SabreTools/BinaryObjectScanner
1
0
Fork 0
mirror of https://github.com/SabreTools/BinaryObjectScanner.git synced 2026-02-04 13:45:28 +00:00
Code Issues 295 Packages Projects Releases 20 Wiki Activity

Compare commits

base: SabreTools:3.3.1
Branches Tags
SabreTools:master
SabreTools:rolling SabreTools:3.5.0 SabreTools:3.4.6 SabreTools:3.4.5 SabreTools:3.4.4 SabreTools:3.4.3 SabreTools:3.4.2 SabreTools:3.4.1 SabreTools:3.4.0 SabreTools:3.3.4 SabreTools:3.3.3 SabreTools:3.3.2 SabreTools:3.3.1 SabreTools:3.3.0 SabreTools:3.2.3 SabreTools:3.2.2 SabreTools:3.2.1 SabreTools:3.2.0 SabreTools:3.1.16 SabreTools:3.1.15 SabreTools:3.1.14 SabreTools:3.1.13 SabreTools:3.1.12 SabreTools:3.1.11 SabreTools:3.1.10 SabreTools:3.1.9 SabreTools:3.1.8 SabreTools:3.1.7 SabreTools:3.1.6 SabreTools:3.1.5 SabreTools:3.1.4 SabreTools:3.1.3 SabreTools:3.1.2 SabreTools:3.1.1 SabreTools:3.1.0 SabreTools:3.0.2 SabreTools:3.0.1 SabreTools:3.0.0 SabreTools:2.9.0 SabreTools:2.8.0 SabreTools:2.7.0 SabreTools:2.6.0 SabreTools:2.5.0 SabreTools:2.3.4 SabreTools:2.3.3 SabreTools:2.3.2 SabreTools:2.3.1 SabreTools:2.3.0 SabreTools:2.1.0 SabreTools:2.0.0 SabreTools:1.8.0 SabreTools:1.7.0 SabreTools:1.6.1 SabreTools:1.6.0 SabreTools:1.5.1 SabreTools:1.5.0 SabreTools:1.4.1 SabreTools:1.4.0 SabreTools:1.03.9.1 SabreTools:1.03.9 SabreTools:1.03.8.2 SabreTools:1.03.8.1 SabreTools:1.03.8.0 SabreTools:1.03.7.1 SabreTools:1.03.5 SabreTools:1.03.7 SabreTools:1.03.6
...
compare: SabreTools:3.3.4
Branches Tags
SabreTools:master
SabreTools:rolling SabreTools:3.5.0 SabreTools:3.4.6 SabreTools:3.4.5 SabreTools:3.4.4 SabreTools:3.4.3 SabreTools:3.4.2 SabreTools:3.4.1 SabreTools:3.4.0 SabreTools:3.3.4 SabreTools:3.3.3 SabreTools:3.3.2 SabreTools:3.3.1 SabreTools:3.3.0 SabreTools:3.2.3 SabreTools:3.2.2 SabreTools:3.2.1 SabreTools:3.2.0 SabreTools:3.1.16 SabreTools:3.1.15 SabreTools:3.1.14 SabreTools:3.1.13 SabreTools:3.1.12 SabreTools:3.1.11 SabreTools:3.1.10 SabreTools:3.1.9 SabreTools:3.1.8 SabreTools:3.1.7 SabreTools:3.1.6 SabreTools:3.1.5 SabreTools:3.1.4 SabreTools:3.1.3 SabreTools:3.1.2 SabreTools:3.1.1 SabreTools:3.1.0 SabreTools:3.0.2 SabreTools:3.0.1 SabreTools:3.0.0 SabreTools:2.9.0 SabreTools:2.8.0 SabreTools:2.7.0 SabreTools:2.6.0 SabreTools:2.5.0 SabreTools:2.3.4 SabreTools:2.3.3 SabreTools:2.3.2 SabreTools:2.3.1 SabreTools:2.3.0 SabreTools:2.1.0 SabreTools:2.0.0 SabreTools:1.8.0 SabreTools:1.7.0 SabreTools:1.6.1 SabreTools:1.6.0 SabreTools:1.5.1 SabreTools:1.5.0 SabreTools:1.4.1 SabreTools:1.4.0 SabreTools:1.03.9.1 SabreTools:1.03.9 SabreTools:1.03.8.2 SabreTools:1.03.8.1 SabreTools:1.03.8.0 SabreTools:1.03.7.1 SabreTools:1.03.5 SabreTools:1.03.7 SabreTools:1.03.6

39 Commits
3.3.1 ... 3.3.4

Author SHA1 Message Date
Matt Nadareski
610078b47c Bump version 2024-12-31 13:25:24 -05:00
Matt Nadareski
ff450a9bcf Update Serialization to 1.8.6 2024-12-30 22:56:12 -05:00
TheRogueArchivist
6661c48428 Don't check files with ".srdata" section for Denuvo (#351) 
Prone to too many false positives.
 2024-12-30 22:16:55 -05:00
Matt Nadareski
f2a07fc088 Update copyright 2024-12-30 21:41:27 -05:00
Matt Nadareski
e34ea5faca Remove unnecessary action step 2024-12-30 21:40:52 -05:00
Matt Nadareski
11ed09caf2 Update Serialization to 1.8.5 2024-12-30 21:00:53 -05:00
HeroponRikiBestest
f5615d7713 Removed secondary ASPack 1.08.04 check due to false positives. (#350) 2024-12-30 20:32:35 -05:00
Matt Nadareski
2df4144f23 Add new SolidShield activation manager description (fixes #348) 2024-12-29 15:17:35 -05:00
HeroponRikiBestest
5f5dc7d0de Improve Hexalock detection slightly (#347) 
* Improve Hexalock detection via checking different known sections for mfint.dll

* Add sabre's suggestion

Improve code with sabre's code suggestion

Co-authored-by: Matt Nadareski <mnadareski@outlook.com>

* Add extra check for instances in UPX executables.

* Add newlines between if blocks.

---------

Co-authored-by: Matt Nadareski <mnadareski@outlook.com>
 2024-12-29 14:40:24 -05:00
TheRogueArchivist
d505707dee Add sources for SafeDisc 3 (#346) 
Add sources for SafeDisc 3, and add the corresponding clcd32.dll hashes
 2024-12-27 07:51:00 -05:00
Matt Nadareski
5e7342477a Ensure .NET versions are installed for testing 2024-12-19 10:54:47 -05:00
Matt Nadareski
35b1bb817e Add flag for SafeGetFiles 2024-12-19 00:02:53 -05:00
Matt Nadareski
73d7c5790e Bump version 2024-12-18 21:50:21 -05:00
Matt Nadareski
d81be84f58 Remove unnecessary complexity in publish scripts 2024-12-18 10:21:06 -05:00
Matt Nadareski
d6920bc1e2 Fix Wise detection slightly 2024-12-18 10:14:14 -05:00
Matt Nadareski
68d4eeef27 Update packages 2024-12-18 10:02:42 -05:00
Matt Nadareski
92c29610df Fix publishing executables 2024-12-18 09:56:57 -05:00
Matt Nadareski
24eddda72c Allow symbols to be packed 2024-12-18 09:54:01 -05:00
TheRogueArchivist
3257b59b27 Add SafeDisc 2.90.045 detections (#345) 2024-12-17 17:29:59 -05:00
Matt Nadareski
10c95f86b1 Add alternate signatures for PKZIP embedded 2024-12-17 00:57:57 -05:00
Matt Nadareski
269e01b7bf Move to native subfolder 2024-12-14 23:04:25 -05:00
Matt Nadareski
84f8a3e780 Update publish scripts for later 2024-12-14 22:49:26 -05:00
Matt Nadareski
fe74f1de82 Bump version 2024-12-14 22:41:24 -05:00
TheRogueArchivist
7b604a8bda Begin documentation of SafeDisc 2 sources (#342) 
* Begin documentation of SafeDisc 2 sources

Also add new clcd32 checks for SafeDisc2.

* Update comments through 2.40.011

(Almost) halfway there

* Update documentation through version 2.60.052

* Finish documenting SafeDisc 2 sources

This also removes any detections for "2.90.010" as this doesn't appear to be a legitimate version, and seems to have originated from a typo.
 2024-12-14 22:37:51 -05:00
Matt Nadareski
cde1a8931a Fix build script again, add MPQ to win-x64 2024-12-14 18:30:57 -05:00
Matt Nadareski
33c9da7cfe Attempt to fix packing of native DLLs 2024-12-14 17:45:17 -05:00
Matt Nadareski
944b0ce91b Redefine WIN constant to WINX86 2024-12-14 17:33:46 -05:00
Matt Nadareski
6f388102ee Fix MS-ZIP decompression in MS-CAB 2024-12-13 15:13:08 -05:00
Matt Nadareski
677f66f98d Fix MS-CAB writing 2024-12-13 14:58:25 -05:00
Matt Nadareski
8ff205843d Enable partial decompression of MS-ZIP on all platforms 2024-12-13 14:55:20 -05:00
Matt Nadareski
a781fffb39 Enable full BFPK extraction on all platforms 2024-12-13 14:19:12 -05:00
Matt Nadareski
f3267f7fcf Add CopyTo extenion for old .NET 2024-12-13 14:10:00 -05:00
Matt Nadareski
103ffc70bd Enable bz2 and gzip on all platforms 2024-12-13 14:07:08 -05:00
Matt Nadareski
f9b4e262f2 Update packages 2024-12-13 11:56:31 -05:00
Matt Nadareski
69f8d8cfdd Update Serialization to 1.8.2 2024-12-10 15:54:28 -05:00
Matt Nadareski
be69c52cfe Reduce unnecessary complexity 2024-12-10 13:11:31 -05:00
Matt Nadareski
6fdbdd9f09 Match versioned GFWL installers (fixes #343) 2024-12-08 21:59:13 -05:00
Matt Nadareski
e638b7b38a Remove PEiD ActiveMark checks 2024-12-08 21:54:22 -05:00
Matt Nadareski
750a43290c Use publish script and update README 2024-12-06 11:52:33 -05:00
54 changed files with 833 additions and 770 deletions
Expand all files Collapse all files

25
.github/workflows/build_nupkg.yml → .github/workflows/build_and_test.yml vendored
View File

@@ -1,4 +1,4 @@
name: Nuget Pack
name: Build and Test
on:
push:
@@ -16,31 +16,22 @@ jobs:
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: 9.0.x
dotnet-version: |
6.0.x
8.0.x
9.0.x
- name: Restore dependencies
run: dotnet restore
- name: Build library
run: dotnet build
- name: Run tests
run: dotnet test
- name: Pack
run: dotnet pack
- name: Upload build
uses: actions/upload-artifact@v4
with:
name: 'Nuget Package'
path: 'BinaryObjectScanner/bin/Release/*.nupkg'
- name: Run publish script
run: ./publish-nix.sh -d
- name: Upload to rolling
uses: ncipollo/release-action@v1.14.0
with:
allowUpdates: True
artifacts: 'BinaryObjectScanner/bin/Release/*.nupkg'
artifacts: "*.nupkg,*.snupkg,*.zip"
body: 'Last built commit: ${{ github.sha }}'
name: 'Rolling Release'
prerelease: True

55
.github/workflows/build_programs.yml vendored
View File

@@ -1,55 +0,0 @@
name: Build Programs
on:
push:
branches: [ "master" ]
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
project: [ExtractionTool, ProtectionScan]
runtime: [win-x86, win-x64, win-arm64, linux-x64, linux-arm64, osx-x64]
framework: [net9.0] #[net20, net35, net40, net452, net472, net48, netcoreapp3.1, net5.0, net6.0, net7.0, net8.0, net9.0]
conf: [Debug] #[Release, Debug]
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: 9.0.x
- name: Restore dependencies
run: dotnet restore
- name: Build
run: dotnet publish ${{ matrix.project }}/${{ matrix.project }}.csproj -f ${{ matrix.framework }} -r ${{ matrix.runtime }} -c ${{ matrix.conf == 'Release' && 'Release -p:DebugType=None -p:DebugSymbols=false' || 'Debug'}} --self-contained true --version-suffix ${{ github.sha }} ${{ (startsWith(matrix.framework, 'net5') || startsWith(matrix.framework, 'net6') || startsWith(matrix.framework, 'net7') || startsWith(matrix.framework, 'net8') || startsWith(matrix.framework, 'net9')) && '-p:PublishSingleFile=true' || ''}}
- name: Archive build
run: |
cd ${{ matrix.project }}/bin/Debug/${{ matrix.framework }}/${{ matrix.runtime }}/publish/
zip -r ${{ github.workspace }}/${{ matrix.project }}_${{ matrix.framework }}_${{ matrix.runtime }}_${{ matrix.conf }}.zip ./
- name: Upload build
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.project }}_${{ matrix.framework }}_${{ matrix.runtime }}_${{ matrix.conf }}
path: ${{ matrix.project }}_${{ matrix.framework }}_${{ matrix.runtime }}_${{ matrix.conf }}.zip
- name: Upload to rolling
uses: ncipollo/release-action@v1.14.0
with:
allowUpdates: True
artifacts: ${{ matrix.project }}_${{ matrix.framework }}_${{ matrix.runtime }}_${{ matrix.conf }}.zip
body: 'Last built commit: ${{ github.sha }}'
name: 'Rolling Release'
prerelease: True
replacesArtifacts: True
tag: "rolling"
updateOnlyUnreleased: True

7
.github/workflows/check_pr.yml vendored
View File

@@ -11,10 +11,13 @@ jobs:
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: 9.0.x
dotnet-version: |
6.0.x
8.0.x
9.0.x
- name: Build
run: dotnet build
- name: Run tests
run: dotnet test
run: dotnet test

6
BinaryObjectScanner.Test/BinaryObjectScanner.Test.csproj
View File

@@ -12,14 +12,14 @@
</ItemGroup>
<ItemGroup>
<PackageReference Include="coverlet.collector" Version="6.0.2">
<PackageReference Include="coverlet.collector" Version="6.0.3">
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
<PrivateAssets>all</PrivateAssets>
</PackageReference>
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.12.0" />
<PackageReference Include="SabreTools.Serialization" Version="1.8.1" />
<PackageReference Include="SabreTools.Serialization" Version="1.8.6" />
<PackageReference Include="xunit" Version="2.9.2" />
<PackageReference Include="xunit.runner.visualstudio" Version="2.8.2">
<PackageReference Include="xunit.runner.visualstudio" Version="3.0.0">
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
<PrivateAssets>all</PrivateAssets>
</PackageReference>

