Better naming

This commit is contained in:
Matt Nadareski
2022-05-01 17:17:15 -07:00
parent 2dd3e21ea6
commit f9f2e0d932
65 changed files with 149 additions and 170 deletions

View File

@@ -93,7 +93,7 @@ namespace BurnOutSharp.FileType
{
Parallel.ForEach(ScanningClasses.ContentCheckClasses, contentCheckClass =>
{
string protection = contentCheckClass.CheckContents(file, fileContent, scanner.IncludeDebug, pex, nex);
string protection = contentCheckClass.CheckContents(file, fileContent, scanner.IncludeDebug);
if (ShouldAddProtection(contentCheckClass, scanner.ScanPackers, protection))
Utilities.AppendToDictionary(protections, file, protection);
@@ -113,10 +113,10 @@ namespace BurnOutSharp.FileType
// If we have a NE executable, iterate through all NE content checks
if (nex?.Initialized == true)
{
Parallel.ForEach(ScanningClasses.NEContentCheckClasses, contentCheckClass =>
Parallel.ForEach(ScanningClasses.NewExecutableCheckClasses, contentCheckClass =>
{
// Check using custom content checks first
string protection = contentCheckClass.CheckNEContents(file, nex, scanner.IncludeDebug);
string protection = contentCheckClass.CheckNewExecutable(file, nex, scanner.IncludeDebug);
if (ShouldAddProtection(contentCheckClass, scanner.ScanPackers, protection))
Utilities.AppendToDictionary(protections, file, protection);
@@ -136,10 +136,10 @@ namespace BurnOutSharp.FileType
// If we have a PE executable, iterate through all PE content checks
if (pex?.Initialized == true)
{
Parallel.ForEach(ScanningClasses.PEContentCheckClasses, contentCheckClass =>
Parallel.ForEach(ScanningClasses.PortableExecutableCheckClasses, contentCheckClass =>
{
// Check using custom content checks first
string protection = contentCheckClass.CheckPEContents(file, pex, scanner.IncludeDebug);
string protection = contentCheckClass.CheckPortableExecutable(file, pex, scanner.IncludeDebug);
if (ShouldAddProtection(contentCheckClass, scanner.ScanPackers, protection))
Utilities.AppendToDictionary(protections, file, protection);

View File

@@ -1,21 +1,14 @@
using BurnOutSharp.ExecutableType.Microsoft.NE;
using BurnOutSharp.ExecutableType.Microsoft.PE;
namespace BurnOutSharp
namespace BurnOutSharp
{
// TODO: This should either include an override that takes a Stream instead of the byte[]
// TODO: This should be retired in lieu of the I*ContentCheck interfaces
internal interface IContentCheck
{
/// <summary>
/// Check a path for protections based on file contents
/// </summary>
/// <param name="pex">PortableExecutable representing the read-in file</param>
/// <param name="file">File to check for protection indicators</param>
/// <param name="fileContent">Byte array representing the file contents</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>String containing any protections found in the file</returns>
/// <remarks>This still includes PE and NE because this is primarily used for debug testing</remarks>
string CheckContents(string file, byte[] fileContent, bool includeDebug, PortableExecutable pex, NewExecutable nex);
string CheckContents(string file, byte[] fileContent, bool includeDebug);
}
}

View File

@@ -2,8 +2,7 @@
namespace BurnOutSharp
{
// TODO: This should either include an override that takes a Stream instead of the byte[]
internal interface INEContentCheck
internal interface INewExecutableCheck
{
/// <summary>
/// Check a path for protections based on file contents
@@ -12,6 +11,6 @@ namespace BurnOutSharp
/// <param name="nex">NewExecutable representing the read-in file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>String containing any protections found in the file</returns>
string CheckNEContents(string file, NewExecutable nex, bool includeDebug);
string CheckNewExecutable(string file, NewExecutable nex, bool includeDebug);
}
}

