SabreTools/BinaryObjectScanner
1
0
Fork 0
mirror of https://github.com/SabreTools/BinaryObjectScanner.git synced 2026-02-05 13:49:37 +00:00
Code Issues 295 Packages Projects Releases 20 Wiki Activity

Compare commits

base: SabreTools:2.9.0
Branches Tags
SabreTools:master
SabreTools:rolling SabreTools:3.5.0 SabreTools:3.4.6 SabreTools:3.4.5 SabreTools:3.4.4 SabreTools:3.4.3 SabreTools:3.4.2 SabreTools:3.4.1 SabreTools:3.4.0 SabreTools:3.3.4 SabreTools:3.3.3 SabreTools:3.3.2 SabreTools:3.3.1 SabreTools:3.3.0 SabreTools:3.2.3 SabreTools:3.2.2 SabreTools:3.2.1 SabreTools:3.2.0 SabreTools:3.1.16 SabreTools:3.1.15 SabreTools:3.1.14 SabreTools:3.1.13 SabreTools:3.1.12 SabreTools:3.1.11 SabreTools:3.1.10 SabreTools:3.1.9 SabreTools:3.1.8 SabreTools:3.1.7 SabreTools:3.1.6 SabreTools:3.1.5 SabreTools:3.1.4 SabreTools:3.1.3 SabreTools:3.1.2 SabreTools:3.1.1 SabreTools:3.1.0 SabreTools:3.0.2 SabreTools:3.0.1 SabreTools:3.0.0 SabreTools:2.9.0 SabreTools:2.8.0 SabreTools:2.7.0 SabreTools:2.6.0 SabreTools:2.5.0 SabreTools:2.3.4 SabreTools:2.3.3 SabreTools:2.3.2 SabreTools:2.3.1 SabreTools:2.3.0 SabreTools:2.1.0 SabreTools:2.0.0 SabreTools:1.8.0 SabreTools:1.7.0 SabreTools:1.6.1 SabreTools:1.6.0 SabreTools:1.5.1 SabreTools:1.5.0 SabreTools:1.4.1 SabreTools:1.4.0 SabreTools:1.03.9.1 SabreTools:1.03.9 SabreTools:1.03.8.2 SabreTools:1.03.8.1 SabreTools:1.03.8.0 SabreTools:1.03.7.1 SabreTools:1.03.5 SabreTools:1.03.7 SabreTools:1.03.6
...
compare: SabreTools:3.0.2
Branches Tags
SabreTools:master
SabreTools:rolling SabreTools:3.5.0 SabreTools:3.4.6 SabreTools:3.4.5 SabreTools:3.4.4 SabreTools:3.4.3 SabreTools:3.4.2 SabreTools:3.4.1 SabreTools:3.4.0 SabreTools:3.3.4 SabreTools:3.3.3 SabreTools:3.3.2 SabreTools:3.3.1 SabreTools:3.3.0 SabreTools:3.2.3 SabreTools:3.2.2 SabreTools:3.2.1 SabreTools:3.2.0 SabreTools:3.1.16 SabreTools:3.1.15 SabreTools:3.1.14 SabreTools:3.1.13 SabreTools:3.1.12 SabreTools:3.1.11 SabreTools:3.1.10 SabreTools:3.1.9 SabreTools:3.1.8 SabreTools:3.1.7 SabreTools:3.1.6 SabreTools:3.1.5 SabreTools:3.1.4 SabreTools:3.1.3 SabreTools:3.1.2 SabreTools:3.1.1 SabreTools:3.1.0 SabreTools:3.0.2 SabreTools:3.0.1 SabreTools:3.0.0 SabreTools:2.9.0 SabreTools:2.8.0 SabreTools:2.7.0 SabreTools:2.6.0 SabreTools:2.5.0 SabreTools:2.3.4 SabreTools:2.3.3 SabreTools:2.3.2 SabreTools:2.3.1 SabreTools:2.3.0 SabreTools:2.1.0 SabreTools:2.0.0 SabreTools:1.8.0 SabreTools:1.7.0 SabreTools:1.6.1 SabreTools:1.6.0 SabreTools:1.5.1 SabreTools:1.5.0 SabreTools:1.4.1 SabreTools:1.4.0 SabreTools:1.03.9.1 SabreTools:1.03.9 SabreTools:1.03.8.2 SabreTools:1.03.8.1 SabreTools:1.03.8.0 SabreTools:1.03.7.1 SabreTools:1.03.5 SabreTools:1.03.7 SabreTools:1.03.6

22 Commits
2.9.0 ... 3.0.2

Author SHA1 Message Date
Matt Nadareski
0e32abc76c Bump version 2023-11-22 13:28:56 -05:00
Matt Nadareski
94cb06a3bd Handle some messages 2023-11-22 13:28:13 -05:00
Matt Nadareski
907aea443e Support .NET Framework 2.0 2023-11-22 12:22:01 -05:00
Matt Nadareski
385922723c Upate packages 2023-11-22 10:48:08 -05:00
Matt Nadareski
3061c2f009 Reenable .NET Framework 4.0 2023-11-21 10:59:29 -05:00
Matt Nadareski
5c0ccbde35 Temporarily remove .NET Framework 4.0 2023-11-21 10:19:15 -05:00
Matt Nadareski
7b998de2ca Handle more C# 12 syntax 2023-11-21 10:17:25 -05:00
Matt Nadareski
b0d49f52a5 Bump version 2023-11-20 12:16:53 -05:00
Matt Nadareski
6f9bcc2111 Fix multiple invocation bug 
This bug arose when all of the libraries were consoliated into the same library for better packaging. Each set of classes was being instantiated 3 times as a result.
 2023-11-18 20:55:32 -05:00
Matt Nadareski
0fb0ecd28a Update ST libraries for bugfixes 2023-11-15 12:54:32 -05:00
Matt Nadareski
6194d88aec Correct the excludes 2023-11-15 11:26:00 -05:00
Matt Nadareski
b02c3121fe Use official package for IProgress 2023-11-15 00:24:47 -05:00
Matt Nadareski
580db0cb65 Minor tweaks to reduce warnings 2023-11-14 23:48:35 -05:00
Matt Nadareski
6bcdc0e3c6 Bump version 2023-11-14 16:16:08 -05:00
Matt Nadareski
9b4fd91717 Update build scripts 2023-11-14 16:13:49 -05:00
Matt Nadareski
9421249b8e Support ancient .NET 2023-11-14 16:10:10 -05:00
Matt Nadareski
e823cbaee5 Expand supported RIDs 2023-11-08 22:51:47 -05:00
Matt Nadareski
c34618554b Update project comment 2023-11-08 12:08:22 -05:00
Matt Nadareski
6ab7b4a004 Enable latest language version 2023-11-08 11:59:50 -05:00
Matt Nadareski
5b6bf3b73e Rename to BinaryObjectScanner 2023-11-08 11:37:27 -05:00
Matt Nadareski
2a30a13f5f Omit submodule code for modern .NET 2023-10-27 00:58:03 -04:00
Matt Nadareski
3c05a112ca Remove DLLs from modern .NET builds 2023-10-27 00:55:31 -04:00
176 changed files with 3735 additions and 4572 deletions
Expand all files Collapse all files

69
BinaryObjectScanner/BinaryObjectScanner.csproj
View File

@@ -2,29 +2,29 @@
<PropertyGroup>
<!-- Assembly Properties -->
<TargetFrameworks>net48;net6.0;net7.0</TargetFrameworks>
<RuntimeIdentifiers>win-x86;win-x64;linux-x64;osx-x64</RuntimeIdentifiers>
<Version>2.9.0</Version>
<TargetFrameworks>net20;net35;net40;net452;net462;net472;net48;netcoreapp3.1;net5.0;net6.0;net7.0;net8.0</TargetFrameworks>
<RuntimeIdentifiers>win-x86;win-x64;win-arm64;linux-x64;linux-arm64;osx-x64;osx-arm64</RuntimeIdentifiers>
<AllowUnsafeBlocks>true</AllowUnsafeBlocks>
<CheckEolTargetFramework>false</CheckEolTargetFramework>
<LangVersion>latest</LangVersion>
<Nullable>enable</Nullable>
<SuppressTfmSupportBuildWarnings>true</SuppressTfmSupportBuildWarnings>
<!-- <TreatWarningsAsErrors>true</TreatWarningsAsErrors> --> <!-- Can't be enabled because of external code -->
<Version>3.0.2</Version>
<!-- Package Properties -->
<PackageId>BurnOutSharp</PackageId> <!-- Temporary until official renaming -->
<Authors>Matt Nadareski</Authors>
<Description>Protection scanning library</Description>
<Copyright>Copyright (c)2018-2023 Matt Nadareski</Copyright>
<PackageProjectUrl>https://github.com/SabreTools/</PackageProjectUrl>
<RepositoryUrl>https://github.com/mnadareski/BurnOutSharp</RepositoryUrl>
<RepositoryUrl>https://github.com/SabreTools/BinaryObjectScanner</RepositoryUrl>
<RepositoryType>git</RepositoryType>
<PackageTags>protection copy-protection scanning packer</PackageTags>
<PackageLicenseExpression>MIT</PackageLicenseExpression>
</PropertyGroup>
<PropertyGroup Condition="'$(TargetFramework)'!='net48'">
<Nullable>enable</Nullable>
</PropertyGroup>
<!-- These are needed for dealing with submodules -->
<PropertyGroup>
<!-- Exclude certain parts of external modules for .NET Framework 4.5.2 and above -->
<PropertyGroup Condition="$(TargetFramework.StartsWith(`net4`)) AND !$(TargetFramework.StartsWith(`net40`))">
<DefaultItemExcludes>
$(DefaultItemExcludes);
**\AssemblyInfo.cs;
@@ -33,8 +33,16 @@
</DefaultItemExcludes>
</PropertyGroup>
<!-- Exclude all external modules for .NET Framework 2.0, .NET Framework 3.5, .NET Framework 4.0, .NET Core and modern .NET -->
<PropertyGroup Condition="!$(TargetFramework.StartsWith(`net4`)) OR $(TargetFramework.StartsWith(`net40`))">
<DefaultItemExcludes>
$(DefaultItemExcludes);
_EXTERNAL\**;
</DefaultItemExcludes>
</PropertyGroup>
<!-- These are needed for dealing with native Windows DLLs -->
<ItemGroup>
<ItemGroup Condition="$(TargetFramework.StartsWith(`net4`)) AND !$(TargetFramework.StartsWith(`net40`))">
<Content Include="*.dll">
<Pack>true</Pack>
<PackagePath>contentFiles;content</PackagePath>
@@ -47,22 +55,31 @@
</Content>
</ItemGroup>
<ItemGroup>
<PackageReference Include="OpenMcdf" Version="2.3.0" />
<PackageReference Include="SabreTools.Compression" Version="0.1.1" />
<PackageReference Include="SabreTools.IO" Version="1.1.1" />
<PackageReference Include="SabreTools.Matching" Version="1.1.1" />
<PackageReference Include="SabreTools.Models" Version="1.1.5" />
<PackageReference Include="SabreTools.Serialization" Version="1.1.7" />
<PackageReference Include="SharpCompress" Version="0.34.1" />
<PackageReference Include="SharpZipLib" Version="1.4.2" />
<PackageReference Include="System.Text.Encoding.CodePages" Version="7.0.0" />
<PackageReference Include="UnshieldSharp" Version="1.6.9" />
<PackageReference Include="WiseUnpacker" Version="1.0.4" />
<!-- Support for old .NET versions -->
<ItemGroup Condition="$(TargetFramework.StartsWith(`net2`)) OR $(TargetFramework.StartsWith(`net3`)) OR $(TargetFramework.StartsWith(`net40`))">
<PackageReference Include="MinThreadingBridge" Version="0.11.2" />
<PackageReference Include="MinTasksExtensionsBridge" Version="0.3.2" />
</ItemGroup>
<ItemGroup Condition="'$(TargetFramework)'=='net48'">
<ItemGroup Condition="!$(TargetFramework.StartsWith(`net2`)) AND !$(TargetFramework.StartsWith(`net3`))">
<PackageReference Include="OpenMcdf" Version="2.3.0" />
<PackageReference Include="UnshieldSharp" Version="1.7.1" />
</ItemGroup>
<ItemGroup Condition="!$(TargetFramework.StartsWith(`net2`)) AND !$(TargetFramework.StartsWith(`net3`)) AND !$(TargetFramework.StartsWith(`net40`)) AND !$(TargetFramework.StartsWith(`net452`))">
<PackageReference Include="SharpCompress" Version="0.34.2" />
<PackageReference Include="SharpZipLib" Version="1.4.2" />
<PackageReference Include="System.Text.Encoding.CodePages" Version="8.0.0" />
</ItemGroup>
<ItemGroup Condition="$(TargetFramework.StartsWith(`net4`)) AND !$(TargetFramework.StartsWith(`net40`))">
<PackageReference Include="System.Memory" Version="4.5.5" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="SabreTools.Compression" Version="0.3.0" />
<PackageReference Include="SabreTools.IO" Version="1.3.0" />
<PackageReference Include="SabreTools.Matching" Version="1.3.0" />
<PackageReference Include="SabreTools.Models" Version="1.3.0" />
<PackageReference Include="SabreTools.Serialization" Version="1.3.0" />
<PackageReference Include="WiseUnpacker" Version="1.3.0" />
</ItemGroup>
</Project>

88
BinaryObjectScanner/Factory.cs
View File

@@ -8,24 +8,20 @@ namespace BinaryObjectScanner
/// <summary>
/// Create an instance of a detectable based on file type
/// </summary>
#if NET48
public static IDetectable CreateDetectable(SupportedFileType fileType)
#else
public static IDetectable? CreateDetectable(SupportedFileType fileType)
#endif
{
switch (fileType)
{
case SupportedFileType.AACSMediaKeyBlock: return new BinaryObjectScanner.FileType.AACSMediaKeyBlock();
case SupportedFileType.BDPlusSVM: return new BinaryObjectScanner.FileType.BDPlusSVM();
//case SupportedFileType.CIA: return new BinaryObjectScanner.FileType.CIA();
case SupportedFileType.Executable: return new BinaryObjectScanner.FileType.Executable();
case SupportedFileType.LDSCRYPT: return new BinaryObjectScanner.FileType.LDSCRYPT();
//case SupportedFileType.N3DS: return new BinaryObjectScanner.FileType.N3DS();
//case SupportedFileType.Nitro: return new BinaryObjectScanner.FileType.Nitro();
case SupportedFileType.PLJ: return new BinaryObjectScanner.FileType.PLJ();
case SupportedFileType.SFFS: return new BinaryObjectScanner.FileType.SFFS();
case SupportedFileType.Textfile: return new BinaryObjectScanner.FileType.Textfile();
case SupportedFileType.AACSMediaKeyBlock: return new FileType.AACSMediaKeyBlock();
case SupportedFileType.BDPlusSVM: return new FileType.BDPlusSVM();
//case SupportedFileType.CIA: return new FileType.CIA();
case SupportedFileType.Executable: return new FileType.Executable();
case SupportedFileType.LDSCRYPT: return new FileType.LDSCRYPT();
//case SupportedFileType.N3DS: return new FileType.N3DS();
//case SupportedFileType.Nitro: return new FileType.Nitro();
case SupportedFileType.PLJ: return new FileType.PLJ();
case SupportedFileType.SFFS: return new FileType.SFFS();
case SupportedFileType.Textfile: return new FileType.Textfile();
default: return null;
}
}
@@ -33,44 +29,40 @@ namespace BinaryObjectScanner
/// <summary>
/// Create an instance of an extractable based on file type
/// </summary>
#if NET48
public static IExtractable CreateExtractable(SupportedFileType fileType)
#else
public static IExtractable? CreateExtractable(SupportedFileType fileType)
#endif
{
switch (fileType)
{
case SupportedFileType.BFPK: return new BinaryObjectScanner.FileType.BFPK();
case SupportedFileType.BSP: return new BinaryObjectScanner.FileType.BSP();
case SupportedFileType.BZip2: return new BinaryObjectScanner.FileType.BZip2();
case SupportedFileType.CFB: return new BinaryObjectScanner.FileType.CFB();
//case SupportedFileType.CIA: return new BinaryObjectScanner.FileType.CIA();
case SupportedFileType.GCF: return new BinaryObjectScanner.FileType.GCF();
case SupportedFileType.GZIP: return new BinaryObjectScanner.FileType.GZIP();
case SupportedFileType.InstallShieldArchiveV3: return new BinaryObjectScanner.FileType.InstallShieldArchiveV3();
case SupportedFileType.InstallShieldCAB: return new BinaryObjectScanner.FileType.InstallShieldCAB();
case SupportedFileType.MicrosoftCAB: return new BinaryObjectScanner.FileType.MicrosoftCAB();
case SupportedFileType.MicrosoftLZ: return new BinaryObjectScanner.FileType.MicrosoftLZ();
case SupportedFileType.MPQ: return new BinaryObjectScanner.FileType.MPQ();
//case SupportedFileType.N3DS: return new BinaryObjectScanner.FileType.N3DS();
//case SupportedFileType.NCF: return new BinaryObjectScanner.FileType.NCF();
//case SupportedFileType.Nitro: return new BinaryObjectScanner.FileType.Nitro();
case SupportedFileType.PAK: return new BinaryObjectScanner.FileType.PAK();
case SupportedFileType.PFF: return new BinaryObjectScanner.FileType.PFF();
case SupportedFileType.PKZIP: return new BinaryObjectScanner.FileType.PKZIP();
//case SupportedFileType.PLJ: return new BinaryObjectScanner.FileType.PLJ();
//case SupportedFileType.Quantum: return new BinaryObjectScanner.FileType.Quantum();
case SupportedFileType.RAR: return new BinaryObjectScanner.FileType.RAR();
case SupportedFileType.SevenZip: return new BinaryObjectScanner.FileType.SevenZip();
case SupportedFileType.SFFS: return new BinaryObjectScanner.FileType.SFFS();
case SupportedFileType.SGA: return new BinaryObjectScanner.FileType.SGA();
case SupportedFileType.TapeArchive: return new BinaryObjectScanner.FileType.TapeArchive();
case SupportedFileType.VBSP: return new BinaryObjectScanner.FileType.VBSP();
case SupportedFileType.VPK: return new BinaryObjectScanner.FileType.VPK();
case SupportedFileType.WAD: return new BinaryObjectScanner.FileType.WAD();
case SupportedFileType.XZ: return new BinaryObjectScanner.FileType.XZ();
case SupportedFileType.XZP: return new BinaryObjectScanner.FileType.XZP();
case SupportedFileType.BFPK: return new FileType.BFPK();
case SupportedFileType.BSP: return new FileType.BSP();
case SupportedFileType.BZip2: return new FileType.BZip2();
case SupportedFileType.CFB: return new FileType.CFB();
//case SupportedFileType.CIA: return new FileType.CIA();
case SupportedFileType.GCF: return new FileType.GCF();
case SupportedFileType.GZIP: return new FileType.GZIP();
case SupportedFileType.InstallShieldArchiveV3: return new FileType.InstallShieldArchiveV3();
case SupportedFileType.InstallShieldCAB: return new FileType.InstallShieldCAB();
case SupportedFileType.MicrosoftCAB: return new FileType.MicrosoftCAB();
case SupportedFileType.MicrosoftLZ: return new FileType.MicrosoftLZ();
case SupportedFileType.MPQ: return new FileType.MPQ();
//case SupportedFileType.N3DS: return new FileType.N3DS();
//case SupportedFileType.NCF: return new FileType.NCF();
//case SupportedFileType.Nitro: return new FileType.Nitro();
case SupportedFileType.PAK: return new FileType.PAK();
case SupportedFileType.PFF: return new FileType.PFF();
case SupportedFileType.PKZIP: return new FileType.PKZIP();
//case SupportedFileType.PLJ: return new FileType.PLJ();
//case SupportedFileType.Quantum: return new FileType.Quantum();
case SupportedFileType.RAR: return new FileType.RAR();
case SupportedFileType.SevenZip: return new FileType.SevenZip();
case SupportedFileType.SFFS: return new FileType.SFFS();
case SupportedFileType.SGA: return new FileType.SGA();
case SupportedFileType.TapeArchive: return new FileType.TapeArchive();
case SupportedFileType.VBSP: return new FileType.VBSP();
case SupportedFileType.VPK: return new FileType.VPK();
case SupportedFileType.WAD: return new FileType.WAD();
case SupportedFileType.XZ: return new FileType.XZ();
case SupportedFileType.XZP: return new FileType.XZP();
default: return null;
}
}

8
BinaryObjectScanner/FileType/AACSMediaKeyBlock.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.FileType
public class AACSMediaKeyBlock : IDetectable
{
/// <inheritdoc/>
#if NET48
public string Detect(string file, bool includeDebug)
#else
public string? Detect(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -27,11 +23,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Detect(Stream stream, string file, bool includeDebug)
#else
public string? Detect(Stream stream, string file, bool includeDebug)
#endif
{
// If the MKB file itself fails
try

8
BinaryObjectScanner/FileType/BDPlusSVM.cs
View File

@@ -10,11 +10,7 @@ namespace BinaryObjectScanner.FileType
public class BDPlusSVM : IDetectable
{
/// <inheritdoc/>
#if NET48
public string Detect(string file, bool includeDebug)
#else
public string? Detect(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -26,11 +22,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Detect(Stream stream, string file, bool includeDebug)
#else
public string? Detect(Stream stream, string file, bool includeDebug)
#endif
{
// If the BD+ file itself fails
try

43
BinaryObjectScanner/FileType/BFPK.cs
View File

@@ -1,8 +1,10 @@
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Compressors;
using SharpCompress.Compressors.Deflate;
#endif
namespace BinaryObjectScanner.FileType
{
@@ -12,27 +14,17 @@ namespace BinaryObjectScanner.FileType
public class BFPK : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{
@@ -56,7 +48,7 @@ namespace BinaryObjectScanner.FileType
return null;
}
}
/// <summary>
/// Extract all files from the BFPK to an output directory
/// </summary>
@@ -117,25 +109,26 @@ namespace BinaryObjectScanner.FileType
// Create the output path
string filePath = Path.Combine(outputDirectory, file.Name ?? $"file{index}");
using (FileStream fs = File.OpenWrite(filePath))
{
// Read the data block
var data = item.ReadFromDataSource(offset, compressedSize);
if (data == null)
return false;
using FileStream fs = File.OpenWrite(filePath);
// If we have uncompressed data
if (compressedSize == file.UncompressedSize)
{
fs.Write(data, 0, compressedSize);
}
// Read the data block
var data = item.ReadFromDataSource(offset, compressedSize);
if (data == null)
return false;
// If we have uncompressed data
if (compressedSize == file.UncompressedSize)
{
fs.Write(data, 0, compressedSize);
}
#if NET462_OR_GREATER || NETCOREAPP
else
{
MemoryStream ms = new MemoryStream(data);
ZlibStream zs = new ZlibStream(ms, CompressionMode.Decompress);
zs.CopyTo(fs);
}
}
#endif
return true;
}

16
BinaryObjectScanner/FileType/BSP.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.FileType
public class BSP : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -27,11 +23,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{
@@ -117,7 +109,7 @@ namespace BinaryObjectScanner.FileType
}
// If we have an invalid output directory
if (string.IsNullOrWhiteSpace(outputDirectory))
if (string.IsNullOrEmpty(outputDirectory))
return false;
// Create the full output path
@@ -196,7 +188,7 @@ namespace BinaryObjectScanner.FileType
string filename = $"{texture.Name}.bmp";
// If we have an invalid output directory
if (string.IsNullOrWhiteSpace(outputDirectory))
if (string.IsNullOrEmpty(outputDirectory))
return false;
// Create the full output path
@@ -229,11 +221,7 @@ namespace BinaryObjectScanner.FileType
/// </summary>
/// <param name="texture">Texture object to format</param>
/// <returns>Byte array representing the texture as a bitmap</returns>
#if NET48
private static byte[] CreateTextureData(SabreTools.Models.BSP.Texture texture)
#else
private static byte[]? CreateTextureData(SabreTools.Models.BSP.Texture texture)
#endif
{
// If there's no palette data
if (texture.PaletteData == null || texture.PaletteData.Length == 0)

