2025-09-12 09:02:03 -04:00
|
|
|
|
using System;
|
|
|
|
|
|
using System.IO;
|
2025-09-26 22:30:59 -04:00
|
|
|
|
using SabreTools.IO.Compression.BZip2;
|
2025-09-12 09:02:03 -04:00
|
|
|
|
using SabreTools.IO.Compression.zlib;
|
|
|
|
|
|
using SabreTools.IO.Extensions;
|
2026-03-24 19:17:25 -04:00
|
|
|
|
using SabreTools.Matching;
|
|
|
|
|
|
using SabreTools.Numerics.Extensions;
|
2025-09-12 09:02:03 -04:00
|
|
|
|
|
2026-03-18 16:37:59 -04:00
|
|
|
|
namespace SabreTools.Wrappers
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
public partial class PortableExecutable : IExtractable
|
|
|
|
|
|
{
|
|
|
|
|
|
/// <inheritdoc/>
|
|
|
|
|
|
/// <remarks>
|
|
|
|
|
|
/// This extracts the following data:
|
|
|
|
|
|
/// - Archives and executables in the overlay
|
|
|
|
|
|
/// - Archives and executables in resource data
|
|
|
|
|
|
/// - CExe-compressed resource data
|
2025-09-20 10:32:53 -04:00
|
|
|
|
/// - SecuROM Matroschka package sections
|
2025-09-26 22:27:27 -04:00
|
|
|
|
/// - SFX archives
|
|
|
|
|
|
/// + 7z
|
|
|
|
|
|
/// + Advanced Installer
|
2025-10-23 15:38:51 -04:00
|
|
|
|
/// + InstallShield Executables
|
2025-09-26 22:27:27 -04:00
|
|
|
|
/// + MS-CAB
|
|
|
|
|
|
/// + PKZIP
|
|
|
|
|
|
/// + RAR
|
|
|
|
|
|
/// + Spoon Installer
|
2025-09-12 09:02:03 -04:00
|
|
|
|
/// - Wise installers
|
|
|
|
|
|
/// </remarks>
|
|
|
|
|
|
public bool Extract(string outputDirectory, bool includeDebug)
|
|
|
|
|
|
{
|
2025-09-26 19:43:39 -04:00
|
|
|
|
bool cai = ExtractAdvancedInstaller(outputDirectory, includeDebug);
|
2025-09-12 09:02:03 -04:00
|
|
|
|
bool cexe = ExtractCExe(outputDirectory, includeDebug);
|
2025-10-23 15:38:51 -04:00
|
|
|
|
bool issexe = ExtractInstallShieldExecutable(outputDirectory, includeDebug);
|
2025-09-20 10:00:54 -04:00
|
|
|
|
bool matroschka = ExtractMatroschka(outputDirectory, includeDebug);
|
2025-09-12 09:02:03 -04:00
|
|
|
|
bool resources = ExtractFromResources(outputDirectory, includeDebug);
|
2025-09-26 22:27:27 -04:00
|
|
|
|
bool spoon = ExtractSpoonInstaller(outputDirectory, includeDebug);
|
2025-09-27 08:26:57 -04:00
|
|
|
|
|
|
|
|
|
|
// Skip Wise section extraction if the overlay succeeded
|
|
|
|
|
|
bool wiseOverlay = ExtractWiseOverlay(outputDirectory, includeDebug);
|
|
|
|
|
|
bool wiseSection = wiseOverlay || ExtractWiseSection(outputDirectory, includeDebug);
|
2025-09-12 09:02:03 -04:00
|
|
|
|
|
2025-09-26 19:56:51 -04:00
|
|
|
|
// Overlay can be skipped in some situations
|
2025-10-23 15:38:51 -04:00
|
|
|
|
bool overlay = cai || issexe || spoon || wiseOverlay
|
2025-09-26 22:27:27 -04:00
|
|
|
|
|| ExtractFromOverlay(outputDirectory, includeDebug);
|
2025-09-26 19:56:51 -04:00
|
|
|
|
|
2025-10-23 16:05:12 -04:00
|
|
|
|
return cai || cexe || issexe || matroschka || overlay || resources
|
|
|
|
|
|
|| spoon || wiseOverlay || wiseSection;
|
2025-09-26 19:43:39 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Extract a Caphyon Advanced Installer SFX overlay
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="outputDirectory">Output directory to write to</param>
|
|
|
|
|
|
/// <param name="includeDebug">True to include debug data, false otherwise</param>
|
|
|
|
|
|
/// <returns>True if extraction succeeded, false otherwise</returns>
|
|
|
|
|
|
public bool ExtractAdvancedInstaller(string outputDirectory, bool includeDebug)
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
2025-09-26 22:52:09 -04:00
|
|
|
|
// Ensure the stream is starting at the beginning
|
2025-10-27 22:43:56 -04:00
|
|
|
|
_dataSource.SeekIfPossible(0, SeekOrigin.Begin);
|
2025-09-26 22:52:09 -04:00
|
|
|
|
|
2025-09-26 19:43:39 -04:00
|
|
|
|
// Try to deserialize the source data
|
2026-03-18 16:37:59 -04:00
|
|
|
|
var deserializer = new Serialization.Readers.AdvancedInstaller();
|
2025-09-26 19:43:39 -04:00
|
|
|
|
var sfx = deserializer.Deserialize(_dataSource);
|
2026-01-25 14:30:18 -05:00
|
|
|
|
if (sfx is null || sfx.Entries.Length == 0)
|
2025-09-26 19:43:39 -04:00
|
|
|
|
return false;
|
|
|
|
|
|
|
2025-09-26 19:56:51 -04:00
|
|
|
|
// Loop through the entries and extract
|
|
|
|
|
|
for (int i = 0; i < sfx.Entries.Length; i++)
|
|
|
|
|
|
{
|
|
|
|
|
|
var entry = sfx.Entries[i];
|
2025-09-26 19:43:39 -04:00
|
|
|
|
|
2025-09-26 19:56:51 -04:00
|
|
|
|
