Move protection scans to their own library

This change also removes a couple of things from `BurnOutSharp.Tools.Utilities` that are no longer needed there. Linear executables are included in the scanning classes. Update the guides accordingly.
This commit is contained in:
Matt Nadareski
2023-03-09 23:19:27 -05:00
parent a3567d6eb2
commit e118418a23
104 changed files with 285 additions and 213 deletions

View File

@@ -14,6 +14,6 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="lex">LinearExecutable representing the read-in file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>String containing any protections found in the file</returns>
string CheckNewExecutable(string file, LinearExecutable lex, bool includeDebug);
string CheckLinearExecutable(string file, LinearExecutable lex, bool includeDebug);
}
}

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// TODO: Figure out how to get version numbers
public class ActiveMARK : IContentCheck, IPortableExecutableCheck

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// AegiSoft License Manager was made AegiSoft, which was later bought by Real Networks, the makes of RealArcade (https://www.crunchbase.com/organization/aegisoft).

View File

@@ -1,4 +1,4 @@
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class AlphaAudio
{

View File

@@ -3,7 +3,7 @@ using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// Alpha-DVD is a DVD-Video copy protection created by SETTEC.

View File

@@ -3,7 +3,7 @@ using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// Alpha-ROM is a form of copy protection created by SETTEC. It is known to make use of twin sectors as well as region locking.

View File

@@ -4,7 +4,7 @@ using System.IO;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// Bitpool is a copy protection found most commonly in German releases.

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// ByteShield, Inc. (https://web.archive.org/web/20070216191623/http://www.byteshield.net/) was founded in 2004 (https://www.apollo.io/companies/ByteShield--Inc-/54a1357069702d4494ab9b00).
@@ -51,22 +51,22 @@ namespace BurnOutSharp.ProtectionType
// Found in "LineRider2.exe" in Redump entry 6236
string name = pex.FileDescription;
if (name?.Equals("ByteShield Client") == true)
return $"ByteShield Activation Client {Tools.Utilities.GetInternalVersion(pex)}";
return $"ByteShield Activation Client {pex.GetInternalVersion()}";
// Found in "LineRider2.exe" in Redump entry 6236
name = pex.InternalName;
if (name?.Equals("ByteShield") == true)
return $"ByteShield Activation Client {Tools.Utilities.GetInternalVersion(pex)}";
return $"ByteShield Activation Client {pex.GetInternalVersion()}";
// Found in "LineRider2.exe" in Redump entry 6236
name = pex.OriginalFilename;
if (name?.Equals("ByteShield.EXE") == true)
return $"ByteShield Activation Client {Tools.Utilities.GetInternalVersion(pex)}";
return $"ByteShield Activation Client {pex.GetInternalVersion()}";
// Found in "LineRider2.exe" in Redump entry 6236
name = pex.ProductName;
if (name?.Equals("ByteShield Client") == true)
return $"ByteShield Activation Client {Tools.Utilities.GetInternalVersion(pex)}";
return $"ByteShield Activation Client {pex.GetInternalVersion()}";
// Found in "ByteShield.dll" in Redump entry 6236
name = pex.ExportTable?.ExportDirectoryTable?.Name;
@@ -76,7 +76,7 @@ namespace BurnOutSharp.ProtectionType
// Found in "LineRider2.exe" in Redump entry 6236
var stMatch = pex.FindStringTableByEntry("ByteShield");
if (stMatch.Any())
return $"ByteShield Activation Client {Tools.Utilities.GetInternalVersion(pex)}";
return $"ByteShield Activation Client {pex.GetInternalVersion()}";
// Found in "LineRider2.exe" in Redump entry 6236
var dbMatch = pex.FindDialogByTitle("About ByteShield");

View File

@@ -1,7 +1,7 @@
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class CDCheck : IPortableExecutableCheck
{

View File

@@ -7,7 +7,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// TODO: Investigate "Cops Copylock II" (https://www.cbmstuff.com/forum/showthread.php?tid=488).

View File

@@ -6,7 +6,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// CD-Guard is a DRM from Russia that's similar to CD-Cops and may be related to StarForce, meaning it likely needs DPM.

View File

@@ -2,7 +2,7 @@
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class CDKey : IPortableExecutableCheck
{

View File

@@ -4,7 +4,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// CD-Lock (https://www.cdmediaworld.com/hardware/cdrom/cd_protections_dummy_files.shtml) is a copy protection most commonly used in Europe and active from 1998-2001 that seems to have a resemblance to Bitpool in a few ways.

View File

@@ -3,7 +3,7 @@ using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// CD-Protector is a form of DRM that allows users to create their own copy protected discs.