20
BinaryObjectScanner/FileType/BZip2.cs
View File

@@ -1,8 +1,10 @@
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Compressors;
using SharpCompress.Compressors.BZip2;
#endif
namespace BinaryObjectScanner.FileType
{
@@ -12,31 +14,22 @@ namespace BinaryObjectScanner.FileType
public class BZip2 : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
if (stream == null)
return null;
#if NET462_OR_GREATER || NETCOREAPP
try
{
// Create a temp output directory
@@ -59,6 +52,9 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
return null;
}
#else
return null;
#endif
}
}
}

25
BinaryObjectScanner/FileType/CFB.cs
View File

@@ -2,7 +2,9 @@
using System.IO;
using System.Text;
using BinaryObjectScanner.Interfaces;
#if NET40_OR_GREATER || NETCOREAPP
using OpenMcdf;
#endif
namespace BinaryObjectScanner.FileType
{
@@ -12,28 +14,22 @@ namespace BinaryObjectScanner.FileType
public class CFB : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
#if NET20 || NET35
// Not supported for .NET Framework 2.0 or .NET Framework 3.5 due to library support
return null;
#else
try
{
// Create a temp output directory
@@ -92,14 +88,11 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
return null;
}
#endif
}
/// <remarks>Adapted from LibMSI</remarks>
#if NET48
public static string DecodeStreamName(string input)
#else
public static string? DecodeStreamName(string input)
#endif
{
if (input == null)
return null;

271
BinaryObjectScanner/FileType/Executable.cs
View File

@@ -1,5 +1,7 @@
using System;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using System.IO;
using System.Linq;
@@ -40,9 +42,7 @@ namespace BinaryObjectScanner.FileType
{
get
{
if (contentCheckClasses == null)
contentCheckClasses = InitCheckClasses<IContentCheck>();
contentCheckClasses ??= InitCheckClasses<IContentCheck>();
return contentCheckClasses ?? Enumerable.Empty<IContentCheck>();
}
}
@@ -54,9 +54,7 @@ namespace BinaryObjectScanner.FileType
{
get
{
if (linearExecutableCheckClasses == null)
linearExecutableCheckClasses = InitCheckClasses<ILinearExecutableCheck>();
linearExecutableCheckClasses ??= InitCheckClasses<ILinearExecutableCheck>();
return linearExecutableCheckClasses ?? Enumerable.Empty<ILinearExecutableCheck>();
}
}
@@ -68,9 +66,7 @@ namespace BinaryObjectScanner.FileType
{
get
{
if (msdosExecutableCheckClasses == null)
msdosExecutableCheckClasses = InitCheckClasses<IMSDOSExecutableCheck>();
msdosExecutableCheckClasses ??= InitCheckClasses<IMSDOSExecutableCheck>();
return msdosExecutableCheckClasses ?? Enumerable.Empty<IMSDOSExecutableCheck>();
}
}
@@ -82,9 +78,7 @@ namespace BinaryObjectScanner.FileType
{
get
{
if (newExecutableCheckClasses == null)
newExecutableCheckClasses = InitCheckClasses<INewExecutableCheck>();
newExecutableCheckClasses ??= InitCheckClasses<INewExecutableCheck>();
return newExecutableCheckClasses ?? Enumerable.Empty<INewExecutableCheck>();
}
}
@@ -96,9 +90,7 @@ namespace BinaryObjectScanner.FileType
{
get
{
if (portableExecutableCheckClasses == null)
portableExecutableCheckClasses = InitCheckClasses<IPortableExecutableCheck>();
portableExecutableCheckClasses ??= InitCheckClasses<IPortableExecutableCheck>();
return portableExecutableCheckClasses ?? Enumerable.Empty<IPortableExecutableCheck>();
}
}
@@ -110,72 +102,42 @@ namespace BinaryObjectScanner.FileType
/// <summary>
/// Cache for all IContentCheck types
/// </summary>
#if NET48
private static IEnumerable<IContentCheck> contentCheckClasses;
#else
private static IEnumerable<IContentCheck>? contentCheckClasses;
#endif
/// <summary>
/// Cache for all ILinearExecutableCheck types
/// </summary>
#if NET48
private static IEnumerable<ILinearExecutableCheck> linearExecutableCheckClasses;
#else
private static IEnumerable<ILinearExecutableCheck>? linearExecutableCheckClasses;
#endif
/// <summary>
/// Cache for all IMSDOSExecutableCheck types
/// </summary>
#if NET48
private static IEnumerable<IMSDOSExecutableCheck> msdosExecutableCheckClasses;
#else
private static IEnumerable<IMSDOSExecutableCheck>? msdosExecutableCheckClasses;
#endif
/// <summary>
/// Cache for all INewExecutableCheck types
/// </summary>
#if NET48
private static IEnumerable<INewExecutableCheck> newExecutableCheckClasses;
#else
private static IEnumerable<INewExecutableCheck>? newExecutableCheckClasses;
#endif
/// <summary>
/// Cache for all IPortableExecutableCheck types
/// </summary>
#if NET48
private static IEnumerable<IPortableExecutableCheck> portableExecutableCheckClasses;
#else
private static IEnumerable<IPortableExecutableCheck>? portableExecutableCheckClasses;
#endif
#endregion
/// <inheritdoc/>
#if NET48
public string Detect(string file, bool includeDebug)
#else
public string? Detect(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Detect(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Detect(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Detect(Stream stream, string file, bool includeDebug)
#else
public string? Detect(Stream stream, string file, bool includeDebug)
#endif
{
// Try to create a wrapper for the proper executable type
var wrapper = WrapperFactory.CreateExecutableWrapper(stream);
@@ -183,7 +145,11 @@ namespace BinaryObjectScanner.FileType
return null;
// Create the internal queue
#if NET20 || NET35
var protections = new Queue<string>();
#else
var protections = new ConcurrentQueue<string>();
#endif
// Only use generic content checks if we're in debug mode
if (includeDebug)
@@ -218,7 +184,7 @@ namespace BinaryObjectScanner.FileType
protections.AddRange(subProtections.Values.ToArray());
}
return string.Join(";", protections);
return string.Join(";", [.. protections]);
}
#region Check Runners
@@ -230,28 +196,30 @@ namespace BinaryObjectScanner.FileType
/// <param name="stream">Stream to scan the contents of</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>Set of protections in file, null on error</returns>
#if NET48
public ConcurrentDictionary<IContentCheck, string> RunContentChecks(string file, Stream stream, bool includeDebug)
#if NET20 || NET35
public Dictionary<IContentCheck, string>? RunContentChecks(string? file, Stream stream, bool includeDebug)
#else
public ConcurrentDictionary<IContentCheck, string>? RunContentChecks(string? file, Stream stream, bool includeDebug)
#endif
{
// If we have an invalid file
if (string.IsNullOrWhiteSpace(file))
if (string.IsNullOrEmpty(file))
return null;
else if (!File.Exists(file))
return null;
// Read the file contents
byte[] fileContent = new byte[0];
byte[] fileContent = [];
try
{
using (BinaryReader br = new BinaryReader(stream, Encoding.Default, true))
{
fileContent = br.ReadBytes((int)stream.Length);
if (fileContent == null)
return null;
}
#if NET20 || NET35 || NET40
using var br = new BinaryReader(stream, Encoding.Default);
#else
using var br = new BinaryReader(stream, Encoding.Default, true);
#endif
fileContent = br.ReadBytes((int)stream.Length);
if (fileContent == null)
return null;
}
catch (Exception ex)
{
@@ -260,26 +228,51 @@ namespace BinaryObjectScanner.FileType
}
// Create the output dictionary
#if NET20 || NET35
var protections = new Dictionary<IContentCheck, string>();
#else
var protections = new ConcurrentDictionary<IContentCheck, string>();
#endif
// Iterate through all checks
#if NET20 || NET35
foreach (var checkClass in ContentCheckClasses)
#else
Parallel.ForEach(ContentCheckClasses, checkClass =>
#endif
{
// Get the protection for the class, if possible
var protection = checkClass.CheckContents(file, fileContent, includeDebug);
if (string.IsNullOrWhiteSpace(protection))
var protection = checkClass.CheckContents(file!, fileContent, includeDebug);
if (string.IsNullOrEmpty(protection))
#if NET20 || NET35
continue;
#else
return;
#endif
// If we are filtering on game engines
if (CheckIfGameEngine(checkClass) && !IncludeGameEngines)
#if NET20 || NET35
continue;
#else
return;
#endif
// If we are filtering on packers
if (CheckIfPacker(checkClass) && !IncludePackers)
#if NET20 || NET35
continue;
#else
return;
#endif
protections.TryAdd(checkClass, protection);
#if NET20 || NET35
protections[checkClass] = protection!;
}
#else
protections.TryAdd(checkClass, protection!);
});
#endif
return protections;
}
@@ -291,29 +284,58 @@ namespace BinaryObjectScanner.FileType
/// <param name="lex">Executable to scan</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>Set of protections in file, null on error</returns>
#if NET20 || NET35
public Dictionary<ILinearExecutableCheck, string> RunLinearExecutableChecks(string file, Stream stream, LinearExecutable lex, bool includeDebug)
#else
public ConcurrentDictionary<ILinearExecutableCheck, string> RunLinearExecutableChecks(string file, Stream stream, LinearExecutable lex, bool includeDebug)
#endif
{
// Create the output dictionary
#if NET20 || NET35
var protections = new Dictionary<ILinearExecutableCheck, string>();
#else
var protections = new ConcurrentDictionary<ILinearExecutableCheck, string>();
#endif
// Iterate through all checks
#if NET20 || NET35
foreach (var checkClass in LinearExecutableCheckClasses)
#else
Parallel.ForEach(LinearExecutableCheckClasses, checkClass =>
#endif
{
// Get the protection for the class, if possible
var protection = checkClass.CheckLinearExecutable(file, lex, includeDebug);
if (string.IsNullOrWhiteSpace(protection))
if (string.IsNullOrEmpty(protection))
#if NET20 || NET35
continue;
#else
return;
#endif
// If we are filtering on game engines
if (CheckIfGameEngine(checkClass) && !IncludeGameEngines)
#if NET20 || NET35
continue;
#else
return;
#endif
// If we are filtering on packers
if (CheckIfPacker(checkClass) && !IncludePackers)
#if NET20 || NET35
continue;
#else
return;
#endif
protections.TryAdd(checkClass, protection);
#if NET20 || NET35
protections[checkClass] = protection!;
}
#else
protections.TryAdd(checkClass, protection!);
});
#endif
return protections;
}
@@ -325,29 +347,58 @@ namespace BinaryObjectScanner.FileType
/// <param name="mz">Executable to scan</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>Set of protections in file, null on error</returns>
#if NET20 || NET35
public Dictionary<IMSDOSExecutableCheck, string> RunMSDOSExecutableChecks(string file, Stream stream, MSDOS mz, bool includeDebug)
#else
public ConcurrentDictionary<IMSDOSExecutableCheck, string> RunMSDOSExecutableChecks(string file, Stream stream, MSDOS mz, bool includeDebug)
#endif
{
// Create the output dictionary
#if NET20 || NET35
var protections = new Dictionary<IMSDOSExecutableCheck, string>();
#else
var protections = new ConcurrentDictionary<IMSDOSExecutableCheck, string>();
#endif
// Iterate through all checks
#if NET20 || NET35
foreach (var checkClass in MSDOSExecutableCheckClasses)
#else
Parallel.ForEach(MSDOSExecutableCheckClasses, checkClass =>
#endif
{
// Get the protection for the class, if possible
var protection = checkClass.CheckMSDOSExecutable(file, mz, includeDebug);
if (string.IsNullOrWhiteSpace(protection))
if (string.IsNullOrEmpty(protection))
#if NET20 || NET35
continue;
#else
return;
#endif
// If we are filtering on game engines
if (CheckIfGameEngine(checkClass) && !IncludeGameEngines)
#if NET20 || NET35
continue;
#else
return;
#endif
// If we are filtering on packers
if (CheckIfPacker(checkClass) && !IncludePackers)
#if NET20 || NET35
continue;
#else
return;
#endif
protections.TryAdd(checkClass, protection);
#if NET20 || NET35
protections[checkClass] = protection!;
}
#else
protections.TryAdd(checkClass, protection!);
});
#endif
return protections;
}
@@ -359,29 +410,58 @@ namespace BinaryObjectScanner.FileType
/// <param name="nex">Executable to scan</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>Set of protections in file, null on error</returns>
#if NET20 || NET35
public Dictionary<INewExecutableCheck, string> RunNewExecutableChecks(string file, Stream stream, NewExecutable nex, bool includeDebug)
#else
public ConcurrentDictionary<INewExecutableCheck, string> RunNewExecutableChecks(string file, Stream stream, NewExecutable nex, bool includeDebug)
#endif
{
// Create the output dictionary
#if NET20 || NET35
var protections = new Dictionary<INewExecutableCheck, string>();
#else
var protections = new ConcurrentDictionary<INewExecutableCheck, string>();
#endif
// Iterate through all checks
#if NET20 || NET35
foreach (var checkClass in NewExecutableCheckClasses)
#else
Parallel.ForEach(NewExecutableCheckClasses, checkClass =>
#endif
{
// Get the protection for the class, if possible
var protection = checkClass.CheckNewExecutable(file, nex, includeDebug);
if (string.IsNullOrWhiteSpace(protection))
if (string.IsNullOrEmpty(protection))
#if NET20 || NET35
continue;
#else
return;
#endif
// If we are filtering on game engines
if (CheckIfGameEngine(checkClass) && !IncludeGameEngines)
#if NET20 || NET35
continue;
#else
return;
#endif
// If we are filtering on packers
if (CheckIfPacker(checkClass) && !IncludePackers)
#if NET20 || NET35
continue;
#else
return;
#endif
protections.TryAdd(checkClass, protection);
#if NET20 || NET35
protections[checkClass] = protection!;
}
#else
protections.TryAdd(checkClass, protection!);
});
#endif
return protections;
}
@@ -393,69 +473,84 @@ namespace BinaryObjectScanner.FileType
/// <param name="pex">Executable to scan</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>Set of protections in file, null on error</returns>
#if NET20 || NET35
public Dictionary<IPortableExecutableCheck, string> RunPortableExecutableChecks(string file, Stream stream, PortableExecutable pex, bool includeDebug)
#else
public ConcurrentDictionary<IPortableExecutableCheck, string> RunPortableExecutableChecks(string file, Stream stream, PortableExecutable pex, bool includeDebug)
#endif
{
// Create the output dictionary
#if NET20 || NET35
var protections = new Dictionary<IPortableExecutableCheck, string>();
#else
var protections = new ConcurrentDictionary<IPortableExecutableCheck, string>();
#endif
// Iterate through all checks
#if NET20 || NET35
foreach (var checkClass in PortableExecutableCheckClasses)
#else
Parallel.ForEach(PortableExecutableCheckClasses, checkClass =>
#endif
{
// Get the protection for the class, if possible
var protection = checkClass.CheckPortableExecutable(file, pex, includeDebug);
if (string.IsNullOrWhiteSpace(protection))
if (string.IsNullOrEmpty(protection))
#if NET20 || NET35
continue;
#else
return;
#endif
// If we are filtering on game engines
if (CheckIfGameEngine(checkClass) && !IncludeGameEngines)
#if NET20 || NET35
continue;
#else
return;
#endif
// If we are filtering on packers
if (CheckIfPacker(checkClass) && !IncludePackers)
#if NET20 || NET35
continue;
#else
return;
#endif
protections.TryAdd(checkClass, protection);
#if NET20 || NET35
protections[checkClass] = protection!;
}
#else
protections.TryAdd(checkClass, protection!);
});
#endif
return protections;
}
#endregion
#endregion
#region Initializers
/// <summary>
/// Initialize all implementations of a type
/// </summary>
#if NET48
private static IEnumerable<T> InitCheckClasses<T>()
#else
private static IEnumerable<T>? InitCheckClasses<T>()
#endif
=> InitCheckClasses<T>(typeof(GameEngine._DUMMY).Assembly) ?? Enumerable.Empty<T>()
.Concat(InitCheckClasses<T>(typeof(Packer._DUMMY).Assembly) ?? Enumerable.Empty<T>())
.Concat(InitCheckClasses<T>(typeof(Protection._DUMMY).Assembly) ?? Enumerable.Empty<T>());
private static IEnumerable<T>? InitCheckClasses<T>() =>
InitCheckClasses<T>(typeof(Handler).Assembly) ?? Enumerable.Empty<T>();
/// <summary>
/// Initialize all implementations of a type
/// </summary>
#if NET48
private static IEnumerable<T> InitCheckClasses<T>(Assembly assembly)
#else
private static IEnumerable<T>? InitCheckClasses<T>(Assembly assembly)
#endif
{
return assembly.GetTypes()?
.Where(t => t.IsClass && t.GetInterface(typeof(T).Name) != null)?
#if NET48
.Select(t => (T)Activator.CreateInstance(t))
#else
.Select(t => (T?)Activator.CreateInstance(t))
#endif
.Cast<T>() ?? Array.Empty<T>();
.Cast<T>() ?? [];
}
#endregion
#endregion
#region Helpers

10
BinaryObjectScanner/FileType/GCF.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.FileType
public class GCF : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -27,11 +23,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{
@@ -124,7 +116,7 @@ namespace BinaryObjectScanner.FileType
var filename = file.Path;
// If we have an invalid output directory
if (string.IsNullOrWhiteSpace(outputDirectory))
if (string.IsNullOrEmpty(outputDirectory))
return false;
// Create the full output path

20
BinaryObjectScanner/FileType/GZIP.cs
View File

@@ -1,8 +1,10 @@
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Archives;
using SharpCompress.Archives.GZip;
#endif
namespace BinaryObjectScanner.FileType
{
@@ -12,31 +14,22 @@ namespace BinaryObjectScanner.FileType
public class GZIP : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
if (stream == null)
return null;
#if NET462_OR_GREATER || NETCOREAPP
try
{
// Create a temp output directory
@@ -70,6 +63,9 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
return null;
}
#else
return null;
#endif
}
}
}

27
BinaryObjectScanner/FileType/InstallShieldArchiveV3.cs
View File

@@ -2,7 +2,9 @@
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
#if NET40_OR_GREATER || NETCOREAPP
using UnshieldSharp.Archive;
#endif
namespace BinaryObjectScanner.FileType
{
@@ -12,28 +14,22 @@ namespace BinaryObjectScanner.FileType
public class InstallShieldArchiveV3 : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
#if NET20 || NET35
// Not supported for .NET Framework 2.0 or .NET Framework 3.5 due to library support
return null;
#else
try
{
// Create a temp output directory
@@ -45,13 +41,13 @@ namespace BinaryObjectScanner.FileType
{
try
{
string tempFile = Path.Combine(tempPath, cfile.FullPath);
string tempFile = Path.Combine(tempPath, cfile.FullPath!);
var directoryName = Path.GetDirectoryName(tempFile);
if (directoryName != null && !Directory.Exists(directoryName))
Directory.CreateDirectory(directoryName);
(byte[] fileContents, string error) = archive.Extract(cfile.FullPath);
if (!string.IsNullOrWhiteSpace(error))
(byte[]? fileContents, string? error) = archive.Extract(cfile.FullPath!);
if (fileContents == null || !string.IsNullOrEmpty(error))
continue;
using (FileStream fs = File.OpenWrite(tempFile))
@@ -72,6 +68,7 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
return null;
}
#endif
}
}
}

30
BinaryObjectScanner/FileType/InstallShieldCAB.cs
View File

@@ -2,7 +2,9 @@
using System.IO;
using System.Text.RegularExpressions;
using BinaryObjectScanner.Interfaces;
#if NET40_OR_GREATER || NETCOREAPP
using UnshieldSharp.Cabinet;
#endif
namespace BinaryObjectScanner.FileType
{
@@ -12,28 +14,22 @@ namespace BinaryObjectScanner.FileType
public class InstallShieldCAB : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
#if NET20 || NET35
// Not supported for .NET Framework 2.0 or .NET Framework 3.5 due to library support
return null;
#else
// Get the name of the first cabinet file or header
var directory = Path.GetDirectoryName(file);
string noExtension = Path.GetFileNameWithoutExtension(file);
@@ -68,7 +64,10 @@ namespace BinaryObjectScanner.FileType
string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString());
Directory.CreateDirectory(tempPath);
InstallShieldCabinet cabfile = InstallShieldCabinet.Open(file);
var cabfile = InstallShieldCabinet.Open(file);
if (cabfile == null)
return null;
for (int i = 0; i < cabfile.FileCount; i++)
{
try
@@ -80,8 +79,8 @@ namespace BinaryObjectScanner.FileType
string tempFile;
try
{
string filename = cabfile.FileName(i);
tempFile = Path.Combine(tempPath, filename);
string? filename = cabfile.FileName(i);
tempFile = Path.Combine(tempPath, filename ?? string.Empty);
}
catch
{
@@ -103,6 +102,7 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
return null;
}
#endif
}
}
}

8
BinaryObjectScanner/FileType/LDSCRYPT.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.FileType
public class LDSCRYPT : IDetectable
{
/// <inheritdoc/>
#if NET48
public string Detect(string file, bool includeDebug)
#else
public string? Detect(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -27,11 +23,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Detect(Stream stream, string file, bool includeDebug)
#else
public string? Detect(Stream stream, string file, bool includeDebug)
#endif
{
try
{

26
BinaryObjectScanner/FileType/MPQ.cs
View File

@@ -1,7 +1,7 @@
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
#if NET48
#if NETFRAMEWORK && !NET20 && !NET35 && !NET40
using StormLibSharp;
#endif
@@ -13,31 +13,21 @@ namespace BinaryObjectScanner.FileType
public class MPQ : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
// TODO: Add stream opening support
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
#if NET6_0_OR_GREATER
// Not supported for .NET 6.0 due to Windows DLL requirements
#if NET20 || NET35 || NET40 || NETCOREAPP || NET5_0_OR_GREATER
// Not supported for .NET Core and modern .NET due to Windows DLL requirements
return null;
#else
try
@@ -46,10 +36,10 @@ namespace BinaryObjectScanner.FileType
string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString());
Directory.CreateDirectory(tempPath);
using (MpqArchive mpqArchive = new MpqArchive(file, FileAccess.Read))
using (var mpqArchive = new MpqArchive(file, FileAccess.Read))
{
// Try to open the listfile
string listfile = null;
string? listfile = null;
MpqFileStream listStream = mpqArchive.OpenFile("(listfile)");
// If we can't read the listfile, we just return
@@ -57,7 +47,7 @@ namespace BinaryObjectScanner.FileType
return null;
// Read the listfile in for processing
using (StreamReader sr = new StreamReader(listStream))
using (var sr = new StreamReader(listStream))
{
listfile = sr.ReadToEnd();
}

8
BinaryObjectScanner/FileType/MicrosoftCAB.cs
View File

@@ -13,11 +13,7 @@ namespace BinaryObjectScanner.FileType
public class MicrosoftCAB : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -29,11 +25,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

8
BinaryObjectScanner/FileType/MicrosoftLZ.cs
View File

@@ -12,11 +12,7 @@ namespace BinaryObjectScanner.FileType
public class MicrosoftLZ : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -28,11 +24,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{

10
BinaryObjectScanner/FileType/PAK.cs
View File

@@ -10,11 +10,7 @@ namespace BinaryObjectScanner.FileType
public class PAK : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -26,11 +22,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{
@@ -106,7 +98,7 @@ namespace BinaryObjectScanner.FileType
var filename = directoryItem.ItemName;
// If we have an invalid output directory
if (string.IsNullOrWhiteSpace(outputDirectory))
if (string.IsNullOrEmpty(outputDirectory))
return false;
// Create the full output path

8
BinaryObjectScanner/FileType/PFF.cs
View File

@@ -10,11 +10,7 @@ namespace BinaryObjectScanner.FileType
public class PFF : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -26,11 +22,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{

