SabreTools/BinaryObjectScanner
1
0
Fork 0
mirror of https://github.com/SabreTools/BinaryObjectScanner.git synced 2026-02-04 13:45:28 +00:00
Code Issues 295 Packages Projects Releases 20 Wiki Activity

Compare commits

base: SabreTools:1.6.1
Branches Tags
SabreTools:master
SabreTools:rolling SabreTools:3.5.0 SabreTools:3.4.6 SabreTools:3.4.5 SabreTools:3.4.4 SabreTools:3.4.3 SabreTools:3.4.2 SabreTools:3.4.1 SabreTools:3.4.0 SabreTools:3.3.4 SabreTools:3.3.3 SabreTools:3.3.2 SabreTools:3.3.1 SabreTools:3.3.0 SabreTools:3.2.3 SabreTools:3.2.2 SabreTools:3.2.1 SabreTools:3.2.0 SabreTools:3.1.16 SabreTools:3.1.15 SabreTools:3.1.14 SabreTools:3.1.13 SabreTools:3.1.12 SabreTools:3.1.11 SabreTools:3.1.10 SabreTools:3.1.9 SabreTools:3.1.8 SabreTools:3.1.7 SabreTools:3.1.6 SabreTools:3.1.5 SabreTools:3.1.4 SabreTools:3.1.3 SabreTools:3.1.2 SabreTools:3.1.1 SabreTools:3.1.0 SabreTools:3.0.2 SabreTools:3.0.1 SabreTools:3.0.0 SabreTools:2.9.0 SabreTools:2.8.0 SabreTools:2.7.0 SabreTools:2.6.0 SabreTools:2.5.0 SabreTools:2.3.4 SabreTools:2.3.3 SabreTools:2.3.2 SabreTools:2.3.1 SabreTools:2.3.0 SabreTools:2.1.0 SabreTools:2.0.0 SabreTools:1.8.0 SabreTools:1.7.0 SabreTools:1.6.1 SabreTools:1.6.0 SabreTools:1.5.1 SabreTools:1.5.0 SabreTools:1.4.1 SabreTools:1.4.0 SabreTools:1.03.9.1 SabreTools:1.03.9 SabreTools:1.03.8.2 SabreTools:1.03.8.1 SabreTools:1.03.8.0 SabreTools:1.03.7.1 SabreTools:1.03.5 SabreTools:1.03.7 SabreTools:1.03.6
...
compare: SabreTools:1.7.0
Branches Tags
SabreTools:master
SabreTools:rolling SabreTools:3.5.0 SabreTools:3.4.6 SabreTools:3.4.5 SabreTools:3.4.4 SabreTools:3.4.3 SabreTools:3.4.2 SabreTools:3.4.1 SabreTools:3.4.0 SabreTools:3.3.4 SabreTools:3.3.3 SabreTools:3.3.2 SabreTools:3.3.1 SabreTools:3.3.0 SabreTools:3.2.3 SabreTools:3.2.2 SabreTools:3.2.1 SabreTools:3.2.0 SabreTools:3.1.16 SabreTools:3.1.15 SabreTools:3.1.14 SabreTools:3.1.13 SabreTools:3.1.12 SabreTools:3.1.11 SabreTools:3.1.10 SabreTools:3.1.9 SabreTools:3.1.8 SabreTools:3.1.7 SabreTools:3.1.6 SabreTools:3.1.5 SabreTools:3.1.4 SabreTools:3.1.3 SabreTools:3.1.2 SabreTools:3.1.1 SabreTools:3.1.0 SabreTools:3.0.2 SabreTools:3.0.1 SabreTools:3.0.0 SabreTools:2.9.0 SabreTools:2.8.0 SabreTools:2.7.0 SabreTools:2.6.0 SabreTools:2.5.0 SabreTools:2.3.4 SabreTools:2.3.3 SabreTools:2.3.2 SabreTools:2.3.1 SabreTools:2.3.0 SabreTools:2.1.0 SabreTools:2.0.0 SabreTools:1.8.0 SabreTools:1.7.0 SabreTools:1.6.1 SabreTools:1.6.0 SabreTools:1.5.1 SabreTools:1.5.0 SabreTools:1.4.1 SabreTools:1.4.0 SabreTools:1.03.9.1 SabreTools:1.03.9 SabreTools:1.03.8.2 SabreTools:1.03.8.1 SabreTools:1.03.8.0 SabreTools:1.03.7.1 SabreTools:1.03.5 SabreTools:1.03.7 SabreTools:1.03.6

25 Commits
1.6.1 ... 1.7.0

Author SHA1 Message Date
Matt Nadareski
93e450c2bf Update README for IS-Z 2021-07-21 14:21:39 -07:00
Matt Nadareski
cc762754c5 Add support of IS-Z archives 2021-07-21 13:40:32 -07:00
Matt Nadareski
7065436033 Update nuget packages 2021-07-21 13:33:52 -07:00
Matt Nadareski
debe091502 Update protection list 2021-07-19 23:02:04 -07:00
Matt Nadareski
80905b56cd Better attempt at narrowing down 2021-07-19 21:56:31 -07:00
Matt Nadareski
0a7cd8a69e Comment out broader UPX (NOS) check 2021-07-19 21:38:19 -07:00
Matt Nadareski
c3957977a2 Reorder StarForce 3-5 checks for accuracy 2021-07-18 21:56:15 -07:00
Matt Nadareski
ff602c77ed Improve GFWL support 
Adds support for the previously-undetected Games for Windows LIVE - Zero Day Piracy Protection Module as well as adding a generic check for any other modules
 2021-07-18 21:50:58 -07:00
Matt Nadareski
3667a5b57a Concurrent protection scans per file (#52) 
* Move to ConcurrentDictionary

* Convert to ConcurrentQueue
 2021-07-18 09:44:23 -07:00
Matt Nadareski
3ac57b1c0c Fix static matcher issues (fixes #51) 
Note: This may result in slower, but more accurate, scans
 2021-07-17 23:40:16 -07:00
Matt Nadareski
957d82b2f7 Add new SecuROM PA detection 2021-07-17 23:06:11 -07:00
Matt Nadareski
6d0817ad15 Path protections separator-agnostic (fixes #47) 2021-07-17 22:31:29 -07:00
Matt Nadareski
5b10e6d614 Add check note for Tivola 2021-07-17 21:54:47 -07:00
Matt Nadareski
2d39b8c532 Add more GFWL checks 2021-07-17 21:45:37 -07:00
Matt Nadareski
2ae860e8ca Add Tivola Ring Protection detection (fixes #45) 2021-07-17 21:17:45 -07:00
Matt Nadareski
9e21c28e52 Temporary fix for StarForce directory scan 2021-07-17 21:11:38 -07:00
Matt Nadareski
2f5053b49f Make StarForce checks AND not OR (fixes #46) 2021-07-17 17:08:15 -07:00
Matt Nadareski
7024136919 Make large file parsing safer (fixes #44) 2021-07-15 09:57:06 -07:00
SilasLaspada
c74b5b3d29 Improve Bitpool detection (#43) 
* Improve Bitpool detection

* Address comments
 2021-07-02 10:16:06 -07:00
SilasLaspada
9c3201aa4b Improve XCP detection to prevent false positives (#42) 
* Improve XCP detection to prevent false positives

* Address comments
 2021-07-01 20:51:40 -07:00
SilasLaspada
dfd1141635 Vastly improve WTM detection (#41) 
* Fix false positive in WTM detection

* Forgot to improve part of the detection

* Vastly improve detection
 2021-06-30 09:36:02 -07:00
SilasLaspada
1188cad5e6 Slightly improve PE Compact version detection (#40) 
* Slightly improve PE Compact version detection

* Address comments

* Address comments
 2021-06-24 11:58:38 -07:00
SilasLaspada
65fa2f8481 Greatly improve WinZip SFX version detection (#39) 2021-06-21 21:48:25 -07:00
SilasLaspada
475e0b9d91 Add support for detecting Installer VISE (#38) 
* Add support for detecting Installer VISE

* Add comment about extraction
 2021-06-05 15:08:10 -07:00
SilasLaspada
b76d09aa20 Improve Inno Setup detection (#37) 
* Improve Inno Setup detection

* Split "GetVersion"

* Remove unneeded check

* Make version detection more robust

* Add Unicode version detection

* Address review comments
 2021-06-05 11:46:04 -07:00
104 changed files with 2029 additions and 1404 deletions
Expand all files Collapse all files

10
BurnOutSharp/BurnOutSharp.csproj
View File

@@ -11,9 +11,9 @@
<Copyright>Copyright (c)2005-2010 Gernot Knippen, Copyright (c)2018-2021 Matt Nadareski</Copyright>
<PackageLicenseFile>LICENSE.txt</PackageLicenseFile>
<RepositoryUrl>https://github.com/mnadareski/BurnOutSharp</RepositoryUrl>
<Version>1.6.1</Version>
<AssemblyVersion>1.6.1</AssemblyVersion>
<FileVersion>1.6.1</FileVersion>
<Version>1.7.0</Version>
<AssemblyVersion>1.7.0</AssemblyVersion>
<FileVersion>1.7.0</FileVersion>
<IncludeSource>true</IncludeSource>
<IncludeSymbols>true</IncludeSymbols>
</PropertyGroup>
@@ -23,8 +23,8 @@
</PropertyGroup>
<ItemGroup>
<PackageReference Include="SharpCompress" Version="0.28.1" />
<PackageReference Include="UnshieldSharp" Version="1.5.0" />
<PackageReference Include="SharpCompress" Version="0.28.3" />
<PackageReference Include="UnshieldSharp" Version="1.6.0" />
<PackageReference Include="WiseUnpacker" Version="1.0.2" />
</ItemGroup>

6
BurnOutSharp/FileType/BFPK.cs
View File

@@ -1,5 +1,5 @@
using System;
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.IO;
using System.Text;
using SharpCompress.Compressors;
@@ -19,7 +19,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -31,7 +31,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the BFPK file itself fails
try

5
BurnOutSharp/FileType/BZip2.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using SharpCompress.Compressors;
@@ -18,7 +19,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -30,7 +31,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the BZip2 file itself fails
try

28
BurnOutSharp/FileType/Executable.cs
View File

@@ -1,9 +1,11 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Reflection;
using System.Text;
using System.Threading.Tasks;
namespace BurnOutSharp.FileType
{
@@ -49,7 +51,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -61,24 +63,32 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// Files can be protected in multiple ways
var protections = new ConcurrentDictionary<string, ConcurrentQueue<string>>();
// Load the current file content
byte[] fileContent = null;
using (BinaryReader br = new BinaryReader(stream, Encoding.Default, true))
try
{
fileContent = br.ReadBytes((int)stream.Length);
using (BinaryReader br = new BinaryReader(stream, Encoding.Default, true))
{
fileContent = br.ReadBytes((int)stream.Length);
}
}
catch
{
Utilities.AppendToDictionary(protections, file, "[File too large to be scanned]");
return protections;
}
// If we can, seek to the beginning of the stream
if (stream.CanSeek)
stream.Seek(0, SeekOrigin.Begin);
// Files can be protected in multiple ways
var protections = new Dictionary<string, List<string>>();
// Iterate through all content checks
foreach (var contentCheckClass in contentCheckClasses)
Parallel.ForEach(contentCheckClasses, contentCheckClass =>
{
string protection = contentCheckClass.CheckContents(file, fileContent, scanner.IncludePosition);
@@ -100,7 +110,7 @@ namespace BurnOutSharp.FileType
Utilities.AppendToDictionary(protections, subProtections);
}
}
}
});
return protections;
}

5
BurnOutSharp/FileType/GZIP.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using SharpCompress.Archives;
@@ -18,7 +19,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -30,7 +31,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the gzip file itself fails
try

100
BurnOutSharp/FileType/InstallShieldArchiveV3.cs Normal file
View File

@@ -0,0 +1,100 @@
using System;
using System.Collections.Concurrent;
using System.IO;
using System.Linq;
using System.Text.RegularExpressions;
using UnshieldSharp.Archive;
namespace BurnOutSharp.FileType
{
internal class InstallShieldArchiveV3 : IScannable
{
/// <inheritdoc/>
public bool ShouldScan(byte[] magic)
{
if (magic.StartsWith(new byte?[] { 0x13, 0x5D, 0x65, 0x8C }))
return true;
return false;
}
/// <inheritdoc/>
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
using (var fs = File.OpenRead(file))
{
return Scan(scanner, fs, file);
}
}
// TODO: Add stream opening support
/// <inheritdoc/>
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// Get the name of the first cabinet file or header
string directory = Path.GetDirectoryName(file);
string noExtension = Path.GetFileNameWithoutExtension(file);
string filenamePattern = Path.Combine(directory, noExtension);
filenamePattern = new Regex(@"\d+$").Replace(filenamePattern, string.Empty);
bool cabinetHeaderExists = File.Exists(Path.Combine(directory, filenamePattern + "1.hdr"));
bool shouldScanCabinet = cabinetHeaderExists
? file.Equals(Path.Combine(directory, filenamePattern + "1.hdr"), StringComparison.OrdinalIgnoreCase)
: file.Equals(Path.Combine(directory, filenamePattern + "1.cab"), StringComparison.OrdinalIgnoreCase);
// If we have the first file
if (shouldScanCabinet)
{
// If the cab file itself fails
try
{
string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString());
Directory.CreateDirectory(tempPath);
UnshieldSharp.Archive.InstallShieldArchiveV3 archive = new UnshieldSharp.Archive.InstallShieldArchiveV3(file);
foreach (CompressedFile cfile in archive.Files.Select(kvp => kvp.Value))
{
// If an individual entry fails
try
{
string tempFile = Path.Combine(tempPath, cfile.FullPath);
if (!Directory.Exists(Path.GetDirectoryName(tempFile)))
Directory.CreateDirectory(Path.GetDirectoryName(tempFile));
(byte[] fileContents, string error) = archive.Extract(cfile.FullPath);
if (!string.IsNullOrWhiteSpace(error))
continue;
using (FileStream fs = File.OpenWrite(tempFile))
{
fs.Write(fileContents, 0, fileContents.Length);
}
}
catch { }
}
// Collect and format all found protections
var protections = scanner.GetProtections(tempPath);
// If temp directory cleanup fails
try
{
Directory.Delete(tempPath, true);
}
catch { }
// Remove temporary path references
Utilities.StripFromKeys(protections, tempPath);
return protections;
}
catch { }
}
return null;
}
}
}

10
BurnOutSharp/FileType/InstallShieldCAB.cs
View File

@@ -1,8 +1,8 @@
using System;
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.IO;
using System.Text.RegularExpressions;
using UnshieldSharp;
using UnshieldSharp.Cabinet;
namespace BurnOutSharp.FileType
{
@@ -18,7 +18,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -31,7 +31,7 @@ namespace BurnOutSharp.FileType
// TODO: Add stream opening support
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// Get the name of the first cabinet file or header
string directory = Path.GetDirectoryName(file);
@@ -53,7 +53,7 @@ namespace BurnOutSharp.FileType
string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString());
Directory.CreateDirectory(tempPath);
UnshieldCabinet cabfile = UnshieldCabinet.Open(file);
InstallShieldCabinet cabfile = InstallShieldCabinet.Open(file);
for (int i = 0; i < cabfile.FileCount; i++)
{
// If an individual entry fails

5
BurnOutSharp/FileType/MPQ.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using StormLibSharp;
@@ -17,7 +18,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -30,7 +31,7 @@ namespace BurnOutSharp.FileType
// TODO: Add stream opening support
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the mpq file itself fails
try

5
BurnOutSharp/FileType/MSI.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using WixToolset.Dtf.WindowsInstaller;
@@ -17,7 +18,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -30,7 +31,7 @@ namespace BurnOutSharp.FileType
// TODO: Add stream opening support
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the MSI file itself fails
try

5
BurnOutSharp/FileType/MicrosoftCAB.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using LibMSPackN;
@@ -18,7 +19,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -31,7 +32,7 @@ namespace BurnOutSharp.FileType
// TODO: Add stream opening support
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the cab file itself fails
try

5
BurnOutSharp/FileType/PKZIP.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using SharpCompress.Archives;
@@ -27,7 +28,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -39,7 +40,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the zip file itself fails
try

5
BurnOutSharp/FileType/RAR.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using SharpCompress.Archives;
@@ -23,7 +24,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -35,7 +36,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the rar file itself fails
try

5
BurnOutSharp/FileType/SevenZip.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using SharpCompress.Archives;
@@ -18,7 +19,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -30,7 +31,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the 7-zip file itself fails
try

5
BurnOutSharp/FileType/TapeArchive.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using SharpCompress.Archives;
@@ -21,7 +22,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -33,7 +34,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the tar file itself fails
try

11
BurnOutSharp/FileType/Textfile.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Text;
@@ -45,7 +46,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -57,10 +58,10 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// Files can be protected in multiple ways
var protections = new Dictionary<string, List<string>>();
var protections = new ConcurrentDictionary<string, ConcurrentQueue<string>>();
try
{
@@ -80,6 +81,10 @@ namespace BurnOutSharp.FileType
// MediaMax
if (fileContent.Contains("MediaMax technology"))
Utilities.AppendToDictionary(protections, file, "MediaMax CD-3");
// XCP
if (fileContent.Contains("http://cp.sonybmg.com/xcp/"))
Utilities.AppendToDictionary(protections, file, "XCP");
}
catch
{

5
BurnOutSharp/FileType/Valve.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Runtime.InteropServices;
@@ -34,7 +35,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -47,7 +48,7 @@ namespace BurnOutSharp.FileType
// TODO: Add stream opening support
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString());
Directory.CreateDirectory(tempPath);

5
BurnOutSharp/FileType/XZ.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using SharpCompress.Compressors.Xz;
@@ -17,7 +18,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -29,7 +30,7 @@ namespace BurnOutSharp.FileType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the xz file itself fails
try

5
BurnOutSharp/IPathCheck.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
namespace BurnOutSharp
{
@@ -10,7 +11,7 @@ namespace BurnOutSharp
/// <param name="path">Path to check for protection indicators</param>
/// <param name="files">Enumerable of strings representing files in a directory</param>
/// <remarks>This can do some limited content checking as well, but it's suggested to use IContentCheck instead, if possible</remarks>
List<string> CheckDirectoryPath(string path, IEnumerable<string> files);
ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files);
/// <summary>
/// Check a file path for protections based on path name

6
BurnOutSharp/IScannable.cs
View File

@@ -1,4 +1,4 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.IO;
namespace BurnOutSharp
@@ -19,7 +19,7 @@ namespace BurnOutSharp
/// <param name="file">Path to the input file</param>
/// <returns>Dictionary mapping paths to protection lists</returns>
/// <remarks>Ideally, this should just point to the other scan implementation</remarks>
Dictionary<string, List<string>> Scan(Scanner scanner, string file);
ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file);
/// <summary>
/// Scan a stream for all internal protections
@@ -28,6 +28,6 @@ namespace BurnOutSharp
/// <param name="stream">Stream representing the input file</param>
/// <param name="file">Path to the input file</param>
/// <returns>Dictionary mapping paths to protection lists</returns>
Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string filename);
ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string filename);
}
}

5
BurnOutSharp/Matching/ContentMatch.cs
View File

@@ -59,6 +59,11 @@ namespace BurnOutSharp.Matching
for (int i = reverse ? End : Start; reverse ? i > Start : i < End; i += reverse ? -1 : 1)
{
// If we somehow have an invalid end and we haven't matched, return
if (i > stack.Length)
return (false, -1);
// Check to see if the values are equal
if (EqualAt(stack, i))
return (true, i);
}

27
BurnOutSharp/Matching/MatchUtil.cs
View File

@@ -1,3 +1,4 @@
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.Linq;
@@ -18,7 +19,7 @@ namespace BurnOutSharp.Matching
/// <param name="matchers">Enumerable of ContentMatchSets to be run on the file</param>
/// <param name="includePosition">True to include positional data, false otherwise</param>
/// <returns>List of strings representing the matched protections, null or empty otherwise</returns>
public static List<string> GetAllMatches(
public static ConcurrentQueue<string> GetAllMatches(
string file,
byte[] fileContent,
IEnumerable<ContentMatchSet> matchers,
@@ -57,7 +58,7 @@ namespace BurnOutSharp.Matching
/// <param name="includePosition">True to include positional data, false otherwise</param>
/// <param name="stopAfterFirst">True to stop after the first match, false otherwise</param>
/// <returns>List of strings representing the matched protections, null or empty otherwise</returns>
private static List<string> FindAllMatches(
private static ConcurrentQueue<string> FindAllMatches(
string file,
byte[] fileContent,
IEnumerable<ContentMatchSet> matchers,
@@ -68,8 +69,8 @@ namespace BurnOutSharp.Matching
if (matchers == null || !matchers.Any())
return null;
// Initialize the list of matched protections
List<string> matchedProtections = new List<string>();
// Initialize the queue of matched protections
var matchedProtections = new ConcurrentQueue<string>();
// Loop through and try everything otherwise
foreach (var matcher in matchers)
@@ -85,7 +86,7 @@ namespace BurnOutSharp.Matching
// If we there is no version method, just return the protection name
if (matcher.GetVersion == null)
{
matchedProtections.Add((matcher.ProtectionName ?? "Unknown Protection") + (includePosition ? $" (Index {positionsString})" : string.Empty));
matchedProtections.Enqueue((matcher.ProtectionName ?? "Unknown Protection") + (includePosition ? $" (Index {positionsString})" : string.Empty));
}
// Otherwise, invoke the version method
@@ -96,7 +97,7 @@ namespace BurnOutSharp.Matching
if (version == null)
continue;
matchedProtections.Add($"{matcher.ProtectionName ?? "Unknown Protection"} {version}".TrimEnd() + (includePosition ? $" (Index {positionsString})" : string.Empty));
matchedProtections.Enqueue($"{matcher.ProtectionName ?? "Unknown Protection"} {version}".TrimEnd() + (includePosition ? $" (Index {positionsString})" : string.Empty));
}
// If we're stopping after the first protection, bail out here
@@ -118,7 +119,7 @@ namespace BurnOutSharp.Matching
/// <param name="matchers">Enumerable of PathMatchSets to be run on the file</param>
/// <param name="any">True if any path match is a success, false if all have to match</param>
/// <returns>List of strings representing the matched protections, null or empty otherwise</returns>
public static List<string> GetAllMatches(string file, IEnumerable<PathMatchSet> matchers, bool any = false)
public static ConcurrentQueue<string> GetAllMatches(string file, IEnumerable<PathMatchSet> matchers, bool any = false)
{
return FindAllMatches(new List<string> { file }, matchers, any, false);
}
@@ -130,7 +131,7 @@ namespace BurnOutSharp.Matching
/// <param name="matchers">Enumerable of PathMatchSets to be run on the file</param>
/// <param name="any">True if any path match is a success, false if all have to match</param>
/// <returns>List of strings representing the matched protections, null or empty otherwise</returns>
public static List<string> GetAllMatches(IEnumerable<string> files, IEnumerable<PathMatchSet> matchers, bool any = false)
public static ConcurrentQueue<string> GetAllMatches(IEnumerable<string> files, IEnumerable<PathMatchSet> matchers, bool any = false)
{
return FindAllMatches(files, matchers, any, false);
}
@@ -175,14 +176,14 @@ namespace BurnOutSharp.Matching
/// <param name="any">True if any path match is a success, false if all have to match</param>
/// <param name="stopAfterFirst">True to stop after the first match, false otherwise</param>
/// <returns>List of strings representing the matched protections, null or empty otherwise</returns>
private static List<string> FindAllMatches(IEnumerable<string> files, IEnumerable<PathMatchSet> matchers, bool any, bool stopAfterFirst)
private static ConcurrentQueue<string> FindAllMatches(IEnumerable<string> files, IEnumerable<PathMatchSet> matchers, bool any, bool stopAfterFirst)
{
// If there's no mappings, we can't match
if (matchers == null || !matchers.Any())
return new List<string>();
return new ConcurrentQueue<string>();
// Initialize the list of matched protections
List<string> matchedProtections = new List<string>();
var matchedProtections = new ConcurrentQueue<string>();
// Loop through and try everything otherwise
foreach (var matcher in matchers)
@@ -210,7 +211,7 @@ namespace BurnOutSharp.Matching
// If we there is no version method, just return the protection name
if (matcher.GetVersion == null)
{
matchedProtections.Add(matcher.ProtectionName ?? "Unknown Protection");
matchedProtections.Enqueue(matcher.ProtectionName ?? "Unknown Protection");
}
// Otherwise, invoke the version method
@@ -221,7 +222,7 @@ namespace BurnOutSharp.Matching
if (version == null)
continue;
matchedProtections.Add($"{matcher.ProtectionName ?? "Unknown Protection"} {version}".TrimEnd());
matchedProtections.Enqueue($"{matcher.ProtectionName ?? "Unknown Protection"} {version}".TrimEnd());
}
// If we're stopping after the first protection, bail out here

