claunia/libexeinfo
1
0
Fork 0
mirror of https://github.com/claunia/libexeinfo.git synced 2025-12-16 19:14:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Decode RT_VERSION resource from PE executables.

Browse Source
This commit is contained in:
Natalia Portillo
2018-03-09 16:21:19 +00:00
parent e18d4c26c3
commit 658a82ac10
7 changed files with 520 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
exeinfo/Program.cs
View File

@@ -179,6 +179,58 @@ namespace exeinfo
{
recognized = true;
Console.Write(peExe.Information);
if(((PE)peExe).Versions != null)
foreach(PE.Version vers in ((PE)peExe).Versions)
{
Console.WriteLine("\tVersion resource {0}:", vers.Name);
Console.WriteLine("\t\tFile version: {0}", vers.FileVersion);
Console.WriteLine("\t\tProduct version: {0}", vers.ProductVersion);
Console.WriteLine("\t\tFile type: {0}", PE.Version.TypeToString(vers.FileType));
if(vers.FileType == PE.VersionFileType.VFT_DRV)
Console.WriteLine("\t\tFile subtype: {0} driver",
PE.Version.DriverToString(vers.FileSubtype));
else if(vers.FileType == PE.VersionFileType.VFT_DRV)
Console.WriteLine("\t\tFile subtype: {0} font", PE.Version.FontToString(vers.FileSubtype));
else if(vers.FileSubtype > 0)
Console.WriteLine("\t\tFile subtype: {0}", (uint)vers.FileSubtype);
Console.WriteLine("\t\tFile flags: {0}", vers.FileFlags);
Console.WriteLine("\t\tFile OS: {0}", PE.Version.OsToString(vers.FileOS));
foreach(KeyValuePair<string, Dictionary<string, string>> strByLang in vers.StringsByLanguage)
{
string cultureName;
string encodingName;
try
{
cultureName = new CultureInfo(Convert.ToInt32(strByLang.Key.Substring(0, 4), 16))
.DisplayName;
}
catch
{
cultureName =
$"unsupported culture 0x{Convert.ToInt32(strByLang.Key.Substring(0, 4), 16):X4}";
}
try
{
encodingName = Encoding
.GetEncoding(Convert.ToInt32(strByLang.Key.Substring(4), 16))
.EncodingName;
}
catch
{
encodingName =
$"unsupported encoding 0x{Convert.ToInt32(strByLang.Key.Substring(4), 16):X4}";
}
Console.WriteLine("\t\tStrings for {0} in codepage {1}:", cultureName, encodingName);
foreach(KeyValuePair<string, string> strings in strByLang.Value)
Console.WriteLine("\t\t\t{0}: {1}", strings.Key, strings.Value);
}
}
if(peExe.Strings != null && peExe.Strings.Any())
{