View File

@@ -3,7 +3,7 @@ using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class CDSHiELDSE : IPortableExecutableCheck
{

View File

@@ -3,7 +3,7 @@ using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class CDX : IPathCheck
{

View File

@@ -3,7 +3,7 @@ using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class CactusDataShield : IContentCheck
{

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// Cenega ProtectDVD is a protection seemingly created by the publisher Cenega for use with their games.

View File

@@ -6,7 +6,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// Code-Lock by ChosenBytes (https://web.archive.org/web/20040225072021/http://chosenbytes.com/) is a form of DRM that protects Visual Basic and .NET programs.

View File

@@ -3,7 +3,7 @@ using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class CopyKiller : IContentCheck, IPathCheck
{

View File

@@ -2,7 +2,7 @@ using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// CopyLok (AKA CodeLok) is a DRM created by PAN Technology (https://web.archive.org/web/19991117100625/http://www.pantechnology.com/).

View File

@@ -1,7 +1,7 @@
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// http://www.crypkey.com/products/cdlock/cdmain.html
// https://github.com/horsicq/Detect-It-Easy/blob/master/db/PE/CrypKey%20Installer.1.sg

View File

@@ -3,7 +3,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// TODO: Do more research into the Cucko protection:
// - Reference to `EASTL` and `EAStdC` are standard for EA products and does not indicate Cucko by itself

View File

@@ -1,4 +1,4 @@
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class DBB
{

View File

@@ -3,7 +3,7 @@ using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class DVDCrypt : IPathCheck
{

View File

@@ -4,7 +4,7 @@ using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// TODO: Figure out how to use path check framework here
public class DVDMoviePROTECT : IPathCheck

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// Denuvo (https://irdeto.com/denuvo/) is a family of DRM originally created in 2014 by Denuvo Software Solutions, which was acquired by Irdeto in 2018 (https://www.gamesindustry.biz/irdeto-acquires-denuvo-in-bid-to-beef-up-security-in-the-games-industry).

View File

@@ -4,7 +4,7 @@ using System.IO;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class DinamicMultimedia : IPathCheck
{

View File

@@ -1,4 +1,4 @@
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class DiscAudit
{

View File

@@ -1,12 +1,13 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// DiscGuard (https://web.archive.org/web/19990208210940/http://www.ttrtech.com/discgard.htm) was a copy protection created by TTR (https://web.archive.org/web/19981212021829/http://ttrtech.com/) for protecting software.
@@ -181,7 +182,7 @@ namespace BurnOutSharp.ProtectionType
private string GetVersion(PortableExecutable pex)
{
// Check the internal versions
string version = Tools.Utilities.GetInternalVersion(pex);
string version = pex.GetInternalVersion();
if (!string.IsNullOrEmpty(version))
return version;
@@ -192,11 +193,27 @@ namespace BurnOutSharp.ProtectionType
private string GetVersion(string file, byte[] fileContent, List<int> positions)
{
// Check the internal versions
string version = Tools.Utilities.GetInternalVersion(file);
string version = GetInternalVersion(file, null);
if (!string.IsNullOrEmpty(version))
return version;
return string.Empty;
}
private string GetInternalVersion(string firstMatchedString, IEnumerable<string> files)
{
try
{
using (Stream fileStream = File.Open(firstMatchedString, FileMode.Open, FileAccess.Read, FileShare.Read))
{
var pex = PortableExecutable.Create(fileStream);
return pex.GetInternalVersion();
}
}
catch
{
return string.Empty;
}
}
}
}

View File

@@ -1,4 +1,4 @@
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class DocLoc
{

View File

@@ -4,7 +4,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// Easy Anti-Cheat is a form of DRM created by Kamu in 2006 (and later acquired by Epic Games in 2018) that prevents cheating in multiplayer games.

View File

@@ -4,7 +4,7 @@ using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class ElectronicArts : IPortableExecutableCheck
{
@@ -18,20 +18,20 @@ namespace BurnOutSharp.ProtectionType
string name = pex.FileDescription;
if (name?.Contains("EReg MFC Application") == true)
return $"EA CdKey Registration Module {Tools.Utilities.GetInternalVersion(pex)}";
return $"EA CdKey Registration Module {pex.GetInternalVersion()}";
else if (name?.Contains("Registration code installer program") == true)
return $"EA CdKey Registration Module {Tools.Utilities.GetInternalVersion(pex)}";
return $"EA CdKey Registration Module {pex.GetInternalVersion()}";
else if (name?.Equals("EA DRM Helper", StringComparison.OrdinalIgnoreCase) == true)
return $"EA DRM Protection {Tools.Utilities.GetInternalVersion(pex)}";
return $"EA DRM Protection {pex.GetInternalVersion()}";
name = pex.InternalName;
if (name?.Equals("CDCode", StringComparison.Ordinal) == true)
return $"EA CdKey Registration Module {Tools.Utilities.GetInternalVersion(pex)}";
return $"EA CdKey Registration Module {pex.GetInternalVersion()}";
if (pex.FindDialogByTitle("About CDKey").Any())
return $"EA CdKey Registration Module {Tools.Utilities.GetInternalVersion(pex)}";
return $"EA CdKey Registration Module {pex.GetInternalVersion()}";
else if (pex.FindGenericResource("About CDKey").Any())
return $"EA CdKey Registration Module {Tools.Utilities.GetInternalVersion(pex)}";
return $"EA CdKey Registration Module {pex.GetInternalVersion()}";
// Get the .data/DATA section strings, if they exist
List<string> strs = pex.GetFirstSectionStrings(".data") ?? pex.GetFirstSectionStrings("DATA");