// Get the offset and size
|
|
|
|
|
|
long offset = entry.FileOffset;
|
|
|
|
|
|
int size = (int)entry.FileSize;
|
|
|
|
|
|
|
|
|
|
|
|
// Try to read the file data
|
|
|
|
|
|
byte[] data = ReadRangeFromSource(offset, size);
|
|
|
|
|
|
if (data.Length == 0)
|
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
|
|
// Ensure directory separators are consistent
|
2025-10-30 20:54:32 -04:00
|
|
|
|
string filename = entry.Name.Length == 0 ? $"FILE_{i}" : entry.Name;
|
2025-09-26 19:56:51 -04:00
|
|
|
|
if (Path.DirectorySeparatorChar == '\\')
|
|
|
|
|
|
filename = filename.Replace('/', '\\');
|
|
|
|
|
|
else if (Path.DirectorySeparatorChar == '/')
|
|
|
|
|
|
filename = filename.Replace('\\', '/');
|
|
|
|
|
|
|
|
|
|
|
|
// Ensure the full output directory exists
|
|
|
|
|
|
filename = Path.Combine(outputDirectory, filename);
|
|
|
|
|
|
var directoryName = Path.GetDirectoryName(filename);
|
2026-01-25 14:32:49 -05:00
|
|
|
|
if (directoryName is not null && !Directory.Exists(directoryName))
|
2025-09-26 19:56:51 -04:00
|
|
|
|
Directory.CreateDirectory(directoryName);
|
|
|
|
|
|
|
|
|
|
|
|
// Write the output file
|
|
|
|
|
|
var fs = File.Open(filename, FileMode.Create, FileAccess.Write, FileShare.ReadWrite);
|
|
|
|
|
|
fs.Write(data, 0, data.Length);
|
|
|
|
|
|
fs.Flush();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return true;
|
2025-09-26 19:43:39 -04:00
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (includeDebug) Console.Error.WriteLine(ex);
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2025-09-12 09:02:03 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Extract a CExe-compressed executable
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="outputDirectory">Output directory to write to</param>
|
|
|
|
|
|
/// <param name="includeDebug">True to include debug data, false otherwise</param>
|
|
|
|
|
|
/// <returns>True if extraction succeeded, false otherwise</returns>
|
|
|
|
|
|
public bool ExtractCExe(string outputDirectory, bool includeDebug)
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
// Get all resources of type 99 with index 2
|
|
|
|
|
|
var resources = FindResourceByNamedType("99, 2");
|
2026-01-25 14:30:18 -05:00
|
|
|
|
if (resources is null || resources.Count == 0)
|
2025-09-12 09:02:03 -04:00
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
// Get the first resource of type 99 with index 2
|
|
|
|
|
|
var resource = resources[0];
|
2026-01-25 14:30:18 -05:00
|
|
|
|
if (resource is null || resource.Length == 0)
|
2025-09-12 09:02:03 -04:00
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
// Create the output data buffer
|
|
|
|
|
|
byte[]? data = [];
|
|
|
|
|
|
|
|
|
|
|
|
// If we had the decompression DLL included, it's zlib
|
|
|
|
|
|
if (FindResourceByNamedType("99, 1").Count > 0)
|
|
|
|
|
|
data = DecompressCExeZlib(resource);
|
|
|
|
|
|
else
|
|
|
|
|
|
data = DecompressCExeLZ(resource);
|
|
|
|
|
|
|
|
|
|
|
|
// If we have no data
|
2026-01-25 14:30:18 -05:00
|
|
|
|
if (data is null)
|
2025-09-12 09:02:03 -04:00
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
// Create the temp filename
|
|
|
|
|
|
string tempFile = string.IsNullOrEmpty(Filename) ? "temp.sxe" : $"{Path.GetFileNameWithoutExtension(Filename)}.sxe";
|
|
|
|
|
|
tempFile = Path.Combine(outputDirectory, tempFile);
|
|
|
|
|
|
var directoryName = Path.GetDirectoryName(tempFile);
|
2026-01-25 14:32:49 -05:00
|
|
|
|
if (directoryName is not null && !Directory.Exists(directoryName))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
Directory.CreateDirectory(directoryName);
|
|
|
|
|
|
|
|
|
|
|
|
// Write the file data to a temp file
|
|
|
|
|
|
var tempStream = File.Open(tempFile, FileMode.Create, FileAccess.Write, FileShare.ReadWrite);
|
|
|
|
|
|
tempStream.Write(data, 0, data.Length);
|
2025-09-26 19:56:51 -04:00
|
|
|
|
tempStream.Flush();
|
2025-09-12 09:02:03 -04:00
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (includeDebug) Console.Error.WriteLine(ex);
|
2025-10-23 15:38:51 -04:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2025-10-23 16:05:12 -04:00
|
|
|
|
|
2025-09-12 09:02:03 -04:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Extract data from the overlay
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="outputDirectory">Output directory to write to</param>