31
BurnOutSharp/PackerType/AdvancedInstaller.cs
View File

@@ -6,26 +6,23 @@ namespace BurnOutSharp.PackerType
// TODO: Add extraction and verify that all versions are detected
public class AdvancedInstaller : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// Software\Caphyon\Advanced Installer
new ContentMatchSet(new byte?[]
{
0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65,
0x5C, 0x43, 0x61, 0x70, 0x68, 0x79, 0x6F, 0x6E,
0x5C, 0x41, 0x64, 0x76, 0x61, 0x6E, 0x63, 0x65,
0x64, 0x20, 0x49, 0x6E, 0x73, 0x74, 0x61, 0x6C,
0x6C, 0x65, 0x72
}, "Caphyon Advanced Installer"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// Software\Caphyon\Advanced Installer
new ContentMatchSet(new byte?[]
{
0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65,
0x5C, 0x43, 0x61, 0x70, 0x68, 0x79, 0x6F, 0x6E,
0x5C, 0x41, 0x64, 0x76, 0x61, 0x6E, 0x63, 0x65,
0x64, 0x20, 0x49, 0x6E, 0x73, 0x74, 0x61, 0x6C,
0x6C, 0x65, 0x72
}, "Caphyon Advanced Installer"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

23
BurnOutSharp/PackerType/Armadillo.cs
View File

@@ -5,22 +5,19 @@ namespace BurnOutSharp.PackerType
{
public class Armadillo : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// .nicode + (char)0x00
new ContentMatchSet(new byte?[] { 0x2E, 0x6E, 0x69, 0x63, 0x6F, 0x64, 0x65, 0x00 }, "Armadillo"),
// ARMDEBUG
new ContentMatchSet(new byte?[] { 0x41, 0x52, 0x4D, 0x44, 0x45, 0x42, 0x55, 0x47 }, "Armadillo"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// .nicode + (char)0x00
new ContentMatchSet(new byte?[] { 0x2E, 0x6E, 0x69, 0x63, 0x6F, 0x64, 0x65, 0x00 }, "Armadillo"),
// ARMDEBUG
new ContentMatchSet(new byte?[] { 0x41, 0x52, 0x4D, 0x44, 0x45, 0x42, 0x55, 0x47 }, "Armadillo"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

40
BurnOutSharp/PackerType/CExe.cs
View File

@@ -1,3 +1,4 @@
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using BurnOutSharp.Matching;
@@ -8,35 +9,32 @@ namespace BurnOutSharp.PackerType
// http://www.scottlu.com/Content/CExe.html
public class CExe : IContentCheck, IScannable
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// %Wo<57>a6.<2E>a6.<2E>a6.<2E>a6.<2E>{6.<2E>.).<2E>f6.<2E><>).<2E>`6.<2E><>0.<2E>`6.<2E>
new ContentMatchSet(
new ContentMatch(new byte?[]
{
0x25, 0x57, 0x6F, 0xC1, 0x61, 0x36, 0x01, 0x92,
0x61, 0x36, 0x01, 0x92, 0x61, 0x36, 0x01, 0x92,
0x61, 0x36, 0x00, 0x92, 0x7B, 0x36, 0x01, 0x92,
0x03, 0x29, 0x12, 0x92, 0x66, 0x36, 0x01, 0x92,
0x89, 0x29, 0x0A, 0x92, 0x60, 0x36, 0x01, 0x92,
0xD9, 0x30, 0x07, 0x92, 0x60, 0x36, 0x01, 0x92
}, end: 200), "CExe"),
};
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// %Wo<57>a6.<2E>a6.<2E>a6.<2E>a6.<2E>{6.<2E>.).<2E>f6.<2E><>).<2E>`6.<2E><>0.<2E>`6.<2E>
new ContentMatchSet(
new ContentMatch(new byte?[]
{
0x25, 0x57, 0x6F, 0xC1, 0x61, 0x36, 0x01, 0x92,
0x61, 0x36, 0x01, 0x92, 0x61, 0x36, 0x01, 0x92,
0x61, 0x36, 0x00, 0x92, 0x7B, 0x36, 0x01, 0x92,
0x03, 0x29, 0x12, 0x92, 0x66, 0x36, 0x01, 0x92,
0x89, 0x29, 0x0A, 0x92, 0x60, 0x36, 0x01, 0x92,
0xD9, 0x30, 0x07, 0x92, 0x60, 0x36, 0x01, 0x92
}, end: 200), "CExe"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -49,7 +47,7 @@ namespace BurnOutSharp.PackerType
/// <inheritdoc/>
// TODO: Add extraction if viable
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
return null;
}

31
BurnOutSharp/PackerType/EXEStealth.cs
View File

@@ -5,26 +5,23 @@ namespace BurnOutSharp.PackerType
{
public class EXEStealth : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// ??[[__[[_ + (char)0x00 + {{ + (char)0x0 + (char)0x00 + {{ + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x0 + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00 + ?;??;??
new ContentMatchSet(new byte?[]
{
0x3F, 0x3F, 0x5B, 0x5B, 0x5F, 0x5F, 0x5B, 0x5B,
0x5F, 0x00, 0x7B, 0x7B, 0x00, 0x00, 0x7B, 0x7B,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x20, 0x3F, 0x3B, 0x3F, 0x3F, 0x3B, 0x3F,
0x3F
}, "EXE Stealth"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// ??[[__[[_ + (char)0x00 + {{ + (char)0x0 + (char)0x00 + {{ + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x0 + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00 + ?;??;??
new ContentMatchSet(new byte?[]
{
0x3F, 0x3F, 0x5B, 0x5B, 0x5F, 0x5F, 0x5B, 0x5B,
0x5F, 0x00, 0x7B, 0x7B, 0x00, 0x00, 0x7B, 0x7B,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x20, 0x3F, 0x3B, 0x3F, 0x3F, 0x3B, 0x3F,
0x3F
}, "EXE Stealth"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

93
BurnOutSharp/PackerType/InnoSetup.cs
View File

@@ -1,36 +1,43 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text;
using BurnOutSharp.Matching;
namespace BurnOutSharp.PackerType
{
public class InnoSetup : IContentCheck, IScannable
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// Inno
new ContentMatchSet(
new ContentMatch(new byte?[] { 0x49, 0x6E, 0x6E, 0x6F }, start: 0x30, end: 0x31),
GetVersion,
"Inno Setup"),
};
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// Inno Setup Setup Data (
new ContentMatchSet(new byte?[]
{
0x49, 0x6E, 0x6E, 0x6F, 0x20, 0x53, 0x65, 0x74,
0x75, 0x70, 0x20, 0x53, 0x65, 0x74, 0x75, 0x70,
0x20, 0x44, 0x61, 0x74, 0x61, 0x20, 0x28
}, GetVersion, "Inno Setup"),
// Inno
new ContentMatchSet(
new ContentMatch(new byte?[] { 0x49, 0x6E, 0x6E, 0x6F }, start: 0x30, end: 0x31),
GetOldVersion,
"Inno Setup"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -44,44 +51,46 @@ namespace BurnOutSharp.PackerType
// TOOO: Add Inno Setup extraction
// https://github.com/dscharrer/InnoExtract
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
return null;
}
public static string GetOldVersion(string file, byte[] fileContent, List<int> positions)
{
var matchers = new List<ContentMatchSet>
{
// "rDlPtS02" + (char)0x87 + "eVx"
new ContentMatchSet(new byte?[] { 0x72, 0x44, 0x6C, 0x50, 0x74, 0x53, 0x30, 0x32, 0x87, 0x65, 0x56, 0x78 }, "1.2.16 or earlier"),
};
string match = MatchUtil.GetFirstMatch(file, fileContent, matchers, false);
return match ?? "Unknown 1.X";
}
public static string GetVersion(string file, byte[] fileContent, List<int> positions)
{
byte[] signature = new ArraySegment<byte>(fileContent, 0x30, 12).ToArray();
try
{
int index = positions[0];
index += 23;
// "rDlPtS02" + (char)0x87 + "eVx"
if (signature.SequenceEqual( new byte[] { 0x72, 0x44, 0x6C, 0x50, 0x74, 0x53, 0x30, 0x32, 0x87, 0x65, 0x56, 0x78 }))
return "1.2.10";
var versionBytes = new ReadOnlySpan<byte>(fileContent, index, 16).ToArray();
var onlyVersion = versionBytes.TakeWhile(b => b != ')').ToArray();
// "rDlPtS04" + (char)0x87 + "eVx"
else if (signature.SequenceEqual(new byte[] { 0x72, 0x44, 0x6C, 0x50, 0x74, 0x53, 0x30, 0x34, 0x87, 0x65, 0x56, 0x78 }))
return "4.0.0";
index += onlyVersion.Length + 2;
var unicodeBytes = new ReadOnlySpan<byte>(fileContent, index, 3).ToArray();
string version = Encoding.ASCII.GetString(onlyVersion);
// "rDlPtS05" + (char)0x87 + "eVx"
else if (signature.SequenceEqual(new byte[] { 0x72, 0x44, 0x6C, 0x50, 0x74, 0x53, 0x30, 0x35, 0x87, 0x65, 0x56, 0x78 }))
return "4.0.3";
if (unicodeBytes.SequenceEqual(new byte[] { 0x28, 0x75, 0x29 }))
return (version + " (Unicode)");
// "rDlPtS06" + (char)0x87 + "eVx"
else if (signature.SequenceEqual(new byte[] { 0x72, 0x44, 0x6C, 0x50, 0x74, 0x53, 0x30, 0x36, 0x87, 0x65, 0x56, 0x78 }))
return "4.0.10";
// "rDlPtS07" + (char)0x87 + "eVx"
else if (signature.SequenceEqual(new byte[] { 0x72, 0x44, 0x6C, 0x50, 0x74, 0x53, 0x30, 0x37, 0x87, 0x65, 0x56, 0x78 }))
return "4.1.6";
// "rDlPtS" + (char)0xcd + (char)0xe6 + (char)0xd7 + "{" + (char)0x0b + "*"
else if (signature.SequenceEqual(new byte[] { 0x72, 0x44, 0x6C, 0x50, 0x74, 0x53, 0xCD, 0xE6, 0xD7, 0x7B, 0x0b, 0x2A }))
return "5.1.5";
// "nS5W7dT" + (char)0x83 + (char)0xaa + (char)0x1b + (char)0x0f + "j"
else if (signature.SequenceEqual(new byte[] { 0x6E, 0x53, 0x35, 0x57, 0x37, 0x64, 0x54, 0x83, 0xAA, 0x1B, 0x0F, 0x6A }))
return "5.1.5";
return string.Empty;
return version;
}
catch
{
return "(Unknown Version)";
}
}
}
}

49
BurnOutSharp/PackerType/InstallerVISE.cs Normal file
View File

@@ -0,0 +1,49 @@
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using BurnOutSharp.Matching;
namespace BurnOutSharp.PackerType
{
public class InstallerVISE : IContentCheck, IScannable
{
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
var matchers = new List<ContentMatchSet>
{
//TODO: Add exact version detection for Windows builds, make sure versions before 3.X are detected as well, and detect the Mac builds.
// ViseMain
new ContentMatchSet(
new ContentMatch(new byte?[] { 0x56, 0x69, 0x73, 0x65, 0x4D, 0x61, 0x69, 0x6E }, start: 0xE0A4, end: 0xE0A5),
"Installer VISE"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
// TODO: Add Installer VISE extraction
// https://github.com/Bioruebe/UniExtract2
/// <inheritdoc/>
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
using (var fs = File.OpenRead(file))
{
return Scan(scanner, fs, file);
}
}
/// <inheritdoc/>
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
return null;
}
}
}

41
BurnOutSharp/PackerType/NSIS.cs
View File

@@ -8,31 +8,28 @@ namespace BurnOutSharp.PackerType
{
public class NSIS : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// Nullsoft Install System
new ContentMatchSet(new byte?[]
{
0x4e, 0x75, 0x6c, 0x6c, 0x73, 0x6f, 0x66, 0x74,
0x20, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c,
0x20, 0x53, 0x79, 0x73, 0x74, 0x65, 0x6d
}, GetVersion, "NSIS"),
// NullsoftInst
new ContentMatchSet(new byte?[]
{
0x4e, 0x75, 0x6c, 0x6c, 0x73, 0x6f, 0x66, 0x74,
0x49, 0x6e, 0x73, 0x74
}, "NSIS"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// Nullsoft Install System
new ContentMatchSet(new byte?[]
{
0x4e, 0x75, 0x6c, 0x6c, 0x73, 0x6f, 0x66, 0x74,
0x20, 0x49, 0x6e, 0x73, 0x74, 0x61, 0x6c, 0x6c,
0x20, 0x53, 0x79, 0x73, 0x74, 0x65, 0x6d
}, GetVersion, "NSIS"),
// NullsoftInst
new ContentMatchSet(new byte?[]
{
0x4e, 0x75, 0x6c, 0x6c, 0x73, 0x6f, 0x66, 0x74,
0x49, 0x6e, 0x73, 0x74
}, "NSIS"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
public static string GetVersion(string file, byte[] fileContent, List<int> positions)

6
BurnOutSharp/PackerType/PECompact.cs
View File

@@ -30,9 +30,13 @@ namespace BurnOutSharp.PackerType
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
// TODO: Improve version detection, Protection ID is able to detect ranges of versions. For example, 1.66-1.84 or 2.20-3.02.
public static string GetVersion(string file, byte[] fileContent, List<int> positions)
{
return $"v{BitConverter.ToInt16(fileContent, positions[0] + 4)}";
short version = BitConverter.ToInt16(fileContent, positions[0] + 4);
if (version == 0)
return string.Empty;
return $"(Internal Version {version})";
}
}
}

76
BurnOutSharp/PackerType/SetupFactory.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using BurnOutSharp.Matching;
@@ -6,52 +7,49 @@ namespace BurnOutSharp.PackerType
{
public class SetupFactory : IContentCheck, IScannable
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// S.e.t.u.p. .F.a.c.t.o.r.y.
new ContentMatchSet(new byte?[]
{
0x53, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00,
0x70, 0x00, 0x20, 0x00, 0x46, 0x00, 0x61, 0x00,
0x63, 0x00, 0x74, 0x00, 0x6F, 0x00, 0x72, 0x00,
0x79, 0x00
}, GetVersion, "Setup Factory"),
// Longer version of the check that can be used if false positves become an issue:
// S.e.t.u.p. .F.a.c.t.o.r.y. .i.s. .a. .t.r.a.d.e.m.a.r.k. .o.f. .I.n.d.i.g.o. .R.o.s.e. .C.o.r.p.o.r.a.t.i.o.n.
// new ContentMatchSet(new byte?[]
// {
// 0x53, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00,
// 0x70, 0x00, 0x20, 0x00, 0x46, 0x00, 0x61, 0x00,
// 0x63, 0x00, 0x74, 0x00, 0x6F, 0x00, 0x72, 0x00,
// 0x79, 0x00, 0x20, 0x00, 0x69, 0x00, 0x73, 0x00,
// 0x20, 0x00, 0x61, 0x00, 0x20, 0x00, 0x74, 0x00,
// 0x72, 0x00, 0x61, 0x00, 0x64, 0x00, 0x65, 0x00,
// 0x6D, 0x00, 0x61, 0x00, 0x72, 0x00, 0x6B, 0x00,
// 0x20, 0x00, 0x6F, 0x00, 0x66, 0x00, 0x20, 0x00,
// 0x49, 0x00, 0x6E, 0x00, 0x64, 0x00, 0x69, 0x00,
// 0x67, 0x00, 0x6F, 0x00, 0x20, 0x00, 0x52, 0x00,
// 0x6F, 0x00, 0x73, 0x00, 0x65, 0x00, 0x20, 0x00,
// 0x43, 0x00, 0x6F, 0x00, 0x72, 0x00, 0x70, 0x00,
// 0x6F, 0x00, 0x72, 0x00, 0x61, 0x00, 0x74, 0x00,
// 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00
// }, GetVersion, "Setup Factory"),
};
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// S.e.t.u.p. .F.a.c.t.o.r.y.
new ContentMatchSet(new byte?[]
{
0x53, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00,
0x70, 0x00, 0x20, 0x00, 0x46, 0x00, 0x61, 0x00,
0x63, 0x00, 0x74, 0x00, 0x6F, 0x00, 0x72, 0x00,
0x79, 0x00
}, GetVersion, "Setup Factory"),
// Longer version of the check that can be used if false positves become an issue:
// S.e.t.u.p. .F.a.c.t.o.r.y. .i.s. .a. .t.r.a.d.e.m.a.r.k. .o.f. .I.n.d.i.g.o. .R.o.s.e. .C.o.r.p.o.r.a.t.i.o.n.
// new ContentMatchSet(new byte?[]
// {
// 0x53, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00,
// 0x70, 0x00, 0x20, 0x00, 0x46, 0x00, 0x61, 0x00,
// 0x63, 0x00, 0x74, 0x00, 0x6F, 0x00, 0x72, 0x00,
// 0x79, 0x00, 0x20, 0x00, 0x69, 0x00, 0x73, 0x00,
// 0x20, 0x00, 0x61, 0x00, 0x20, 0x00, 0x74, 0x00,
// 0x72, 0x00, 0x61, 0x00, 0x64, 0x00, 0x65, 0x00,
// 0x6D, 0x00, 0x61, 0x00, 0x72, 0x00, 0x6B, 0x00,
// 0x20, 0x00, 0x6F, 0x00, 0x66, 0x00, 0x20, 0x00,
// 0x49, 0x00, 0x6E, 0x00, 0x64, 0x00, 0x69, 0x00,
// 0x67, 0x00, 0x6F, 0x00, 0x20, 0x00, 0x52, 0x00,
// 0x6F, 0x00, 0x73, 0x00, 0x65, 0x00, 0x20, 0x00,
// 0x43, 0x00, 0x6F, 0x00, 0x72, 0x00, 0x70, 0x00,
// 0x6F, 0x00, 0x72, 0x00, 0x61, 0x00, 0x74, 0x00,
// 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00
// }, GetVersion, "Setup Factory"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -65,7 +63,7 @@ namespace BurnOutSharp.PackerType
/// <inheritdoc/>
// TODO: Add extraction, which is possible but the only tools available that can
// do this seem to be Universal Extractor 2 and InstallExplorer (https://totalcmd.net/plugring/InstallExplorer.html)
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
return null;
}

74
BurnOutSharp/PackerType/UPX.cs
View File

@@ -6,46 +6,46 @@ namespace BurnOutSharp.PackerType
{
public class UPX : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// UPX!
new ContentMatchSet(new byte?[] { 0x55, 0x50, 0x58, 0x21 }, GetVersion, "UPX"),
// NOS
new ContentMatchSet(new byte?[] { 0x4E, 0x4F, 0x53, 0x20 }, GetVersion, "UPX (NOS Variant)"),
new ContentMatchSet(
new List<byte?[]>
{
// UPX0
new byte?[] { 0x55, 0x50, 0x58, 0x30 },
// UPX1
new byte?[] { 0x55, 0x50, 0x58, 0x31 },
},
"UPX (Unknown Version)"
),
new ContentMatchSet(
new List<byte?[]>
{
// NOS0
new byte?[] { 0x4E, 0x4F, 0x53, 0x30 },
// NOS1
new byte?[] { 0x4E, 0x4F, 0x53, 0x31 },
},
"UPX (NOS Variant) (Unknown Version)"
),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// UPX!
new ContentMatchSet(new byte?[] { 0x55, 0x50, 0x58, 0x21 }, GetVersion, "UPX"),
// NOS
new ContentMatchSet(
new ContentMatch(new byte?[] { 0x4E, 0x4F, 0x53, 0x20 }, end: 2048),
GetVersion,
"UPX (NOS Variant)"),
new ContentMatchSet(
new List<byte?[]>
{
// UPX0
new byte?[] { 0x55, 0x50, 0x58, 0x30 },
// UPX1
new byte?[] { 0x55, 0x50, 0x58, 0x31 },
},
"UPX (Unknown Version)"
),
new ContentMatchSet(
new List<byte?[]>
{
// NOS0
new byte?[] { 0x4E, 0x4F, 0x53, 0x30 },
// NOS1
new byte?[] { 0x4E, 0x4F, 0x53, 0x31 },
},
"UPX (NOS Variant) (Unknown Version)"
),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
public static string GetVersion(string file, byte[] fileContent, List<int> positions)

