mirror of
https://github.com/SabreTools/BinaryObjectScanner.git
synced 2026-02-14 05:36:07 +00:00
103 lines
3.5 KiB
C#
103 lines
3.5 KiB
C#
using System;
|
|
using System.Collections.Concurrent;
|
|
using System.IO;
|
|
using System.Linq;
|
|
using BurnOutSharp.Interfaces;
|
|
using BinaryObjectScanner.Wrappers;
|
|
using SharpCompress.Archives;
|
|
using SharpCompress.Archives.Rar;
|
|
using static BinaryObjectScanner.Utilities.Dictionary;
|
|
|
|
namespace BurnOutSharp.PackerType
|
|
{
|
|
public class WinRARSFX : IPortableExecutableCheck, IScannable
|
|
{
|
|
/// <inheritdoc/>
|
|
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
|
|
{
|
|
// Get the sections from the executable, if possible
|
|
var sections = pex?.SectionTable;
|
|
if (sections == null)
|
|
return null;
|
|
|
|
string name = pex.AssemblyDescription;
|
|
if (name?.Contains("WinRAR archiver") == true)
|
|
return "WinRAR SFX";
|
|
|
|
var resources = pex.FindDialogByTitle("WinRAR self-extracting archive");
|
|
if (resources.Any())
|
|
return "WinRAR SFX";
|
|
|
|
return null;
|
|
}
|
|
|
|
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
|
|
{
|
|
if (!File.Exists(file))
|
|
return null;
|
|
|
|
using (var fs = File.Open(file, FileMode.Open, FileAccess.Read, FileShare.Read))
|
|
{
|
|
return Scan(scanner, fs, file);
|
|
}
|
|
}
|
|
|
|
/// <inheritdoc/>
|
|
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
|
|
{
|
|
// If the rar file itself fails
|
|
try
|
|
{
|
|
string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString());
|
|
Directory.CreateDirectory(tempPath);
|
|
|
|
// Should be using stream instead of file, but stream fails to extract anything. My guess is that the executable portion of the archive is causing stream to fail, but not file.
|
|
using (RarArchive zipFile = RarArchive.Open(file, new SharpCompress.Readers.ReaderOptions() {LookForHeader = true}))
|
|
{
|
|
foreach (var entry in zipFile.Entries)
|
|
{
|
|
// If an individual entry fails
|
|
try
|
|
{
|
|
// If we have a directory, skip it
|
|
if (entry.IsDirectory)
|
|
continue;
|
|
|
|
string tempFile = Path.Combine(tempPath, entry.Key);
|
|
entry.WriteToFile(tempFile);
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
if (scanner.IncludeDebug) Console.WriteLine(ex);
|
|
}
|
|
}
|
|
}
|
|
|
|
// Collect and format all found protections
|
|
var protections = scanner.GetProtections(tempPath);
|
|
|
|
// If temp directory cleanup fails
|
|
try
|
|
{
|
|
Directory.Delete(tempPath, true);
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
if (scanner.IncludeDebug) Console.WriteLine(ex);
|
|
}
|
|
|
|
// Remove temporary path references
|
|
StripFromKeys(protections, tempPath);
|
|
|
|
return protections;
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
if (scanner.IncludeDebug) Console.WriteLine(ex);
|
|
}
|
|
|
|
return null;
|
|
}
|
|
}
|
|
}
|