mirror of
https://github.com/SabreTools/BinaryObjectScanner.git
synced 2026-02-07 21:30:13 +00:00
75 lines
2.1 KiB
C#
75 lines
2.1 KiB
C#
using System;
|
|
using System.Collections.Concurrent;
|
|
using System.IO;
|
|
using BurnOutSharp.Interfaces;
|
|
using BurnOutSharp.Tools;
|
|
using WixToolset.Dtf.WindowsInstaller;
|
|
|
|
namespace BurnOutSharp.FileType
|
|
{
|
|
public class MSI : IScannable
|
|
{
|
|
/// <inheritdoc/>
|
|
public bool ShouldScan(byte[] magic)
|
|
{
|
|
if (magic.StartsWith(new byte?[] { 0xD0, 0xCF, 0x11, 0xE0, 0xA1, 0xB1, 0x1A, 0xE1 }))
|
|
return true;
|
|
|
|
return false;
|
|
}
|
|
|
|
/// <inheritdoc/>
|
|
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, string file)
|
|
{
|
|
if (!File.Exists(file))
|
|
return null;
|
|
|
|
using (var fs = File.OpenRead(file))
|
|
{
|
|
return Scan(scanner, fs, file);
|
|
}
|
|
}
|
|
|
|
// TODO: Add stream opening support
|
|
/// <inheritdoc/>
|
|
public ConcurrentDictionary<string, ConcurrentQueue<string>> Scan(Scanner scanner, Stream stream, string file)
|
|
{
|
|
// If the MSI file itself fails
|
|
try
|
|
{
|
|
string tempPath = Path.Combine(Path.GetTempPath(), Guid.NewGuid().ToString());
|
|
Directory.CreateDirectory(tempPath);
|
|
|
|
using (Database msidb = new Database(file, DatabaseOpenMode.ReadOnly))
|
|
{
|
|
msidb.ExportAll(tempPath);
|
|
}
|
|
|
|
// Collect and format all found protections
|
|
var protections = scanner.GetProtections(tempPath);
|
|
|
|
// If temp directory cleanup fails
|
|
try
|
|
{
|
|
Directory.Delete(tempPath, true);
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
if (scanner.IncludeDebug) Console.WriteLine(ex);
|
|
}
|
|
|
|
// Remove temporary path references
|
|
Utilities.StripFromKeys(protections, tempPath);
|
|
|
|
return protections;
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
if (scanner.IncludeDebug) Console.WriteLine(ex);
|
|
}
|
|
|
|
return null;
|
|
}
|
|
}
|
|
}
|