View File

@@ -2,16 +2,15 @@
namespace BurnOutSharp
{
// TODO: This should either include an override that takes a Stream instead of the byte[]
internal interface IPEContentCheck
internal interface IPortableExecutableCheck
{
/// <summary>
/// Check a path for protections based on file contents
/// </summary>
/// <param name="file">File to check for protection indicators</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <param name="pex">PortableExecutable representing the read-in file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>String containing any protections found in the file</returns>
string CheckPEContents(string file, PortableExecutable pex, bool includeDebug);
string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug);
}
}

View File

@@ -5,10 +5,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.PackerType
{
// TODO: Add extraction and verify that all versions are detected
public class AdvancedInstaller : IPEContentCheck
public class AdvancedInstaller : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -7,10 +7,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.PackerType
{
// TODO: Add version checking, if possible
public class Armadillo : IPEContentCheck
public class Armadillo : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -8,13 +8,13 @@ namespace BurnOutSharp.PackerType
{
// Created by IndigoRose (creators of Setup Factory), primarily to be used to create autorun menus for various media.
// Official website: https://www.autoplay.org/
public class AutoPlayMediaStudio : IPEContentCheck, IScannable
public class AutoPlayMediaStudio : IPortableExecutableCheck, IScannable
{
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -8,13 +8,13 @@ namespace BurnOutSharp.PackerType
{
// The official website for CExe also includes the source code (which does have to be retrieved by the Wayback Machine)
// http://www.scottlu.com/Content/CExe.html
public class CExe : IPEContentCheck, IScannable
public class CExe : IPortableExecutableCheck, IScannable
{
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var stub = pex?.DOSStubHeader;

