pedump 0.4.5 → 0.4.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile +3 -1
- data/Gemfile.lock +5 -1
- data/README.md +22 -20
- data/Rakefile +25 -0
- data/VERSION +1 -1
- data/lib/pedump.rb +92 -45
- data/lib/pedump/cli.rb +56 -16
- data/lib/pedump/comparer.rb +147 -0
- data/lib/pedump/core.rb +12 -18
- data/lib/pedump/loader.rb +131 -0
- data/lib/pedump/loader/section.rb +51 -0
- data/lib/pedump/logger.rb +67 -0
- data/lib/pedump/pe.rb +3 -0
- data/lib/pedump/resources.rb +3 -3
- data/lib/pedump/unpacker.rb +26 -0
- data/lib/pedump/unpacker/aspack.rb +853 -0
- data/lib/pedump/unpacker/upx.rb +13 -0
- data/lib/pedump/version.rb +1 -1
- data/lib/pedump/version_info.rb +8 -3
- data/misc/aspack/Makefile +3 -0
- data/misc/aspack/aspack_unlzx.c +92 -0
- data/misc/aspack/lzxdec.c +479 -0
- data/misc/aspack/lzxdec.h +56 -0
- data/pedump.gemspec +24 -5
- data/spec/pe_spec.rb +61 -0
- data/spec/unpackers/aspack_spec.rb +69 -0
- data/spec/unpackers/find_spec.rb +17 -0
- metadata +53 -18
@@ -0,0 +1,56 @@
|
|
1
|
+
#ifndef _LZXDEC_H_
|
2
|
+
#define _LZXDEC_H_ "ASPack's lzx-alike raw stream decoder"
|
3
|
+
|
4
|
+
//#include <windows.h>
|
5
|
+
|
6
|
+
/* ------------------------------------------------------------------------- */
|
7
|
+
|
8
|
+
/* bit reader context */
|
9
|
+
typedef struct _LZX_BITRDR {
|
10
|
+
BYTE* SrcData; /* input raw data */
|
11
|
+
UINT SrcSize; /* raw data size */
|
12
|
+
UINT CurOffs; /* current offset */
|
13
|
+
DWORD BitBuff; /* bits buffer */
|
14
|
+
UINT BitFree; /* bits counter */
|
15
|
+
} LZX_BITRDR, *PLZX_BITRDR;
|
16
|
+
|
17
|
+
/* sliding window dictionary */
|
18
|
+
typedef struct _LZX_SWD {
|
19
|
+
BYTE* Window; /* window memory */
|
20
|
+
UINT WndLen; /* size of window */
|
21
|
+
UINT CurOfs; /* current offset */
|
22
|
+
} LZX_SWD, *PLZX_SWD;
|
23
|
+
|
24
|
+
/* huffman decoder context */
|
25
|
+
typedef struct _LZX_HUFF {
|
26
|
+
LZX_BITRDR* BitRdr; /* bit stream reader */
|
27
|
+
UINT SymLim[16]; /* max symbol for x bits */
|
28
|
+
UINT SymIdx[16]; /* symbol index for x bits */
|
29
|
+
UINT SymNum; /* total number of symbols */
|
30
|
+
UINT* Symbol; /* symbols array for x len */
|
31
|
+
BYTE* Length; /* symbols length array */
|
32
|
+
} LZX_HUFF, *PLZX_HUFF;
|
33
|
+
|
34
|
+
/* general decoder context */
|
35
|
+
typedef struct _LZX_CONTEXT {
|
36
|
+
LZX_BITRDR BitRdr; /* source reader / bit-buffer */
|
37
|
+
UINT LstOfs[3]; /* saved last phrases offsets */
|
38
|
+
BYTE* LstMem; /* free huffman heap mem ptr */
|
39
|
+
LZX_SWD Window; /* sliding window dictionary */
|
40
|
+
LZX_HUFF HufBase; /* general huffman decoder */
|
41
|
+
LZX_HUFF HufLens; /* lengths huffman decoder */
|
42
|
+
LZX_HUFF HufOffs; /* offsets huffman decoder */
|
43
|
+
LZX_HUFF HufSpec; /* special huffman decoder */
|
44
|
+
BOOL HasOffs; /* offsets decoder used flag */
|
45
|
+
BYTE HufTbl[6144]; /* huffman tables heap memory */
|
46
|
+
} LZX_CONTEXT, *PLZX_CONTEXT;
|
47
|
+
|
48
|
+
/* ------------------------------------------------------------------------- */
|
49
|
+
|
50
|
+
/* general aspack stream decoder */
|
51
|
+
/* return decoded size or -1 in case of errors */
|
52
|
+
INT DecodeLZX(LZX_CONTEXT* Ctx, BYTE* Src, BYTE* Dst, UINT PSize, UINT USize);
|
53
|
+
|
54
|
+
/* ------------------------------------------------------------------------- */
|
55
|
+
|
56
|
+
#endif /* _LZXDEC_H_ */
|
data/pedump.gemspec
CHANGED
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = "pedump"
|
8
|
-
s.version = "0.4.