32
BurnOutSharp/PackerType/WinRARSFX.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using BurnOutSharp.Matching;
@@ -9,30 +10,27 @@ namespace BurnOutSharp.PackerType
{
public class WinRARSFX : IContentCheck, IScannable
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// Software\WinRAR SFX
new ContentMatchSet(new byte?[]
{
0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65,
0x5C, 0x57, 0x69, 0x6E, 0x52, 0x41, 0x52, 0x20,
0x53, 0x46, 0x58
}, "WinRAR SFX"),
};
/// <inheritdoc/>
public bool ShouldScan(byte[] magic) => true;
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// Software\WinRAR SFX
new ContentMatchSet(new byte?[]
{
0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65,
0x5C, 0x57, 0x69, 0x6E, 0x52, 0x41, 0x52, 0x20,
0x53, 0x46, 0x58
}, "WinRAR SFX"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -44,7 +42,7 @@ namespace BurnOutSharp.PackerType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the rar file itself fails
try

310
BurnOutSharp/PackerType/WinZipSFX.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using BurnOutSharp.Matching;
@@ -32,8 +33,10 @@ namespace BurnOutSharp.PackerType
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
// TODO: Find a way to generically detect 2.X versions and improve exact version detection for SFX PE versions bundled with WinZip 11+
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -45,7 +48,7 @@ namespace BurnOutSharp.PackerType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the zip file itself fails
try
@@ -96,8 +99,11 @@ namespace BurnOutSharp.PackerType
{
// Check the manifest version first
string version = Utilities.GetManifestVersion(fileContent);
string description = Utilities.GetManifestDescription(fileContent);
if (description != "WinZip Self-Extractor")
return GetV2Version(file, fileContent);
if (!string.IsNullOrEmpty(version))
return GetV3PlusVersion(version);
return GetV3PlusVersion(file, fileContent, version);
// Assume an earlier version
return GetV2Version(file, fileContent);
@@ -253,6 +259,48 @@ namespace BurnOutSharp.PackerType
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03,
}, "Software Installation 2.1 (16-bit)"),
new ContentMatchSet(new byte?[]
{
0x4E, 0x45, 0x11, 0x20, 0x86, 0x00, 0x02, 0x00,
0x00, 0x00, 0x00, 0x00, 0x0A, 0x03, 0x03, 0x00,
0x00, 0x20, 0x00, 0x40, 0x7C, 0x31, 0x01, 0x00,
0x00, 0x00, 0x03, 0x00, 0x03, 0x00, 0x04, 0x00,
0x4B, 0x00, 0x40, 0x00, 0x58, 0x00, 0x58, 0x00,
0x64, 0x00, 0x6C, 0x00, 0x98, 0x01, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x02, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03,
}, "Personal Edition (16-bit)"),
new ContentMatchSet(new byte?[]
{
0x4E, 0x45, 0x11, 0x20, 0xBE, 0x00, 0x02, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x03, 0x03, 0x00,
0x00, 0x20, 0x00, 0x3C, 0x7C, 0x3E, 0x01, 0x00,
0x00, 0x00, 0x03, 0x00, 0x03, 0x00, 0x04, 0x00,
0x4B, 0x00, 0x40, 0x00, 0x58, 0x00, 0x90, 0x00,
0x9C, 0x00, 0xA4, 0x00, 0xD0, 0x01, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x02, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03,
}, "Personal Edition 32-bit (16-bit)"),
new ContentMatchSet(new byte?[]
{
0x4E, 0x45, 0x11, 0x20, 0xC6, 0x00, 0x02, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x03, 0x03, 0x00,
0xDC, 0x43, 0x08, 0x27, 0xDC, 0x4A, 0x01, 0x00,
0x00, 0x00, 0x03, 0x00, 0x03, 0x00, 0x05, 0x00,
0x4B, 0x00, 0x40, 0x00, 0x58, 0x00, 0x90, 0x00,
0x9C, 0x00, 0xA6, 0x00, 0xD8, 0x01, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x02, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03,
}, "Personal Edition 32-bit Build 1260/1285 (16-bit)"),
// WZ-SE-01
new ContentMatchSet(new byte?[]
{
0x57, 0x5A, 0x2D, 0x53, 0x45, 0x2D, 0x30, 0x31
}, "Unknow Version (16-bit)"),
#endregion
#region 32-bit SFX Header Checks
@@ -335,10 +383,191 @@ namespace BurnOutSharp.PackerType
0x2E, 0x53, 0x46, 0x58,
}, "Software Installation 2.1 (32-bit)"),
// .............ñ½;5....ˆ`..............ˆ`..ˆ`..ˆ`..SI32E.SFX
new ContentMatchSet(new byte?[]
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0xF1, 0xBD, 0x3B,
0x35, 0x00, 0x00, 0x00, 0x00, 0x88, 0x60, 0x00,
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x88, 0x60, 0x00,
0x00, 0x88, 0x60, 0x00, 0x00, 0x88, 0x60, 0x00,
0x00, 0x53, 0x49, 0x33, 0x32, 0x45, 0x2E, 0x53,
0x46, 0x58,
}, "Software Installation 2.2.1110 (32-bit)"),
// .............á.^2....ˆP..............ˆP..ˆP..ˆP..VW95LE.SFX
new ContentMatchSet(new byte?[]
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0xE1, 0x9D, 0x5E,
0x32, 0x00, 0x00, 0x00, 0x00, 0x88, 0x50, 0x00,
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x88, 0x50, 0x00,
0x00, 0x88, 0x50, 0x00, 0x00, 0x88, 0x50, 0x00,
0x00, 0x56, 0x57, 0x39, 0x35, 0x4C, 0x45, 0x2E,
0x53, 0x46, 0x58,
}, "Personal Edition (32-bit)"),
// .............ïAÁ3....ˆP..............ˆP..ˆP..ˆP..VW95LE.SFX
new ContentMatchSet(new byte?[]
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0xEF, 0x41, 0xC1,
0x33, 0x00, 0x00, 0x00, 0x00, 0x88, 0x50, 0x00,
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x88, 0x50, 0x00,
0x00, 0x88, 0x50, 0x00, 0x00, 0x88, 0x50, 0x00,
0x00, 0x56, 0x57, 0x39, 0x35, 0x4C, 0x45, 0x2E,
0x53, 0x46, 0x58,
}, "Personal Edition 32-bit (32-bit)"),
// .............'..6....ˆ`..............ˆ`..ˆ`..ˆ`..PE32E.SFX
new ContentMatchSet(new byte?[]
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x27, 0x0F, 0x01,
0x36, 0x00, 0x00, 0x00, 0x00, 0x88, 0x60, 0x00,
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x88, 0x60, 0x00,
0x00, 0x88, 0x60, 0x00, 0x00, 0x88, 0x60, 0x00,
0x00, 0x50, 0x45, 0x33, 0x32, 0x45, 0x2E, 0x53,
0x46, 0x58,
}, "Personal Edition 32-bit Build 1260 (32-bit)"),
// .............Ó‘(6....ˆ`..............ˆ`..ˆ`..ˆ`..PE32E.SFX
new ContentMatchSet(new byte?[]
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0xD3, 0x91, 0x28,
0x36, 0x00, 0x00, 0x00, 0x00, 0x88, 0x60, 0x00,
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x88, 0x60, 0x00,
0x00, 0x88, 0x60, 0x00, 0x00, 0x88, 0x60, 0x00,
0x00, 0x50, 0x45, 0x33, 0x32, 0x45, 0x2E, 0x53,
0x46, 0x58,
}, "Personal Edition 32-bit Build 1285 (32-bit)"),
// ......]ïý8....˜z..............˜z..˜z..˜z..PE32E.SFX
new ContentMatchSet(new byte?[]
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x5D, 0xEF,
0xFD, 0x38, 0x00, 0x00, 0x00, 0x00, 0x98, 0x7A,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x98, 0x7A,
0x00, 0x00, 0x98, 0x7A, 0x00, 0x00, 0x98, 0x7A,
0x00, 0x00, 0x50, 0x45, 0x33, 0x32, 0x45, 0x2E,
0x53, 0x46, 0x58,
}, "Personal Edition 32-bit Build 3063"),
// ...................½û;....ˆj..............ˆj..ˆj..ˆj..PE32E.SFX
new ContentMatchSet(new byte?[]
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x1F, 0xBD, 0xFB, 0x3B, 0x00, 0x00,
0x00, 0x00, 0x88, 0x6A, 0x00, 0x00, 0x01, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x88, 0x6A, 0x00, 0x00, 0x88, 0x6A,
0x00, 0x00, 0x88, 0x6A, 0x00, 0x00, 0x50, 0x45,
0x33, 0x32, 0x45, 0x2E, 0x53, 0x46, 0x58,
}, "Personal Edition 32-bit Build 4325"),
// ................rS*@....Xƒ..............Xƒ..Xƒ..Xƒ..PE32E.SFX
new ContentMatchSet(new byte?[]
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x72, 0x53, 0x2A, 0x40, 0x00, 0x00, 0x00, 0x00,
0x58, 0x83, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x58, 0x83, 0x00, 0x00, 0x58, 0x83, 0x00, 0x00,
0x58, 0x83, 0x00, 0x00, 0x50, 0x45, 0x33, 0x32,
0x45, 0x2E, 0x53, 0x46, 0x58,
}, "Personal Edition 32-bit Build 6028"),
// ................±.!A....Xƒ..............Xƒ..Xƒ..Xƒ..PE32E.SFX
new ContentMatchSet(new byte?[]
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xB1, 0x1A, 0x21, 0x41, 0x00, 0x00, 0x00, 0x00,
0x58, 0x83, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x58, 0x83, 0x00, 0x00, 0x58, 0x83, 0x00, 0x00,
0x58, 0x83, 0x00, 0x00, 0x50, 0x45, 0x33, 0x32,
0x45, 0x2E, 0x53, 0x46, 0x58,
}, "Personal Edition 32-bit Build 6224"),
// ................¯D.C....x„..............x„..x„..x„..PE32E.SFX
new ContentMatchSet(new byte?[]
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xAF, 0x44, 0x0F, 0x43, 0x00, 0x00, 0x00, 0x00,
0x78, 0x84, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x78, 0x84, 0x00, 0x00, 0x78, 0x84, 0x00, 0x00,
0x78, 0x84, 0x00, 0x00, 0x50, 0x45, 0x33, 0x32,
0x45, 0x2E, 0x53, 0x46,
}, "Personal Edition 32-bit Build 6604"),
//................·Å\C....x„..............x„..x„..x„..PE32E.SFX
new ContentMatchSet(new byte?[]
{
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xB7, 0xC5, 0x5C, 0x43, 0x00, 0x00, 0x00, 0x00,
0x78, 0x84, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x78, 0x84, 0x00, 0x00, 0x78, 0x84, 0x00, 0x00,
0x78, 0x84, 0x00, 0x00, 0x50, 0x45, 0x33, 0x32,
0x45, 0x2E, 0x53, 0x46, 0x58,
}, "Personal Edition 32-bit Build 6663"),
// VW95SE.SFX
new ContentMatchSet(new byte?[]
{
0x56, 0x57, 0x39, 0x35, 0x53, 0x45, 0x2E, 0x53,
0x46, 0x58,
}, "Unknown Version (32-bit)"),
// VW95SRE.SFX
new ContentMatchSet(new byte?[]
{
0x56, 0x57, 0x39, 0x35, 0x53, 0x52, 0x45, 0x2E,
0x53, 0x46, 0x58,
}, "Unknown Version Software Installation (32-bit)"),
// VW95LE.SFX
new ContentMatchSet(new byte?[]
{
0x56, 0x57, 0x39, 0x35, 0x4C, 0x45, 0x2E, 0x53,
0x46, 0x58,
}, "Unknown Version before build 1285 Personal Edition (32-bit)"),
// PE32E.SFX
new ContentMatchSet(new byte?[]
{
0x50, 0x45, 0x33, 0x32, 0x45, 0x2E, 0x53, 0x46,
0x58,
}, "Unknown Version after 1285 Personal Edition (32-bit)"),
#endregion
#region 32-bit PE Header Checks
new ContentMatchSet(new byte?[]
{
0x50, 0x45, 0x00, 0x00, 0x4C, 0x01, 0x05, 0x00,
0xC9, 0x7A, 0xBE, 0x38, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0xE0, 0x00, 0x0F, 0x01,
0x0B, 0x01, 0x05, 0x0A, 0x00, 0x5C, 0x00, 0x00,
0x00, 0x4C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x71, 0x3E, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00,
0x00, 0x70, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,
}, "2.2.3063"),
new ContentMatchSet(new byte?[]
{
0x50, 0x45, 0x00, 0x00, 0x4C, 0x01, 0x05, 0x00,
@@ -358,33 +587,100 @@ namespace BurnOutSharp.PackerType
0x0B, 0x01, 0x05, 0x0A, 0x00, 0x56, 0x00, 0x00,
0x00, 0x2A, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x8F, 0x3F, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00,
0x00, 0x70, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,
0x00, 0x70, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,
}, "Software Installation 2.2.4003"),
new ContentMatchSet(new byte?[]
{
0x50, 0x45, 0x00, 0x00, 0x4C, 0x01, 0x05, 0x00,
0xFA, 0xB8, 0xFB, 0x3B, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0xE0, 0x00, 0x0F, 0x01,
0x0B, 0x01, 0x06, 0x00, 0x00, 0x60, 0x00, 0x00,
0x00, 0xF0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xF0, 0x3E, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00,
0x00, 0x70, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,
0x00, 0x10, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00,
}, "2.2.4325"),
new ContentMatchSet(new byte?[]
{
0x50, 0x45, 0x00, 0x00, 0x4C, 0x01, 0x05, 0x00,
0xAD, 0xFC, 0x2A, 0x3D, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0xE0, 0x00, 0x0F, 0x01,
0x0B, 0x01, 0x07, 0x00, 0x00, 0x70, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
0x54, 0x45, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00,
0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,
0x00, 0x10, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, }, "2.2.5196"),
new ContentMatchSet(new byte?[]
{
0x50, 0x45, 0x00, 0x00, 0x4C, 0x01, 0x05, 0x00,
0x76, 0xF7, 0x00, 0x41, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0xE0, 0x00, 0x0F, 0x01,
0x0B, 0x01, 0x07, 0x00, 0x00, 0x70, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
0x03, 0x46, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00,
0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,
}, "2.2.6202"),
#endregion
// WinZip Self-Extractor header corrupt.
new ContentMatchSet(new byte?[]
{
0x57, 0x69, 0x6E, 0x5A, 0x69, 0x70, 0x20, 0x53,
0x65, 0x6C, 0x66, 0x2D, 0x45, 0x78, 0x74, 0x72,
0x61, 0x63, 0x74, 0x6F, 0x72, 0x20, 0x68, 0x65,
0x61, 0x64, 0x65, 0x72, 0x20, 0x63, 0x6F, 0x72,
0x72, 0x75, 0x70, 0x74, 0x2E,
}, "Unknown 2.x version"),
// winzip\shell\open\command
new ContentMatchSet(new byte?[]
{
0x77, 0x69, 0x6E, 0x7A, 0x69, 0x70, 0x5C, 0x73,
0x68, 0x65, 0x6C, 0x6C, 0x5C, 0x6F, 0x70, 0x65,
0x6E, 0x5C, 0x63, 0x6F, 0x6D, 0x6D, 0x61, 0x6E,
0x64,
}, "Unknown 2.x version"),
};
string match = MatchUtil.GetFirstMatch(file, fileContent, matchers, false);
return match ?? "Unknown 2.x";
return match ?? null;
}
private static string GetV3PlusVersion(string version)
private static string GetV3PlusVersion(string file, byte[] fileContent, string version)
{
// Some version strings don't exactly match the public version number
switch (version)
{
case "2.3.6594.0":
return "Personal Edition Build 6604";
case "2.3.6602.0":
return "Personal Edition Build 6663";
case "2.3.7305.0":
return "Personal Edition Build 7305";
case "2.3.7382.0":
return "Personal Edition Build 7452+";
case "3.0.7158.0":
return "3.0.7158";
case "3.0.7454.0":
return "3.0.7454+";
case "3.0.7212.0":
return "3.0.7212";
case "3.1.7556.0":
return "3.1.7556";
case "3.1.8421.0":
return "4.0.8421";
case "4.0.8421.0":
return "4.0.8421";
case "3.1.8672.0":
return "4.0.8672";
case "4.0.1221.0":
return "4.0.12218";
default:
return $"(Unknown - {version})";
return $"(Unknown - internal version {version})";
}
}
}

5
BurnOutSharp/PackerType/WiseInstaller.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using BurnOutSharp.Matching;
@@ -24,7 +25,7 @@ namespace BurnOutSharp.PackerType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
{
if (!File.Exists(file))
return null;
@@ -36,7 +37,7 @@ namespace BurnOutSharp.PackerType
}
/// <inheritdoc/>
public Dictionary<string, List<string>> Scan(Scanner scanner, Stream stream, string file)
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
{
// If the installer file itself fails
try

27
BurnOutSharp/PackerType/dotFuscator.cs
View File

@@ -5,24 +5,21 @@ namespace BurnOutSharp.PackerType
{
public class dotFuscator : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// DotfuscatorAttribute
new ContentMatchSet(new byte?[]
{
0x44, 0x6F, 0x74, 0x66, 0x75, 0x73, 0x63, 0x61,
0x74, 0x6F, 0x72, 0x41, 0x74, 0x74, 0x72, 0x69,
0x62, 0x75, 0x74, 0x65
}, "dotFuscator"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// DotfuscatorAttribute
new ContentMatchSet(new byte?[]
{
0x44, 0x6F, 0x74, 0x66, 0x75, 0x73, 0x63, 0x61,
0x74, 0x6F, 0x72, 0x41, 0x74, 0x74, 0x72, 0x69,
0x62, 0x75, 0x74, 0x65
}, "dotFuscator"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

9
BurnOutSharp/ProtectionType/AACS.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using BurnOutSharp.Matching;
@@ -7,15 +8,15 @@ namespace BurnOutSharp.ProtectionType
public class AACS : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{
// BD-ROM
new PathMatchSet(Path.Combine("AACS", "MKB_RO.inf"), GetVersion, "AACS"),
new PathMatchSet(Path.Combine("AACS", "MKB_RO.inf").Replace("\\", "/"), GetVersion, "AACS"),
// HD-DVD
new PathMatchSet(Path.Combine("AACS", "MKBROM.AACS"), GetVersion, "AACS"),
new PathMatchSet(Path.Combine("AACS", "MKBROM.AACS").Replace("\\", "/"), GetVersion, "AACS"),
};
return MatchUtil.GetAllMatches(files, matchers, any: true);

33
BurnOutSharp/ProtectionType/ActiveMARK.cs
View File

@@ -5,27 +5,24 @@ namespace BurnOutSharp.ProtectionType
{
public class ActiveMARK : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// TMSAMVOF
new ContentMatchSet(new byte?[] { 0x54, 0x4D, 0x53, 0x41, 0x4D, 0x56, 0x4F, 0x46 }, "ActiveMARK"),
// " " + (char)0xC2 + (char)0x16 + (char)0x00 + (char)0xA8 + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0xB8 + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0x86 + (char)0xC8 + (char)0x16 + (char)0x00 + (char)0x9A + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0x10 + (char)0xC2 + (char)0x16 + (char)0x00
new ContentMatchSet(new byte?[]
{
0x20, 0xC2, 0x16, 0x00, 0xA8, 0xC1, 0x16, 0x00,
0xB8, 0xC1, 0x16, 0x00, 0x86, 0xC8, 0x16, 0x00,
0x9A, 0xC1, 0x16, 0x00, 0x10, 0xC2, 0x16, 0x00
}, "ActiveMARK 5"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// TMSAMVOF
new ContentMatchSet(new byte?[] { 0x54, 0x4D, 0x53, 0x41, 0x4D, 0x56, 0x4F, 0x46 }, "ActiveMARK"),
// " " + (char)0xC2 + (char)0x16 + (char)0x00 + (char)0xA8 + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0xB8 + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0x86 + (char)0xC8 + (char)0x16 + (char)0x00 + (char)0x9A + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0x10 + (char)0xC2 + (char)0x16 + (char)0x00
new ContentMatchSet(new byte?[]
{
0x20, 0xC2, 0x16, 0x00, 0xA8, 0xC1, 0x16, 0x00,
0xB8, 0xC1, 0x16, 0x00, 0x86, 0xC8, 0x16, 0x00,
0x9A, 0xC1, 0x16, 0x00, 0x10, 0xC2, 0x16, 0x00
}, "ActiveMARK 5"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

5
BurnOutSharp/ProtectionType/AlphaDVD.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class AlphaDVD : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

17
BurnOutSharp/ProtectionType/AlphaROM.cs
View File

@@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType
{
public class AlphaROM : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// SETTEC
new ContentMatchSet(new byte?[] { 0x53, 0x45, 0x54, 0x54, 0x45, 0x43 }, "Alpha-ROM"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// SETTEC
new ContentMatchSet(new byte?[] { 0x53, 0x45, 0x54, 0x54, 0x45, 0x43 }, "Alpha-ROM"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

7
BurnOutSharp/ProtectionType/BDPlus.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
@@ -9,14 +10,14 @@ namespace BurnOutSharp.ProtectionType
public class BDPlus : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new List<string>
{
Path.Combine("BDSVM", "00000.svm"),
Path.Combine("BDSVM", "BACKUP", "00000.svm"),
Path.Combine("BDSVM", "00000.svm").Replace("\\", "/"),
Path.Combine("BDSVM", "BACKUP", "00000.svm").Replace("\\", "/"),
}, GetVersion, "BD+"),
};