View File

@@ -1,5 +1,4 @@
using System.Collections.Generic;
using BurnOutSharp.ExecutableType.Microsoft.NE;
using BurnOutSharp.ExecutableType.Microsoft.PE;
using BurnOutSharp.Matching;
@@ -8,10 +7,10 @@ namespace BurnOutSharp.PackerType
// TODO: Figure out how to more granularly determine versions like PiD,
// at least for the 2.41 -> 2.75 range
// TODO: Detect 3.15 and up (maybe looking for `Metamorphism`)
public class EXEStealth : IContentCheck, IPEContentCheck
public class EXEStealth : IContentCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includeDebug, PortableExecutable pex, NewExecutable nex)
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
{
// TODO: Obtain a sample to find where this string is in a typical executable
if (includeDebug)
@@ -36,7 +35,7 @@ namespace BurnOutSharp.PackerType
}
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -5,10 +5,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.PackerType
{
// TODO: Add extraction
public class GenteeInstaller : IPEContentCheck
public class GenteeInstaller : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -10,13 +10,13 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.PackerType
{
public class InnoSetup : INEContentCheck, IPEContentCheck, IScannable
public class InnoSetup : INewExecutableCheck, IPortableExecutableCheck, IScannable
{
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckNEContents(string file, NewExecutable nex, bool includeDebug)
public string CheckNewExecutable(string file, NewExecutable nex, bool includeDebug)
{
// Get the DOS stub from the executable, if possible
var stub = nex?.DOSStubHeader;
@@ -37,7 +37,7 @@ namespace BurnOutSharp.PackerType
}
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -6,13 +6,13 @@ using BurnOutSharp.Tools;
namespace BurnOutSharp.PackerType
{
public class InstallAnywhere : IPEContentCheck, IScannable
public class InstallAnywhere : IPortableExecutableCheck, IScannable
{
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -6,14 +6,14 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.PackerType
{
public class InstallerVISE : IPEContentCheck, IScannable
public class InstallerVISE : IPortableExecutableCheck, IScannable
{
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
//TODO: Add exact version detection for Windows builds, make sure versions before 3.X are detected as well, and detect the Mac builds.
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -5,10 +5,10 @@ using BurnOutSharp.Tools;
namespace BurnOutSharp.PackerType
{
// TODO: Add extraction, seems to primarily use MSZip compression.
public class IntelInstallationFramework : IPEContentCheck
public class IntelInstallationFramework : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -9,13 +9,13 @@ using BurnOutSharp.Tools;
namespace BurnOutSharp.PackerType
{
// TODO: Add extraction, which should be possible with LibMSPackN, but it refuses to extract due to SFX files lacking the typical CAB identifiers.
public class MicrosoftCABSFX : IPEContentCheck, IScannable
public class MicrosoftCABSFX : IPortableExecutableCheck, IScannable
{
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -4,10 +4,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.PackerType
{
public class NSIS : IPEContentCheck
public class NSIS : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -3,10 +3,10 @@
namespace BurnOutSharp.PackerType
{
// TODO: Add extraction and better version detection
public class PECompact : IPEContentCheck
public class PECompact : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -2,10 +2,10 @@
namespace BurnOutSharp.PackerType
{
public class PEtite : IPEContentCheck
public class PEtite : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -6,13 +6,13 @@ using BurnOutSharp.Tools;
namespace BurnOutSharp.PackerType
{
public class SetupFactory : IPEContentCheck, IScannable
public class SetupFactory : IPortableExecutableCheck, IScannable
{
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -5,10 +5,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.PackerType
{
// TODO: Add extraction
public class Shrinker : IPEContentCheck
public class Shrinker : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -5,10 +5,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.PackerType
{
public class UPX : IPEContentCheck
public class UPX : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -10,13 +10,13 @@ using SharpCompress.Archives.Rar;
namespace BurnOutSharp.PackerType
{
public class WinRARSFX : IPEContentCheck, IScannable
public class WinRARSFX : IPortableExecutableCheck, IScannable
{
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -12,13 +12,13 @@ using SharpCompress.Archives.Zip;
namespace BurnOutSharp.PackerType
{
public class WinZipSFX : INEContentCheck, IPEContentCheck, IScannable
public class WinZipSFX : INewExecutableCheck, IPortableExecutableCheck, IScannable
{
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckNEContents(string file, NewExecutable nex, bool includeDebug)
public string CheckNewExecutable(string file, NewExecutable nex, bool includeDebug)
{
// Get the DOS stub from the executable, if possible
var stub = nex?.DOSStubHeader;
@@ -37,7 +37,7 @@ namespace BurnOutSharp.PackerType
}
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -10,13 +10,13 @@ using Wise = WiseUnpacker.WiseUnpacker;
namespace BurnOutSharp.PackerType
{
public class WiseInstaller : INEContentCheck, IPEContentCheck, IScannable
public class WiseInstaller : INewExecutableCheck, IPortableExecutableCheck, IScannable
{
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckNEContents(string file, NewExecutable nex, bool includeDebug)
public string CheckNewExecutable(string file, NewExecutable nex, bool includeDebug)
{
// Get the DOS stub from the executable, if possible
var stub = nex?.DOSStubHeader;
@@ -40,7 +40,7 @@ namespace BurnOutSharp.PackerType
}
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -4,10 +4,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.PackerType
{
public class dotFuscator : IPEContentCheck
public class dotFuscator : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -1,15 +1,14 @@
using System.Collections.Generic;
using BurnOutSharp.ExecutableType.Microsoft.NE;
using BurnOutSharp.ExecutableType.Microsoft.PE;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
// TODO: Figure out how to get version numbers
public class ActiveMARK : IContentCheck, IPEContentCheck
public class ActiveMARK : IContentCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includeDebug, PortableExecutable pex, NewExecutable nex)
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
{
// TODO: Obtain a sample to find where this string is in a typical executable
if (includeDebug)
@@ -32,7 +31,7 @@ namespace BurnOutSharp.ProtectionType
}
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -11,10 +11,10 @@ namespace BurnOutSharp.ProtectionType
// - SETTEC0000SETTEC1111
// - SOFTWARE\SETTEC
// TODO: Are there version numbers?
public class AlphaROM : IPEContentCheck
public class AlphaROM : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -4,10 +4,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class CDCheck : IPEContentCheck
public class CDCheck : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -8,10 +8,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class CDDVDCops : IContentCheck, INEContentCheck, IPEContentCheck, IPathCheck
public class CDDVDCops : IContentCheck, INewExecutableCheck, IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includeDebug, PortableExecutable pex, NewExecutable nex)
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
{
// TODO: Obtain a sample to find where this string is in a typical executable
if (includeDebug)
@@ -41,7 +41,7 @@ namespace BurnOutSharp.ProtectionType
}
/// <inheritdoc/>
public string CheckNEContents(string file, NewExecutable nex, bool includeDebug)
public string CheckNewExecutable(string file, NewExecutable nex, bool includeDebug)
{
// Get the DOS stub from the executable, if possible
var stub = nex?.DOSStubHeader;
@@ -72,7 +72,7 @@ namespace BurnOutSharp.ProtectionType
}
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -3,10 +3,10 @@ using BurnOutSharp.ExecutableType.Microsoft.PE;
namespace BurnOutSharp.ProtectionType
{
public class CDKey : IPEContentCheck
public class CDKey : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -5,10 +5,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class CDLock : IPEContentCheck, IPathCheck
public class CDLock : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -4,10 +4,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class CDSHiELDSE : IPEContentCheck
public class CDSHiELDSE : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -4,16 +4,15 @@ using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text;
using BurnOutSharp.ExecutableType.Microsoft.NE;
using BurnOutSharp.ExecutableType.Microsoft.PE;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class CactusDataShield : IContentCheck, IPEContentCheck, IPathCheck
public class CactusDataShield : IContentCheck, IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includeDebug, PortableExecutable pex, NewExecutable nex)
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
{
// TODO: Limit these checks to Mac binaries
// TODO: Obtain a sample to find where this string is in a typical executable
@@ -36,7 +35,7 @@ namespace BurnOutSharp.ProtectionType
}
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -2,10 +2,10 @@
namespace BurnOutSharp.ProtectionType
{
public class CengaProtectDVD : IPEContentCheck
public class CengaProtectDVD : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -1,16 +1,15 @@
using System.Collections.Generic;
using System.Linq;
using BurnOutSharp.ExecutableType.Microsoft.NE;
using BurnOutSharp.ExecutableType.Microsoft.PE;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
// CodeLock / CodeLok / CopyLok
public class CodeLock : IContentCheck, IPEContentCheck
public class CodeLock : IContentCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includeDebug, PortableExecutable pex, NewExecutable nex)
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
{
// TODO: Obtain a sample to find where this string is in a typical executable
if (includeDebug)
@@ -32,7 +31,7 @@ namespace BurnOutSharp.ProtectionType
}
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -1,7 +1,5 @@
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.ExecutableType.Microsoft.NE;
using BurnOutSharp.ExecutableType.Microsoft.PE;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -9,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class CopyKiller : IContentCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includeDebug, PortableExecutable pex, NewExecutable nex)
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
{
// TODO: Obtain a sample to find where this string is in a typical executable
if (includeDebug)

