SabreTools/BinaryObjectScanner
1
0
Fork 0
mirror of https://github.com/SabreTools/BinaryObjectScanner.git synced 2026-02-04 05:35:49 +00:00
Code Issues 295 Packages Projects Releases 20 Wiki Activity

[PR #353] [MERGED] Move Crunch to its own Packer, improve SmartE detection. #512

New Issue
Closed
opened 2026-01-29 21:09:48 +00:00 by claunia · 0 comments
claunia commented 2026-01-29 21:09:48 +00:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/SabreTools/BinaryObjectScanner/pull/353
Author: @HeroponRikiBestest
Created: 1/14/2025
Status: Merged
Merged: 1/14/2025
Merged by: @mnadareski

Base: masterHead: master

📝 Commits (9)

  • 7080856 Move Crunch to its own Packer, improve SmartE detection.
  • fef5cc8 Fix formatting by removing brackets
  • 7b23508 Remove named section checks, minor formatting fixes
  • 066cbe8 Add newline before summary.
  • 91fdb9e Remove empty returns.
  • 4e5c258 Remove unnecessary newline
  • 967f14f Change Crunch to use IExtractableExecutable
  • b12ba0e Remove unnecessary whitespace.
  • ae8d89d Add tests for Crunch.

📊 Changes

3 files changed (+124 additions, -11 deletions)

View changed files

BinaryObjectScanner.Test/Packer/CrunchTests.cs (+36 -0)
BinaryObjectScanner/Packer/Crunch.cs (+32 -0)
📝 BinaryObjectScanner/Protection/SmartE.cs (+56 -11)

📄 Description

All SmartE games use the Crunch packer from BitArts, which is what the BITARTS string check was actually checking for. Some non-SmartE software is also packed with Crunch, so Crunch was moved to its own seperate packer check.

SmartE generates an executable stub when you run it, which has SmartE in the executable properties. Added a check for this in case someone wanted to manually scan a stub they generated.

A Yara/PEiD check exists that works for all known SmartE games except Dungeon Siege 1, doesn't have false positives on non-SmartE executables packed with Crunch, and is long enough that there's virtually no chance of a random false positive. This check was added to the SmartE protection scanning. Thus far, it always occurs on the last section, so that is the first check. Fallback checks for specific known named sections are also included.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/SabreTools/BinaryObjectScanner/pull/353 **Author:** [@HeroponRikiBestest](https://github.com/HeroponRikiBestest) **Created:** 1/14/2025 **Status:** ✅ Merged **Merged:** 1/14/2025 **Merged by:** [@mnadareski](https://github.com/mnadareski) **Base:** `master` ← **Head:** `master` --- ### 📝 Commits (9) - [`7080856`](https://github.com/SabreTools/BinaryObjectScanner/commit/70808560ccb278d87229159dba44c836230ae2dc) Move Crunch to its own Packer, improve SmartE detection. - [`fef5cc8`](https://github.com/SabreTools/BinaryObjectScanner/commit/fef5cc821e84fe441225a0e1ec0c8dd676d07af1) Fix formatting by removing brackets - [`7b23508`](https://github.com/SabreTools/BinaryObjectScanner/commit/7b23508a7a683e1e7702fa3a2c6587d2e0066ba3) Remove named section checks, minor formatting fixes - [`066cbe8`](https://github.com/SabreTools/BinaryObjectScanner/commit/066cbe89d1a8941d3027d023e44875800153bfe1) Add newline before summary. - [`91fdb9e`](https://github.com/SabreTools/BinaryObjectScanner/commit/91fdb9e274c452fd3eaafa7f1e73688f71e71c72) Remove empty returns. - [`4e5c258`](https://github.com/SabreTools/BinaryObjectScanner/commit/4e5c25843ff0f205dfaced1c895c7174f43fb094) Remove unnecessary newline - [`967f14f`](https://github.com/SabreTools/BinaryObjectScanner/commit/967f14fc42669420cc0c031823dc65bfe3e953f0) Change Crunch to use IExtractableExecutable - [`b12ba0e`](https://github.com/SabreTools/BinaryObjectScanner/commit/b12ba0e3f31f3d9431cb39c97acc49127b363dd7) Remove unnecessary whitespace. - [`ae8d89d`](https://github.com/SabreTools/BinaryObjectScanner/commit/ae8d89df89c34f27fadcb933bd2a714f7a1076cd) Add tests for Crunch. ### 📊 Changes **3 files changed** (+124 additions, -11 deletions) <details> <summary>View changed files</summary> ➕ `BinaryObjectScanner.Test/Packer/CrunchTests.cs` (+36 -0) ➕ `BinaryObjectScanner/Packer/Crunch.cs` (+32 -0) 📝 `BinaryObjectScanner/Protection/SmartE.cs` (+56 -11) </details> ### 📄 Description All SmartE games use the Crunch packer from BitArts, which is what the BITARTS string check was actually checking for. Some non-SmartE software is also packed with Crunch, so Crunch was moved to its own seperate packer check. SmartE generates an executable stub when you run it, which has SmartE in the executable properties. Added a check for this in case someone wanted to manually scan a stub they generated. A Yara/PEiD check exists that works for all known SmartE games except Dungeon Siege 1, doesn't have false positives on non-SmartE executables packed with Crunch, and is long enough that there's virtually no chance of a random false positive. This check was added to the SmartE protection scanning. Thus far, it always occurs on the last section, so that is the first check. Fallback checks for specific known named sections are also included. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
claunia added the pull-request label 2026-01-29 21:09:48 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 question
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
claunia
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: SabreTools/BinaryObjectScanner#512
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?