|
8
|
+
s.version = "0.4.6"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["Andrey \"Zed\" Zaikin"]
|
12
|
-
s.date = "
|
12
|
+
s.date = "2012-01-02"
|
13
13
|
s.description = "dump headers, sections, extract resources of win32 PE exe,dll,etc"
|
14
14
|
s.email = "zed.0xff@gmail.com"
|
15
15
|
s.executables = ["pedump"]
|
@@ -33,15 +33,26 @@ Gem::Specification.new do |s|
|
|
33
33
|
"data/userdb.txt",
|
34
34
|
"lib/pedump.rb",
|
35
35
|
"lib/pedump/cli.rb",
|
36
|
+
"lib/pedump/comparer.rb",
|
36
37
|
"lib/pedump/composite_io.rb",
|
37
38
|
"lib/pedump/core.rb",
|
39
|
+
"lib/pedump/loader.rb",
|
40
|
+
"lib/pedump/loader/section.rb",
|
41
|
+
"lib/pedump/logger.rb",
|
38
42
|
"lib/pedump/packer.rb",
|
39
43
|
"lib/pedump/pe.rb",
|
40
44
|
"lib/pedump/resources.rb",
|
41
45
|
"lib/pedump/sig_parser.rb",
|
42
46
|
"lib/pedump/tls.rb",
|
47
|
+
"lib/pedump/unpacker.rb",
|
48
|
+
"lib/pedump/unpacker/aspack.rb",
|
49
|
+
"lib/pedump/unpacker/upx.rb",
|
43
50
|
"lib/pedump/version.rb",
|
44
51
|
"lib/pedump/version_info.rb",
|
52
|
+
"misc/aspack/Makefile",
|
53
|
+
"misc/aspack/aspack_unlzx.c",
|
54
|
+
"misc/aspack/lzxdec.c",
|
55
|
+
"misc/aspack/lzxdec.h",
|
45
56
|
"pedump.gemspec",
|
46
57
|
"spec/65535sects_spec.rb",
|
47
58
|
"spec/composite_io_spec.rb",
|
@@ -56,6 +67,8 @@ Gem::Specification.new do |s|
|
|
56
67
|
"spec/sig_all_packers_spec.rb",
|
57
68
|
"spec/sig_spec.rb",
|
58
69
|
"spec/spec_helper.rb",
|
70
|
+
"spec/unpackers/aspack_spec.rb",
|
71
|
+
"spec/unpackers/find_spec.rb",
|
59
72
|
"spec/virtsectblXP_spec.rb"
|
60
73
|
]
|
61
74
|
s.homepage = "http://github.com/zed-0xff/pedump"
|
@@ -70,28 +83,34 @@ Gem::Specification.new do |s|
|
|
70
83
|
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
71
84
|
s.add_runtime_dependency(%q<multipart-post>, ["~> 1.1.4"])
|
72
85
|
s.add_runtime_dependency(%q<progressbar>, ["~> 0.9.2"])
|
86
|
+
s.add_runtime_dependency(%q<awesome_print>, [">= 0"])
|
73
87
|
s.add_development_dependency(%q<rspec>, ["~> 2.3.0"])
|
74
88
|
s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
|
75
89
|
s.add_development_dependency(%q<jeweler>, ["~> 1.6.4"])
|
76
90
|
s.add_development_dependency(%q<rcov>, [">= 0"])
|
77
|
-
s.add_development_dependency(%q<
|
91
|
+
s.add_development_dependency(%q<what_methods>, [">= 0"])
|
92
|
+
s.add_development_dependency(%q<looksee>, [">= 0"])
|
78
93
|
else
|
79
94
|