|
|
|
|
|
|
/// <param name="includeDebug">True to include debug data, false otherwise</param>
|
|
|
|
|
|
/// <returns>True if extraction succeeded, false otherwise</returns>
|
|
|
|
|
|
public bool ExtractFromOverlay(string outputDirectory, bool includeDebug)
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
// Cache the overlay data for easier reading
|
|
|
|
|
|
var overlayData = OverlayData;
|
|
|
|
|
|
if (overlayData.Length == 0)
|
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
// Set the output variables
|
|
|
|
|
|
int overlayOffset = 0;
|
|
|
|
|
|
string extension = string.Empty;
|
|
|
|
|
|
|
|
|
|
|
|
// Only process the overlay if it is recognized
|
|
|
|
|
|
for (; overlayOffset < 0x400 && overlayOffset < overlayData.Length - 0x10; overlayOffset++)
|
|
|
|
|
|
{
|
|
|
|
|
|
int temp = overlayOffset;
|
|
|
|
|
|
byte[] overlaySample = overlayData.ReadBytes(ref temp, 0x10);
|
|
|
|
|
|
|
2025-09-26 13:06:18 -04:00
|
|
|
|
if (overlaySample.StartsWith(Data.Models.SevenZip.Constants.SignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "7z";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (overlaySample.StartsWith([0x3B, 0x21, 0x40, 0x49, 0x6E, 0x73, 0x74, 0x61, 0x6C, 0x6C]))
|
|
|
|
|
|
{
|
|
|
|
|
|
// 7-zip SFX script -- ";!@Install" to ";!@InstallEnd@!"
|
|
|
|
|
|
overlayOffset = overlayData.FirstPosition([0x3B, 0x21, 0x40, 0x49, 0x6E, 0x73, 0x74, 0x61, 0x6C, 0x6C, 0x45, 0x6E, 0x64, 0x40, 0x21]);
|
|
|
|
|
|
if (overlayOffset == -1)
|
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
overlayOffset += 15;
|
|
|
|
|
|
extension = "7z";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (overlaySample.StartsWith(Data.Models.BZip2.Constants.SignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "bz2";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (overlaySample.StartsWith(Data.Models.CFB.Constants.SignatureBytes))
|
2025-09-25 21:13:07 -04:00
|
|
|
|
{
|
|
|
|
|
|
// Assume embedded CFB files are MSI
|
|
|
|
|
|
extension = "msi";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-12 09:02:03 -04:00
|
|
|
|
else if (overlaySample.StartsWith([0x1F, 0x8B]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "gz";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (overlaySample.StartsWith(Data.Models.MicrosoftCabinet.Constants.SignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "cab";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (overlaySample.StartsWith(Data.Models.PKZIP.Constants.LocalFileHeaderSignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "zip";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (overlaySample.StartsWith(Data.Models.PKZIP.Constants.EndOfCentralDirectoryRecordSignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "zip";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (overlaySample.StartsWith(Data.Models.PKZIP.Constants.EndOfCentralDirectoryRecord64SignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "zip";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (overlaySample.StartsWith(Data.Models.PKZIP.Constants.DataDescriptorSignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "zip";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (overlaySample.StartsWith(Data.Models.RAR.Constants.OldSignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "rar";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (overlaySample.StartsWith(Data.Models.RAR.Constants.NewSignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "rar";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (overlaySample.StartsWith([0x55, 0x48, 0x41, 0x06]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "uha";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-20 19:48:45 -04:00
|
|
|
|
else if (overlaySample.StartsWith([0x3C, 0x3F, 0x78, 0x6D, 0x6C]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "xml";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (overlaySample.StartsWith([0x3C, 0x00, 0x3F, 0x00, 0x78, 0x00, 0x6D, 0x00, 0x6C, 0x00]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "xml";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (overlaySample.StartsWith([0xFF, 0xFE, 0x3C, 0x00, 0x3F, 0x00, 0x78, 0x00, 0x6D, 0x00, 0x6C, 0x00]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "xml";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-29 22:56:53 -04:00