View File

@@ -1,4 +1,4 @@
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class FADE
{

View File

@@ -3,7 +3,7 @@ using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// Freelock is software intended to allow users to burn a copy protected PSX CD-R.

View File

@@ -20,9 +20,9 @@ namespace BurnOutSharp.ProtectionType
string name = pex.FileDescription;
if (name?.StartsWith("Games for Windows - LIVE Zero Day Piracy Protection", StringComparison.OrdinalIgnoreCase) == true)
return $"Games for Windows LIVE - Zero Day Piracy Protection Module {Tools.Utilities.GetInternalVersion(pex)}";
return $"Games for Windows LIVE - Zero Day Piracy Protection Module {pex.GetInternalVersion()}";
else if (name?.StartsWith("Games for Windows", StringComparison.OrdinalIgnoreCase) == true)
return $"Games for Windows LIVE {Tools.Utilities.GetInternalVersion(pex)}";
return $"Games for Windows LIVE {pex.GetInternalVersion()}";
// Get the import directory table
if (pex.ImportTable?.ImportDirectoryTable != null)

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// Gefest Protection System is a completely unknown protection. There is only one known sample (Redump entry 93700), and no useful information online that's been found as of yet.

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// HexaLock AutoLock was a copy protection scheme that requied users to buy so-called "CD-RX" media that contained a special session pre-burned to it in order to burn their protect media.

View File

@@ -1,11 +1,12 @@
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// Note that this set of checks also contains "Stardock Product Activation"
// This is intentional, as that protection is highly related to Impulse Reactor
@@ -21,15 +22,15 @@ namespace BurnOutSharp.ProtectionType
string name = pex.FileDescription;
if (name?.Contains("ImpulseReactor Dynamic Link Library") == true)
return $"Impulse Reactor Core Module {Tools.Utilities.GetInternalVersion(pex)}";
return $"Impulse Reactor Core Module {pex.GetInternalVersion()}";
name = pex.ProductName;
if (name?.Contains("ImpulseReactor Dynamic Link Library") == true)
return $"Impulse Reactor Core Module {Tools.Utilities.GetInternalVersion(pex)}";
return $"Impulse Reactor Core Module {pex.GetInternalVersion()}";
name = pex.OriginalFilename;
if (name?.Contains("ReactorActivate.exe") == true)
return $"Stardock Product Activation {Tools.Utilities.GetInternalVersion(pex)}";
return $"Stardock Product Activation {pex.GetInternalVersion()}";
// TODO: Check for CVP* instead?
bool containsCheck = pex.ExportNameTable?.Any(s => s?.StartsWith("CVPInitializeClient") ?? false) ?? false;
@@ -45,7 +46,7 @@ namespace BurnOutSharp.ProtectionType
}
if (containsCheck && containsCheck2)
return $"Impulse Reactor Core Module {Tools.Utilities.GetInternalVersion(pex)}";
return $"Impulse Reactor Core Module {pex.GetInternalVersion()}";
else if (containsCheck && !containsCheck2)
return $"Impulse Reactor";
@@ -57,8 +58,8 @@ namespace BurnOutSharp.ProtectionType
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("ImpulseReactor.dll", useEndsWith: true), Tools.Utilities.GetInternalVersion, "Impulse Reactor Core Module"),
new PathMatchSet(new PathMatch("ReactorActivate.exe", useEndsWith: true), Tools.Utilities.GetInternalVersion, "Stardock Product Activation"),
new PathMatchSet(new PathMatch("ImpulseReactor.dll", useEndsWith: true), GetInternalVersion, "Impulse Reactor Core Module"),
new PathMatchSet(new PathMatch("ReactorActivate.exe", useEndsWith: true), GetInternalVersion, "Stardock Product Activation"),
};
return MatchUtil.GetAllMatches(files, matchers, any: true);
@@ -69,11 +70,27 @@ namespace BurnOutSharp.ProtectionType
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("ImpulseReactor.dll", useEndsWith: true), Tools.Utilities.GetInternalVersion, "Impulse Reactor Core Module"),
new PathMatchSet(new PathMatch("ReactorActivate.exe", useEndsWith: true), Tools.Utilities.GetInternalVersion, "Stardock Product Activation"),
new PathMatchSet(new PathMatch("ImpulseReactor.dll", useEndsWith: true), GetInternalVersion, "Impulse Reactor Core Module"),
new PathMatchSet(new PathMatch("ReactorActivate.exe", useEndsWith: true), GetInternalVersion, "Stardock Product Activation"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);
}
private string GetInternalVersion(string firstMatchedString, IEnumerable<string> files)
{
try
{
using (Stream fileStream = File.Open(firstMatchedString, FileMode.Open, FileAccess.Read, FileShare.Read))
{
var pex = PortableExecutable.Create(fileStream);
return pex.GetInternalVersion();
}
}
catch
{
return string.Empty;
}
}
}
}

