diff --git a/BinaryObjectScanner/FileType/RAR.cs b/BinaryObjectScanner/FileType/RAR.cs index e99780c9..f0292168 100644 --- a/BinaryObjectScanner/FileType/RAR.cs +++ b/BinaryObjectScanner/FileType/RAR.cs @@ -33,6 +33,9 @@ namespace BinaryObjectScanner.FileType try { using RarArchive rarFile = RarArchive.Open(stream); + if (!rarFile.IsComplete) + return false; + foreach (var entry in rarFile.Entries) { try diff --git a/BinaryObjectScanner/FileType/SevenZip.cs b/BinaryObjectScanner/FileType/SevenZip.cs index 814beacb..b35222ed 100644 --- a/BinaryObjectScanner/FileType/SevenZip.cs +++ b/BinaryObjectScanner/FileType/SevenZip.cs @@ -32,8 +32,8 @@ namespace BinaryObjectScanner.FileType #if NET462_OR_GREATER || NETCOREAPP try { - using var sevenZipFile = SevenZipArchive.Open(stream); - foreach (var entry in sevenZipFile.Entries) + using var sevenZip = SevenZipArchive.Open(stream); + foreach (var entry in sevenZip.Entries) { try { diff --git a/BinaryObjectScanner/Handler.cs b/BinaryObjectScanner/Handler.cs index 0783c242..13bf9c79 100644 --- a/BinaryObjectScanner/Handler.cs +++ b/BinaryObjectScanner/Handler.cs @@ -140,17 +140,19 @@ namespace BinaryObjectScanner try { // Extract and get the output path - var tempPath = impl.Extract(fileName, mz, scanner.IncludeDebug); - if (tempPath == null) - return null; - + string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString()); + bool extracted = impl.Extract(fileName, mz, tempPath, scanner.IncludeDebug); + // Collect and format all found protections - var subProtections = scanner.GetProtections(tempPath); + ProtectionDictionary? subProtections = null; + if (extracted) + subProtections = scanner.GetProtections(tempPath); // If temp directory cleanup fails try { - Directory.Delete(tempPath, true); + if (Directory.Exists(tempPath)) + Directory.Delete(tempPath, true); } catch (Exception ex) { @@ -184,17 +186,19 @@ namespace BinaryObjectScanner try { // Extract and get the output path - var tempPath = impl.Extract(fileName, lex, scanner.IncludeDebug); - if (tempPath == null) - return null; - + string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString()); + bool extracted = impl.Extract(fileName, lex, tempPath, scanner.IncludeDebug); + // Collect and format all found protections - var subProtections = scanner.GetProtections(tempPath); + ProtectionDictionary? subProtections = null; + if (extracted) + subProtections = scanner.GetProtections(tempPath); // If temp directory cleanup fails try { - Directory.Delete(tempPath, true); + if (Directory.Exists(tempPath)) + Directory.Delete(tempPath, true); } catch (Exception ex) { @@ -228,17 +232,19 @@ namespace BinaryObjectScanner try { // Extract and get the output path - var tempPath = impl.Extract(fileName, nex, scanner.IncludeDebug); - if (tempPath == null) - return null; - + string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString()); + bool extracted = impl.Extract(fileName, nex, tempPath, scanner.IncludeDebug); + // Collect and format all found protections - var subProtections = scanner.GetProtections(tempPath); + ProtectionDictionary? subProtections = null; + if (extracted) + subProtections = scanner.GetProtections(tempPath); // If temp directory cleanup fails try { - Directory.Delete(tempPath, true); + if (Directory.Exists(tempPath)) + Directory.Delete(tempPath, true); } catch (Exception ex) { @@ -272,17 +278,19 @@ namespace BinaryObjectScanner try { // Extract and get the output path - var tempPath = impl.Extract(fileName, pex, scanner.IncludeDebug); - if (tempPath == null) - return null; - + string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString()); + bool extracted = impl.Extract(fileName, pex, tempPath, scanner.IncludeDebug); + // Collect and format all found protections - var subProtections = scanner.GetProtections(tempPath); + ProtectionDictionary? subProtections = null; + if (extracted) + subProtections = scanner.GetProtections(tempPath); // If temp directory cleanup fails try { - Directory.Delete(tempPath, true); + if (Directory.Exists(tempPath)) + Directory.Delete(tempPath, true); } catch (Exception ex) { diff --git a/BinaryObjectScanner/Interfaces/IExtractableLinearExecutable.cs b/BinaryObjectScanner/Interfaces/IExtractableLinearExecutable.cs index 3e96bcb1..8183da7f 100644 --- a/BinaryObjectScanner/Interfaces/IExtractableLinearExecutable.cs +++ b/BinaryObjectScanner/Interfaces/IExtractableLinearExecutable.cs @@ -12,8 +12,9 @@ namespace BinaryObjectScanner.Interfaces /// /// Path to the input file /// LinearExecutable representing the read-in file + /// Path to the output directory /// True to include debug data, false otherwise /// Path to extracted files, null on error - string? Extract(string file, LinearExecutable lex, bool includeDebug); + bool Extract(string file, LinearExecutable lex, string outDir, bool includeDebug); } } diff --git a/BinaryObjectScanner/Interfaces/IExtractableMSDOSExecutable.cs b/BinaryObjectScanner/Interfaces/IExtractableMSDOSExecutable.cs index 40b85ac7..0c92c0f1 100644 --- a/BinaryObjectScanner/Interfaces/IExtractableMSDOSExecutable.cs +++ b/BinaryObjectScanner/Interfaces/IExtractableMSDOSExecutable.cs @@ -12,8 +12,9 @@ namespace BinaryObjectScanner.Interfaces /// /// Path to the input file /// MSDOS representing the read-in file + /// Path to the output directory /// True to include debug data, false otherwise /// Path to extracted files, null on error - string? Extract(string file, MSDOS mz, bool includeDebug); + bool Extract(string file, MSDOS mz, string outDir, bool includeDebug); } } diff --git a/BinaryObjectScanner/Interfaces/IExtractableNewExecutable.cs b/BinaryObjectScanner/Interfaces/IExtractableNewExecutable.cs index c288d78b..4cf79968 100644 --- a/BinaryObjectScanner/Interfaces/IExtractableNewExecutable.cs +++ b/BinaryObjectScanner/Interfaces/IExtractableNewExecutable.cs @@ -12,8 +12,9 @@ namespace BinaryObjectScanner.Interfaces /// /// Path to the input file /// NewExecutable representing the read-in file + /// Path to the output directory /// True to include debug data, false otherwise /// Path to extracted files, null on error - string? Extract(string file, NewExecutable nex, bool includeDebug); + bool Extract(string file, NewExecutable nex, string outDir, bool includeDebug); } } diff --git a/BinaryObjectScanner/Interfaces/IExtractablePortableExecutable.cs b/BinaryObjectScanner/Interfaces/IExtractablePortableExecutable.cs index 7e7b85bd..20e9cf18 100644 --- a/BinaryObjectScanner/Interfaces/IExtractablePortableExecutable.cs +++ b/BinaryObjectScanner/Interfaces/IExtractablePortableExecutable.cs @@ -12,8 +12,9 @@ namespace BinaryObjectScanner.Interfaces /// /// Path to the input file /// PortableExecutable representing the read-in file + /// Path to the output directory /// True to include debug data, false otherwise /// Path to extracted files, null on error - string? Extract(string file, PortableExecutable pex, bool includeDebug); + bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug); } } diff --git a/BinaryObjectScanner/Packer/ASPack.cs b/BinaryObjectScanner/Packer/ASPack.cs index f2baa0dc..6c6e64b9 100644 --- a/BinaryObjectScanner/Packer/ASPack.cs +++ b/BinaryObjectScanner/Packer/ASPack.cs @@ -51,9 +51,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } /// diff --git a/BinaryObjectScanner/Packer/AdvancedInstaller.cs b/BinaryObjectScanner/Packer/AdvancedInstaller.cs index 6469b2c6..8c8906ae 100644 --- a/BinaryObjectScanner/Packer/AdvancedInstaller.cs +++ b/BinaryObjectScanner/Packer/AdvancedInstaller.cs @@ -28,9 +28,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/AutoPlayMediaStudio.cs b/BinaryObjectScanner/Packer/AutoPlayMediaStudio.cs index 287a6ef5..7410d2ec 100644 --- a/BinaryObjectScanner/Packer/AutoPlayMediaStudio.cs +++ b/BinaryObjectScanner/Packer/AutoPlayMediaStudio.cs @@ -33,9 +33,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } private string GetVersion(PortableExecutable pex) diff --git a/BinaryObjectScanner/Packer/CExe.cs b/BinaryObjectScanner/Packer/CExe.cs index 1c5ec795..da73f7de 100644 --- a/BinaryObjectScanner/Packer/CExe.cs +++ b/BinaryObjectScanner/Packer/CExe.cs @@ -51,14 +51,14 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { try { // Get the first resource of type 99 with index 2 var payload = pex.FindResourceByNamedType("99, 2").FirstOrDefault(); if (payload == null || payload.Length == 0) - return null; + return false; // Determine which compression was used bool zlib = pex.FindResourceByNamedType("99, 1").Any(); @@ -125,27 +125,25 @@ namespace BinaryObjectScanner.Packer // If we have no data if (data == null) - return null; - - string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString()); - Directory.CreateDirectory(tempPath); + return false; // Create the temp filename string tempFile = string.IsNullOrEmpty(file) ? "temp.sxe" : $"{Path.GetFileNameWithoutExtension(file)}.sxe"; - tempFile = Path.Combine(tempPath, tempFile); + tempFile = Path.Combine(outDir, tempFile); + var directoryName = Path.GetDirectoryName(tempFile); + if (directoryName != null && !Directory.Exists(directoryName)) + Directory.CreateDirectory(directoryName); // Write the file data to a temp file - using (Stream tempStream = File.Open(tempFile, FileMode.Create, FileAccess.Write, FileShare.ReadWrite)) - { - tempStream.Write(data, 0, data.Length); - } + var tempStream = File.Open(tempFile, FileMode.Create, FileAccess.Write, FileShare.ReadWrite); + tempStream.Write(data, 0, data.Length); - return tempPath; + return true; } catch (Exception ex) { if (includeDebug) Console.WriteLine(ex); - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/DotFuscator.cs b/BinaryObjectScanner/Packer/DotFuscator.cs index 874a40ec..f09fbbaa 100644 --- a/BinaryObjectScanner/Packer/DotFuscator.cs +++ b/BinaryObjectScanner/Packer/DotFuscator.cs @@ -27,9 +27,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/DotNetReactor.cs b/BinaryObjectScanner/Packer/DotNetReactor.cs index 06075dd8..2be992ab 100644 --- a/BinaryObjectScanner/Packer/DotNetReactor.cs +++ b/BinaryObjectScanner/Packer/DotNetReactor.cs @@ -97,10 +97,10 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { // TODO: Add extraction - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/EXEStealth.cs b/BinaryObjectScanner/Packer/EXEStealth.cs index e27959ab..7e7b1c46 100644 --- a/BinaryObjectScanner/Packer/EXEStealth.cs +++ b/BinaryObjectScanner/Packer/EXEStealth.cs @@ -75,9 +75,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/EmbeddedExecutable.cs b/BinaryObjectScanner/Packer/EmbeddedExecutable.cs index 09d2e48d..aa168652 100644 --- a/BinaryObjectScanner/Packer/EmbeddedExecutable.cs +++ b/BinaryObjectScanner/Packer/EmbeddedExecutable.cs @@ -29,13 +29,13 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { try { // If there are no resources if (pex.ResourceData == null) - return null; + return false; // Get the resources that have an executable signature var resources = pex.ResourceData @@ -44,9 +44,6 @@ namespace BinaryObjectScanner.Packer .Where(b => b != null && b.StartsWith(SabreTools.Models.MSDOS.Constants.SignatureBytes)) .ToList(); - string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString()); - Directory.CreateDirectory(tempPath); - for (int i = 0; i < resources.Count; i++) { try @@ -58,7 +55,10 @@ namespace BinaryObjectScanner.Packer // Create the temp filename string tempFile = $"embedded_resource_{i}.bin"; - tempFile = Path.Combine(tempPath, tempFile); + tempFile = Path.Combine(outDir, tempFile); + var directoryName = Path.GetDirectoryName(tempFile); + if (directoryName != null && !Directory.Exists(directoryName)) + Directory.CreateDirectory(directoryName); // Write the resource data to a temp file using var tempStream = File.Open(tempFile, FileMode.Create, FileAccess.Write, FileShare.ReadWrite); @@ -70,12 +70,12 @@ namespace BinaryObjectScanner.Packer } } - return tempPath; + return true; } catch (Exception ex) { if (includeDebug) Console.WriteLine(ex); - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/GenteeInstaller.cs b/BinaryObjectScanner/Packer/GenteeInstaller.cs index eaa6d955..9648c898 100644 --- a/BinaryObjectScanner/Packer/GenteeInstaller.cs +++ b/BinaryObjectScanner/Packer/GenteeInstaller.cs @@ -31,9 +31,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/HyperTechCrackProof.cs b/BinaryObjectScanner/Packer/HyperTechCrackProof.cs index 0d3b3bd8..daec175a 100644 --- a/BinaryObjectScanner/Packer/HyperTechCrackProof.cs +++ b/BinaryObjectScanner/Packer/HyperTechCrackProof.cs @@ -31,9 +31,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/InnoSetup.cs b/BinaryObjectScanner/Packer/InnoSetup.cs index e41584bf..ed35ca26 100644 --- a/BinaryObjectScanner/Packer/InnoSetup.cs +++ b/BinaryObjectScanner/Packer/InnoSetup.cs @@ -54,9 +54,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } private static string GetOldVersion(string file, NewExecutable nex) diff --git a/BinaryObjectScanner/Packer/InstallAnywhere.cs b/BinaryObjectScanner/Packer/InstallAnywhere.cs index 454d17d4..9ba9fa38 100644 --- a/BinaryObjectScanner/Packer/InstallAnywhere.cs +++ b/BinaryObjectScanner/Packer/InstallAnywhere.cs @@ -28,9 +28,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } private string GetVersion(PortableExecutable pex) diff --git a/BinaryObjectScanner/Packer/InstallerVISE.cs b/BinaryObjectScanner/Packer/InstallerVISE.cs index 8b99bfb6..f7902f4e 100644 --- a/BinaryObjectScanner/Packer/InstallerVISE.cs +++ b/BinaryObjectScanner/Packer/InstallerVISE.cs @@ -29,9 +29,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/IntelInstallationFramework.cs b/BinaryObjectScanner/Packer/IntelInstallationFramework.cs index 89e40e16..b53a2374 100644 --- a/BinaryObjectScanner/Packer/IntelInstallationFramework.cs +++ b/BinaryObjectScanner/Packer/IntelInstallationFramework.cs @@ -33,9 +33,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/MicrosoftCABSFX.cs b/BinaryObjectScanner/Packer/MicrosoftCABSFX.cs index 0637e750..c9e4b7ef 100644 --- a/BinaryObjectScanner/Packer/MicrosoftCABSFX.cs +++ b/BinaryObjectScanner/Packer/MicrosoftCABSFX.cs @@ -47,9 +47,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } private string GetVersion(PortableExecutable pex) diff --git a/BinaryObjectScanner/Packer/NSIS.cs b/BinaryObjectScanner/Packer/NSIS.cs index 712ff773..12e5e946 100644 --- a/BinaryObjectScanner/Packer/NSIS.cs +++ b/BinaryObjectScanner/Packer/NSIS.cs @@ -31,9 +31,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } } \ No newline at end of file diff --git a/BinaryObjectScanner/Packer/NeoLite.cs b/BinaryObjectScanner/Packer/NeoLite.cs index baa85a79..b6983a6e 100644 --- a/BinaryObjectScanner/Packer/NeoLite.cs +++ b/BinaryObjectScanner/Packer/NeoLite.cs @@ -36,9 +36,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/PECompact.cs b/BinaryObjectScanner/Packer/PECompact.cs index 2e7fbbe1..2f98a604 100644 --- a/BinaryObjectScanner/Packer/PECompact.cs +++ b/BinaryObjectScanner/Packer/PECompact.cs @@ -41,9 +41,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/Petite.cs b/BinaryObjectScanner/Packer/Petite.cs index 541182b5..8d7a0071 100644 --- a/BinaryObjectScanner/Packer/Petite.cs +++ b/BinaryObjectScanner/Packer/Petite.cs @@ -24,9 +24,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/SetupFactory.cs b/BinaryObjectScanner/Packer/SetupFactory.cs index a310dcb9..08769c73 100644 --- a/BinaryObjectScanner/Packer/SetupFactory.cs +++ b/BinaryObjectScanner/Packer/SetupFactory.cs @@ -38,9 +38,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } private string GetVersion(PortableExecutable pex) diff --git a/BinaryObjectScanner/Packer/SevenZipSFX.cs b/BinaryObjectScanner/Packer/SevenZipSFX.cs index 71b3495e..21c3ef2b 100644 --- a/BinaryObjectScanner/Packer/SevenZipSFX.cs +++ b/BinaryObjectScanner/Packer/SevenZipSFX.cs @@ -24,7 +24,7 @@ namespace BinaryObjectScanner.Packer // Get the assembly description, if possible if (pex.AssemblyDescription?.StartsWith("7-Zip Self-extracting Archive") == true) return $"7-Zip SFX {pex.AssemblyDescription.Substring("7-Zip Self-extracting Archive ".Length)}"; - + // Get the file description, if it exists if (pex.FileDescription?.Equals("7z SFX") == true) return "7-Zip SFX"; @@ -51,58 +51,53 