|
|
|
|
else if (overlaySample.StartsWith(Data.Models.XZ.Constants.HeaderSignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "xz";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (overlaySample.StartsWith(Data.Models.MSDOS.Constants.SignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "bin"; // exe/dll
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// If the extension is unset
|
|
|
|
|
|
if (extension.Length == 0)
|
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
// Create the temp filename
|
|
|
|
|
|
string tempFile = $"embedded_overlay.{extension}";
|
2026-01-25 14:32:49 -05:00
|
|
|
|
if (Filename is not null)
|
2025-09-12 09:02:03 -04:00
|
|
|
|
tempFile = $"{Path.GetFileName(Filename)}-{tempFile}";
|
|
|
|
|
|
|
|
|
|
|
|
tempFile = Path.Combine(outputDirectory, tempFile);
|
|
|
|
|
|
var directoryName = Path.GetDirectoryName(tempFile);
|
2026-01-25 14:32:49 -05:00
|
|
|
|
if (directoryName is not null && !Directory.Exists(directoryName))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
Directory.CreateDirectory(directoryName);
|
|
|
|
|
|
|
|
|
|
|
|
// Write the resource data to a temp file
|
|
|
|
|
|
using var tempStream = File.Open(tempFile, FileMode.Create, FileAccess.Write, FileShare.ReadWrite);
|
2025-09-25 13:41:51 -04:00
|
|
|
|
|
2025-09-25 20:14:41 -04:00
|
|
|
|
// If the overlay is partially cached, read it from the source in blocks
|
|
|
|
|
|
if (OverlaySize > overlayData.Length)
|
2025-09-25 14:07:01 -04:00
|
|
|
|
{
|
|
|
|
|
|
long currentOffset = OverlayAddress + overlayOffset;
|
2025-09-25 20:28:25 -04:00
|
|
|
|
long bytesLeft = OverlaySize - overlayOffset;
|
2025-09-25 14:07:01 -04:00
|
|
|
|
|
|
|
|
|
|
while (bytesLeft > 0)
|
|
|
|
|
|
{
|
|
|
|
|
|
int bytesToRead = (int)Math.Min(0x4000, bytesLeft);
|
|
|
|
|
|
byte[] buffer = ReadRangeFromSource(currentOffset, bytesToRead);
|
|
|
|
|
|
if (buffer.Length == 0)
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
|
|
tempStream.Write(buffer, 0, buffer.Length);
|
|
|
|
|
|
tempStream.Flush();
|
|
|
|
|
|
|
|
|
|
|
|
currentOffset += bytesToRead;
|
|
|
|
|
|
bytesLeft -= bytesToRead;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Otherwise, read from the cached data
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
tempStream.Write(overlayData, overlayOffset, overlayData.Length - overlayOffset);
|
|
|
|
|
|
tempStream.Flush();
|
|
|
|
|
|
}
|
2025-09-12 09:02:03 -04:00
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (includeDebug) Console.Error.WriteLine(ex);
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Extract data from the resources
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="outputDirectory">Output directory to write to</param>
|
|
|
|
|
|
/// <param name="includeDebug">True to include debug data, false otherwise</param>
|
|
|
|
|
|
/// <returns>True if extraction succeeded, false otherwise</returns>
|
|
|
|
|
|
public bool ExtractFromResources(string outputDirectory, bool includeDebug)
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
// Cache the resource data for easier reading
|
|
|
|
|
|
var resourceData = ResourceData;
|
|
|
|
|
|
if (resourceData.Count == 0)
|
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
// Get the resources that have an archive signature
|
|
|
|
|
|
int i = 0;
|
|
|
|
|
|
foreach (var kvp in resourceData)
|
|
|
|
|
|
{
|
|
|
|
|
|
// Get the key and value
|
|
|
|
|
|
string resourceKey = kvp.Key;
|
|
|
|
|
|
var value = kvp.Value;
|
|
|
|
|
|
|
2026-02-12 18:25:24 -05:00
|
|
|
|
if (value is null || value is not Data.Models.PortableExecutable.Resource.Entries.GenericResourceEntry ba || ba.Data.Length == 0)
|
2025-09-12 09:02:03 -04:00
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
|
|
// Set the output variables
|
|
|
|
|
|
int resourceOffset = 0;
|
|
|
|
|
|
string extension = string.Empty;
|
|
|
|
|
|
|
|
|
|
|
|
// Only process the resource if it a recognized signature
|
2026-02-12 18:25:24 -05:00
|
|
|
|
for (; resourceOffset < 0x400 && resourceOffset < ba.Data.Length - 0x10; resourceOffset++)
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
int temp = resourceOffset;
|
2026-02-12 18:25:24 -05:00
|
|
|
|
byte[] resourceSample = ba.Data.ReadBytes(ref temp, 0x10);