32
BurnOutSharp/ProtectionType/Bitpool.cs
View File

@@ -1,16 +1,41 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class Bitpool : IPathCheck
/// <summary>
/// Bitpool is a copy protection that seems to resemble SafeDisc in several ways, found mostly in German releases.
/// Makes use of bad sectors, and contains what appears to be an encrypted game executable always called "CD.IDX" (similar to SafeDisc ICD files), which seems to be present in every disc protected with it.
/// The "CD.IDX" appears to purposefully contain bad sectors in most, if not all, cases.
/// A "bitpool.rsc" file is present in some, but not all Bitpool protected games. The purpose of it is so far unclear.
/// </summary>
public class Bitpool : IContentCheck, IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
var matchers = new List<ContentMatchSet>
{
// Sometimes found in CD.IDX
// BITPOOL.RSC
new ContentMatchSet(new byte?[]
{
0x42, 0x49, 0x54, 0x50, 0x4F, 0x4F, 0x4C, 0x2E,
0x52, 0x53, 0x43
}, "Bitpool"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("bitpool.rsc", useEndsWith: true), "Bitpool"),
new PathMatchSet(new PathMatch("CD.IDX", useEndsWith: true), "Bitpool"),
};
return MatchUtil.GetAllMatches(files, matchers, any: true);
@@ -22,6 +47,7 @@ namespace BurnOutSharp.ProtectionType
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("bitpool.rsc", useEndsWith: true), "Bitpool"),
new PathMatchSet(new PathMatch("CD.IDX", useEndsWith: true), "Bitpool"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

5
BurnOutSharp/ProtectionType/ByteShield.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class ByteShield : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

31
BurnOutSharp/ProtectionType/CDCheck.cs
View File

@@ -5,26 +5,23 @@ namespace BurnOutSharp.ProtectionType
{
public class CDCheck : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// MGS CDCheck
new ContentMatchSet(new byte?[]
{
0x4D, 0x47, 0x53, 0x20, 0x43, 0x44, 0x43, 0x68,
0x65, 0x63, 0x6B
}, "Microsoft Game Studios CD Check"),
// CDCheck
new ContentMatchSet(new byte?[] { 0x43, 0x44, 0x43, 0x68, 0x65, 0x63, 0x6B }, "Executable-Based CD Check"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// MGS CDCheck
new ContentMatchSet(new byte?[]
{
0x4D, 0x47, 0x53, 0x20, 0x43, 0x44, 0x43, 0x68,
0x65, 0x63, 0x6B
}, "Microsoft Game Studios CD Check"),
// CDCheck
new ContentMatchSet(new byte?[] { 0x43, 0x44, 0x43, 0x68, 0x65, 0x63, 0x6B }, "Executable-Based CD Check"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
// These content checks are too broad to be useful

34
BurnOutSharp/ProtectionType/CDCops.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.Linq;
using BurnOutSharp.Matching;
@@ -7,30 +8,27 @@ namespace BurnOutSharp.ProtectionType
{
public class CDCops : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// CD-Cops, ver.
new ContentMatchSet(new byte?[]
{
0x43, 0x44, 0x2D, 0x43, 0x6F, 0x70, 0x73, 0x2C,
0x20, 0x20, 0x76, 0x65, 0x72, 0x2E, 0x20
}, GetVersion, "CD-Cops"),
// .grand + (char)0x00
new ContentMatchSet(new byte?[] { 0x2E, 0x67, 0x72, 0x61, 0x6E, 0x64, 0x00 }, "CD-Cops"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// CD-Cops, ver.
new ContentMatchSet(new byte?[]
{
0x43, 0x44, 0x2D, 0x43, 0x6F, 0x70, 0x73, 0x2C,
0x20, 0x20, 0x76, 0x65, 0x72, 0x2E, 0x20
}, GetVersion, "CD-Cops"),
// .grand + (char)0x00
new ContentMatchSet(new byte?[] { 0x2E, 0x67, 0x72, 0x61, 0x6E, 0x64, 0x00 }, "CD-Cops"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Original had "CDCOPS.DLL" required and all the rest in a combined OR
var matchers = new List<PathMatchSet>

31
BurnOutSharp/ProtectionType/CDKey.cs
View File

@@ -5,26 +5,23 @@ namespace BurnOutSharp.ProtectionType
{
public class CDKey : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// I + (char)0x00 + n + (char)0x00 + t + (char)0x00 + e + (char)0x00 + r + (char)0x00 + n + (char)0x00 + a + (char)0x00 + l + (char)0x00 + N + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + + (char)0x00 + + (char)0x00 + C + (char)0x00 + D + (char)0x00 + K + (char)0x00 + e + (char)0x00 + y + (char)0x00
new ContentMatchSet(new byte?[]
{
0x49, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x00,
0x72, 0x00, 0x6E, 0x00, 0x61, 0x00, 0x6C, 0x00,
0x4E, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00,
0x00, 0x00, 0x43, 0x00, 0x44, 0x00, 0x4B, 0x00,
0x65, 0x00, 0x79, 0x00
}, Utilities.GetFileVersion, "CD-Key / Serial"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// I + (char)0x00 + n + (char)0x00 + t + (char)0x00 + e + (char)0x00 + r + (char)0x00 + n + (char)0x00 + a + (char)0x00 + l + (char)0x00 + N + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + + (char)0x00 + + (char)0x00 + C + (char)0x00 + D + (char)0x00 + K + (char)0x00 + e + (char)0x00 + y + (char)0x00
new ContentMatchSet(new byte?[]
{
0x49, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x00,
0x72, 0x00, 0x6E, 0x00, 0x61, 0x00, 0x6C, 0x00,
0x4E, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00,
0x00, 0x00, 0x43, 0x00, 0x44, 0x00, 0x4B, 0x00,
0x65, 0x00, 0x79, 0x00
}, Utilities.GetFileVersion, "CD-Key / Serial"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

34
BurnOutSharp/ProtectionType/CDLock.cs
View File

@@ -1,33 +1,31 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class CDLock : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// 2 + (char)0xF2 + (char)0x02 + (char)0x82 + (char)0xC3 + (char)0xBC + (char)0x0B + $ + (char)0x99 + (char)0xAD + 'C + (char)0xE4 + (char)0x9D + st + (char)0x99 + (char)0xFA + 2$ + (char)0x9D + )4 + (char)0xFF + t
new ContentMatchSet(new byte?[]
{
0x32, 0xF2, 0x02, 0x82, 0xC3, 0xBC, 0x0B, 0x24,
0x99, 0xAD, 0x27, 0x43, 0xE4, 0x9D, 0x73, 0x74,
0x99, 0xFA, 0x32, 0x24, 0x9D, 0x29, 0x34, 0xFF,
0x74
}, "CD-Lock"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// 2 + (char)0xF2 + (char)0x02 + (char)0x82 + (char)0xC3 + (char)0xBC + (char)0x0B + $ + (char)0x99 + (char)0xAD + 'C + (char)0xE4 + (char)0x9D + st + (char)0x99 + (char)0xFA + 2$ + (char)0x9D + )4 + (char)0xFF + t
new ContentMatchSet(new byte?[]
{
0x32, 0xF2, 0x02, 0x82, 0xC3, 0xBC, 0x0B, 0x24,
0x99, 0xAD, 0x27, 0x43, 0xE4, 0x9D, 0x73, 0x74,
0x99, 0xFA, 0x32, 0x24, 0x9D, 0x29, 0x34, 0xFF,
0x74
}, "CD-Lock"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

5
BurnOutSharp/ProtectionType/CDProtector.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class CDProtector : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Verify if these are OR or AND
var matchers = new List<PathMatchSet>

17
BurnOutSharp/ProtectionType/CDSHiELDSE.cs
View File

@@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType
{
public class CDSHiELDSE : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// ~0017.tmp
new ContentMatchSet(new byte?[] { 0x7E, 0x30, 0x30, 0x31, 0x37, 0x2E, 0x74, 0x6D, 0x70 }, "CDSHiELD SE"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// ~0017.tmp
new ContentMatchSet(new byte?[] { 0x7E, 0x30, 0x30, 0x31, 0x37, 0x2E, 0x74, 0x6D, 0x70 }, "CDSHiELD SE"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

5
BurnOutSharp/ProtectionType/CDX.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class CDX : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Verify if these are OR or AND
var matchers = new List<PathMatchSet>

32
BurnOutSharp/ProtectionType/CactusDataShield.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
@@ -9,29 +10,26 @@ namespace BurnOutSharp.ProtectionType
{
public class CactusDataShield : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// DATA.CDS
new ContentMatchSet(new byte?[] { 0x44, 0x41, 0x54, 0x41, 0x2E, 0x43, 0x44, 0x53 }, "Cactus Data Shield 200"),
// \*.CDS
new ContentMatchSet(new byte?[] { 0x5C, 0x2A, 0x2E, 0x43, 0x44, 0x53 }, "Cactus Data Shield 200"),
// CDSPlayer
new ContentMatchSet(new byte?[] { 0x43, 0x44, 0x53, 0x50, 0x6C, 0x61, 0x79, 0x65, 0x72 }, "Cactus Data Shield 200"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// DATA.CDS
new ContentMatchSet(new byte?[] { 0x44, 0x41, 0x54, 0x41, 0x2E, 0x43, 0x44, 0x53 }, "Cactus Data Shield 200"),
// \*.CDS
new ContentMatchSet(new byte?[] { 0x5C, 0x2A, 0x2E, 0x43, 0x44, 0x53 }, "Cactus Data Shield 200"),
// CDSPlayer
new ContentMatchSet(new byte?[] { 0x43, 0x44, 0x53, 0x50, 0x6C, 0x61, 0x79, 0x65, 0x72 }, "Cactus Data Shield 200"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Verify if these are OR or AND
var matchers = new List<PathMatchSet>

17
BurnOutSharp/ProtectionType/CengaProtectDVD.cs
View File

@@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType
{
public class CengaProtectDVD : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// .cenega
new ContentMatchSet(new byte?[] { 0x2E, 0x63, 0x65, 0x6E, 0x65, 0x67, 0x61 }, "Cenega ProtectDVD"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// .cenega
new ContentMatchSet(new byte?[] { 0x2E, 0x63, 0x65, 0x6E, 0x65, 0x67, 0x61 }, "Cenega ProtectDVD"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

39
BurnOutSharp/ProtectionType/CodeLock.cs
View File

@@ -5,30 +5,27 @@ namespace BurnOutSharp.ProtectionType
{
public class CodeLock : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
/// TODO: Verify if these are OR or AND
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// icd1 + (char)0x00
new ContentMatchSet(new byte?[] { 0x69, 0x63, 0x64, 0x31, 0x00 }, "Code Lock"),
// icd2 + (char)0x00
new ContentMatchSet(new byte?[] { 0x69, 0x63, 0x64, 0x32, 0x00 }, "Code Lock"),
// CODE-LOCK.OCX
new ContentMatchSet(new byte?[]
{
0x43, 0x4F, 0x44, 0x45, 0x2D, 0x4C, 0x4F, 0x43,
0x4B, 0x2E, 0x4F, 0x43, 0x58
}, "Code Lock"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
// TODO: Verify if these are OR or AND
var matchers = new List<ContentMatchSet>
{
// icd1 + (char)0x00
new ContentMatchSet(new byte?[] { 0x69, 0x63, 0x64, 0x31, 0x00 }, "Code Lock"),
// icd2 + (char)0x00
new ContentMatchSet(new byte?[] { 0x69, 0x63, 0x64, 0x32, 0x00 }, "Code Lock"),
// CODE-LOCK.OCX
new ContentMatchSet(new byte?[]
{
0x43, 0x4F, 0x44, 0x45, 0x2D, 0x4C, 0x4F, 0x43,
0x4B, 0x2E, 0x4F, 0x43, 0x58
}, "Code Lock"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

30
BurnOutSharp/ProtectionType/CopyKiller.cs
View File

@@ -1,31 +1,29 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class CopyKiller : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// Tom Commander
new ContentMatchSet(new byte?[]
{
0x54, 0x6F, 0x6D, 0x20, 0x43, 0x6F, 0x6D, 0x6D,
0x61, 0x6E, 0x64, 0x65, 0x72
}, "CopyKiller"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// Tom Commander
new ContentMatchSet(new byte?[]
{
0x54, 0x6F, 0x6D, 0x20, 0x43, 0x6F, 0x6D, 0x6D,
0x61, 0x6E, 0x64, 0x65, 0x72
}, "CopyKiller"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: The following checks are overly broad and should be refined
var matchers = new List<PathMatchSet>

25
BurnOutSharp/ProtectionType/DVDCops.cs
View File

@@ -7,23 +7,20 @@ namespace BurnOutSharp.ProtectionType
{
public class DVDCops : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// DVD-Cops, ver.
new ContentMatchSet(new byte?[]
{
0x44, 0x56, 0x44, 0x2D, 0x43, 0x6F, 0x70, 0x73,
0x2C, 0x20, 0x20, 0x76, 0x65, 0x72, 0x2E, 0x20
}, GetVersion, "DVD-Cops"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// DVD-Cops, ver.
new ContentMatchSet(new byte?[]
{
0x44, 0x56, 0x44, 0x2D, 0x43, 0x6F, 0x70, 0x73,
0x2C, 0x20, 0x20, 0x76, 0x65, 0x72, 0x2E, 0x20
}, GetVersion, "DVD-Cops"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
public static string GetVersion(string file, byte[] fileContent, List<int> positions)

5
BurnOutSharp/ProtectionType/DVDCrypt.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class DVDCrypt : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

16
BurnOutSharp/ProtectionType/DVDMoviePROTECT.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
@@ -8,21 +9,26 @@ namespace BurnOutSharp.ProtectionType
public class DVDMoviePROTECT : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var protections = new ConcurrentQueue<string>();
if (Directory.Exists(Path.Combine(path, "VIDEO_TS")))
{
string[] bupfiles = files.Where(s => s.EndsWith(".bup")).ToArray();
for (int i = 0; i < bupfiles.Length; i++)
{
FileInfo bupfile = new FileInfo(bupfiles[i]);
FileInfo ifofile = new FileInfo(bupfile.DirectoryName + "\\" + bupfile.Name.Substring(0, bupfile.Name.Length - bupfile.Extension.Length) + ".ifo");
FileInfo ifofile = new FileInfo(Path.Combine(bupfile.DirectoryName, bupfile.Name.Substring(0, bupfile.Name.Length - bupfile.Extension.Length) + ".ifo"));
if (bupfile.Length != ifofile.Length)
return new List<string>() { "DVD-Movie-PROTECT" };
{
protections.Enqueue("DVD-Movie-PROTECT");
break;
}
}
}
return null;
return protections;
}
/// <inheritdoc/>

5
BurnOutSharp/ProtectionType/DiscGuard.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class DiscGuard : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

173
BurnOutSharp/ProtectionType/ElectronicArts.cs
View File

@@ -5,93 +5,6 @@ namespace BurnOutSharp.ProtectionType
{
public class ElectronicArts : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// EASTL
//new ContentMatchSet(new byte?[] { 0x45, 0x41, 0x53, 0x54, 0x4C }, "Cucko (EA Custom)"),
// R + (char)0x00 + e + (char)0x00 + g + (char)0x00 + i + (char)0x00 + s + (char)0x00 + t + (char)0x00 + r + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + C + (char)0x00 + o + (char)0x00 + d + (char)0x00 + e + (char)0x00 + + (char)0x00 + i + (char)0x00 + n + (char)0x00 + s + (char)0x00 + t + (char)0x00 + a + (char)0x00 + l + (char)0x00 + l + (char)0x00 + e + (char)0x00 + r + (char)0x00 + + (char)0x00 + p + (char)0x00 + r + (char)0x00 + o + (char)0x00 + g + (char)0x00 + r + (char)0x00 + a + (char)0x00 + m + (char)0x00
new ContentMatchSet(new byte?[]
{
0x52, 0x00, 0x65, 0x00, 0x67, 0x00, 0x69, 0x00,
0x73, 0x00, 0x74, 0x00, 0x72, 0x00, 0x61, 0x00,
0x74, 0x00, 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00,
0x20, 0x00, 0x43, 0x00, 0x6F, 0x00, 0x64, 0x00,
0x65, 0x00, 0x20, 0x00, 0x69, 0x00, 0x6E, 0x00,
0x73, 0x00, 0x74, 0x00, 0x61, 0x00, 0x6C, 0x00,
0x6C, 0x00, 0x65, 0x00, 0x72, 0x00, 0x20, 0x00,
0x70, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x67, 0x00,
0x72, 0x00, 0x61, 0x00, 0x6D, 0x00
}, Utilities.GetFileVersion, "EA CdKey Registration Module"),
// R + (char)0x00 + e + (char)0x00 + g + (char)0x00 + i + (char)0x00 + s + (char)0x00 + t + (char)0x00 + r + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + c + (char)0x00 + o + (char)0x00 + d + (char)0x00 + e + (char)0x00 + + (char)0x00 + i + (char)0x00 + n + (char)0x00 + s + (char)0x00 + t + (char)0x00 + a + (char)0x00 + l + (char)0x00 + l + (char)0x00 + e + (char)0x00 + r + (char)0x00 + + (char)0x00 + p + (char)0x00 + r + (char)0x00 + o + (char)0x00 + g + (char)0x00 + r + (char)0x00 + a + (char)0x00 + m + (char)0x00
new ContentMatchSet(new byte?[]
{
0x52, 0x00, 0x65, 0x00, 0x67, 0x00, 0x69, 0x00,
0x73, 0x00, 0x74, 0x00, 0x72, 0x00, 0x61, 0x00,
0x74, 0x00, 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00,
0x20, 0x00, 0x63, 0x00, 0x6F, 0x00, 0x64, 0x00,
0x65, 0x00, 0x20, 0x00, 0x69, 0x00, 0x6E, 0x00,
0x73, 0x00, 0x74, 0x00, 0x61, 0x00, 0x6C, 0x00,
0x6C, 0x00, 0x65, 0x00, 0x72, 0x00, 0x20, 0x00,
0x70, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x67, 0x00,
0x72, 0x00, 0x61, 0x00, 0x6D, 0x00
}, Utilities.GetFileVersion, "EA CdKey Registration Module"),
// A + (char)0x00 + b + (char)0x00 + o + (char)0x00 + u + (char)0x00 + t + (char)0x00 + + (char)0x00 + C + (char)0x00 + D + (char)0x00 + K + (char)0x00 + e + (char)0x00 + y + (char)0x00
new ContentMatchSet(new byte?[]
{
0x41, 0x00, 0x62, 0x00, 0x6F, 0x00, 0x75, 0x00,
0x74, 0x00, 0x20, 0x00, 0x43, 0x00, 0x44, 0x00,
0x4B, 0x00, 0x65, 0x00, 0x79, 0x00
}, Utilities.GetFileVersion, "EA CdKey Registration Module"),
// I + (char)0x00 + n + (char)0x00 + t + (char)0x00 + e + (char)0x00 + r + (char)0x00 + n + (char)0x00 + a + (char)0x00 + l + (char)0x00 + N + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + + (char)0x00 + + (char)0x00 + C + (char)0x00 + D + (char)0x00 + C + (char)0x00 + o + (char)0x00 + d + (char)0x00 + e + (char)0x00
new ContentMatchSet(new byte?[]
{
0x49, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x00,
0x72, 0x00, 0x6E, 0x00, 0x61, 0x00, 0x6C, 0x00,
0x4E, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00,
0x00, 0x00, 0x43, 0x00, 0x44, 0x00, 0x43, 0x00,
0x6F, 0x00, 0x64, 0x00, 0x65, 0x00
}, Utilities.GetFileVersion, "EA CdKey Registration Module"),
// EReg Config Form
new ContentMatchSet(new byte?[]
{
0x45, 0x52, 0x65, 0x67, 0x20, 0x43, 0x6F, 0x6E,
0x66, 0x69, 0x67, 0x20, 0x46, 0x6F, 0x72, 0x6D
}, Utilities.GetFileVersion, "EA CdKey Registration Module"),
// ereg.ea-europe.com
new ContentMatchSet(new byte?[]
{
0x65, 0x72, 0x65, 0x67, 0x2E, 0x65, 0x61, 0x2D,
0x65, 0x75, 0x72, 0x6F, 0x70, 0x65, 0x2E, 0x63,
0x6F, 0x6D
}, Utilities.GetFileVersion, "EA CdKey Registration Module"),
// GenericEA + (char)0x00 + (char)0x00 + (char)0x00 + Activation
new ContentMatchSet(new byte?[]
{
0x47, 0x65, 0x6E, 0x65, 0x72, 0x69, 0x63, 0x45,
0x41, 0x00, 0x00, 0x00, 0x41, 0x63, 0x74, 0x69,
0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E
}, "EA DRM Protection"),
// E + (char)0x00 + A + (char)0x00 + + (char)0x00 + D + (char)0x00 + R + (char)0x00 + M + (char)0x00 + + (char)0x00 + H + (char)0x00 + e + (char)0x00 + l + (char)0x00 + p + (char)0x00 + e + (char)0x00 + r + (char)0x00
new ContentMatchSet(new byte?[]
{
0x45, 0x00, 0x41, 0x00, 0x20, 0x00, 0x44, 0x00,
0x52, 0x00, 0x4D, 0x00, 0x20, 0x00, 0x48, 0x00,
0x65, 0x00, 0x6C, 0x00, 0x70, 0x00, 0x65, 0x00,
0x72, 0x00
}, "EA DRM Protection"),
};
// TODO: Verify this doesn't over-match
// TODO: Do more research into the Cucko protection:
// - Reference to `EASTL` and `EAStdC` are standard for EA products and does not indicate Cucko by itself
@@ -99,7 +12,91 @@ namespace BurnOutSharp.ProtectionType
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// EASTL
//new ContentMatchSet(new byte?[] { 0x45, 0x41, 0x53, 0x54, 0x4C }, "Cucko (EA Custom)"),
// R + (char)0x00 + e + (char)0x00 + g + (char)0x00 + i + (char)0x00 + s + (char)0x00 + t + (char)0x00 + r + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + C + (char)0x00 + o + (char)0x00 + d + (char)0x00 + e + (char)0x00 + + (char)0x00 + i + (char)0x00 + n + (char)0x00 + s + (char)0x00 + t + (char)0x00 + a + (char)0x00 + l + (char)0x00 + l + (char)0x00 + e + (char)0x00 + r + (char)0x00 + + (char)0x00 + p + (char)0x00 + r + (char)0x00 + o + (char)0x00 + g + (char)0x00 + r + (char)0x00 + a + (char)0x00 + m + (char)0x00
new ContentMatchSet(new byte?[]
{
0x52, 0x00, 0x65, 0x00, 0x67, 0x00, 0x69, 0x00,
0x73, 0x00, 0x74, 0x00, 0x72, 0x00, 0x61, 0x00,
0x74, 0x00, 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00,
0x20, 0x00, 0x43, 0x00, 0x6F, 0x00, 0x64, 0x00,
0x65, 0x00, 0x20, 0x00, 0x69, 0x00, 0x6E, 0x00,
0x73, 0x00, 0x74, 0x00, 0x61, 0x00, 0x6C, 0x00,
0x6C, 0x00, 0x65, 0x00, 0x72, 0x00, 0x20, 0x00,
0x70, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x67, 0x00,
0x72, 0x00, 0x61, 0x00, 0x6D, 0x00
}, Utilities.GetFileVersion, "EA CdKey Registration Module"),
// R + (char)0x00 + e + (char)0x00 + g + (char)0x00 + i + (char)0x00 + s + (char)0x00 + t + (char)0x00 + r + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + c + (char)0x00 + o + (char)0x00 + d + (char)0x00 + e + (char)0x00 + + (char)0x00 + i + (char)0x00 + n + (char)0x00 + s + (char)0x00 + t + (char)0x00 + a + (char)0x00 + l + (char)0x00 + l + (char)0x00 + e + (char)0x00 + r + (char)0x00 + + (char)0x00 + p + (char)0x00 + r + (char)0x00 + o + (char)0x00 + g + (char)0x00 + r + (char)0x00 + a + (char)0x00 + m + (char)0x00
new ContentMatchSet(new byte?[]
{
0x52, 0x00, 0x65, 0x00, 0x67, 0x00, 0x69, 0x00,
0x73, 0x00, 0x74, 0x00, 0x72, 0x00, 0x61, 0x00,
0x74, 0x00, 0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00,
0x20, 0x00, 0x63, 0x00, 0x6F, 0x00, 0x64, 0x00,
0x65, 0x00, 0x20, 0x00, 0x69, 0x00, 0x6E, 0x00,
0x73, 0x00, 0x74, 0x00, 0x61, 0x00, 0x6C, 0x00,
0x6C, 0x00, 0x65, 0x00, 0x72, 0x00, 0x20, 0x00,
0x70, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x67, 0x00,
0x72, 0x00, 0x61, 0x00, 0x6D, 0x00
}, Utilities.GetFileVersion, "EA CdKey Registration Module"),
// A + (char)0x00 + b + (char)0x00 + o + (char)0x00 + u + (char)0x00 + t + (char)0x00 + + (char)0x00 + C + (char)0x00 + D + (char)0x00 + K + (char)0x00 + e + (char)0x00 + y + (char)0x00
new ContentMatchSet(new byte?[]
{
0x41, 0x00, 0x62, 0x00, 0x6F, 0x00, 0x75, 0x00,
0x74, 0x00, 0x20, 0x00, 0x43, 0x00, 0x44, 0x00,
0x4B, 0x00, 0x65, 0x00, 0x79, 0x00
}, Utilities.GetFileVersion, "EA CdKey Registration Module"),
// I + (char)0x00 + n + (char)0x00 + t + (char)0x00 + e + (char)0x00 + r + (char)0x00 + n + (char)0x00 + a + (char)0x00 + l + (char)0x00 + N + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + + (char)0x00 + + (char)0x00 + C + (char)0x00 + D + (char)0x00 + C + (char)0x00 + o + (char)0x00 + d + (char)0x00 + e + (char)0x00
new ContentMatchSet(new byte?[]
{
0x49, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x00,
0x72, 0x00, 0x6E, 0x00, 0x61, 0x00, 0x6C, 0x00,
0x4E, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00,
0x00, 0x00, 0x43, 0x00, 0x44, 0x00, 0x43, 0x00,
0x6F, 0x00, 0x64, 0x00, 0x65, 0x00
}, Utilities.GetFileVersion, "EA CdKey Registration Module"),
// EReg Config Form
new ContentMatchSet(new byte?[]
{
0x45, 0x52, 0x65, 0x67, 0x20, 0x43, 0x6F, 0x6E,
0x66, 0x69, 0x67, 0x20, 0x46, 0x6F, 0x72, 0x6D
}, Utilities.GetFileVersion, "EA CdKey Registration Module"),
// ereg.ea-europe.com
new ContentMatchSet(new byte?[]
{
0x65, 0x72, 0x65, 0x67, 0x2E, 0x65, 0x61, 0x2D,
0x65, 0x75, 0x72, 0x6F, 0x70, 0x65, 0x2E, 0x63,
0x6F, 0x6D
}, Utilities.GetFileVersion, "EA CdKey Registration Module"),
// GenericEA + (char)0x00 + (char)0x00 + (char)0x00 + Activation
new ContentMatchSet(new byte?[]
{
0x47, 0x65, 0x6E, 0x65, 0x72, 0x69, 0x63, 0x45,
0x41, 0x00, 0x00, 0x00, 0x41, 0x63, 0x74, 0x69,
0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E
}, "EA DRM Protection"),
// E + (char)0x00 + A + (char)0x00 + + (char)0x00 + D + (char)0x00 + R + (char)0x00 + M + (char)0x00 + + (char)0x00 + H + (char)0x00 + e + (char)0x00 + l + (char)0x00 + p + (char)0x00 + e + (char)0x00 + r + (char)0x00
new ContentMatchSet(new byte?[]
{
0x45, 0x00, 0x41, 0x00, 0x20, 0x00, 0x44, 0x00,
0x52, 0x00, 0x4D, 0x00, 0x20, 0x00, 0x48, 0x00,
0x65, 0x00, 0x6C, 0x00, 0x70, 0x00, 0x65, 0x00,
0x72, 0x00
}, "EA DRM Protection"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

