Exemplo n.º 1
0
        private static void MainImpl()
        {
            const bool DEBUG        = true;
            const bool DEBUG_DETAIL = true;

            using (IPEImage peImage = PEImageFactory.Create("ExtremeDumper64.exe")) {
                DosHeader        dosHeader;
                NtHeader         ntHeader;
                FileHeader       fileHeader;
                OptionalHeader   optionalHeader;
                SectionHeader[]  sectionHeaders;
                IMetadata        metadata;
                Cor20Header      cor20Header;
                StorageSignature storageSignature;
                StorageHeader    storageHeader;
                StreamHeader[]   streamHeaders;
                TableStream      tableStream;
                MetadataTable[]  metadataTables;
                StringHeap       stringHeap;
                UserStringHeap   userStringHeap;
                GuidHeap         guidHeap;
                BlobHeap         blobHeap;

                dosHeader      = peImage.DosHeader;
                ntHeader       = peImage.NtHeader;
                fileHeader     = peImage.FileHeader;
                optionalHeader = peImage.OptionalHeader;
                sectionHeaders = peImage.SectionHeaders;
                if (DEBUG)
                {
                    Console.WriteLine("Section Names:");
                    foreach (SectionHeader sectionHeader in sectionHeaders)
                    {
                        Console.WriteLine("  " + sectionHeader.DisplayName);
                    }
                    Console.WriteLine();
                    Console.WriteLine($"IsDotNetImage: {peImage.IsDotNetImage.ToString()}");
                }
                metadata         = peImage.Metadata;
                cor20Header      = metadata.Cor20Header;
                storageSignature = metadata.StorageSignature;
                if (DEBUG)
                {
                    Console.WriteLine();
                    Console.WriteLine($"CLR Version: {storageSignature.DisplayVersionString}");
                }
                storageHeader  = metadata.StorageHeader;
                streamHeaders  = metadata.StreamHeaders;
                tableStream    = metadata.TableStream;
                metadataTables = tableStream.Tables;
                if (DEBUG_DETAIL)
                {
                    Console.WriteLine();
                    Console.WriteLine("MetadataTables:");
                    foreach (MetadataTable metadataTable in metadataTables)
                    {
                        if (!(metadataTable is null))
                        {
                            Console.WriteLine($"  {metadataTable.Type.ToString()}: RowSize={metadataTable.RowSize.ToString()} RowCount={metadataTable.RowCount.ToString()}");
                        }
                    }
                }
                foreach (MetadataTable metadataTable in metadataTables)
                {
                    if (!(metadataTable is null))
                    {
                        TableRow[] tableRows;

                        tableRows = metadataTable.Rows;
                    }
                }
                stringHeap     = metadata.StringHeap;
                userStringHeap = metadata.UserStringHeap;
                guidHeap       = metadata.GuidHeap;
                blobHeap       = metadata.BlobHeap;
                Console.ReadKey(true);
            }
        }
Exemplo n.º 2
0
        private static void Main(string[] args)
        {
            if (args is null || args.Length != 1)
            {
                return;
            }

            string assemblyPath;

            try {
                Console.Title = GetTitle();
            }
            catch {
            }
            assemblyPath = Path.GetFullPath(args[0]);
            if (!File.Exists(assemblyPath))
            {
                Console.WriteLine("File doesn't exist.");
                return;
            }
            using (IPEImage peImage = PEImageFactory.Create(assemblyPath)) {
                FixerContext context;
                IDictionary <IFixer, FixerMessage> messages;

                context = new FixerContext(peImage);
                Console.WriteLine("If it is dll, enter Y, otherwise enter N.");
                do
                {
                    string userInput;