|
2025-09-12 09:02:03 -04:00
|
|
|
|
|
2025-09-26 13:06:18 -04:00
|
|
|
|
if (resourceSample.StartsWith(Data.Models.SevenZip.Constants.SignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "7z";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (resourceSample.StartsWith([0x42, 0x4D]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "bmp";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (resourceSample.StartsWith(Data.Models.BZip2.Constants.SignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "bz2";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (resourceSample.StartsWith(Data.Models.CFB.Constants.SignatureBytes))
|
2025-09-25 21:13:07 -04:00
|
|
|
|
{
|
|
|
|
|
|
// Assume embedded CFB files are MSI
|
|
|
|
|
|
extension = "msi";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-12 09:02:03 -04:00
|
|
|
|
else if (resourceSample.StartsWith([0x47, 0x49, 0x46, 0x38]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "gif";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (resourceSample.StartsWith([0x1F, 0x8B]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "gz";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (resourceSample.StartsWith([0xFF, 0xD8, 0xFF, 0xE0]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "jpg";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (resourceSample.StartsWith([0x3C, 0x68, 0x74, 0x6D, 0x6C]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "html";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (resourceSample.StartsWith(Data.Models.MicrosoftCabinet.Constants.SignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "cab";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (resourceSample.StartsWith(Data.Models.PKZIP.Constants.LocalFileHeaderSignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "zip";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (resourceSample.StartsWith(Data.Models.PKZIP.Constants.EndOfCentralDirectoryRecordSignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "zip";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (resourceSample.StartsWith(Data.Models.PKZIP.Constants.EndOfCentralDirectoryRecord64SignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "zip";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (resourceSample.StartsWith(Data.Models.PKZIP.Constants.DataDescriptorSignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "zip";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (resourceSample.StartsWith([0x89, 0x50, 0x4E, 0x47]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "png";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (resourceSample.StartsWith(Data.Models.RAR.Constants.OldSignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "rar";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (resourceSample.StartsWith(Data.Models.RAR.Constants.NewSignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "rar";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (resourceSample.StartsWith([0x55, 0x48, 0x41, 0x06]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "uha";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-20 19:48:45 -04:00
|
|
|
|
else if (resourceSample.StartsWith([0x3C, 0x3F, 0x78, 0x6D, 0x6C]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "xml";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (resourceSample.StartsWith([0x3C, 0x00, 0x3F, 0x00, 0x78, 0x00, 0x6D, 0x00, 0x6C, 0x00]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "xml";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
else if (resourceSample.StartsWith([0xFF, 0xFE, 0x3C, 0x00, 0x3F, 0x00, 0x78, 0x00, 0x6D, 0x00, 0x6C, 0x00]))
|
|
|
|
|
|
{
|
|
|
|
|
|
extension = "xml";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-29 22:56:53 -04:00
|
|
|
|
else if (resourceSample.StartsWith(Data.Models.XZ.Constants.HeaderSignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "xz";
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
2025-09-26 13:06:18 -04:00
|
|
|
|
else if (resourceSample.StartsWith(Data.Models.MSDOS.Constants.SignatureBytes))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
extension = "bin"; // exe/dll
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// If the extension is unset
|
|
|
|
|
|
if (extension.Length == 0)
|
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