View File

@@ -3,7 +3,7 @@ using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// http://www.vsubhash.in/ubuntu-gnome-diary.html#play_copy_protected_vcds_indygenius_indyvcd
// https://forum.videohelp.com/threads/241664-How-to-copy-this-vcd

View File

@@ -2,7 +2,7 @@
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class Intenium : IPortableExecutableCheck
{

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// Interesting note: the former protection "Xtreme-Protector" was found to be a
// subset of the JoWood X-Prot checks, more specifically the XPROT section check

View File

@@ -1,4 +1,4 @@
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// Key2Audio is an audio CD copy protection created by Sony. The initial version, simply called key2audio, appears to simply attempt to make the disc unplayable on a computer.

View File

@@ -2,7 +2,7 @@
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class KeyLock : IContentCheck
{

View File

@@ -7,7 +7,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// LabelGate CD is a copy protection used by Sony in some Japanese CD releases. There are at least two distinct versions, characterized by the presence of either "MAGIQLIP" or "MAGIQLIP2".

View File

@@ -7,7 +7,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class LaserLok : IPathCheck, IPortableExecutableCheck
{

View File

@@ -3,7 +3,7 @@ using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class MGIRegistration : IPortableExecutableCheck
{
@@ -19,7 +19,7 @@ namespace BurnOutSharp.ProtectionType
// Found in "Register.dll" in IA item "MGIPhotoSuite4.0AndPhotoVista2.02001".
if (name?.Equals("MGI Registration Utility", StringComparison.Ordinal) == true)
return $"MGI Registration {Tools.Utilities.GetInternalVersion(pex)}";
return $"MGI Registration {pex.GetInternalVersion()}";
// Found in "Register.dll" from "VideoWaveIII" in IA item "mgi-videowave-iii-version-3.00-mgi-software-2000".
var resources = pex.FindStringTableByEntry("MGI Registration");

View File

@@ -5,7 +5,7 @@ using System.Linq;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// C-Dilla (https://web.archive.org/web/19980204101314/http://www.c-dilla.com/).

View File

@@ -7,7 +7,7 @@ using System.Text;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// CactusDataShield was a copy protection originally developed by Midbar Technologies, which was then purchased by Macrovision in 2002 (https://variety.com/2002/digital/news/macrovision-acquires-midbar-cuts-ttr-link-1117875824/).

View File

@@ -1,7 +1,7 @@
using System;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// This is a placeholder FLEXnet (sub-Macrovision) specific functionality

View File

@@ -5,7 +5,7 @@ using System.Linq;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// SafeCast is in the same family of protections as SafeDisc, and appears to mainly be for license management, and doesn't appear to affect the mastering of the disc in any way.

View File

@@ -7,7 +7,7 @@ using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
using static BinaryObjectScanner.Utilities.Hashing;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// SafeDisc is an incredibly commonly used copy protection created by Macrovision and C-Dilla in 1998 (https://www.thefreelibrary.com/MACROVISION+ACQUIRES+C-DILLA+CD-ROM+TECHNOLOGIES+DEVELOPER-a055217923).

View File

@@ -8,7 +8,7 @@ using BinaryObjectScanner.Utilities;
using BinaryObjectScanner.Wrappers;
using System;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// This is a placeholder for all Macrovision-based protections. See partial classes for more details

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// MediaCloQ was a copy protection created by SunnComm to protect music CDs. It's a multisession CD, and all the audio tracks are erroneously marked as data tracks.

View File

@@ -6,7 +6,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// MediaMax CD-3 is a copy protection for audio CDs created by SunnComm, which once installed, restricted users by only allowing a limited number of copies to be made, and only using Windows Media Player.

View File

@@ -1,4 +1,4 @@
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class MusicGuard
{

View File

@@ -17,7 +17,7 @@ namespace BurnOutSharp.ProtectionType
// TODO: Is this too broad in general?
string name = pex.InternalName;
if (name?.StartsWith("EReg", StringComparison.OrdinalIgnoreCase) == true)
return $"Executable-Based Online Registration {Tools.Utilities.GetInternalVersion(pex)}";
return $"Executable-Based Online Registration {pex.GetInternalVersion()}";
return null;
}

View File

@@ -6,7 +6,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// OpenMG is a form of DRM created by Sony to control how music is copied and listened to on PC.