4
BinaryObjectScanner.Test/FactoryTests.cs
View File

@@ -68,8 +68,10 @@ namespace BinaryObjectScanner.Test
WrapperType.GZIP,
WrapperType.InstallShieldArchiveV3,
WrapperType.InstallShieldCAB,
WrapperType.LZKWAJ,
WrapperType.LZQBasic,
WrapperType.LZSZDD,
WrapperType.MicrosoftCAB,
WrapperType.MicrosoftLZ,
WrapperType.MoPaQ,
//WrapperType.N3DS,
//WrapperType.NCF,

8
BinaryObjectScanner.Test/FileType/MicrosoftLZTests.cs → BinaryObjectScanner.Test/FileType/LZKWAJTests.cs
View File

@@ -4,14 +4,14 @@ using Xunit;
namespace BinaryObjectScanner.Test.FileType
{
public class MicrosoftLZTests
public class LZKWAJTests
{
[Fact]
public void ExtractFile_EmptyString_False()
{
string file = string.Empty;
string outDir = string.Empty;
var extractable = new MicrosoftLZ();
var extractable = new LZKWAJ();
bool actual = extractable.Extract(file, outDir, includeDebug: false);
Assert.False(actual);
@@ -23,7 +23,7 @@ namespace BinaryObjectScanner.Test.FileType
Stream? stream = null;
string file = string.Empty;
string outDir = string.Empty;
var extractable = new MicrosoftLZ();
var extractable = new LZKWAJ();
bool actual = extractable.Extract(stream, file, outDir, includeDebug: false);
Assert.False(actual);
@@ -35,7 +35,7 @@ namespace BinaryObjectScanner.Test.FileType
Stream? stream = new MemoryStream();
string file = string.Empty;
string outDir = string.Empty;
var extractable = new MicrosoftLZ();
var extractable = new LZKWAJ();
bool actual = extractable.Extract(stream, file, outDir, includeDebug: false);
Assert.False(actual);

44
BinaryObjectScanner.Test/FileType/LZQBasicTests.cs Normal file
View File

@@ -0,0 +1,44 @@
using System.IO;
using BinaryObjectScanner.FileType;
using Xunit;
namespace BinaryObjectScanner.Test.FileType
{
public class LZQBasicTests
{
[Fact]
public void ExtractFile_EmptyString_False()
{
string file = string.Empty;
string outDir = string.Empty;
var extractable = new LZQBasic();
bool actual = extractable.Extract(file, outDir, includeDebug: false);
Assert.False(actual);
}
[Fact]
public void ExtractStream_Null_False()
{
Stream? stream = null;
string file = string.Empty;
string outDir = string.Empty;
var extractable = new LZQBasic();
bool actual = extractable.Extract(stream, file, outDir, includeDebug: false);
Assert.False(actual);
}
[Fact]
public void ExtractStream_Empty_False()
{
Stream? stream = new MemoryStream();
string file = string.Empty;
string outDir = string.Empty;
var extractable = new LZQBasic();
bool actual = extractable.Extract(stream, file, outDir, includeDebug: false);
Assert.False(actual);
}
}
}

44
BinaryObjectScanner.Test/FileType/LZSZDDTests.cs Normal file
View File

@@ -0,0 +1,44 @@
using System.IO;
using BinaryObjectScanner.FileType;
using Xunit;
namespace BinaryObjectScanner.Test.FileType
{
public class LZSZDDTests
{
[Fact]
public void ExtractFile_EmptyString_False()
{
string file = string.Empty;
string outDir = string.Empty;
var extractable = new LZSZDD();
bool actual = extractable.Extract(file, outDir, includeDebug: false);
Assert.False(actual);
}
[Fact]
public void ExtractStream_Null_False()
{
Stream? stream = null;
string file = string.Empty;
string outDir = string.Empty;
var extractable = new LZSZDD();
bool actual = extractable.Extract(stream, file, outDir, includeDebug: false);
Assert.False(actual);
}
[Fact]
public void ExtractStream_Empty_False()
{
Stream? stream = new MemoryStream();
string file = string.Empty;
string outDir = string.Empty;
var extractable = new LZSZDD();
bool actual = extractable.Extract(stream, file, outDir, includeDebug: false);
Assert.False(actual);
}
}
}

24
BinaryObjectScanner.Test/FileType/SGATests.cs
View File

@@ -40,29 +40,5 @@ namespace BinaryObjectScanner.Test.FileType
bool actual = extractable.Extract(stream, file, outDir, includeDebug: false);
Assert.False(actual);
}
[Fact]
public void ExtractAll_EmptyModel_False()
{
var model = new SabreTools.Models.SGA.Archive();
var data = new MemoryStream();
var item = new SabreTools.Serialization.Wrappers.SGA(model, data);
string outputDirectory = string.Empty;
bool actual = SGA.ExtractAll(item, outputDirectory);
Assert.False(actual);
}
[Fact]
public void ExtractFile_EmptyModel_False()
{
var model = new SabreTools.Models.SGA.Archive();
var data = new MemoryStream();
var item = new SabreTools.Serialization.Wrappers.SGA(model, data);
string outputDirectory = string.Empty;
bool actual = SGA.ExtractFile(item, 0, outputDirectory);
Assert.False(actual);
}
}
}

41
BinaryObjectScanner/BinaryObjectScanner.csproj
View File

@@ -6,19 +6,21 @@
<AllowUnsafeBlocks>true</AllowUnsafeBlocks>
<CheckEolTargetFramework>false</CheckEolTargetFramework>
<IncludeSourceRevisionInInformationalVersion>false</IncludeSourceRevisionInInformationalVersion>
<IncludeSymbols>true</IncludeSymbols>
<LangVersion>latest</LangVersion>
<NoWarn>CS0162;CS0612</NoWarn>
<Nullable>enable</Nullable>
<SuppressTfmSupportBuildWarnings>true</SuppressTfmSupportBuildWarnings>
<SymbolPackageFormat>snupkg</SymbolPackageFormat>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
<Version>3.3.1</Version>
<Version>3.3.4</Version>
<!-- Mostly added due to external libraries -->
<WarningsNotAsErrors>CS8600;CS8601;CS8602;CS8603;CS8604;CS8605;CS8618;CS8625;CS8634;CS8765;IL3000;NU5100</WarningsNotAsErrors>
<!-- Package Properties -->
<Authors>Matt Nadareski</Authors>
<Description>Protection scanning library</Description>
<Copyright>Copyright (c)2018-2024 Matt Nadareski</Copyright>
<Copyright>Copyright (c)2018-2025 Matt Nadareski</Copyright>
<PackageProjectUrl>https://github.com/SabreTools/</PackageProjectUrl>
<RepositoryUrl>https://github.com/SabreTools/BinaryObjectScanner</RepositoryUrl>
<RepositoryType>git</RepositoryType>
@@ -26,9 +28,12 @@
<PackageLicenseExpression>MIT</PackageLicenseExpression>
</PropertyGroup>
<!-- Set a build flag for Windows specifically -->
<!-- Set build flags for Windows specifically -->
<PropertyGroup Condition="'$(RuntimeIdentifier)'=='win-x86'">
<DefineConstants>$(DefineConstants);WIN</DefineConstants>
<DefineConstants>$(DefineConstants);WINX86</DefineConstants>
</PropertyGroup>
<PropertyGroup Condition="'$(RuntimeIdentifier)'=='win-x64'">
<DefineConstants>$(DefineConstants);WINX64</DefineConstants>
</PropertyGroup>
<!-- Exclude certain parts of external modules for by default -->
@@ -54,16 +59,10 @@
</PropertyGroup>
<!-- These are needed for dealing with native Windows DLLs -->
<ItemGroup Condition="!$(TargetFramework.StartsWith(`net2`)) AND !$(TargetFramework.StartsWith(`net3`)) AND $(RuntimeIdentifier.StartsWith(`win-x86`))">
<Content Include="*.dll">
<ItemGroup>
<Content Include="runtimes\**\*">
<PackagePath>%(Identity)</PackagePath>
<Pack>true</Pack>
<PackagePath>contentFiles;content</PackagePath>
<IncludeInPackage>true</IncludeInPackage>
<CopyToOutput>true</CopyToOutput>
<BuildAction>Content</BuildAction>
<copyToOutput>true</copyToOutput>
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToPublishDirectory>Always</CopyToPublishDirectory>
</Content>
</ItemGroup>
@@ -87,14 +86,14 @@
</ItemGroup>
<ItemGroup>
<PackageReference Include="SabreTools.Compression" Version="0.6.1" />
<PackageReference Include="SabreTools.Hashing" Version="1.4.0" />
<PackageReference Include="SabreTools.IO" Version="1.6.1" />
<PackageReference Include="SabreTools.Matching" Version="1.5.0" />
<PackageReference Include="SabreTools.Models" Version="1.5.5" />
<PackageReference Include="SabreTools.Serialization" Version="1.8.1" />
<PackageReference Include="UnshieldSharp" Version="1.9.2" />
<PackageReference Include="WiseUnpacker" Version="1.5.4" />
<PackageReference Include="SabreTools.Compression" Version="0.6.3" />
<PackageReference Include="SabreTools.Hashing" Version="1.4.1" />
<PackageReference Include="SabreTools.IO" Version="1.6.2" />
<PackageReference Include="SabreTools.Matching" Version="1.5.1" />
<PackageReference Include="SabreTools.Models" Version="1.5.8" />
<PackageReference Include="SabreTools.Serialization" Version="1.8.6" />
<PackageReference Include="UnshieldSharp" Version="1.9.4" />
<PackageReference Include="WiseUnpacker" Version="1.5.6" />
</ItemGroup>
</Project>

BIN
BinaryObjectScanner/CascLib.dll
View File

Binary file not shown.

4
BinaryObjectScanner/Factory.cs
View File

@@ -44,8 +44,10 @@ namespace BinaryObjectScanner
WrapperType.GZIP => new FileType.GZIP(),
WrapperType.InstallShieldArchiveV3 => new FileType.InstallShieldArchiveV3(),
WrapperType.InstallShieldCAB => new FileType.InstallShieldCAB(),
WrapperType.LZKWAJ => new FileType.LZKWAJ(),
WrapperType.LZQBasic => new FileType.LZQBasic(),
WrapperType.LZSZDD => new FileType.LZSZDD(),
WrapperType.MicrosoftCAB => new FileType.MicrosoftCAB(),
WrapperType.MicrosoftLZ => new FileType.MicrosoftLZ(),
WrapperType.MoPaQ => new FileType.MPQ(),
//WrapperType.N3DS => new FileType.N3DS(),
//WrapperType.NCF => new FileType.NCF(),

7
BinaryObjectScanner/FileType/BFPK.cs
View File

@@ -1,9 +1,6 @@
using System.IO;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Compressors;
using SharpCompress.Compressors.Deflate;
#endif
using SabreTools.Compression.Deflate;
namespace BinaryObjectScanner.FileType
{
@@ -109,14 +106,12 @@ namespace BinaryObjectScanner.FileType
{
fs.Write(data, 0, compressedSize);
}
#if NET462_OR_GREATER || NETCOREAPP
else
{
MemoryStream ms = new MemoryStream(data);
ZlibStream zs = new ZlibStream(ms, CompressionMode.Decompress);
zs.CopyTo(fs);
}
#endif
return true;
}

11
BinaryObjectScanner/FileType/BZip2.cs
View File

@@ -1,10 +1,7 @@
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Compressors;
using SharpCompress.Compressors.BZip2;
#endif
using SabreTools.Compression.BZip2;
namespace BinaryObjectScanner.FileType
{
@@ -29,11 +26,10 @@ namespace BinaryObjectScanner.FileType
if (stream == null || !stream.CanRead)
return false;
#if NET462_OR_GREATER || NETCOREAPP
try
{
// Try opening the stream
using var bz2File = new BZip2Stream(stream, CompressionMode.Decompress, true);
using var bz2File = new BZip2InputStream(stream, true);
// Create the output file path
Directory.CreateDirectory(outDir);
@@ -50,9 +46,6 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
return false;
}
#else
return false;
#endif
}
}
}

52
BinaryObjectScanner/FileType/Executable.cs
View File

@@ -17,20 +17,6 @@ namespace BinaryObjectScanner.FileType
/// </summary>
public class Executable : IDetectable
{
#region Properties
/// <summary>
/// Determines if game engines are counted as detected protections or not
/// </summary>
public bool IncludeGameEngines { get; set; }
/// <summary>
/// Determines if packers are counted as detected protections or not
/// </summary>
public bool IncludePackers { get; set; }
#endregion
/// <inheritdoc/>
public string? Detect(string file, bool includeDebug)
{
@@ -192,14 +178,6 @@ namespace BinaryObjectScanner.FileType
if (string.IsNullOrEmpty(protection))
return;
// If we are filtering on game engines
if (CheckIfGameEngine(checkClass) && !IncludeGameEngines)
return;
// If we are filtering on packers
if (CheckIfPacker(checkClass) && !IncludePackers)
return;
protections.Append(checkClass, protection);
});
@@ -230,14 +208,6 @@ namespace BinaryObjectScanner.FileType
if (string.IsNullOrEmpty(protection))
return;
// If we are filtering on game engines
if (CheckIfGameEngine(checkClass) && !IncludeGameEngines)
return;
// If we are filtering on packers
if (CheckIfPacker(checkClass) && !IncludePackers)
return;
protections.Append(checkClass, protection);
});
@@ -348,27 +318,5 @@ namespace BinaryObjectScanner.FileType
}
#endregion
#region Helpers
/// <summary>
/// Check to see if an implementation is a game engine using reflection
/// </summary>
/// <param name="impl">Implementation that was last used to check</param>
private static bool CheckIfGameEngine(object impl)
{
return impl.GetType().Namespace?.ToLowerInvariant()?.Contains("gameengine") ?? false;
}
/// <summary>
/// Check to see if an implementation is a packer using reflection
/// </summary>
/// <param name="impl">Implementation that was last used to check</param>
private static bool CheckIfPacker(object impl)
{
return impl.GetType().Namespace?.ToLowerInvariant()?.Contains("packer") ?? false;
}
#endregion
}
}

40
BinaryObjectScanner/FileType/GZIP.cs
View File

@@ -1,10 +1,7 @@
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
#if NET462_OR_GREATER || NETCOREAPP
using SharpCompress.Archives;
using SharpCompress.Archives.GZip;
#endif
using SabreTools.Compression.Deflate;
namespace BinaryObjectScanner.FileType
{
@@ -29,34 +26,18 @@ namespace BinaryObjectScanner.FileType
if (stream == null || !stream.CanRead)
return false;
#if NET462_OR_GREATER || NETCOREAPP
try
{
using var zipFile = GZipArchive.Open(stream);
foreach (var entry in zipFile.Entries)
{
try
{
// If the entry is a directory
if (entry.IsDirectory)
continue;
// Try opening the stream
using var gzipFile = new GZipStream(stream, CompressionMode.Decompress, true);
// If the entry has an invalid key
if (entry.Key == null)
continue;
// Create the output file path
Directory.CreateDirectory(outDir);
string tempFile = Path.Combine(outDir, Guid.NewGuid().ToString());
string tempFile = Path.Combine(outDir, entry.Key);
var directoryName = Path.GetDirectoryName(tempFile);
if (directoryName != null && !Directory.Exists(directoryName))
Directory.CreateDirectory(directoryName);
entry.WriteToFile(tempFile);
}
catch (Exception ex)
{
if (includeDebug) Console.WriteLine(ex);
}
}
// Extract the file
using FileStream fs = File.OpenWrite(tempFile);
gzipFile.CopyTo(fs);
return true;
}
@@ -65,9 +46,6 @@ namespace BinaryObjectScanner.FileType
if (includeDebug) Console.WriteLine(ex);
return false;
}
#else
return false;
#endif
}
}
}