20
BinaryObjectScanner/FileType/PKZIP.cs
View File

@@ -1,8 +1,10 @@
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Archives;
using SharpCompress.Archives.Zip;
#endif
namespace BinaryObjectScanner.FileType
{
@@ -12,31 +14,22 @@ namespace BinaryObjectScanner.FileType
public class PKZIP : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
if (stream == null)
return null;
#if NET462_OR_GREATER || NETCOREAPP
try
{
// Create a temp output directory
@@ -73,6 +66,9 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
return null;
}
#else
return null;
#endif
}
}
}

8
BinaryObjectScanner/FileType/PLJ.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.FileType
public class PLJ : IDetectable
{
/// <inheritdoc/>
#if NET48
public string Detect(string file, bool includeDebug)
#else
public string? Detect(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -27,11 +23,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Detect(Stream stream, string file, bool includeDebug)
#else
public string? Detect(Stream stream, string file, bool includeDebug)
#endif
{
try
{

10
BinaryObjectScanner/FileType/Quantum.cs
View File

@@ -10,11 +10,7 @@ namespace BinaryObjectScanner.FileType
public class Quantum : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -26,11 +22,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{
@@ -137,7 +129,7 @@ namespace BinaryObjectScanner.FileType
// string filename = fileDescriptor.FileName;
// // If we have an invalid output directory
// if (string.IsNullOrWhiteSpace(outputDirectory))
// if (string.IsNullOrEmpty(outputDirectory))
// return false;
// // Create the full output path

20
BinaryObjectScanner/FileType/RAR.cs
View File

@@ -1,8 +1,10 @@
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Archives;
using SharpCompress.Archives.Rar;
#endif
namespace BinaryObjectScanner.FileType
{
@@ -12,31 +14,22 @@ namespace BinaryObjectScanner.FileType
public class RAR : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
if (stream == null)
return null;
#if NET462_OR_GREATER || NETCOREAPP
try
{
// Create a temp output directory
@@ -70,6 +63,9 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
return null;
}
#else
return null;
#endif
}
}
}

16
BinaryObjectScanner/FileType/SFFS.cs
View File

@@ -12,11 +12,7 @@ namespace BinaryObjectScanner.FileType
public class SFFS : IExtractable, IDetectable
{
/// <inheritdoc/>
#if NET48
public string Detect(string file, bool includeDebug)
#else
public string? Detect(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -28,11 +24,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Detect(Stream stream, string file, bool includeDebug)
#else
public string? Detect(Stream stream, string file, bool includeDebug)
#endif
{
try
{
@@ -51,11 +43,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -67,11 +55,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

52
BinaryObjectScanner/FileType/SGA.cs
View File

@@ -3,7 +3,9 @@ using System.Collections.Generic;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using ICSharpCode.SharpZipLib.Zip.Compression;
#endif
namespace BinaryObjectScanner.FileType
{
@@ -13,27 +15,17 @@ namespace BinaryObjectScanner.FileType
public class SGA : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{
@@ -118,11 +110,7 @@ namespace BinaryObjectScanner.FileType
return false;
// Get the files
#if NET48
object file;
#else
object? file;
#endif
switch (item.Model.Header?.MajorVersion)
{
case 4: file = (item.Model.Directory as SabreTools.Models.SGA.Directory4)?.Files?[index]; break;
@@ -147,27 +135,16 @@ namespace BinaryObjectScanner.FileType
}
// Loop through and get all parent directories
#if NET48
var parentNames = new List<string> { filename };
#else
var parentNames = new List<string?> { filename };
#endif
// Get the parent directory
var folder = default(object);
switch (item.Model.Header?.MajorVersion)
{
#if NET48
case 4: folder = (item.Model.Directory as SabreTools.Models.SGA.Directory4)?.Folders?.FirstOrDefault(f => index >= f.FileStartIndex && index <= f.FileEndIndex); break;
case 5: folder = (item.Model.Directory as SabreTools.Models.SGA.Directory5)?.Folders?.FirstOrDefault(f => index >= f.FileStartIndex && index <= f.FileEndIndex); break;
case 6: folder = (item.Model.Directory as SabreTools.Models.SGA.Directory6)?.Folders?.FirstOrDefault(f => index >= f.FileStartIndex && index <= f.FileEndIndex); break;
case 7: folder = (item.Model.Directory as SabreTools.Models.SGA.Directory7)?.Folders?.FirstOrDefault(f => index >= f.FileStartIndex && index <= f.FileEndIndex); break;
#else
case 4: folder = (item.Model.Directory as SabreTools.Models.SGA.Directory4)?.Folders?.FirstOrDefault(f => f != null && index >= f.FileStartIndex && index <= f.FileEndIndex); break;
case 5: folder = (item.Model.Directory as SabreTools.Models.SGA.Directory5)?.Folders?.FirstOrDefault(f => f != null && index >= f.FileStartIndex && index <= f.FileEndIndex); break;
case 6: folder = (item.Model.Directory as SabreTools.Models.SGA.Directory6)?.Folders?.FirstOrDefault(f => f != null && index >= f.FileStartIndex && index <= f.FileEndIndex); break;
case 7: folder = (item.Model.Directory as SabreTools.Models.SGA.Directory7)?.Folders?.FirstOrDefault(f => f != null && index >= f.FileStartIndex && index <= f.FileEndIndex); break;
#endif
default: return false;
}
@@ -188,7 +165,16 @@ namespace BinaryObjectScanner.FileType
// Reverse and assemble the filename
parentNames.Reverse();
#if NET20 || NET35
var parentNamesArray = parentNames.Cast<string>().ToArray();
filename = parentNamesArray[0];
for (int i = 1; i < parentNamesArray.Length; i++)
{
filename = Path.Combine(filename, parentNamesArray[i]);
}
#else
filename = Path.Combine(parentNames.Cast<string>().ToArray());
#endif
// Get the file offset
long fileOffset;
@@ -245,14 +231,18 @@ namespace BinaryObjectScanner.FileType
else
{
// Decompress the data
#if NET462_OR_GREATER || NETCOREAPP
data = new byte[outputFileSize];
Inflater inflater = new Inflater();
inflater.SetInput(compressedData);
inflater.Inflate(data);
#else
data = new byte[outputFileSize];
#endif
}
// If we have an invalid output directory
if (string.IsNullOrWhiteSpace(outputDirectory))
if (string.IsNullOrEmpty(outputDirectory))
return false;
// Create the full output path
@@ -267,10 +257,8 @@ namespace BinaryObjectScanner.FileType
try
{
// Open the output file for writing
using (Stream fs = File.OpenWrite(filename))
{
fs.Write(data, 0, data.Length);
}
using Stream fs = File.OpenWrite(filename);
fs.Write(data, 0, data.Length);
}
catch
{

20
BinaryObjectScanner/FileType/SevenZip.cs
View File

@@ -1,8 +1,10 @@
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Archives;
using SharpCompress.Archives.SevenZip;
#endif
namespace BinaryObjectScanner.FileType
{
@@ -12,28 +14,19 @@ namespace BinaryObjectScanner.FileType
public class SevenZip : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
#if NET462_OR_GREATER || NETCOREAPP
try
{
// Create a temp output directory
@@ -67,6 +60,9 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
return null;
}
#else
return null;
#endif
}
}
}

20
BinaryObjectScanner/FileType/TapeArchive.cs
View File

@@ -1,8 +1,10 @@
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Archives;
using SharpCompress.Archives.Tar;
#endif
namespace BinaryObjectScanner.FileType
{
@@ -12,31 +14,22 @@ namespace BinaryObjectScanner.FileType
public class TapeArchive : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
if (stream == null)
return null;
#if NET462_OR_GREATER || NETCOREAPP
try
{
// Create a temp output directory
@@ -70,6 +63,9 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
return null;
}
#else
return null;
#endif
}
}
}

20
BinaryObjectScanner/FileType/Textfile.cs
View File

@@ -12,27 +12,17 @@ namespace BinaryObjectScanner.FileType
public class Textfile : IDetectable
{
/// <inheritdoc/>
#if NET48
public string Detect(string file, bool includeDebug)
#else
public string? Detect(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Detect(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Detect(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Detect(Stream stream, string file, bool includeDebug)
#else
public string? Detect(Stream stream, string file, bool includeDebug)
#endif
{
// Files can be protected in multiple ways
var protections = new List<string>();
@@ -41,7 +31,11 @@ namespace BinaryObjectScanner.FileType
{
// Load the current file content
var fileContent = string.Empty;
#if NET20 || NET35 || NET40
using (var sr = new StreamReader(stream, Encoding.Default, true, 1024 * 1024))
#else
using (var sr = new StreamReader(stream, Encoding.Default, true, 1024 * 1024, true))
#endif
{
fileContent = sr.ReadToEnd();
}
@@ -127,7 +121,7 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
}
return string.Join(";", protections);
return string.Join(";", [.. protections]);
}
}
}

10
BinaryObjectScanner/FileType/VBSP.cs
View File

@@ -10,11 +10,7 @@ namespace BinaryObjectScanner.FileType
public class VBSP : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -26,11 +22,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{
@@ -115,7 +107,7 @@ namespace BinaryObjectScanner.FileType
}
// If we have an invalid output directory
if (string.IsNullOrWhiteSpace(outputDirectory))
if (string.IsNullOrEmpty(outputDirectory))
return false;
// Create the full output path

14
BinaryObjectScanner/FileType/VPK.cs
View File

@@ -12,11 +12,7 @@ namespace BinaryObjectScanner.FileType
public class VPK : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -28,11 +24,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{
@@ -120,7 +112,7 @@ namespace BinaryObjectScanner.FileType
// Get the archive filename
string archiveFileName = item.ArchiveFilenames[directoryItem.DirectoryEntry.ArchiveIndex];
if (string.IsNullOrWhiteSpace(archiveFileName))
if (string.IsNullOrEmpty(archiveFileName))
return false;
// If the archive doesn't exist
@@ -160,11 +152,11 @@ namespace BinaryObjectScanner.FileType
// Create the filename
string filename = $"{directoryItem.Name}.{directoryItem.Extension}";
if (!string.IsNullOrWhiteSpace(directoryItem.Path))
if (!string.IsNullOrEmpty(directoryItem.Path))
filename = Path.Combine(directoryItem.Path, filename);
// If we have an invalid output directory
if (string.IsNullOrWhiteSpace(outputDirectory))
if (string.IsNullOrEmpty(outputDirectory))
return false;
// Create the full output path

10
BinaryObjectScanner/FileType/WAD.cs
View File

@@ -10,11 +10,7 @@ namespace BinaryObjectScanner.FileType
public class WAD : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -26,11 +22,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{
@@ -106,7 +98,7 @@ namespace BinaryObjectScanner.FileType
string filename = $"{lump.Name}.lmp";
// If we have an invalid output directory
if (string.IsNullOrWhiteSpace(outputDirectory))
if (string.IsNullOrEmpty(outputDirectory))
return false;
// Create the full output path

20
BinaryObjectScanner/FileType/XZ.cs
View File

@@ -1,7 +1,9 @@
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Compressors.Xz;
#endif
namespace BinaryObjectScanner.FileType
{
@@ -11,28 +13,19 @@ namespace BinaryObjectScanner.FileType
public class XZ : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
#if NET462_OR_GREATER || NETCOREAPP
try
{
// Create a temp output directory
@@ -55,6 +48,9 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
return null;
}
#else
return null;
#endif
}
}
}

10
BinaryObjectScanner/FileType/XZP.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.FileType
public class XZP : IExtractable
{
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -27,11 +23,7 @@ namespace BinaryObjectScanner.FileType
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{
@@ -116,7 +108,7 @@ namespace BinaryObjectScanner.FileType
var filename = directoryItem.Name;
// If we have an invalid output directory
if (string.IsNullOrWhiteSpace(outputDirectory))
if (string.IsNullOrEmpty(outputDirectory))
return false;
// Create the full output path

4
BinaryObjectScanner/GameEngine/RenderWare.cs
View File

@@ -18,11 +18,7 @@ namespace BinaryObjectScanner.GameEngine
public class RenderWare : IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;

7
BinaryObjectScanner/GameEngine/_DUMMY.cs
View File

@@ -1,7 +0,0 @@
namespace BinaryObjectScanner.GameEngine
{
/// <summary>
/// This class exists for reflection purposes and should not be used
/// </summary>
public sealed class _DUMMY { }
}

86
BinaryObjectScanner/Handler.cs
View File

@@ -1,5 +1,7 @@
using System;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using System.IO;
using System.Linq;
@@ -18,17 +20,11 @@ namespace BinaryObjectScanner
/// <summary>
/// Cache for all IPathCheck types
/// </summary>
#if NET48
public static IEnumerable<IPathCheck> PathCheckClasses
#else
public static IEnumerable<IPathCheck?> PathCheckClasses
#endif
{
get
{
if (pathCheckClasses == null)
pathCheckClasses = InitCheckClasses<IPathCheck>();
pathCheckClasses ??= InitCheckClasses<IPathCheck>();
return pathCheckClasses;
}
}
@@ -40,11 +36,7 @@ namespace BinaryObjectScanner
/// <summary>
/// Cache for all IPathCheck types
/// </summary>
#if NET48
private static IEnumerable<IPathCheck> pathCheckClasses;
#else
private static IEnumerable<IPathCheck?>? pathCheckClasses;
#endif
#endregion
@@ -56,25 +48,37 @@ namespace BinaryObjectScanner
/// <param name="path">Path of the file or directory to check</param>
/// <param name="scanner">Scanner object to use for options and scanning</param>
/// <returns>Set of protections in file, null on error</returns>
#if NET48
public static ConcurrentDictionary<string, ConcurrentQueue<string>> HandlePathChecks(string path, IEnumerable<string> files)
#if NET20 || NET35
public static Dictionary<string, Queue<string>> HandlePathChecks(string path, IEnumerable<string>? files)
#else
public static ConcurrentDictionary<string, ConcurrentQueue<string>> HandlePathChecks(string path, IEnumerable<string>? files)
#endif
{
// Create the output dictionary
#if NET20 || NET35
var protections = new Dictionary<string, Queue<string>>();
#else
var protections = new ConcurrentDictionary<string, ConcurrentQueue<string>>();
#endif
// Preprocess the list of files
files = files?.Select(f => f.Replace('\\', '/'))?.ToList();
// Iterate through all checks
#if NET20 || NET35
foreach (var checkClass in PathCheckClasses)
#else
Parallel.ForEach(PathCheckClasses, checkClass =>
#endif
{
var subProtections = checkClass?.PerformCheck(path, files);
if (subProtections != null)
AppendToDictionary(protections, path, subProtections);
#if NET20 || NET35
}
#else
});
#endif
return protections;
}
@@ -91,8 +95,8 @@ namespace BinaryObjectScanner
/// <param name="stream">Stream to scan the contents of</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>Set of protections in file, null on error</returns>
#if NET48
public static ConcurrentQueue<string> HandleDetectable(IDetectable impl, string fileName, Stream stream, bool includeDebug)
#if NET20 || NET35
public static Queue<string>? HandleDetectable(IDetectable impl, string fileName, Stream stream, bool includeDebug)
#else
public static ConcurrentQueue<string>? HandleDetectable(IDetectable impl, string fileName, Stream stream, bool includeDebug)
#endif
@@ -109,8 +113,8 @@ namespace BinaryObjectScanner
/// <param name="stream">Stream to scan the contents of</param>
/// <param name="scanner">Scanner object to use on extractable contents</param>
/// <returns>Set of protections in file, null on error</returns>
#if NET48
public static ConcurrentDictionary<string, ConcurrentQueue<string>> HandleExtractable(IExtractable impl, string fileName, Stream stream, Scanner scanner)
#if NET20 || NET35
public static Dictionary<string, Queue<string>>? HandleExtractable(IExtractable impl, string fileName, Stream? stream, Scanner scanner)
#else
public static ConcurrentDictionary<string, ConcurrentQueue<string>>? HandleExtractable(IExtractable impl, string fileName, Stream? stream, Scanner scanner)
#endif
@@ -155,23 +159,27 @@ namespace BinaryObjectScanner
/// <param name="impl">IPathCheck class representing the file type</param>
/// <param name="path">Path of the file or directory to check</param>
/// <returns>Set of protections in path, null on error</returns>
#if NET48
private static ConcurrentQueue<string> PerformCheck(this IPathCheck impl, string path, IEnumerable<string> files)
#if NET20 || NET35
private static Queue<string>? PerformCheck(this IPathCheck impl, string? path, IEnumerable<string>? files)
#else
private static ConcurrentQueue<string>? PerformCheck(this IPathCheck impl, string? path, IEnumerable<string>? files)
#endif
{
// If we have an invalid path
if (string.IsNullOrWhiteSpace(path))
if (string.IsNullOrEmpty(path))
return null;
// Setup the output dictionary
#if NET20 || NET35
var protections = new Queue<string>();
#else
var protections = new ConcurrentQueue<string>();
#endif
// If we have a file path
if (File.Exists(path))
{
var protection = impl.CheckFilePath(path);
var protection = impl.CheckFilePath(path!);
var subProtections = ProcessProtectionString(protection);
if (subProtections != null)
protections.AddRange(subProtections);
@@ -180,7 +188,7 @@ namespace BinaryObjectScanner
// If we have a directory path
if (Directory.Exists(path) && files?.Any() == true)
{
var subProtections = impl.CheckDirectoryPath(path, files);
var subProtections = impl.CheckDirectoryPath(path!, files);
if (subProtections != null)
protections.AddRange(subProtections);
}
@@ -195,33 +203,17 @@ namespace BinaryObjectScanner
/// <summary>
/// Initialize all implementations of a type
/// </summary>
#if NET48
private static IEnumerable<T> InitCheckClasses<T>()
#else
private static IEnumerable<T?> InitCheckClasses<T>()
#endif
{
return InitCheckClasses<T>(typeof(GameEngine._DUMMY).Assembly)
.Concat(InitCheckClasses<T>(typeof(Packer._DUMMY).Assembly))
.Concat(InitCheckClasses<T>(typeof(Protection._DUMMY).Assembly));
}
private static IEnumerable<T?> InitCheckClasses<T>() =>
InitCheckClasses<T>(typeof(Handler).Assembly);
/// <summary>
/// Initialize all implementations of a type
/// </summary>
#if NET48
private static IEnumerable<T> InitCheckClasses<T>(Assembly assembly)
#else
private static IEnumerable<T?> InitCheckClasses<T>(Assembly assembly)
#endif
{
return assembly.GetTypes()?
.Where(t => t.IsClass && t.GetInterface(typeof(T).Name) != null)?
#if NET48
.Select(t => (T)Activator.CreateInstance(t)) ?? Array.Empty<T>();
#else
.Select(t => (T?)Activator.CreateInstance(t)) ?? Array.Empty<T>();
#endif
.Select(t => (T?)Activator.CreateInstance(t)) ?? [];
}
#endregion
@@ -233,21 +225,25 @@ namespace BinaryObjectScanner
/// </summary>
/// <param name="protection">Protection string to process</param>
/// <returns>Set of protections parsed, null on error</returns>
#if NET48
private static ConcurrentQueue<string> ProcessProtectionString(string protection)
#if NET20 || NET35
private static Queue<string>? ProcessProtectionString(string? protection)
#else
private static ConcurrentQueue<string>? ProcessProtectionString(string? protection)
#endif
{
// If we have an invalid protection string
if (string.IsNullOrWhiteSpace(protection))
if (string.IsNullOrEmpty(protection))
return null;
// Setup the output queue
#if NET20 || NET35
var protections = new Queue<string>();
#else
var protections = new ConcurrentQueue<string>();
#endif
// If we have an indicator of multiple protections
if (protection.Contains(";"))
if (protection!.Contains(";"))
{
var splitProtections = protection.Split(';');
protections.AddRange(splitProtections);

4
BinaryObjectScanner/Interfaces/IContentCheck.cs
View File

@@ -12,10 +12,6 @@
/// <param name="fileContent">Byte array representing the file contents</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>String containing any protections found in the file</returns>
#if NET48
string CheckContents(string file, byte[] fileContent, bool includeDebug);
#else
string? CheckContents(string file, byte[] fileContent, bool includeDebug);
#endif
}
}

8
BinaryObjectScanner/Interfaces/IDetectable.cs
View File

@@ -14,11 +14,7 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>Detected file or protection type, null on error</returns>
/// <remarks>Ideally, this should just point to the other detect implementation.</remarks>
#if NET48
string Detect(string file, bool includeDebug);
#else
string? Detect(string file, bool includeDebug);
#endif
/// <summary>
/// Check if a stream is detected as this file type
@@ -27,10 +23,6 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="file">Path to the input file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>Detected file or protection type, null on error</returns>
#if NET48
string Detect(Stream stream, string file, bool includeDebug);
#else
string? Detect(Stream stream, string file, bool includeDebug);
#endif
}
}

8
BinaryObjectScanner/Interfaces/IExtractable.cs
View File

@@ -16,11 +16,7 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>Path to extracted files, null on error</returns>
/// <remarks>Ideally, this should just point to the other extract implementation.</remarks>
#if NET48
string Extract(string file, bool includeDebug);
#else
string? Extract(string file, bool includeDebug);
#endif
/// <summary>
/// Extract a stream to a temporary path, if possible
@@ -29,10 +25,6 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="file">Path to the input file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>Path to extracted files, null on error</returns>
#if NET48
string Extract(Stream stream, string file, bool includeDebug);
#else
string? Extract(Stream? stream, string file, bool includeDebug);
#endif
}
}

4
BinaryObjectScanner/Interfaces/ILinearExecutableCheck.cs
View File

@@ -14,10 +14,6 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="lex">LinearExecutable representing the read-in file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>String containing any protections found in the file</returns>
#if NET48
string CheckLinearExecutable(string file, LinearExecutable lex, bool includeDebug);
#else
string? CheckLinearExecutable(string file, LinearExecutable lex, bool includeDebug);
#endif
}
}

4
BinaryObjectScanner/Interfaces/IMSDOSExecutableCheck.cs
View File

@@ -14,10 +14,6 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="mz">MSDOS representing the read-in file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>String containing any protections found in the file</returns>
#if NET48
string CheckMSDOSExecutable(string file, MSDOS mz, bool includeDebug);
#else
string? CheckMSDOSExecutable(string file, MSDOS mz, bool includeDebug);
#endif
}
}

4
BinaryObjectScanner/Interfaces/INewExecutableCheck.cs
View File

@@ -14,10 +14,6 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="nex">NewExecutable representing the read-in file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>String containing any protections found in the file</returns>
#if NET48
string CheckNewExecutable(string file, NewExecutable nex, bool includeDebug);
#else
string? CheckNewExecutable(string file, NewExecutable nex, bool includeDebug);
#endif
}
}

12
BinaryObjectScanner/Interfaces/IPathCheck.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
namespace BinaryObjectScanner.Interfaces
@@ -17,8 +19,8 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="path">Path to check for protection indicators</param>
/// <param name="files">Enumerable of strings representing files in a directory</param>
/// <remarks>This can do some limited content checking as well, but it's suggested to use a content check instead, if possible</remarks>
#if NET48
ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files);
#if NET20 || NET35
Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files);
#else
ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files);
#endif
@@ -28,10 +30,6 @@ namespace BinaryObjectScanner.Interfaces
/// </summary>
/// <param name="path">Path to check for protection indicators</param>
/// <remarks>This can do some limited content checking as well, but it's suggested to use a content check instead, if possible</remarks>
#if NET48
string CheckFilePath(string path);
#else
string? CheckFilePath(string path);
#endif
}
}

4
BinaryObjectScanner/Interfaces/IPortableExecutableCheck.cs
View File

@@ -14,10 +14,6 @@ namespace BinaryObjectScanner.Interfaces
/// <param name="pex">PortableExecutable representing the read-in file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>String containing any protections found in the file</returns>
#if NET48
string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug);
#else
string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug);
#endif
}
}