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class Origin : IPathCheck, IPortableExecutableCheck
{

View File

@@ -2,7 +2,7 @@
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class PSXAntiModchip : IContentCheck
{

View File

@@ -1,4 +1,4 @@
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class phenoProtect
{

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// PlayJ (https://web.archive.org/web/20000815053956/http://www.playj.com/) by EverAd was a form of DRM protected audio that was intended to be distributed freely, but that showed advertisements to the listener.

View File

@@ -4,7 +4,7 @@ using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// TODO: Figure out how to use path check framework here
public class ProtectDVDVideo : IPathCheck

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// This protection was called VOB ProtectCD / ProtectDVD in versions prior to 6
public class ProtectDISC : IPortableExecutableCheck

View File

@@ -6,7 +6,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// Rainbow Technologies Sentinel (https://www.rainbow.com.my) is a family of DRM products.

View File

@@ -3,7 +3,7 @@ using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// Renamed to ProRing at some point
// TODO: Investigate Redump entry 82475, which PiD detects as having "Optgraph Copy-X / Ring-Protech".

View File

@@ -1,4 +1,4 @@
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class SAFEAUDIO
{

View File

@@ -1,7 +1,7 @@
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// TODO: Figure out how versions/version ranges work for this protection
// https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt

View File

@@ -4,7 +4,7 @@ using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// https://www.cdrinfo.pl/cdr/porady/safelock/safelock.php3
// Notes for possible future content checks:

View File

@@ -7,7 +7,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// TODO: Investigate SecuROM for Macintosh
public class SecuROM : IPathCheck, IPortableExecutableCheck
@@ -22,15 +22,15 @@ namespace BurnOutSharp.ProtectionType
string name = pex.FileDescription;
if (name?.Contains("SecuROM PA") == true)
return $"SecuROM Product Activation v{Tools.Utilities.GetInternalVersion(pex)}";
return $"SecuROM Product Activation v{pex.GetInternalVersion()}";
name = pex.OriginalFilename;
if (name?.Equals("paul_dll_activate_and_play.dll") == true)
return $"SecuROM Product Activation v{Tools.Utilities.GetInternalVersion(pex)}";
return $"SecuROM Product Activation v{pex.GetInternalVersion()}";
name = pex.ProductName;
if (name?.Contains("SecuROM Activate & Play") == true)
return $"SecuROM Product Activation v{Tools.Utilities.GetInternalVersion(pex)}";
return $"SecuROM Product Activation v{pex.GetInternalVersion()}";
// Get the matrosch section, if it exists
bool matroschSection = pex.ContainsSection("matrosch", exact: true);

View File

@@ -6,7 +6,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class SmartE : IPathCheck, IPortableExecutableCheck
{

View File

@@ -5,7 +5,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <see href="https://zhidao.baidu.com/question/211454017.html"/>
/// <see href="https://bbs.pediy.com/thread-62414-3.htm"/>

View File

@@ -25,10 +25,10 @@ namespace BurnOutSharp.ProtectionType
string name = pex.FileDescription;
if (name?.StartsWith("DVM Library", StringComparison.OrdinalIgnoreCase) == true)
return $"SolidShield {Tools.Utilities.GetInternalVersion(pex)}";
return $"SolidShield {pex.GetInternalVersion()}";
else if (name?.StartsWith("Solidshield Activation Library", StringComparison.OrdinalIgnoreCase) == true)
return $"SolidShield Core.dll {Tools.Utilities.GetInternalVersion(pex)}";
return $"SolidShield Core.dll {pex.GetInternalVersion()}";
else if (name?.StartsWith("Activation Manager", StringComparison.OrdinalIgnoreCase) == true)
return $"SolidShield Activation Manager Module {GetInternalVersion(pex)}";
@@ -39,10 +39,10 @@ namespace BurnOutSharp.ProtectionType
name = pex.ProductName;
if (name?.StartsWith("Solidshield Activation Library", StringComparison.OrdinalIgnoreCase) == true)
return $"SolidShield Core.dll {Tools.Utilities.GetInternalVersion(pex)}";
return $"SolidShield Core.dll {pex.GetInternalVersion()}";
else if (name?.StartsWith("Solidshield Library", StringComparison.OrdinalIgnoreCase) == true)
return $"SolidShield Core.dll {Tools.Utilities.GetInternalVersion(pex)}";
return $"SolidShield Core.dll {pex.GetInternalVersion()}";
else if (name?.StartsWith("Activation Manager", StringComparison.OrdinalIgnoreCase) == true)
return $"SolidShield Activation Manager Module {GetInternalVersion(pex)}";
@@ -194,7 +194,7 @@ namespace BurnOutSharp.ProtectionType
{
string companyName = pex.CompanyName?.ToLowerInvariant();
if (!string.IsNullOrWhiteSpace(companyName) && (companyName.Contains("solidshield") || companyName.Contains("tages")))
return Tools.Utilities.GetInternalVersion(pex);
return pex.GetInternalVersion();
return null;
}

