コード例 #1
0
        private void displayDependencies()
        {
            //ReverseDependencyDetector reverseDependencyDetector = new ReverseDependencyDetector();
            //String FilePath = @"E:\TEST";
            //String path2 = @"E:\TEST\CppDll.dll";
            //PortableExecutable testPE = new PortableExecutable(ExtractFileNameFromPath(path2), path2);
            //PortableExecutableLoader loader = new PortableExecutableLoader();
            //loader.Load(testPE);
            // MessageBox.Show("test" + ((PortableExecutable)((reverseDependencyDetector.Process(FilePath, testPE))[0])).FilePath);

            //List<PortableExecutable> list = new List<PortableExecutable>();
            //list.Add(testPE);
            //list.Add(testPE);
            //list.Add(testPE);

            ReverseDependencyDetector reverseDependencyDetector = new ReverseDependencyDetector();
            String                    FolderPath = wizardDataRef.FolderPath;
            String                    targetPath = wizardDataRef.FilePath;
            PortableExecutable        targetPE   = new PortableExecutable(ExtractFileNameFromPath(targetPath), targetPath);
            PortableExecutableLoader  loader     = new PortableExecutableLoader();
            List <PortableExecutable> list;

            using (new WaitCursor())
            {
                loader.Load(targetPE);
                list = reverseDependencyDetector.Process(FolderPath, targetPE);
            }

            ReverseDependenciesList.ItemsSource = list;
        }
コード例 #2
0
        void UpdateUI(PortableExecutable portableExecutable)
        {
            treeViewDependencies.Items.Clear();
            dataGridImportsTable.Visibility = Visibility.Hidden;
            LabelStatus.Text                = "";
            treeViewImports.ItemsSource     = null;
            dataGridExports.ItemsSource     = null;
            dataGridHeaders.ItemsSource     = null;
            dataGridSections.ItemsSource    = null;
            dataGridDirectories.ItemsSource = null;

            ItemCollection itemCollection = treeViewDependencies.Items;

            if (portableExecutable != null)
            {
                using (new WaitCursor())
                {
                    PortableExecutableLoader portableExecutableLoader = new PortableExecutableLoader();
                    portableExecutableLoader.Load(portableExecutable);
                    RecursivelyPopulateTheTree(portableExecutable, itemCollection);
                    PopulateHeaders(portableExecutable.Headers);
                    PopulateImports(portableExecutable.ImportFunctions);
                    PopulateExports(portableExecutable.ExportedFunctions);
                    PopulateSections(portableExecutable.Sections);
                    PopulateDirectories(portableExecutable.Directories);
                    PopulateIssues(portableExecutableLoader.smartSuggestionEngine.error_list);
                }
            }
        }
コード例 #3
0
        void UpdateUI(PortableExecutable portableExecutable)
        {
            dataGridViewImportExamined.Hide();
            treeViewDependencies.Nodes.Clear();
            treeViewImports.Nodes.Clear();
            listBoxExports.Items.Clear();
            labelDependecyPath.Text = "";

            TreeNodeCollection tNodes = treeViewDependencies.Nodes;

            if (portableExecutable != null)
            {
                PortableExecutableLoader portableExecutableLoader = new PortableExecutableLoader();
                portableExecutableLoader.Load(portableExecutable);
                RecursivelyPopulateTheTree(portableExecutable, tNodes);
                PopulateHeaders(portableExecutable.Headers);
                PopulateImports(portableExecutable.ImportFunctions);
                PopulateExports(portableExecutable.ExportedFunctions);
                PopulateSections(portableExecutable.Sections);
                PopulateDirectories(portableExecutable.Directories);
            }

            //  pe.MakeImports();
            //pe.MakeExports();

            //listBox_Imports.Items.Clear();
            //foreach (object __o in pe.GetImports())
            //{
            //    String import = (String)__o;
            //    // loop body
            //    listBox_Imports.Items.Add(import);
            //}

            //listBox_Exports.Items.Clear();
            //foreach (object __o in pe.GetExports())
            //{
            //    String import = (String)__o;
            //    // loop body
            //    listBox_Exports.Items.Add(import);
            //}
        }
コード例 #4
0
ファイル: Program.cs プロジェクト: Irindu/PEDScanner
        static void Main(string[] args)
        {
            string path = @"C:\Program Files\system32\kernel32.dll";

            string fileName = Path.GetFileName(path);

            Console.WriteLine("Hello World!");


            List <string> listWithRoot = new List <string>
            {
                fileName
            };
            PortableExecutable PE;

            PE = new PortableExecutable(fileName, path, true, listWithRoot);
            PortableExecutableLoader portableExecutableLoader = new PortableExecutableLoader();

            portableExecutableLoader.Load(PE);

            unsafe
            {
                List <string> importName = PE.ImportNames;
                foreach (string importname in importName)
                {
                    Console.WriteLine(importname);
                }

                List <string> circulra = PE.circularDependencyFiles;
                foreach (string cir in circulra)
                {
                    Console.WriteLine("cir----------------------={0}", cir);
                }

                List <ImportFunctionObject> importFunctions = PE.ImportFunctions;
                foreach (ImportFunctionObject import in importFunctions)
                {
                    Console.WriteLine("import function= {0}, Address ={1}, dependency = {2}", import.Function, import.BaseAddress, import.Dependency);
                }
                List <PortableExecutable> depen = PE.Dependencies;
                foreach (PortableExecutable dep in depen)
                {
                    Console.WriteLine(dep.DependencyNames);
                }


                List <FunctionObject> exportedFunctions = PE.ExportedFunctions;
                foreach (FunctionObject export in exportedFunctions)
                {
                    Console.WriteLine("exports={0}", export.Function);
                }
                List <HeaderObject> headers = PE.Headers;

                foreach (HeaderObject header in headers)
                {
                    Console.WriteLine("header Name={0}, value={1}", header.Name, header.Value);
                }

                // List<SectionObject> sections = PE.GetSections();
                List <DirectoryObject> directories = PE.Directories;
                foreach (DirectoryObject directory in directories)
                {
                    Console.WriteLine("name={0}, virtual ={1}, length={2}", directory.Name, directory.RVA, directory.Size);
                }
                List <SectionObject> sections = PE.Sections;
                foreach (SectionObject section in sections)
                {
                    Console.WriteLine("nameOfSection={0}, virtualAddress={1}, virtualSize={2}, pointerToRawData={3}, sizeOFrawData={4}", section.Name, section.VirtualAddress, section.VirtualSize, section.RawDataOffset, section.RawDataSize);
                }
            }

            Console.ReadKey();
        }