47
BinaryObjectScanner/FileType/InstallShieldArchiveV3.cs
View File

@@ -1,7 +1,5 @@
using System;
using System.IO;
using System.IO;
using BinaryObjectScanner.Interfaces;
using ISv3 = UnshieldSharp.Archive.InstallShieldArchiveV3;
namespace BinaryObjectScanner.FileType
{
@@ -23,41 +21,16 @@ namespace BinaryObjectScanner.FileType
/// <inheritdoc/>
public bool Extract(Stream? stream, string file, string outDir, bool includeDebug)
{
try
{
if (!File.Exists(file))
return false;
var archive = new ISv3(file);
foreach (var cfile in archive.Files)
{
try
{
string tempFile = Path.Combine(outDir, cfile.Key);
var directoryName = Path.GetDirectoryName(tempFile);
if (directoryName != null && !Directory.Exists(directoryName))
Directory.CreateDirectory(directoryName);
byte[]? fileContents = archive.Extract(cfile.Key, out string? error);
if (fileContents == null || !string.IsNullOrEmpty(error))
continue;
using FileStream fs = File.OpenWrite(tempFile);
fs.Write(fileContents, 0, fileContents.Length);
}
catch (Exception ex)
{
if (includeDebug) Console.WriteLine(ex);
}
}
return true;
}
catch (Exception ex)
{
if (includeDebug) Console.WriteLine(ex);
// Create the wrapper
var isv3 = SabreTools.Serialization.Wrappers.InstallShieldArchiveV3.Create(stream);
if (isv3 == null)
return false;
}
// Loop through and extract all files
Directory.CreateDirectory(outDir);
isv3.ExtractAll(outDir);
return true;
}
}
}

2
BinaryObjectScanner/FileType/InstallShieldCAB.cs
View File

@@ -2,7 +2,7 @@
using System.IO;
using System.Text.RegularExpressions;
using BinaryObjectScanner.Interfaces;
using UnshieldSharp.Cabinet;
using UnshieldSharp;
namespace BinaryObjectScanner.FileType
{

36
BinaryObjectScanner/FileType/LZKWAJ.cs Normal file
View File

@@ -0,0 +1,36 @@
using System.IO;
using BinaryObjectScanner.Interfaces;
namespace BinaryObjectScanner.FileType
{
/// <summary>
/// LZ-compressed file, KWAJ variant
/// </summary>
public class LZKWAJ : IExtractable
{
/// <inheritdoc/>
public bool Extract(string file, string outDir, bool includeDebug)
{
if (!File.Exists(file))
return false;
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.ReadWrite);
return Extract(fs, file, outDir, includeDebug);
}
/// <inheritdoc/>
public bool Extract(Stream? stream, string file, string outDir, bool includeDebug)
{
// Create the wrapper
var kwaj = SabreTools.Serialization.Wrappers.LZKWAJ.Create(stream);
if (kwaj == null)
return false;
// Loop through and extract all files
Directory.CreateDirectory(outDir);
kwaj.Extract(outDir);
return true;
}
}
}

36
BinaryObjectScanner/FileType/LZQBasic.cs Normal file
View File

@@ -0,0 +1,36 @@
using System.IO;
using BinaryObjectScanner.Interfaces;
namespace BinaryObjectScanner.FileType
{
/// <summary>
/// LZ-compressed file, QBasic variant
/// </summary>
public class LZQBasic : IExtractable
{
/// <inheritdoc/>
public bool Extract(string file, string outDir, bool includeDebug)
{
if (!File.Exists(file))
return false;
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.ReadWrite);
return Extract(fs, file, outDir, includeDebug);
}
/// <inheritdoc/>
public bool Extract(Stream? stream, string file, string outDir, bool includeDebug)
{
// Create the wrapper
var qbasic = SabreTools.Serialization.Wrappers.LZQBasic.Create(stream);
if (qbasic == null)
return false;
// Loop through and extract all files
Directory.CreateDirectory(outDir);
qbasic.Extract(outDir);
return true;
}
}
}

36
BinaryObjectScanner/FileType/LZSZDD.cs Normal file
View File

@@ -0,0 +1,36 @@
using System.IO;
using BinaryObjectScanner.Interfaces;
namespace BinaryObjectScanner.FileType
{
/// <summary>
/// LZ-compressed file, SZDD variant
/// </summary>
public class LZSZDD : IExtractable
{
/// <inheritdoc/>
public bool Extract(string file, string outDir, bool includeDebug)
{
if (!File.Exists(file))
return false;
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.ReadWrite);
return Extract(fs, file, outDir, includeDebug);
}
/// <inheritdoc/>
public bool Extract(Stream? stream, string file, string outDir, bool includeDebug)
{
// Create the wrapper
var szdd = SabreTools.Serialization.Wrappers.LZSZDD.Create(stream);
if (szdd == null)
return false;
// Loop through and extract all files
Directory.CreateDirectory(outDir);
szdd.Extract(Path.GetFileName(file), outDir);
return true;
}
}
}

4
BinaryObjectScanner/FileType/MPQ.cs
View File

@@ -1,6 +1,6 @@
using System.IO;
using BinaryObjectScanner.Interfaces;
#if (NET452_OR_GREATER || NETCOREAPP) && WIN
#if (NET452_OR_GREATER || NETCOREAPP) && (WINX86 || WINX64)
using StormLibSharp;
#endif
@@ -25,7 +25,7 @@ namespace BinaryObjectScanner.FileType
/// <inheritdoc/>
public bool Extract(Stream? stream, string file, string outDir, bool includeDebug)
{
#if NET20 || NET35 || !WIN
#if NET20 || NET35 || !WINX86
// Not supported for old .NET due to feature requirements
// Not supported in non-Windows builds due to DLL requirements
return false;

124
BinaryObjectScanner/FileType/MicrosoftCAB.cs
View File

@@ -1,7 +1,10 @@
using System.IO;
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
#if (NET40_OR_GREATER || NETCOREAPP) && WIN
#if (NET40_OR_GREATER || NETCOREAPP) && WINX86
using LibMSPackN;
#else
using SabreTools.Models.MicrosoftCabinet;
#endif
namespace BinaryObjectScanner.FileType
@@ -26,10 +29,111 @@ namespace BinaryObjectScanner.FileType
/// <inheritdoc/>
public bool Extract(Stream? stream, string file, string outDir, bool includeDebug)
{
#if NET20 || NET35 || !WIN
// Not supported for old .NET due to feature requirements
// Not supported in non-Windows builds due to DLL requirements
return false;
#if NET20 || NET35 || !WINX86
try
{
// Create the wrapper
var cabArchive = SabreTools.Serialization.Wrappers.MicrosoftCabinet.Create(stream);
if (cabArchive?.Model?.Folders == null || cabArchive.Model.Folders.Length == 0)
return false;
// Loop through the folders
for (int f = 0; f < cabArchive!.Model.Folders.Length; f++)
{
// Ensure data blocks
var folder = cabArchive.Model.Folders[f];
if (folder?.DataBlocks == null || folder.DataBlocks.Length == 0)
continue;
// Setup decompressors
var mszip = SabreTools.Compression.MSZIP.Decompressor.Create();
uint quantumWindowBits = (uint)(((ushort)folder.CompressionType >> 8) & 0x1f);
// Loop through the data blocks
var ms = new MemoryStream();
foreach (var db in folder.DataBlocks)
{
if (db?.CompressedData == null)
continue;
// Uncompressed data
if ((folder.CompressionType & CompressionType.TYPE_NONE) != 0)
{
ms.Write(db.CompressedData, 0, db.CompressedData.Length);
ms.Flush();
}
// MS-ZIP
else if ((folder.CompressionType & CompressionType.TYPE_MSZIP) != 0)
{
mszip.CopyTo(db.CompressedData, ms);
}
// Quantum
else if ((folder.CompressionType & CompressionType.TYPE_QUANTUM) != 0)
{
var quantum = SabreTools.Compression.Quantum.Decompressor.Create(db.CompressedData, quantumWindowBits);
byte[] data = quantum.Process();
ms.Write(data, 0, data.Length);
ms.Flush();
}
// LZX
else if ((folder.CompressionType & CompressionType.TYPE_LZX) != 0)
{
// TODO: Unsupported
continue;
}
// Unknown
else
{
continue;
}
}
// If no data was read
if (ms.Length == 0)
continue;
// Ensure files
if (cabArchive?.Model?.Files == null || cabArchive.Model.Files.Length == 0)
continue;
// Loop through the files
foreach (var compressedFile in cabArchive.Model.Files)
{
if (compressedFile?.Name == null || compressedFile.FolderIndex != (FolderIndex)f)
continue;
try
{
byte[] fileData = new byte[compressedFile.FileSize];
Array.Copy(ms.ToArray(), compressedFile.FolderStartOffset, fileData, 0, compressedFile.FileSize);
string tempFile = Path.Combine(outDir, compressedFile.Name);
var directoryName = Path.GetDirectoryName(tempFile);
if (directoryName != null && !Directory.Exists(directoryName))
Directory.CreateDirectory(directoryName);
using var of = File.OpenWrite(tempFile);
of.Write(fileData, 0, fileData.Length);
of.Flush();
}
catch (Exception ex)
{
if (includeDebug) Console.WriteLine(ex);
}
}
}
return true;
}
catch (Exception ex)
{
if (includeDebug) Console.WriteLine(ex);
return false;
}
#else
try
{
@@ -49,17 +153,17 @@ namespace BinaryObjectScanner.FileType
compressedFile.ExtractTo(tempFile);
}
catch (System.Exception ex)
catch (Exception ex)
{
if (includeDebug) System.Console.WriteLine(ex);
if (includeDebug) Console.WriteLine(ex);
}
}
return true;
}
catch (System.Exception ex)
catch (Exception ex)
{
if (includeDebug) System.Console.WriteLine(ex);
if (includeDebug) Console.WriteLine(ex);
return false;
}
#endif

66
BinaryObjectScanner/FileType/MicrosoftLZ.cs
View File

@@ -1,66 +0,0 @@
using System;
using System.IO;
using BinaryObjectScanner.Interfaces;
using SabreTools.Compression.LZ;
namespace BinaryObjectScanner.FileType
{
/// <summary>
/// Microsoft LZ-compressed Files (LZ32)
/// </summary>
/// <remarks>This is treated like an archive type due to the packing style</remarks>
public class MicrosoftLZ : IExtractable
{
/// <inheritdoc/>
public bool Extract(string file, string outDir, bool includeDebug)
{
if (!File.Exists(file))
return false;
using var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.ReadWrite);
return Extract(fs, file, outDir, includeDebug);
}
/// <inheritdoc/>
public bool Extract(Stream? stream, string file, string outDir, bool includeDebug)
{
if (stream == null || !stream.CanRead)
return false;
try
{
var data = Decompressor.Decompress(stream);
if (data == null)
return false;
// Create the temp filename
string tempFile = "temp.bin";
if (!string.IsNullOrEmpty(file))
{
var expandedFilePath = Decompressor.GetExpandedName(file, out _);
if (expandedFilePath != null)
tempFile = Path.GetFileName(expandedFilePath).TrimEnd('\0');
if (tempFile.EndsWith(".ex"))
tempFile += "e";
else if (tempFile.EndsWith(".dl"))
tempFile += "l";
}
tempFile = Path.Combine(outDir, tempFile);
var directoryName = Path.GetDirectoryName(tempFile);
if (directoryName != null && !Directory.Exists(directoryName))
Directory.CreateDirectory(directoryName);
using Stream tempStream = File.Open(tempFile, FileMode.Create, FileAccess.Write, FileShare.ReadWrite);
tempStream.Write(data, 0, data.Length);
return true;
}
catch (Exception ex)
{
if (includeDebug) Console.WriteLine(ex);
return false;
}
}
}
}

142
BinaryObjectScanner/FileType/SGA.cs
View File

@@ -1,7 +1,5 @@
using System.Collections.Generic;
using System.IO;
using BinaryObjectScanner.Interfaces;
using SabreTools.Compression.zlib;
namespace BinaryObjectScanner.FileType
{
@@ -30,147 +28,9 @@ namespace BinaryObjectScanner.FileType
// Loop through and extract all files
Directory.CreateDirectory(outDir);
ExtractAll(sga, outDir);
sga.ExtractAll(outDir);
return true;
}
/// <summary>
/// Extract all files from the SGA to an output directory
/// </summary>
/// <param name="outputDirectory">Output directory to write to</param>
/// <returns>True if all files extracted, false otherwise</returns>
public static bool ExtractAll(SabreTools.Serialization.Wrappers.SGA item, string outputDirectory)
{
// Get the file count
int fileCount = item.FileCount;
if (fileCount == 0)
return false;
// Loop through and extract all files to the output
bool allExtracted = true;
for (int i = 0; i < fileCount; i++)
{
allExtracted &= ExtractFile(item, i, outputDirectory);
}
return allExtracted;
}
/// <summary>
/// Extract a file from the SGA to an output directory by index
/// </summary>
/// <param name="index">File index to extract</param>
/// <param name="outputDirectory">Output directory to write to</param>
/// <returns>True if the file extracted, false otherwise</returns>
public static bool ExtractFile(SabreTools.Serialization.Wrappers.SGA item, int index, string outputDirectory)
{
// Get the file count
int fileCount = item.FileCount;
if (fileCount == 0)
return false;
// If the files index is invalid
if (index < 0 || index >= fileCount)
return false;
// Create the filename
var filename = item.GetFileName(index);
if (filename == null)
return false;
// Loop through and get all parent directories
var parentNames = new List<string> { filename };
// Get the parent directory
string? folderName = item.GetParentName(index);
if (folderName != null)
parentNames.Add(folderName);
// TODO: Should the section name/alias be used in the path as well?
// Reverse and assemble the filename
parentNames.Reverse();
#if NET20 || NET35
filename = parentNames[0];
for (int i = 1; i < parentNames.Count; i++)
{
filename = Path.Combine(filename, parentNames[i]);
}
#else
filename = Path.Combine([.. parentNames]);
#endif
// Get and adjust the file offset
long fileOffset = item.GetFileOffset(index);
fileOffset += item.FileDataOffset;
if (fileOffset < 0)
return false;
// Get the file sizes
long fileSize = item.GetCompressedSize(index);
long outputFileSize = item.GetUncompressedSize(index);
// Read the compressed data directly
var compressedData = item.ReadFromDataSource((int)fileOffset, (int)fileSize);
if (compressedData == null)
return false;
// If the compressed and uncompressed sizes match
byte[] data;
if (fileSize == outputFileSize)
{
data = compressedData;
}
else
{
// Inflate the data into the buffer
var zstream = new ZLib.z_stream_s();
data = new byte[outputFileSize];
unsafe
{
fixed (byte* payloadPtr = compressedData)
fixed (byte* dataPtr = data)
{
zstream.next_in = payloadPtr;
zstream.avail_in = (uint)compressedData.Length;
zstream.total_in = (uint)compressedData.Length;
zstream.next_out = dataPtr;
zstream.avail_out = (uint)data.Length;
zstream.total_out = 0;
ZLib.inflateInit_(zstream, ZLib.zlibVersion(), compressedData.Length);
int zret = ZLib.inflate(zstream, 1);
ZLib.inflateEnd(zstream);
}
}
}
// If we have an invalid output directory
if (string.IsNullOrEmpty(outputDirectory))
return false;
// Create the full output path
filename = Path.Combine(outputDirectory, filename);
// Ensure the output directory is created
var directoryName = Path.GetDirectoryName(filename);
if (directoryName != null)
Directory.CreateDirectory(directoryName);
// Try to write the data
try
{
// Open the output file for writing
using Stream fs = File.OpenWrite(filename);
fs.Write(data, 0, data.Length);
}
catch
{
return false;
}
return false;
}
}
}