View File

@@ -6,7 +6,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class StarForce : IPathCheck, IPortableExecutableCheck
{
@@ -27,16 +27,16 @@ namespace BurnOutSharp.ProtectionType
string name = pex.LegalCopyright;
if (name?.StartsWith("(c) Protection Technology") == true) // (c) Protection Technology (StarForce)?
return $"StarForce {Tools.Utilities.GetInternalVersion(pex)}";
return $"StarForce {pex.GetInternalVersion()}";
else if (name?.Contains("Protection Technology") == true) // Protection Technology (StarForce)?
return $"StarForce {Tools.Utilities.GetInternalVersion(pex)}";
return $"StarForce {pex.GetInternalVersion()}";
// TODO: Decide if internal name checks are safe to use.
name = pex.InternalName;
// Found in "protect.x64" and "protect.x86" in Redump entry 94805.
if (name?.Equals("CORE.ADMIN", StringComparison.Ordinal) == true)
return $"StarForce {Tools.Utilities.GetInternalVersion(pex)}";
return $"StarForce {pex.GetInternalVersion()}";
// These checks currently disabled due being possibly too generic:
@@ -56,7 +56,7 @@ namespace BurnOutSharp.ProtectionType
{
// TODO: Should we just check for "PSA_*" instead of a single entry?
if (pex.ExportNameTable.Any(s => s == "PSA_GetDiscLabel"))
return $"StarForce {Tools.Utilities.GetInternalVersion(pex)}";
return $"StarForce {pex.GetInternalVersion()}";
}
// TODO: Find what fvinfo field actually maps to this
@@ -69,15 +69,15 @@ namespace BurnOutSharp.ProtectionType
// Found in "protect.exe" in Redump entry 94805.
if (name?.Contains("FrontLine Protection GUI Application") == true)
return $"StarForce {Tools.Utilities.GetInternalVersion(pex)}";
return $"StarForce {pex.GetInternalVersion()}";
// Found in "protect.dll" in Redump entry 94805.
if (name?.Contains("FrontLine Protection Library") == true)
return $"StarForce {Tools.Utilities.GetInternalVersion(pex)}";
return $"StarForce {pex.GetInternalVersion()}";
// Found in "protect.x64" and "protect.x86" in Redump entry 94805.
if (name?.Contains("FrontLine Helper") == true)
return $"StarForce {Tools.Utilities.GetInternalVersion(pex)}";
return $"StarForce {pex.GetInternalVersion()}";
// TODO: Find a sample of this check.
if (name?.Contains("Protected Module") == true)

View File

@@ -4,7 +4,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class Steam : IPathCheck, IPortableExecutableCheck
{
@@ -22,7 +22,7 @@ namespace BurnOutSharp.ProtectionType
else if (!string.IsNullOrEmpty(name) && name.Contains("Steam Client API"))
return "Steam";
else if (!string.IsNullOrEmpty(name) && name.Contains("Steam Client Engine"))
return $"Steam Client Engine {Tools.Utilities.GetInternalVersion(pex)}";
return $"Steam Client Engine {pex.GetInternalVersion()}";
else if (!string.IsNullOrEmpty(name) && name.Contains("Steam Client Service"))
return "Steam";

View File

@@ -4,7 +4,7 @@ using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class Sysiphus : IPortableExecutableCheck
{

View File

@@ -3,7 +3,7 @@ using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// TZCopyProtection allows users to alter image files so they can be used to burn copy protected CD-Rs.

View File

@@ -213,7 +213,7 @@ namespace BurnOutSharp.ProtectionType
private string GetVersion(PortableExecutable pex)
{
// Check the internal versions
string version = Tools.Utilities.GetInternalVersion(pex);
string version = pex.GetInternalVersion();
if (!string.IsNullOrEmpty(version))
return version;

View File

@@ -1,4 +1,4 @@
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class TheBongle
{

View File

@@ -1,4 +1,4 @@
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class TheCopyProtectedCD
{

View File

@@ -3,7 +3,7 @@ using System.Linq;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// Protection created by Oreans and in use since at least before 2009. Known to be used in Book/Music Collector (http://www.alwinhoogerdijk.com/2009/12/24/protecting-software-with-themida/).