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { if (!File.Exists(file)) - return null; + return false; #if NET462_OR_GREATER || NETCOREAPP try { - // Create a temp output directory - string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString()); - Directory.CreateDirectory(tempPath); - - using (SevenZipArchive sevenZipFile = SevenZipArchive.Open(file, new ReaderOptions() { LookForHeader = true })) + using var sevenZip = SevenZipArchive.Open(file, new ReaderOptions() { LookForHeader = true }); + foreach (var entry in sevenZip.Entries) { - foreach (var entry in sevenZipFile.Entries) + try { - try - { - // If the entry is a directory - if (entry.IsDirectory) - continue; + // If the entry is a directory + if (entry.IsDirectory) + continue; - // If the entry has an invalid key - if (entry.Key == null) - continue; + // If the entry has an invalid key + if (entry.Key == null) + continue; - // If we have a partial entry due to an incomplete multi-part archive, skip it - if (!entry.IsComplete) - continue; + // If we have a partial entry due to an incomplete multi-part archive, skip it + if (!entry.IsComplete) + continue; - string tempFile = Path.Combine(tempPath, entry.Key); - var directoryName = Path.GetDirectoryName(tempFile); - if (directoryName != null && !Directory.Exists(directoryName)) - Directory.CreateDirectory(directoryName); - entry.WriteToFile(tempFile); - } - catch (Exception ex) - { - if (includeDebug) Console.WriteLine(ex); - } + string tempFile = Path.Combine(outDir, entry.Key); + var directoryName = Path.GetDirectoryName(tempFile); + if (directoryName != null && !Directory.Exists(directoryName)) + Directory.CreateDirectory(directoryName); + + entry.WriteToFile(tempFile); + } + catch (Exception ex) + { + if (includeDebug) Console.WriteLine(ex); } } - return tempPath; + return true; } catch (Exception ex) { if (includeDebug) Console.WriteLine(ex); - return null; + return false; } #else - return null; + return false; #endif } } diff --git a/BinaryObjectScanner/Packer/Shrinker.cs b/BinaryObjectScanner/Packer/Shrinker.cs index ba0458c8..b221c8f1 100644 --- a/BinaryObjectScanner/Packer/Shrinker.cs +++ b/BinaryObjectScanner/Packer/Shrinker.cs @@ -25,9 +25,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } } diff --git a/BinaryObjectScanner/Packer/UPX.cs b/BinaryObjectScanner/Packer/UPX.cs index d1a4c317..f1a8dae6 100644 --- a/BinaryObjectScanner/Packer/UPX.cs +++ b/BinaryObjectScanner/Packer/UPX.cs @@ -63,9 +63,9 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } public static string GetVersion(string file, byte[] fileContent, List positions) diff --git a/BinaryObjectScanner/Packer/WinRARSFX.cs b/BinaryObjectScanner/Packer/WinRARSFX.cs index 21ded408..21f9b781 100644 --- a/BinaryObjectScanner/Packer/WinRARSFX.cs +++ b/BinaryObjectScanner/Packer/WinRARSFX.cs @@ -33,58 +33,57 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { + if (!File.Exists(file)) + return false; + #if NET462_OR_GREATER || NETCOREAPP try { // Should be using stream instead of file, but stream fails to extract anything. My guess is that the executable portion of the archive is causing stream to fail, but not file. - using (RarArchive rarFile = RarArchive.Open(file, new ReaderOptions() { LookForHeader = true })) + using var rarFile = RarArchive.Open(file, new ReaderOptions() { LookForHeader = true }); + if (!rarFile.IsComplete) + return false; + + foreach (var entry in rarFile.Entries) { - if (!rarFile.IsComplete) - return null; - - string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString()); - Directory.CreateDirectory(tempPath); - - foreach (var entry in rarFile.Entries) + try { - try - { - // If the entry is a directory - if (entry.IsDirectory) - continue; + // If the entry is a directory + if (entry.IsDirectory) + continue; - // If the entry has an invalid key - if (entry.Key == null) - continue; + // If the entry has an invalid key + if (entry.Key == null) + continue; - // If we have a partial entry due to an incomplete multi-part archive, skip it - if (!entry.IsComplete) - continue; + // If