static void Main(string[] args)
{
if (args.Length < 1)
{
throw new Exception("Missing parameter");
}
//Search for training data set files
var jsonFiles = Directory.GetFiles(DataHelper.MLDataPath, "*.json", SearchOption.AllDirectories).ToArray();
IList <IFileReport> _fileReports = new List <IFileReport>();
string[] files = Directory
.GetFiles(args[0], "*", SearchOption.AllDirectories)
.OrderBy(f => new FileInfo(f).Length)
.ToArray();
//Append data to file reports
foreach (var data in jsonFiles)
{
IList <FileReportRecovered> list = ExtensionHelpers.ListFromJson(File.ReadAllText(data));
_fileReports = _fileReports.Concat(list).ToList();
}
int i = 0;
foreach (var file in files)
{
try
{
var pefile = new PE(file);
var sha256 = new Hashes(file).ToString("sha256");
//Console.WriteLine("{0} - Signed {1} {2}", file, pefile.IsSigned(), sha256);
if (pefile.ISPeFile())
{
var val = _fileReports.FirstOrDefault(x => string.Compare(x.SHA256, sha256) == 0) as FileReportRecovered;
if (val != null && pefile != null)
{
i++;
val.IsSigned = pefile.IsSigned();
if (val.IsSigned == true)
{
val.SignIssuer = pefile.GetSignIssuer();
val.SignSubject = pefile.GetSignSubject();
}
Console.WriteLine("{0}={1}", val.Filename, file);
}
}
}
catch (Exception e)
{
Console.WriteLine("{0}", e);
}
}
Console.WriteLine("Found files: {0} of {1}", i, files.Length);
WriteToFile(_fileReports);
}