50
BinaryObjectScanner/OldDotNet.cs Normal file
View File

@@ -0,0 +1,50 @@
#if NET20 || NET35
using System;
using System.IO;
namespace BinaryObjectScanner
{
/// <summary>
/// Derived from the mscorlib code from .NET Framework 4.0
/// </summary>
internal static class OldDotNet
{
public static void CopyTo(this Stream source, Stream destination)
{
if (destination == null)
{
throw new ArgumentNullException("destination");
}
if (!source.CanRead && !source.CanWrite)
{
throw new ObjectDisposedException(null);
}
if (!destination.CanRead && !destination.CanWrite)
{
throw new ObjectDisposedException("destination");
}
if (!source.CanRead)
{
throw new NotSupportedException();
}
if (!destination.CanWrite)
{
throw new NotSupportedException();
}
byte[] array = new byte[81920];
int count;
while ((count = source.Read(array, 0, array.Length)) != 0)
{
destination.Write(array, 0, count);
}
}
}
}
#endif

21
BinaryObjectScanner/Options.cs
View File

@@ -11,27 +11,22 @@
public bool ScanArchives { get; set; }
/// <summary>
/// Determines if content matches are used or not
/// Determines if content matches are used
/// </summary>
public bool ScanContents { get; set; }
/// <summary>
/// Determines if game engines are counted as detected protections or not
/// </summary>
public bool ScanGameEngines { get; set; }
/// <summary>
/// Determines if packers are counted as detected protections or not
/// </summary>
public bool ScanPackers { get; set; }
/// <summary>
/// Determines if path matches are used or not
/// Determines if path matches are used
/// </summary>
public bool ScanPaths { get; set; }
/// <summary>
/// Determines if debug information is output or not
/// Determines if subdirectories are scanned
/// </summary>
public bool ScanSubdirectories { get; set; }
/// <summary>
/// Determines if debug information is output
/// </summary>
public bool IncludeDebug { get; set; }
}

5
BinaryObjectScanner/Packer/ASPack.cs
View File

@@ -656,8 +656,9 @@ namespace BinaryObjectScanner.Packer
new(new byte?[] { 0x60, 0xE8, 0x41, 0x06, 0x00, 0x00, 0xEB, 0x41 }, "ASPack 1.08.04"),
new(new byte?[] { 0x60, 0xE8, null, null, null, null, 0xEB }, "ASPack 1.08.04"),
// Disabled due to being too prone to false positives.
//new(new byte?[] { 0x60, 0xE8, null, null, null, null, 0xEB }, "ASPack 1.08.04"),
new(new byte?[] { 0x60, 0xE8, 0x70, 0x05, 0x00, 0x00, 0xEB, 0x4C }, "ASPack 2.00.00"),
new(new byte?[] { 0x60, 0xE8, 0x48, 0x11, 0x00, 0x00, 0xC3, 0x83 }, "ASPack 2.00.00"),

5
BinaryObjectScanner/Packer/CExe.cs
View File

@@ -110,7 +110,10 @@ namespace BinaryObjectScanner.Packer
{
try
{
data = SabreTools.Compression.LZ.Decompressor.Decompress(payload);
var decompressor = SabreTools.Compression.SZDD.Decompressor.CreateSZDD(payload);
var dataStream = new MemoryStream();
decompressor.CopyTo(dataStream);
data = dataStream.ToArray();
}
catch
{

24
BinaryObjectScanner/Packer/EmbeddedArchive.cs
View File

@@ -25,7 +25,11 @@ namespace BinaryObjectScanner.Packer
if (ba.StartsWith([0x37, 0x7A, 0xBC, 0xAF, 0x27, 0x1C]))
return "Embedded 7-Zip Archive";
if (ba.StartsWith(SabreTools.Models.PKZIP.Constants.LocalFileHeaderSignatureBytes))
if (ba.StartsWith([0x50, 0x4B, 0x03, 0x04]))
return "Embedded PKZIP Archive";
if (ba.StartsWith([0x50, 0x4B, 0x05, 0x06]))
return "Embedded PKZIP Archive";
if (ba.StartsWith([0x50, 0x4B, 0x07, 0x08]))
return "Embedded PKZIP Archive";
if (ba.StartsWith([0x52, 0x61, 0x72, 0x21, 0x1A, 0x07, 0x00]))
return "Embedded RAR Archive";
@@ -39,7 +43,11 @@ namespace BinaryObjectScanner.Packer
{
if (pex.OverlayData.StartsWith([0x37, 0x7A, 0xBC, 0xAF, 0x27, 0x1C]))
return "Embedded 7-Zip Archive";
if (pex.OverlayData.StartsWith(SabreTools.Models.PKZIP.Constants.LocalFileHeaderSignatureBytes))
if (pex.OverlayData.StartsWith([0x50, 0x4B, 0x03, 0x04]))
return "Embedded PKZIP Archive";
if (pex.OverlayData.StartsWith([0x50, 0x4B, 0x05, 0x06]))
return "Embedded PKZIP Archive";
if (pex.OverlayData.StartsWith([0x50, 0x4B, 0x07, 0x08]))
return "Embedded PKZIP Archive";
if (pex.OverlayData.StartsWith([0x52, 0x61, 0x72, 0x21, 0x1A, 0x07, 0x00]))
return "Embedded RAR Archive";
@@ -74,7 +82,11 @@ namespace BinaryObjectScanner.Packer
string extension = string.Empty;
if (overlayData.StartsWith([0x37, 0x7A, 0xBC, 0xAF, 0x27, 0x1C]))
extension = "7z";
else if (overlayData.StartsWith(SabreTools.Models.PKZIP.Constants.LocalFileHeaderSignatureBytes))
else if (overlayData.StartsWith([0x50, 0x4B, 0x03, 0x04]))
extension = "zip";
else if (overlayData.StartsWith([0x50, 0x4B, 0x05, 0x06]))
extension = "zip";
else if (overlayData.StartsWith([0x50, 0x4B, 0x07, 0x08]))
extension = "zip";
else if (overlayData.StartsWith([0x52, 0x61, 0x72, 0x21, 0x1A, 0x07, 0x00]))
extension = "rar";
@@ -125,7 +137,11 @@ namespace BinaryObjectScanner.Packer
string extension = string.Empty;
if (ba.StartsWith([0x37, 0x7A, 0xBC, 0xAF, 0x27, 0x1C]))
extension = "7z";
else if (ba.StartsWith(SabreTools.Models.PKZIP.Constants.LocalFileHeaderSignatureBytes))
else if (ba.StartsWith([0x50, 0x4B, 0x03, 0x04]))
extension = "zip";
else if (ba.StartsWith([0x50, 0x4B, 0x05, 0x06]))
extension = "zip";
else if (ba.StartsWith([0x50, 0x4B, 0x07, 0x08]))
extension = "zip";
else if (ba.StartsWith([0x52, 0x61, 0x72, 0x21, 0x1A, 0x07, 0x00]))
extension = "rar";

110
BinaryObjectScanner/Packer/WiseInstaller.cs
View File

@@ -2,7 +2,6 @@
using System.Collections.Generic;
using System.IO;
using BinaryObjectScanner.Interfaces;
using SabreTools.IO.Extensions;
using SabreTools.Matching;
using SabreTools.Matching.Content;
using SabreTools.Serialization.Wrappers;
@@ -106,53 +105,24 @@ namespace BinaryObjectScanner.Packer
private static FormatProperty? MatchesNEVersion(NewExecutable nex)
{
// TODO: Offset is _not_ the EXE header address, rather where the data starts. Fix this.
switch (nex.Model.Stub?.Header?.NewExeHeaderAddr)
return (nex.Model.Stub?.Header?.NewExeHeaderAddr) switch
{
case 0x84b0:
return new FormatProperty { Dll = false, ArchiveStart = 0x11, ArchiveEnd = -1, InitText = false, FilenamePosition = 0x04, NoCrc = true };
case 0x3e10:
return new FormatProperty { Dll = false, ArchiveStart = 0x1e, ArchiveEnd = -1, InitText = false, FilenamePosition = 0x04, NoCrc = false };
case 0x3e50:
return new FormatProperty { Dll = false, ArchiveStart = 0x1e, ArchiveEnd = -1, InitText = false, FilenamePosition = 0x04, NoCrc = false };
case 0x3c20:
return new FormatProperty { Dll = false, ArchiveStart = 0x1e, ArchiveEnd = -1, InitText = false, FilenamePosition = 0x04, NoCrc = false };
case 0x3c30:
return new FormatProperty { Dll = false, ArchiveStart = 0x22, ArchiveEnd = -1, InitText = false, FilenamePosition = 0x04, NoCrc = false };
case 0x3660:
return new FormatProperty { Dll = false, ArchiveStart = 0x40, ArchiveEnd = 0x3c, InitText = false, FilenamePosition = 0x04, NoCrc = false };
case 0x36f0:
return new FormatProperty { Dll = false, ArchiveStart = 0x48, ArchiveEnd = 0x44, InitText = false, FilenamePosition = 0x1c, NoCrc = false };
case 0x3770:
return new FormatProperty { Dll = false, ArchiveStart = 0x50, ArchiveEnd = 0x4c, InitText = false, FilenamePosition = 0x1c, NoCrc = false };
case 0x3780:
return new FormatProperty { Dll = true, ArchiveStart = 0x50, ArchiveEnd = 0x4c, InitText = false, FilenamePosition = 0x1c, NoCrc = false };
case 0x37b0:
return new FormatProperty { Dll = true, ArchiveStart = 0x50, ArchiveEnd = 0x4c, InitText = false, FilenamePosition = 0x1c, NoCrc = false };
case 0x37d0:
return new FormatProperty { Dll = true, ArchiveStart = 0x50, ArchiveEnd = 0x4c, InitText = false, FilenamePosition = 0x1c, NoCrc = false };
case 0x3c80:
return new FormatProperty { Dll = true, ArchiveStart = 0x5a, ArchiveEnd = 0x4c, InitText = true, FilenamePosition = 0x1c, NoCrc = false };
case 0x3bd0:
return new FormatProperty { Dll = true, ArchiveStart = 0x5a, ArchiveEnd = 0x4c, InitText = true, FilenamePosition = 0x1c, NoCrc = false };
case 0x3c10:
return new FormatProperty { Dll = true, ArchiveStart = 0x5a, ArchiveEnd = 0x4c, InitText = true, FilenamePosition = 0x1c, NoCrc = false };
default:
return null;
}
0x84b0 => new FormatProperty { ArchiveEnd = -1 },
0x3e10 => new FormatProperty { ArchiveEnd = -1 },
0x3e50 => new FormatProperty { ArchiveEnd = -1 },
0x3c20 => new FormatProperty { ArchiveEnd = -1 },
0x3c30 => new FormatProperty { ArchiveEnd = -1 },
0x3660 => new FormatProperty { ArchiveEnd = 0x3c },
0x36f0 => new FormatProperty { ArchiveEnd = 0x44 },
0x3770 => new FormatProperty { ArchiveEnd = 0x4c },
0x3780 => new FormatProperty { ArchiveEnd = 0x4c },
0x37b0 => new FormatProperty { ArchiveEnd = 0x4c },
0x37d0 => new FormatProperty { ArchiveEnd = 0x4c },
0x3c80 => new FormatProperty { ArchiveEnd = 0x4c },
0x3bd0 => new FormatProperty { ArchiveEnd = 0x4c },
0x3c10 => new FormatProperty { ArchiveEnd = 0x4c },
_ => null,
};
}
/// <summary>
@@ -162,40 +132,24 @@ namespace BinaryObjectScanner.Packer
/// <returns>True if it matches a known version, false otherwise</returns>
private static FormatProperty? GetPEFormat(PortableExecutable pex)
{
if (pex.OverlayAddress == 0x6e00
&& pex.GetFirstSection(".text")?.VirtualSize == 0x3cf4
&& pex.GetFirstSection(".data")?.VirtualSize == 0x1528)
return new FormatProperty { Dll = false, ArchiveStart = 0x50, ArchiveEnd = 0x4c, InitText = false, FilenamePosition = 0x1c, NoCrc = false };
// Get the current format
var current = new FormatProperty
{
ExecutableType = ExecutableType.PE,
CodeSectionLength = (int?)pex.GetFirstSection(".text")?.VirtualSize ?? -1,
DataSectionLength = (int?)pex.GetFirstSection(".data")?.VirtualSize ?? -1,
};
else if (pex.OverlayAddress == 0x6e00
&& pex.GetFirstSection(".text")?.VirtualSize == 0x3cf4
&& pex.GetFirstSection(".data")?.VirtualSize == 0x1568)
return new FormatProperty { Dll = false, ArchiveStart = 0x50, ArchiveEnd = 0x4c, InitText = false, FilenamePosition = 0x1c, NoCrc = false };
else if (pex.OverlayAddress == 0x6e00
&& pex.GetFirstSection(".text")?.VirtualSize == 0x3d54)
return new FormatProperty { Dll = false, ArchiveStart = 0x50, ArchiveEnd = 0x4c, InitText = false, FilenamePosition = 0x1c, NoCrc = false };
else if (pex.OverlayAddress == 0x6e00
&& pex.GetFirstSection(".text")?.VirtualSize == 0x3d44)
return new FormatProperty { Dll = false, ArchiveStart = 0x50, ArchiveEnd = 0x4c, InitText = false, FilenamePosition = 0x1c, NoCrc = false };
else if (pex.OverlayAddress == 0x6e00
&& pex.GetFirstSection(".text")?.VirtualSize == 0x3d04)
return new FormatProperty { Dll = false, ArchiveStart = 0x50, ArchiveEnd = 0x4c, InitText = false, FilenamePosition = 0x1c, NoCrc = false };
// Search known formats
foreach (var format in FormatProperty.KnownFormats)
{
if (current.Equals(format))
return format;
}
// Found in Binary.WiseCustomCalla
else if (pex.OverlayAddress == 0x6200)
return new FormatProperty { Dll = true, ArchiveStart = 0x62, ArchiveEnd = 0x4c, InitText = true, FilenamePosition = 0x1c, NoCrc = false };
else if (pex.OverlayAddress == 0x3000)
return new FormatProperty { Dll = false, ArchiveStart = 0x50, ArchiveEnd = 0x4c, InitText = false, FilenamePosition = 0x1c, NoCrc = false };
else if (pex.OverlayAddress == 0x3800)
return new FormatProperty { Dll = true, ArchiveStart = 0x5a, ArchiveEnd = 0x4c, InitText = true, FilenamePosition = 0x1c, NoCrc = false };
else if (pex.OverlayAddress == 0x3a00)
return new FormatProperty { Dll = true, ArchiveStart = 0x5a, ArchiveEnd = 0x4c, InitText = true, FilenamePosition = 0x1c, NoCrc = false };
if (pex.OverlayAddress == 0x6200)
return new FormatProperty { ArchiveEnd = 0x4c };
return null;
}

