mirror of
https://github.com/SabreTools/BinaryObjectScanner.git
synced 2026-04-23 22:55:05 +00:00
28 lines
949 B
C#
28 lines
949 B
C#
using System.Collections.Generic;
|
|
using BurnOutSharp.ExecutableType.Microsoft.PE;
|
|
using BurnOutSharp.Matching;
|
|
|
|
namespace BurnOutSharp.PackerType
|
|
{
|
|
// TODO: Add extraction
|
|
public class Shrinker : IPortableExecutableCheck
|
|
{
|
|
/// <inheritdoc/>
|
|
public string CheckPortableExecutable(string file, PortableExecutable pex, bool includeDebug)
|
|
{
|
|
// Get the sections from the executable, if possible
|
|
var sections = pex?.SectionTable;
|
|
if (sections == null)
|
|
return null;
|
|
|
|
// Get the .shrink0 and .shrink2 sections, if they exist -- TODO: Confirm if both are needed or either/or is fine
|
|
bool shrink0Section = pex.ContainsSection(".shrink0", true);
|
|
bool shrink2Section = pex.ContainsSection(".shrink2", true);
|
|
if (shrink0Section || shrink2Section)
|
|
return "Shrinker";
|
|
|
|
return null;
|
|
}
|
|
}
|
|
}
|