// Create the temp filename
|
|
|
|
|
|
string tempFile = $"embedded_resource_{i++} ({resourceKey}).{extension}";
|
2026-01-25 14:32:49 -05:00
|
|
|
|
if (Filename is not null)
|
2025-09-12 09:02:03 -04:00
|
|
|
|
tempFile = $"{Path.GetFileName(Filename)}-{tempFile}";
|
|
|
|
|
|
|
|
|
|
|
|
tempFile = Path.Combine(outputDirectory, tempFile);
|
|
|
|
|
|
var directoryName = Path.GetDirectoryName(tempFile);
|
2026-01-25 14:32:49 -05:00
|
|
|
|
if (directoryName is not null && !Directory.Exists(directoryName))
|
2025-09-12 09:02:03 -04:00
|
|
|
|
Directory.CreateDirectory(directoryName);
|
|
|
|
|
|
|
|
|
|
|
|
// Write the resource data to a temp file
|
|
|
|
|
|
using var tempStream = File.Open(tempFile, FileMode.Create, FileAccess.Write, FileShare.ReadWrite);
|
2026-02-12 18:25:24 -05:00
|
|
|
|
tempStream.Write(ba.Data, resourceOffset, ba.Data.Length - resourceOffset);
|
2025-09-26 19:56:51 -04:00
|
|
|
|
tempStream.Flush();
|
2025-09-12 09:02:03 -04:00
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (includeDebug) Console.Error.WriteLine(ex);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (includeDebug) Console.Error.WriteLine(ex);
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2025-09-20 19:48:45 -04:00
|
|
|
|
|
2025-09-20 10:00:54 -04:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Extract data from a SecuROM Matroschka Package
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="outputDirectory">Output directory to write to</param>
|
|
|
|
|
|
/// <param name="includeDebug">True to include debug data, false otherwise</param>
|
|
|
|
|
|
/// <returns>True if extraction succeeded, false otherwise</returns>
|
|
|
|
|
|
public bool ExtractMatroschka(string outputDirectory, bool includeDebug)
|
|
|
|
|
|
{
|
|
|
|
|
|
// Check if executable contains Matroschka package or not
|
2026-01-25 14:30:18 -05:00
|
|
|
|
if (MatroschkaPackage is null)
|
2025-09-20 10:00:54 -04:00
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
// Attempt to extract package
|
|
|
|
|
|
return MatroschkaPackage.Extract(outputDirectory, includeDebug);
|
|
|
|
|
|
}
|
2026-01-25 13:38:52 -05:00
|
|
|
|
|
2026-01-25 13:36:17 -05:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Extract data from an Installshield Executable
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="outputDirectory">Output directory to write to</param>
|
|
|
|
|
|
/// <param name="includeDebug">True to include debug data, false otherwise</param>
|
|
|
|
|
|
/// <returns>True if extraction succeeded, false otherwise</returns>
|
|
|
|
|
|
public bool ExtractInstallShieldExecutable(string outputDirectory, bool includeDebug)
|
|
|
|
|
|
{
|
|
|
|
|
|
// Check if executable contains an InstallShield Executable or not
|
2026-01-25 14:30:18 -05:00
|
|
|
|
if (ISEXE is null)
|
2026-01-25 13:36:17 -05:00
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
// Attempt to extract package
|
|
|
|
|
|
return ISEXE.Extract(outputDirectory, includeDebug);
|
|
|
|
|
|
}
|
2025-09-12 09:02:03 -04:00
|
|
|
|
|
2025-09-26 22:27:27 -04:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Extract a Spoon Installer SFX overlay
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="outputDirectory">Output directory to write to</param>
|
|
|
|
|
|
/// <param name="includeDebug">True to include debug data, false otherwise</param>
|
|
|
|
|
|
/// <returns>True if extraction succeeded, false otherwise</returns>
|
|
|
|
|
|
public bool ExtractSpoonInstaller(string outputDirectory, bool includeDebug)
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
2025-09-26 22:52:09 -04:00
|
|
|
|
// Ensure the stream is starting at the beginning
|
2025-10-27 22:43:56 -04:00
|
|
|
|
_dataSource.SeekIfPossible(0, SeekOrigin.Begin);
|
2025-09-26 22:52:09 -04:00
|
|
|
|
|
2025-09-26 22:27:27 -04:00
|
|
|
|
// Try to deserialize the source data
|
2026-03-18 16:37:59 -04:00
|
|
|
|
var deserializer = new Serialization.Readers.SpoonInstaller();
|
2025-09-26 22:27:27 -04:00
|
|
|
|
var sfx = deserializer.Deserialize(_dataSource);
|
2026-01-25 14:30:18 -05:00
|
|
|
|
if (sfx?.Entries is null)
|
2025-09-26 22:27:27 -04:00
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
// Loop through the entries and extract
|
|
|
|
|
|
for (int i = 0; i < sfx.Entries.Length; i++)