s.add_dependency(%q<multipart-post>, ["~> 1.1.4"])
|
80
95
|
s.add_dependency(%q<progressbar>, ["~> 0.9.2"])
|
96
|
+
s.add_dependency(%q<awesome_print>, [">= 0"])
|
81
97
|
s.add_dependency(%q<rspec>, ["~> 2.3.0"])
|
82
98
|
s.add_dependency(%q<bundler>, ["~> 1.0.0"])
|
83
99
|
s.add_dependency(%q<jeweler>, ["~> 1.6.4"])
|
84
100
|
s.add_dependency(%q<rcov>, [">= 0"])
|
85
|
-
s.add_dependency(%q<
|
101
|
+
s.add_dependency(%q<what_methods>, [">= 0"])
|
102
|
+
s.add_dependency(%q<looksee>, [">= 0"])
|
86
103
|
end
|
87
104
|
else
|
88
105
|
s.add_dependency(%q<multipart-post>, ["~> 1.1.4"])
|
89
106
|
s.add_dependency(%q<progressbar>, ["~> 0.9.2"])
|
107
|
+
s.add_dependency(%q<awesome_print>, [">= 0"])
|
90
108
|
s.add_dependency(%q<rspec>, ["~> 2.3.0"])
|
91
109
|
s.add_dependency(%q<bundler>, ["~> 1.0.0"])
|
92
110
|
s.add_dependency(%q<jeweler>, ["~> 1.6.4"])
|
93
111
|
s.add_dependency(%q<rcov>, [">= 0"])
|
94
|
-
s.add_dependency(%q<
|
112
|
+
s.add_dependency(%q<what_methods>, [">= 0"])
|
113
|
+
s.add_dependency(%q<looksee>, [">= 0"])
|
95
114
|
end
|
96
115
|
end
|
97
116
|
|
data/spec/pe_spec.rb
CHANGED
@@ -3,4 +3,65 @@ require File.expand_path(File.dirname(__FILE__) + '/../lib/pedump')
|
|
3
3
|
|
4
4
|
describe 'PE' do
|
5
5
|
it "should assume TimeDateStamp is in UTC"
|
6
|
+
|
7
|
+
KLASS = PEdump::ImportedFunction
|
8
|
+
|
9
|
+
describe KLASS do
|
10
|
+
it "should be equal" do
|
11
|
+
pending "necessary?"
|
12
|
+
a = []
|
13
|
+
KLASS.new(*a).should == KLASS.new(*a)
|
14
|
+
a = ['a']
|
15
|
+
KLASS.new(*a).should == KLASS.new(*a)
|
16
|
+
a = ['a','b']
|
17
|
+
KLASS.new(*a).should == KLASS.new(*a)
|
18
|
+
a = ['a','b','c']
|
19
|
+
KLASS.new(*a).should == KLASS.new(*a)
|
20
|
+
a = ['a','b','c','d']
|
21
|
+
KLASS.new(*a).should == KLASS.new(*a)
|
22
|
+
end
|
23
|
+
|
24
|
+
it "should not be equal" do
|
25
|
+
a = ['a']
|
26
|
+
b = []
|
27
|
+
KLASS.new(*a).should_not == KLASS.new(*b)
|
28
|
+
a = ['a']
|
29
|
+
b = ['b']
|
30
|
+
KLASS.new(*a).should_not == KLASS.new(*b)
|
31
|
+
a = ['a','B']
|
32
|
+
b = ['a','b']
|
33
|
+
KLASS.new(*a).should_not == KLASS.new(*b)
|
34
|
+
a = ['a','b','c']
|
35
|
+
b = ['a','b']
|
36
|
+
KLASS.new(*a).should_not == KLASS.new(*b)
|
37
|
+
a = ['a','b','c']
|
38
|
+
b = ['a','b','X']
|
39
|
+
KLASS.new(*a).should_not == KLASS.new(*b)
|
40
|
+
end
|
41
|
+
|
42
|
+
it "should be equal with different VA's" do
|
43
|
+
pending "necessary?"
