public static void DumpManifest(PE Application)
{
String PeManifest = Application.GetManifest();
VerboseWriteLine("[-] Manifest for file : {0}", Application.Filepath);
if (PeManifest.Length == 0)
{
VerboseWriteLine("[x] No embedded pe manifest for file {0:s}", Application.Filepath);
return;
}
try
{
// Use a memory stream to correctly handle BOM encoding for manifest resource
using (var stream = new System.IO.MemoryStream(System.Text.Encoding.UTF8.GetBytes(PeManifest)))
{
XDocument XmlManifest = SxsManifest.ParseSxsManifest(stream);
Console.WriteLine(XmlManifest);
}
}
catch (System.Xml.XmlException e)
{
Console.Error.WriteLine("[x] \"Malformed\" pe manifest for file {0:s} : {1:s}", Application.Filepath, PeManifest);
Console.Error.WriteLine("[x] Exception : {0:s}", e.ToString());
}
}
public static void DumpSxsEntries(PE Application)
{
SxsEntries SxsDependencies = SxsManifest.GetSxsEntries(Application);
VerboseWriteLine("[-] sxs dependencies for executable : {0}", Application.Filepath);
foreach (var entry in SxsDependencies)
{
if (entry.Path.Contains("???"))
{
Console.WriteLine(" [x] {0:s} : {1:s}", entry.Name, entry.Path);
}
else
{
Console.WriteLine(" [+] {0:s} : {1:s}", entry.Name, Path.GetFullPath(entry.Path));
}
}
}