170
BinaryObjectScanner/Packer/ASPack.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.Packer
public class ASPack : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -33,7 +29,7 @@ namespace BinaryObjectScanner.Packer
// {
// var matchers = GenerateMatchers();
// var match = MatchUtil.GetFirstMatch(file, pex.EntryPointRaw, matchers, includeDebug);
// if (!string.IsNullOrWhiteSpace(match))
// if (!string.IsNullOrEmpty(match))
// return match;
// }
@@ -46,7 +42,7 @@ namespace BinaryObjectScanner.Packer
{
var matchers = GenerateMatchers();
var match = MatchUtil.GetFirstMatch(file, adataSectionRaw, matchers, includeDebug);
if (!string.IsNullOrWhiteSpace(match))
if (!string.IsNullOrEmpty(match))
return match;
}
}
@@ -55,11 +51,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -71,11 +63,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}
@@ -90,7 +78,7 @@ namespace BinaryObjectScanner.Packer
{
#region No Wildcards (Long)
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0x92, 0x1A, 0x44, 0x00, 0xB8, 0x8C, 0x1A,
@@ -99,7 +87,7 @@ namespace BinaryObjectScanner.Packer
0x80, 0xBD, 0xC4, 0x1D, 0x44,
}, "ASPack 1.00b -> Solodovnikov Alexey"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0xD2, 0x2A, 0x44, 0x00, 0xB8, 0xCC, 0x2A,
@@ -113,7 +101,7 @@ namespace BinaryObjectScanner.Packer
0x44, 0x00, 0x89, 0x44, 0x24, 0x1C, 0x61, 0xFF
}, "ASPack 1.01b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0xD2, 0x2A, 0x44, 0x00, 0xB8, 0xCC, 0x2A,
@@ -122,7 +110,7 @@ namespace BinaryObjectScanner.Packer
0x80, 0xBD, 0x9C, 0x2E, 0x44
}, "ASPack 1.01b -> Solodovnikov Alexey"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0x96, 0x78, 0x43, 0x00, 0xB8, 0x90, 0x78,
@@ -136,7 +124,7 @@ namespace BinaryObjectScanner.Packer
0x43, 0x00, 0x89, 0x44, 0x24, 0x1C, 0x61, 0xFF
}, "ASPack 1.02b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0x96, 0x78, 0x43, 0x00, 0xB8, 0x90, 0x78,
@@ -146,7 +134,7 @@ namespace BinaryObjectScanner.Packer
0x15, 0xFE, 0x85, 0x74, 0x7C, 0x43
}, "ASPack 1.02b -> Solodovnikov Alexey"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0x8A, 0x1C, 0x40, 0x00, 0xB9, 0x9E, 0x00,
@@ -154,14 +142,14 @@ namespace BinaryObjectScanner.Packer
0x8B, 0xF7, 0x33
}, "ASPack 1.02b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0x96, 0x78, 0x43, 0x00, 0xB8, 0x90, 0x78,
0x43, 0x00, 0x03, 0xC5
}, "ASPack 1.02b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0xAE, 0x98, 0x43, 0x00, 0xB8, 0xA8, 0x98,
@@ -170,7 +158,7 @@ namespace BinaryObjectScanner.Packer
0x80, 0xBD, 0x0E, 0x9D, 0x43
}, "ASPack 1.03b -> Solodovnikov Alexey"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0xCE, 0x3A, 0x44, 0x00, 0xB8, 0xC8, 0x3A,
@@ -179,7 +167,7 @@ namespace BinaryObjectScanner.Packer
0x80, 0xBD, 0xAC, 0x3E, 0x44
}, "ASPack 1.05b -> Solodovnikov Alexey"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0xEA, 0xA8, 0x43, 0x00, 0xB8, 0xE4, 0xA8,
@@ -193,7 +181,7 @@ namespace BinaryObjectScanner.Packer
0x43, 0x00, 0x89, 0x44, 0x24, 0x1C, 0x61, 0xFF
}, "ASPack 1.06.01b (DLL)"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0xEA, 0xA8, 0x43, 0x00, 0xB8, 0xE4, 0xA8,
@@ -203,7 +191,7 @@ namespace BinaryObjectScanner.Packer
0x15, 0xFE, 0x85, 0x6E, 0xAD, 0x43
}, "ASPack 1.06.01b -> Solodovnikov Alexey"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0x3E, 0xD9, 0x43, 0x00, 0xB8, 0x38, 0xD9,
@@ -217,7 +205,7 @@ namespace BinaryObjectScanner.Packer
0x43, 0x00, 0x89, 0x44, 0x24, 0x1C, 0x61, 0xFF
}, "ASPack 1.07b (DLL)"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xEB, 0x03, 0x5D, 0xFF, 0xE5, 0xE8, 0xF8,
0xFF, 0xFF, 0xFF, 0x81, 0xED, 0x1B, 0x6A, 0x44,
@@ -225,7 +213,7 @@ namespace BinaryObjectScanner.Packer
0x2B, 0x9D, 0x2A
}, "ASPack 1.08"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0x0A, 0x4A, 0x44, 0x00, 0xBB, 0x04, 0x4A,
@@ -239,7 +227,7 @@ namespace BinaryObjectScanner.Packer
0x53, 0x50, 0xFF, 0x95, 0x90, 0x51, 0x44, 0x00
}, "ASPack 1.08.03"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0x0A, 0x4A, 0x44, 0x00, 0xBB, 0x04, 0x4A,
@@ -248,20 +236,20 @@ namespace BinaryObjectScanner.Packer
0x00, 0x89, 0x9D, 0xBB, 0x4E
}, "ASPack 1.08.03"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0x0A, 0x4A, 0x44, 0x00, 0xBB, 0x04, 0x4A,
0x44, 0x00, 0x03, 0xDD
}, "ASPack 1.08.03"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x72, 0x05, 0x00, 0x00, 0xEB, 0x33,
0x87, 0xDB, 0x90, 0x00
}, "ASPack 2.00.01"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x03, 0x00, 0x00, 0x00, 0xE9, 0xEB,
0x04, 0x5D, 0x45, 0x55, 0xC3, 0xE8, 0x01, 0x00,
@@ -269,34 +257,34 @@ namespace BinaryObjectScanner.Packer
0xFF, 0x03, 0xDD, 0x81, 0xEB
}, "ASPack 2.1"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x02, 0x00, 0x00, 0x00, 0xEB, 0x09,
0x5D, 0x55, 0x81, 0xED, 0x39, 0x39, 0x44, 0x00,
0xC3, 0xE9, 0x3D, 0x04, 0x00, 0x00
}, "ASPack 2.11b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x02, 0x00, 0x00, 0x00, 0xEB, 0x09,
0x5D, 0x55
}, "ASPack 2.11b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x02, 0x00, 0x00, 0x00, 0xEB, 0x09,
0x5D, 0x55, 0x81, 0xED, 0x39, 0x39, 0x44, 0x00,
0xC3, 0xE9, 0x59, 0x04, 0x00, 0x00
}, "ASPack 2.11c"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x02, 0x00, 0x00, 0x00, 0xCD, 0x20,
0xE8, 0x00, 0x00, 0x00, 0x00, 0x5E, 0x2B, 0xC9,
0x58, 0x74, 0x02
}, "ASPack 2.11d"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x03, 0x00, 0x00, 0x00, 0xE9, 0xEB,
0x04, 0x5D, 0x45, 0x55, 0xC3, 0xE8, 0x01
@@ -306,7 +294,7 @@ namespace BinaryObjectScanner.Packer
#region Wildcards (Long)
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, null, null, null, null, 0x5D, 0x81,
0xED, 0x3E, 0xD9, 0x43, null, 0xB8, 0x38, null,
@@ -320,7 +308,7 @@ namespace BinaryObjectScanner.Packer
0x43, null, 0x89, 0x44, 0x24, 0x1C, 0x61, 0xFF
}, "ASPack 1.00b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, null, null, null, null, 0x5D, 0x81,
0xED, 0xD2, 0x2A, 0x44, null, 0xB8, 0xCC, 0x2A,
@@ -329,7 +317,7 @@ namespace BinaryObjectScanner.Packer
0x80, 0xBD, 0x9C, 0x2E, 0x44
}, "ASPack 1.01b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, null, null, null, null, 0x5D, 0x81,
0xED, 0xCE, 0x3A, 0x44, null, 0xB8, 0xC8, 0x3A,
@@ -338,7 +326,7 @@ namespace BinaryObjectScanner.Packer
0x80, 0xBD, 0xAC, 0x3E, 0x44
}, "ASPack 1.01b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, 0x3E, 0xD9, 0x43, 0x00, 0xB8, 0x38, null,
@@ -352,13 +340,13 @@ namespace BinaryObjectScanner.Packer
0x43, 0x00, 0x89, 0x44, 0x24, 0x1C, 0x61, 0xFF
}, "ASPack 1.02a -> Solodovnikov Alexey"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, null, null, null, null, 0x5D, 0x81,
0xED, 0x06, null, null, null, 0x64, 0xA0, 0x23
}, "ASPack 1.02a"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, null, null, null, null, 0x5D, 0x81,
0xED, 0x96, 0x78, 0x43, null, 0xB8, 0x90, 0x78,
@@ -367,7 +355,7 @@ namespace BinaryObjectScanner.Packer
0x80, 0xBD, 0x74, 0x7C, 0x43
}, "ASPack 1.02b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, null, null, null, null, 0x5D, 0x81,
0xED, 0xAE, 0x98, 0x43, null, 0xB8, 0xA8, 0x98,
@@ -376,7 +364,7 @@ namespace BinaryObjectScanner.Packer
0x80, 0xBD, 0x0E, 0x9D, 0x43
}, "ASPack 1.03b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, null, null, null, null, 0x5D, 0x81,
0xED, null, null, null, null, 0xE8, 0x0D, null,
@@ -384,7 +372,7 @@ namespace BinaryObjectScanner.Packer
null, null, null, null, null, null, null, 0x58
}, "ASPack 1.03b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81,
0xED, null, null, null, 0x00, 0xB8, null, null,
@@ -393,7 +381,7 @@ namespace BinaryObjectScanner.Packer
0x80, 0xBD, 0x08, 0x9D, null, 0x00, 0x00
}, "ASPack 1.04b -> Solodovnikov Alexey"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, null, null, null, null, 0x5D, 0x81,
0xED, null, null, null, null, 0xB8, null, null,
@@ -402,7 +390,7 @@ namespace BinaryObjectScanner.Packer
0x80, 0xBD, 0x08, 0x9D
}, "ASPack 1.04b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, null, null, null, null, 0x5D, 0x81,
0xED, null, null, null, null, 0xB8, null, null,
@@ -411,7 +399,7 @@ namespace BinaryObjectScanner.Packer
0x80, 0xBD, 0x01, 0xDE
}, "ASPack 1.04b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, null, null, null, null, 0x5D, 0x81,
0xED, 0xEA, 0xA8, 0x43, null, 0xB8, 0xE4, 0xA8,
@@ -420,28 +408,28 @@ namespace BinaryObjectScanner.Packer
0x80, 0xBD, 0x6E, 0xAD, 0x43
}, "ASPack 1.06.1b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x90, 0x61, 0xBE, null, null, null, null, 0x8D,
0xBE, null, null, null, null, 0x57, 0x83, 0xCD,
0xFF
}, "ASPack 1.06.1b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, null,
null, null, null, null, null, 0xB8, null, null,
null, null, 0x03, 0xC5
}, "ASPack 1.07b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, null, null, null, null, 0x5D, 0x81,
0xED, null, null, null, null, 0x60, 0xE8, 0x2B,
0x03, 0x00, 0x00
}, "ASPack 1.07b"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xEB, 0x0A, 0x5D, 0xEB, 0x02, 0xFF, 0x25,
0x45, 0xFF, 0xE5, 0xE8, 0xE9, 0xE8, 0xF1, 0xFF,
@@ -450,7 +438,7 @@ namespace BinaryObjectScanner.Packer
0x2B, 0x9D
}, "ASPack 1.08.01"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xEB, 0x0A, 0x5D, 0xEB, 0x02, 0xFF, 0x25,
0x45, 0xFF, 0xE5, 0xE8, 0xE9, 0xE8, 0xF1, 0xFF,
@@ -459,7 +447,7 @@ namespace BinaryObjectScanner.Packer
0x2B, 0x9D
}, "ASPack 1.08.01"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xEB, 0x0A, 0x5D, 0xEB, 0x02, 0xFF, 0x25,
0x45, 0xFF, 0xE5, 0xE8, 0xE9, 0xE8, 0xF1, 0xFF,
@@ -468,7 +456,7 @@ namespace BinaryObjectScanner.Packer
0x2B, 0x9D, 0x72
}, "ASPack 1.08.02"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, null,
null, null, null, null, null, 0xBB, null, null,
@@ -477,14 +465,14 @@ namespace BinaryObjectScanner.Packer
0x00, 0x89, 0x9D, 0xBB, 0x4E
}, "ASPack 1.08.03"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, null,
null, null, null, null, null, 0xBB, null, null,
null, null, 0x03, 0xDD
}, "ASPack 1.08.03"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x55, 0x57, 0x51, 0x53, 0xE8, null, null, null,
null, 0x5D, 0x8B, 0xC5, 0x81, 0xED, null, null,
@@ -493,27 +481,27 @@ namespace BinaryObjectScanner.Packer
null, 0x0F, 0xB6
}, "ASPack 1.08.03"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE9, null, null, null, null, 0xEF, 0x40,
0x03, 0xA7, 0x07, 0x8F, 0x07, 0x1C, 0x37, 0x5D,
0x43, 0xA7, 0x04, 0xB9, 0x2C, 0x3A
}, "ASPack 1.08.x"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x02, 0x00, 0x00, 0x00, 0xEB, 0x09,
0x5D, 0x55, 0x81, 0xED, 0x39, 0x39, 0x44, 0x00,
0xC3, 0xE9, null, 0x04, 0x00, 0x00
}, "ASPack 2.11.x -> Alexey Solodovnikov"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
null, 0xE8, 0x03, 0x00, 0x00, 0x00, 0xE9, 0xEB,
0x04, 0x5D, 0x45, 0x55, 0xC3, 0xE8, 0x01
}, "ASPack 2.12 (without Poly) -> Solodovnikov Alexey"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
null, 0x60, 0xE8, 0x03, 0x00, 0x00, 0x00, 0xE9,
0xEB, 0x04, 0x5D, 0x45, 0x55, 0xC3, 0xE8, 0x01,
@@ -530,7 +518,7 @@ namespace BinaryObjectScanner.Packer
0xFF, 0x95, 0x48, 0x0F
}, "ASPack 2.12b -> Solodovnikov Alexey"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x60, 0xE8, 0x03, 0x00, 0x00, 0x00, 0xE9, 0xEB,
0x04, 0x5D, 0x45, 0x55, 0xC3, 0xE8, 0x01, 0x00,
@@ -579,7 +567,7 @@ namespace BinaryObjectScanner.Packer
0x08
}, "ASPack 2.2 -> Alexey Solodovnikov & StarForce * 2009408"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
null, 0x60, 0xE8, 0x03, 0x00, 0x00, 0x00, 0xE9,
0xEB, 0x04, 0x5D, 0x45, 0x55, 0xC3, 0xE8, 0x01,
@@ -592,7 +580,7 @@ namespace BinaryObjectScanner.Packer
#region 2.xx (Long)
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0xA8, 0x03, 0x00, 0x00, 0x61, 0x75, 0x08, 0xB8,
0x01, 0x00, 0x00, 0x00, 0xC2, 0x0C, 0x00, 0x68,
@@ -601,7 +589,7 @@ namespace BinaryObjectScanner.Packer
0x00, 0x51, 0x50, 0xFF, 0x95
}, "ASPack 2.xx"),
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0xA8, 0x03, null, null, 0x61, 0x75, 0x08, 0xB8,
0x01, null, null, null, 0xC2, 0x0C, null, 0x68,
@@ -614,55 +602,55 @@ namespace BinaryObjectScanner.Packer
#region Short
new ContentMatchSet(new byte?[] { 0x75, 0x00, 0xE9 }, "ASPack 1.05b"),
new(new byte?[] { 0x75, 0x00, 0xE9 }, "ASPack 1.05b"),
new ContentMatchSet(new byte?[] { 0x90, 0x90, 0x90, 0x75, 0x00, 0xE9 }, "ASPack 1.06.1b"),
new(new byte?[] { 0x90, 0x90, 0x90, 0x75, 0x00, 0xE9 }, "ASPack 1.06.1b"),
new ContentMatchSet(new byte?[] { 0x90, 0x90, 0x75, 0x00, 0xE9 }, "ASPack 1.06.1b"),
new(new byte?[] { 0x90, 0x90, 0x75, 0x00, 0xE9 }, "ASPack 1.06.1b"),
new ContentMatchSet(new byte?[] { 0x90, 0x75, 0x00, 0xE9 }, "ASPack 1.06.1b"),
new(new byte?[] { 0x90, 0x75, 0x00, 0xE9 }, "ASPack 1.06.1b"),
new ContentMatchSet(new byte?[] { 0x90, 0x90, 0x90, 0x75, null, 0xE9 }, "ASPack 1.07b"),
new(new byte?[] { 0x90, 0x90, 0x90, 0x75, null, 0xE9 }, "ASPack 1.07b"),
new ContentMatchSet(new byte?[] { 0x90, 0x90, 0x75, null, 0xE9 }, "ASPack 1.07b"),
new(new byte?[] { 0x90, 0x90, 0x75, null, 0xE9 }, "ASPack 1.07b"),
new ContentMatchSet(new byte?[] { 0x90, 0x75, null, 0xE9 }, "ASPack 1.07b"),
new(new byte?[] { 0x90, 0x75, null, 0xE9 }, "ASPack 1.07b"),
new ContentMatchSet(new byte?[] { 0x90, 0x90, 0x90, 0x75, 0x01, 0x90, 0xE9 }, "ASPack 1.08"),
new(new byte?[] { 0x90, 0x90, 0x90, 0x75, 0x01, 0x90, 0xE9 }, "ASPack 1.08"),
new ContentMatchSet(new byte?[] { 0x90, 0x90, 0x90, 0x75, 0x01, 0xFF, 0xE9 }, "ASPack 1.08"),
new(new byte?[] { 0x90, 0x90, 0x90, 0x75, 0x01, 0xFF, 0xE9 }, "ASPack 1.08"),
new ContentMatchSet(new byte?[] { 0x90, 0x90, 0x75, 0x01, 0xFF, 0xE9 }, "ASPack 1.08"),
new(new byte?[] { 0x90, 0x90, 0x75, 0x01, 0xFF, 0xE9 }, "ASPack 1.08"),
new ContentMatchSet(new byte?[] { 0x90, 0x75, 0x01, 0xFF, 0xE9 }, "ASPack 1.08"),
new(new byte?[] { 0x90, 0x75, 0x01, 0xFF, 0xE9 }, "ASPack 1.08"),
new ContentMatchSet(new byte?[] { 0x90, 0x90, 0x90, 0x75, null, 0x90, 0xE9 }, "ASPack 1.08.01"),
new(new byte?[] { 0x90, 0x90, 0x90, 0x75, null, 0x90, 0xE9 }, "ASPack 1.08.01"),
new ContentMatchSet(new byte?[] { 0x90, 0x90, 0x75, null, 0x90, 0xE9 }, "ASPack 1.08.01"),
new(new byte?[] { 0x90, 0x90, 0x75, null, 0x90, 0xE9 }, "ASPack 1.08.01"),
new ContentMatchSet(new byte?[] { 0x90, 0x75, null, 0x90, 0xE9 }, "ASPack 1.08.01"),
new(new byte?[] { 0x90, 0x75, null, 0x90, 0xE9 }, "ASPack 1.08.01"),
new ContentMatchSet(new byte?[] { 0x90, 0x90, 0x75, 0x01, 0x90, 0xE9 }, "ASPack 1.08.02"),
new(new byte?[] { 0x90, 0x90, 0x75, 0x01, 0x90, 0xE9 }, "ASPack 1.08.02"),
new ContentMatchSet(new byte?[] { 0x90, 0x75, 0x01, 0x90, 0xE9 }, "ASPack 1.08.02"),
new(new byte?[] { 0x90, 0x75, 0x01, 0x90, 0xE9 }, "ASPack 1.08.02"),
new ContentMatchSet(new byte?[] { 0x60, 0xE8, 0x41, 0x06, 0x00, 0x00, 0xEB, 0x41 }, "ASPack 1.08.04"),
new(new byte?[] { 0x60, 0xE8, 0x41, 0x06, 0x00, 0x00, 0xEB, 0x41 }, "ASPack 1.08.04"),
new ContentMatchSet(new byte?[] { 0x60, 0xE8, null, null, null, null, 0xEB }, "ASPack 1.08.04"),
new(new byte?[] { 0x60, 0xE8, null, null, null, null, 0xEB }, "ASPack 1.08.04"),
new ContentMatchSet(new byte?[] { 0x60, 0xE8, 0x70, 0x05, 0x00, 0x00, 0xEB, 0x4C }, "ASPack 2.00.00"),
new(new byte?[] { 0x60, 0xE8, 0x70, 0x05, 0x00, 0x00, 0xEB, 0x4C }, "ASPack 2.00.00"),
new ContentMatchSet(new byte?[] { 0x60, 0xE8, 0x48, 0x11, 0x00, 0x00, 0xC3, 0x83 }, "ASPack 2.00.00"),
new(new byte?[] { 0x60, 0xE8, 0x48, 0x11, 0x00, 0x00, 0xC3, 0x83 }, "ASPack 2.00.00"),
new ContentMatchSet(new byte?[] { 0x60, 0xE8, 0x72, 0x05, 0x00, 0x00, 0xEB, 0x4C }, "ASPack 2.00.01"),
new(new byte?[] { 0x60, 0xE8, 0x72, 0x05, 0x00, 0x00, 0xEB, 0x4C }, "ASPack 2.00.01"),
new ContentMatchSet(new byte?[] { 0x60, 0xE8, null, 0x05, 0x00, 0x00, 0xEB, 0x4C }, "ASPack 2.00.x -> Alexey Solodovnikov"),
new(new byte?[] { 0x60, 0xE8, null, 0x05, 0x00, 0x00, 0xEB, 0x4C }, "ASPack 2.00.x -> Alexey Solodovnikov"),
new ContentMatchSet(new byte?[] { 0x60, 0xE9, 0x3D, 0x04, 0x00, 0x00 }, "ASPack 2.11"),
new(new byte?[] { 0x60, 0xE9, 0x3D, 0x04, 0x00, 0x00 }, "ASPack 2.11"),
new ContentMatchSet(new byte?[] { 0x60, 0xE8, 0xF9, 0x11, 0x00, 0x00, 0xC3, 0x83 }, "ASPack 2.11"),
new(new byte?[] { 0x60, 0xE8, 0xF9, 0x11, 0x00, 0x00, 0xC3, 0x83 }, "ASPack 2.11"),
new ContentMatchSet(new byte?[] { 0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81, 0xED }, "ASPack 1.02b/1.08.03"),
new(new byte?[] { 0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x81, 0xED }, "ASPack 1.02b/1.08.03"),
#endregion
};

12
BinaryObjectScanner/Packer/AdvancedInstaller.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.Packer
public class AdvancedInstaller : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -34,11 +30,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -50,11 +42,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

12
BinaryObjectScanner/Packer/Armadillo.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.Packer
public class Armadillo : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -46,11 +42,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -62,11 +54,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

16
BinaryObjectScanner/Packer/AutoPlayMediaStudio.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.Packer
public class AutoPlayMediaStudio : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -38,11 +34,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -54,11 +46,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}
@@ -68,12 +56,12 @@ namespace BinaryObjectScanner.Packer
// Check the product version explicitly
var version = pex.ProductVersion;
if (!string.IsNullOrEmpty(version))
return version;
return version!;
// Check the internal versions
version = pex.GetInternalVersion();
if (!string.IsNullOrEmpty(version))
return version;
return version!;
return "(Unknown Version)";
}

