 +- .../PackerType => BinaryObjectScanner.Packer}/SevenZipSFX.cs | 2 +- .../PackerType => BinaryObjectScanner.Packer}/Shrinker.cs | 2 +- .../PackerType => BinaryObjectScanner.Packer}/UPX.cs | 2 +- .../PackerType => BinaryObjectScanner.Packer}/WinRARSFX.cs | 2 +- .../PackerType => BinaryObjectScanner.Packer}/WinZipSFX.cs | 2 +- .../WiseInstaller.cs | 2 +- .../PackerType => BinaryObjectScanner.Packer}/dotFuscator.cs | 2 +- BurnOutSharp/BurnOutSharp.csproj | 5 ++++- BurnOutSharp/ScanningClasses.cs | 4 +++- Coding Guide.md | 4 ++-- Developer Guide.md | 5 +++-- 30 files changed, 41 insertions(+), 31 deletions(-) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/ASPack.cs (99%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/AdvancedInstaller.cs (97%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/Armadillo.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/AutoPlayMediaStudio.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/CExe.cs (99%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/EXEStealth.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/EmbeddedExecutable.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/GenteeInstaller.cs (97%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/HyperTechCrackProof.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/InnoSetup.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/InstallAnywhere.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/InstallerVISE.cs (97%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/IntelInstallationFramework.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/MicrosoftCABSFX.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/NSIS.cs (97%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/PECompact.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/Petite.cs (97%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/SetupFactory.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/SevenZipSFX.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/Shrinker.cs (97%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/UPX.cs (99%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/WinRARSFX.cs (98%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/WinZipSFX.cs (99%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/WiseInstaller.cs (99%) rename {BurnOutSharp/PackerType => BinaryObjectScanner.Packer}/dotFuscator.cs (97%) diff --git a/BurnOutSharp/PackerType/ASPack.cs b/BinaryObjectScanner.Packer/ASPack.cs similarity index 99% rename from BurnOutSharp/PackerType/ASPack.cs rename to BinaryObjectScanner.Packer/ASPack.cs index e6dd2b8b..5c311286 100644 --- a/BurnOutSharp/PackerType/ASPack.cs +++ b/BinaryObjectScanner.Packer/ASPack.cs @@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Matching; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction public class ASPack : IExtractable, IPortableExecutableCheck diff --git a/BurnOutSharp/PackerType/AdvancedInstaller.cs b/BinaryObjectScanner.Packer/AdvancedInstaller.cs similarity index 97% rename from BurnOutSharp/PackerType/AdvancedInstaller.cs rename to BinaryObjectScanner.Packer/AdvancedInstaller.cs index 98279221..f4904b30 100644 --- a/BurnOutSharp/PackerType/AdvancedInstaller.cs +++ b/BinaryObjectScanner.Packer/AdvancedInstaller.cs @@ -4,7 +4,7 @@ using System.Linq; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction // TODO: Verify that all versions are detected diff --git a/BurnOutSharp/PackerType/Armadillo.cs b/BinaryObjectScanner.Packer/Armadillo.cs similarity index 98% rename from BurnOutSharp/PackerType/Armadillo.cs rename to BinaryObjectScanner.Packer/Armadillo.cs index 2c07ac2a..1fc45d2b 100644 --- a/BurnOutSharp/PackerType/Armadillo.cs +++ b/BinaryObjectScanner.Packer/Armadillo.cs @@ -4,7 +4,7 @@ using System.Linq; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction // TODO: Add version checking, if possible diff --git a/BurnOutSharp/PackerType/AutoPlayMediaStudio.cs b/BinaryObjectScanner.Packer/AutoPlayMediaStudio.cs similarity index 98% rename from BurnOutSharp/PackerType/AutoPlayMediaStudio.cs rename to BinaryObjectScanner.Packer/AutoPlayMediaStudio.cs index ce38707d..981371c0 100644 --- a/BurnOutSharp/PackerType/AutoPlayMediaStudio.cs +++ b/BinaryObjectScanner.Packer/AutoPlayMediaStudio.cs @@ -3,7 +3,7 @@ using System.IO; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // Created by IndigoRose (creators of Setup Factory), primarily to be used to create autorun menus for various media. // Official website: https://www.autoplay.org/ diff --git a/BinaryObjectScanner.Packer/BinaryObjectScanner.Packer.csproj b/BinaryObjectScanner.Packer/BinaryObjectScanner.Packer.csproj index 01b7860e..83923aeb 100644 --- a/BinaryObjectScanner.Packer/BinaryObjectScanner.Packer.csproj +++ b/BinaryObjectScanner.Packer/BinaryObjectScanner.Packer.csproj @@ -20,6 +20,10 @@ true + + + + diff --git a/BurnOutSharp/PackerType/CExe.cs b/BinaryObjectScanner.Packer/CExe.cs similarity index 99% rename from BurnOutSharp/PackerType/CExe.cs rename to BinaryObjectScanner.Packer/CExe.cs index 96ac3da3..bef925f9 100644 --- a/BurnOutSharp/PackerType/CExe.cs +++ b/BinaryObjectScanner.Packer/CExe.cs @@ -8,7 +8,7 @@ using BinaryObjectScanner.Matching; using BinaryObjectScanner.Wrappers; using ICSharpCode.SharpZipLib.Zip.Compression; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // The official website for CExe also includes the source code (which does have to be retrieved by the Wayback Machine) // http://www.scottlu.com/Content/CExe.html diff --git a/BurnOutSharp/PackerType/EXEStealth.cs b/BinaryObjectScanner.Packer/EXEStealth.cs similarity index 98% rename from BurnOutSharp/PackerType/EXEStealth.cs rename to BinaryObjectScanner.Packer/EXEStealth.cs index 352f17c6..4ac29fbf 100644 --- a/BurnOutSharp/PackerType/EXEStealth.cs +++ b/BinaryObjectScanner.Packer/EXEStealth.cs @@ -4,7 +4,7 @@ using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Matching; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Figure out how to more granularly determine versions like PiD // TODO: Detect 3.15 and up (maybe looking for `Metamorphism`) diff --git a/BurnOutSharp/PackerType/EmbeddedExecutable.cs b/BinaryObjectScanner.Packer/EmbeddedExecutable.cs similarity index 98% rename from BurnOutSharp/PackerType/EmbeddedExecutable.cs rename to BinaryObjectScanner.Packer/EmbeddedExecutable.cs index 6c6e7db6..6b428df2 100644 --- a/BurnOutSharp/PackerType/EmbeddedExecutable.cs +++ b/BinaryObjectScanner.Packer/EmbeddedExecutable.cs @@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Matching; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { /// /// Though not technically a packer, this detection is for any executables that include diff --git a/BurnOutSharp/PackerType/GenteeInstaller.cs b/BinaryObjectScanner.Packer/GenteeInstaller.cs similarity index 97% rename from BurnOutSharp/PackerType/GenteeInstaller.cs rename to BinaryObjectScanner.Packer/GenteeInstaller.cs index 7406567a..cd128bfc 100644 --- a/BurnOutSharp/PackerType/GenteeInstaller.cs +++ b/BinaryObjectScanner.Packer/GenteeInstaller.cs @@ -4,7 +4,7 @@ using System.Linq; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction // https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt diff --git a/BurnOutSharp/PackerType/HyperTechCrackProof.cs b/BinaryObjectScanner.Packer/HyperTechCrackProof.cs similarity index 98% rename from BurnOutSharp/PackerType/HyperTechCrackProof.cs rename