View File

@@ -12,10 +12,10 @@ namespace BurnOutSharp.ProtectionType
// - Look into `ccinstall`, `Services/EACOM`, `TSLHost`, `SIGS/UploadThread/exchangeAuthToken`,
// `blazeURL`, `psapi.dll`, `DasmX86Dll.dll`, `NVCPL.dll`, `iphlpapi.dll`, `dbghelp.dll`,
// `WS2_32.dll`,
public class ElectronicArts : IPEContentCheck
public class ElectronicArts : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -7,10 +7,10 @@ using BurnOutSharp.Tools;
namespace BurnOutSharp.ProtectionType
{
public class GFWL : IPEContentCheck, IPathCheck
public class GFWL : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -8,10 +8,10 @@ namespace BurnOutSharp.ProtectionType
{
// Note that this set of checks also contains "Stardock Product Activation"
// This is intentional, as that protection is highly related to Impulse Reactor
public class ImpulseReactor : IPEContentCheck, IPathCheck
public class ImpulseReactor : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -2,7 +2,7 @@
namespace BurnOutSharp.ProtectionType
{
public class Intenium : IPEContentCheck
public class Intenium : IPortableExecutableCheck
{
/*
* Possible strings for finding INTENIUM Trial & Buy Protection
@@ -21,7 +21,7 @@ namespace BurnOutSharp.ProtectionType
*/
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -9,10 +9,10 @@ namespace BurnOutSharp.ProtectionType
// Interesting note: the former protection "Xtreme-Protector" was found to be a
// subset of the JoWood X-Prot checks, more specifically the XPROT section check
// that now outputs a version of v1.4+.
public class JoWood : IPEContentCheck
public class JoWood : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -5,10 +5,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class Key2AudioXS : IPEContentCheck
public class Key2AudioXS : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -1,6 +1,4 @@
using System.Collections.Generic;
using BurnOutSharp.ExecutableType.Microsoft.NE;
using BurnOutSharp.ExecutableType.Microsoft.PE;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -8,7 +6,7 @@ namespace BurnOutSharp.ProtectionType
public class KeyLock : IContentCheck
{
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includeDebug, PortableExecutable pex, NewExecutable nex)
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
{
// TODO: Obtain a sample to find where this string is in a typical executable
if (includeDebug)

