Make packers code more consistent

2026-02-14 21:33:08 +00:00 · 2025-09-20 17:59:20 -04:00
parent 5f9f21ae14
commit 4afea551ba
6 changed files with 20 additions and 14 deletions
--- a/BinaryObjectScanner/Packer/GenteeInstaller.cs
+++ b/BinaryObjectScanner/Packer/GenteeInstaller.cs
@@ -24,7 +24,7 @@ namespace BinaryObjectScanner.Packer
            // <see href="https://www.virustotal.com/gui/file/40e222d35fe8bdd94360462e2f2b870ec7e2c184873e2a481109408db790bfe8/details"/>
            // This was found in a "Create Install 2003"-made installer
            string? name = exe.AssemblyName;
-            if (name == "Gentee.Installer.Install")
+            if (name.OptionalEquals("Gentee.Installer.Install"))
                return "Gentee Installer";

            return null;
--- a/BinaryObjectScanner/Packer/HyperTechCrackProof.cs
+++ b/BinaryObjectScanner/Packer/HyperTechCrackProof.cs
@@ -17,7 +17,7 @@ namespace BinaryObjectScanner.Packer
            // This check may be overly limiting, as it excludes the sample provided to DiE (https://github.com/horsicq/Detect-It-Easy/issues/102).
            // TODO: Find further samples and invesitgate if the "peC" section is only present on specific versions.
            bool importTableMatch = Array.Exists(exe.ImportTable?.ImportDirectoryTable ?? [],
-                idte => idte?.Name == "KeRnEl32.dLl");
+                idte => idte.Name == "KeRnEl32.dLl");

            if (exe.ContainsSection("peC", exact: true) && importTableMatch)
                return "HyperTech CrackProof";
--- a/BinaryObjectScanner/Packer/MicrosoftCABSFX.cs
+++ b/BinaryObjectScanner/Packer/MicrosoftCABSFX.cs
@@ -4,7 +4,6 @@ using SabreTools.Serialization.Wrappers;

 namespace BinaryObjectScanner.Packer
 {
-    // TODO: Add extraction
    // https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt
    public class MicrosoftCABSFX : IExecutableCheck<PortableExecutable>
    {
--- a/BinaryObjectScanner/Packer/SevenZipSFX.cs
+++ b/BinaryObjectScanner/Packer/SevenZipSFX.cs
@@ -9,25 +9,29 @@ namespace BinaryObjectScanner.Packer
        public string? CheckExecutable(string file, PortableExecutable exe, bool includeDebug)
        {
            // Get the assembly description, if possible
-            if (exe.AssemblyDescription.OptionalStartsWith("7-Zip Self-extracting Archive"))
+            string? name = exe.AssemblyDescription;
+            if (name.OptionalStartsWith("7-Zip Self-extracting Archive"))
                return $"7-Zip SFX {exe.AssemblyDescription!.Substring("7-Zip Self-extracting Archive ".Length)}";

            // Get the file description, if it exists
-            if (exe.FileDescription.OptionalEquals("7z SFX"))
+            name = exe.FileDescription;
+            if (name.OptionalEquals("7z SFX"))
                return "7-Zip SFX";
-            if (exe.FileDescription.OptionalEquals("7z Self-Extract Setup"))
+            if (name.OptionalEquals("7z Self-Extract Setup"))
                return "7-Zip SFX";

            // Get the original filename, if it exists
-            if (exe.OriginalFilename.OptionalEquals("7z.sfx.exe"))
+            name = exe.OriginalFilename;
+            if (name.OptionalEquals("7z.sfx.exe"))
                return "7-Zip SFX";
-            else if (exe.OriginalFilename.OptionalEquals("7zS.sfx"))
+            else if (name.OptionalEquals("7zS.sfx"))
                return "7-Zip SFX";

            // Get the internal name, if it exists
-            if (exe.InternalName.OptionalEquals("7z.sfx"))
+            name = exe.InternalName;
+            if (name.OptionalEquals("7z.sfx"))
                return "7-Zip SFX";
-            else if (exe.InternalName.OptionalEquals("7zS.sfx"))
+            else if (name.OptionalEquals("7zS.sfx"))
                return "7-Zip SFX";

            // If any dialog boxes match
--- a/BinaryObjectScanner/Packer/Shrinker.cs
+++ b/BinaryObjectScanner/Packer/Shrinker.cs
@@ -10,9 +10,12 @@ namespace BinaryObjectScanner.Packer
        /// <inheritdoc/>
        public string? CheckExecutable(string file, PortableExecutable exe, bool includeDebug)
        {
-            // Get the .shrink0 and .shrink2 sections, if they exist -- TODO: Confirm if both are needed or either/or is fine
-            if (exe.ContainsSection(".shrink0", true) || exe.ContainsSection(".shrink2", true))
-                return "Shrinker";
+            bool shrink0 = exe.ContainsSection(".shrink0", exact: true);
+            bool shrink2 = exe.ContainsSection(".shrink2", exact: true);
+
+            // TODO: Confirm if both need to be present 
+            if (shrink0 || shrink2)
+                return "Shrinker"; // TODO: Figure out how to get version

            return null;
        }
--- a/BinaryObjectScanner/Packer/SpoonInstaller.cs
+++ b/BinaryObjectScanner/Packer/SpoonInstaller.cs
@@ -19,7 +19,7 @@ namespace BinaryObjectScanner.Packer
            // <see href="https://www.virustotal.com/gui/file/40e222d35fe8bdd94360462e2f2b870ec7e2c184873e2a481109408db790bfe8/details"/>
            // This was found in a "Create Install 2003"-made installer
            name = exe.AssemblyName;
-            if (name == "Illustrate.Spoon.Installer")
+            if (name.OptionalEquals("Illustrate.Spoon.Installer"))
                return "Spoon Installer";

            return null;