to BinaryObjectScanner.Packer/HyperTechCrackProof.cs index 5e64e32e..78aa25f9 100644 --- a/BurnOutSharp/PackerType/HyperTechCrackProof.cs +++ b/BinaryObjectScanner.Packer/HyperTechCrackProof.cs @@ -3,7 +3,7 @@ using System.Linq; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // CrackProof is a packer/obfuscator created by Japanese company HyperTech (https://www.hypertech.co.jp/products/windows/). // It is known to be used along with other DRM, such as Shury2 (Redump entry 97135) and BDL. diff --git a/BurnOutSharp/PackerType/InnoSetup.cs b/BinaryObjectScanner.Packer/InnoSetup.cs similarity index 98% rename from BurnOutSharp/PackerType/InnoSetup.cs rename to BinaryObjectScanner.Packer/InnoSetup.cs index df59afb6..3bfe6a6b 100644 --- a/BurnOutSharp/PackerType/InnoSetup.cs +++ b/BinaryObjectScanner.Packer/InnoSetup.cs @@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Matching; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction - https://github.com/dscharrer/InnoExtract // https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt diff --git a/BurnOutSharp/PackerType/InstallAnywhere.cs b/BinaryObjectScanner.Packer/InstallAnywhere.cs similarity index 98% rename from BurnOutSharp/PackerType/InstallAnywhere.cs rename to BinaryObjectScanner.Packer/InstallAnywhere.cs index 839a257f..48aa0b0d 100644 --- a/BurnOutSharp/PackerType/InstallAnywhere.cs +++ b/BinaryObjectScanner.Packer/InstallAnywhere.cs @@ -3,7 +3,7 @@ using System.IO; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction, which may be possible with the current libraries but needs to be investigated further. // https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt diff --git a/BurnOutSharp/PackerType/InstallerVISE.cs b/BinaryObjectScanner.Packer/InstallerVISE.cs similarity index 97% rename from BurnOutSharp/PackerType/InstallerVISE.cs rename to BinaryObjectScanner.Packer/InstallerVISE.cs index eb671c86..a302ebff 100644 --- a/BurnOutSharp/PackerType/InstallerVISE.cs +++ b/BinaryObjectScanner.Packer/InstallerVISE.cs @@ -4,7 +4,7 @@ using System.Linq; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction - https://github.com/Bioruebe/UniExtract2 // https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt diff --git a/BurnOutSharp/PackerType/IntelInstallationFramework.cs b/BinaryObjectScanner.Packer/IntelInstallationFramework.cs similarity index 98% rename from BurnOutSharp/PackerType/IntelInstallationFramework.cs rename to BinaryObjectScanner.Packer/IntelInstallationFramework.cs index 9343463f..8a4c39ea 100644 --- a/BurnOutSharp/PackerType/IntelInstallationFramework.cs +++ b/BinaryObjectScanner.Packer/IntelInstallationFramework.cs @@ -3,7 +3,7 @@ using System.IO; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction, seems to primarily use MSZip compression. public class IntelInstallationFramework : IExtractable, IPortableExecutableCheck diff --git a/BurnOutSharp/PackerType/MicrosoftCABSFX.cs b/BinaryObjectScanner.Packer/MicrosoftCABSFX.cs similarity index 98% rename from BurnOutSharp/PackerType/MicrosoftCABSFX.cs rename to BinaryObjectScanner.Packer/MicrosoftCABSFX.cs index 0acdbc42..bcbc5a9c 100644 --- a/BurnOutSharp/PackerType/MicrosoftCABSFX.cs +++ b/BinaryObjectScanner.Packer/MicrosoftCABSFX.cs @@ -5,7 +5,7 @@ using System.Linq; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction, which should be possible with LibMSPackN, but it refuses to extract due to SFX files lacking the typical CAB identifiers. // https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt diff --git a/BurnOutSharp/PackerType/NSIS.cs b/BinaryObjectScanner.Packer/NSIS.cs similarity index 97% rename from BurnOutSharp/PackerType/NSIS.cs rename to BinaryObjectScanner.Packer/NSIS.cs