View File

@@ -9,10 +9,10 @@ using BurnOutSharp.Tools;
namespace BurnOutSharp.ProtectionType
{
public class LaserLok : IPEContentCheck, IPathCheck
public class LaserLok : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// TODO: Additional checks that may or may not be useful with the below
//

View File

@@ -5,10 +5,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class MediaMaxCD3 : IPEContentCheck, IPathCheck
public class MediaMaxCD3 : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -4,10 +4,10 @@ using BurnOutSharp.Tools;
namespace BurnOutSharp.ProtectionType
{
public class OnlineRegistration : IPEContentCheck
public class OnlineRegistration : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -6,10 +6,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class Origin : IPEContentCheck, IPathCheck
public class Origin : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -1,6 +1,4 @@
using System.Collections.Generic;
using BurnOutSharp.ExecutableType.Microsoft.NE;
using BurnOutSharp.ExecutableType.Microsoft.PE;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -11,7 +9,7 @@ namespace BurnOutSharp.ProtectionType
// For now, this means that the CheckContents check is redundant for external
// use through other programs
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includeDebug, PortableExecutable pex, NewExecutable nex)
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
{
// TODO: Detect Red Hand protection
var contentMatchSets = new List<ContentMatchSet>

View File

@@ -8,10 +8,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
// This protection was called VOB ProtectCD / ProtectDVD in versions prior to 6
public class ProtectDISC : IPEContentCheck
public class ProtectDISC : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -1,7 +1,5 @@
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.ExecutableType.Microsoft.NE;
using BurnOutSharp.ExecutableType.Microsoft.PE;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -10,7 +8,7 @@ namespace BurnOutSharp.ProtectionType
public class RingPROTECH : IContentCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includeDebug, PortableExecutable pex, NewExecutable nex)
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
{
// TODO: Obtain a sample to find where this string is in a typical executable
if (includeDebug)

View File

@@ -3,10 +3,10 @@
namespace BurnOutSharp.ProtectionType
{
// TODO: Figure out how versions/version ranges work for this protection
public class SVKProtector : IPEContentCheck
public class SVKProtector : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the image file header from the executable, if possible
if (pex?.ImageFileHeader == null)