|
44
|
+
a = ['a','b','c',nil]
|
45
|
+
b = ['a','b','c','d']
|
46
|
+
KLASS.new(*a).should == KLASS.new(*b)
|
47
|
+
a = ['a','b','c',0x1000]
|
48
|
+
b = ['a','b','c',0x2000]
|
49
|
+
KLASS.new(*a).should == KLASS.new(*b)
|
50
|
+
a = ['a','b','c',0x1000]
|
51
|
+
b = ['a','b','c',0x1000]
|
52
|
+
KLASS.new(*a).should == KLASS.new(*b)
|
53
|
+
end
|
54
|
+
|
55
|
+
it "should be equal in uniq() with different VA's" do
|
56
|
+
a = ['a','b','c',nil]
|
57
|
+
b = ['a','b','c','d']
|
58
|
+
[KLASS.new(*a), KLASS.new(*b)].uniq.size.should == 1
|
59
|
+
a = ['a','b','c',0x1000]
|
60
|
+
b = ['a','b','c',0x2000]
|
61
|
+
[KLASS.new(*a), KLASS.new(*b)].uniq.size.should == 1
|
62
|
+
a = ['a','b','c',0x1000]
|
63
|
+
b = ['a','b','c',0x1000]
|
64
|
+
[KLASS.new(*a), KLASS.new(*b)].uniq.size.should == 1
|
65
|
+
end
|
66
|
+
end
|
6
67
|
end
|
@@ -0,0 +1,69 @@
|
|
1
|
+
root = File.expand_path(File.dirname(File.dirname(File.dirname(__FILE__))))
|
2
|
+
require "#{root}/spec/spec_helper"
|
3
|
+
require "#{root}/lib/pedump"
|
4
|
+
require "#{root}/lib/pedump/unpacker/aspack"
|
5
|
+
require "#{root}/lib/pedump/comparer"
|
6
|
+
|
7
|
+
describe PEdump::Unpacker::ASPack do
|
8
|
+
Dir["#{root}/samples/*.asp[1-9]*.{exe}"].each do |pname|
|
9
|
+
orig_fname = pname.sub(/\.asp[^.]+/,'')
|
10
|
+
|
11
|
+
describe File.basename(orig_fname) + " vs " + File.basename(pname) do
|
12
|
+
before :all do
|
13
|
+
@ldr = PEdump::Loader.new(File.open(orig_fname,"rb"))
|
14
|
+
end
|
15
|
+
|
16
|
+
it "should have no differences" do
|
17
|
+
File.open(pname,"rb") do |f|
|
18
|
+
u = PEdump::Unpacker::ASPack.new(f)
|
19
|
+
File.open("#{root}/tmp/unpacked.tmp","w+") do |fo|
|
20
|
+
u.unpack.dump(fo)
|
21
|
+
fo.rewind
|
22
|
+
ldr = PEdump::Loader.new(fo)
|
23
|
+
|
24
|
+
comparer = PEdump::Comparer.new(@ldr, ldr)
|
25
|
+
comparer.ignored_data_dirs = [
|
26
|
+
PEdump::IMAGE_DATA_DIRECTORY::LOAD_CONFIG,
|
27
|
+
PEdump::IMAGE_DATA_DIRECTORY::Bound_IAT,
|
28
|
+
PEdump::IMAGE_DATA_DIRECTORY::Delay_IAT
|
29
|
+
]
|
30
|
+
comparer.ignored_sections = [ '.rsrc', '.aspack' ]
|
31
|
+
comparer.diff.should == []
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
Dir["#{root}/samples/*.asp[1-9]*.{ocx}"].each do |pname|
|
39
|
+
orig_fname = pname.sub(/\.asp[^.]+/,'')
|
40
|
+
|
41
|
+
describe File.basename(orig_fname) + " vs " + File.basename(pname) do
|
42
|
+
before :all do
|
43
|
+
@ldr = PEdump::Loader.new(File.open(orig_fname,"rb"))
|
44
|
+
end
|
45
|
+
|
46
|
+
it "should have no differences" do
|
47
|
+
File.open(pname,"rb") do |f|
|
48
|
+
u = PEdump::Unpacker::ASPack.new(f)
|
49
|
+
File.open("#{root}/tmp/unpacked.tmp","w+") do |fo|
|
50
|
+
u.unpack.dump(fo)
|
51
|
+
fo.rewind
|
52
|
+
ldr = PEdump::Loader.new(fo)
|
53
|
+
|
54
|
+
comparer = PEdump::Comparer.new(@ldr, ldr)
|
55
|
+
comparer.ignored_data_dirs = [
|
56
|
+
PEdump::IMAGE_DATA_DIRECTORY::LOAD_CONFIG,
|
57
|
+
PEdump::IMAGE_DATA_DIRECTORY::Bound_IAT,
|
58
|
+
PEdump::IMAGE_DATA_DIRECTORY::Delay_IAT,
|
59
|
+
PEdump::IMAGE_DATA_DIRECTORY::BASERELOC, # 0x15496 vs 0x15494
|
60
|
+
PEdump::IMAGE_DATA_DIRECTORY::IAT
|
61
|
+
]
|
62
|
+
comparer.ignored_sections = [ '.rsrc', '.aspack', '.cas' ]