index b8bc97b4..418bd14b 100644 --- a/BurnOutSharp/PackerType/NSIS.cs +++ b/BinaryObjectScanner.Packer/NSIS.cs @@ -4,7 +4,7 @@ using System.Linq; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction public class NSIS : IExtractable, IPortableExecutableCheck diff --git a/BurnOutSharp/PackerType/PECompact.cs b/BinaryObjectScanner.Packer/PECompact.cs similarity index 98% rename from BurnOutSharp/PackerType/PECompact.cs rename to BinaryObjectScanner.Packer/PECompact.cs index 535ac146..7e5adaa0 100644 --- a/BurnOutSharp/PackerType/PECompact.cs +++ b/BinaryObjectScanner.Packer/PECompact.cs @@ -2,7 +2,7 @@ using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Better version detection - https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt // TODO: Add extraction diff --git a/BurnOutSharp/PackerType/Petite.cs b/BinaryObjectScanner.Packer/Petite.cs similarity index 97% rename from BurnOutSharp/PackerType/Petite.cs rename to BinaryObjectScanner.Packer/Petite.cs index 2c0a65a5..09e2ac9e 100644 --- a/BurnOutSharp/PackerType/Petite.cs +++ b/BinaryObjectScanner.Packer/Petite.cs @@ -2,7 +2,7 @@ using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction // https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt diff --git a/BurnOutSharp/PackerType/SetupFactory.cs b/BinaryObjectScanner.Packer/SetupFactory.cs similarity index 98% rename from BurnOutSharp/PackerType/SetupFactory.cs rename to BinaryObjectScanner.Packer/SetupFactory.cs index 22cc22d6..2614e454 100644 --- a/BurnOutSharp/PackerType/SetupFactory.cs +++ b/BinaryObjectScanner.Packer/SetupFactory.cs @@ -3,7 +3,7 @@ using System.IO; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction, which is possible but the only tools available that can // do this seem to be Universal Extractor 2 and InstallExplorer (https://totalcmd.net/plugring/InstallExplorer.html) diff --git a/BurnOutSharp/PackerType/SevenZipSFX.cs b/BinaryObjectScanner.Packer/SevenZipSFX.cs similarity index 98% rename from BurnOutSharp/PackerType/SevenZipSFX.cs rename to BinaryObjectScanner.Packer/SevenZipSFX.cs index 8b3e102e..9992017d 100644 --- a/BurnOutSharp/PackerType/SevenZipSFX.cs +++ b/BinaryObjectScanner.Packer/SevenZipSFX.cs @@ -3,7 +3,7 @@ using System.Linq; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction public class SevenZipSFX : IExtractable, IPortableExecutableCheck diff --git a/BurnOutSharp/PackerType/Shrinker.cs b/BinaryObjectScanner.Packer/Shrinker.cs similarity index 97% rename from BurnOutSharp/PackerType/Shrinker.cs rename to BinaryObjectScanner.Packer/Shrinker.cs index 22f73b13..c12728db 100644 --- a/BurnOutSharp/PackerType/Shrinker.cs +++ b/BinaryObjectScanner.Packer/Shrinker.cs @@ -2,7 +2,7 @@ using System.IO; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction // https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt diff --git a/BurnOutSharp/PackerType/UPX.cs b/BinaryObjectScanner.Packer/UPX.cs similarity index 99% rename from BurnOutSharp/PackerType/UPX.cs rename to BinaryObjectScanner.Packer/UPX.cs index ee4572ae..a14cf34e 100644 --- a/BurnOutSharp/PackerType/UPX.cs +++ b/BinaryObjectScanner.Packer/UPX.cs @@ -6,7 +6,7 @@ using System.Text.RegularExpressions; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction // https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt diff --git a/BurnOutSharp/PackerType/WinRARSFX.cs b/BinaryObjectScanner.Packer/WinRARSFX.cs similarity index 98% rename from BurnOutSharp/PackerType/WinRARSFX.cs rename to BinaryObjectScanner.Packer/WinRARSFX.cs index 1f113836..32135726 100644 --- a/BurnOutSharp/PackerType/WinRARSFX.cs +++ b/BinaryObjectScanner.Packer/WinRARSFX.cs @@ -6,7 +6,7 @@ using BinaryObjectScanner.Wrappers; using