5
BurnOutSharp/ProtectionType/FreeLock.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class FreeLock : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

61
BurnOutSharp/ProtectionType/GFWL.cs
View File

@@ -1,31 +1,61 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class GFWL : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// xlive.dll
new ContentMatchSet(new byte?[] { 0x78, 0x6C, 0x69, 0x76, 0x65, 0x2E, 0x64, 0x6C, 0x6C }, "Games for Windows - Live"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// xlive.dll
new ContentMatchSet(new byte?[] { 0x78, 0x6C, 0x69, 0x76, 0x65, 0x2E, 0x64, 0x6C, 0x6C }, "Games for Windows LIVE"),
// G + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + s + (char)0x00 + + (char)0x00 + f + (char)0x00 + o + (char)0x00 + r + (char)0x00 + + (char)0x00 + W + (char)0x00 + i + (char)0x00 + n + (char)0x00 + d + (char)0x00 + o + (char)0x00 + w + (char)0x00 + s + (char)0x00 + + (char)0x00 + - + (char)0x00 + + (char)0x00 + L + (char)0x00 + I + (char)0x00 + V + (char)0x00 + E + (char)0x00 + + (char)0x00 + Z + (char)0x00 + e + (char)0x00 + r + (char)0x00 + o + (char)0x00 + + (char)0x00 + D + (char)0x00 + a + (char)0x00 + y + (char)0x00 + + (char)0x00 + P + (char)0x00 + i + (char)0x00 + r + (char)0x00 + a + (char)0x00 + c + (char)0x00 + y + (char)0x00 + + (char)0x00 + P + (char)0x00 + r + (char)0x00 + o + (char)0x00 + t + (char)0x00 + e + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00
new ContentMatchSet(new byte?[]
{
0x47, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00,
0x73, 0x00, 0x20, 0x00, 0x66, 0x00, 0x6F, 0x00,
0x72, 0x00, 0x20, 0x00, 0x57, 0x00, 0x69, 0x00,
0x6E, 0x00, 0x64, 0x00, 0x6F, 0x00, 0x77, 0x00,
0x73, 0x00, 0x20, 0x00, 0x2D, 0x00, 0x20, 0x00,
0x4C, 0x00, 0x49, 0x00, 0x56, 0x00, 0x45, 0x00,
0x20, 0x00, 0x5A, 0x00, 0x65, 0x00, 0x72, 0x00,
0x6F, 0x00, 0x20, 0x00, 0x44, 0x00, 0x61, 0x00,
0x79, 0x00, 0x20, 0x00, 0x50, 0x00, 0x69, 0x00,
0x72, 0x00, 0x61, 0x00, 0x63, 0x00, 0x79, 0x00,
0x20, 0x00, 0x50, 0x00, 0x72, 0x00, 0x6F, 0x00,
0x74, 0x00, 0x65, 0x00, 0x63, 0x00, 0x74, 0x00,
0x69, 0x00, 0x6F, 0x00, 0x6E, 0x00,
}, Utilities.GetFileVersion, "Games for Windows LIVE - Zero Day Piracy Protection Module"),
// G + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + s + (char)0x00 + + (char)0x00 + f + (char)0x00 + o + (char)0x00 + r + (char)0x00 + + (char)0x00 + W + (char)0x00 + i + (char)0x00 + n + (char)0x00 + d + (char)0x00 + o + (char)0x00 + w + (char)0x00 + s + (char)0x00 + + (char)0x00 + - + (char)0x00 + + (char)0x00 + L + (char)0x00 + I + (char)0x00 + V + (char)0x00 + E + (char)0x00
new ContentMatchSet(new byte?[]
{
0x47, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00,
0x73, 0x00, 0x20, 0x00, 0x66, 0x00, 0x6F, 0x00,
0x72, 0x00, 0x20, 0x00, 0x57, 0x00, 0x69, 0x00,
0x6E, 0x00, 0x64, 0x00, 0x6F, 0x00, 0x77, 0x00,
0x73, 0x00, 0x20, 0x00, 0x2D, 0x00, 0x20, 0x00,
0x4C, 0x00, 0x49, 0x00, 0x56, 0x00, 0x45, 0x00,
}, Utilities.GetFileVersion, "Games for Windows LIVE"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("XLiveRedist.msi", useEndsWith: true), "Games for Windows - Live"),
// Might be specifically GFWL/Gfwlivesetup.exe
new PathMatchSet(new PathMatch("Gfwlivesetup.exe", useEndsWith: true), "Games for Windows LIVE"),
new PathMatchSet(new PathMatch("xliveinstall.dll", useEndsWith: true), "Games for Windows LIVE"),
new PathMatchSet(new PathMatch("XLiveRedist.msi", useEndsWith: true), "Games for Windows LIVE"),
};
return MatchUtil.GetAllMatches(files, matchers, any: true);
@@ -36,7 +66,10 @@ namespace BurnOutSharp.ProtectionType
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("XLiveRedist.msi", useEndsWith: true), "Games for Windows - Live"),
// Might be specifically GFWL/Gfwlivesetup.exe
new PathMatchSet(new PathMatch("Gfwlivesetup.exe", useEndsWith: true), "Games for Windows LIVE"),
new PathMatchSet(new PathMatch("xliveinstall.dll", useEndsWith: true), "Games for Windows LIVE"),
new PathMatchSet(new PathMatch("XLiveRedist.msi", useEndsWith: true), "Games for Windows LIVE"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

5
BurnOutSharp/ProtectionType/HexalockAutoLock.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class HexalockAutoLock : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Verify if these are OR or AND
var matchers = new List<PathMatchSet>

66
BurnOutSharp/ProtectionType/ImpulseReactor.cs
View File

@@ -1,54 +1,52 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class ImpulseReactor : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
new ContentMatchSet(new List<byte?[]>
var matchers = new List<ContentMatchSet>
{
new ContentMatchSet(new List<byte?[]>
{
// CVPInitializeClient
new byte?[]
{
0x43, 0x56, 0x50, 0x49, 0x6E, 0x69, 0x74, 0x69,
0x61, 0x6C, 0x69, 0x7A, 0x65, 0x43, 0x6C, 0x69,
0x65, 0x6E, 0x74
},
// A + (char)0x00 + T + (char)0x00 + T + (char)0x00 + L + (char)0x00 + I + (char)0x00 + S + (char)0x00 + T + (char)0x00 + (char)0x00 + (char)0x00 + E + (char)0x00 + L + (char)0x00 + E + (char)0x00 + M + (char)0x00 + E + (char)0x00 + N + (char)0x00 + T + (char)0x00 + (char)0x00 + (char)0x00 + N + (char)0x00 + O + (char)0x00 + T + (char)0x00 + A + (char)0x00 + T + (char)0x00 + I + (char)0x00 + O + (char)0x00 + N + (char)0x00
new byte?[]
{
0x41, 0x00, 0x54, 0x00, 0x54, 0x00, 0x4C, 0x00,
0x49, 0x00, 0x53, 0x00, 0x54, 0x00, 0x00, 0x00,
0x45, 0x00, 0x4C, 0x00, 0x45, 0x00, 0x4D, 0x00,
0x45, 0x00, 0x4E, 0x00, 0x54, 0x00, 0x00, 0x00,
0x4E, 0x00, 0x4F, 0x00, 0x54, 0x00, 0x41, 0x00,
0x54, 0x00, 0x49, 0x00, 0x4F, 0x00, 0x4E
},
}, Utilities.GetFileVersion, "Impulse Reactor"),
// CVPInitializeClient
new byte?[]
new ContentMatchSet(new byte?[]
{
0x43, 0x56, 0x50, 0x49, 0x6E, 0x69, 0x74, 0x69,
0x61, 0x6C, 0x69, 0x7A, 0x65, 0x43, 0x6C, 0x69,
0x65, 0x6E, 0x74
},
}, "Impulse Reactor"),
};
// A + (char)0x00 + T + (char)0x00 + T + (char)0x00 + L + (char)0x00 + I + (char)0x00 + S + (char)0x00 + T + (char)0x00 + (char)0x00 + (char)0x00 + E + (char)0x00 + L + (char)0x00 + E + (char)0x00 + M + (char)0x00 + E + (char)0x00 + N + (char)0x00 + T + (char)0x00 + (char)0x00 + (char)0x00 + N + (char)0x00 + O + (char)0x00 + T + (char)0x00 + A + (char)0x00 + T + (char)0x00 + I + (char)0x00 + O + (char)0x00 + N + (char)0x00
new byte?[]
{
0x41, 0x00, 0x54, 0x00, 0x54, 0x00, 0x4C, 0x00,
0x49, 0x00, 0x53, 0x00, 0x54, 0x00, 0x00, 0x00,
0x45, 0x00, 0x4C, 0x00, 0x45, 0x00, 0x4D, 0x00,
0x45, 0x00, 0x4E, 0x00, 0x54, 0x00, 0x00, 0x00,
0x4E, 0x00, 0x4F, 0x00, 0x54, 0x00, 0x41, 0x00,
0x54, 0x00, 0x49, 0x00, 0x4F, 0x00, 0x4E
},
}, Utilities.GetFileVersion, "Impulse Reactor"),
// CVPInitializeClient
new ContentMatchSet(new byte?[]
{
0x43, 0x56, 0x50, 0x49, 0x6E, 0x69, 0x74, 0x69,
0x61, 0x6C, 0x69, 0x7A, 0x65, 0x43, 0x6C, 0x69,
0x65, 0x6E, 0x74
}, "Impulse Reactor"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

5
BurnOutSharp/ProtectionType/IndyVCD.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class IndyVCD : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Verify if these are OR or AND
var matchers = new List<PathMatchSet>

17
BurnOutSharp/ProtectionType/Intenium.cs
View File

@@ -21,19 +21,16 @@ namespace BurnOutSharp.ProtectionType
* - NO NESTED PRMS SUPPORTED - 4E 4F 20 4E 45 53 54 45 44 20 50 52 4D 53 20 53 55 50 50 4F 52 54 45 44
*/
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// Trial + (char)0x00 + P
new ContentMatchSet(new byte?[] { 0x54, 0x72, 0x69, 0x61, 0x6C, 0x00, 0x50 }, "INTENIUM Trial & Buy Protection"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// Trial + (char)0x00 + P
new ContentMatchSet(new byte?[] { 0x54, 0x72, 0x69, 0x61, 0x6C, 0x00, 0x50 }, "INTENIUM Trial & Buy Protection"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

53
BurnOutSharp/ProtectionType/JoWooDXProt.cs
View File

@@ -7,37 +7,34 @@ namespace BurnOutSharp.ProtectionType
{
public class JoWooDXProt : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// @HC09
new ContentMatchSet(new byte?[] { 0x40, 0x48, 0x43, 0x30, 0x39, 0x20, 0x20, 0x20, 0x20 }, "JoWooD X-Prot v2"),
new ContentMatchSet(new List<byte?[]>
{
// .ext
new byte?[] { 0x2E, 0x65, 0x78, 0x74, 0x20, 0x20, 0x20, 0x20 },
// kernel32.dll + (char)0x00 + (char)0x00 + (char)0x00 + VirtualProtect
new byte?[]
{
0x6B, 0x65, 0x72, 0x6E, 0x65, 0x6C, 0x33, 0x32,
0x2E, 0x64, 0x6C, 0x6C, 0x00, 0x00, 0x00, 0x56,
0x69, 0x72, 0x74, 0x75, 0x61, 0x6C, 0x50, 0x72,
0x6F, 0x74, 0x65, 0x63, 0x74
},
}, GetVersion, "JoWooD X-Prot"),
// .ext
new ContentMatchSet(new byte?[] { 0x2E, 0x65, 0x78, 0x74, 0x20, 0x20, 0x20, 0x20 }, "JoWooD X-Prot v1"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// @HC09
new ContentMatchSet(new byte?[] { 0x40, 0x48, 0x43, 0x30, 0x39, 0x20, 0x20, 0x20, 0x20 }, "JoWooD X-Prot v2"),
new ContentMatchSet(new List<byte?[]>
{
// .ext
new byte?[] { 0x2E, 0x65, 0x78, 0x74, 0x20, 0x20, 0x20, 0x20 },
// kernel32.dll + (char)0x00 + (char)0x00 + (char)0x00 + VirtualProtect
new byte?[]
{
0x6B, 0x65, 0x72, 0x6E, 0x65, 0x6C, 0x33, 0x32,
0x2E, 0x64, 0x6C, 0x6C, 0x00, 0x00, 0x00, 0x56,
0x69, 0x72, 0x74, 0x75, 0x61, 0x6C, 0x50, 0x72,
0x6F, 0x74, 0x65, 0x63, 0x74
},
}, GetVersion, "JoWooD X-Prot"),
// .ext
new ContentMatchSet(new byte?[] { 0x2E, 0x65, 0x78, 0x74, 0x20, 0x20, 0x20, 0x20 }, "JoWooD X-Prot v1"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
public static string GetVersion(string file, byte[] fileContent, List<int> positions)

5
BurnOutSharp/ProtectionType/Key2AudioXS.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class Key2AudioXS : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Verify if these are OR or AND
var matchers = new List<PathMatchSet>

25
BurnOutSharp/ProtectionType/KeyLock.cs
View File

@@ -5,23 +5,20 @@ namespace BurnOutSharp.ProtectionType
{
public class KeyLock : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// KEY-LOCK COMMAND
new ContentMatchSet(new byte?[]
{
0x4B, 0x45, 0x59, 0x2D, 0x4C, 0x4F, 0x43, 0x4B,
0x20, 0x43, 0x4F, 0x4D, 0x4D, 0x41, 0x4E, 0x44
}, "Key-Lock (Dongle)"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// KEY-LOCK COMMAND
new ContentMatchSet(new byte?[]
{
0x4B, 0x45, 0x59, 0x2D, 0x4C, 0x4F, 0x43, 0x4B,
0x20, 0x43, 0x4F, 0x4D, 0x4D, 0x41, 0x4E, 0x44
}, "Key-Lock (Dongle)"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

64
BurnOutSharp/ProtectionType/LaserLock.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
@@ -9,37 +10,6 @@ namespace BurnOutSharp.ProtectionType
// TODO: Figure out how to use GetContentMatches here
public class LaserLock : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// :\\LASERLOK\\LASERLOK.IN + (char)0x00 + C:\\NOMOUSE.SP
new ContentMatchSet(new byte?[]
{
0x3A, 0x5C, 0x5C, 0x4C, 0x41, 0x53, 0x45, 0x52,
0x4C, 0x4F, 0x4B, 0x5C, 0x5C, 0x4C, 0x41, 0x53,
0x45, 0x52, 0x4C, 0x4F, 0x4B, 0x2E, 0x49, 0x4E,
0x00, 0x43, 0x3A, 0x5C, 0x5C, 0x4E, 0x4F, 0x4D,
0x4F, 0x55, 0x53, 0x45, 0x2E, 0x53, 0x50
}, "LaserLock 3"),
// LASERLOK_INIT + (char)0xC + LASERLOK_RUN + (char)0xE + LASERLOK_CHECK + (char)0xF + LASERLOK_CHECK2 + (char)0xF + LASERLOK_CHECK3
new ContentMatchSet(new byte?[]
{
0x4C, 0x41, 0x53, 0x45, 0x52, 0x4C, 0x4F, 0x4B,
0x5F, 0x49, 0x4E, 0x49, 0x54, 0x0C, 0x4C, 0x41,
0x53, 0x45, 0x52, 0x4C, 0x4F, 0x4B, 0x5F, 0x52,
0x55, 0x4E, 0x0E, 0x4C, 0x41, 0x53, 0x45, 0x52,
0x4C, 0x4F, 0x4B, 0x5F, 0x43, 0x48, 0x45, 0x43,
0x4B, 0x0F, 0x4C, 0x41, 0x53, 0x45, 0x52, 0x4C,
0x4F, 0x4B, 0x5F, 0x43, 0x48, 0x45, 0x43, 0x4B,
0x32, 0x0F, 0x4C, 0x41, 0x53, 0x45, 0x52, 0x4C,
0x4F, 0x4B, 0x5F, 0x43, 0x48, 0x45, 0x43, 0x4B,
0x33
}, "LaserLock 5"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
@@ -61,11 +31,39 @@ namespace BurnOutSharp.ProtectionType
if (file != null && string.Equals(Path.GetFileName(file), "NOMOUSE.SP", StringComparison.OrdinalIgnoreCase))
return $"LaserLock {GetVersion16Bit(fileContent)}" + (includePosition ? $" (Index 71)" : string.Empty);
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// :\\LASERLOK\\LASERLOK.IN + (char)0x00 + C:\\NOMOUSE.SP
new ContentMatchSet(new byte?[]
{
0x3A, 0x5C, 0x5C, 0x4C, 0x41, 0x53, 0x45, 0x52,
0x4C, 0x4F, 0x4B, 0x5C, 0x5C, 0x4C, 0x41, 0x53,
0x45, 0x52, 0x4C, 0x4F, 0x4B, 0x2E, 0x49, 0x4E,
0x00, 0x43, 0x3A, 0x5C, 0x5C, 0x4E, 0x4F, 0x4D,
0x4F, 0x55, 0x53, 0x45, 0x2E, 0x53, 0x50
}, "LaserLock 3"),
// LASERLOK_INIT + (char)0xC + LASERLOK_RUN + (char)0xE + LASERLOK_CHECK + (char)0xF + LASERLOK_CHECK2 + (char)0xF + LASERLOK_CHECK3
new ContentMatchSet(new byte?[]
{
0x4C, 0x41, 0x53, 0x45, 0x52, 0x4C, 0x4F, 0x4B,
0x5F, 0x49, 0x4E, 0x49, 0x54, 0x0C, 0x4C, 0x41,
0x53, 0x45, 0x52, 0x4C, 0x4F, 0x4B, 0x5F, 0x52,
0x55, 0x4E, 0x0E, 0x4C, 0x41, 0x53, 0x45, 0x52,
0x4C, 0x4F, 0x4B, 0x5F, 0x43, 0x48, 0x45, 0x43,
0x4B, 0x0F, 0x4C, 0x41, 0x53, 0x45, 0x52, 0x4C,
0x4F, 0x4B, 0x5F, 0x43, 0x48, 0x45, 0x43, 0x4B,
0x32, 0x0F, 0x4C, 0x41, 0x53, 0x45, 0x52, 0x4C,
0x4F, 0x4B, 0x5F, 0x43, 0x48, 0x45, 0x43, 0x4B,
0x33
}, "LaserLock 5"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