16
BinaryObjectScanner/Protection/ActiveMARK.cs
View File

@@ -37,22 +37,6 @@ namespace BinaryObjectScanner.Protection
// Found in "Zuma.exe"
if (pex.EntryPointData.StartsWith(new byte?[] { 0x89, 0x25, 0x04, 0xF0, 0x86, 0x00, 0x68, 0x30 }))
return "ActiveMark v5.3.1078 (Packer Version)";
// https://raw.githubusercontent.com/wolfram77web/app-peid/master/userdb.txt
else if (pex.EntryPointData.StartsWith(new byte?[] { 0x89, 0x25, null, null, null, null, 0xEB }))
return "ActiveMark -> Trymedia Systems Inc. (Unconfirmed - Please report to us on Github)";
else if (pex.EntryPointData.StartsWith(new byte?[] { 0x89, 0x25, null, null, null, null, 0x33, 0xED, 0x55, 0x8B, 0xEC, 0xE8, null, null, null, null, 0x8B, 0xD0, 0x81, 0xE2, 0xFF, 0x00, 0x00, 0x00, 0x89, 0x15, null, null, null, null, 0x8B, 0xD0, 0xC1, 0xEA, 0x08, 0x81, 0xE2, 0xFF, 0x00, 0x00, 0x00, 0xA3, null, null, null, null, 0xD1, 0xE0, 0x0F, 0x93, 0xC3, 0x33, 0xC0, 0x8A, 0xC3, 0xA3, null, null, null, null, 0x68, 0xFF, 0x00, 0x00, 0x00, 0xE8, null, null, null, null, 0x6A, 0x00, 0xE8, null, null, null, null, 0xA3, null, null, null, null, 0xBB, null, null, null, null, 0xC7, 0x03, 0x44, 0x00, 0x00, 0x00 }))
return "ActiveMark -> Trymedia Systems Inc. (Unconfirmed - Please report to us on Github)";
else if (pex.EntryPointData.StartsWith(new byte?[] { 0x20, 0x2D, 0x2D, 0x4D, 0x50, 0x52, 0x4D, 0x4D, 0x47, 0x56, 0x41, 0x2D, 0x2D, 0x00, 0x75, 0x73, 0x65, 0x72, 0x33, 0x32, 0x2E, 0x64, 0x6C, 0x6C, 0x00, 0x4D, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x42, 0x6F, 0x78, 0x41, 0x00, 0x54, 0x68, 0x69, 0x73, 0x20, 0x61, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x63, 0x61, 0x6E, 0x6E, 0x6F, 0x74, 0x20, 0x72, 0x75, 0x6E, 0x20, 0x77, 0x69, 0x74, 0x68, 0x20, 0x61, 0x6E, 0x20, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x20, 0x64, 0x65, 0x62, 0x75, 0x67 }))
return "ActiveMARK 5.x -> Trymedia Systems Inc. (h) (Unconfirmed - Please report to us on Github)";
else if (pex.EntryPointData.StartsWith(new byte?[] { 0x20, 0x2D, 0x2D, 0x4D, 0x50, 0x52, 0x4D, 0x4D, 0x47, 0x56, 0x41, 0x2D, 0x2D, 0x00, 0x75, 0x73, 0x65, 0x72, 0x33, 0x32, 0x2E, 0x64, 0x6C, 0x6C, 0x00, 0x4D, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x42, 0x6F, 0x78, 0x41, 0x00, 0x54, 0x68, 0x69, 0x73, 0x20, 0x61, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x20, 0x63, 0x61, 0x6E, 0x6E, 0x6F, 0x74, 0x20, 0x72, 0x75, 0x6E, 0x20, 0x77, 0x69, 0x74, 0x68, 0x20, 0x61, 0x6E, 0x20, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x20, 0x64, 0x65, 0x62, 0x75, 0x67, 0x67, 0x65, 0x72, 0x20, 0x69, 0x6E, 0x20, 0x6D, 0x65, 0x6D, 0x6F, 0x72, 0x79, 0x2E, 0x0D, 0x0A, 0x50, 0x6C, 0x65, 0x61, 0x73, 0x65, 0x20, 0x75, 0x6E, 0x6C, 0x6F, 0x61, 0x64, 0x20, 0x74, 0x68, 0x65, 0x20, 0x64, 0x65, 0x62, 0x75, 0x67, 0x67, 0x65, 0x72, 0x20, 0x61, 0x6E, 0x64, 0x20, 0x72, 0x65, 0x73, 0x74, 0x61, 0x72, 0x74, 0x20, 0x74, 0x68, 0x65, 0x20, 0x61, 0x70, 0x70, 0x6C, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x2E, 0x00, 0x57, 0x61, 0x72, 0x6E, 0x69, 0x6E, 0x67 }))
return "ActiveMARK 5.x -> Trymedia Systems,Inc. (Unconfirmed - Please report to us on Github)";
else if (pex.EntryPointData.StartsWith(new byte?[] { 0x79, 0x11, 0x7F, 0xAB, 0x9A, 0x4A, 0x83, 0xB5, 0xC9, 0x6B, 0x1A, 0x48, 0xF9, 0x27, 0xB4, 0x25 }))
return "ActiveMARK[TM] (Unconfirmed - Please report to us on Github)";
else if (pex.EntryPointData.StartsWith(new byte?[] { 0x79, 0x07, 0x0F, 0xB7, 0x07, 0x47, 0x50, 0x47, 0xB9, 0x57, 0x48, 0xF2, 0xAE, 0x55, 0xFF, 0x96, 0x84, null, 0x00, 0x00, 0x09, 0xC0, 0x74, 0x07, 0x89, 0x03, 0x83, 0xC3, 0x04, 0xEB, 0xD8, 0xFF, 0x96, 0x88, null, 0x00, 0x00, 0x61, 0xE9, null, null, null, 0xFF }))
return "ActiveMARK[TM] R5.31.1140 -> Trymedia (Unconfirmed - Please report to us on Github)";
else if (pex.EntryPointData.StartsWith(new byte?[] { 0xBE, 0x48, 0x01, 0x40, 0x00, 0xAD, 0x8B, 0xF8, 0x95, 0xA5, 0x33, 0xC0, 0x33, 0xC9, 0xAB, 0x48, 0xAB, 0xF7, 0xD8, 0xB1, 0x04, 0xF3, 0xAB, 0xC1, 0xE0, 0x0A, 0xB5, 0x1C, 0xF3, 0xAB, 0xAD, 0x50, 0x97, 0x51, 0xAD, 0x87, 0xF5, 0x58, 0x8D, 0x54, 0x86, 0x5C, 0xFF, 0xD5, 0x72, 0x5A, 0x2C, 0x03, 0x73, 0x02, 0xB0, 0x00, 0x3C, 0x07, 0x72, 0x02, 0x2C, 0x03, 0x50, 0x0F, 0xB6, 0x5F, 0xFF, 0xC1, 0xE3, 0x03, 0xB3, 0x00, 0x8D, 0x1C, 0x5B, 0x8D, 0x9C, 0x9E, 0x0C, 0x10, 0x00, 0x00, 0xB0, 0x01, 0x67, 0xE3, 0x29, 0x8B, 0xD7, 0x2B, 0x56, 0x0C, 0x8A, 0x2A, 0x33, 0xD2, 0x84, 0xE9, 0x0F, 0x95, 0xC6, 0x52, 0xFE, 0xC6, 0x8A, 0xD0, 0x8D, 0x14, 0x93, 0xFF, 0xD5, 0x5A, 0x9F, 0x12, 0xC0, 0xD0, 0xE9, 0x74, 0x0E, 0x9E, 0x1A, 0xF2, 0x74, 0xE4, 0xB4, 0x00, 0x33, 0xC9, 0xB5, 0x01, 0xFF, 0x55, 0xCC, 0x33, 0xC9, 0xE9, 0xDF, 0x00, 0x00, 0x00, 0x8B, 0x5E, 0x0C, 0x83, 0xC2, 0x30, 0xFF, 0xD5, 0x73, 0x50, 0x83, 0xC2, 0x30, 0xFF, 0xD5, 0x72, 0x1B, 0x83, 0xC2, 0x30, 0xFF, 0xD5, 0x72, 0x2B, 0x3C, 0x07, 0xB0, 0x09, 0x72, 0x02, 0xB0, 0x0B, 0x50, 0x8B, 0xC7, 0x2B, 0x46, 0x0C, 0xB1, 0x80, 0x8A, 0x00, 0xEB, 0xCF, 0x83, 0xC2, 0x60, 0xFF, 0xD5, 0x87, 0x5E, 0x10, 0x73, 0x0D, 0x83, 0xC2, 0x30, 0xFF, 0xD5, 0x87, 0x5E, 0x14, 0x73, 0x03, 0x87, 0x5E, 0x18, 0x3C, 0x07, 0xB0, 0x08, 0x72, 0x02, 0xB0, 0x0B, 0x50, 0x53, 0x8D, 0x96, 0x7C, 0x07, 0x00, 0x00, 0xFF, 0x55, 0xD0, 0x5B, 0x91, 0xEB, 0x77, 0x3C, 0x07, 0xB0, 0x07, 0x72, 0x02, 0xB0, 0x0A, 0x50, 0x87, 0x5E, 0x10, 0x87, 0x5E, 0x14, 0x89, 0x5E, 0x18, 0x8D, 0x96, 0xC4, 0x0B, 0x00, 0x00, 0xFF, 0x55, 0xD0, 0x50, 0x48 }))
return "ActiveMARK 5.x -> Trymedia Systems,Inc. (h) (Unconfirmed - Please report to us on Github)";
}
// Get the .data section strings, if they exist

4
BinaryObjectScanner/Protection/Denuvo.cs
View File

@@ -90,7 +90,9 @@ namespace BinaryObjectScanner.Protection
// TODO: Re-enable all Entry Point checks after implementing
if (pex.ContainsSection(".arch")
|| pex.ContainsSection(".srdata")
// Disabled scanning in files with the ".srdata" section due to numerous false positives.
// These include Redump entry 112733 and Bus Hound 5.04 (https://web.archive.org/web/20070129204350/http://www.perisoft.net/bin/bhe504.exe).
// || pex.ContainsSection(".srdata")
|| !string.IsNullOrEmpty(timingMatch))
{
if (pex.Model.OptionalHeader?.Magic == OHMN.PE32Plus)

2
BinaryObjectScanner/Protection/GFWL.cs
View File

@@ -1,5 +1,6 @@
using System;
using System.Collections.Generic;
using System.IO;
using BinaryObjectScanner.Interfaces;
using SabreTools.Matching;
using SabreTools.Matching.Paths;
@@ -51,6 +52,7 @@ namespace BinaryObjectScanner.Protection
new(new FilePathMatch("Gfwlivesetup.exe"), "Games for Windows LIVE"),
new(new FilePathMatch("xliveinstall.dll"), "Games for Windows LIVE"),
new(new FilePathMatch("XLiveRedist.msi"), "Games for Windows LIVE"),
new(new PathMatch($"{Path.DirectorySeparatorChar}XLiveRedist"), "Games for Windows LIVE"),
};
return MatchUtil.GetFirstMatch(path, matchers, any: true);

20
BinaryObjectScanner/Protection/HexalockAutoLock.cs
View File

@@ -57,7 +57,25 @@ namespace BinaryObjectScanner.Protection
if (strs.Exists(s => s.Contains("mfint.dll")))
return "Hexalock Autolock";
}
// Get the code/CODE section strings, if they exist
strs = pex.GetFirstSectionStrings("code") ?? pex.GetFirstSectionStrings("CODE");
if (strs != null)
{
// Found in "launcher.exe" in "Sea Adventure / Adventure de la Mer" by Compedia.
if (strs.Exists(s => s.Contains("mfint.dll")))
return "Hexalock Autolock";
}
// Get the UPX1 section strings, if they exist
strs = pex.GetFirstSectionStrings("UPX1");
if (strs != null)
{
// Found in "postmanpat.exe" in "Postman Pat" by Compedia.
if (strs.Exists(s => s.Contains("mfint.dll")))
return "Hexalock Autolock";
}
return null;
}