|
|
|
|
|
|
{
|
|
|
|
|
|
var entry = sfx.Entries[i];
|
|
|
|
|
|
|
|
|
|
|
|
// Get the offset and compressed size
|
|
|
|
|
|
long offset = entry.FileOffset;
|
2025-09-26 22:52:09 -04:00
|
|
|
|
int compressed = (int)entry.CompressedSize;
|
|
|
|
|
|
int extracted = (int)entry.UncompressedSize;
|
2025-09-26 22:27:27 -04:00
|
|
|
|
|
|
|
|
|
|
// Try to read the file data
|
2025-09-26 22:52:09 -04:00
|
|
|
|
byte[] bz2Data = ReadRangeFromSource(offset, compressed);
|
|
|
|
|
|
if (bz2Data.Length == 0)
|
2025-09-26 22:27:27 -04:00
|
|
|
|
continue;
|
|
|
|
|
|
|
2025-09-26 22:30:59 -04:00
|
|
|
|
// Try opening the stream
|
2025-09-26 22:52:09 -04:00
|
|
|
|
using var ms = new MemoryStream(bz2Data);
|
|
|
|
|
|
using var bz2File = new BZip2InputStream(ms, false);
|
|
|
|
|
|
|
|
|
|
|
|
// Try to read the decompressed data
|
|
|
|
|
|
byte[] data = bz2File.ReadBytes(extracted);
|
2025-09-26 22:27:27 -04:00
|
|
|
|
|
|
|
|
|
|
// Ensure directory separators are consistent
|
2025-09-26 22:52:09 -04:00
|
|
|
|
string filename = entry.Filename?.TrimEnd('\0') ?? $"FILE_{i}";
|
2025-09-26 22:27:27 -04:00
|
|
|
|
if (Path.DirectorySeparatorChar == '\\')
|
|
|
|
|
|
filename = filename.Replace('/', '\\');
|
|
|
|
|
|
else if (Path.DirectorySeparatorChar == '/')
|
|
|
|
|
|
filename = filename.Replace('\\', '/');
|
|
|
|
|
|
|
|
|
|
|
|
// Ensure the full output directory exists
|
|
|
|
|
|
filename = Path.Combine(outputDirectory, filename);
|
|
|
|
|
|
var directoryName = Path.GetDirectoryName(filename);
|
2026-01-25 14:32:49 -05:00
|
|
|
|
if (directoryName is not null && !Directory.Exists(directoryName))
|
2025-09-26 22:27:27 -04:00
|
|
|
|
Directory.CreateDirectory(directoryName);
|
|
|
|
|
|
|
|
|
|
|
|
// Write the output file
|
|
|
|
|
|
var fs = File.Open(filename, FileMode.Create, FileAccess.Write, FileShare.ReadWrite);
|
2025-09-26 22:52:09 -04:00
|
|
|
|
fs.Write(data, 0, data.Length);
|
2025-09-26 22:27:27 -04:00
|
|
|
|
fs.Flush();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (includeDebug) Console.Error.WriteLine(ex);
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2025-09-12 09:02:03 -04:00
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Extract data from a Wise installer
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="outputDirectory">Output directory to write to</param>
|
|
|
|
|
|
/// <param name="includeDebug">True to include debug data, false otherwise</param>
|
|
|
|
|
|
/// <returns>True if extraction succeeded, false otherwise</returns>
|
2025-09-27 08:26:57 -04:00
|
|
|
|
public bool ExtractWiseOverlay(string outputDirectory, bool includeDebug)
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
// Get the source data for reading
|
|
|
|
|
|
Stream source = _dataSource;
|
2026-01-25 14:32:49 -05:00
|
|
|
|
if (Filename is not null)
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
// Try to open a multipart file
|
2026-01-25 14:32:49 -05:00
|
|
|
|
if (WiseOverlayHeader.OpenFile(Filename, includeDebug, out var temp) && temp is not null)
|
2025-09-12 09:02:03 -04:00
|
|
|
|
source = temp;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Try to find the overlay header
|
|
|
|
|
|
long offset = FindWiseOverlayHeader();
|
2025-09-27 08:26:57 -04:00
|
|
|
|
if (offset <= 0 || offset > Length)
|
|
|
|
|
|
return false;
|
2025-09-12 09:02:03 -04:00
|
|
|
|
|
2025-09-27 08:26:57 -04:00
|
|
|
|
// Seek to the overlay and parse
|
2025-10-27 22:43:56 -04:00
|
|
|
|
source.SeekIfPossible(offset, SeekOrigin.Begin);
|
2025-09-27 08:26:57 -04:00
|
|
|
|
var header = WiseOverlayHeader.Create(source);
|
2026-01-25 14:30:18 -05:00
|
|
|
|
if (header is null)
|
2025-09-27 08:26:57 -04:00
|
|
|
|
{
|
2025-10-17 09:56:04 -04:00
|
|
|
|
if (includeDebug) Console.Error.WriteLine("Could not parse a Wise overlay header");
|
2025-09-27 08:26:57 -04:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
2025-09-12 09:02:03 -04:00
|
|
|
|
|
2025-09-27 08:26:57 -04:00
|
|
|
|
// Extract the header-defined files
|
|
|
|
|
|
bool extracted = header.ExtractHeaderDefinedFiles(outputDirectory, includeDebug);
|
|
|
|
|
|
if (!extracted)
|
|
|
|
|
|
{
|
2025-10-17 09:56:04 -04:00
|
|
|
|
if (includeDebug) Console.Error.WriteLine("Could not extract Wise overlay header-defined files");
|