5
BurnOutSharp/ProtectionType/MediaCloQ.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class MediaCloQ : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

36
BurnOutSharp/ProtectionType/MediaMaxCD3.cs
View File

@@ -1,34 +1,32 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class MediaMaxCD3 : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// Cd3Ctl
new ContentMatchSet(new byte?[] { 0x43, 0x64, 0x33, 0x43, 0x74, 0x6C }, "MediaMax CD-3"),
// DllInstallSbcp
new ContentMatchSet(new byte?[]
{
0x44, 0x6C, 0x6C, 0x49, 0x6E, 0x73, 0x74, 0x61,
0x6C, 0x6C, 0x53, 0x62, 0x63, 0x70
}, "MediaMax CD-3"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// Cd3Ctl
new ContentMatchSet(new byte?[] { 0x43, 0x64, 0x33, 0x43, 0x74, 0x6C }, "MediaMax CD-3"),
// DllInstallSbcp
new ContentMatchSet(new byte?[]
{
0x44, 0x6C, 0x6C, 0x49, 0x6E, 0x73, 0x74, 0x61,
0x6C, 0x6C, 0x53, 0x62, 0x63, 0x70
}, "MediaMax CD-3"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

31
BurnOutSharp/ProtectionType/OnlineRegistration.cs
View File

@@ -5,26 +5,23 @@ namespace BurnOutSharp.ProtectionType
{
public class OnlineRegistration : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// I + (char)0x00 + n + (char)0x00 + t + (char)0x00 + e + (char)0x00 + r + (char)0x00 + n + (char)0x00 + a + (char)0x00 + l + (char)0x00 + N + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + + (char)0x00 + + (char)0x00 + E + (char)0x00 + R + (char)0x00 + e + (char)0x00 + g + (char)0x00
new ContentMatchSet(new byte?[]
{
0x49, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x00,
0x72, 0x00, 0x6E, 0x00, 0x61, 0x00, 0x6C, 0x00,
0x4E, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00,
0x00, 0x00, 0x45, 0x00, 0x52, 0x00, 0x65, 0x00,
0x67, 0x00
}, Utilities.GetFileVersion, "Executable-Based Online Registration"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// I + (char)0x00 + n + (char)0x00 + t + (char)0x00 + e + (char)0x00 + r + (char)0x00 + n + (char)0x00 + a + (char)0x00 + l + (char)0x00 + N + (char)0x00 + a + (char)0x00 + m + (char)0x00 + e + (char)0x00 + + (char)0x00 + + (char)0x00 + E + (char)0x00 + R + (char)0x00 + e + (char)0x00 + g + (char)0x00
new ContentMatchSet(new byte?[]
{
0x49, 0x00, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x00,
0x72, 0x00, 0x6E, 0x00, 0x61, 0x00, 0x6C, 0x00,
0x4E, 0x00, 0x61, 0x00, 0x6D, 0x00, 0x65, 0x00,
0x00, 0x00, 0x45, 0x00, 0x52, 0x00, 0x65, 0x00,
0x67, 0x00
}, Utilities.GetFileVersion, "Executable-Based Online Registration"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

20
BurnOutSharp/ProtectionType/Origin.cs
View File

@@ -1,3 +1,4 @@
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
@@ -5,23 +6,20 @@ namespace BurnOutSharp.ProtectionType
{
public class Origin : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// O + (char)0x00 + r + (char)0x00 + i + (char)0x00 + g + (char)0x00 + i + (char)0x00 + n + (char)0x00 + S + (char)0x00 + e + (char)0x00 + t + (char)0x00 + u + (char)0x00 + p + (char)0x00 + . + (char)0x00 + e + (char)0x00 + x + (char)0x00 + e + (char)0x00
new ContentMatchSet(new byte?[] { 0x4F, 0x00, 0x72, 0x00, 0x69, 0x00, 0x67, 0x00, 0x69, 0x00, 0x6E, 0x00, 0x53, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00, 0x70, 0x00, 0x2E, 0x00, 0x65, 0x00, 0x78, 0x00, 0x65, 0x00 }, "Origin"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// O + (char)0x00 + r + (char)0x00 + i + (char)0x00 + g + (char)0x00 + i + (char)0x00 + n + (char)0x00 + S + (char)0x00 + e + (char)0x00 + t + (char)0x00 + u + (char)0x00 + p + (char)0x00 + . + (char)0x00 + e + (char)0x00 + x + (char)0x00 + e + (char)0x00
new ContentMatchSet(new byte?[] { 0x4F, 0x00, 0x72, 0x00, 0x69, 0x00, 0x67, 0x00, 0x69, 0x00, 0x6E, 0x00, 0x53, 0x00, 0x65, 0x00, 0x74, 0x00, 0x75, 0x00, 0x70, 0x00, 0x2E, 0x00, 0x65, 0x00, 0x78, 0x00, 0x65, 0x00 }, "Origin"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

69
BurnOutSharp/ProtectionType/PSXAntiModchip.cs
View File

@@ -5,47 +5,44 @@ namespace BurnOutSharp.ProtectionType
{
public class PSXAntiModchip : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// SOFTWARE TERMINATED\nCONSOLE MAY HAVE BEEN MODIFIED\n CALL 1-888-780-7690
new ContentMatchSet(new byte?[]
{
0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x4F, 0x46,
0x54, 0x57, 0x41, 0x52, 0x45, 0x20, 0x54, 0x45,
0x52, 0x4D, 0x49, 0x4E, 0x41, 0x54, 0x45, 0x44,
0x5C, 0x6E, 0x43, 0x4F, 0x4E, 0x53, 0x4F, 0x4C,
0x45, 0x20, 0x4D, 0x41, 0x59, 0x20, 0x48, 0x41,
0x56, 0x45, 0x20, 0x42, 0x45, 0x45, 0x4E, 0x20,
0x4D, 0x4F, 0x44, 0x49, 0x46, 0x49, 0x45, 0x44,
0x5C, 0x6E, 0x20, 0x20, 0x20, 0x20, 0x20, 0x43,
0x41, 0x4C, 0x4C, 0x20, 0x31, 0x2D, 0x38, 0x38,
0x38, 0x2D, 0x37, 0x38, 0x30, 0x2D, 0x37, 0x36,
0x39, 0x30
}, "PlayStation Anti-modchip (English)"),
// 強制終了しました。\n本体が改造されている\nおそれがあります。
new ContentMatchSet(new byte?[]
{
0x5F, 0x37, 0x52, 0x36, 0x7D, 0x42, 0x4E, 0x86,
0x30, 0x57, 0x30, 0x7E, 0x30, 0x57, 0x30, 0x5F,
0x30, 0x02, 0x5C, 0x6E, 0x67, 0x2C, 0x4F, 0x53,
0x30, 0x4C, 0x65, 0x39, 0x90, 0x20, 0x30, 0x55,
0x30, 0x8C, 0x30, 0x66, 0x30, 0x44, 0x30, 0x8B,
0x5C, 0x6E, 0x30, 0x4A, 0x30, 0x5D, 0x30, 0x8C,
0x30, 0x4C, 0x30, 0x42, 0x30, 0x8A, 0x30, 0x7E,
0x30, 0x59, 0x30, 0x02
}, "PlayStation Anti-modchip (Japanese)"),
};
// TODO: Figure out PSX binary header so this can be checked explicitly
// TODO: Detect Red Hand protection
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// SOFTWARE TERMINATED\nCONSOLE MAY HAVE BEEN MODIFIED\n CALL 1-888-780-7690
new ContentMatchSet(new byte?[]
{
0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x4F, 0x46,
0x54, 0x57, 0x41, 0x52, 0x45, 0x20, 0x54, 0x45,
0x52, 0x4D, 0x49, 0x4E, 0x41, 0x54, 0x45, 0x44,
0x5C, 0x6E, 0x43, 0x4F, 0x4E, 0x53, 0x4F, 0x4C,
0x45, 0x20, 0x4D, 0x41, 0x59, 0x20, 0x48, 0x41,
0x56, 0x45, 0x20, 0x42, 0x45, 0x45, 0x4E, 0x20,
0x4D, 0x4F, 0x44, 0x49, 0x46, 0x49, 0x45, 0x44,
0x5C, 0x6E, 0x20, 0x20, 0x20, 0x20, 0x20, 0x43,
0x41, 0x4C, 0x4C, 0x20, 0x31, 0x2D, 0x38, 0x38,
0x38, 0x2D, 0x37, 0x38, 0x30, 0x2D, 0x37, 0x36,
0x39, 0x30
}, "PlayStation Anti-modchip (English)"),
// 強制終了しました。\n本体が改造されている\nおそれがあります。
new ContentMatchSet(new byte?[]
{
0x5F, 0x37, 0x52, 0x36, 0x7D, 0x42, 0x4E, 0x86,
0x30, 0x57, 0x30, 0x7E, 0x30, 0x57, 0x30, 0x5F,
0x30, 0x02, 0x5C, 0x6E, 0x67, 0x2C, 0x4F, 0x53,
0x30, 0x4C, 0x65, 0x39, 0x90, 0x20, 0x30, 0x55,
0x30, 0x8C, 0x30, 0x66, 0x30, 0x44, 0x30, 0x8B,
0x5C, 0x6E, 0x30, 0x4A, 0x30, 0x5D, 0x30, 0x8C,
0x30, 0x4C, 0x30, 0x42, 0x30, 0x8A, 0x30, 0x7E,
0x30, 0x59, 0x30, 0x02
}, "PlayStation Anti-modchip (Japanese)"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

14
BurnOutSharp/ProtectionType/ProtectDVDVideo.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
@@ -8,8 +9,10 @@ namespace BurnOutSharp.ProtectionType
public class ProtectDVDVideo : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var protections = new ConcurrentQueue<string>();
if (Directory.Exists(Path.Combine(path, "VIDEO_TS")))
{
string[] ifofiles = files.Where(s => s.EndsWith(".ifo")).ToArray();
@@ -17,11 +20,14 @@ namespace BurnOutSharp.ProtectionType
{
FileInfo ifofile = new FileInfo(ifofiles[i]);
if (ifofile.Length == 0)
return new List<string>() { "Protect DVD-Video" };
{
protections.Enqueue("Protect DVD-Video");
break;
}
}
}
return null;
return protections;
}
/// <inheritdoc/>

23
BurnOutSharp/ProtectionType/ProtectDisc.cs
View File

@@ -10,22 +10,19 @@ namespace BurnOutSharp.ProtectionType
{
public class ProtectDisc : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// HúMETINF
new ContentMatchSet(new byte?[] { 0x48, 0xFA, 0x4D, 0x45, 0x54, 0x49, 0x4E, 0x46 }, GetVersion76till10, "ProtectDisc"),
// ACE-PCD
new ContentMatchSet(new byte?[] { 0x41, 0x43, 0x45, 0x2D, 0x50, 0x43, 0x44 }, GetVersion6till8, "ProtectDisc"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// HúMETINF
new ContentMatchSet(new byte?[] { 0x48, 0xFA, 0x4D, 0x45, 0x54, 0x49, 0x4E, 0x46 }, GetVersion76till10, "ProtectDisc"),
// ACE-PCD
new ContentMatchSet(new byte?[] { 0x41, 0x43, 0x45, 0x2D, 0x50, 0x43, 0x44 }, GetVersion6till8, "ProtectDisc"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
public static string GetVersion6till8(string file, byte[] fileContent, List<int> positions)

26
BurnOutSharp/ProtectionType/RingPROTECH.cs
View File

@@ -5,24 +5,20 @@ namespace BurnOutSharp.ProtectionType
{
public class RingPROTECH : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
/// TODO: Investigate as this may be over-matching
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// (char)0x00 + Allocator + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00
new ContentMatchSet(new byte?[]
{
0x00, 0x41, 0x6C, 0x6C, 0x6F, 0x63, 0x61, 0x74,
0x6F, 0x72, 0x00, 0x00, 0x00, 0x00
}, "Ring PROTECH [Check disc for physical ring]"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// (char)0x00 + Allocator + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00
new ContentMatchSet(new byte?[]
{
0x00, 0x41, 0x6C, 0x6C, 0x6F, 0x63, 0x61, 0x74,
0x6F, 0x72, 0x00, 0x00, 0x00, 0x00
}, "Ring PROTECH [Check disc for physical ring]"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

17
BurnOutSharp/ProtectionType/SVKProtector.cs
View File

@@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType
{
public class SVKProtector : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// ?SVKP + (char)0x00 + (char)0x00
new ContentMatchSet(new byte?[] { 0x3F, 0x53, 0x56, 0x4B, 0x50, 0x00, 0x00 }, "SVK Protector"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// ?SVKP + (char)0x00 + (char)0x00
new ContentMatchSet(new byte?[] { 0x3F, 0x53, 0x56, 0x4B, 0x50, 0x00, 0x00 }, "SVK Protector"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

5
BurnOutSharp/ProtectionType/SafeCast.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class SafeCast : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

88
BurnOutSharp/ProtectionType/SafeDisc.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
@@ -9,49 +10,6 @@ namespace BurnOutSharp.ProtectionType
{
public class SafeDisc : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
new ContentMatchSet(new List<byte?[]>
{
// BoG_ *90.0&!! Yy>
new byte?[]
{
0x42, 0x6F, 0x47, 0x5F, 0x20, 0x2A, 0x39, 0x30,
0x2E, 0x30, 0x26, 0x21, 0x21, 0x20, 0x20, 0x59,
0x79, 0x3E
},
// product activation library
new byte?[]
{
0x70, 0x72, 0x6F, 0x64, 0x75, 0x63, 0x74, 0x20,
0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x69,
0x6F, 0x6E, 0x20, 0x6C, 0x69, 0x62, 0x72, 0x61,
0x72, 0x79
},
}, GetVersion, "SafeCast"),
// BoG_ *90.0&!! Yy>
new ContentMatchSet(new byte?[]
{
0x42, 0x6F, 0x47, 0x5F, 0x20, 0x2A, 0x39, 0x30,
0x2E, 0x30, 0x26, 0x21, 0x21, 0x20, 0x20, 0x59,
0x79, 0x3E
}, GetVersion, "SafeDisc"),
// (char)0x00 + (char)0x00 + BoG_
new ContentMatchSet(new byte?[] { 0x00, 0x00, 0x42, 0x6F, 0x47, 0x5F }, Get320to4xVersion, "SafeDisc"),
// stxt774
new ContentMatchSet(new byte?[] { 0x73, 0x74, 0x78, 0x74, 0x37, 0x37, 0x34 }, Get320to4xVersion, "SafeDisc"),
// stxt371
new ContentMatchSet(new byte?[] { 0x73, 0x74, 0x78, 0x74, 0x33, 0x37, 0x31 }, Get320to4xVersion, "SafeDisc"),
};
/// <summary>
/// Set of all PathMatchSets for this protection
/// </summary>
@@ -83,11 +41,51 @@ namespace BurnOutSharp.ProtectionType
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
new ContentMatchSet(new List<byte?[]>
{
// BoG_ *90.0&!! Yy>
new byte?[]
{
0x42, 0x6F, 0x47, 0x5F, 0x20, 0x2A, 0x39, 0x30,
0x2E, 0x30, 0x26, 0x21, 0x21, 0x20, 0x20, 0x59,
0x79, 0x3E
},
// product activation library
new byte?[]
{
0x70, 0x72, 0x6F, 0x64, 0x75, 0x63, 0x74, 0x20,
0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x69,
0x6F, 0x6E, 0x20, 0x6C, 0x69, 0x62, 0x72, 0x61,
0x72, 0x79
},
}, GetVersion, "SafeCast"),
// BoG_ *90.0&!! Yy>
new ContentMatchSet(new byte?[]
{
0x42, 0x6F, 0x47, 0x5F, 0x20, 0x2A, 0x39, 0x30,
0x2E, 0x30, 0x26, 0x21, 0x21, 0x20, 0x20, 0x59,
0x79, 0x3E
}, GetVersion, "SafeDisc"),
// (char)0x00 + (char)0x00 + BoG_
new ContentMatchSet(new byte?[] { 0x00, 0x00, 0x42, 0x6F, 0x47, 0x5F }, Get320to4xVersion, "SafeDisc"),
// stxt774
new ContentMatchSet(new byte?[] { 0x73, 0x74, 0x78, 0x74, 0x37, 0x37, 0x34 }, Get320to4xVersion, "SafeDisc"),
// stxt371
new ContentMatchSet(new byte?[] { 0x73, 0x74, 0x78, 0x74, 0x33, 0x37, 0x31 }, Get320to4xVersion, "SafeDisc"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
return MatchUtil.GetAllMatches(files, pathMatchers, any: false);
}

5
BurnOutSharp/ProtectionType/SafeDiscLite.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class SafeDiscLite : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

22
BurnOutSharp/ProtectionType/SafeLock.cs
View File

@@ -1,27 +1,25 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class SafeLock : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// SafeLock
new ContentMatchSet(new byte?[] { 0x53, 0x61, 0x66, 0x65, 0x4C, 0x6F, 0x63, 0x6B }, "SafeLock"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// SafeLock
new ContentMatchSet(new byte?[] { 0x53, 0x61, 0x66, 0x65, 0x4C, 0x6F, 0x63, 0x6B }, "SafeLock"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Verify if these are OR or AND
var matchers = new List<PathMatchSet>

84
BurnOutSharp/ProtectionType/SecuROM.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.Text;
using BurnOutSharp.Matching;
@@ -7,51 +8,56 @@ namespace BurnOutSharp.ProtectionType
{
public class SecuROM : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// AddD + (char)0x03 + (char)0x00 + (char)0x00 + (char)0x00)
new ContentMatchSet(new byte?[] { 0x41, 0x64, 0x64, 0x44, 0x03, 0x00, 0x00, 0x00 }, GetV4Version, "SecuROM"),
// (char)0xCA + (char)0xDD + (char)0xDD + (char)0xAC + (char)0x03
new ContentMatchSet(new byte?[] { 0xCA, 0xDD, 0xDD, 0xAC, 0x03 }, GetV5Version, "SecuROM"),
// .securom + (char)0xE0 + (char)0xC0
new ContentMatchSet(new byte?[]
{
0x2E, 0x73, 0x65, 0x63, 0x75, 0x72, 0x6F, 0x6D,
0xE0, 0xC0
}, GetV7Version, "SecuROM"),
// .securom
new ContentMatchSet(new byte?[] { 0x2E, 0x73, 0x65, 0x63, 0x75, 0x72, 0x6F, 0x6D }, GetV7Version, "SecuROM"),
// _and_play.dll + (char)0x00 + drm_pagui_doit
new ContentMatchSet(new byte?[]
{
0x5F, 0x61, 0x6E, 0x64, 0x5F, 0x70, 0x6C, 0x61,
0x79, 0x2E, 0x64, 0x6C, 0x6C, 0x00, 0x64, 0x72,
0x6D, 0x5F, 0x70, 0x61, 0x67, 0x75, 0x69, 0x5F,
0x64, 0x6F, 0x69, 0x74
}, Utilities.GetFileVersion, "SecuROM Product Activation"),
// .cms_t + (char)0x00
new ContentMatchSet(new byte?[] { 0x2E, 0x63, 0x6D, 0x73, 0x5F, 0x74, 0x00 }, "SecuROM 1-3"),
// .cms_d + (char)0x00
new ContentMatchSet(new byte?[] { 0x2E, 0x63, 0x6D, 0x73, 0x5F, 0x64, 0x00 }, "SecuROM 1-3"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// AddD + (char)0x03 + (char)0x00 + (char)0x00 + (char)0x00)
new ContentMatchSet(new byte?[] { 0x41, 0x64, 0x64, 0x44, 0x03, 0x00, 0x00, 0x00 }, GetV4Version, "SecuROM"),
// (char)0xCA + (char)0xDD + (char)0xDD + (char)0xAC + (char)0x03
new ContentMatchSet(new byte?[] { 0xCA, 0xDD, 0xDD, 0xAC, 0x03 }, GetV5Version, "SecuROM"),
// .securom + (char)0xE0 + (char)0xC0
new ContentMatchSet(new byte?[]
{
0x2E, 0x73, 0x65, 0x63, 0x75, 0x72, 0x6F, 0x6D,
0xE0, 0xC0
}, GetV7Version, "SecuROM"),
// .securom
new ContentMatchSet(new byte?[] { 0x2E, 0x73, 0x65, 0x63, 0x75, 0x72, 0x6F, 0x6D }, GetV7Version, "SecuROM"),
// _and_play.dll + (char)0x00 + drm_pagui_doit
new ContentMatchSet(new byte?[]
{
0x5F, 0x61, 0x6E, 0x64, 0x5F, 0x70, 0x6C, 0x61,
0x79, 0x2E, 0x64, 0x6C, 0x6C, 0x00, 0x64, 0x72,
0x6D, 0x5F, 0x70, 0x61, 0x67, 0x75, 0x69, 0x5F,
0x64, 0x6F, 0x69, 0x74
}, Utilities.GetFileVersion, "SecuROM Product Activation"),
// S + (char)0x00 + e + (char)0x00 + c + (char)0x00 + u + (char)0x00 + R + (char)0x00 + O + (char)0x00 + M + (char)0x00 + + (char)0x00 + P + (char)0x00 + A + (char)0x00
new ContentMatchSet(new byte?[]
{
0x53, 0x00, 0x65, 0x00, 0x63, 0x00, 0x75, 0x00,
0x52, 0x00, 0x4F, 0x00, 0x4D, 0x00, 0x20, 0x00,
0x50, 0x00, 0x41, 0x00
}, Utilities.GetFileVersion, "SecuROM Product Activation"),
// .cms_t + (char)0x00
new ContentMatchSet(new byte?[] { 0x2E, 0x63, 0x6D, 0x73, 0x5F, 0x74, 0x00 }, "SecuROM 1-3"),
// .cms_d + (char)0x00
new ContentMatchSet(new byte?[] { 0x2E, 0x63, 0x6D, 0x73, 0x5F, 0x64, 0x00 }, "SecuROM 1-3"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