View File

@@ -1,7 +1,7 @@
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <remarks>
/// PiD only looks for the `.ldr` section, from testing

View File

@@ -2,7 +2,7 @@
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class ThreeTwoOneStudios : IPortableExecutableCheck
{

View File

@@ -4,7 +4,7 @@ using System.IO;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <remarks>
/// This protection needs far more research

View File

@@ -4,7 +4,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// Got renamed to Ubisoft Connect / Ubisoft Game Launcher
public class Uplay : IPathCheck, IPortableExecutableCheck

View File

@@ -6,7 +6,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// The Windows Media Data Session Toolkit was created as a form of DRM for audio CDs (and supposedly DVDs, but with no standard for multiple sessions existing for pressed DVDs, this seems unlikely), which ultimately acts a framework

View File

@@ -6,7 +6,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
public class WTMCDProtect : IPathCheck, IPortableExecutableCheck
{

View File

@@ -3,7 +3,7 @@ using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// WinLock (by B16MCC) is a program that allows the user to create a CD-R with intentional errors.

View File

@@ -3,11 +3,11 @@ using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using BurnOutSharp.FileType;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Utilities;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// TODO: Figure out how to use path check framework here
public class XCP : IPathCheck, IPortableExecutableCheck

View File

@@ -4,7 +4,7 @@ using System.IO;
using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
// All current known info: https://web.archive.org/web/20190601101221mp_/https://fileforums.com/showthread.php?t=91941
public class Zzxzz : IPathCheck

View File

@@ -4,7 +4,7 @@ using BinaryObjectScanner.Interfaces;
using BinaryObjectScanner.Matching;
using BinaryObjectScanner.Wrappers;
namespace BurnOutSharp.ProtectionType
namespace BinaryObjectScanner.Protection
{
/// <summary>
/// nProtect (AKA INCA Internet) (https://nprotect.com/) is a Korean software company that produces several DRM products.
@@ -42,37 +42,37 @@ namespace BurnOutSharp.ProtectionType
// Found in "GameGuard.des" in Redump entry 90526 and 99598.
if (name?.Contains("nProtect GameGuard Launcher") == true)
return $"nProtect GameGuard ({Tools.Utilities.GetInternalVersion(pex)})";
return $"nProtect GameGuard ({pex.GetInternalVersion()})";
// Found in "npkcrypt.dll" in Redump entry 90526.
if (name?.Contains("nProtect KeyCrypt Driver Support Dll") == true)
return $"nProtect KeyCrypt ({Tools.Utilities.GetInternalVersion(pex)})";
return $"nProtect KeyCrypt ({pex.GetInternalVersion()})";
// Found in "npkcrypt.sys" and "npkcusb.sys" in Redump entry 90526.
if (name?.Contains("nProtect KeyCrypt Driver") == true)
return $"nProtect KeyCrypt ({Tools.Utilities.GetInternalVersion(pex)})";
return $"nProtect KeyCrypt ({pex.GetInternalVersion()})";
// Found in "npkpdb.dll" in Redump entry 90526.
if (name?.Contains("nProtect KeyCrypt Program Database DLL") == true)
return $"nProtect KeyCrypt ({Tools.Utilities.GetInternalVersion(pex)})";
return $"nProtect KeyCrypt ({pex.GetInternalVersion()})";
name = pex.ProductName;
// Found in "GameGuard.des" in Redump entry 90526 and 99598.
if (name?.Contains("nProtect GameGuard Launcher") == true)
return $"nProtect GameGuard ({Tools.Utilities.GetInternalVersion(pex)})";
return $"nProtect GameGuard ({pex.GetInternalVersion()})";
// Found in "npkcrypt.dll" in Redump entry 90526.
if (name?.Contains("nProtect KeyCrypt Driver Support Dll") == true)
return $"nProtect KeyCrypt ({Tools.Utilities.GetInternalVersion(pex)})";
return $"nProtect KeyCrypt ({pex.GetInternalVersion()})";
// Found in "npkcrypt.sys" and "npkcusb.sys" in Redump entry 90526.
if (name?.Contains("nProtect KeyCrypt Driver") == true)
return $"nProtect KeyCrypt ({Tools.Utilities.GetInternalVersion(pex)})";
return $"nProtect KeyCrypt ({pex.GetInternalVersion()})";
// Found in "npkpdb.dll" in Redump entry 90526.
if (name?.Contains("nProtect KeyCrypt Program Database DLL") == true)
return $"nProtect KeyCrypt ({Tools.Utilities.GetInternalVersion(pex)})";
return $"nProtect KeyCrypt ({pex.GetInternalVersion()})";
return null;
}

View File

@@ -4,7 +4,7 @@ using System.Collections.Generic;
using System.IO;
using System.Linq;
namespace BurnOutSharp.FileType
namespace BinaryObjectScanner.Utilities
{
/// <summary>
/// Key-value pair INI file

