From 47f423d092d798350201962fc5318438b834407d Mon Sep 17 00:00:00 2001 From: Matt Nadareski Date: Wed, 15 Mar 2023 12:55:08 -0400 Subject: [PATCH] Implement `IPathCheck` helper --- BurnOutSharp/Handler.cs | 73 +++++++++++++++++++++++++++++++++++++---- BurnOutSharp/Scanner.cs | 62 +++------------------------------- 2 files changed, 72 insertions(+), 63 deletions(-) diff --git a/BurnOutSharp/Handler.cs b/BurnOutSharp/Handler.cs index 34293b25..0c3dc23c 100644 --- a/BurnOutSharp/Handler.cs +++ b/BurnOutSharp/Handler.cs @@ -1,4 +1,5 @@ using System; +using System.Collections.Generic; using System.Collections.Concurrent; using System.IO; using System.Text; @@ -7,10 +8,10 @@ using BinaryObjectScanner.Interfaces; using BinaryObjectScanner.Utilities; using BinaryObjectScanner.Wrappers; using static BinaryObjectScanner.Utilities.Dictionary; +using System.Linq; namespace BurnOutSharp { - // TODO: Implement IPathCheck handler internal static class Handler { #region Multiple Implementation Wrappers @@ -146,6 +147,31 @@ namespace BurnOutSharp return protections; } + /// + /// Handle a single path based on all path check implementations + /// + /// Path of the file or directory to check + /// Scanner object to use for options and scanning + /// Set of protections in file, null on error + public static ConcurrentDictionary> HandlePathChecks(string path, IEnumerable files) + { + // Create the output dictionary + var protections = new ConcurrentDictionary>(); + + // Preprocess the list of files + files = files?.Select(f => f.Replace('\\', '/'))?.ToList(); + + // Iterate through all checks + Parallel.ForEach(ScanningClasses.PathCheckClasses, checkClass => + { + var subProtections = HandlePathCheck(checkClass, path, files); + if (subProtections != null) + AppendToDictionary(protections, subProtections); + }); + + return protections; + } + /// /// Handle a single file based on all portable executable check implementations /// @@ -192,7 +218,7 @@ namespace BurnOutSharp /// /// Handle files based on an IContentCheck implementation /// - /// IDetectable class representing the file type + /// IDetectable class representing the check /// Name of the source file of the byte array, for tracking /// Contents of the source file /// True to include debug data, false otherwise @@ -264,7 +290,7 @@ namespace BurnOutSharp /// /// Handle files based on an ILinearExecutableCheck implementation /// - /// ILinearExecutableCheck class representing the file type + /// ILinearExecutableCheck class representing the check /// Name of the source file of the executable, for tracking /// LinearExecutable to check /// True to include debug data, false otherwise @@ -278,7 +304,7 @@ namespace BurnOutSharp /// /// Handle files based on an INewExecutableCheck implementation /// - /// INewExecutableCheck class representing the file type + /// INewExecutableCheck class representing the check /// Name of the source file of the executable, for tracking /// NewExecutable to check /// True to include debug data, false otherwise @@ -289,10 +315,45 @@ namespace BurnOutSharp return ProcessProtectionString(protection); } + /// + /// Handle files based on an IPathCheck implementation + /// + /// IPathCheck class representing the file type + /// Path of the file or directory to check + /// Set of protections in path, null on error + public static ConcurrentDictionary> HandlePathCheck(IPathCheck impl, string path, IEnumerable files) + { + // If we have an invalid path + if (string.IsNullOrWhiteSpace(path)) + return null; + + // Setup the output dictionary + var protections = new ConcurrentDictionary>(); + + // If we have a file path + if (File.Exists(path)) + { + string protection = impl.CheckFilePath(path); + var subProtections = ProcessProtectionString(protection); + if (subProtections != null) + AppendToDictionary(protections, path, subProtections); + } + + // If we have a directory path + if (Directory.Exists(path) && files?.Any() == true) + { + var subProtections = impl.CheckDirectoryPath(path, files); + if (subProtections != null) + AppendToDictionary(protections, path, subProtections); + } + + return protections; + } + /// /// Handle files based on an IPortableExecutableCheck implementation /// - /// IPortableExecutableCheck class representing the file type + /// IPortableExecutableCheck class representing the check /// Name of the source file of the executable, for tracking /// NewExecutable to check /// True to include debug data, false otherwise @@ -327,6 +388,7 @@ namespace BurnOutSharp if (string.IsNullOrWhiteSpace(protection)) return null; + // Setup the output queue var protections = new ConcurrentQueue(); // If we have an indicator of multiple protections @@ -343,7 +405,6 @@ namespace BurnOutSharp return protections; } - #endregion } } diff --git a/BurnOutSharp/Scanner.cs b/BurnOutSharp/Scanner.cs index 38925ad2..54f37c6b 100644 --- a/BurnOutSharp/Scanner.cs +++ b/BurnOutSharp/Scanner.cs @@ -4,7 +4,6 @@ using System.Collections.Generic; using System.IO; using System.Linq; using System.Text; -using System.Threading.Tasks; using BinaryObjectScanner.FileType; using BinaryObjectScanner.Utilities; using BinaryObjectScanner.Wrappers; @@ -114,7 +113,7 @@ namespace BurnOutSharp // Scan for path-detectable protections if (ScanPaths) { - var directoryPathProtections = GetDirectoryPathProtections(path, files); + var directoryPathProtections = Handler.HandlePathChecks(path, files); AppendToDictionary(protections, directoryPathProtections); } @@ -135,8 +134,8 @@ namespace BurnOutSharp // Scan for path-detectable protections if (ScanPaths) { - var filePathProtections = GetFilePathProtections(file); - AppendToDictionary(protections, file, filePathProtections); + var filePathProtections = Handler.HandlePathChecks(file, files: null); + AppendToDictionary(protections, filePathProtections); } // Scan for content-detectable protections @@ -173,8 +172,8 @@ namespace BurnOutSharp // Scan for path-detectable protections if (ScanPaths) { - var filePathProtections = GetFilePathProtections(path); - AppendToDictionary(protections, path, filePathProtections); + var filePathProtections = Handler.HandlePathChecks(path, files: null); + AppendToDictionary(protections, filePathProtections); } // Scan for content-detectable protections @@ -214,57 +213,6 @@ namespace BurnOutSharp return protections; } - /// - /// Get the path-detectable protections associated with a single path - /// - /// Path of the directory to scan - /// Files contained within - /// Dictionary of list of strings representing the found protections - private ConcurrentDictionary> GetDirectoryPathProtections(string path, List files) - { - // Create an empty queue for protections - var protections = new ConcurrentQueue(); - - // Preprocess the list of files - files = files.Select(f => f.Replace('\\', '/')).ToList(); - - // Iterate through all path checks - Parallel.ForEach(ScanningClasses.PathCheckClasses, pathCheckClass => - { - ConcurrentQueue protection = pathCheckClass.CheckDirectoryPath(path, files); - if (protection != null) - protections.AddRange(protection); - }); - - // Create and return the dictionary - return new ConcurrentDictionary> - { - [path] = protections - }; - } - - /// - /// Get the path-detectable protections associated with a single path - /// - /// Path of the file to scan - /// Dictionary of list of strings representing the found protections - private ConcurrentQueue GetFilePathProtections(string path) - { - // Create an empty queue for protections - var protections = new ConcurrentQueue(); - - // Iterate through all path checks - Parallel.ForEach(ScanningClasses.PathCheckClasses, pathCheckClass => - { - string protection = pathCheckClass.CheckFilePath(path.Replace("\\", "/")); - if (!string.IsNullOrWhiteSpace(protection)) - protections.Enqueue(protection); - }); - - // Create and return the dictionary - return protections; - } - /// /// Get the content-detectable protections associated with a single path ///