we have a partial entry due to an incomplete multi-part archive, skip it + if (!entry.IsComplete) + continue; - string tempFile = Path.Combine(tempPath, entry.Key); - var directoryName = Path.GetDirectoryName(tempFile); - if (directoryName != null && !Directory.Exists(directoryName)) - Directory.CreateDirectory(directoryName); - entry.WriteToFile(tempFile); - } - catch (Exception ex) - { - if (includeDebug) Console.WriteLine(ex); - } + string tempFile = Path.Combine(outDir, entry.Key); + var directoryName = Path.GetDirectoryName(tempFile); + if (directoryName != null && !Directory.Exists(directoryName)) + Directory.CreateDirectory(directoryName); + + entry.WriteToFile(tempFile); + } + catch (Exception ex) + { + if (includeDebug) Console.WriteLine(ex); } - - return tempPath; } + + return true; } catch (Exception ex) { if (includeDebug) Console.WriteLine(ex); - return null; + return false; } #else - return null; + return false; #endif } } diff --git a/BinaryObjectScanner/Packer/WinZipSFX.cs b/BinaryObjectScanner/Packer/WinZipSFX.cs index e9b40484..68b211f2 100644 --- a/BinaryObjectScanner/Packer/WinZipSFX.cs +++ b/BinaryObjectScanner/Packer/WinZipSFX.cs @@ -66,65 +66,63 @@ namespace BinaryObjectScanner.Packer // TODO: Find a way to generically detect 2.X versions and improve exact version detection for SFX PE versions bundled with WinZip 11+ /// - public string? Extract(string file, NewExecutable nex, bool includeDebug) - => Extract(file, includeDebug); + public bool Extract(string file, NewExecutable nex, string outDir, bool includeDebug) + => Extract(file, outDir, includeDebug); /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) - => Extract(file, includeDebug); + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) + => Extract(file, outDir, includeDebug); /// /// Handle common extraction between executable types /// - public static string? Extract(string file, bool includeDebug) + public static bool Extract(string file, string outDir, bool includeDebug) { + if (!File.Exists(file)) + return false; + #if NET462_OR_GREATER || NETCOREAPP try { - // Create a temp output directory - string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString()); - Directory.CreateDirectory(tempPath); - - using (ZipArchive zipFile = ZipArchive.Open(file)) + using var zipFile = ZipArchive.Open(file); + foreach (var entry in zipFile.Entries) { - foreach (var entry in zipFile.Entries) + try { - try - { - // If the entry is a directory - if (entry.IsDirectory) - continue; + // If the entry is a directory + if (entry.IsDirectory) + continue; - // If the entry has an invalid key - if (entry.Key == null) - continue; + // If the entry has an invalid key + if (entry.Key == null) + continue; - // If we have a partial entry due to an incomplete multi-part archive, skip it - if (!entry.IsComplete) - continue; + // If we have a partial entry due to an incomplete multi-part archive, skip it + if (!entry.IsComplete) + continue; - string tempFile = Path.Combine(tempPath, entry.Key); - var directoryName = Path.GetDirectoryName(tempFile); - if (directoryName != null && !Directory.Exists(directoryName)) - Directory.CreateDirectory(directoryName); - entry.WriteToFile(tempFile); - } - catch (Exception ex) - { - if (includeDebug) Console.WriteLine(ex); - } + string tempFile = Path.Combine(outDir, entry.Key); + var directoryName = Path.GetDirectoryName(tempFile); + if (directoryName != null && !Directory.Exists(directoryName)) + Directory.CreateDirectory(directoryName); + + entry.WriteToFile(tempFile); + } + catch (Exception ex) + { + if (includeDebug) Console.WriteLine(ex); } } - return tempPath; + return true; } catch (Exception ex) { if (includeDebug) Console.WriteLine(ex); - return null; + return false; } #else - return null; + return false; #endif } @@ -796,14 +794,14 @@ namespace BinaryObjectScanner.Packer "WZIPSE32.exe" => "Unknown Version (32-bit)",// TODO: Find starting version "SI32LPG.SFX" => "Unknown Version (32-bit)",// TODO: Find starting version "ST32E.WZE" => "Unknown Version (32-bit)",// TODO: Find starting version - + // Personal Edition "VW95LE.SFX" => "Unknown Version before Personal Edition Build 1285 (32-bit)", "PE32E.SFX" => "Unknown Version after Personal Edition Build 1285 (32-bit)", "wzsepe32.exe" => "Unknown Version Personal Edition (32-bit)",// TODO: Find starting version "SI32PE.SFX" => "Unknown Version Personal Edition (32-bit)",// TODO: Find starting version "SI32LPE.SFX" => "Unknown Version Personal Edition (32-bit)",// TODO: Find starting version - + // Software Installation "VW95SRE.SFX" => "Unknown Version before Software Installation 2.1 (32-bit)", "SI32E.SFX" => "Unknown Version after Software Installation 2.1 (32-bit)", diff --git a/BinaryObjectScanner/Packer/WiseInstaller.cs b/BinaryObjectScanner/Packer/WiseInstaller.cs index fe4ea292..4f3d73a6 100644 --- a/BinaryObjectScanner/Packer/WiseInstaller.cs +++ b/BinaryObjectScanner/Packer/WiseInstaller.cs @@ -75,52 +75,36 @@ namespace BinaryObjectScanner.Packer } /// - public string? Extract(string file, NewExecutable nex, bool includeDebug) + public bool Extract(string file, NewExecutable nex, string outDir, bool includeDebug) { - string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString()); - Directory.CreateDirectory(tempPath); + Directory.CreateDirectory(outDir); try { - // TODO: Try to find where the file data lives and how to get it - if (!Extractor.ExtractTo(file, tempPath)) - { - try - { - Directory.Delete(tempPath, true); - } - catch (Exception ex) - { - if (includeDebug) Console.WriteLine(ex); - } - - return null; - } + return Extractor.ExtractTo(file, outDir); } catch (Exception ex) { if (includeDebug) Console.WriteLine(ex); - return null; + return false; } - - return tempPath; } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { try { // Get the matching PE format var format = GetPEFormat(pex); if (format == null) - return null; + return false; // Get the overlay data for easier reading int overlayOffset = 0, dataStart = 0; var overlayData = pex.OverlayData; if (overlayData == null) - return null; + return false; // Skip over the additional DLL name, if we expect it if (format.Dll) @@ -175,43 +159,28 @@ namespace BinaryObjectScanner.Packer var magic = overlayData.ReadBytes(ref overlayOffset, 4); overlayOffset -= 4; bool pkzip = magic?.StartsWith(new byte?[] { (byte)'P', (byte)'K' }) ?? false; - string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString()); - Directory.CreateDirectory(tempPath); + // Create the output directory + Directory.CreateDirectory(outDir); // If we have PKZIP if (pkzip) { - string tempFile = Path.Combine(tempPath, "WISEDATA.zip"); - using (Stream tempStream = File.Open(tempFile, FileMode.Create, FileAccess.Write, FileShare.ReadWrite)) - { - tempStream.Write(overlayData, overlayOffset, overlayData.Length - overlayOffset); - } + string tempFile = Path.Combine(outDir, "WISEDATA.zip"); + using Stream tempStream = File.Open(tempFile, FileMode.Create, FileAccess.Write, FileShare.ReadWrite); + tempStream.Write(overlayData, overlayOffset, overlayData.Length - overlayOffset); + return true; } // If we have DEFLATE -- TODO: Port implementation here or use DeflateStream else { - if (!Extractor.ExtractTo(file, tempPath)) - { - try - { - Directory.Delete(tempPath, true); - } - catch (Exception ex) - { - if (includeDebug) Console.WriteLine(ex); - } - - return null; - } + return Extractor.ExtractTo(file, outDir); } - - return tempPath; } catch (Exception ex) { if (includeDebug) Console.WriteLine(ex); - return null; + return false; } } diff --git a/BinaryObjectScanner/Protection/Armadillo.cs b/BinaryObjectScanner/Protection/Armadillo.cs index a0e2da33..e512719f 100644 --- a/BinaryObjectScanner/Protection/Armadillo.cs +++ b/BinaryObjectScanner/Protection/Armadillo.cs @@ -52,9 +52,9 @@ namespace BinaryObjectScanner.Protection } /// - public string? Extract(string file, PortableExecutable pex, bool includeDebug) + public bool Extract(string file, PortableExecutable pex, string outDir, bool includeDebug) { - return null; + return false; } } }