                    userInput = Console.ReadLine().Trim().ToUpperInvariant();
                    if (userInput == "Y")
                    {
                        context.IsDll = true;
                        break;
                    }
                    else if (userInput == "N")
                    {
                        context.IsDll = false;
                        break;
                    }
                    else
                    {
                        Console.WriteLine("Invalid input");
                    }
                } while (true);
                Console.WriteLine();
                //Console.WriteLine("Checking...");
                //messages = AssemblyFixer.Check(context);
                //Console.WriteLine("Checked errors:");
                //Console.WriteLine();
                //foreach (KeyValuePair<IFixer, FixerMessage> fixerToMessage in messages) {
                //	Console.WriteLine(fixerToMessage.Key.Name + ":");
                //	Console.WriteLine($"Level: {fixerToMessage.Value.Level}");
                //	Console.WriteLine("Message:");
                //	Console.WriteLine(fixerToMessage.Value.Text);
                //	Console.WriteLine();
                //}
                //Console.WriteLine();
                Console.WriteLine("Fixing...");
                messages = AssemblyFixer.Fix(context);
                Console.WriteLine("Fixed errors:");
                Console.WriteLine();
                foreach (KeyValuePair <IFixer, FixerMessage> fixerToMessage in messages)
                {
                    Console.WriteLine(fixerToMessage.Key.Name + ":");
                    Console.WriteLine($"Level: {fixerToMessage.Value.Level}");
                    Console.WriteLine("Message:");
                    Console.WriteLine(fixerToMessage.Value.Text);
                    Console.WriteLine();
                }
                Console.WriteLine();
                Console.WriteLine("If the assembly still does NOT run, may be you should rebuild it!!!");
                Console.WriteLine();
                if (messages.Count != 0)
                {
                    byte[] peImageData;
                    string newAssemblyPath;

                    peImageData = new byte[peImage.Length];
                    Marshal.Copy(peImage.RawData, peImageData, 0, peImageData.Length);
                    newAssemblyPath = PathInsertPostfix(assemblyPath, ".fix");
                    Console.WriteLine("Saving: " + newAssemblyPath);
                    File.WriteAllBytes(newAssemblyPath, peImageData);
                    Console.WriteLine("Finished");
                    Console.WriteLine();
                }
            }
            if (IsN00bUser() || Debugger.IsAttached)
            {
                Console.WriteLine("Press any key to exit...");
                try {
                    Console.ReadKey(true);
                }
                catch {
                }
            }
        }
Exemplo n.º 3
0
        private static void Main(string[] args)
        {
            if (args is null || args.Length != 1)
            {
                return;
            }

            string assemblyPath;

            try {
                Console.Title = GetTitle();
            }
            catch {
            }
            assemblyPath = Path.GetFullPath(args[0]);
            if (!File.Exists(assemblyPath))
            {
                Console.WriteLine("File doesn't exist.");
                return;
            }
            using (FixerContext context = new FixerContext(PEImageFactory.Create(assemblyPath))) {
                IDictionary <IFixer, FixerMessage> messages;

                switch (assemblyPath.Substring(assemblyPath.Length - 4).ToUpperInvariant())
                {
                case ".EXE":
                    Console.WriteLine("exe detected");
                    context.IsDll = false;
                    break;

                case ".DLL":
                    Console.WriteLine("dll detected");
                    context.IsDll = true;
                    break;

                default:
                    Console.WriteLine("Unknown file extension!!!");
                    context.IsDll = true;
                    break;
                }
                Console.WriteLine();
                Console.WriteLine("Fixing...");
                messages = AssemblyFixer.Fix(context);
                Console.WriteLine("Fixed errors:");
                Console.WriteLine();
                foreach (KeyValuePair <IFixer, FixerMessage> fixerToMessage in messages)
                {
                    Console.WriteLine(fixerToMessage.Key.Name + ":");
                    Console.WriteLine($"Level: {fixerToMessage.Value.Level}");
                    Console.WriteLine("Message:");
                    Console.WriteLine(fixerToMessage.Value.Text);
                    Console.WriteLine();
                }
                Console.WriteLine();
                Console.WriteLine("If the assembly still does NOT run, may be you should rebuild it!!!");
                Console.WriteLine();
                if (messages.Count != 0)
                {
                    byte[] peImageData;
                    string newAssemblyPath;

                    peImageData = new byte[context.Length];
                    Marshal.Copy(context.RawData, peImageData, 0, peImageData.Length);
                    newAssemblyPath = PathInsertPostfix(assemblyPath, ".fix");
                    Console.WriteLine("Saving: " + newAssemblyPath);
                    File.WriteAllBytes(newAssemblyPath, peImageData);
                    Console.WriteLine("Finished");
                    Console.WriteLine();
                }
            }
            if (IsN00bUser() || Debugger.IsAttached)
            {
                Console.WriteLine("Press any key to exit...");
                try {
                    Console.ReadKey(true);
                }
                catch {
                }
            }
        }
Exemplo n.º 4
0
        private static void Main(string[] args)
        {
            if (args == null || args.Length == 0)
            {
                return;
            }