28
BinaryObjectScanner/Packer/CExe.cs
View File

@@ -3,7 +3,9 @@ using System.Collections.Generic;
using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using ICSharpCode.SharpZipLib.Zip.Compression;
#endif
using SabreTools.Matching;
using SabreTools.Serialization.Wrappers;
@@ -15,11 +17,7 @@ namespace BinaryObjectScanner.Packer
public class CExe : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -34,7 +32,7 @@ namespace BinaryObjectScanner.Packer
{
var matchers = new List<ContentMatchSet>
{
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x25, 0x57, 0x6F, 0xC1, 0x61, 0x36, 0x01, 0x92,
0x61, 0x36, 0x01, 0x92, 0x61, 0x36, 0x01, 0x92,
@@ -46,7 +44,7 @@ namespace BinaryObjectScanner.Packer
};
var match = MatchUtil.GetFirstMatch(file, pex.StubExecutableData, matchers, includeDebug);
if (!string.IsNullOrWhiteSpace(match))
if (!string.IsNullOrEmpty(match))
return match;
}
@@ -54,27 +52,17 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{
@@ -100,6 +88,7 @@ namespace BinaryObjectScanner.Packer
try
{
// Inflate the data into the buffer
#if NET462_OR_GREATER || NETCOREAPP
Inflater inflater = new Inflater();
inflater.SetInput(payload);
data = new byte[payload.Length * 4];
@@ -107,6 +96,9 @@ namespace BinaryObjectScanner.Packer
// Trim the buffer to the proper size
data = new ReadOnlySpan<byte>(data, 0, read).ToArray();
#else
data = null;
#endif
}
catch
{

18
BinaryObjectScanner/Packer/EXEStealth.cs
View File

@@ -13,11 +13,7 @@ namespace BinaryObjectScanner.Packer
public class EXEStealth : IContentCheck, IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
#else
public string? CheckContents(string file, byte[] fileContent, bool includeDebug)
#endif
{
// TODO: Obtain a sample to find where this string is in a typical executable
if (includeDebug)
@@ -25,7 +21,7 @@ namespace BinaryObjectScanner.Packer
var contentMatchSets = new List<ContentMatchSet>
{
// ??[[__[[_ + (char)0x00 + {{ + (char)0x0 + (char)0x00 + {{ + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x0 + (char)0x00 + (char)0x00 + (char)0x00 + (char)0x00 + ?;??;??
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x3F, 0x3F, 0x5B, 0x5B, 0x5F, 0x5F, 0x5B, 0x5B,
0x5F, 0x00, 0x7B, 0x7B, 0x00, 0x00, 0x7B, 0x7B,
@@ -42,11 +38,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -83,11 +75,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -99,11 +87,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

12
BinaryObjectScanner/Packer/EmbeddedExecutable.cs
View File

@@ -14,11 +14,7 @@ namespace BinaryObjectScanner.Packer
public class EmbeddedExecutable : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -33,11 +29,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -49,11 +41,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{

12
BinaryObjectScanner/Packer/GenteeInstaller.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.Packer
public class GenteeInstaller : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -37,11 +33,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -53,11 +45,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

12
BinaryObjectScanner/Packer/HyperTechCrackProof.cs
View File

@@ -13,11 +13,7 @@ namespace BinaryObjectScanner.Packer
public class HyperTechCrackProof : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -36,11 +32,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -52,11 +44,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

20
BinaryObjectScanner/Packer/InnoSetup.cs
View File

@@ -12,17 +12,13 @@ namespace BinaryObjectScanner.Packer
public class InnoSetup : IExtractable, INewExecutableCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckNewExecutable(string file, NewExecutable nex, bool includeDebug)
#else
public string? CheckNewExecutable(string file, NewExecutable nex, bool includeDebug)
#endif
{
// Check for "Inno" in the reserved words
if (nex.Model.Stub?.Header?.Reserved2?[4] == 0x6E49 && nex.Model.Stub?.Header?.Reserved2?[5] == 0x6F6E)
{
string version = GetOldVersion(file, nex);
if (!string.IsNullOrWhiteSpace(version))
if (!string.IsNullOrEmpty(version))
return $"Inno Setup {version}";
return "Inno Setup (Unknown Version)";
@@ -32,11 +28,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -62,11 +54,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -78,11 +66,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}
@@ -101,7 +85,7 @@ namespace BinaryObjectScanner.Packer
var matchers = new List<ContentMatchSet>
{
// "rDlPtS02" + (char)0x87 + "eVx"
new ContentMatchSet(new byte?[] { 0x72, 0x44, 0x6C, 0x50, 0x74, 0x53, 0x30, 0x32, 0x87, 0x65, 0x56, 0x78 }, "1.2.16 or earlier"),
new(new byte?[] { 0x72, 0x44, 0x6C, 0x50, 0x74, 0x53, 0x30, 0x32, 0x87, 0x65, 0x56, 0x78 }, "1.2.16 or earlier"),
};
return MatchUtil.GetFirstMatch(file, data, matchers, false) ?? "Unknown 1.X";

14
BinaryObjectScanner/Packer/InstallAnywhere.cs
View File

@@ -10,11 +10,7 @@ namespace BinaryObjectScanner.Packer
public class InstallAnywhere : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -33,11 +29,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -49,11 +41,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}
@@ -63,7 +51,7 @@ namespace BinaryObjectScanner.Packer
// Check the internal versions
var version = pex.GetInternalVersion();
if (!string.IsNullOrEmpty(version))
return version;
return version!;
return "(Unknown Version)";
}

12
BinaryObjectScanner/Packer/InstallerVISE.cs
View File

@@ -12,11 +12,7 @@ namespace BinaryObjectScanner.Packer
{
//TODO: Add exact version detection for Windows builds, make sure versions before 3.X are detected as well, and detect the Mac builds.
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -35,11 +31,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -51,11 +43,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

12
BinaryObjectScanner/Packer/IntelInstallationFramework.cs
View File

@@ -9,11 +9,7 @@ namespace BinaryObjectScanner.Packer
public class IntelInstallationFramework : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -38,11 +34,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -54,11 +46,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

14
BinaryObjectScanner/Packer/MicrosoftCABSFX.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.Packer
public class MicrosoftCABSFX : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -52,11 +48,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -68,11 +60,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}
@@ -81,7 +69,7 @@ namespace BinaryObjectScanner.Packer
{
// Check the internal versions
var version = pex.GetInternalVersion();
if (!string.IsNullOrWhiteSpace(version))
if (!string.IsNullOrEmpty(version))
return $"v{version}";
return string.Empty;

14
BinaryObjectScanner/Packer/NSIS.cs
View File

@@ -10,11 +10,7 @@ namespace BinaryObjectScanner.Packer
public class NSIS : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -22,7 +18,7 @@ namespace BinaryObjectScanner.Packer
return null;
var description = pex.AssemblyDescription;
if (!string.IsNullOrWhiteSpace(description) && description.StartsWith("Nullsoft Install System"))
if (!string.IsNullOrEmpty(description) && description!.StartsWith("Nullsoft Install System"))
return $"NSIS {description.Substring("Nullsoft Install System".Length).Trim()}";
// Get the .data/DATA section strings, if they exist
@@ -37,11 +33,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -53,11 +45,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

12
BinaryObjectScanner/Packer/NeoLite.cs
View File

@@ -18,11 +18,7 @@ namespace BinaryObjectScanner.Packer
{
// TODO: Find samples of NeoLite 1.X.
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -41,11 +37,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
// TODO: Add extraction
if (!File.Exists(file))
@@ -58,11 +50,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

12
BinaryObjectScanner/Packer/PECompact.cs
View File

@@ -9,11 +9,7 @@ namespace BinaryObjectScanner.Packer
public class PECompact : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -46,11 +42,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -62,11 +54,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

12
BinaryObjectScanner/Packer/Petite.cs
View File

@@ -9,11 +9,7 @@ namespace BinaryObjectScanner.Packer
public class PEtite : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -29,11 +25,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -45,11 +37,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

16
BinaryObjectScanner/Packer/SetupFactory.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.Packer
public class SetupFactory : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -43,11 +39,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -59,11 +51,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}
@@ -73,12 +61,12 @@ namespace BinaryObjectScanner.Packer
// Check the product version explicitly
var version = pex.ProductVersion;
if (!string.IsNullOrEmpty(version))
return version;
return version!;
// Check the internal versions
version = pex.GetInternalVersion();
if (!string.IsNullOrEmpty(version))
return version;
return version!;
return "(Unknown Version)";
}

12
BinaryObjectScanner/Packer/SevenZipSFX.cs
View File

@@ -9,11 +9,7 @@ namespace BinaryObjectScanner.Packer
public class SevenZipSFX : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -50,11 +46,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -66,11 +58,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

12
BinaryObjectScanner/Packer/Shrinker.cs
View File

@@ -9,11 +9,7 @@ namespace BinaryObjectScanner.Packer
public class Shrinker : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -30,11 +26,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -46,11 +38,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

12
BinaryObjectScanner/Packer/UPX.cs
View File

@@ -17,11 +17,7 @@ namespace BinaryObjectScanner.Packer
private static readonly Regex _upxVersionMatch = new Regex(@"^([0-9]\.[0-9]{2})$", RegexOptions.Compiled);
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -68,11 +64,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -84,11 +76,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

24
BinaryObjectScanner/Packer/WinRARSFX.cs
View File

@@ -3,20 +3,18 @@ using System.IO;
using System.Linq;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Archives;
using SharpCompress.Archives.Rar;
using SharpCompress.Readers;
#endif
namespace BinaryObjectScanner.Packer
{
public class WinRARSFX : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -35,28 +33,19 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
#if NET462_OR_GREATER || NETCOREAPP
try
{
// Should be using stream instead of file, but stream fails to extract anything. My guess is that the executable portion of the archive is causing stream to fail, but not file.
@@ -93,6 +82,9 @@ namespace BinaryObjectScanner.Packer
if (includeDebug) Console.WriteLine(ex);
return null;
}
#else
return null;
#endif
}
}
}

288
BinaryObjectScanner/Packer/WinZipSFX.cs
View File

@@ -4,19 +4,17 @@ using System.Linq;
using System.Text;
using BinaryObjectScanner.Interfaces;
using SabreTools.Serialization.Wrappers;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Archives;
using SharpCompress.Archives.Zip;
#endif
namespace BinaryObjectScanner.Packer
{
public class WinZipSFX : IExtractable, INewExecutableCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckNewExecutable(string file, NewExecutable nex, bool includeDebug)
#else
public string? CheckNewExecutable(string file, NewExecutable nex, bool includeDebug)
#endif
{
// If the resident-name table doesnt exist
if (nex.Model.ResidentNameTable == null)
@@ -33,18 +31,14 @@ namespace BinaryObjectScanner.Packer
// Try to get a known version
var version = GetNEHeaderVersion(nex);
if (!string.IsNullOrWhiteSpace(version))
if (!string.IsNullOrEmpty(version))
return $"WinZip SFX {version}";
return $"WinZip SFX Unknown Version (16-bit)";
}
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -55,7 +49,7 @@ namespace BinaryObjectScanner.Packer
if (pex.Model.ExportTable?.ExportDirectoryTable != null)
{
var version = GetPEExportDirectoryVersion(pex);
if (!string.IsNullOrWhiteSpace(version))
if (!string.IsNullOrEmpty(version))
return $"WinZip SFX {version}";
}
@@ -69,28 +63,19 @@ namespace BinaryObjectScanner.Packer
// TODO: Find a way to generically detect 2.X versions and improve exact version detection for SFX PE versions bundled with WinZip 11+
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
{
return Extract(fs, file, includeDebug);
}
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read);
return Extract(fs, file, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
#if NET462_OR_GREATER || NETCOREAPP
try
{
// Should be using stream instead of file, but stream fails to extract anything. My guess is that the executable portion of the archive is causing stream to fail, but not file.
@@ -127,6 +112,9 @@ namespace BinaryObjectScanner.Packer
if (includeDebug) Console.WriteLine(ex);
return null;
}
#else
return null;
#endif
}
/// <summary>
@@ -134,11 +122,7 @@ namespace BinaryObjectScanner.Packer
/// </summary>
/// TODO: Reduce the checks to only the ones that differ between versions
/// TODO: Research to see if the versions are embedded elsewhere in these files
#if NET48
private string GetNEHeaderVersion(NewExecutable nex)
#else
private string? GetNEHeaderVersion(NewExecutable nex)
#endif
{
#region 2.0 Variants
@@ -696,11 +680,7 @@ namespace BinaryObjectScanner.Packer
/// Get the version from the PE export directory table value combinations
/// </summary>
/// TODO: Research to see if the versions are embedded elsewhere in these files
#if NET48
private string GetPEExportDirectoryVersion(PortableExecutable pex)
#else
private string? GetPEExportDirectoryVersion(PortableExecutable pex)
#endif
{
string sfxFileName = pex.Model.ExportTable?.ExportDirectoryTable?.Name ?? string.Empty;
uint sfxTimeDateStamp = pex.Model.ExportTable?.ExportDirectoryTable?.TimeDateStamp ?? uint.MaxValue;
@@ -711,37 +691,23 @@ namespace BinaryObjectScanner.Packer
|| sfxFileName == "WZIPSE32.exe" || sfxFileName == "SI32LPG.SFX"
|| sfxFileName == "ST32E.WZE")
{
switch (sfxTimeDateStamp)
return sfxTimeDateStamp switch
{
case 842636344:
return "2.0 (32-bit)";
case 865370756:
return "2.1 RC2 (32-bit)";
case 869059925:
return "2.1 (32-bit)";
case 979049321:
return "2.2.4003";
case 1149714685:
return "3.0.7158";
case 1185211734:
return "3.1.7556";
case 1185211920:
return "3.1.7556";
case 1235490556:
return "4.0.8421";
case 1235490757:
return "4.0.8421";
case 1235490687:
return "4.0.8421"; // 3.1.8421.0, SI32LPG?
case 1257193383:
return "4.0.8672"; // 3.1.8672.0
case 1257193543:
return "4.0.8672";
case 1470410848:
return "4.0.12218"; // 4.0.1221.0
default:
return $"{assemblyVersion} (32-bit)";
}
842636344 => "2.0 (32-bit)",
865370756 => "2.1 RC2 (32-bit)",
869059925 => "2.1 (32-bit)",
979049321 => "2.2.4003",
1149714685 => "3.0.7158",
1185211734 => "3.1.7556",
1185211920 => "3.1.7556",
1235490556 => "4.0.8421",
1235490757 => "4.0.8421",
1235490687 => "4.0.8421",// 3.1.8421.0, SI32LPG?
1257193383 => "4.0.8672",// 3.1.8672.0
1257193543 => "4.0.8672",
1470410848 => "4.0.12218",// 4.0.1221.0
_ => $"{assemblyVersion} (32-bit)",
};
}
// Personal Edition
@@ -749,152 +715,90 @@ namespace BinaryObjectScanner.Packer
|| sfxFileName == "wzsepe32.exe" || sfxFileName == "SI32PE.SFX"
|| sfxFileName == "SI32LPE.SFX")
{
switch (sfxTimeDateStamp)
return sfxTimeDateStamp switch
{
case 845061601:
return "Personal Edition (32-bit)"; // TODO: Find version
case 868303343:
return "Personal Edition (32-bit)"; // TODO: Find version
case 868304170:
return "Personal Edition (32-bit)"; // TODO: Find version
case 906039079:
return "Personal Edition 2.2.1260 (32-bit)";
case 906040543:
return "Personal Edition 2.2.1260 (32-bit)";
case 908628435:
return "Personal Edition 2.2.1285 (32-bit)";
case 908628785:
return "Personal Edition 2.2.1285 (32-bit)";
case 956165981:
return "Personal Edition 2.2.3063";
case 956166038:
return "Personal Edition 2.2.3063";
case 1006353695:
return "Personal Edition 2.2.4325";
case 1006353714:
return "Personal Edition 2.2.4325"; // 8.1.0.0
case 1076515698:
return "Personal Edition 2.2.6028";
case 1076515784:
return "Personal Edition 2.2.6028"; // 9.0.6028.0
case 1092688561:
return "Personal Edition 2.2.6224";
case 1092688645:
return "Personal Edition 2.2.6224"; // 9.0.6224.0
case 1125074095:
return "Personal Edition 2.2.6604";
case 1125074162:
return "Personal Edition 2.2.6604"; // 10.0.6604.0
case 1130153399:
return "Personal Edition 2.2.6663";
case 1130153428:
return "Personal Edition 2.2.6663"; // 10.0.6663.0
case 1149714176:
return "Personal Edition 3.0.7158";
case 1163137967:
return "Personal Edition 3.0.7305";
case 1163137994:
return "Personal Edition 3.0.7313"; // 11.0.7313.0
case 1176345383:
return "Personal Edition 3.0.7452";
case 1176345423:
return "Personal Edition 3.1.7466"; // 11.1.7466.0
case 1184106698:
return "Personal Edition 3.1.7556";
case 1207280880:
return "Personal Edition 4.0.8060"; // 2.3.7382.0
case 1207280892:
return "Personal Edition 4.0.8094"; // 11.2.8094.0
case 1220904506:
return "Personal Edition 4.0.8213"; // 2.3.7382.0
case 1220904518:
return "Personal Edition 4.0.8252"; // 12.0.8252.0
case 1235490648:
return "Personal Edition 4.0.8421"; // 3.1.8421.0
case 1242049399:
return "Personal Edition 4.0.8497"; // 12.1.8497.0
case 1257193469:
return "Personal Edition 4.0.8672"; // 3.1.8672.0, SI32LPE?
default:
return $"Personal Edition {assemblyVersion} (32-bit)";
}
845061601 => "Personal Edition (32-bit)",// TODO: Find version
868303343 => "Personal Edition (32-bit)",// TODO: Find version
868304170 => "Personal Edition (32-bit)",// TODO: Find version
906039079 => "Personal Edition 2.2.1260 (32-bit)",
906040543 => "Personal Edition 2.2.1260 (32-bit)",
908628435 => "Personal Edition 2.2.1285 (32-bit)",
908628785 => "Personal Edition 2.2.1285 (32-bit)",
956165981 => "Personal Edition 2.2.3063",
956166038 => "Personal Edition 2.2.3063",
1006353695 => "Personal Edition 2.2.4325",
1006353714 => "Personal Edition 2.2.4325",// 8.1.0.0
1076515698 => "Personal Edition 2.2.6028",
1076515784 => "Personal Edition 2.2.6028",// 9.0.6028.0
1092688561 => "Personal Edition 2.2.6224",
1092688645 => "Personal Edition 2.2.6224",// 9.0.6224.0
1125074095 => "Personal Edition 2.2.6604",
1125074162 => "Personal Edition 2.2.6604",// 10.0.6604.0
1130153399 => "Personal Edition 2.2.6663",
1130153428 => "Personal Edition 2.2.6663",// 10.0.6663.0
1149714176 => "Personal Edition 3.0.7158",
1163137967 => "Personal Edition 3.0.7305",
1163137994 => "Personal Edition 3.0.7313",// 11.0.7313.0
1176345383 => "Personal Edition 3.0.7452",
1176345423 => "Personal Edition 3.1.7466",// 11.1.7466.0
1184106698 => "Personal Edition 3.1.7556",
1207280880 => "Personal Edition 4.0.8060",// 2.3.7382.0
1207280892 => "Personal Edition 4.0.8094",// 11.2.8094.0
1220904506 => "Personal Edition 4.0.8213",// 2.3.7382.0
1220904518 => "Personal Edition 4.0.8252",// 12.0.8252.0
1235490648 => "Personal Edition 4.0.8421",// 3.1.8421.0
1242049399 => "Personal Edition 4.0.8497",// 12.1.8497.0
1257193469 => "Personal Edition 4.0.8672",// 3.1.8672.0, SI32LPE?
_ => $"Personal Edition {assemblyVersion} (32-bit)",
};
}
// Software Installation
else if (sfxFileName == "VW95SRE.SFX" || sfxFileName == "SI32E.SFX"
|| sfxFileName == "SI32E.WZE")
{
switch (sfxTimeDateStamp)
return sfxTimeDateStamp switch
{
case 842636381:
return "Software Installation 2.0 (32-bit)";
case 865370800:
return "Software Installation 2.1 RC2 (32-bit)";
case 869059963:
return "Software Installation 2.1 (32-bit)";
case 893107697:
return "Software Installation 2.2.1110 (32-bit)";
case 952007369:
return "Software Installation 2.2.3063";
case 1006352634:
return "Software Installation 2.2.4325"; // +Personal Edition?
case 979049345:
return "Software Installation 2.2.4403";
case 1026227373:
return "Software Installation 2.2.5196"; // +Personal Edition?
case 1090582390:
return "Software Installation 2.2.6202"; // +Personal Edition?
case 1149714757:
return "Software Installation 3.0.7158";
case 1154357628:
return "Software Installation 3.0.7212";
case 1175234637:
return "Software Installation 3.0.7454";
case 1185211802:
return "Software Installation 3.1.7556";
case 1470410906:
return "Software Installation 4.0.12218"; // 4.0.1221.0
default:
return $"Software Installation {assemblyVersion} (32-bit)";
}
842636381 => "Software Installation 2.0 (32-bit)",
865370800 => "Software Installation 2.1 RC2 (32-bit)",
869059963 => "Software Installation 2.1 (32-bit)",
893107697 => "Software Installation 2.2.1110 (32-bit)",
952007369 => "Software Installation 2.2.3063",
1006352634 => "Software Installation 2.2.4325",// +Personal Edition?
979049345 => "Software Installation 2.2.4403",
1026227373 => "Software Installation 2.2.5196",// +Personal Edition?
1090582390 => "Software Installation 2.2.6202",// +Personal Edition?
1149714757 => "Software Installation 3.0.7158",
1154357628 => "Software Installation 3.0.7212",
1175234637 => "Software Installation 3.0.7454",
1185211802 => "Software Installation 3.1.7556",
1470410906 => "Software Installation 4.0.12218",// 4.0.1221.0
_ => $"Software Installation {assemblyVersion} (32-bit)",
};
}
switch (sfxFileName)
return sfxFileName switch
{
// Standard
case "VW95SE.SFX":
return "Unknown Version (32-bit)"; // TODO: Find starting version
case "ST32E.SFX":
return "Unknown Version (32-bit)"; // TODO: Find starting version
case "WZIPSE32.exe":
return "Unknown Version (32-bit)"; // TODO: Find starting version
case "SI32LPG.SFX":
return "Unknown Version (32-bit)"; // TODO: Find starting version
case "ST32E.WZE":
return "Unknown Version (32-bit)"; // TODO: Find starting version
"VW95SE.SFX" => "Unknown Version (32-bit)",// TODO: Find starting version
"ST32E.SFX" => "Unknown Version (32-bit)",// TODO: Find starting version
"WZIPSE32.exe" => "Unknown Version (32-bit)",// TODO: Find starting version
"SI32LPG.SFX" => "Unknown Version (32-bit)",// TODO: Find starting version
"ST32E.WZE" => "Unknown Version (32-bit)",// TODO: Find starting version
// Personal Edition
case "VW95LE.SFX":
return "Unknown Version before Personal Edition Build 1285 (32-bit)";
case "PE32E.SFX":
return "Unknown Version after Personal Edition Build 1285 (32-bit)";
case "wzsepe32.exe":
return "Unknown Version Personal Edition (32-bit)"; // TODO: Find starting version
case "SI32PE.SFX":
return "Unknown Version Personal Edition (32-bit)"; // TODO: Find starting version
case "SI32LPE.SFX":
return "Unknown Version Personal Edition (32-bit)"; // TODO: Find starting version
"VW95LE.SFX" => "Unknown Version before Personal Edition Build 1285 (32-bit)",
"PE32E.SFX" => "Unknown Version after Personal Edition Build 1285 (32-bit)",
"wzsepe32.exe" => "Unknown Version Personal Edition (32-bit)",// TODO: Find starting version
"SI32PE.SFX" => "Unknown Version Personal Edition (32-bit)",// TODO: Find starting version
"SI32LPE.SFX" => "Unknown Version Personal Edition (32-bit)",// TODO: Find starting version
// Software Installation
case "VW95SRE.SFX":
return "Unknown Version before Software Installation 2.1 (32-bit)";
case "SI32E.SFX":
return "Unknown Version after Software Installation 2.1 (32-bit)";
case "SI32E.WZE":
return "Unknown Version Software Installation (32-bit)"; // TODO: Find starting version
}
return null;
"VW95SRE.SFX" => "Unknown Version before Software Installation 2.1 (32-bit)",
"SI32E.SFX" => "Unknown Version after Software Installation 2.1 (32-bit)",
"SI32E.WZE" => "Unknown Version Software Installation (32-bit)",// TODO: Find starting version
_ => null,
};
}
}
}