View File

@@ -837,6 +837,28 @@ namespace BinaryObjectScanner.Wrappers
/// </summary>
public string TradeName => GetVersionInfoString(key: "TradeName");
/// <summary>
/// Get the internal version as reported by the resources
/// </summary>
/// <returns>Version string, null on error</returns>
/// <remarks>The internal version is either the file version, product version, or assembly version, in that order</remarks>
public string GetInternalVersion()
{
string version = this.FileVersion;
if (!string.IsNullOrWhiteSpace(version))
return version.Replace(", ", ".");
version = this.ProductVersion;
if (!string.IsNullOrWhiteSpace(version))
return version.Replace(", ", ".");
version = this.AssemblyVersion;
if (!string.IsNullOrWhiteSpace(version))
return version;
return null;
}
#endregion
#region Manifest Information

View File

@@ -78,6 +78,10 @@
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
<PrivateAssets>all</PrivateAssets>
</ProjectReference>
<ProjectReference Include="..\BinaryObjectScanner.Protection\BinaryObjectScanner.Protection.csproj">
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
<PrivateAssets>all</PrivateAssets>
</ProjectReference>
<ProjectReference Include="..\BinaryObjectScanner.Utilities\BinaryObjectScanner.Utilities.csproj">
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
<PrivateAssets>all</PrivateAssets>

View File

@@ -174,7 +174,51 @@ namespace BurnOutSharp.FileType
// If we have a Linear Executable
else if (wrapper is LinearExecutable lex)
{
// No-op
Parallel.ForEach(ScanningClasses.LinearExecutableCheckClasses, contentCheckClass =>
{
// Check using custom content checks first
string protection = contentCheckClass.CheckLinearExecutable(file, lex, scanner.IncludeDebug);
if (ShouldAddProtection(contentCheckClass, scanner.ScanPackers, protection))
AppendToDictionary(protections, file, protection);
// If we have an IExtractable implementation
if (contentCheckClass is IExtractable extractable)
{
if (file == null || string.IsNullOrEmpty(protection))
return;
// If the extractable file itself fails
try
{
// Extract and get the output path
string tempPath = extractable.Extract(stream, file, scanner.IncludeDebug);
if (tempPath != null)
return;
// Collect and format all found protections
var subProtections = scanner.GetProtections(tempPath);
// If temp directory cleanup fails
try
{
Directory.Delete(tempPath, true);
}
catch (Exception ex)
{
if (scanner.IncludeDebug) Console.WriteLine(ex);
}
// Prepare the returned protections
StripFromKeys(protections, tempPath);
PrependToKeys(subProtections, file);
AppendToDictionary(protections, subProtections);
}
catch (Exception ex)
{
if (scanner.IncludeDebug) Console.WriteLine(ex);
}
}
});
}
// If we have a Portable Executable

View File

@@ -59,7 +59,7 @@ namespace BurnOutSharp.PackerType
return version;
// Check the internal versions
version = Tools.Utilities.GetInternalVersion(pex);
version = pex.GetInternalVersion();
if (!string.IsNullOrEmpty(version))
return version;

View File

@@ -49,7 +49,7 @@ namespace BurnOutSharp.PackerType
private string GetVersion(PortableExecutable pex)
{
// Check the internal versions
string version = Tools.Utilities.GetInternalVersion(pex);
string version = pex.GetInternalVersion();
if (!string.IsNullOrEmpty(version))
return version;

View File

@@ -20,14 +20,14 @@ namespace BurnOutSharp.PackerType
if (name?.Equals("Intel(R) Installation Framework", StringComparison.OrdinalIgnoreCase) == true
|| name?.Equals("Intel Installation Framework", StringComparison.OrdinalIgnoreCase) == true)
{
return $"Intel Installation Framework {Tools.Utilities.GetInternalVersion(pex)}";
return $"Intel Installation Framework {pex.GetInternalVersion()}";
}
name = pex.ProductName;
if (name?.Equals("Intel(R) Installation Framework", StringComparison.OrdinalIgnoreCase) == true
|| name?.Equals("Intel Installation Framework", StringComparison.OrdinalIgnoreCase) == true)
{
return $"Intel Installation Framework {Tools.Utilities.GetInternalVersion(pex)}";
return $"Intel Installation Framework {pex.GetInternalVersion()}";
}
return null;

View File

@@ -69,7 +69,7 @@ namespace BurnOutSharp.PackerType
private string GetVersion(PortableExecutable pex)
{
// Check the internal versions
string version = Tools.Utilities.GetInternalVersion(pex);
string version = pex.GetInternalVersion();
if (!string.IsNullOrWhiteSpace(version))
return $"v{version}";

View File

@@ -64,7 +64,7 @@ namespace BurnOutSharp.PackerType
return version;
// Check the internal versions
version = Tools.Utilities.GetInternalVersion(pex);
version = pex.GetInternalVersion();
if (!string.IsNullOrEmpty(version))
return version;

Some files were not shown because too many files have changed in this diff Show More