View File

@@ -10,10 +10,10 @@ namespace BurnOutSharp.ProtectionType
{
// TODO: Figure out how to properly distinguish SafeDisc and SafeCast since both use
// the same generic BoG_ string. The current combination check doesn't seem consistent
public class SafeDisc : IPEContentCheck, IPathCheck
public class SafeDisc : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -10,10 +10,10 @@ using BurnOutSharp.Tools;
namespace BurnOutSharp.ProtectionType
{
// TODO: Investigate SecuROM for Macintosh
public class SecuROM : IPEContentCheck, IPathCheck
public class SecuROM : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -7,10 +7,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class SmartE : IPEContentCheck, IPathCheck
public class SmartE : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -10,10 +10,10 @@ namespace BurnOutSharp.ProtectionType
{
// TODO: Not matching all SolidShield Wrapper v1 (See JackKeane)
// TODO: Not matching all SolidShield Wrapper v1 (See NFS11)
public class SolidShield : IPEContentCheck, IPathCheck
public class SolidShield : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -7,10 +7,10 @@ using BurnOutSharp.Tools;
namespace BurnOutSharp.ProtectionType
{
public class StarForce : IPEContentCheck, IPathCheck
public class StarForce : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -6,10 +6,10 @@ using BurnOutSharp.Tools;
namespace BurnOutSharp.ProtectionType
{
public class Steam : IPEContentCheck, IPathCheck
public class Steam : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -6,10 +6,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class Sysiphus : IPEContentCheck
public class Sysiphus : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -8,10 +8,10 @@ using BurnOutSharp.Tools;
namespace BurnOutSharp.ProtectionType
{
public class TAGES : IPEContentCheck, IPathCheck
public class TAGES : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -2,10 +2,10 @@
namespace BurnOutSharp.ProtectionType
{
public class ThreePLock : IPEContentCheck
public class ThreePLock : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -2,10 +2,10 @@
namespace BurnOutSharp.ProtectionType
{
public class ThreeTwoOneStudios : IPEContentCheck
public class ThreeTwoOneStudios : IPortableExecutableCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -6,10 +6,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
// Got renamed to Ubisoft Connect / Ubisoft Game Launcher
public class Uplay : IPEContentCheck, IPathCheck
public class Uplay : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -5,10 +5,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class WTMCDProtect : IPEContentCheck, IPathCheck
public class WTMCDProtect : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -10,10 +10,10 @@ using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
// TODO: Figure out how to use path check framework here
public class XCP : IPEContentCheck, IPathCheck
public class XCP : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
public string CheckPEContents(string file, PortableExecutable pex, bool includeDebug)
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
{
// Get the sections from the executable, if possible
var sections = pex?.SectionTable;

View File

@@ -27,16 +27,16 @@ namespace BurnOutSharp
}
/// <summary>
/// Cache for all INEContentCheck types
/// Cache for all INewExecutableCheck types
/// </summary>
public static IEnumerable<INEContentCheck> NEContentCheckClasses
public static IEnumerable<INewExecutableCheck> NewExecutableCheckClasses
{
get
{
if (neContentCheckClasses == null)
neContentCheckClasses = InitCheckClasses<INEContentCheck>();
if (newExecutableCheckClasses == null)
newExecutableCheckClasses = InitCheckClasses<INewExecutableCheck>();
return neContentCheckClasses;
return newExecutableCheckClasses;
}
}
@@ -55,16 +55,16 @@ namespace BurnOutSharp
}
/// <summary>
/// Cache for all IPEContentCheck types
/// Cache for all IPortableExecutableCheck types
/// </summary>
public static IEnumerable<IPEContentCheck> PEContentCheckClasses
public static IEnumerable<IPortableExecutableCheck> PortableExecutableCheckClasses
{
get
{
if (peContentCheckClasses == null)
peContentCheckClasses = InitCheckClasses<IPEContentCheck>();
if (portableExecutableCheckClasses == null)
portableExecutableCheckClasses = InitCheckClasses<IPortableExecutableCheck>();
return peContentCheckClasses;
return portableExecutableCheckClasses;
}
}
@@ -80,7 +80,7 @@ namespace BurnOutSharp
/// <summary>
/// Cache for all INEContentCheck types
/// </summary>
private static IEnumerable<INEContentCheck> neContentCheckClasses;
private static IEnumerable<INewExecutableCheck> newExecutableCheckClasses;
/// <summary>
/// Cache for all IPathCheck types
@@ -90,7 +90,7 @@ namespace BurnOutSharp
/// <summary>
/// Cache for all IPEContentCheck types
/// </summary>
private static IEnumerable<IPEContentCheck> peContentCheckClasses;
private static IEnumerable<IPortableExecutableCheck> portableExecutableCheckClasses;
#endregion