|
63
|
+
comparer.diff.should == []
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
root = File.expand_path(File.dirname(File.dirname(File.dirname(__FILE__))))
|
2
|
+
require "#{root}/spec/spec_helper"
|
3
|
+
require "#{root}/lib/pedump/unpacker"
|
4
|
+
|
5
|
+
describe PEdump::Unpacker do
|
6
|
+
it "finds UPX" do
|
7
|
+
PEdump::Unpacker.find("#{root}/samples/calc_upx.exe").should == PEdump::Unpacker::UPX
|
8
|
+
end
|
9
|
+
|
10
|
+
it "finds ASPack" do
|
11
|
+
PEdump::Unpacker.find("#{root}/samples/calc.asp212.exe").should == PEdump::Unpacker::ASPack
|
12
|
+
end
|
13
|
+
|
14
|
+
it "finds nothing" do
|
15
|
+
PEdump::Unpacker.find("#{root}/samples/calc.exe").should be_nil
|
16
|
+
end
|
17
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pedump
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.6
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,11 +9,11 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2012-01-02 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: multipart-post
|
16
|
-
requirement: &
|
16
|
+
requirement: &70220274686500 !ruby/object:Gem::Requirement
|
17
17
|
none: false
|
18
18
|
requirements:
|
19
19
|
- - ~>
|
@@ -21,10 +21,10 @@ dependencies:
|
|
21
21
|
version: 1.1.4
|
22
22
|
type: :runtime
|
23
23
|
prerelease: false
|
24
|
-
version_requirements: *
|
24
|
+
version_requirements: *70220274686500
|
25
25
|
- !ruby/object:Gem::Dependency
|
26
26
|
name: progressbar
|
27
|
-
requirement: &
|
27
|
+
requirement: &70220274684420 !ruby/object:Gem::Requirement
|
28
28
|
none: false
|
29
29
|
requirements:
|
30
30
|
- - ~>
|
@@ -32,10 +32,21 @@ dependencies:
|
|
32
32
|
version: 0.9.2
|
33
33
|
type: :runtime
|
34
34
|
prerelease: false
|
35
|
-
version_requirements: *
|
35
|
+
version_requirements: *70220274684420
|
36
|
+
- !ruby/object:Gem::Dependency
|
37
|
+
name: awesome_print
|
38
|
+
requirement: &70220274683420 !ruby/object:Gem::Requirement
|
39
|
+
none: false
|
40
|
+
requirements:
|
41
|
+
- - ! '>='
|
42
|
+
- !ruby/object:Gem::Version
|
43
|
+
version: '0'
|
44
|
+
type: :runtime
|
45
|
+
prerelease: false
|
46
|
+
version_requirements: *70220274683420
|
36
47
|
- !ruby/object:Gem::Dependency
|
37
48
|
name: rspec
|
38
|
-
requirement: &
|
49
|
+
requirement: &70220274682560 !ruby/object:Gem::Requirement
|
39
50
|
none: false
|
40
51
|
requirements:
|
41
52
|
- - ~>
|
@@ -43,10 +54,10 @@ dependencies:
|
|
43
54
|
version: 2.3.0
|
44
55
|
type: :development
|
45
56
|
prerelease: false
|
46
|
-
version_requirements: *
|
57
|
+
version_requirements: *70220274682560
|
47
58
|
- !ruby/object:Gem::Dependency
|
48
59
|
name: bundler
|
49
|
-
requirement: &
|
60
|
+
requirement: &70220274681480 !ruby/object:Gem::Requirement
|
50
61
|
none: false
|
51
62
|
requirements:
|
52
63
|
- - ~>
|
@@ -54,10 +65,10 @@ dependencies:
|
|
54
65
|
version: 1.0.0
|
55
66
|
type: :development
|
56
67
|
prerelease: false
|
57
|
-
version_requirements: *
|
68
|
+
version_requirements: *70220274681480
|
58
69
|
- !ruby/object:Gem::Dependency
|
59
70
|
name: jeweler
|
60
|
-
requirement: &
|
71
|
+
requirement: &70220274680660 !ruby/object:Gem::Requirement
|
61
72