36
BinaryObjectScanner/Packer/WiseInstaller.cs
View File

@@ -14,11 +14,7 @@ namespace BinaryObjectScanner.Packer
public class WiseInstaller : IExtractable, INewExecutableCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckNewExecutable(string file, NewExecutable nex, bool includeDebug)
#else
public string? CheckNewExecutable(string file, NewExecutable nex, bool includeDebug)
#endif
{
// If we match a known header
if (MatchesNEVersion(nex) != null)
@@ -34,21 +30,17 @@ namespace BinaryObjectScanner.Packer
var neMatchSets = new List<ContentMatchSet>
{
// WiseInst
new ContentMatchSet(new byte?[] { 0x57, 0x69, 0x73, 0x65, 0x49, 0x6E, 0x73, 0x74 }, "Wise Installation Wizard Module"),
new(new byte?[] { 0x57, 0x69, 0x73, 0x65, 0x49, 0x6E, 0x73, 0x74 }, "Wise Installation Wizard Module"),
// WiseMain
new ContentMatchSet(new byte?[] { 0x57, 0x69, 0x73, 0x65, 0x4D, 0x61, 0x69, 0x6E }, "Wise Installation Wizard Module"),
new(new byte?[] { 0x57, 0x69, 0x73, 0x65, 0x4D, 0x61, 0x69, 0x6E }, "Wise Installation Wizard Module"),
};
return MatchUtil.GetFirstMatch(file, data, neMatchSets, includeDebug);
}
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -81,11 +73,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -97,11 +85,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
try
{
@@ -129,11 +113,7 @@ namespace BinaryObjectScanner.Packer
/// </summary>
/// <param name="nex">New executable to check</param>
/// <returns>True if it matches a known version, false otherwise</returns>
#if NET48
private FormatProperty MatchesNEVersion(NewExecutable nex)
#else
private FormatProperty? MatchesNEVersion(NewExecutable nex)
#endif
{
// TODO: Offset is _not_ the EXE header address, rather where the data starts. Fix this.
switch (nex.Model.Stub?.Header?.NewExeHeaderAddr)
@@ -190,11 +170,7 @@ namespace BinaryObjectScanner.Packer
/// </summary>
/// <param name="pex">Portable executable to check</param>
/// <returns>True if it matches a known version, false otherwise</returns>
#if NET48
private FormatProperty GetPEFormat(PortableExecutable pex)
#else
private FormatProperty? GetPEFormat(PortableExecutable pex)
#endif
{
if (pex.OverlayAddress == 0x6e00
&& pex.GetFirstSection(".text")?.VirtualSize == 0x3cf4
@@ -241,11 +217,7 @@ namespace BinaryObjectScanner.Packer
/// <param name="file">Path to the input file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>True if it matches a known version, false otherwise</returns>
#if NET48
private string ExtractNewExecutable(NewExecutable nex, string file, bool includeDebug)
#else
private string? ExtractNewExecutable(NewExecutable nex, string file, bool includeDebug)
#endif
{
string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString());
Directory.CreateDirectory(tempPath);
@@ -284,11 +256,7 @@ namespace BinaryObjectScanner.Packer
/// <param name="file">Path to the input file</param>
/// <param name="includeDebug">True to include debug data, false otherwise</param>
/// <returns>True if it matches a known version, false otherwise</returns>
#if NET48
private string ExtractPortableExecutable(PortableExecutable pex, string file, bool includeDebug)
#else
private string? ExtractPortableExecutable(PortableExecutable pex, string file, bool includeDebug)
#endif
{
try
{

7
BinaryObjectScanner/Packer/_DUMMY.cs
View File

@@ -1,7 +0,0 @@
namespace BinaryObjectScanner.Packer
{
/// <summary>
/// This class exists for reflection purposes and should not be used
/// </summary>
public sealed class _DUMMY { }
}

12
BinaryObjectScanner/Packer/dotFuscator.cs
View File

@@ -10,11 +10,7 @@ namespace BinaryObjectScanner.Packer
public class dotFuscator : IExtractable, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -33,11 +29,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(string file, bool includeDebug)
#else
public string? Extract(string file, bool includeDebug)
#endif
{
if (!File.Exists(file))
return null;
@@ -49,11 +41,7 @@ namespace BinaryObjectScanner.Packer
}
/// <inheritdoc/>
#if NET48
public string Extract(Stream stream, string file, bool includeDebug)
#else
public string? Extract(Stream? stream, string file, bool includeDebug)
#endif
{
return null;
}

107
BinaryObjectScanner/Progress.cs Normal file
View File

@@ -0,0 +1,107 @@
#if NET20 || NET35 || NET40
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
using System.Threading;
using System.Diagnostics;
namespace System
{
/// <summary>
/// Provides an IProgress{T} that invokes callbacks for each reported progress value.
/// </summary>
/// <typeparam name="T">Specifies the type of the progress report value.</typeparam>
/// <remarks>
/// Any handler provided to the constructor or event handlers registered with
/// the <see cref="ProgressChanged"/> event are invoked through a
/// <see cref="SynchronizationContext"/> instance captured
/// when the instance is constructed. If there is no current SynchronizationContext
/// at the time of construction, the callbacks will be invoked on the ThreadPool.
/// </remarks>
/// <see href="https://github.com/dotnet/runtime/blob/main/src/libraries/System.Private.CoreLib/src/System/Progress.cs"/>
public class Progress<T> : IProgress<T> where T : EventArgs
{
/// <summary>The synchronization context captured upon construction. This will never be null.</summary>
private readonly SynchronizationContext _synchronizationContext;
/// <summary>The handler specified to the constructor. This may be null.</summary>
private readonly Action<T>? _handler;
/// <summary>A cached delegate used to post invocation to the synchronization context.</summary>
private readonly SendOrPostCallback _invokeHandlers;
/// <summary>Initializes the <see cref="Progress{T}"/>.</summary>
public Progress()
{
// Capture the current synchronization context.
// If there is no current context, we use a default instance targeting the ThreadPool.
_synchronizationContext = SynchronizationContext.Current ?? ProgressStatics.DefaultContext;
Debug.Assert(_synchronizationContext != null);
_invokeHandlers = new SendOrPostCallback(InvokeHandlers);
}
/// <summary>Initializes the <see cref="Progress{T}"/> with the specified callback.</summary>
/// <param name="handler">
/// A handler to invoke for each reported progress value. This handler will be invoked
/// in addition to any delegates registered with the <see cref="ProgressChanged"/> event.
/// Depending on the <see cref="SynchronizationContext"/> instance captured by
/// the <see cref="Progress{T}"/> at construction, it's possible that this handler instance
/// could be invoked concurrently with itself.
/// </param>
/// <exception cref="ArgumentNullException">The <paramref name="handler"/> is null (<see langword="Nothing" /> in Visual Basic).</exception>
public Progress(Action<T> handler) : this()
{
_handler = handler ?? throw new ArgumentNullException(nameof(handler));
}
/// <summary>Raised for each reported progress value.</summary>
/// <remarks>
/// Handlers registered with this event will be invoked on the
/// <see cref="SynchronizationContext"/> captured when the instance was constructed.
/// </remarks>
public event EventHandler<T>? ProgressChanged;
/// <summary>Reports a progress change.</summary>
/// <param name="value">The value of the updated progress.</param>
protected virtual void OnReport(T value)
{
// If there's no handler, don't bother going through the sync context.
// Inside the callback, we'll need to check again, in case
// an event handler is removed between now and then.
Action<T>? handler = _handler;
EventHandler<T>? changedEvent = ProgressChanged;
if (handler != null || changedEvent != null)
{
// Post the processing to the sync context.
// (If T is a value type, it will get boxed here.)
_synchronizationContext.Post(_invokeHandlers, value);
}
}
/// <summary>Reports a progress change.</summary>
/// <param name="value">The value of the updated progress.</param>
void IProgress<T>.Report(T value) { OnReport(value); }
/// <summary>Invokes the action and event callbacks.</summary>
/// <param name="state">The progress value.</param>
private void InvokeHandlers(object? state)
{
T value = (T)state!;
Action<T>? handler = _handler;
EventHandler<T>? changedEvent = ProgressChanged;
handler?.Invoke(value);
changedEvent?.Invoke(this, value);
}
}
/// <summary>Holds static values for <see cref="Progress{T}"/>.</summary>
/// <remarks>This avoids one static instance per type T.</remarks>
internal static class ProgressStatics
{
/// <summary>A default synchronization context that targets the ThreadPool.</summary>
internal static readonly SynchronizationContext DefaultContext = new();
}
}
#endif

10
BinaryObjectScanner/Protection/ActiveMARK.cs
View File

@@ -11,11 +11,7 @@ namespace BinaryObjectScanner.Protection
public class ActiveMARK : IContentCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
#else
public string? CheckContents(string file, byte[] fileContent, bool includeDebug)
#endif
{
// TODO: Obtain a sample to find where this string is in a typical executable
if (includeDebug)
@@ -23,7 +19,7 @@ namespace BinaryObjectScanner.Protection
var contentMatchSets = new List<ContentMatchSet>
{
// " " + (char)0xC2 + (char)0x16 + (char)0x00 + (char)0xA8 + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0xB8 + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0x86 + (char)0xC8 + (char)0x16 + (char)0x00 + (char)0x9A + (char)0xC1 + (char)0x16 + (char)0x00 + (char)0x10 + (char)0xC2 + (char)0x16 + (char)0x00
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x20, 0xC2, 0x16, 0x00, 0xA8, 0xC1, 0x16, 0x00,
0xB8, 0xC1, 0x16, 0x00, 0x86, 0xC8, 0x16, 0x00,
@@ -38,11 +34,7 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;

34
BinaryObjectScanner/Protection/AegiSoft.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
@@ -20,11 +22,7 @@ namespace BinaryObjectScanner.Protection
public class AegiSoft : IPathCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -55,7 +53,7 @@ namespace BinaryObjectScanner.Protection
{
// Found in "Asc001.dll", "Asc002.dll", "Asc003.dll", "Asc005.dll", "Asc006.exe", and "AscLM.cpl" (Redump entry 73521/IA item "Nova_HoyleCasino99USA").
// ÿÿÿÿ\\.\ASCLM
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0xFF, 0xFF, 0xFF, 0xFF, 0x5C, 0x5C, 0x2E, 0x5C,
0x41, 0x53, 0x43, 0x4C, 0x4D
@@ -63,7 +61,7 @@ namespace BinaryObjectScanner.Protection
};
var match = MatchUtil.GetFirstMatch(file, dataSectionRaw, matchers, includeDebug);
if (!string.IsNullOrWhiteSpace(match))
if (!string.IsNullOrEmpty(match))
return match;
}
@@ -71,8 +69,8 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -80,30 +78,26 @@ namespace BinaryObjectScanner.Protection
var matchers = new List<PathMatchSet>
{
// Found in Redump entry 73521/IA item "Nova_HoyleCasino99USA".
new PathMatchSet(new PathMatch("AscLM.cpl", useEndsWith: true), "AegiSoft License Manager"),
new PathMatchSet(new PathMatch("AscLM.vxd", useEndsWith: true), "AegiSoft License Manager"),
new PathMatchSet(new PathMatch("AscLMd.vxd", useEndsWith: true), "AegiSoft License Manager"),
new(new FilePathMatch("AscLM.cpl"), "AegiSoft License Manager"),
new(new FilePathMatch("AscLM.vxd"), "AegiSoft License Manager"),
new(new FilePathMatch("AscLMd.vxd"), "AegiSoft License Manager"),
// There are a few other files present, but the file names on their own may be too overmatching. Due to the small sample size, it's not sure if these files are always present together.
// These files are "Asc001.dll", "Asc002.dll", "Asc003.dll", "Asc005.dll", and "Asc006.exe" (Found in Redump entry 73521/IA item "Nova_HoyleCasino99USA").
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
// Found in Redump entry 73521/IA item "Nova_HoyleCasino99USA".
new PathMatchSet(new PathMatch("AscLM.cpl", useEndsWith: true), "AegiSoft License Manager"),
new PathMatchSet(new PathMatch("AscLM.vxd", useEndsWith: true), "AegiSoft License Manager"),
new PathMatchSet(new PathMatch("AscLMd.vxd", useEndsWith: true), "AegiSoft License Manager"),
new(new FilePathMatch("AscLM.cpl"), "AegiSoft License Manager"),
new(new FilePathMatch("AscLM.vxd"), "AegiSoft License Manager"),
new(new FilePathMatch("AscLMd.vxd"), "AegiSoft License Manager"),
// There are a few other files present, but the file names on their own may be too overmatching. Due to the small sample size, it's not sure if these files are always present together.
// These files are "Asc001.dll", "Asc002.dll", "Asc003.dll", "Asc005.dll", and "Asc006.exe" (Found in Redump entry 73521/IA item "Nova_HoyleCasino99USA").

18
BinaryObjectScanner/Protection/AlphaDVD.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
@@ -16,30 +18,26 @@ namespace BinaryObjectScanner.Protection
public class AlphaDVD : IPathCheck
{
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("PlayDVD.exe", useEndsWith: true), "Alpha-DVD (Unconfirmed - Please report to us on Github)"),
new(new FilePathMatch("PlayDVD.exe"), "Alpha-DVD (Unconfirmed - Please report to us on Github)"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("PlayDVD.exe", useEndsWith: true), "Alpha-DVD (Unconfirmed - Please report to us on Github"),
new(new FilePathMatch("PlayDVD.exe"), "Alpha-DVD (Unconfirmed - Please report to us on Github"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

4
BinaryObjectScanner/Protection/AlphaROM.cs
View File

@@ -44,11 +44,7 @@ namespace BinaryObjectScanner.Protection
public class AlphaROM : IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// TODO: Add support for detecting Alpha-ROM found in older games made with the RealLive engine.
// TODO: Add version detection for Alpha-ROM.

28
BinaryObjectScanner/Protection/Bitpool.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
@@ -13,23 +15,23 @@ namespace BinaryObjectScanner.Protection
public class Bitpool : IPathCheck
{
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("bitpool.rsc", useEndsWith: true), "Bitpool"),
new PathMatchSet(new FilePathMatch("CD.IDX"), "Bitpool"),
new(new FilePathMatch("bitpool.rsc"), "Bitpool"),
new(new FilePathMatch("CD.IDX"), "Bitpool"),
// Completely empty file present on multiple discs with Bitpool (Redump entries 52626 and 50229).
new PathMatchSet(new PathMatch("LEADOUT.OFS", useEndsWith: true), "Bitpool"),
new(new FilePathMatch("LEADOUT.OFS"), "Bitpool"),
// A set of 4 identically sized (within the same game, not between games), corrupted/padded files present in several games (Redump entries 31782 and 35476).
// Both examples with only having the first letter uppercase and as the whole file name being uppercase have been seen.
new PathMatchSet(new List<PathMatch>
new(new List<PathMatch>
{
new FilePathMatch("Crc_a"),
new FilePathMatch("Crc_b"),
@@ -38,23 +40,19 @@ namespace BinaryObjectScanner.Protection
}, "Bitpool"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("bitpool.rsc", useEndsWith: true), "Bitpool"),
new PathMatchSet(new FilePathMatch("CD.IDX"), "Bitpool"),
new(new FilePathMatch("bitpool.rsc"), "Bitpool"),
new(new FilePathMatch("CD.IDX"), "Bitpool"),
// Completely empty file present on multiple discs with Bitpool (Redump entries 52626 and 50229).
new PathMatchSet(new PathMatch("LEADOUT.OFS", useEndsWith: true), "Bitpool"),
new(new FilePathMatch("LEADOUT.OFS"), "Bitpool"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

26
BinaryObjectScanner/Protection/ByteShield.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
@@ -41,11 +43,7 @@ namespace BinaryObjectScanner.Protection
public class ByteShield : IPortableExecutableCheck, IPathCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -134,8 +132,8 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -144,26 +142,22 @@ namespace BinaryObjectScanner.Protection
// Files with the ".bbz" extension are associated with ByteShield, but the extenstion is known to be used in other places as well.
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("Byteshield.dll", useEndsWith: true), "ByteShield Component Module"),
new PathMatchSet(new PathMatch("Byteshield.ini", useEndsWith: true), "ByteShield"),
new(new FilePathMatch("Byteshield.dll"), "ByteShield Component Module"),
new(new FilePathMatch("Byteshield.ini"), "ByteShield"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
// TODO: Investigate reference to "bbz650.tmp" in "Byteshield.dll" (Redump entry 6236)
// Files with the ".bbz" extension are associated with ByteShield, but the extenstion is known to be used in other places as well.
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("Byteshield.dll", useEndsWith: true), "ByteShield Component Module"),
new PathMatchSet(new PathMatch("Byteshield.ini", useEndsWith: true), "ByteShield"),
new(new FilePathMatch("Byteshield.dll"), "ByteShield Component Module"),
new(new FilePathMatch("Byteshield.ini"), "ByteShield"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

4
BinaryObjectScanner/Protection/CDCheck.cs
View File

@@ -6,11 +6,7 @@ namespace BinaryObjectScanner.Protection
public class CDCheck : IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;

64
BinaryObjectScanner/Protection/CDDVDCops.cs
View File

@@ -1,5 +1,7 @@
using System;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using System.Linq;
using System.Text;
@@ -67,11 +69,7 @@ namespace BinaryObjectScanner.Protection
{
// TODO: Investigate reference to "CD32COPS.DLL" in "WETFLIPP.QZ_" in IA item "Triada_Russian_DVD_Complete_Collection_of_Erotic_Games".
/// <inheritdoc/>
#if NET48
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
#else
public string? CheckContents(string file, byte[] fileContent, bool includeDebug)
#endif
{
// TODO: Obtain a sample to find where this string is in a typical executable
if (includeDebug)
@@ -80,14 +78,14 @@ namespace BinaryObjectScanner.Protection
{
// TODO: Remove from here once it's confirmed that no PE executables contain this string
// CD-Cops, ver.
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x43, 0x44, 0x2D, 0x43, 0x6F, 0x70, 0x73, 0x2C,
0x20, 0x20, 0x76, 0x65, 0x72, 0x2E, 0x20
}, GetVersion, "CD-Cops (Unconfirmed - Please report to us on Github)"),
// // DVD-Cops, ver.
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x44, 0x56, 0x44, 0x2D, 0x43, 0x6F, 0x70, 0x73,
0x2C, 0x20, 0x20, 0x76, 0x65, 0x72, 0x2E, 0x20
@@ -101,11 +99,7 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public string CheckNewExecutable(string file, NewExecutable nex, bool includeDebug)
#else
public string? CheckNewExecutable(string file, NewExecutable nex, bool includeDebug)
#endif
{
// TODO: Don't read entire file
var data = nex.ReadArbitraryRange();
@@ -117,7 +111,7 @@ namespace BinaryObjectScanner.Protection
{
// CD-Cops, ver.
// Found in "h3blade.exe" in Redump entry 85077.
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x43, 0x44, 0x2D, 0x43, 0x6F, 0x70, 0x73, 0x2C,
0x20, 0x20, 0x76, 0x65, 0x72, 0x2E, 0x20
@@ -149,11 +143,7 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -167,14 +157,14 @@ namespace BinaryObjectScanner.Protection
{
// WEBCOPS
// Found in "HyperBowl.C_S" in https://web.archive.org/web/20120616074941/http://icm.games.tucows.com/files2/HyperDemo-109a.exe.
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x57, 0x45, 0x42, 0x43, 0x4F, 0x50, 0x53
}, "WEB-Cops")
};
var match = MatchUtil.GetFirstMatch(file, pex.StubExecutableData, matchers, includeDebug);
if (!string.IsNullOrWhiteSpace(match))
if (!string.IsNullOrEmpty(match))
return match;
}
@@ -194,8 +184,8 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -207,23 +197,19 @@ namespace BinaryObjectScanner.Protection
// Presumably used to increase the amount of data written to the disc to allow DPM checking to be used for the protection. It's unknown if this file is used on any other protected discs.
// Found in Redump entry 84517.
new PathMatchSet(new PathMatch("CDCOPS.DLL", useEndsWith: true), "CD-Cops"),
new PathMatchSet(new PathMatch(".W_X", matchExact: true, useEndsWith: true), "CD/DVD-Cops"),
new PathMatchSet(new PathMatch(".QZ_", matchExact: true, useEndsWith: true), "CD/DVD-Cops"),
new(new PathMatch("CDCOPS.DLL", useEndsWith: true), "CD-Cops"),
new(new PathMatch(".W_X", matchExact: true, useEndsWith: true), "CD/DVD-Cops"),
new(new PathMatch(".QZ_", matchExact: true, useEndsWith: true), "CD/DVD-Cops"),
new PathMatchSet(new PathMatch(".GZ_", matchExact: true, useEndsWith: true), "CD-Cops (Unconfirmed - Please report to us on Github)"),
new PathMatchSet(new PathMatch(".Qz", matchExact: true, useEndsWith: true), "CD-Cops (Unconfirmed - Please report to us on Github)"),
new(new PathMatch(".GZ_", matchExact: true, useEndsWith: true), "CD-Cops (Unconfirmed - Please report to us on Github)"),
new(new PathMatch(".Qz", matchExact: true, useEndsWith: true), "CD-Cops (Unconfirmed - Please report to us on Github)"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
@@ -231,28 +217,30 @@ namespace BinaryObjectScanner.Protection
// Presumably used to increase the amount of data written to the disc to allow DPM checking to be used for the protection. It's unknown if this file is used on any other protected discs.
// Found in Redump entry 84517.
new PathMatchSet(new PathMatch("CDCOPS.DLL", useEndsWith: true), "CD-Cops"),
new PathMatchSet(new PathMatch(".W_X", matchExact: true, useEndsWith: true), "CD/DVD-Cops"),
new PathMatchSet(new PathMatch(".QZ_", matchExact: true, useEndsWith: true), "CD/DVD-Cops"),
new(new PathMatch("CDCOPS.DLL", useEndsWith: true), "CD-Cops"),
new(new PathMatch(".W_X", matchExact: true, useEndsWith: true), "CD/DVD-Cops"),
new(new PathMatch(".QZ_", matchExact: true, useEndsWith: true), "CD/DVD-Cops"),
new PathMatchSet(new PathMatch(".GZ_", matchExact: true, useEndsWith: true), "CD-Cops (Unconfirmed - Please report to us on Github)"),
new PathMatchSet(new PathMatch(".Qz", matchExact: true, useEndsWith: true), "CD-Cops (Unconfirmed - Please report to us on Github)"),
new(new PathMatch(".GZ_", matchExact: true, useEndsWith: true), "CD-Cops (Unconfirmed - Please report to us on Github)"),
new(new PathMatch(".Qz", matchExact: true, useEndsWith: true), "CD-Cops (Unconfirmed - Please report to us on Github)"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);
}
#if NET48
public static string GetVersion(string file, byte[] fileContent, List<int> positions)
#else
public static string? GetVersion(string file, byte[]? fileContent, List<int> positions)
#endif
{
// If we have no content
if (fileContent == null)
return null;
#if NET20 || NET35 || NET40
byte[] versionBytes = new byte[4];
Array.Copy(fileContent, positions[0] + 15, versionBytes, 0, 4);
char[] version = versionBytes.Select(b => (char)b).ToArray();
#else
char[] version = new ArraySegment<byte>(fileContent, positions[0] + 15, 4).Select(b => (char)b).ToArray();
#endif
if (version[0] == 0x00)
return string.Empty;