SharpCompress.Archives; using SharpCompress.Archives.Rar; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { public class WinRARSFX : IExtractable, IPortableExecutableCheck { diff --git a/BurnOutSharp/PackerType/WinZipSFX.cs b/BinaryObjectScanner.Packer/WinZipSFX.cs similarity index 99% rename from BurnOutSharp/PackerType/WinZipSFX.cs rename to BinaryObjectScanner.Packer/WinZipSFX.cs index 372d7ab7..180b2dcf 100644 --- a/BurnOutSharp/PackerType/WinZipSFX.cs +++ b/BinaryObjectScanner.Packer/WinZipSFX.cs @@ -7,7 +7,7 @@ using BinaryObjectScanner.Wrappers; using SharpCompress.Archives; using SharpCompress.Archives.Zip; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { public class WinZipSFX : IExtractable, INewExecutableCheck, IPortableExecutableCheck { diff --git a/BurnOutSharp/PackerType/WiseInstaller.cs b/BinaryObjectScanner.Packer/WiseInstaller.cs similarity index 99% rename from BurnOutSharp/PackerType/WiseInstaller.cs rename to BinaryObjectScanner.Packer/WiseInstaller.cs index a1d520fa..f4810064 100644 --- a/BurnOutSharp/PackerType/WiseInstaller.cs +++ b/BinaryObjectScanner.Packer/WiseInstaller.cs @@ -8,7 +8,7 @@ using BinaryObjectScanner.Utilities; using BinaryObjectScanner.Wrappers; using Wise = WiseUnpacker.WiseUnpacker; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt public class WiseInstaller : IExtractable, INewExecutableCheck, IPortableExecutableCheck diff --git a/BurnOutSharp/PackerType/dotFuscator.cs b/BinaryObjectScanner.Packer/dotFuscator.cs similarity index 97% rename from BurnOutSharp/PackerType/dotFuscator.cs rename to BinaryObjectScanner.Packer/dotFuscator.cs index 0f46d54f..dbe98369 100644 --- a/BurnOutSharp/PackerType/dotFuscator.cs +++ b/BinaryObjectScanner.Packer/dotFuscator.cs @@ -4,7 +4,7 @@ using System.Linq; using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Wrappers; -namespace BurnOutSharp.PackerType +namespace BinaryObjectScanner.Packer { // TODO: Add extraction public class dotFuscator : IExtractable, IPortableExecutableCheck diff --git a/BurnOutSharp/BurnOutSharp.csproj b/BurnOutSharp/BurnOutSharp.csproj index c8aca59b..1ddd3004 100644 --- a/BurnOutSharp/BurnOutSharp.csproj +++ b/BurnOutSharp/BurnOutSharp.csproj @@ -32,7 +32,6 @@ all - @@ -78,6 +77,10 @@ runtime; build; native; contentfiles; analyzers; buildtransitive all + + runtime; build; native; contentfiles; analyzers; buildtransitive + all + runtime; build; native; contentfiles; analyzers; buildtransitive all diff --git a/BurnOutSharp/ScanningClasses.cs b/BurnOutSharp/ScanningClasses.cs index e8173b3c..7f848457 100644 --- a/BurnOutSharp/ScanningClasses.cs +++ b/BurnOutSharp/ScanningClasses.cs @@ -120,7 +120,9 @@ namespace BurnOutSharp /// Initialize all implementations of a type /// private static IEnumerable InitCheckClasses() - => InitCheckClasses(Assembly.GetExecutingAssembly()).Concat(InitCheckClasses(typeof(BinaryObjectScanner.Protection._DUMMY).Assembly)); + => InitCheckClasses(Assembly.GetExecutingAssembly()) + .Concat(InitCheckClasses(typeof(BinaryObjectScanner.Packer._DUMMY).Assembly)) + .Concat(InitCheckClasses(typeof(BinaryObjectScanner.Protection._DUMMY).Assembly)); /// /// Initialize all implementations of a type diff --git a/Coding Guide.md b/Coding Guide.md index d2aac588..5b6da79e 100644 --- a/Coding Guide.md +++ b/Coding Guide.md @@ -320,7 +320,6 @@ This section contains information on project and class organization principles t | `BurnOutSharp` | One file per class. See below for details on subdirectories. | | `BurnOutSharp/External` | One directory per external project. | | `BurnOutSharp/FileType` | One file per file type. | -| `BurnOutSharp/PackerType` | At least one file per packer type. Partial classes