22
BurnOutSharp/ProtectionType/SmartE.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using BurnOutSharp.Matching;
@@ -6,23 +7,20 @@ namespace BurnOutSharp.ProtectionType
{
public class SmartE : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// BITARTS
new ContentMatchSet(new byte?[] { 0x42, 0x49, 0x54, 0x41, 0x52, 0x54, 0x53 }, "SmartE"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// BITARTS
new ContentMatchSet(new byte?[] { 0x42, 0x49, 0x54, 0x41, 0x52, 0x54, 0x53 }, "SmartE"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Verify if these are OR or AND
var matchers = new List<PathMatchSet>

5
BurnOutSharp/ProtectionType/SoftLock.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class SoftLock : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Verify if these are OR or AND
var matchers = new List<PathMatchSet>

144
BurnOutSharp/ProtectionType/SolidShield.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
@@ -8,77 +9,6 @@ namespace BurnOutSharp.ProtectionType
{
public class SolidShield : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// D + (char)0x00 + V + (char)0x00 + M + (char)0x00 + + (char)0x00 + L + (char)0x00 + i + (char)0x00 + b + (char)0x00 + r + (char)0x00 + a + (char)0x00 + r + (char)0x00 + y + (char)0x00
new ContentMatchSet(new byte?[]
{
0x44, 0x00, 0x56, 0x00, 0x4D, 0x00, 0x20, 0x00,
0x4C, 0x00, 0x69, 0x00, 0x62, 0x00, 0x72, 0x00,
0x61, 0x00, 0x72, 0x00, 0x79, 0x00
}, Utilities.GetFileVersion, "SolidShield"),
// S + (char)0x00 + o + (char)0x00 + l + (char)0x00 + i + (char)0x00 + d + (char)0x00 + s + (char)0x00 + h + (char)0x00 + i + (char)0x00 + e + (char)0x00 + l + (char)0x00 + d + (char)0x00 + + (char)0x00 + L + (char)0x00 + i + (char)0x00 + b + (char)0x00 + r + (char)0x00 + a + (char)0x00 + r + (char)0x00 + y + (char)0x00
new ContentMatchSet(new byte?[]
{
0x53, 0x00, 0x6F, 0x00, 0x6C, 0x00, 0x69, 0x00,
0x64, 0x00, 0x73, 0x00, 0x68, 0x00, 0x69, 0x00,
0x65, 0x00, 0x6C, 0x00, 0x64, 0x00, 0x20, 0x00,
0x4C, 0x00, 0x69, 0x00, 0x62, 0x00, 0x72, 0x00,
0x61, 0x00, 0x72, 0x00, 0x79, 0x00
}, GetFileVersion, "SolidShield Core.dll"),
// S + (char)0x00 + o + (char)0x00 + l + (char)0x00 + i + (char)0x00 + d + (char)0x00 + s + (char)0x00 + h + (char)0x00 + i + (char)0x00 + e + (char)0x00 + l + (char)0x00 + d + (char)0x00 + + (char)0x00 + A + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + v + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + L + (char)0x00 + i + (char)0x00 + b + (char)0x00 + r + (char)0x00 + a + (char)0x00 + r + (char)0x00 + y + (char)0x00
new ContentMatchSet(new byte?[]
{
0x53, 0x00, 0x6F, 0x00, 0x6C, 0x00, 0x69, 0x00,
0x64, 0x00, 0x73, 0x00, 0x68, 0x00, 0x69, 0x00,
0x65, 0x00, 0x6C, 0x00, 0x64, 0x00, 0x20, 0x00,
0x41, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00,
0x76, 0x00, 0x61, 0x00, 0x74, 0x00, 0x69, 0x00,
0x6F, 0x00, 0x6E, 0x00, 0x20, 0x00, 0x4C, 0x00,
0x69, 0x00, 0x62, 0x00, 0x72, 0x00, 0x61, 0x00,
0x72, 0x00, 0x79, 0x00
}, GetFileVersion, "SolidShield Core.dll"),
// (char)0xEF + (char)0xBE + (char)0xAD + (char)0xDE
new ContentMatchSet(new byte?[] { 0xEF, 0xBE, 0xAD, 0xDE }, GetExeWrapperVersion, "SolidShield"),
// A + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + v + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + M + (char)0x00 + a + (char)0x00 + n + (char)0x00 + a + (char)0x00 + g + (char)0x00 + e + (char)0x00 + r + (char)0x00
new ContentMatchSet(new byte?[]
{
0x41, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00,
0x76, 0x00, 0x61, 0x00, 0x74, 0x00, 0x69, 0x00,
0x6f, 0x00, 0x6e, 0x00, 0x20, 0x00, 0x4d, 0x00,
0x61, 0x00, 0x6e, 0x00, 0x61, 0x00, 0x67, 0x00,
0x65, 0x00, 0x72, 0x00
}, GetFileVersion, "SolidShield Activation Manager Module"),
// dvm.dll
new ContentMatchSet(new byte?[] { 0x64, 0x76, 0x6D, 0x2E, 0x64, 0x6C, 0x6C }, "SolidShield EXE Wrapper"),
// (char)0xAD + (char)0xDE + (char)0xFE + (char)0xCA
new ContentMatchSet(new byte?[] { 0xAD, 0xDE, 0xFE, 0xCA }, GetVersionPlusTages, "SolidShield"),
// Solidshield
new ContentMatchSet(new byte?[]
{
0x53, 0x6F, 0x6C, 0x69, 0x64, 0x73, 0x68, 0x69,
0x65, 0x6C, 0x64
}, GetVersion, "SolidShield"),
// B + (char)0x00 + I + (char)0x00 + N + (char)0x00 + (char)0x7 + (char)0x00 + I + (char)0x00 + D + (char)0x00 + R + (char)0x00 + _ + (char)0x00 + S + (char)0x00 + G + (char)0x00 + T + (char)0x00
new ContentMatchSet(new byte?[]
{
0x42, 0x00, 0x49, 0x00, 0x4E, 0x00, 0x07, 0x00,
0x49, 0x00, 0x44, 0x00, 0x52, 0x00, 0x5F, 0x00,
0x53, 0x00, 0x47, 0x00, 0x54, 0x00
}, "SolidShield"),
};
/// <summary>
/// Set of all PathMatchSets for this protection
/// </summary>
@@ -93,11 +23,79 @@ namespace BurnOutSharp.ProtectionType
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// D + (char)0x00 + V + (char)0x00 + M + (char)0x00 + + (char)0x00 + L + (char)0x00 + i + (char)0x00 + b + (char)0x00 + r + (char)0x00 + a + (char)0x00 + r + (char)0x00 + y + (char)0x00
new ContentMatchSet(new byte?[]
{
0x44, 0x00, 0x56, 0x00, 0x4D, 0x00, 0x20, 0x00,
0x4C, 0x00, 0x69, 0x00, 0x62, 0x00, 0x72, 0x00,
0x61, 0x00, 0x72, 0x00, 0x79, 0x00
}, Utilities.GetFileVersion, "SolidShield"),
// S + (char)0x00 + o + (char)0x00 + l + (char)0x00 + i + (char)0x00 + d + (char)0x00 + s + (char)0x00 + h + (char)0x00 + i + (char)0x00 + e + (char)0x00 + l + (char)0x00 + d + (char)0x00 + + (char)0x00 + L + (char)0x00 + i + (char)0x00 + b + (char)0x00 + r + (char)0x00 + a + (char)0x00 + r + (char)0x00 + y + (char)0x00
new ContentMatchSet(new byte?[]
{
0x53, 0x00, 0x6F, 0x00, 0x6C, 0x00, 0x69, 0x00,
0x64, 0x00, 0x73, 0x00, 0x68, 0x00, 0x69, 0x00,
0x65, 0x00, 0x6C, 0x00, 0x64, 0x00, 0x20, 0x00,
0x4C, 0x00, 0x69, 0x00, 0x62, 0x00, 0x72, 0x00,
0x61, 0x00, 0x72, 0x00, 0x79, 0x00
}, GetFileVersion, "SolidShield Core.dll"),
// S + (char)0x00 + o + (char)0x00 + l + (char)0x00 + i + (char)0x00 + d + (char)0x00 + s + (char)0x00 + h + (char)0x00 + i + (char)0x00 + e + (char)0x00 + l + (char)0x00 + d + (char)0x00 + + (char)0x00 + A + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + v + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + L + (char)0x00 + i + (char)0x00 + b + (char)0x00 + r + (char)0x00 + a + (char)0x00 + r + (char)0x00 + y + (char)0x00
new ContentMatchSet(new byte?[]
{
0x53, 0x00, 0x6F, 0x00, 0x6C, 0x00, 0x69, 0x00,
0x64, 0x00, 0x73, 0x00, 0x68, 0x00, 0x69, 0x00,
0x65, 0x00, 0x6C, 0x00, 0x64, 0x00, 0x20, 0x00,
0x41, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00,
0x76, 0x00, 0x61, 0x00, 0x74, 0x00, 0x69, 0x00,
0x6F, 0x00, 0x6E, 0x00, 0x20, 0x00, 0x4C, 0x00,
0x69, 0x00, 0x62, 0x00, 0x72, 0x00, 0x61, 0x00,
0x72, 0x00, 0x79, 0x00
}, GetFileVersion, "SolidShield Core.dll"),
// (char)0xEF + (char)0xBE + (char)0xAD + (char)0xDE
new ContentMatchSet(new byte?[] { 0xEF, 0xBE, 0xAD, 0xDE }, GetExeWrapperVersion, "SolidShield"),
// A + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + v + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + M + (char)0x00 + a + (char)0x00 + n + (char)0x00 + a + (char)0x00 + g + (char)0x00 + e + (char)0x00 + r + (char)0x00
new ContentMatchSet(new byte?[]
{
0x41, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00,
0x76, 0x00, 0x61, 0x00, 0x74, 0x00, 0x69, 0x00,
0x6f, 0x00, 0x6e, 0x00, 0x20, 0x00, 0x4d, 0x00,
0x61, 0x00, 0x6e, 0x00, 0x61, 0x00, 0x67, 0x00,
0x65, 0x00, 0x72, 0x00
}, GetFileVersion, "SolidShield Activation Manager Module"),
// dvm.dll
new ContentMatchSet(new byte?[] { 0x64, 0x76, 0x6D, 0x2E, 0x64, 0x6C, 0x6C }, "SolidShield EXE Wrapper"),
// (char)0xAD + (char)0xDE + (char)0xFE + (char)0xCA
new ContentMatchSet(new byte?[] { 0xAD, 0xDE, 0xFE, 0xCA }, GetVersionPlusTages, "SolidShield"),
// Solidshield
new ContentMatchSet(new byte?[]
{
0x53, 0x6F, 0x6C, 0x69, 0x64, 0x73, 0x68, 0x69,
0x65, 0x6C, 0x64
}, GetVersion, "SolidShield"),
// B + (char)0x00 + I + (char)0x00 + N + (char)0x00 + (char)0x7 + (char)0x00 + I + (char)0x00 + D + (char)0x00 + R + (char)0x00 + _ + (char)0x00 + S + (char)0x00 + G + (char)0x00 + T + (char)0x00
new ContentMatchSet(new byte?[]
{
0x42, 0x00, 0x49, 0x00, 0x4E, 0x00, 0x07, 0x00,
0x49, 0x00, 0x44, 0x00, 0x52, 0x00, 0x5F, 0x00,
0x53, 0x00, 0x47, 0x00, 0x54, 0x00
}, "SolidShield"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Verify if these are OR or AND
return MatchUtil.GetAllMatches(files, pathMatchers, any: true);

184
BurnOutSharp/ProtectionType/StarForce.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.Linq;
using BurnOutSharp.Matching;
@@ -6,15 +7,47 @@ namespace BurnOutSharp.ProtectionType
{
public class StarForce : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
new ContentMatchSet(new List<byte?[]>
var matchers = new List<ContentMatchSet>
{
new ContentMatchSet(new List<byte?[]>
{
// ( + (char)0x00 + c + (char)0x00 + ) + (char)0x00 + + (char)0x00 + P + (char)0x00 + r + (char)0x00 + o + (char)0x00 + t + (char)0x00 + e + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + T + (char)0x00 + e + (char)0x00 + c + (char)0x00 + h + (char)0x00 + n + (char)0x00 + o + (char)0x00 + l + (char)0x00 + o + (char)0x00 + g + (char)0x00 + y + (char)0x00
new byte?[]
{
0x28, 0x00, 0x63, 0x00, 0x29, 0x00, 0x20, 0x00,
0x50, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x74, 0x00,
0x65, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00,
0x6F, 0x00, 0x6E, 0x00, 0x20, 0x00, 0x54, 0x00,
0x65, 0x00, 0x63, 0x00, 0x68, 0x00, 0x6E, 0x00,
0x6F, 0x00, 0x6C, 0x00, 0x6F, 0x00, 0x67, 0x00,
0x79, 0x00
},
// // PSA_GetDiscLabel
// new byte?[]
// {
// 0x50, 0x53, 0x41, 0x5F, 0x47, 0x65, 0x74, 0x44,
// 0x69, 0x73, 0x63, 0x4C, 0x61, 0x62, 0x65, 0x6C
// },
// (c) Protection Technology
// new byte?[]
// {
// 0x28, 0x63, 0x29, 0x20, 0x50, 0x72, 0x6F, 0x74,
// 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x54,
// 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, 0x67,
// 0x79
// },
// TradeName
new byte?[] { 0x54, 0x72, 0x61, 0x64, 0x65, 0x4E, 0x61, 0x6D, 0x65 },
}, GetVersion, "StarForce"),
// ( + (char)0x00 + c + (char)0x00 + ) + (char)0x00 + + (char)0x00 + P + (char)0x00 + r + (char)0x00 + o + (char)0x00 + t + (char)0x00 + e + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + T + (char)0x00 + e + (char)0x00 + c + (char)0x00 + h + (char)0x00 + n + (char)0x00 + o + (char)0x00 + l + (char)0x00 + o + (char)0x00 + g + (char)0x00 + y + (char)0x00
new byte?[]
new ContentMatchSet(new byte?[]
{
0x28, 0x00, 0x63, 0x00, 0x29, 0x00, 0x20, 0x00,
0x50, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x74, 0x00,
@@ -23,113 +56,77 @@ namespace BurnOutSharp.ProtectionType
0x65, 0x00, 0x63, 0x00, 0x68, 0x00, 0x6E, 0x00,
0x6F, 0x00, 0x6C, 0x00, 0x6F, 0x00, 0x67, 0x00,
0x79, 0x00
},
}, Utilities.GetFileVersion, "StarForce"),
// // PSA_GetDiscLabel
// new byte?[]
// {
// 0x50, 0x53, 0x41, 0x5F, 0x47, 0x65, 0x74, 0x44,
// 0x69, 0x73, 0x63, 0x4C, 0x61, 0x62, 0x65, 0x6C
// },
new ContentMatchSet(new List<byte?[]>
{
// Protection Technology, Ltd.
new byte?[]
{
0x50, 0x72, 0x6F, 0x74, 0x65, 0x63, 0x74, 0x69,
0x6F, 0x6E, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E,
0x6F, 0x6C, 0x6F, 0x67, 0x79, 0x2C, 0x20, 0x4C,
0x74, 0x64, 0x2E
},
// (c) Protection Technology
// new byte?[]
// {
// 0x28, 0x63, 0x29, 0x20, 0x50, 0x72, 0x6F, 0x74,
// 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x54,
// 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, 0x67,
// 0x79
// },
// // PSA_GetDiscLabel
// new byte?[]
// {
// 0x50, 0x53, 0x41, 0x5F, 0x47, 0x65, 0x74, 0x44,
// 0x69, 0x73, 0x63, 0x4C, 0x61, 0x62, 0x65, 0x6C
// },
// TradeName
new byte?[] { 0x54, 0x72, 0x61, 0x64, 0x65, 0x4E, 0x61, 0x6D, 0x65 },
}, GetVersion, "StarForce"),
// (c) Protection Technology
// new byte?[]
// {
// 0x28, 0x63, 0x29, 0x20, 0x50, 0x72, 0x6F, 0x74,
// 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x54,
// 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, 0x67,
// 0x79
// },
// ( + (char)0x00 + c + (char)0x00 + ) + (char)0x00 + + (char)0x00 + P + (char)0x00 + r + (char)0x00 + o + (char)0x00 + t + (char)0x00 + e + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00 + + (char)0x00 + T + (char)0x00 + e + (char)0x00 + c + (char)0x00 + h + (char)0x00 + n + (char)0x00 + o + (char)0x00 + l + (char)0x00 + o + (char)0x00 + g + (char)0x00 + y + (char)0x00
new ContentMatchSet(new byte?[]
{
0x28, 0x00, 0x63, 0x00, 0x29, 0x00, 0x20, 0x00,
0x50, 0x00, 0x72, 0x00, 0x6F, 0x00, 0x74, 0x00,
0x65, 0x00, 0x63, 0x00, 0x74, 0x00, 0x69, 0x00,
0x6F, 0x00, 0x6E, 0x00, 0x20, 0x00, 0x54, 0x00,
0x65, 0x00, 0x63, 0x00, 0x68, 0x00, 0x6E, 0x00,
0x6F, 0x00, 0x6C, 0x00, 0x6F, 0x00, 0x67, 0x00,
0x79, 0x00
}, Utilities.GetFileVersion, "StarForce"),
// TradeName
new byte?[] { 0x54, 0x72, 0x61, 0x64, 0x65, 0x4E, 0x61, 0x6D, 0x65 },
}, GetVersion, "StarForce"),
// .sforce
new ContentMatchSet(new byte?[] { 0x2E, 0x73, 0x66, 0x6F, 0x72, 0x63, 0x65 }, "StarForce 3-5"),
// .brick
new ContentMatchSet(new byte?[] { 0x2E, 0x62, 0x72, 0x69, 0x63, 0x6B }, "StarForce 3-5"),
new ContentMatchSet(new List<byte?[]>
{
// Protection Technology, Ltd.
new byte?[]
new ContentMatchSet(new byte?[]
{
0x50, 0x72, 0x6F, 0x74, 0x65, 0x63, 0x74, 0x69,
0x6F, 0x6E, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E,
0x6F, 0x6C, 0x6F, 0x67, 0x79, 0x2C, 0x20, 0x4C,
0x74, 0x64, 0x2E
},
}, Utilities.GetFileVersion, "StarForce"),
// // PSA_GetDiscLabel
// new byte?[]
// {
// 0x50, 0x53, 0x41, 0x5F, 0x47, 0x65, 0x74, 0x44,
// 0x69, 0x73, 0x63, 0x4C, 0x61, 0x62, 0x65, 0x6C
// },
// P + (char)0x00 + r + (char)0x00 + o + (char)0x00 + t + (char)0x00 + e + (char)0x00 + c + (char)0x00 + t + (char)0x00 + e + (char)0x00 + d + (char)0x00 + + (char)0x00 + M + (char)0x00 + o + (char)0x00 + d + (char)0x00 + u + (char)0x00 + l + (char)0x00 + e + (char)0x00
new ContentMatchSet(new byte?[]
{
0x50, 0x00, 0x72, 0x00, 0x6f, 0x00, 0x74, 0x00,
0x65, 0x00, 0x63, 0x00, 0x74, 0x00, 0x65, 0x00,
0x64, 0x00, 0x20, 0x00, 0x4d, 0x00, 0x6f, 0x00,
0x64, 0x00, 0x75, 0x00, 0x6c, 0x00, 0x65, 0x00
}, "StarForce 5"),
};
// (c) Protection Technology
// new byte?[]
// {
// 0x28, 0x63, 0x29, 0x20, 0x50, 0x72, 0x6F, 0x74,
// 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x54,
// 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 0x6F, 0x67,
// 0x79
// },
// TradeName
new byte?[] { 0x54, 0x72, 0x61, 0x64, 0x65, 0x4E, 0x61, 0x6D, 0x65 },
}, GetVersion, "StarForce"),
// Protection Technology, Ltd.
new ContentMatchSet(new byte?[]
{
0x50, 0x72, 0x6F, 0x74, 0x65, 0x63, 0x74, 0x69,
0x6F, 0x6E, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E,
0x6F, 0x6C, 0x6F, 0x67, 0x79, 0x2C, 0x20, 0x4C,
0x74, 0x64, 0x2E
}, Utilities.GetFileVersion, "StarForce"),
// .sforce
new ContentMatchSet(new byte?[] { 0x2E, 0x73, 0x66, 0x6F, 0x72, 0x63, 0x65 }, "StarForce 3-5"),
// .brick
new ContentMatchSet(new byte?[] { 0x2E, 0x62, 0x72, 0x69, 0x63, 0x6B }, "StarForce 3-5"),
// P + (char)0x00 + r + (char)0x00 + o + (char)0x00 + t + (char)0x00 + e + (char)0x00 + c + (char)0x00 + t + (char)0x00 + e + (char)0x00 + d + (char)0x00 + + (char)0x00 + M + (char)0x00 + o + (char)0x00 + d + (char)0x00 + u + (char)0x00 + l + (char)0x00 + e + (char)0x00
new ContentMatchSet(new byte?[]
{
0x50, 0x00, 0x72, 0x00, 0x6f, 0x00, 0x74, 0x00,
0x65, 0x00, 0x63, 0x00, 0x74, 0x00, 0x65, 0x00,
0x64, 0x00, 0x20, 0x00, 0x4d, 0x00, 0x6f, 0x00,
0x64, 0x00, 0x75, 0x00, 0x6c, 0x00, 0x65, 0x00
}, "StarForce 5"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Verify if these are OR or AND
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("protect.dll", useEndsWith: true), "StarForce"),
new PathMatchSet(new PathMatch("protect.exe", useEndsWith: true), "StarForce"),
};
return MatchUtil.GetAllMatches(files, matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: false);
}
/// <inheritdoc/>
@@ -137,8 +134,9 @@ namespace BurnOutSharp.ProtectionType
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("protect.dll", useEndsWith: true), "StarForce"),
new PathMatchSet(new PathMatch("protect.exe", useEndsWith: true), "StarForce"),
// TODO: Re-consolidate these once path matching is improved
new PathMatchSet(new PathMatch("/protect.dll", useEndsWith: true), "StarForce"),
new PathMatchSet(new PathMatch("/protect.exe", useEndsWith: true), "StarForce"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