20
BinaryObjectScanner/Protection/CDGuard.cs
View File

@@ -1,5 +1,7 @@
using System;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
@@ -24,11 +26,7 @@ namespace BinaryObjectScanner.Protection
public class CDGuard : IPathCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -59,8 +57,8 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -68,23 +66,19 @@ namespace BinaryObjectScanner.Protection
var matchers = new List<PathMatchSet>
{
// Found in Redump entry 97142.
new PathMatchSet(new PathMatch("cdguard.dll", useEndsWith: true), "CD-Guard Copy Protection System"),
new(new FilePathMatch("cdguard.dll"), "CD-Guard Copy Protection System"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
// Found in Redump entry 97142.
new PathMatchSet(new PathMatch("cdguard.dll", useEndsWith: true), "CD-Guard Copy Protection System"),
new(new FilePathMatch("cdguard.dll"), "CD-Guard Copy Protection System"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

4
BinaryObjectScanner/Protection/CDKey.cs
View File

@@ -7,11 +7,7 @@ namespace BinaryObjectScanner.Protection
public class CDKey : IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;

26
BinaryObjectScanner/Protection/CDLock.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
@@ -27,11 +29,7 @@ namespace BinaryObjectScanner.Protection
public class CDLock : IPathCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -47,7 +45,7 @@ namespace BinaryObjectScanner.Protection
// Found in game executables protected with CD-Lock (Redump entries 24287 and 31615).
// TODO: Check for possible false postives (Redump entry 97942).
// 2 + (char)0xF2 + (char)0x02 + (char)0x82 + (char)0xC3 + (char)0xBC + (char)0x0B + $ + (char)0x99 + (char)0xAD + 'C + (char)0xE4 + (char)0x9D + st + (char)0x99 + (char)0xFA + 2$ + (char)0x9D + )4 + (char)0xFF + t
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x32, 0xF2, 0x02, 0x82, 0xC3, 0xBC, 0x0B, 0x24,
0x99, 0xAD, 0x27, 0x43, 0xE4, 0x9D, 0x73, 0x74,
@@ -57,7 +55,7 @@ namespace BinaryObjectScanner.Protection
};
var match = MatchUtil.GetFirstMatch(file, dataSectionRaw, matchers, includeDebug);
if (!string.IsNullOrWhiteSpace(match))
if (!string.IsNullOrEmpty(match))
return match;
}
@@ -65,8 +63,8 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -76,27 +74,23 @@ namespace BinaryObjectScanner.Protection
// TODO: Determine if there's any consistency in the naming of the additional AFP files.
// Found in every confirmed sample of CD-Lock, generally (but not always) appears to include markers relating to the additional AFP files present (Redump entries 24287 and 31615).
new PathMatchSet(new PathMatch("CONFIG.AFP", useEndsWith: true), "CD-Lock"),
new(new PathMatch("CONFIG.AFP", useEndsWith: true), "CD-Lock"),
// There is also a "$$$$$$$$.$$$" file present on some discs, but it isn't known if this is directly related to CD-Lock (Redump entries 37788 and 43221).
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
// TODO: Determine if there's any consistency in the naming of the additional AFP files.
// Found in every confirmed sample of CD-Lock, generally (but not always) appears to include markers relating to the additional AFP files present (Redump entries 24287 and 31615).
new PathMatchSet(new PathMatch("CONFIG.AFP", useEndsWith: true), "CD-Lock"),
new(new PathMatch("CONFIG.AFP", useEndsWith: true), "CD-Lock"),
// There is also a "$$$$$$$$.$$$" file present on some discs, but it isn't known if this is directly related to CD-Lock (Redump entries 37788 and 43221).
};

34
BinaryObjectScanner/Protection/CDProtector.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
@@ -17,8 +19,8 @@ namespace BinaryObjectScanner.Protection
public class CDProtector : IPathCheck
{
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -30,24 +32,20 @@ namespace BinaryObjectScanner.Protection
// "_cdp32.dat" is actually an archive that contains the original executable.
// Another EXE is created, with the name of the original executable. I'm not sure what this executable does, but it appears to be compressed with NeoLite.
// TODO: Invesitage if this EXE itself can be detected in any way.
new PathMatchSet(new PathMatch("_cdp16.dat", useEndsWith: true), "CD-Protector"),
new PathMatchSet(new PathMatch("_cdp16.dll", useEndsWith: true), "CD-Protector"),
new PathMatchSet(new PathMatch("_cdp32.dat", useEndsWith: true), "CD-Protector"),
new PathMatchSet(new PathMatch("_cdp32.dll", useEndsWith: true), "CD-Protector"),
new(new FilePathMatch("_cdp16.dat"), "CD-Protector"),
new(new FilePathMatch("_cdp16.dll"), "CD-Protector"),
new(new FilePathMatch("_cdp32.dat"), "CD-Protector"),
new(new FilePathMatch("_cdp32.dll"), "CD-Protector"),
// This is the "Phantom Trax" file generated by CD-Protector, intended to be burned to a protected CD as an audio track.
new PathMatchSet(new PathMatch("Track#1 - Track#2 Cd-Protector.wav", useEndsWith: true), "CD-Protector"),
new(new FilePathMatch("Track#1 - Track#2 Cd-Protector.wav"), "CD-Protector"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
@@ -56,13 +54,13 @@ namespace BinaryObjectScanner.Protection
// "_cdp32.dat" is actually an archive that contains the original executable.
// Another EXE is created, with the name of the original executable. I'm not sure what this executable does, but it appears to be compressed with NeoLite.
// TODO: Invesitage if this EXE itself can be detected in any way.
new PathMatchSet(new PathMatch("_cdp16.dat", useEndsWith: true), "CD-Protector"),
new PathMatchSet(new PathMatch("_cdp16.dll", useEndsWith: true), "CD-Protector"),
new PathMatchSet(new PathMatch("_cdp32.dat", useEndsWith: true), "CD-Protector"),
new PathMatchSet(new PathMatch("_cdp32.dll", useEndsWith: true), "CD-Protector"),
new(new FilePathMatch("_cdp16.dat"), "CD-Protector"),
new(new FilePathMatch("_cdp16.dll"), "CD-Protector"),
new(new FilePathMatch("_cdp32.dat"), "CD-Protector"),
new(new FilePathMatch("_cdp32.dll"), "CD-Protector"),
// This is the "Phantom Trax" file generated by CD-Protector, intended to be burned to a protected CD as an audio track.
new PathMatchSet(new PathMatch("Track#1 - Track#2 Cd-Protector.wav", useEndsWith: true), "CD-Protector"),
new(new FilePathMatch("Track#1 - Track#2 Cd-Protector.wav"), "CD-Protector"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

4
BinaryObjectScanner/Protection/CDSHiELDSE.cs
View File

@@ -8,11 +8,7 @@ namespace BinaryObjectScanner.Protection
public class CDSHiELDSE : IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;

26
BinaryObjectScanner/Protection/CDX.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
@@ -8,8 +10,8 @@ namespace BinaryObjectScanner.Protection
public class CDX : IPathCheck
{
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -17,26 +19,22 @@ namespace BinaryObjectScanner.Protection
// TODO: Verify if these are OR or AND
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("CHKCDX16.DLL", useEndsWith: true), "CD-X (Unconfirmed - Please report to us on Github)"),
new PathMatchSet(new PathMatch("CHKCDX32.DLL", useEndsWith: true), "CD-X (Unconfirmed - Please report to us on Github)"),
new PathMatchSet(new PathMatch("CHKCDXNT.DLL", useEndsWith: true), "CD-X (Unconfirmed - Please report to us on Github)"),
new(new FilePathMatch("CHKCDX16.DLL"), "CD-X (Unconfirmed - Please report to us on Github)"),
new(new FilePathMatch("CHKCDX32.DLL"), "CD-X (Unconfirmed - Please report to us on Github)"),
new(new FilePathMatch("CHKCDXNT.DLL"), "CD-X (Unconfirmed - Please report to us on Github)"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("CHKCDX16.DLL", useEndsWith: true), "CD-X (Unconfirmed - Please report to us on Github)"),
new PathMatchSet(new PathMatch("CHKCDX32.DLL", useEndsWith: true), "CD-X (Unconfirmed - Please report to us on Github)"),
new PathMatchSet(new PathMatch("CHKCDXNT.DLL", useEndsWith: true), "CD-X (Unconfirmed - Please report to us on Github)"),
new(new FilePathMatch("CHKCDX16.DLL"), "CD-X (Unconfirmed - Please report to us on Github)"),
new(new FilePathMatch("CHKCDX32.DLL"), "CD-X (Unconfirmed - Please report to us on Github)"),
new(new FilePathMatch("CHKCDXNT.DLL"), "CD-X (Unconfirmed - Please report to us on Github)"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

8
BinaryObjectScanner/Protection/CactusDataShield.cs
View File

@@ -8,11 +8,7 @@ namespace BinaryObjectScanner.Protection
public class CactusDataShield : IContentCheck
{
/// <inheritdoc/>
#if NET48
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
#else
public string? CheckContents(string file, byte[] fileContent, bool includeDebug)
#endif
{
// TODO: Limit these checks to Mac binaries
// TODO: Obtain a sample to find where this string is in a typical executable
@@ -21,10 +17,10 @@ namespace BinaryObjectScanner.Protection
var contentMatchSets = new List<ContentMatchSet>
{
// CDSPlayer
new ContentMatchSet(new byte?[] { 0x43, 0x44, 0x53, 0x50, 0x6C, 0x61, 0x79, 0x65, 0x72 }, "Cactus Data Shield 200"),
new(new byte?[] { 0x43, 0x44, 0x53, 0x50, 0x6C, 0x61, 0x79, 0x65, 0x72 }, "Cactus Data Shield 200"),
// yucca.cds
new ContentMatchSet(new byte?[] { 0x79, 0x75, 0x63, 0x63, 0x61, 0x2E, 0x63, 0x64, 0x73 }, "Cactus Data Shield 200"),
new(new byte?[] { 0x79, 0x75, 0x63, 0x63, 0x61, 0x2E, 0x63, 0x64, 0x73 }, "Cactus Data Shield 200"),
};
if (contentMatchSets != null && contentMatchSets.Any())

20
BinaryObjectScanner/Protection/CenegaProtectDVD.cs
View File

@@ -1,5 +1,7 @@
using System;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
@@ -15,11 +17,7 @@ namespace BinaryObjectScanner.Protection
public class CengaProtectDVD : IPathCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -57,8 +55,8 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -67,24 +65,20 @@ namespace BinaryObjectScanner.Protection
{
// Seems likely to be present in most, if not all discs protected with Cenega ProtectDVD, but unable to confirm due to only having a small sample size.
// Found in Redump entry 31422 and IA item "speed-pack".
new PathMatchSet(new PathMatch("cenega.dll", useEndsWith: true), "Cenega ProtectDVD"),
new(new FilePathMatch("cenega.dll"), "Cenega ProtectDVD"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
// Seems likely to be present in most, if not all discs protected with Cenega ProtectDVD, but unable to confirm due to only having a small sample size.
// Found in Redump entry 31422 and IA item "speed-pack".
new PathMatchSet(new PathMatch("cenega.dll", useEndsWith: true), "Cenega ProtectDVD"),
new(new FilePathMatch("cenega.dll"), "Cenega ProtectDVD"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

34
BinaryObjectScanner/Protection/ChosenBytesCodeLock.cs
View File

@@ -1,5 +1,7 @@
using System;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
@@ -13,7 +15,7 @@ namespace BinaryObjectScanner.Protection
/// It requires the use of a registration code that is unique to each individual user (https://web.archive.org/web/20031210093259/http://www.chosenbytes.com/codemain.php).
/// As an advertising point, ChosenBytes apparently held a contest with a cash prize to see if a protected file could be cracked (https://web.archive.org/web/20031106163334/http://www.chosenbytes.com/challenge.php).
///
/// Previous versions of BurnOutSharp incorrectly reported this DRM as "CodeLock / CodeLok / CopyLok". It was later discovered that due to the similar names, two entirely different DRM were erroneously lumped together.
/// Previous versions of BinaryObjectScanner incorrectly reported this DRM as "CodeLock / CodeLok / CopyLok". It was later discovered that due to the similar names, two entirely different DRM were erroneously lumped together.
/// Not only is "CodeLok / CopyLok" an entirely separate form of DRM, but "CodeLock" (as opposed to "Code-Lock") appears to refer specifically to another unrelated DRM (https://web.archive.org/web/20031106033758/http://www.codelock.co.nz/).
/// Also not to be confused with https://www.youtube.com/watch?v=AHqdgk0uJyc.
///
@@ -23,11 +25,7 @@ namespace BinaryObjectScanner.Protection
public class ChosenBytesCodeLock : IPathCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -58,8 +56,8 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -67,29 +65,25 @@ namespace BinaryObjectScanner.Protection
var matchers = new List<PathMatchSet>
{
// Found in the installation directory of Code-Lock version 2.35.
new PathMatchSet(new PathMatch("Code-Lock.chm", useEndsWith: true), "ChosenBytes Code-Lock"),
new PathMatchSet(new PathMatch("Code-Lock.DEP", useEndsWith: true), "ChosenBytes Code-Lock"),
new PathMatchSet(new PathMatch("Code-Lock.ocx", useEndsWith: true), "ChosenBytes Code-Lock"),
new PathMatchSet(new PathMatch("Code-Lock Wizard.exe", useEndsWith: true), "ChosenBytes Code-Lock"),
new(new FilePathMatch("Code-Lock.chm"), "ChosenBytes Code-Lock"),
new(new FilePathMatch("Code-Lock.DEP"), "ChosenBytes Code-Lock"),
new(new FilePathMatch("Code-Lock.ocx"), "ChosenBytes Code-Lock"),
new(new FilePathMatch("Code-Lock Wizard.exe"), "ChosenBytes Code-Lock"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
// Found in the installation directory of Code-Lock version 2.35.
new PathMatchSet(new PathMatch("Code-Lock.chm", useEndsWith: true), "ChosenBytes Code-Lock"),
new PathMatchSet(new PathMatch("Code-Lock.DEP", useEndsWith: true), "ChosenBytes Code-Lock"),
new PathMatchSet(new PathMatch("Code-Lock.ocx", useEndsWith: true), "ChosenBytes Code-Lock"),
new PathMatchSet(new PathMatch("Code-Lock Wizard.exe", useEndsWith: true), "ChosenBytes Code-Lock"),
new(new FilePathMatch("Code-Lock.chm"), "ChosenBytes Code-Lock"),
new(new FilePathMatch("Code-Lock.DEP"), "ChosenBytes Code-Lock"),
new(new FilePathMatch("Code-Lock.ocx"), "ChosenBytes Code-Lock"),
new(new FilePathMatch("Code-Lock Wizard.exe"), "ChosenBytes Code-Lock"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

24
BinaryObjectScanner/Protection/CopyKiller.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
@@ -8,11 +10,7 @@ namespace BinaryObjectScanner.Protection
public class CopyKiller : IContentCheck, IPathCheck
{
/// <inheritdoc/>
#if NET48
public string CheckContents(string file, byte[] fileContent, bool includeDebug)
#else
public string? CheckContents(string file, byte[] fileContent, bool includeDebug)
#endif
{
// TODO: Obtain a sample to find where this string is in a typical executable
if (includeDebug)
@@ -20,7 +18,7 @@ namespace BinaryObjectScanner.Protection
var contentMatchSets = new List<ContentMatchSet>
{
// Tom Commander
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x54, 0x6F, 0x6D, 0x20, 0x43, 0x6F, 0x6D, 0x6D,
0x61, 0x6E, 0x64, 0x65, 0x72
@@ -34,8 +32,8 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -44,24 +42,20 @@ namespace BinaryObjectScanner.Protection
// TODO: Look into .PFF files as an indicator. At least one disc has those oversized files
var matchers = new List<PathMatchSet>
{
//new PathMatchSet(new PathMatch("Autorun.dat", useEndsWith: true), "CopyKiller"),
//new(new PathMatch("Autorun.dat", useEndsWith: true), "CopyKiller"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
// TODO: The following checks are overly broad and should be refined
// TODO: Look into .PFF files as an indicator. At least one disc has those oversized files
var matchers = new List<PathMatchSet>
{
//new PathMatchSet(new PathMatch("Autorun.dat", useEndsWith: true), "CopyKiller"),
//new(new PathMatch("Autorun.dat", useEndsWith: true), "CopyKiller"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

6
BinaryObjectScanner/Protection/CopyLok.cs
View File

@@ -14,7 +14,7 @@ namespace BinaryObjectScanner.Protection
/// At least one disc with CopyLok appears to contain an excerpt of the poem "Jabberwocky" by Lewis Carroll in the raw sector data (http://forum.redump.org/post/54050/#p54050).
/// According to the Readme for poxylok (https://gf.wiretarget.com/copylok.htm), some version of Gangsters 2 may have this protection.
///
/// Previous versions of BurnOutSharp incorrectly reported this DRM as "CodeLock / CodeLok / CopyLok". It was later discovered that due to the similar names, two entirely different DRM were erroneously lumped together.
/// Previous versions of BinaryObjectScanner incorrectly reported this DRM as "CodeLock / CodeLok / CopyLok". It was later discovered that due to the similar names, two entirely different DRM were erroneously lumped together.
/// "CodeLock" (in this case actually referring to "Code-Lock") is an entirely separate form of DRM, with the existing check now getting used separately.
/// Also not to be confused with https://en.wikipedia.org/wiki/Rob_Northen_copylock.
///
@@ -23,11 +23,7 @@ namespace BinaryObjectScanner.Protection
public class CopyLok : IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;

4
BinaryObjectScanner/Protection/CrypKey.cs
View File

@@ -10,11 +10,7 @@ namespace BinaryObjectScanner.Protection
public class CrypKey : IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;

6
BinaryObjectScanner/Protection/Cucko.cs
View File

@@ -12,11 +12,7 @@ namespace BinaryObjectScanner.Protection
public class Cucko : IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -33,7 +29,7 @@ namespace BinaryObjectScanner.Protection
{
// Confirmed to detect most examples known of Cucko. The only known exception is the version of "TSLHost.dll" included on Redump entry 36119.
// ŠU‰8...…™...ŠUŠ8T...
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x8A, 0x55, 0x89, 0x38, 0x14, 0x1E, 0x0F, 0x85,
0x99, 0x00, 0x00, 0x00, 0x8A, 0x55, 0x8A, 0x38,

18
BinaryObjectScanner/Protection/DVDCrypt.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
@@ -8,30 +10,26 @@ namespace BinaryObjectScanner.Protection
public class DVDCrypt : IPathCheck
{
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("DvdCrypt.pdb", useEndsWith: true), "DVD Crypt (Unconfirmed - Please report to us on Github)"),
new(new FilePathMatch("DvdCrypt.pdb"), "DVD Crypt (Unconfirmed - Please report to us on Github)"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
new PathMatchSet(new PathMatch("DvdCrypt.pdb", useEndsWith: true), "DVD Crypt (Unconfirmed - Please report to us on Github)"),
new(new FilePathMatch("DvdCrypt.pdb"), "DVD Crypt (Unconfirmed - Please report to us on Github)"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

20
BinaryObjectScanner/Protection/DVDMoviePROTECT.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using System.IO;
using System.Linq;
@@ -10,13 +12,17 @@ namespace BinaryObjectScanner.Protection
public class DVDMoviePROTECT : IPathCheck
{
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
{
#if NET20 || NET35
var protections = new Queue<string>();
#else
var protections = new ConcurrentQueue<string>();
#endif
if (files == null)
return protections;
@@ -25,11 +31,11 @@ namespace BinaryObjectScanner.Protection
string[] bupfiles = files.Where(s => s.EndsWith(".bup")).ToArray();
for (int i = 0; i < bupfiles.Length; i++)
{
FileInfo bupfile = new FileInfo(bupfiles[i]);
var bupfile = new FileInfo(bupfiles[i]);
if (bupfile.DirectoryName == null)
continue;
FileInfo ifofile = new FileInfo(Path.Combine(bupfile.DirectoryName, bupfile.Name.Substring(0, bupfile.Name.Length - bupfile.Extension.Length) + ".ifo"));
var ifofile = new FileInfo(Path.Combine(bupfile.DirectoryName, bupfile.Name.Substring(0, bupfile.Name.Length - bupfile.Extension.Length) + ".ifo"));
if (bupfile.Length != ifofile.Length)
{
protections.Enqueue("DVD-Movie-PROTECT (Unconfirmed - Please report to us on Github)");
@@ -42,11 +48,7 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
return null;
}

40
BinaryObjectScanner/Protection/Denuvo.cs
View File

@@ -1,5 +1,7 @@
using System;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
@@ -31,11 +33,7 @@ namespace BinaryObjectScanner.Protection
// https://www.pcgamingwiki.com/wiki/Denuvo#Redeem.exe
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -80,7 +78,7 @@ namespace BinaryObjectScanner.Protection
var timingMatchers = new List<ContentMatchSet>
{
// Denuvo Timing
new ContentMatchSet(
new(
new byte?[]
{
0x44, 0x65, 0x6E, 0x75, 0x76, 0x6F, 0x20, 0x54,
@@ -89,7 +87,7 @@ namespace BinaryObjectScanner.Protection
};
// TODO: Re-enable all Entry Point checks after implementing
// if (pex.ContainsSection(".arch") || pex.ContainsSection(".srdata") || !string.IsNullOrWhiteSpace(MatchUtil.GetFirstMatch(file, pex.EntryPointRaw, timingMatchers, includeDebug)))
// if (pex.ContainsSection(".arch") || pex.ContainsSection(".srdata") || !string.IsNullOrEmpty(MatchUtil.GetFirstMatch(file, pex.EntryPointRaw, timingMatchers, includeDebug)))
// {
// if (pex.OH_Magic == OptionalHeaderType.PE32Plus)
// {
@@ -162,7 +160,7 @@ namespace BinaryObjectScanner.Protection
// };
// var match = MatchUtil.GetFirstMatch(file, pex.EntryPointRaw, matchers, includeDebug);
// if (!string.IsNullOrWhiteSpace(match))
// if (!string.IsNullOrEmpty(match))
// return match;
// return "Denuvo (Unknown x64 Version)";
@@ -228,7 +226,7 @@ namespace BinaryObjectScanner.Protection
// };
// var match = MatchUtil.GetFirstMatch(file, pex.EntryPointRaw, matchers, includeDebug);
// if (!string.IsNullOrWhiteSpace(match))
// if (!string.IsNullOrEmpty(match))
// return match;
// //// Check if steam_api64.dll present
@@ -259,8 +257,8 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -270,35 +268,31 @@ namespace BinaryObjectScanner.Protection
// Found in Doom Eternal Update 1 (Steam Depot 782332, Manifest 7064393210727378308).
// These files are automatically installed into an "Denuvo Anti-Cheat" folder when the game is installed.
new PathMatchSet(new PathMatch("denuvo-anti-cheat.sys", useEndsWith: true), "Denuvo Anti-Cheat"),
new PathMatchSet(new PathMatch("denuvo-anti-cheat-update-service.exe", useEndsWith: true), "Denuvo Anti-Cheat"),
new PathMatchSet(new PathMatch("denuvo-anti-cheat-runtime.dll", useEndsWith: true), "Denuvo Anti-Cheat"),
new(new PathMatch("denuvo-anti-cheat.sys", useEndsWith: true), "Denuvo Anti-Cheat"),
new(new PathMatch("denuvo-anti-cheat-update-service.exe", useEndsWith: true), "Denuvo Anti-Cheat"),
new(new PathMatch("denuvo-anti-cheat-runtime.dll", useEndsWith: true), "Denuvo Anti-Cheat"),
// This file is a renamed copy of "denuvo-anti-cheat-update-service.exe" which is only seen in the folder of the main game executable after it has been run, but before Denuvo Anti-Cheat is finished installing.
new PathMatchSet(new PathMatch("Denuvo Anti-Cheat Installer.exe", useEndsWith: true), "Denuvo Anti-Cheat"),
new(new PathMatch("Denuvo Anti-Cheat Installer.exe", useEndsWith: true), "Denuvo Anti-Cheat"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: false);
return MatchUtil.GetAllMatches(files, matchers, any: false);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
// Found in Doom Eternal Update 1 (Steam Depot 782332, Manifest 7064393210727378308).
// These files are automatically installed into an "Denuvo Anti-Cheat" folder when the game is installed.
new PathMatchSet(new PathMatch("denuvo-anti-cheat.sys", useEndsWith: true), "Denuvo Anti-Cheat"),
new PathMatchSet(new PathMatch("denuvo-anti-cheat-update-service.exe", useEndsWith: true), "Denuvo Anti-Cheat"),
new PathMatchSet(new PathMatch("denuvo-anti-cheat-runtime.dll", useEndsWith: true), "Denuvo Anti-Cheat"),
new(new PathMatch("denuvo-anti-cheat.sys", useEndsWith: true), "Denuvo Anti-Cheat"),
new(new PathMatch("denuvo-anti-cheat-update-service.exe", useEndsWith: true), "Denuvo Anti-Cheat"),
new(new PathMatch("denuvo-anti-cheat-runtime.dll", useEndsWith: true), "Denuvo Anti-Cheat"),
// This file is a renamed copy of "denuvo-anti-cheat-update-service.exe" which is only seen in the folder of the main game executable after it has been run, but before Denuvo Anti-Cheat is finished installing.
new PathMatchSet(new PathMatch("Denuvo Anti-Cheat Installer.exe", useEndsWith: true), "Denuvo Anti-Cheat"),
new(new PathMatch("Denuvo Anti-Cheat Installer.exe", useEndsWith: true), "Denuvo Anti-Cheat"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