76
BinaryObjectScanner/Protection/Macrovision.SafeDisc.cs
View File

@@ -388,7 +388,9 @@ namespace BinaryObjectScanner.Protection
"2418D791C7B9D4F05BCB01FAF98F770CDF798464" => "1.00.026",
// Found in Redump entries 31149 and 28810.
"848EDF9F45A8437438B7289BB4D2D1BCF752FD4A" => "1.06.000-1.50.020/Lite",
// It can also be found in the Windows Temp directory when running SafeDisc 2+ games on Windows 9x, but not on XP or newer.
// Examples of it in SafeDisc 2+ can be found in Redump entries 2022 and 38541.
"848EDF9F45A8437438B7289BB4D2D1BCF752FD4A" => "1.06.000+/Lite",
_ => "Unknown Version (Report this to us on GitHub)",
};
@@ -475,8 +477,74 @@ namespace BinaryObjectScanner.Protection
// Found in Redump entries 57986 and 63941.
"85A92DC1D9CCBA6349D70F489043E649A8C21F2B" => "Lite",
// Found in Redump entry 14928.
"538351FF5955A3D8438E8C278E9D6D6274CF13AB" => "Lite",
// The following versions of the file are only found in the Windows Temp directory when running a SafeDisc 2+ program on Windows 9x.
// They aren't found when running the same program on Windows XP or newer. These also aren't currently automatically extracted, and would have to be manually recovered and scanned.
// Found in Redump entries 2022, 72195, and 73502.
"3F46BA4BB6D0D725F8BC5BFD374025853D0F8D10" => "2.05.030",
// Found in Redump entries 38541 and 59462.
"3AF6AD2EBA63FC96BF1A2E39725C41A022B14550" => "2.10.030",
// Found in Redump entries 45040, 55823, and 79476.
"AAB277C3877F654A0EAEC1E0DB1D511CD0D7BA00" => "2.30.030",
// Found in Redump entries 15312 and 48853.
"A73A129E50FB872F3AE0BA974A2EC46281556F8C" => "2.30.031",
// Found in Redump entries 9819 and 53658/53659.
"1499FC17B7565FC4B47F029412928FCA076D1838" => "2.30.033",
// Found in Redump entries 9846, 65642, and 68206.
"FF4DF7AE5252EF38A69F165A6A180F51DCCA0438" => "2.40.010",
// Found in Redump entries 23786 and 110603.
"0D52948CDC6562EEBB5D078C9C0C7E9D1EDB00CE" => "2.40.011",
// Found in Redump entries 30022 and 75104.
"30F5C179AF876292C45463FAE287E109C57B265E" => "2.51.020",
// Found in Redump entries 38589 and 66852.
"728D2D788A757341A37E64DE85204EE1096FD509" => "2.51.021",
// Found in Redump entries 2064, 47047, and 57673.
"5F4EDEA0B29AA3B6B374EC2C91C5EB3C1D791456" => "2.60.052",
// Found in Redump entries 13048-13050, 35385, and 46339.
"6328E7C065E5FB5CD1FB3FE7C47D8B1EA6BF040E" => "2.70.030",
// Found in Redump entries 9261/9262 and 64198.
"DB195BF5C6E732CFDA7DC391C0DF1A52D5898140" => "2.72.000",
// Found in Redump entries 14928, 32783, 75897.
"538351FF5955A3D8438E8C278E9D6D6274CF13AB" => "2.80.010/Lite",
// Found in Redump entries 39273/39274 and 59351.
"51C816A76C831B6EA2B66EEBACFB7032FF813ECC" => "2.80.011",
// Found in Redump entries 11638/11639, 52606, 62505, 85338/85339, 95322/95324, 119414, and 119415.
"6492B6164D40633C7AAAC882EF1BA55E6931DBDC" => "2.90.040",
// Found in Redump entry 116357.
"CC1818B15AD1D0510602D556AB0AFFB8011ECF4F" => "2.90.045",
// Found in Redump entries 13230 and 68204.
"E481642064018AD02CE1FA524E539C89B80B8116" => "3.10.020",
// Found in Redump entries 36511 and 74338.
"6950E54EFAE8A00D2F54BEAAE34FBE13C9555BB8" => "3.15.010",
// Found in Redump entries 15383 and 35512.
"86EBAD43D87C2192FAF457BE922E21963FE8A16C" => "3.15.011",
// Found in Redump entries 30404, 31621/31623, 56748, 58625, and 64355-64358. TODO: Test 84586.
"553BA02CCAE2298C6E14F695EA172EB2B47E6798" => "3.20.020",
// Found in Redump entries 20728, 53667/53668/76775, 58625, 64255, 75782, 84985, 91552, 102135, and 102806.
"CCC4797FDC387FB5E08F87C1830F43F9B7A28726" => "3.20.022",
// Found in Redump entries 20729, 28257, 54268-5427, 63810-63813, and 86177.
"E931EEC20B4A7032BDAD5DC1D76E740A08A6321B" => "3.20.024",
_ => "Unknown Version (Report this to us on GitHub)",
};
@@ -737,7 +805,7 @@ namespace BinaryObjectScanner.Protection
"1BF885FDEF8A1824C34C10E2729AD133F70E1516" => "2.80.011",
// Found in Redump entries 11638, 52606, and 62505.
"B824ED257946EEE93F438B25C855E9DDE7A3671A" => "2.90.010-2.90.040",
"B824ED257946EEE93F438B25C855E9DDE7A3671A" => "2.90.040",
// Found in Redump entries 13230 and 68204.
// SafeDisc 4+ is known to sometimes use old versions of drivers, such as in Redump entry 101261.

75
BinaryObjectScanner/Protection/Macrovision.cs
View File

@@ -348,7 +348,7 @@ namespace BinaryObjectScanner.Protection
12_464 => "3.17.000 / SafeDisc 2.80.010-2.80.011",
// Found in Redump entries 11638 and 52606.
12_400 => "3.18.000 / SafeDisc 2.90.010-2.90.040",
12_400 => "3.18.000 / SafeDisc 2.90.040",
// Found in Redump entries 13230, 15383, and 36511.
// SafeDisc 4+ is known to sometimes use old versions of drivers, such as in Redump entry 101261.
@@ -404,7 +404,7 @@ namespace BinaryObjectScanner.Protection
// Found in Redump entries 11638 and 52606.
// The product version is "3.18.000 Windows NT 2002/11/14".
"3.18.000" => "3.18.000 / SafeDisc 2.90.010-2.90.040",
"3.18.000" => "3.18.000 / SafeDisc 2.90.040",
// Found in Redump entries 13230, 15383, and 36511.
// SafeDisc 4+ is known to sometimes use old versions of drivers, such as in Redump entry 101261.
@@ -474,9 +474,9 @@ namespace BinaryObjectScanner.Protection
// Begin reading 2 bytes after "BoG_ *90.0&!! Yy>" for older versions
int index = positions[0] + 18 + 2;
int version = fileContent.ReadInt32(ref index);
int subVersion = fileContent.ReadInt32(ref index);
int subsubVersion = fileContent.ReadInt32(ref index);
int version = fileContent.ReadInt32LittleEndian(ref index);
int subVersion = fileContent.ReadInt32LittleEndian(ref index);
int subsubVersion = fileContent.ReadInt32LittleEndian(ref index);
if (version != 0)
{
@@ -486,9 +486,9 @@ namespace BinaryObjectScanner.Protection
// Begin reading 14 bytes after "BoG_ *90.0&!! Yy>" for newer versions
index = positions[0] + 18 + 14;
version = fileContent.ReadInt32(ref index);
subVersion = fileContent.ReadInt32(ref index);
subsubVersion = fileContent.ReadInt32(ref index);
version = fileContent.ReadInt32LittleEndian(ref index);
subVersion = fileContent.ReadInt32LittleEndian(ref index);
subsubVersion = fileContent.ReadInt32LittleEndian(ref index);
if (version != 0)
{
@@ -583,16 +583,16 @@ namespace BinaryObjectScanner.Protection
// Found in Redump entries 12885 and 66210.
or "1.09.000"
// Found in Redump entries 3569, 3570, 37523, 66586.
// Found in Redump entries 3569, 3570, 37523, and 66586.
or "1.11.000"
// Found in Redump entries 21154, 37982, 108632.
// Found in Redump entries 21154, 37982, and 108632.
or "1.20.000"
// Found in Redump entries 17024/37920.
or "1.20.001"
// Found in Redump entries 28708, 31526, 43321, 55080, 75501.
// Found in Redump entries 28708, 31526, 43321, 55080, and 75501.
or "1.30.010"
// Found in Redump entries 9617 and 49552.
@@ -613,28 +613,79 @@ namespace BinaryObjectScanner.Protection
// Found in Redump entries 28810 and 62935.
or "1.50.020"
// Source not documented.
// Found in Redump entries 2022, 72195, and 73502.
or "2.05.030"
// Found in Redump entries 38541 and 59462.
or "2.10.030"
// Found in Redump entries 45040, 55823, and 79476.
or "2.30.030"
// Found in Redump entries 15312 and 48863.
or "2.30.031"
// Found in Redump entries 9819 and 53659/53659.
or "2.30.033"
// Found in Redump entries 9846, 45202, 65642, and 68206.
or "2.40.010"
// Found in Redump entries 23786, 37478, and 110603.
or "2.40.011"
// Found in Redump entries 30022 and 75014.
or "2.51.020"
// Found in Redump entries 31666, 38589, 66852, and 83145.
or "2.51.021"
// Found in Redump entries 2064, 47047, and 57673.
or "2.60.052"
// Found in Redump entries 13048-13050, 35385, and 46339.
or "2.70.030"
// Found in Redump entries 9261/9262 and 64198.
or "2.72.000"
// Found in Redump entries 32783, 72743, 75897, and 86176.
or "2.80.010"
// Found in Redump entries 39273/39274 and 59351.
or "2.80.011"
// Version 2.90.010 was erroneously thought to be a valid version, likely due to the SafeDisc version of Redump entry 11639 being updated from "2.80.010" to "2.90.010", presumably as a typo.
// The version string found in SimCity 4 Deluxe is expunged, and so it seems likely that that version was filled in to several other entries of the same game due to the uncertainty.
// Due to this, several BOS checks used to report a version range from 2.90.010-2.90.040, which have all since been updated.
// Found in Redump entries 11638/11639, 52606, 62505, 85338/85339, 95322/95324, 119414, and 119415.
or "2.90.040"
// Found in Redump entry 116357.
// This version is particularly unusual, as it was in a game released in late 2007, when 2.90.040 was used from 2004/2005.
// It also doesn't appear to contain the SecDrv or DrvMgt drivers. It may be a Long Term Support release of SafeDisc 2 for customers unwilling or unable to use SafeDisc 3+.
or "2.90.045"
// Found in Redump entries 13230 and 68204.
or "3.10.020"
// Found in Redump entries 36511 and 74338.
or "3.15.010"
// Found in Redump entries 15383 and 35512.
or "3.15.011"
// Found in Redump entries 30404, 31621/31623, 56748, 58625, and 64355-64358.
or "3.20.020"
// Found in Redump entries 20728, 53667/53668/76775, 58625, 64255, 75782, 84985, 91552, 102135, and 102806.
or "3.20.022"
// Found in Redump entries 20729, 28257, 54268-5427, 63810-63813, and 86177.
or "3.20.024"
// Source not documented.
or "4.00.000"
or "4.00.001"
or "4.00.002"

4
BinaryObjectScanner/Protection/SolidShield.cs
View File

@@ -27,6 +27,10 @@ namespace BinaryObjectScanner.Protection
else if (name.OptionalStartsWith("Activation Manager", StringComparison.OrdinalIgnoreCase))
return $"SolidShield Activation Manager Module {GetInternalVersion(pex)}";
// Found in Redump entry 63719.
else if (name.OptionalStartsWith("Solidshield - Activation Wizard", StringComparison.OrdinalIgnoreCase))
return $"SolidShield Activation Manager Module {GetInternalVersion(pex)}";
// Found in "tvdm.dll" in Redump entry 68166.
else if (name.OptionalStartsWith("Solidshield Library", StringComparison.OrdinalIgnoreCase))
return $"SolidShield {GetInternalVersion(pex)}";

15
BinaryObjectScanner/Scanner.cs
View File

@@ -30,16 +30,14 @@ namespace BinaryObjectScanner
/// </summary>
/// <param name="scanArchives">Enable scanning archive contents</param>
/// <param name="scanContents">Enable including content detections in output</param>
/// <param name="scanGameEngines">Enable including game engines in output</param>
/// <param name="scanPackers">Enable including packers in output</param>
/// <param name="scanPaths">Enable including path detections in output</param>
/// <param name="scanSubdirectories">Enable scanning subdirectories</param>
/// <param name="includeDebug">Enable including debug information</param>
/// <param name="fileProgress">Optional progress callback</param>
public Scanner(bool scanArchives,
bool scanContents,
bool scanGameEngines,
bool scanPackers,
bool scanPaths,
bool scanSubdirectories,
bool includeDebug,
IProgress<ProtectionProgress>? fileProgress = null)
{
@@ -47,9 +45,8 @@ namespace BinaryObjectScanner
{
ScanArchives = scanArchives,
ScanContents = scanContents,
ScanGameEngines = scanGameEngines,
ScanPackers = scanPackers,
ScanPaths = scanPaths,
ScanSubdirectories = scanSubdirectories,
IncludeDebug = includeDebug,
};
@@ -99,7 +96,8 @@ namespace BinaryObjectScanner
if (Directory.Exists(path))
{
// Enumerate all files at first for easier access
List<string> files = [.. IOExtensions.SafeGetFiles(path, "*", SearchOption.AllDirectories)];
SearchOption searchOption = _options.ScanSubdirectories ? SearchOption.AllDirectories : SearchOption.TopDirectoryOnly;
List<string> files = [.. IOExtensions.SafeGetFiles(path, "*", searchOption)];
// Scan for path-detectable protections
if (_options.ScanPaths)
@@ -273,9 +271,6 @@ namespace BinaryObjectScanner
// If we have an executable, it needs to bypass normal handling
if (detectable is Executable executable)
{
executable.IncludeGameEngines = _options.ScanGameEngines;
executable.IncludePackers = _options.ScanPackers;
var subProtections = executable.DetectDict(stream, fileName, GetProtections, _options.IncludeDebug);
protections.Append(subProtections);
}

BIN
BinaryObjectScanner/StormLib.dll
View File

Binary file not shown.

BIN
BinaryObjectScanner/runtimes/win-x64/native/CascLib.dll Normal file
View File

Binary file not shown.

BIN
BinaryObjectScanner/runtimes/win-x64/native/StormLib.dll Normal file
View File

Binary file not shown.

BIN
BinaryObjectScanner/runtimes/win-x86/native/CascLib.dll Normal file
View File

Binary file not shown.

BIN
BinaryObjectScanner/runtimes/win-x86/native/StormLib.dll Normal file
View File

Binary file not shown.