2025-09-27 08:26:57 -04:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Open the script file from the output directory
|
|
|
|
|
|
var scriptStream = File.OpenRead(Path.Combine(outputDirectory, "WiseScript.bin"));
|
|
|
|
|
|
var script = WiseScript.Create(scriptStream);
|
2026-01-25 14:30:18 -05:00
|
|
|
|
if (script is null)
|
2025-09-27 08:26:57 -04:00
|
|
|
|
{
|
|
|
|
|
|
if (includeDebug) Console.Error.WriteLine("Could not parse WiseScript.bin");
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Get the source directory
|
|
|
|
|
|
string? sourceDirectory = null;
|
2026-01-25 14:32:49 -05:00
|
|
|
|
if (Filename is not null)
|
2025-09-27 08:26:57 -04:00
|
|
|
|
sourceDirectory = Path.GetDirectoryName(Path.GetFullPath(Filename));
|
|
|
|
|
|
|
|
|
|
|
|
// Process the state machine
|
|
|
|
|
|
return script.ProcessStateMachine(header, sourceDirectory, outputDirectory, includeDebug);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Extract using Wise section
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="outputDirectory">Output directory to write to</param>
|
|
|
|
|
|
/// <param name="includeDebug">True to include debug data, false otherwise</param>
|
|
|
|
|
|
/// <returns>True if extraction succeeded, false otherwise</returns>
|
|
|
|
|
|
public bool ExtractWiseSection(string outputDirectory, bool includeDebug)
|
|
|
|
|
|
{
|
|
|
|
|
|
// Get the section header
|
|
|
|
|
|
var header = WiseSection;
|
2026-01-25 14:30:18 -05:00
|
|
|
|
if (header is null)
|
2025-09-27 08:26:57 -04:00
|
|
|
|
{
|
2025-10-17 09:56:04 -04:00
|
|
|
|
if (includeDebug) Console.Error.WriteLine("Could not parse a Wise section header");
|
2025-09-27 08:26:57 -04:00
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Attempt to extract section
|
|
|
|
|
|
return header.Extract(outputDirectory, includeDebug);
|
2025-09-12 09:02:03 -04:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Decompress CExe data compressed with LZ
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="resource">Resource data to inflate</param>
|
|
|
|
|
|
/// <returns>Inflated data on success, null otherwise</returns>
|
|
|
|
|
|
private static byte[]? DecompressCExeLZ(byte[] resource)
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
var decompressor = IO.Compression.SZDD.Decompressor.CreateSZDD(resource);
|
|
|
|
|
|
using var dataStream = new MemoryStream();
|
|
|
|
|
|
decompressor.CopyTo(dataStream);
|
|
|
|
|
|
return dataStream.ToArray();
|
|
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
|
|
|
|
|
// Reset the data
|
|
|
|
|
|
return null;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
|
/// Decompress CExe data compressed with zlib
|
|
|
|
|
|
/// </summary>
|
|
|
|
|
|
/// <param name="resource">Resource data to inflate</param>
|
|
|
|
|
|
/// <returns>Inflated data on success, null otherwise</returns>
|
|
|
|
|
|
private static byte[]? DecompressCExeZlib(byte[] resource)
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
// Inflate the data into the buffer
|
|
|
|
|
|
var zstream = new ZLib.z_stream_s();
|
|
|
|
|
|
byte[] data = new byte[resource.Length * 4];
|
|
|
|
|
|
unsafe
|
|
|
|
|
|
{
|
2025-11-14 20:36:46 -05:00
|
|
|
|
fixed (byte* payloadPtr = resource, dataPtr = data)
|
2025-09-12 09:02:03 -04:00
|
|
|
|
{
|
|
|
|
|
|
zstream.next_in = payloadPtr;
|
|
|
|
|
|
zstream.avail_in = (uint)resource.Length;
|
|
|
|
|
|
zstream.total_in = (uint)resource.Length;
|
|
|
|
|
|
zstream.next_out = dataPtr;
|
|
|
|
|
|
zstream.avail_out = (uint)data.Length;
|
|
|
|
|
|
zstream.total_out = 0;
|
|
|
|
|
|
|
|
|
|
|
|
ZLib.inflateInit_(zstream, ZLib.zlibVersion(), resource.Length);
|
|
|
|
|
|
int zret = ZLib.inflate(zstream, 1);
|
|
|
|
|
|
ZLib.inflateEnd(zstream);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Trim the buffer to the proper size
|
|
|
|
|
|
uint read = zstream.total_out;
|
|
|
|
|
|
#if NETFRAMEWORK
|
|
|
|
|
|
var temp = new byte[read];
|
|
|
|
|
|
Array.Copy(data, temp, read);
|
|
|
|
|
|
data = temp;
|
|
|
|
|
|
#else
|
|
|
|
|
|
data = new ReadOnlySpan<byte>(data, 0, (int)read).ToArray();
|
|
|
|
|
|
#endif
|
|
|
|
|
|
return data;
|
|
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
|
|
|
|
|
// Reset the data
|
|
|
|
|
|
return null;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