22
BinaryObjectScanner/Protection/DigiGuard.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using System.Linq;
using BinaryObjectScanner.Interfaces;
@@ -27,11 +29,7 @@ namespace BinaryObjectScanner.Protection
public class DigiGuard : IPathCheck, IPortableExecutableCheck
{
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -57,8 +55,8 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -66,25 +64,21 @@ namespace BinaryObjectScanner.Protection
var matchers = new List<PathMatchSet>
{
// Found in IA item "Nova_DellBigWIGDVD_USA"/Redump entry 108588.
new PathMatchSet(new FilePathMatch("DecryptWrap.exe"), "DigiGuard"),
new(new FilePathMatch("DecryptWrap.exe"), "DigiGuard"),
// There are at least two additional specifically named DecryptWrap files, "DecryptWrapTW2000.exe" and "DecryptWrapTW2KCode.exe" in IA item "Nova_DellBigWIGDVD_USA"/Redump entry 108588.
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
// Found in IA item "Nova_DellBigWIGDVD_USA"/Redump entry 108588.
new PathMatchSet(new FilePathMatch("DecryptWrap.exe"), "DigiGuard"),
new(new FilePathMatch("DecryptWrap.exe"), "DigiGuard"),
// There are at least two additional specifically named DecryptWrap files, "DecryptWrapTW2000.exe" and "DecryptWrapTW2KCode.exe" in IA item "Nova_DellBigWIGDVD_USA"/Redump entry 108588.
};

42
BinaryObjectScanner/Protection/DinamicMultimedia.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using System.IO;
using BinaryObjectScanner.Interfaces;
@@ -22,8 +24,8 @@ namespace BinaryObjectScanner.Protection
// https://www.gamecopyworld.com/games/pc_pc_calcio_2000.shtml
// https://www.gamecopyworld.com/games/pc_pc_futbol_2000.shtml
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -33,39 +35,35 @@ namespace BinaryObjectScanner.Protection
// Many more checks are likely possible based on the sources, but only ones that have been personally verified are getting added.
// Uncopyable files found in at least http://redump.org/disc/70531/, and likely in multiple others.
new PathMatchSet(new PathMatch(Path.Combine("XCONTROL", "COMPPLAY._01").Replace("\\", "/"), useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new PathMatchSet(new PathMatch(Path.Combine("XCONTROL", "LANDER.DA0").Replace("\\", "/"), useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new PathMatchSet(new PathMatch(Path.Combine("XCONTROL", "XSMGOP.DAP").Replace("\\", "/"), useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new PathMatchSet(new PathMatch(Path.Combine("XCONTROL", "XSMGOP.VBX").Replace("\\", "/"), useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch(Path.Combine("XCONTROL", "COMPPLAY._01").Replace("\\", "/"), useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch(Path.Combine("XCONTROL", "LANDER.DA0").Replace("\\", "/"), useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch(Path.Combine("XCONTROL", "XSMGOP.DAP").Replace("\\", "/"), useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch(Path.Combine("XCONTROL", "XSMGOP.VBX").Replace("\\", "/"), useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
// Copyable file found in http://redump.org/disc/70531/ that seems to be exclusively associated with the protection and other files that are part of the protection.
new PathMatchSet(new PathMatch(Path.Combine("XCONTROL", "COMPSCO._01").Replace("\\", "/"), useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch(Path.Combine("XCONTROL", "COMPSCO._01").Replace("\\", "/"), useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
// Many more checks are likely possible based on the sources, but only ones that have been personally verified are getting added.
// Uncopyable files found in at least http://redump.org/disc/70531/, and likely in multiple others.
new PathMatchSet(new PathMatch("2kscore.sc0", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new PathMatchSet(new PathMatch("arrcalc.obj", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new PathMatchSet(new PathMatch("bdrvisa.drv", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new PathMatchSet(new PathMatch("gprinter.dll", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new PathMatchSet(new PathMatch("hstadium.ipx", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new PathMatchSet(new PathMatch("omanager.odl", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new PathMatchSet(new PathMatch("opublic.001", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new PathMatchSet(new PathMatch("spland.sc0", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new PathMatchSet(new PathMatch("uqprime.ipx", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch("2kscore.sc0", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch("arrcalc.obj", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch("bdrvisa.drv", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch("gprinter.dll", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch("hstadium.ipx", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch("omanager.odl", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch("opublic.001", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch("spland.sc0", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
new(new PathMatch("uqprime.ipx", useEndsWith: true), "Dinamic Multimedia Protection/LockBlocks [Check disc for 2 physical rings]"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

64
BinaryObjectScanner/Protection/DiscGuard.cs
View File

@@ -1,5 +1,7 @@
using System;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using System.IO;
using System.Linq;
@@ -38,11 +40,7 @@ namespace BinaryObjectScanner.Protection
{
// TODO: Add checks for the game executables, which seem likely to contain some kind of indicators that can be checked for. The game executables all seem to import "Ord(1)" from one of the varying DLLs present.
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -86,7 +84,7 @@ namespace BinaryObjectScanner.Protection
{
// Found in "T29.dll" (Redump entry 31914).
// This check should be as long as the following check, as this data is nearly identical (including length) in the original files, but for some reason the section ends early, causing part of the remaining data to not be part of a section.
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x7B, 0x39, 0x8F, 0x07, 0x47, 0xE9, 0x96, 0x8C, 0xCA, 0xB2, 0x5C, 0x50,
0xC7, 0x5A, 0x18, 0xBD, 0x75, 0xB5, 0x68, 0x6A, 0x78, 0xB5, 0xCF, 0xF2,
@@ -104,7 +102,7 @@ namespace BinaryObjectScanner.Protection
}, GetVersion, "DiscGuard"),
// Found in "T5375.dll" (Redump entry 79284), "TD352.dll" and "TE091.dll" (Redump entry 46743), "T71E1.dll" and "T7181.dll" (Redump entry 46961), and "TA0E4.DLL" (Redump entry 79374).
new ContentMatchSet(new byte?[]
new(new byte?[]
{
0x7B, 0x39, 0x8F, 0x07, 0x45, 0xE9, 0x96, 0x8C, 0xCA, 0xB2, 0x5C, 0x50,
0xC7, 0x5A, 0x18, 0xBD, 0x75, 0xB5, 0x68, 0x6A, 0x78, 0xB5, 0xCF, 0xF2,
@@ -132,7 +130,7 @@ namespace BinaryObjectScanner.Protection
};
var match = MatchUtil.GetFirstMatch(file, vbnData, matchers, includeDebug);
if (!string.IsNullOrWhiteSpace(match))
if (!string.IsNullOrEmpty(match))
return match;
}
}
@@ -141,8 +139,8 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -150,45 +148,41 @@ namespace BinaryObjectScanner.Protection
var matchers = new List<PathMatchSet>
{
// Found together in seemingly every DiscGuard game (Redump entries 31914, 46743, 46961, 79284, and 79374).
new PathMatchSet(new List<PathMatch>
new(new List<PathMatch>
{
new PathMatch("IOSLINK.VXD", useEndsWith: true),
new PathMatch("IOSLINK.SYS", useEndsWith: true),
new FilePathMatch("IOSLINK.VXD"),
new FilePathMatch("IOSLINK.SYS"),
}, "DiscGuard"),
// Found together in one DiscGuard game (Redump entry 31914).
new PathMatchSet(new List<PathMatch>
new(new List<PathMatch>
{
new PathMatch("TTR1.DLL", useEndsWith: true),
new PathMatch("TTR2.DLL", useEndsWith: true),
new FilePathMatch("TTR1.DLL"),
new FilePathMatch("TTR2.DLL"),
}, "DiscGuard"),
// Found together in most DiscGuard games (Redump entries 46743, 46961, 79284, and 79374).
new PathMatchSet(new List<PathMatch>
new(new List<PathMatch>
{
new PathMatch("T111.DLL", useEndsWith: true),
new PathMatch("T222.DLL", useEndsWith: true),
new FilePathMatch("T111.DLL"),
new FilePathMatch("T222.DLL"),
}, "DiscGuard"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: false);
return MatchUtil.GetAllMatches(files, matchers, any: false);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
var matchers = new List<PathMatchSet>
{
// Found together in seemingly every DiscGuard game (Redump entries 31914, 46743, 46961, 79284, and 79374).
new PathMatchSet(new PathMatch("IOSLINK.VXD", useEndsWith: true), "DiscGuard"),
new PathMatchSet(new PathMatch("IOSLINK.SYS", useEndsWith: true), "DiscGuard"),
new(new FilePathMatch("IOSLINK.VXD"), "DiscGuard"),
new(new FilePathMatch("IOSLINK.SYS"), "DiscGuard"),
// IOSLINK.DLL doesn't seem to be present in any known samples, but a check for it was in the original BurnOut.
new PathMatchSet(new PathMatch("IOSLINK.DLL", useEndsWith: true), "DiscGuard (Unconfirmed check, report this to us on GitHub))"),
new(new FilePathMatch("IOSLINK.DLL"), "DiscGuard (Unconfirmed check, report this to us on GitHub))"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);
@@ -200,39 +194,33 @@ namespace BinaryObjectScanner.Protection
// Check the internal versions
var version = pex.GetInternalVersion();
if (!string.IsNullOrEmpty(version))
return version;
return version!;
return "(Unknown Version)";
}
/// <inheritdoc/>
#if NET48
private string GetVersion(string file, byte[] fileContent, List<int> positions)
#else
private string? GetVersion(string file, byte[]? fileContent, List<int> positions)
#endif
{
// If we have no content
if (fileContent == null)
return null;
// Check the internal versions
string version = GetInternalVersion(file, Array.Empty<string>());
string version = GetInternalVersion(file);
if (!string.IsNullOrEmpty(version))
return version;
return string.Empty;
}
private string GetInternalVersion(string firstMatchedString, IEnumerable<string> files)
private string GetInternalVersion(string firstMatchedString)
{
try
{
using (Stream fileStream = File.Open(firstMatchedString, FileMode.Open, FileAccess.Read, FileShare.Read))
{
var pex = PortableExecutable.Create(fileStream);
return pex?.GetInternalVersion() ?? string.Empty;
}
using Stream fileStream = File.Open(firstMatchedString, FileMode.Open, FileAccess.Read, FileShare.Read);
var pex = PortableExecutable.Create(fileStream);
return pex?.GetInternalVersion() ?? string.Empty;
}
catch
{

123
BinaryObjectScanner/Protection/EasyAntiCheat.cs
View File

@@ -1,4 +1,6 @@
using System.Collections.Concurrent;
#if NET40_OR_GREATER || NETCOREAPP
using System.Collections.Concurrent;
#endif
using System.Collections.Generic;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
@@ -22,11 +24,7 @@ namespace BinaryObjectScanner.Protection
{
// TODO: Add support for detecting older versions, especially versions made before Easy Anti-Cheat was purchased by Epic Games.
/// <inheritdoc/>
#if NET48
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#else
public string? CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
#endif
{
// Get the sections from the executable, if possible
var sections = pex.Model.SectionTable;
@@ -35,17 +33,17 @@ namespace BinaryObjectScanner.Protection
var name = pex.FileDescription;
// Found in "VideoHorrorSociety.exe" ("Video Horror Society", Patch 1.0.70309, Steam).
if (!string.IsNullOrEmpty(name) && name.Contains("Easy Anti-Cheat Bootstrapper (EOS)"))
if (!string.IsNullOrEmpty(name) && name!.Contains("Easy Anti-Cheat Bootstrapper (EOS)"))
return "Easy Anti-Cheat (EOS Version)";
// Found in "EasyAntiCheat_EOS_Setup.exe" ("Video Horror Society", Patch 1.0.70309, Steam) and "EasyAntiCheat_EOS.exe", which is found installed in "Program Files (x86)\EasyAntiCheat_EOS".
else if (!string.IsNullOrEmpty(name) && name.Contains("Easy Anti-Cheat Service (EOS)"))
else if (!string.IsNullOrEmpty(name) && name!.Contains("Easy Anti-Cheat Service (EOS)"))
return "Easy Anti-Cheat (EOS Version)";
// These two generic checks are both general enough to detect the majority of files known to contain Easy Anti-Cheat, as well as specific enough to avoid false positives.
else if (!string.IsNullOrEmpty(name) && name.Contains("EasyAntiCheat"))
else if (!string.IsNullOrEmpty(name) && name!.Contains("EasyAntiCheat"))
return "Easy Anti-Cheat";
else if (!string.IsNullOrEmpty(name) && name.Contains("Easy Anti-Cheat"))
else if (!string.IsNullOrEmpty(name) && name!.Contains("Easy Anti-Cheat"))
return "Easy Anti-Cheat";
// For documentation, known exact File Descriptions and their associated files are listed below:
@@ -61,17 +59,17 @@ namespace BinaryObjectScanner.Protection
name = pex.ProductName;
// Found in multiple files, including "VideoHorrorSociety.exe" ("Video Horror Society", Patch 1.0.70309, Steam) and "start_protected_game.exe" ("VRChat", Version 2022.2.2p2, Oculus).
if (!string.IsNullOrEmpty(name) && name.Contains("Easy Anti-Cheat Bootstrapper (EOS)"))
if (!string.IsNullOrEmpty(name) && name!.Contains("Easy Anti-Cheat Bootstrapper (EOS)"))
return "Easy Anti-Cheat (EOS Version)";
// Found in multiple files, including "EasyAntiCheat_EOS_Setup.exe" ("Video Horror Society", Patch 1.0.70309, Steam; "VRChat", Version 2022.2.2p2, Oculus) and "EasyAntiCheat.exe", which is found installed in "Program Files (x86)\EasyAntiCheat_EOS".
else if (!string.IsNullOrEmpty(name) && name.Contains("Easy Anti-Cheat Service (EOS)"))
else if (!string.IsNullOrEmpty(name) && name!.Contains("Easy Anti-Cheat Service (EOS)"))
return "Easy Anti-Cheat (EOS Version)";
// These two generic checks are both general enough to detect the majority of files known to contain Easy Anti-Cheat, as well as specific enough to avoid false positives.
else if (!string.IsNullOrEmpty(name) && name.Contains("EasyAntiCheat"))
else if (!string.IsNullOrEmpty(name) && name!.Contains("EasyAntiCheat"))
return "Easy Anti-Cheat";
else if (!string.IsNullOrEmpty(name) && name.Contains("Easy Anti-Cheat"))
else if (!string.IsNullOrEmpty(name) && name!.Contains("Easy Anti-Cheat"))
return "Easy Anti-Cheat";
// For documentation, known exact Product Names and their associated files are listed below:
@@ -84,8 +82,8 @@ namespace BinaryObjectScanner.Protection
}
/// <inheritdoc/>
#if NET48
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string> files)
#if NET20 || NET35
public Queue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#else
public ConcurrentQueue<string> CheckDirectoryPath(string path, IEnumerable<string>? files)
#endif
@@ -94,92 +92,89 @@ namespace BinaryObjectScanner.Protection
var matchers = new List<PathMatchSet>
{
// Found installed in "Program Files (x86)\EasyAntiCheat".
new PathMatchSet(new PathMatch("EasyAntiCheat.exe", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheat.sys", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat.exe"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat.sys"), "Easy Anti-Cheat"),
// Found installed in "Program Files (x86)\EasyAntiCheat_EOS".
new PathMatchSet(new PathMatch("EasyAntiCheat_EOS.exe", useEndsWith: true), "Easy Anti-Cheat (EOS Version)"),
new PathMatchSet(new PathMatch("EasyAntiCheat_EOS.sys", useEndsWith: true), "Easy Anti-Cheat (EOS Version)"),
new(new FilePathMatch("EasyAntiCheat_EOS.exe"), "Easy Anti-Cheat (EOS Version)"),
new(new FilePathMatch("EasyAntiCheat_EOS.sys"), "Easy Anti-Cheat (EOS Version)"),
// Found installed in "AppData\Roaming\EasyAntiCheat".
new PathMatchSet(new PathMatch("easyanticheat_wow64_x64.eac", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("easyanticheat_wow64_x64.eac.metadata", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheatAnimation.png", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("easyanticheat_wow64_x64.eac"), "Easy Anti-Cheat"),
new(new FilePathMatch("easyanticheat_wow64_x64.eac.metadata"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheatAnimation.png"), "Easy Anti-Cheat"),
// Found in "Intruder" (Version 2287, Steam).
new PathMatchSet(new PathMatch("eac_server.dll", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("easyanticheat", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("easyanticheat.icns", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheat.Client.dll", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheat.Server.dll", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("eac_server.dll"), "Easy Anti-Cheat"),
new(new FilePathMatch("easyanticheat"), "Easy Anti-Cheat"),
new(new FilePathMatch("easyanticheat.icns"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat.Client.dll"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat.Server.dll"), "Easy Anti-Cheat"),
// Found in "Intruder" (Version 2287, Steam) and "Rec Room" (Version 20220803, Oculus).
new PathMatchSet(new PathMatch("EasyAntiCheat.dll", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheat_Setup.exe", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheat_x64.dll", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheat_x86.dll", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat.dll"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat_Setup.exe"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat_x64.dll"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat_x86.dll"), "Easy Anti-Cheat"),
// Found in "Video Horror Society" (Patch 1.0.70309, Steam).
new PathMatchSet(new PathMatch("EasyAntiCheat_EOS_Setup.exe", useEndsWith: true), "Easy Anti-Cheat (EOS Version)"),
new PathMatchSet(new PathMatch("InstallAntiCheat.bat", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("UninstallAntiCheat.bat", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat_EOS_Setup.exe"), "Easy Anti-Cheat (EOS Version)"),
new(new FilePathMatch("InstallAntiCheat.bat"), "Easy Anti-Cheat"),
new(new FilePathMatch("UninstallAntiCheat.bat"), "Easy Anti-Cheat"),
// Found in "VRChat" (Version 2022.2.2p2, Oculus).
new PathMatchSet(new PathMatch("start_protected_game.exe", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("start_protected_game.exe"), "Easy Anti-Cheat"),
// Found in "Apex Legends" (Build ID 12029216, Steam)
new PathMatchSet(new PathMatch("EasyAntiCheat_launcher.exe", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("easyanticheat_x64.so", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat_launcher.exe"), "Easy Anti-Cheat"),
new(new FilePathMatch("easyanticheat_x64.so"), "Easy Anti-Cheat"),
};
return MatchUtil.GetAllMatches(files ?? System.Array.Empty<string>(), matchers, any: true);
return MatchUtil.GetAllMatches(files, matchers, any: true);
}
/// <inheritdoc/>
#if NET48
public string CheckFilePath(string path)
#else
public string? CheckFilePath(string path)
#endif
{
// TODO: Search for the presence of the folder "EasyAntiCheat" specifically, which is present in every checked version so far.
var matchers = new List<PathMatchSet>
{
// Found installed in "Program Files (x86)\EasyAntiCheat".
new PathMatchSet(new PathMatch("EasyAntiCheat.exe", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheat.sys", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat.exe"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat.sys"), "Easy Anti-Cheat"),
// Found installed in "Program Files (x86)\EasyAntiCheat_EOS".
new PathMatchSet(new PathMatch("EasyAntiCheat_EOS.exe", useEndsWith: true), "Easy Anti-Cheat (EOS Version)"),
new PathMatchSet(new PathMatch("EasyAntiCheat_EOS.sys", useEndsWith: true), "Easy Anti-Cheat (EOS Version)"),
new(new FilePathMatch("EasyAntiCheat_EOS.exe"), "Easy Anti-Cheat (EOS Version)"),
new(new FilePathMatch("EasyAntiCheat_EOS.sys"), "Easy Anti-Cheat (EOS Version)"),
// Found installed in "AppData\Roaming\EasyAntiCheat".
new PathMatchSet(new PathMatch("easyanticheat_wow64_x64.eac", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("easyanticheat_wow64_x64.eac.metadata", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheatAnimation.png", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("easyanticheat_wow64_x64.eac"), "Easy Anti-Cheat"),
new(new FilePathMatch("easyanticheat_wow64_x64.eac.metadata"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheatAnimation.png"), "Easy Anti-Cheat"),
// Found in "Intruder" (Version 2287, Steam).
new PathMatchSet(new PathMatch("eac_server.dll", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("easyanticheat", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("easyanticheat.icns", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheat.Client.dll", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheat.Server.dll", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("eac_server.dll"), "Easy Anti-Cheat"),
new(new FilePathMatch("easyanticheat"), "Easy Anti-Cheat"),
new(new FilePathMatch("easyanticheat.icns"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat.Client.dll"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat.Server.dll"), "Easy Anti-Cheat"),
// Found in "Intruder" (Version 2287, Steam) and "Rec Room" (Version 20220803, Oculus).
new PathMatchSet(new PathMatch("EasyAntiCheat.dll", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheat_Setup.exe", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheat_x64.dll", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("EasyAntiCheat_x86.dll", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat.dll"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat_Setup.exe"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat_x64.dll"), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat_x86.dll"), "Easy Anti-Cheat"),
// Found in "Video Horror Society" (Patch 1.0.70309, Steam).
new PathMatchSet(new PathMatch("EasyAntiCheat_EOS_Setup.exe", useEndsWith: true), "Easy Anti-Cheat (EOS Version)"),
new PathMatchSet(new PathMatch("InstallAntiCheat.bat", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("UninstallAntiCheat.bat", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat_EOS_Setup.exe"), "Easy Anti-Cheat (EOS Version)"),
new(new FilePathMatch("InstallAntiCheat.bat"), "Easy Anti-Cheat"),
new(new FilePathMatch("UninstallAntiCheat.bat"), "Easy Anti-Cheat"),
// Found in "VRChat" (Version 2022.2.2p2, Oculus).
new PathMatchSet(new PathMatch("start_protected_game.exe", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("start_protected_game.exe"), "Easy Anti-Cheat"),
// Found in "Apex Legends" (Build ID 12029216, Steam)
new PathMatchSet(new PathMatch("EasyAntiCheat_launcher.exe", useEndsWith: true), "Easy Anti-Cheat"),
new PathMatchSet(new PathMatch("easyanticheat_x64.so", useEndsWith: true), "Easy Anti-Cheat"),
new(new FilePathMatch("EasyAntiCheat_launcher.exe"), "Easy Anti-Cheat"),
new(new FilePathMatch("easyanticheat_x64.so"), "Easy Anti-Cheat"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

Some files were not shown because too many files have changed in this diff Show More