0
BinaryObjectScanner/mspack.dll → BinaryObjectScanner/runtimes/win-x86/native/mspack.dll
View File

42
ExtractionTool/ExtractionTool.csproj
View File

@@ -9,7 +9,7 @@
<Nullable>enable</Nullable>
<SuppressTfmSupportBuildWarnings>true</SuppressTfmSupportBuildWarnings>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
<Version>3.3.1</Version>
<Version>3.3.4</Version>
</PropertyGroup>
<!-- Support All Frameworks -->
@@ -28,16 +28,50 @@
<!-- Set a build flag for Windows specifically -->
<PropertyGroup Condition="'$(RuntimeIdentifier)'=='win-x86'">
<DefineConstants>$(DefineConstants);WIN</DefineConstants>
<DefineConstants>$(DefineConstants);WINX86</DefineConstants>
</PropertyGroup>
<PropertyGroup Condition="'$(RuntimeIdentifier)'=='win-x64'">
<DefineConstants>$(DefineConstants);WINX64</DefineConstants>
</PropertyGroup>
<!-- These are needed for dealing with native Windows DLLs -->
<ItemGroup Condition="'$(RuntimeIdentifier)'=='win-x86'">
<ContentWithTargetPath Include="..\BinaryObjectScanner\runtimes\win-x86\native\CascLib.dll">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToPublishDirectory>Always</CopyToPublishDirectory>
<TargetPath>CascLib.dll</TargetPath>
</ContentWithTargetPath>
<ContentWithTargetPath Include="..\BinaryObjectScanner\runtimes\win-x86\native\mspack.dll">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToPublishDirectory>Always</CopyToPublishDirectory>
<TargetPath>mspack.dll</TargetPath>
</ContentWithTargetPath>
<ContentWithTargetPath Include="..\BinaryObjectScanner\runtimes\win-x86\native\StormLib.dll">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToPublishDirectory>Always</CopyToPublishDirectory>
<TargetPath>StormLib.dll</TargetPath>
</ContentWithTargetPath>
</ItemGroup>
<ItemGroup Condition="'$(RuntimeIdentifier)'=='win-x64'">
<ContentWithTargetPath Include="..\BinaryObjectScanner\runtimes\win-x64\native\CascLib.dll">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToPublishDirectory>Always</CopyToPublishDirectory>
<TargetPath>CascLib.dll</TargetPath>
</ContentWithTargetPath>
<ContentWithTargetPath Include="..\BinaryObjectScanner\runtimes\win-x64\native\StormLib.dll">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToPublishDirectory>Always</CopyToPublishDirectory>
<TargetPath>StormLib.dll</TargetPath>
</ContentWithTargetPath>
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\BinaryObjectScanner\BinaryObjectScanner.csproj" />
</ItemGroup>
<ItemGroup>
<PackageReference Include="SabreTools.IO" Version="1.6.1" />
<PackageReference Include="SabreTools.Serialization" Version="1.8.1" />
<PackageReference Include="SabreTools.IO" Version="1.6.2" />
<PackageReference Include="SabreTools.Serialization" Version="1.8.6" />
</ItemGroup>
</Project>

68
ExtractionTool/Program.cs
View File

@@ -137,14 +137,9 @@ namespace ExtractionTool
Console.WriteLine("Extracting bzip2 contents");
Console.WriteLine();
#if NET20 || NET35 || NET40 || NET452
Console.WriteLine("Extraction is not supported for this framework!");
Console.WriteLine();
#else
// Extract using the FileType
var bzip2 = new BZip2();
bzip2.Extract(stream, file, outputDirectory, includeDebug: true);
#endif
}
// CFB
@@ -235,14 +230,9 @@ namespace ExtractionTool
Console.WriteLine("Extracting gzip contents");
Console.WriteLine();
#if NET20 || NET35 || NET40 || NET452
Console.WriteLine("Extraction is not supported for this framework!");
Console.WriteLine();
#else
// Extract using the FileType
var gzip = new GZIP();
gzip.Extract(stream, file, outputDirectory, includeDebug: true);
#endif
}
// InstallShield Archive V3 (Z)
@@ -269,33 +259,55 @@ namespace ExtractionTool
iscab.Extract(stream, file, outputDirectory, includeDebug: true);
}
// LZ-compressed file, KWAJ variant
else if (ft == WrapperType.LZKWAJ)
{
// Build the KWAJ
Console.WriteLine("Extracting LZ-compressed file, KWAJ variant contents");
Console.WriteLine();
// Extract using the FileType
var lz = new LZKWAJ();
lz.Extract(stream, file, outputDirectory, includeDebug: true);
}
// LZ-compressed file, QBasic variant
else if (ft == WrapperType.LZQBasic)
{
// Build the QBasic
Console.WriteLine("Extracting LZ-compressed file, QBasic variant contents");
Console.WriteLine();
// Extract using the FileType
var lz = new LZQBasic();
lz.Extract(stream, file, outputDirectory, includeDebug: true);
}
// LZ-compressed file, SZDD variant
else if (ft == WrapperType.LZSZDD)
{
// Build the SZDD
Console.WriteLine("Extracting LZ-compressed file, SZDD variant contents");
Console.WriteLine();
// Extract using the FileType
var lz = new LZSZDD();
lz.Extract(stream, file, outputDirectory, includeDebug: true);
}
// Microsoft Cabinet archive
else if (ft == WrapperType.MicrosoftCAB)
{
// Build the cabinet information
Console.WriteLine("Extracting MS-CAB contents");
#if NET20 || NET35 || !WINX86
Console.WriteLine("WARNING: LZX compression not supported so some files may be skipped!");
#endif
Console.WriteLine();
#if NET20 || NET35 || !WIN
Console.WriteLine("Extraction is not supported for this framework!");
Console.WriteLine();
#else
// Extract using the FileType
var mscab = new MicrosoftCAB();
mscab.Extract(stream, file, outputDirectory, includeDebug: true);
#endif
}
// Microsoft LZ / LZ32
else if (ft == WrapperType.MicrosoftLZ)
{
// Build the Microsoft LZ / LZ32 information
Console.WriteLine("Extracting Microsoft LZ / LZ32 contents");
Console.WriteLine();
// Extract using the FileType
var lz = new MicrosoftLZ();
lz.Extract(stream, file, outputDirectory, includeDebug: true);
}
// MoPaQ (MPQ) archive
@@ -305,7 +317,7 @@ namespace ExtractionTool
Console.WriteLine("Extracting MoPaQ contents");
Console.WriteLine();
#if NET20 || NET35 || !WIN
#if NET20 || NET35 || !(WINX86 || WINX64)
Console.WriteLine("Extraction is not supported for this framework!");
Console.WriteLine();
#else

2
LICENSE
View File

@@ -1,4 +1,4 @@
Copyright (c) 2018-2023 Matt Nadareski
Copyright (c) 2018-2025 Matt Nadareski
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

33
ProtectionScan/Options.cs
View File

@@ -30,21 +30,16 @@ namespace ProtectionScan
/// </summary>
public bool ScanContents { get; private set; } = true;
/// <summary>
/// Scan game engines during protection scanning
/// </summary>
public bool ScanGameEngines { get; private set; } = true;
/// <summary>
/// Scan packers during protection scanning
/// </summary>
public bool ScanPackers { get; private set; } = true;
/// <summary>
/// Scan file paths during protection scanning
/// </summary>
public bool ScanPaths { get; private set; } = true;
/// <summary>
/// Scan subdirectories during protection scanning
/// </summary>
public bool ScanSubdirectories { get; set; } = true;
#endregion
/// <summary>
@@ -85,19 +80,14 @@ namespace ProtectionScan
options.ScanContents = false;
break;
case "-ng":
case "--no-game-engines":
options.ScanGameEngines = false;
break;
case "-np":
case "--no-packers":
options.ScanPackers = false;
case "--no-paths":
options.ScanPaths = false;
break;
case "-ns":
case "--no-paths":
options.ScanPaths = false;
case "--no-subdirs":
options.ScanSubdirectories = false;
break;
default:
@@ -130,9 +120,8 @@ namespace ProtectionScan
Console.WriteLine("-d, --debug Enable debug mode");
Console.WriteLine("-nc, --no-contents Disable scanning for content checks");
Console.WriteLine("-na, --no-archives Disable scanning archives");
Console.WriteLine("-ng, --no-game-engines Disable scanning for game engines");
Console.WriteLine("-np, --no-packers Disable scanning for packers");
Console.WriteLine("-ns, --no-paths Disable scanning for path checks");
Console.WriteLine("-np, --no-paths Disable scanning for path checks");
Console.WriteLine("-ns, --no-subdirs Disable scanning subdirectories");
}
}
}

3
ProtectionScan/Program.cs
View File

@@ -34,9 +34,8 @@ namespace ProtectionScan
var scanner = new Scanner(
options.ScanArchives,
options.ScanContents,
options.ScanGameEngines,
options.ScanPackers,
options.ScanPaths,
options.ScanSubdirectories,
options.Debug,
fileProgress);

36
ProtectionScan/ProtectionScan.csproj
View File

@@ -9,7 +9,7 @@
<Nullable>enable</Nullable>
<SuppressTfmSupportBuildWarnings>true</SuppressTfmSupportBuildWarnings>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
<Version>3.3.1</Version>
<Version>3.3.4</Version>
</PropertyGroup>
<!-- Support All Frameworks -->
@@ -26,10 +26,36 @@
<TargetFrameworks>net6.0;net7.0;net8.0;net9.0</TargetFrameworks>
</PropertyGroup>
<!-- Set a build flag for Windows specifically -->
<PropertyGroup Condition="'$(RuntimeIdentifier)'=='win-x86'">
<DefineConstants>$(DefineConstants);WIN</DefineConstants>
</PropertyGroup>
<!-- These are needed for dealing with native Windows DLLs -->
<ItemGroup Condition="'$(RuntimeIdentifier)'=='win-x86'">
<ContentWithTargetPath Include="..\BinaryObjectScanner\runtimes\win-x86\native\CascLib.dll">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToPublishDirectory>Always</CopyToPublishDirectory>
<TargetPath>CascLib.dll</TargetPath>
</ContentWithTargetPath>
<ContentWithTargetPath Include="..\BinaryObjectScanner\runtimes\win-x86\native\mspack.dll">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToPublishDirectory>Always</CopyToPublishDirectory>
<TargetPath>mspack.dll</TargetPath>
</ContentWithTargetPath>
<ContentWithTargetPath Include="..\BinaryObjectScanner\runtimes\win-x86\native\StormLib.dll">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToPublishDirectory>Always</CopyToPublishDirectory>
<TargetPath>StormLib.dll</TargetPath>
</ContentWithTargetPath>
</ItemGroup>
<ItemGroup Condition="'$(RuntimeIdentifier)'=='win-x64'">
<ContentWithTargetPath Include="..\BinaryObjectScanner\runtimes\win-x64\native\CascLib.dll">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToPublishDirectory>Always</CopyToPublishDirectory>
<TargetPath>CascLib.dll</TargetPath>
</ContentWithTargetPath>
<ContentWithTargetPath Include="..\BinaryObjectScanner\runtimes\win-x64\native\StormLib.dll">
<CopyToOutputDirectory>Always</CopyToOutputDirectory>
<CopyToPublishDirectory>Always</CopyToPublishDirectory>
<TargetPath>StormLib.dll</TargetPath>
</ContentWithTargetPath>
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\BinaryObjectScanner\BinaryObjectScanner.csproj" />

3
README.md
View File

@@ -1,7 +1,6 @@
# Binary Object Scanner
[![Program Build](https://github.com/SabreTools/BinaryObjectScanner/actions/workflows/build_programs.yml/badge.svg)](https://github.com/SabreTools/BinaryObjectScanner/actions/workflows/build_programs.yml)
[![Nuget Pack](https://github.com/SabreTools/BinaryObjectScanner/actions/workflows/build_nupkg.yml/badge.svg)](https://github.com/SabreTools/BinaryObjectScanner/actions/workflows/build_nupkg.yml)
[![Build and Test](https://github.com/SabreTools/BinaryObjectScanner/actions/workflows/build_and_test.yml/badge.svg)](https://github.com/SabreTools/BinaryObjectScanner/actions/workflows/build_and_test.yml)
C# protection, packer, and archive scanning library. This currently compiles as a library so it can be used in any C# application. Two reference applications called `ProtectionScan` and `ExtractionTool` are also included to demonstrate the abilities of the library. For an example of a program implementing the library, see [MPF](https://github.com/SabreTools/MPF).

