diff --git a/BurnOutSharp/FileType/Executable.cs b/BurnOutSharp/FileType/Executable.cs index 3c4bf43e..1c53d2f6 100644 --- a/BurnOutSharp/FileType/Executable.cs +++ b/BurnOutSharp/FileType/Executable.cs @@ -228,6 +228,11 @@ namespace BurnOutSharp.FileType if (!string.IsNullOrWhiteSpace(protection)) protections.Add(protection); + // UPX + protection = UPX.CheckContents(fileContent, includePosition); + if (!string.IsNullOrWhiteSpace(protection)) + protections.Add(protection); + // VOB ProtectCD/DVD protection = VOBProtectCDDVD.CheckContents(file, fileContent, includePosition); if (!string.IsNullOrWhiteSpace(protection)) diff --git a/BurnOutSharp/ProtectionType/UPX.cs b/BurnOutSharp/ProtectionType/UPX.cs new file mode 100644 index 00000000..4830012d --- /dev/null +++ b/BurnOutSharp/ProtectionType/UPX.cs @@ -0,0 +1,33 @@ +using System.Text; + +namespace BurnOutSharp.ProtectionType +{ + public class UPX + { + public static string CheckContents(byte[] fileContent, bool includePosition = false) + { + // UPX! + byte[] check = new byte[] { 0x55, 0x50, 0x58, 0x21 }; + if (fileContent.Contains(check, out int position)) + { + string version = GetVersion(fileContent, position); + return $"UPX {version}" + (includePosition ? $" (Index {position})" : string.Empty); + } + + return null; + } + + private static string GetVersion(byte[] fileContent, int index) + { + try + { + index -= 5; + return Encoding.ASCII.GetString(fileContent, index, 4); + } + catch + { + return "(Unknown Version)"; + } + } + } +} \ No newline at end of file diff --git a/README.md b/README.md index 6a0fdc56..95c80820 100644 --- a/README.md +++ b/README.md @@ -74,6 +74,7 @@ Below is a list of the protections that can be detected using this code: - TAGES (mostly complete) - TZCopyProtector - Uplay (partial) +- UPX - VOB ProtectCD/DVD - Winlock - WISE Installer