allowed. | | `BurnOutSharp/Tools` | Two files - one for extension methods and one for utilities. | | `BinaryObjectScanner.ASN1` | Flat directory structure. | | `BinaryObjectScanner.Builders` | One file per executable type. | @@ -328,6 +327,7 @@ This section contains information on project and class organization principles t | `BinaryObjectScanner.Interfaces` | One file per interface. | | `BinaryObjectScanner.Matching` | Flat directory structure. Include interfaces and base classes. | | `BinaryObjectScanner.Models` | One directory per executable type. One file per object model. | +| `BinaryObjectScanner.Packer` | At least one file per packer type. Partial classes allowed. | | `BinaryObjectScanner.Protection` | At least one file per protection type. Partial classes allowed. | | `BinaryObjectScanner.Utilities` | Flat directory structure. | | `BinaryObjectScanner.Wrappers` | One file per executable type. Common functionality goes in `WrapperBase.cs`. | @@ -344,7 +344,6 @@ This section contains information on in-code organization principles that depend | --- | --- | | `BurnOutSharp` | Varies from file to file. | | `BurnOutSharp/FileType` | `IExtractable` implementations, `IScannable` implementations, helper methods. | -| `BurnOutSharp/PackerType` | `IContentCheck` implementations, `ILinearExecutableCheck` implementations, `INewExecutableCheck` implementations, `IPortableExecutableCheck` implementations, `IPathCheck` implementations, `IExtractable` implementations, helper methods. | | `BurnOutSharp/Tools` | Methods grouped by function. Regions ordered alphabetically. | | `BinaryObjectScanner.ASN1` | Partial classes suggested for different implmentations. | | `BinaryObjectScanner.Builders` | Two copies of each non-generic method: one for byte arrays and one for Streams. | @@ -352,6 +351,7 @@ This section contains information on in-code organization principles that depend | `BinaryObjectScanner.Interfaces` | Methods ordered alphabetically. | | `BinaryObjectScanner.Matching` | Varies from file to file. | | `BinaryObjectScanner.Models` | No methods at all, just properties. | +| `BinaryObjectScanner.Packer` | `IContentCheck` implementations, `ILinearExecutableCheck` implementations, `INewExecutableCheck` implementations, `IPortableExecutableCheck` implementations, `IPathCheck` implementations, `IExtractable` implementations, helper methods. | | `BinaryObjectScanner.Protection` | `IContentCheck` implementations, `ILinearExecutableCheck` implementations, `INewExecutableCheck` implementations, `IPortableExecutableCheck` implementations, `IPathCheck` implementations, `IExtractable` implementations, helper methods. | | `BinaryObjectScanner.Utilities` | Varies from file to file. | | `BurnOutSharp.Wrappers` | Follow region and method grouping from existing wrappers. | diff --git a/Developer Guide.md b/Developer Guide.md index 82f09677..2516c3fd 100644 --- a/Developer Guide.md +++ b/Developer Guide.md @@ -8,13 +8,14 @@ This is a guide for any developers who wish to research protections, implement n | Project | Description | | --- | --- | -| `BurnOutSharp` | Main library that contains all supported file formats and packers. It also houses most of the utilities and structures needed when `BurnOutSharp` is used by another project. Many code additions will happen here. | +| `BurnOutSharp` | Main library that contains all supported file formats. It also houses most of the utilities and structures needed when `BurnOutSharp` is used by another project. Some code additions will happen here. | | `BinaryObjectScanner.ASN1` | Library containing classes and methods associated with Abstract Syntax Notation One and OID parsing. | | `BinaryObjectScanner.Builder` | Library containing classes that