5
BurnOutSharp/ProtectionType/Steam.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class Steam : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

39
BurnOutSharp/ProtectionType/Sysiphus.cs
View File

@@ -5,30 +5,27 @@ namespace BurnOutSharp.ProtectionType
{
public class Sysiphus : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// V SUHPISYSDVD
new ContentMatchSet(new byte?[]
{
0x56, 0x20, 0x53, 0x55, 0x48, 0x50, 0x49, 0x53,
0x59, 0x53, 0x44, 0x56, 0x44
}, GetVersion, "Sysiphus DVD"),
// V SUHPISYSDVD
new ContentMatchSet(new byte?[]
{
0x56, 0x20, 0x53, 0x55, 0x48, 0x50, 0x49, 0x53,
0x59, 0x53
}, GetVersion, "Sysiphus"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// V SUHPISYSDVD
new ContentMatchSet(new byte?[]
{
0x56, 0x20, 0x53, 0x55, 0x48, 0x50, 0x49, 0x53,
0x59, 0x53, 0x44, 0x56, 0x44
}, GetVersion, "Sysiphus DVD"),
// V SUHPISYSDVD
new ContentMatchSet(new byte?[]
{
0x56, 0x20, 0x53, 0x55, 0x48, 0x50, 0x49, 0x53,
0x59, 0x53
}, GetVersion, "Sysiphus"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
public static string GetVersion(string file, byte[] fileContent, List<int> positions)

5
BurnOutSharp/ProtectionType/TZCopyProtector.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class TZCopyProtector : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

64
BurnOutSharp/ProtectionType/Tages.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
@@ -9,63 +10,60 @@ namespace BurnOutSharp.ProtectionType
// TODO: Figure out how to use path check framework here
public class Tages : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// protected-tages-runtime.exe
new ContentMatchSet(new byte?[]
{
0x70, 0x72, 0x6F, 0x74, 0x65, 0x63, 0x74, 0x65,
0x64, 0x2D, 0x74, 0x61, 0x67, 0x65, 0x73, 0x2D,
0x72, 0x75, 0x6E, 0x74, 0x69, 0x6D, 0x65, 0x2E,
0x65, 0x78, 0x65
}, Utilities.GetFileVersion, "TAGES"),
// tagesprotection.com
new ContentMatchSet(new byte?[]
{
0x74, 0x61, 0x67, 0x65, 0x73, 0x70, 0x72, 0x6F,
0x74, 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x2E,
0x63, 0x6F, 0x6D
}, Utilities.GetFileVersion, "TAGES"),
// (char)0xE8 + u + (char)0x00 + (char)0x00 + (char)0x00 + (char)0xE8
new ContentMatchSet(new byte?[] { 0xE8, 0x75, 0x00, 0x00, 0x00, 0xE8 }, GetVersion, "TAGES"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// protected-tages-runtime.exe
new ContentMatchSet(new byte?[]
{
0x70, 0x72, 0x6F, 0x74, 0x65, 0x63, 0x74, 0x65,
0x64, 0x2D, 0x74, 0x61, 0x67, 0x65, 0x73, 0x2D,
0x72, 0x75, 0x6E, 0x74, 0x69, 0x6D, 0x65, 0x2E,
0x65, 0x78, 0x65
}, Utilities.GetFileVersion, "TAGES"),
// tagesprotection.com
new ContentMatchSet(new byte?[]
{
0x74, 0x61, 0x67, 0x65, 0x73, 0x70, 0x72, 0x6F,
0x74, 0x65, 0x63, 0x74, 0x69, 0x6F, 0x6E, 0x2E,
0x63, 0x6F, 0x6D
}, Utilities.GetFileVersion, "TAGES"),
// (char)0xE8 + u + (char)0x00 + (char)0x00 + (char)0x00 + (char)0xE8
new ContentMatchSet(new byte?[] { 0xE8, 0x75, 0x00, 0x00, 0x00, 0xE8 }, GetVersion, "TAGES"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
List<string> protections = new List<string>();
var protections = new ConcurrentQueue<string>();
// TODO: Verify if these are OR or AND
if (files.Any(f => Path.GetFileName(f).Equals("Tages.dll", StringComparison.OrdinalIgnoreCase))
|| files.Any(f => Path.GetFileName(f).Equals("Wave.aif", StringComparison.OrdinalIgnoreCase)))
{
protections.Add("TAGES");
protections.Enqueue("TAGES");
}
if (files.Any(f => Path.GetFileName(f).Equals("tagesclient.exe", StringComparison.OrdinalIgnoreCase)))
{
string file = files.First(f => Path.GetFileName(f).Equals("tagesclient.exe", StringComparison.OrdinalIgnoreCase));
protections.Add("TAGES Activation Client " + Utilities.GetFileVersion(file));
protections.Enqueue("TAGES Activation Client " + Utilities.GetFileVersion(file));
}
if (files.Any(f => Path.GetFileName(f).Equals("TagesSetup.exe", StringComparison.OrdinalIgnoreCase)))
{
string file = files.First(f => Path.GetFileName(f).Equals("TagesSetup.exe", StringComparison.OrdinalIgnoreCase));
protections.Add("TAGES Setup " + Utilities.GetFileVersion(file));
protections.Enqueue("TAGES Setup " + Utilities.GetFileVersion(file));
}
if (files.Any(f => Path.GetFileName(f).Equals("TagesSetup_x64.exe", StringComparison.OrdinalIgnoreCase)))
{
string file = files.First(f => Path.GetFileName(f).Equals("TagesSetup_x64.exe", StringComparison.OrdinalIgnoreCase));
protections.Add("TAGES Setup " + Utilities.GetFileVersion(file));
protections.Enqueue("TAGES Setup " + Utilities.GetFileVersion(file));
}
if (protections.Count == 0)

45
BurnOutSharp/ProtectionType/ThreePLock.cs
View File

@@ -5,33 +5,30 @@ namespace BurnOutSharp.ProtectionType
{
public class ThreePLock : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
new ContentMatchSet(new List<byte?[]>
{
// .ldr
new byte?[] { 0x2E, 0x6C, 0x64, 0x72 },
// .ldt
new byte?[] { 0x2E, 0x6C, 0x64, 0x74 },
}, "3PLock"),
// This produced false positives in some DirectX 9.0c installer files
// "Y" + (char)0xC3 + "U" + (char)0x8B + (char)0xEC + (char)0x83 + (char)0xEC + "0SVW"
// new ContentMatchSet(new byte?[]
// {
// 0x59, 0xC3, 0x55, 0x8B, 0xEC, 0x83, 0xEC, 0x30,
// 0x53, 0x56, 0x57
// }, "3PLock"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
new ContentMatchSet(new List<byte?[]>
{
// .ldr
new byte?[] { 0x2E, 0x6C, 0x64, 0x72 },
// .ldt
new byte?[] { 0x2E, 0x6C, 0x64, 0x74 },
}, "3PLock"),
// This produced false positives in some DirectX 9.0c installer files
// "Y" + (char)0xC3 + "U" + (char)0x8B + (char)0xEC + (char)0x83 + (char)0xEC + "0SVW"
// new ContentMatchSet(new byte?[]
// {
// 0x59, 0xC3, 0x55, 0x8B, 0xEC, 0x83, 0xEC, 0x30,
// 0x53, 0x56, 0x57
// }, "3PLock"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

33
BurnOutSharp/ProtectionType/ThreeTwoOneStudios.cs
View File

@@ -5,27 +5,24 @@ namespace BurnOutSharp.ProtectionType
{
public class ThreeTwoOneStudios : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// 3 + (char)0x00 + 1 + 2 + (char)0x00 + 1 + (char)0x00 + S + (char)0x00 + t + (char)0x00 + u + (char)0x00 + d + (char)0x00 + i + (char)0x00 + o + (char)0x00 + s + (char)0x00 + + (char)0x00 + A + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + v + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00
new ContentMatchSet(new byte?[]
{
0x33, 0x00, 0x32, 0x00, 0x31, 0x00, 0x53, 0x00,
0x74, 0x00, 0x75, 0x00, 0x64, 0x00, 0x69, 0x00,
0x6F, 0x00, 0x73, 0x00, 0x20, 0x00, 0x41, 0x00,
0x63, 0x00, 0x74, 0x00, 0x69, 0x00, 0x76, 0x00,
0x61, 0x00, 0x74, 0x00, 0x69, 0x00, 0x6F, 0x00,
0x6E, 0x00
}, "321Studios Online Activation"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// 3 + (char)0x00 + 1 + 2 + (char)0x00 + 1 + (char)0x00 + S + (char)0x00 + t + (char)0x00 + u + (char)0x00 + d + (char)0x00 + i + (char)0x00 + o + (char)0x00 + s + (char)0x00 + + (char)0x00 + A + (char)0x00 + c + (char)0x00 + t + (char)0x00 + i + (char)0x00 + v + (char)0x00 + a + (char)0x00 + t + (char)0x00 + i + (char)0x00 + o + (char)0x00 + n + (char)0x00
new ContentMatchSet(new byte?[]
{
0x33, 0x00, 0x32, 0x00, 0x31, 0x00, 0x53, 0x00,
0x74, 0x00, 0x75, 0x00, 0x64, 0x00, 0x69, 0x00,
0x6F, 0x00, 0x73, 0x00, 0x20, 0x00, 0x41, 0x00,
0x63, 0x00, 0x74, 0x00, 0x69, 0x00, 0x76, 0x00,
0x61, 0x00, 0x74, 0x00, 0x69, 0x00, 0x6F, 0x00,
0x6E, 0x00
}, "321Studios Online Activation"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

35
BurnOutSharp/ProtectionType/TivolaRingProtection.cs Normal file
View File

@@ -0,0 +1,35 @@
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
/// <remarks>
/// This protection needs far more research
/// </remarks>
public class TivolaRingProtection : IPathCheck
{
/// <inheritdoc/>
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(Path.Combine("ZDAT", "webmast.dxx").Replace("\\", "/"), "Tivola Ring Protection [Check disc for physical ring]"),
};
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
public string CheckFilePath(string path)
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(Path.Combine("ZDAT", "webmast.dxx").Replace("\\", "/"), "Tivola Ring Protection [Check disc for physical ring]"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);
}
}
}

5
BurnOutSharp/ProtectionType/Uplay.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class Uplay : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

40
BurnOutSharp/ProtectionType/VOBProtectCDDVD.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
@@ -10,33 +11,30 @@ namespace BurnOutSharp.ProtectionType
{
public class VOBProtectCDDVD : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// VOB ProtectCD
new ContentMatchSet(new byte?[]
{
0x56, 0x4F, 0x42, 0x20, 0x50, 0x72, 0x6F, 0x74,
0x65, 0x63, 0x74, 0x43, 0x44
}, GetOldVersion, "VOB ProtectCD/DVD"),
// DCP-BOV + (char)0x00 + (char)0x00
new ContentMatchSet(new byte?[] { 0x44, 0x43, 0x50, 0x2D, 0x42, 0x4F, 0x56, 0x00, 0x00 }, GetVersion, "VOB ProtectCD/DVD"),
// .vob.pcd
new ContentMatchSet(new byte?[] { 0x2E, 0x76, 0x6F, 0x62, 0x2E, 0x70, 0x63, 0x64 }, "VOB ProtectCD"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// VOB ProtectCD
new ContentMatchSet(new byte?[]
{
0x56, 0x4F, 0x42, 0x20, 0x50, 0x72, 0x6F, 0x74,
0x65, 0x63, 0x74, 0x43, 0x44
}, GetOldVersion, "VOB ProtectCD/DVD"),
// DCP-BOV + (char)0x00 + (char)0x00
new ContentMatchSet(new byte?[] { 0x44, 0x43, 0x50, 0x2D, 0x42, 0x4F, 0x56, 0x00, 0x00 }, GetVersion, "VOB ProtectCD/DVD"),
// .vob.pcd
new ContentMatchSet(new byte?[] { 0x2E, 0x76, 0x6F, 0x62, 0x2E, 0x70, 0x63, 0x64 }, "VOB ProtectCD"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

58
BurnOutSharp/ProtectionType/WTMCDProtect.cs
View File

@@ -1,49 +1,65 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
{
public class WTMCDProtect : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// WTM76545
new ContentMatchSet(new byte?[] { 0x57, 0x54, 0x4D, 0x37, 0x36, 0x35, 0x34, 0x35 }, "WTM CD Protect"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// This string is found in the .imp files associated with this protection.
// WTM76545
new ContentMatchSet(new byte?[] { 0x57, 0x54, 0x4D, 0x37, 0x36, 0x35, 0x34, 0x35 }, "WTM CD Protect"),
// Found in the copy protected setup used by this protection.
// wtmdum.imp
new ContentMatchSet(new byte?[] { 0x77, 0x74, 0x6D, 0x64, 0x75, 0x6D, 0x2E, 0x69, 0x6D, 0x70 }, "WTM CD Protect"),
// WTM DIGITAL Photo Protect
new ContentMatchSet(new byte?[]
{
0x57, 0x54, 0x4D, 0x20, 0x44, 0x49, 0x47, 0x49,
0x54, 0x41, 0x4C, 0x20, 0x50, 0x68, 0x6F, 0x74,
0x6F, 0x20, 0x50, 0x72, 0x6F, 0x74, 0x65, 0x63,
0x74
}, "WTM Protection Viewer"),
// WTM Copy Protection Viewer
new ContentMatchSet(new byte?[]
{
0x48, 0x61, 0x6E, 0x73, 0x70, 0x65, 0x74, 0x65, 0x72
}, "WTM Protection Viewer"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
// TODO: Verify if these are OR or AND
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch(".IMP", useEndsWith: true), "WTM CD Protect"),
new PathMatchSet(new PathMatch("imp.dat", useEndsWith: true), "WTM CD Protect"),
new PathMatchSet(new PathMatch("wtmfiles.dat", useEndsWith: true), "WTM CD Protect"),
new PathMatchSet(new PathMatch("Viewer.exe", useEndsWith: true), "WTM CD Protect"),
new PathMatchSet(new PathMatch("wtmfiles.dat", useEndsWith: true), "WTM Protection Viewer"),
new PathMatchSet(new PathMatch("Viewer.exe", useEndsWith: true), "WTM Protection Viewer"),
};
return MatchUtil.GetAllMatches(files, matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: false);
}
/// <inheritdoc/>
public string CheckFilePath(string path)
{
// TODO: Add ImageX.imp as a wildcard, if possilbe
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch(".IMP", useEndsWith: true), "WTM CD Protect"),
new PathMatchSet(new PathMatch("Image.imp", useEndsWith: true), "WTM CD Protect"),
new PathMatchSet(new PathMatch("Image1.imp", useEndsWith: true), "WTM CD Protect"),
new PathMatchSet(new PathMatch("imp.dat", useEndsWith: true), "WTM CD Protect"),
new PathMatchSet(new PathMatch("wtmfiles.dat", useEndsWith: true), "WTM CD Protect"),
new PathMatchSet(new PathMatch("Viewer.exe", useEndsWith: true), "WTM CD Protect"),
new PathMatchSet(new PathMatch("wtmfiles.dat", useEndsWith: true), "WTM Protection Viewer"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

5
BurnOutSharp/ProtectionType/Winlock.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using BurnOutSharp.Matching;
namespace BurnOutSharp.ProtectionType
@@ -6,7 +7,7 @@ namespace BurnOutSharp.ProtectionType
public class Winlock : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{

75
BurnOutSharp/ProtectionType/XCP.cs
View File

@@ -1,4 +1,5 @@
using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using System.Linq;
@@ -10,63 +11,71 @@ namespace BurnOutSharp.ProtectionType
// TODO: Figure out how to use path check framework here
public class XCP : IContentCheck, IPathCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// XCP.DAT
new ContentMatchSet(new byte?[] { 0x58, 0x43, 0x50, 0x2E, 0x44, 0x41, 0x54 }, "XCP"),
// XCPPlugins.dll
new ContentMatchSet(new byte?[]
{
0x58, 0x43, 0x50, 0x50, 0x6C, 0x75, 0x67, 0x69,
0x6E, 0x73, 0x2E, 0x64, 0x6C, 0x6C
}, "XCP"),
// XCPPhoenix.dll
new ContentMatchSet(new byte?[]
{
0x58, 0x43, 0x50, 0x50, 0x68, 0x6F, 0x65, 0x6E,
0x69, 0x78, 0x2E, 0x64, 0x6C, 0x6C
}, "XCP"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// Found in GO.EXE
// XCP.DAT
new ContentMatchSet(new byte?[] { 0x58, 0x43, 0x50, 0x2E, 0x44, 0x41, 0x54 }, "XCP"),
// Found in GO.EXE
// XCPPlugins.dll
new ContentMatchSet(new byte?[]
{
0x58, 0x43, 0x50, 0x50, 0x6C, 0x75, 0x67, 0x69,
0x6E, 0x73, 0x2E, 0x64, 0x6C, 0x6C
}, "XCP"),
// Found in GO.EXE
// XCPPhoenix.dll
new ContentMatchSet(new byte?[]
{
0x58, 0x43, 0x50, 0x50, 0x68, 0x6F, 0x65, 0x6E,
0x69, 0x78, 0x2E, 0x64, 0x6C, 0x6C
}, "XCP"),
// xcpdrive
new ContentMatchSet(new byte?[]
{
0x78, 0x63, 0x70, 0x64, 0x72, 0x69, 0x76, 0x65
}, "XCP"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var protections = new ConcurrentQueue<string>();
// TODO: Verify if these are OR or AND
if (files.Any(f => Path.GetFileName(f).Equals("XCP.DAT", StringComparison.OrdinalIgnoreCase))
|| files.Any(f => Path.GetFileName(f).Equals("ECDPlayerControl.ocx", StringComparison.OrdinalIgnoreCase))
|| files.Any(f => Path.GetFileName(f).Equals("go.exe", StringComparison.OrdinalIgnoreCase))) // Path.Combine("contents", "go.exe")
|| files.Any(f => Path.GetFileName(f).Equals("ECDPlayerControl.ocx", StringComparison.OrdinalIgnoreCase)))
{
string versionDatPath = files.FirstOrDefault(f => Path.GetFileName(f).Equals("VERSION.DAT", StringComparison.OrdinalIgnoreCase));
if (!string.IsNullOrWhiteSpace(versionDatPath))
{
string xcpVersion = GetDatVersion(versionDatPath);
if (!string.IsNullOrWhiteSpace(xcpVersion))
return new List<string>() { xcpVersion };
protections.Enqueue(xcpVersion);
}
else
{
protections.Enqueue("XCP");
}
return new List<string>() { "XCP" };
}
return null;
return protections;
}
/// <inheritdoc/>
public string CheckFilePath(string path)
{
if (Path.GetFileName(path).Equals("XCP.DAT", StringComparison.OrdinalIgnoreCase)
|| Path.GetFileName(path).Equals("ECDPlayerControl.ocx", StringComparison.OrdinalIgnoreCase)
|| Path.GetFileName(path).Equals("go.exe", StringComparison.OrdinalIgnoreCase))
|| Path.GetFileName(path).Equals("ECDPlayerControl.ocx", StringComparison.OrdinalIgnoreCase))
{
return "XCP";
}

17
BurnOutSharp/ProtectionType/XtremeProtector.cs
View File

@@ -5,19 +5,16 @@ namespace BurnOutSharp.ProtectionType
{
public class XtremeProtector : IContentCheck
{
/// <summary>
/// Set of all ContentMatchSets for this protection
/// </summary>
private static readonly List<ContentMatchSet> contentMatchers = new List<ContentMatchSet>
{
// XPROT
new ContentMatchSet(new byte?[] { 0x58, 0x50, 0x52, 0x4F, 0x54, 0x20, 0x20, 0x20 }, "Xtreme-Protector"),
};
/// <inheritdoc/>
public string CheckContents(string file, byte[] fileContent, bool includePosition = false)
{
return MatchUtil.GetFirstMatch(file, fileContent, contentMatchers, includePosition);
var matchers = new List<ContentMatchSet>
{
// XPROT
new ContentMatchSet(new byte?[] { 0x58, 0x50, 0x52, 0x4F, 0x54, 0x20, 0x20, 0x20 }, "Xtreme-Protector"),
};
return MatchUtil.GetFirstMatch(file, fileContent, matchers, includePosition);
}
}
}

9
BurnOutSharp/ProtectionType/Zzxzz.cs
View File

@@ -1,4 +1,5 @@
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.IO;
using BurnOutSharp.Matching;
@@ -7,12 +8,12 @@ namespace BurnOutSharp.ProtectionType
public class Zzxzz : IPathCheck
{
/// <inheritdoc/>
public List<string> CheckDirectoryPath(string path, IEnumerable<string> files)
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(Path.Combine(path, "Zzxzz", "Zzz.aze"), "Zzxzz"),
new PathMatchSet($"Zzxzz{Path.DirectorySeparatorChar}", "Zzxzz"),
new PathMatchSet(Path.Combine(path, "Zzxzz", "Zzz.aze").Replace("\\", "/"), "Zzxzz"),
new PathMatchSet($"Zzxzz/", "Zzxzz"),
};
return MatchUtil.GetAllMatches(files, matchers, any: true);

Some files were not shown because too many files have changed in this diff Show More