65
publish-nix.sh Normal file → Executable file
View File

@@ -10,13 +10,17 @@
# Optional parameters
USE_ALL=false
INCLUDE_DEBUG=false
NO_BUILD=false
NO_ARCHIVE=false
while getopts "uba" OPTION; do
while getopts "udba" OPTION; do
case $OPTION in
u)
USE_ALL=true
;;
d)
INCLUDE_DEBUG=true
;;
b)
NO_BUILD=true
;;
@@ -39,6 +43,7 @@ COMMIT=$(git log --pretty=%H -1)
# Output the selected options
echo "Selected Options:"
echo " Use all frameworks (-u) $USE_ALL"
echo " Include debug builds (-d) $INCLUDE_DEBUG"
echo " No build (-b) $NO_BUILD"
echo " No archive (-a) $NO_ARCHIVE"
echo " "
@@ -57,8 +62,6 @@ SINGLE_FILE_CAPABLE=("net5.0" "net6.0" "net7.0" "net8.0" "net9.0")
VALID_APPLE_FRAMEWORKS=("net6.0" "net7.0" "net8.0" "net9.0")
VALID_CROSS_PLATFORM_FRAMEWORKS=("netcoreapp3.1" "net5.0" "net6.0" "net7.0" "net8.0" "net9.0")
VALID_CROSS_PLATFORM_RUNTIMES=("win-arm64" "linux-x64" "linux-arm64" "osx-x64" "osx-arm64")
NON_DLL_FRAMEWORKS=("net20" "net35" "net40")
NON_DLL_RUNTIMES=("win-x64" "win-arm64" "linux-x64" "linux-arm64" "osx-x64" "osx-arm64")
# Only build if requested
if [ $NO_BUILD = false ]; then
@@ -93,14 +96,14 @@ if [ $NO_BUILD = false ]; then
# Only .NET 5 and above can publish to a single file
if [[ $(echo ${SINGLE_FILE_CAPABLE[@]} | fgrep -w $FRAMEWORK) ]]; then
# Only include Debug if building all
if [ $USE_ALL = true ]; then
# Only include Debug if set
if [ $INCLUDE_DEBUG = true ]; then
dotnet publish ExtractionTool/ExtractionTool.csproj -f $FRAMEWORK -r $RUNTIME -c Debug --self-contained true --version-suffix $COMMIT -p:PublishSingleFile=true
fi
dotnet publish ExtractionTool/ExtractionTool.csproj -f $FRAMEWORK -r $RUNTIME -c Release --self-contained true --version-suffix $COMMIT -p:PublishSingleFile=true -p:DebugType=None -p:DebugSymbols=false
else
# Only include Debug if building all
if [ $USE_ALL = true ]; then
# Only include Debug if set
if [ $INCLUDE_DEBUG = true ]; then
dotnet publish ExtractionTool/ExtractionTool.csproj -f $FRAMEWORK -r $RUNTIME -c Debug --self-contained true --version-suffix $COMMIT
fi
dotnet publish ExtractionTool/ExtractionTool.csproj -f $FRAMEWORK -r $RUNTIME -c Release --self-contained true --version-suffix $COMMIT -p:DebugType=None -p:DebugSymbols=false
@@ -132,14 +135,14 @@ if [ $NO_BUILD = false ]; then
# Only .NET 5 and above can publish to a single file
if [[ $(echo ${SINGLE_FILE_CAPABLE[@]} | fgrep -w $FRAMEWORK) ]]; then
# Only include Debug if building all
if [ $USE_ALL = true ]; then
# Only include Debug if set
if [ $INCLUDE_DEBUG = true ]; then
dotnet publish ProtectionScan/ProtectionScan.csproj -f $FRAMEWORK -r $RUNTIME -c Debug --self-contained true --version-suffix $COMMIT -p:PublishSingleFile=true
fi
dotnet publish ProtectionScan/ProtectionScan.csproj -f $FRAMEWORK -r $RUNTIME -c Release --self-contained true --version-suffix $COMMIT -p:PublishSingleFile=true -p:DebugType=None -p:DebugSymbols=false
else
# Only include Debug if building all
if [ $USE_ALL = true ]; then
# Only include Debug if set
if [ $INCLUDE_DEBUG = true ]; then
dotnet publish ProtectionScan/ProtectionScan.csproj -f $FRAMEWORK -r $RUNTIME -c Debug --self-contained true --version-suffix $COMMIT
fi
dotnet publish ProtectionScan/ProtectionScan.csproj -f $FRAMEWORK -r $RUNTIME -c Release --self-contained true --version-suffix $COMMIT -p:DebugType=None -p:DebugSymbols=false
@@ -172,25 +175,13 @@ if [ $NO_ARCHIVE = false ]; then
fi
fi
# Only include Debug if building all
if [ $USE_ALL = true ]; then
# Only include Debug if set
if [ $INCLUDE_DEBUG = true ]; then
cd $BUILD_FOLDER/ExtractionTool/bin/Debug/${FRAMEWORK}/${RUNTIME}/publish/
if [[ $(echo ${NON_DLL_FRAMEWORKS[@]} | fgrep -w $FRAMEWORK) ]]; then
zip -r $BUILD_FOLDER/ExtractionTool_${FRAMEWORK}_${RUNTIME}_debug.zip . -x 'CascLib.dll' -x 'mspack.dll' -x 'StormLib.dll'
elif [[ $(echo ${NON_DLL_RUNTIMES[@]} | fgrep -w $RUNTIME) ]]; then
zip -r $BUILD_FOLDER/ExtractionTool_${FRAMEWORK}_${RUNTIME}_debug.zip . -x 'CascLib.dll' -x 'mspack.dll' -x 'StormLib.dll'
else
zip -r $BUILD_FOLDER/ExtractionTool_${FRAMEWORK}_${RUNTIME}_debug.zip .
fi
zip -r $BUILD_FOLDER/ExtractionTool_${FRAMEWORK}_${RUNTIME}_debug.zip .
fi
cd $BUILD_FOLDER/ExtractionTool/bin/Release/${FRAMEWORK}/${RUNTIME}/publish/
if [[ $(echo ${NON_DLL_FRAMEWORKS[@]} | fgrep -w $FRAMEWORK) ]]; then
zip -r $BUILD_FOLDER/ExtractionTool_${FRAMEWORK}_${RUNTIME}_release.zip . -x 'CascLib.dll' -x 'mspack.dll' -x 'StormLib.dll'
elif [[ $(echo ${NON_DLL_RUNTIMES[@]} | fgrep -w $RUNTIME) ]]; then
zip -r $BUILD_FOLDER/ExtractionTool_${FRAMEWORK}_${RUNTIME}_release.zip . -x 'CascLib.dll' -x 'mspack.dll' -x 'StormLib.dll'
else
zip -r $BUILD_FOLDER/ExtractionTool_${FRAMEWORK}_${RUNTIME}_release.zip .
fi
zip -r $BUILD_FOLDER/ExtractionTool_${FRAMEWORK}_${RUNTIME}_release.zip .
done
done
@@ -216,25 +207,13 @@ if [ $NO_ARCHIVE = false ]; then
fi
fi
# Only include Debug if building all
if [ $USE_ALL = true ]; then
# Only include Debug if set
if [ $INCLUDE_DEBUG = true ]; then
cd $BUILD_FOLDER/ProtectionScan/bin/Debug/${FRAMEWORK}/${RUNTIME}/publish/
if [[ $(echo ${NON_DLL_FRAMEWORKS[@]} | fgrep -w $FRAMEWORK) ]]; then
zip -r $BUILD_FOLDER/ProtectionScan_${FRAMEWORK}_${RUNTIME}_debug.zip . -x 'CascLib.dll' -x 'mspack.dll' -x 'StormLib.dll'
elif [[ $(echo ${NON_DLL_RUNTIMES[@]} | fgrep -w $RUNTIME) ]]; then
zip -r $BUILD_FOLDER/ProtectionScan_${FRAMEWORK}_${RUNTIME}_debug.zip . -x 'CascLib.dll' -x 'mspack.dll' -x 'StormLib.dll'
else
zip -r $BUILD_FOLDER/ProtectionScan_${FRAMEWORK}_${RUNTIME}_debug.zip .
fi
zip -r $BUILD_FOLDER/ProtectionScan_${FRAMEWORK}_${RUNTIME}_debug.zip .
fi
cd $BUILD_FOLDER/ProtectionScan/bin/Release/${FRAMEWORK}/${RUNTIME}/publish/
if [[ $(echo ${NON_DLL_FRAMEWORKS[@]} | fgrep -w $FRAMEWORK) ]]; then
zip -r $BUILD_FOLDER/ProtectionScan_${FRAMEWORK}_${RUNTIME}_release.zip . -x 'CascLib.dll' -x 'mspack.dll' -x 'StormLib.dll'
elif [[ $(echo ${NON_DLL_RUNTIMES[@]} | fgrep -w $RUNTIME) ]]; then
zip -r $BUILD_FOLDER/ProtectionScan_${FRAMEWORK}_${RUNTIME}_release.zip . -x 'CascLib.dll' -x 'mspack.dll' -x 'StormLib.dll'
else
zip -r $BUILD_FOLDER/ProtectionScan_${FRAMEWORK}_${RUNTIME}_release.zip .
fi
zip -r $BUILD_FOLDER/ProtectionScan_${FRAMEWORK}_${RUNTIME}_release.zip .
done
done

59
publish-win.ps1
View File

@@ -12,6 +12,10 @@ param(
[Alias("UseAll")]
[switch]$USE_ALL,
[Parameter(Mandatory = $false)]
[Alias("IncludeDebug")]
[switch]$INCLUDE_DEBUG,
[Parameter(Mandatory = $false)]
[Alias("NoBuild")]
[switch]$NO_BUILD,
@@ -30,6 +34,7 @@ $COMMIT = git log --pretty=format:"%H" -1
# Output the selected options
Write-Host "Selected Options:"
Write-Host " Use all frameworks (-UseAll) $USE_ALL"
Write-Host " Include debug builds (-IncludeDebug) $INCLUDE_DEBUG"
Write-Host " No build (-NoBuild) $NO_BUILD"
Write-Host " No archive (-NoArchive) $NO_ARCHIVE"
Write-Host " "
@@ -48,8 +53,6 @@ $SINGLE_FILE_CAPABLE = @('net5.0', 'net6.0', 'net7.0', 'net8.0', 'net9.0')
$VALID_APPLE_FRAMEWORKS = @('net6.0', 'net7.0', 'net8.0', 'net9.0')
$VALID_CROSS_PLATFORM_FRAMEWORKS = @('netcoreapp3.1', 'net5.0', 'net6.0', 'net7.0', 'net8.0', 'net9.0')
$VALID_CROSS_PLATFORM_RUNTIMES = @('win-arm64', 'linux-x64', 'linux-arm64', 'osx-x64', 'osx-arm64')
$NON_DLL_FRAMEWORKS = @('net20', 'net35', 'net40')
$NON_DLL_RUNTIMES = @('win-x64', 'win-arm64', 'linux-x64', 'linux-arm64', 'osx-x64', 'osx-arm64')
# Only build if requested
if (!$NO_BUILD.IsPresent) {
@@ -80,15 +83,15 @@ if (!$NO_BUILD.IsPresent) {
# Only .NET 5 and above can publish to a single file
if ($SINGLE_FILE_CAPABLE -contains $FRAMEWORK) {
# Only include Debug if building all
if ($USE_ALL.IsPresent) {
# Only include Debug if set
if ($INCLUDE_DEBUG.IsPresent) {
dotnet publish ExtractionTool\ExtractionTool.csproj -f $FRAMEWORK -r $RUNTIME -c Debug --self-contained true --version-suffix $COMMIT -p:PublishSingleFile=true
}
dotnet publish ExtractionTool\ExtractionTool.csproj -f $FRAMEWORK -r $RUNTIME -c Release --self-contained true --version-suffix $COMMIT -p:PublishSingleFile=true -p:DebugType=None -p:DebugSymbols=false
}
else {
# Only include Debug if building all
if ($USE_ALL.IsPresent) {
# Only include Debug if set
if ($INCLUDE_DEBUG.IsPresent) {
dotnet publish ExtractionTool\ExtractionTool.csproj -f $FRAMEWORK -r $RUNTIME -c Debug --self-contained true --version-suffix $COMMIT
}
dotnet publish ExtractionTool\ExtractionTool.csproj -f $FRAMEWORK -r $RUNTIME -c Release --self-contained true --version-suffix $COMMIT -p:DebugType=None -p:DebugSymbols=false
@@ -116,15 +119,15 @@ if (!$NO_BUILD.IsPresent) {
# Only .NET 5 and above can publish to a single file
if ($SINGLE_FILE_CAPABLE -contains $FRAMEWORK) {
# Only include Debug if building all
if ($USE_ALL.IsPresent) {
# Only include Debug if set
if ($INCLUDE_DEBUG.IsPresent) {
dotnet publish ProtectionScan\ProtectionScan.csproj -f $FRAMEWORK -r $RUNTIME -c Debug --self-contained true --version-suffix $COMMIT -p:PublishSingleFile=true
}
dotnet publish ProtectionScan\ProtectionScan.csproj -f $FRAMEWORK -r $RUNTIME -c Release --self-contained true --version-suffix $COMMIT -p:PublishSingleFile=true -p:DebugType=None -p:DebugSymbols=false
}
else {
# Only include Debug if building all
if ($USE_ALL.IsPresent) {
# Only include Debug if set
if ($INCLUDE_DEBUG.IsPresent) {
dotnet publish ProtectionScan\ProtectionScan.csproj -f $FRAMEWORK -r $RUNTIME -c Debug --self-contained true --version-suffix $COMMIT
}
dotnet publish ProtectionScan\ProtectionScan.csproj -f $FRAMEWORK -r $RUNTIME -c Release --self-contained true --version-suffix $COMMIT -p:DebugType=None -p:DebugSymbols=false
@@ -153,24 +156,14 @@ if (!$NO_ARCHIVE.IsPresent) {
continue
}
# Only include Debug if building all
if ($USE_ALL.IsPresent) {
# Only include Debug if set
if ($INCLUDE_DEBUG.IsPresent) {
Set-Location -Path $BUILD_FOLDER\ExtractionTool\bin\Debug\${FRAMEWORK}\${RUNTIME}\publish\
if ($NON_DLL_FRAMEWORKS -contains $FRAMEWORK -or $NON_DLL_RUNTIMES -contains $RUNTIME) {
7z a -tzip -x'!CascLib.dll' -x'!mspack.dll' -x'!StormLib.dll' $BUILD_FOLDER\ExtractionTool_${FRAMEWORK}_${RUNTIME}_debug.zip *
}
else {
7z a -tzip $BUILD_FOLDER\ExtractionTool_${FRAMEWORK}_${RUNTIME}_debug.zip *
}
7z a -tzip $BUILD_FOLDER\ExtractionTool_${FRAMEWORK}_${RUNTIME}_debug.zip *
}
Set-Location -Path $BUILD_FOLDER\ExtractionTool\bin\Release\${FRAMEWORK}\${RUNTIME}\publish\
if ($NON_DLL_FRAMEWORKS -contains $FRAMEWORK -or $NON_DLL_RUNTIMES -contains $RUNTIME) {
7z a -tzip -x'!CascLib.dll' -x'!mspack.dll' -x'!StormLib.dll' $BUILD_FOLDER\ExtractionTool_${FRAMEWORK}_${RUNTIME}_release.zip *
}
else {
7z a -tzip $BUILD_FOLDER\ExtractionTool_${FRAMEWORK}_${RUNTIME}_release.zip *
}
7z a -tzip $BUILD_FOLDER\ExtractionTool_${FRAMEWORK}_${RUNTIME}_release.zip *
}
}
@@ -192,24 +185,14 @@ if (!$NO_ARCHIVE.IsPresent) {
continue
}
# Only include Debug if building all
if ($USE_ALL.IsPresent) {
# Only include Debug if set
if ($INCLUDE_DEBUG.IsPresent) {
Set-Location -Path $BUILD_FOLDER\ProtectionScan\bin\Debug\${FRAMEWORK}\${RUNTIME}\publish\
if ($NON_DLL_FRAMEWORKS -contains $FRAMEWORK -or $NON_DLL_RUNTIMES -contains $RUNTIME) {
7z a -tzip -x'!CascLib.dll' -x'!mspack.dll' -x'!StormLib.dll' $BUILD_FOLDER\ProtectionScan_${FRAMEWORK}_${RUNTIME}_debug.zip *
}
else {
7z a -tzip $BUILD_FOLDER\ProtectionScan_${FRAMEWORK}_${RUNTIME}_debug.zip *
}
7z a -tzip $BUILD_FOLDER\ProtectionScan_${FRAMEWORK}_${RUNTIME}_debug.zip *
}
Set-Location -Path $BUILD_FOLDER\ProtectionScan\bin\Release\${FRAMEWORK}\${RUNTIME}\publish\
if ($NON_DLL_FRAMEWORKS -contains $FRAMEWORK -or $NON_DLL_RUNTIMES -contains $RUNTIME) {
7z a -tzip -x'!CascLib.dll' -x'!mspack.dll' -x'!StormLib.dll' $BUILD_FOLDER\ProtectionScan_${FRAMEWORK}_${RUNTIME}_release.zip *
}
else {
7z a -tzip $BUILD_FOLDER\ProtectionScan_${FRAMEWORK}_${RUNTIME}_release.zip *
}
7z a -tzip $BUILD_FOLDER\ProtectionScan_${FRAMEWORK}_${RUNTIME}_release.zip *
}
}