assist in populating the various object models defined in `BinaryObjectScanner.Models`. Builders can work with either byte arrays or streams for input. At the time of writing, the following executable types have builders: **MS-DOS**, **New Executable**, **Portable Executable**. | | `BinaryObjectScanner.Compression` | Library containing classes that deal with different compression formats. This library is used extensively by the wrappers in `BinaryObjectScanner.Wrappers`. | | `BinaryObjectScanner.Interfaces` | Library containing interface definitions for scanning and detection. | | `BinaryObjectScanner.Matching` | Library containing models and logic for generic searching and matching. This library is used extensively by the packer and protection checks in `BurnOutSharp`. | | `BinaryObjectScanner.Models` | Library containing object models that represent various pieces of known executable formats. At the time of writing, the following executable types have models: **MS-DOS**, **New Executable**, **Linear Executable (partial)**, **Portable Executable**. | +| `BinaryObjectScanner.Packer` | Library containing packer scanning definitions. | | `BinaryObjectScanner.Protection` | Library containing protection scanning definitions. | | `BinaryObjectScanner.Utilities` | Library containing helper and extension methods that don't rely on any other libraries. | | `BinaryObjectScanner.Wrappers` | Library that acts as a custom wrapper around both `BinaryObjectScanner.Builder` and `BinaryObjectScanner.Models` that allows for easier access to executable information. Each of the wrappers may also include additional functionality that would not otherwise be found in the models, e.g. Data and string reading from sections. | @@ -89,7 +90,7 @@ Adding a new checker or format should happen in a few distinct steps: - If it is a new supported file type (such as an archive format), create the file in `BurnOutSharp/FileType/`. By default, you will need to implement `BurnOutSharp.Interfaces.IScannable` or `BinaryObjectScanner.Interfaces.IExtractable`. Do not implement any other interfaces. Please consider asking project maintainers before doing this work, especially if there are external dependencies. - - If it is a new supported executable packer, compressor, or installer format, create the file in `BurnOutSharp/PackerType/`. By default, you will need to implement `BinaryObjectScanner.Interfaces.IExtractable` as well as at least one of: `BinaryObjectScanner.Interfaces.ILinearExecutableCheck`, `BinaryObjectScanner.Interfaces.INewExecutableCheck`, and `BinaryObjectScanner.Interfaces.IPortableExecutableCheck`. It is exceptionally rare to need to implement `BinaryObjectScanner.Interfaces.IPathCheck`. + - If it is a new supported executable packer, compressor, or installer format, create the file in `BinaryObjectScanner.Packer`. By default, you will need to implement `BinaryObjectScanner.Interfaces.IExtractable` as well as at least one of: `BinaryObjectScanner.Interfaces.ILinearExecutableCheck`, `BinaryObjectScanner.Interfaces.INewExecutableCheck`, and `BinaryObjectScanner.Interfaces.IPortableExecutableCheck`. It is exceptionally rare to need to implement `BinaryObjectScanner.Interfaces.IPathCheck`. - If it is a new supported DRM scheme, copy protection, or obfuscator, create the file in `BinaryObjectScanner.Protection`. By default, you will need to implement at least one of:`BinaryObjectScanner.Interfaces.ILinearExecutableCheck`, `BinaryObjectScanner.Interfaces.INewExecutableCheck`, `BinaryObjectScanner.Interfaces.IPortableExecutableCheck`, and `BinaryObjectScanner.Interfaces.IPathCheck`. It is exceptionally rare to need to implement `BinaryObjectScanner.Interfaces.Extractable`.