            bool             lastIsF;
            string           assemblyPath;
            string           newLoaderName;
            ProcessStartInfo startInfo;
            Process          process;

            lastIsF      = false;
            assemblyPath = null;
            foreach (string arg in args)
            {
                if (lastIsF)
                {
                    assemblyPath = arg;
                    break;
                }
                else
                {
                    if (arg == "-f")
                    {
                        lastIsF = true;
                    }
                }
            }
            using (IPEImage peImage = PEImageFactory.Create(assemblyPath)) {
                string version;

                version = peImage.Metadata.StorageSignature.DisplayVersionString;
                if (peImage.Is64Bit)
                {
                    newLoaderName = version.StartsWith("v4") ? "Tool.Loader.CLR40.x64.exe" : "Tool.Loader.CLR20.x64.exe";
                }
                else
                {
                    newLoaderName = version.StartsWith("v4") ? "Tool.Loader.CLR40.x86.exe" : "Tool.Loader.CLR20.x86.exe";
                }
            }
            Console.WriteLine("Using loader: " + newLoaderName);
            Console.WriteLine();
            startInfo = new ProcessStartInfo(newLoaderName, GetArgument(Environment.CommandLine))
            {
                CreateNoWindow  = false,
                UseShellExecute = false
            };
            process = new Process {
                StartInfo = startInfo
            };
            process.Start();
            process.WaitForExit();
            if (IsN00bUser() || Debugger.IsAttached)
            {
                Console.WriteLine("Press any key to exit...");
                try {
                    Console.ReadKey(true);
                }
                catch {
                }
            }
        }
Exemplo n.º 5
0
#pragma warning disable IDE0059
        private static void Main()
        {
            int            indent;
            IPEImage       peImage;
            DosHeader      dosHeader;
            NtHeader       ntHeader;
            FileHeader     fileHeader;
            OptionalHeader optionalHeader;

            SectionHeader[]  sectionHeaders;
            IMetadata        metadata;
            Cor20Header      cor20Header;
            StorageSignature storageSignature;
            StorageHeader    storageHeader;

            StreamHeader[] streamHeaders;
            TableStream    tableStream;
            StringHeap     stringHeap;
            UserStringHeap userStringHeap;
            GuidHeap       guidHeap;
            BlobHeap       blobHeap;

            indent         = 0;
            peImage        = PEImageFactory.Create(Marshal.GetHINSTANCE(Assembly.GetExecutingAssembly().ManifestModule), ImageLayout.Memory);
            dosHeader      = peImage.DosHeader;
            ntHeader       = peImage.NtHeader;
            fileHeader     = ntHeader.FileHeader;
            optionalHeader = ntHeader.OptionalHeader;
            sectionHeaders = peImage.SectionHeaders;
            Print("SectionHeaders:", indent);
            indent += 2;
            foreach (SectionHeader sectionHeader in sectionHeaders)
            {
                PrintSectionHeader(sectionHeader, indent);
                PrintNewLine();
            }
            indent          -= 2;
            metadata         = peImage.Metadata;
            cor20Header      = metadata.Cor20Header;
            storageSignature = metadata.StorageSignature;
            Print($"CLR Version: {storageSignature.DisplayVersionString}", indent);
            storageHeader = metadata.StorageHeader;
            streamHeaders = metadata.StreamHeaders;
            Print("StreamHeaders:", indent);
            indent += 2;
            foreach (StreamHeader streamHeader in streamHeaders)
            {
                PrintStreamHeader(streamHeader, indent);
                PrintNewLine();
            }
            indent        -= 2;
            tableStream    = metadata.TableStream;
            stringHeap     = metadata.StringHeap;
            userStringHeap = metadata.UserStringHeap;
            guidHeap       = metadata.GuidHeap;
            blobHeap       = metadata.BlobHeap;
            peImage.Reload();
            Console.ReadKey(true);
            while (true)
            {
                Thread.Sleep(int.MaxValue);
            }
        }