public void guess(IGuesserListener listener, string file) { try { ExeParser ep = new ExeParser(file); IList <ImportTableEntry> imps = ep.ImportTable; string[] dlls = new string[imps.Count]; int count = 0; foreach (ImportTableEntry imp in imps) { dlls[count++] = imp.DLL; listener.guessInfo(1, "** Uses DLL: " + imp.DLL); } IList <string> results = sp.parse("", dlls); foreach (string result in results) { listener.guessInfo(0, "DLLImports suggest: " + result); listener.guessAttribute("IMPORTS", result); } } catch (EXEFormatException ex) { listener.guessInfo(1, "** EXE Format: " + ex.Message); } }
internal void guessWindow(IGuesserListener listener, ManagedWinapi.Windows.SystemWindow window) { foreach (IWindowGuesser g in windowGuessers) { g.guess(listener, window); } }
public void guessFile(IGuesserListener listener, string file) { foreach (IFileGuesser g in fileGuessers) { g.guess(listener, file); } }
public void guess(IGuesserListener listener, string file) { try { ExeParser ep = new ExeParser(file); IList<ImportTableEntry> imps = ep.ImportTable; string[] dlls = new string[imps.Count]; int count = 0; foreach (ImportTableEntry imp in imps) { dlls[count++] = imp.DLL; listener.guessInfo(1, "** Uses DLL: " + imp.DLL); } IList<string> results = sp.parse("", dlls); foreach (string result in results) { listener.guessInfo(0, "DLLImports suggest: " + result); listener.guessAttribute("IMPORTS", result); } } catch (EXEFormatException ex) { listener.guessInfo(1, "** EXE Format: " + ex.Message); } }
public void guess(IGuesserListener listener, string file) { try { String stub = new ExeParser(file).StubSignature; listener.guessInfo(1, "** EXE Stub signature: " + stub); listener.guessAttribute("STUB", stub); } catch (EXEFormatException ex) { listener.guessInfo(1, "** EXE Format: " + ex.Message); } }
public void guess(IGuesserListener listener, SystemWindow window) { string file; try { file = window.Process.MainModule.FileName; } catch (Win32Exception) { listener.guessInfo(2, "*** File access denied"); return; } listener.guessInfo(2, "*** Detected File: " + file); ctrl.guessFile(listener, file); }
internal string summarize(IGuesserListener listener, string[] attributes) { foreach (string att in attributes) { listener.guessInfo(2, "** Summary attribute: " + att); } List<string> r = summary.parse("", attributes); string ss; if (r.Count > 0) ss = r[0]; else ss = "UNKNOWN"; listener.guessInfo(0, "Summary: " + ss); return ss; }
public void guess(IGuesserListener listener, SystemWindow window) { string mainclass = window.ClassName; List<string> childClasses = new List<string>(); childClasses.Add(mainclass); parseChildren(childClasses, window); childClasses.Sort(); listener.guessInfo(1, "** Main class: " + mainclass); foreach (string c in childClasses) { listener.guessInfo(2, "*** Child class:" + c); } IList<string> results = sp.parse(mainclass, childClasses.ToArray()); foreach (string r in results) { listener.guessInfo(0, "Wndclass suggests: " + r); listener.guessAttribute("WNDCLASS", r); } }
internal string summarize(IGuesserListener listener, string[] attributes) { foreach (string att in attributes) { listener.guessInfo(2, "** Summary attribute: " + att); } List <string> r = summary.parse("", attributes); string ss; if (r.Count > 0) { ss = r[0]; } else { ss = "UNKNOWN"; } listener.guessInfo(0, "Summary: " + ss); return(ss); }
public void guess(IGuesserListener listener, SystemWindow window) { string mainclass = window.ClassName; List <string> childClasses = new List <string>(); childClasses.Add(mainclass); parseChildren(childClasses, window); childClasses.Sort(); listener.guessInfo(1, "** Main class: " + mainclass); foreach (string c in childClasses) { listener.guessInfo(2, "*** Child class:" + c); } IList <string> results = sp.parse(mainclass, childClasses.ToArray()); foreach (string r in results) { listener.guessInfo(0, "Wndclass suggests: " + r); listener.guessAttribute("WNDCLASS", r); } }
public void guess(IGuesserListener listener, string file) { try { IList <ExeSection> ss = new ExeParser(file).Sections; string[] names = new string[ss.Count]; int count = 0; foreach (ExeSection s in ss) { listener.guessInfo(2, "** Section: " + s.Name); names[count++] = s.Name; } List <string> results = sp.parse("", names); foreach (string result in results) { listener.guessInfo(0, "EXE Sections suggest: " + result); listener.guessAttribute("SECTIONS", result); } } catch (EXEFormatException) { } }
public void guess(IGuesserListener listener, string file) { try { IList<ExeSection> ss = new ExeParser(file).Sections; string[] names = new string[ss.Count]; int count = 0; foreach (ExeSection s in ss) { listener.guessInfo(2, "** Section: " + s.Name); names[count++] = s.Name; } List<string> results = sp.parse("", names); foreach (string result in results) { listener.guessInfo(0, "EXE Sections suggest: " + result); listener.guessAttribute("SECTIONS", result); } } catch (EXEFormatException) { } }