|
none: false
|
62
73
|
requirements:
|
63
74
|
- - ~>
|
@@ -65,10 +76,10 @@ dependencies:
|
|
65
76
|
version: 1.6.4
|
66
77
|
type: :development
|
67
78
|
prerelease: false
|
68
|
-
version_requirements: *
|
79
|
+
version_requirements: *70220274680660
|
69
80
|
- !ruby/object:Gem::Dependency
|
70
81
|
name: rcov
|
71
|
-
requirement: &
|
82
|
+
requirement: &70220274695800 !ruby/object:Gem::Requirement
|
72
83
|
none: false
|
73
84
|
requirements:
|
74
85
|
- - ! '>='
|
@@ -76,10 +87,21 @@ dependencies:
|
|
76
87
|
version: '0'
|
77
88
|
type: :development
|
78
89
|
prerelease: false
|
79
|
-
version_requirements: *
|
90
|
+
version_requirements: *70220274695800
|
80
91
|
- !ruby/object:Gem::Dependency
|
81
|
-
name:
|
82
|
-
requirement: &
|
92
|
+
name: what_methods
|
93
|
+
requirement: &70220274692960 !ruby/object:Gem::Requirement
|
94
|
+
none: false
|
95
|
+
requirements:
|
96
|
+
- - ! '>='
|
97
|
+
- !ruby/object:Gem::Version
|
98
|
+
version: '0'
|
99
|
+
type: :development
|
100
|
+
prerelease: false
|
101
|
+
version_requirements: *70220274692960
|
102
|
+
- !ruby/object:Gem::Dependency
|
103
|
+
name: looksee
|
104
|
+
requirement: &70220274691880 !ruby/object:Gem::Requirement
|
83
105
|
none: false
|
84
106
|
requirements:
|
85
107
|
- - ! '>='
|
@@ -87,7 +109,7 @@ dependencies:
|
|
87
109
|
version: '0'
|
88
110
|
type: :development
|
89
111
|
prerelease: false
|
90
|
-
version_requirements: *
|
112
|
+
version_requirements: *70220274691880
|
91
113
|
description: dump headers, sections, extract resources of win32 PE exe,dll,etc
|
92
114
|
email: zed.0xff@gmail.com
|
93
115
|
executables:
|
@@ -112,15 +134,26 @@ files:
|
|
112
134
|
- data/userdb.txt
|
113
135
|
- lib/pedump.rb
|
114
136
|
- lib/pedump/cli.rb
|
137
|
+
- lib/pedump/comparer.rb
|
115
138
|
- lib/pedump/composite_io.rb
|
116
139
|
- lib/pedump/core.rb
|
140
|
+
- lib/pedump/loader.rb
|
141
|
+
- lib/pedump/loader/section.rb
|
142
|
+
- lib/pedump/logger.rb
|
117
143
|
- lib/pedump/packer.rb
|
118
144
|
- lib/pedump/pe.rb
|
119
145
|
- lib/pedump/resources.rb
|
120
146
|
- lib/pedump/sig_parser.rb
|
121
147
|
- lib/pedump/tls.rb
|
148
|
+
- lib/pedump/unpacker.rb
|
149
|
+
- lib/pedump/unpacker/aspack.rb
|
150
|
+
- lib/pedump/unpacker/upx.rb
|
122
151
|
- lib/pedump/version.rb
|
123
152
|
- lib/pedump/version_info.rb
|
153
|
+
- misc/aspack/Makefile
|
154
|
+
- misc/aspack/aspack_unlzx.c
|
155
|
+
- misc/aspack/lzxdec.c
|
156
|
+
- misc/aspack/lzxdec.h
|
124
157
|
- pedump.gemspec
|
125
158
|
- spec/65535sects_spec.rb
|
126
159
|
- spec/composite_io_spec.rb
|
@@ -135,6 +168,8 @@ files:
|
|
135
168
|
- spec/sig_all_packers_spec.rb
|
136
169
|
- spec/sig_spec.rb
|
137
170
|
- spec/spec_helper.rb
|
171
|
+
- spec/unpackers/aspack_spec.rb
|
172
|
+
- spec/unpackers/find_spec.rb
|
138
173
|
- spec/virtsectblXP_spec.rb
|
139
174
|
homepage: http://github.com/zed-0xff/pedump
|
140
175
|
licenses:
|
@@ -151,7 +186,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
151
186
|
version: '0'
|
152
187
|
segments:
|
153
188
|
- 0
|
154
|
-
hash:
|
189
|
+
hash: 1478998611787411165
|
155
190
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
156
191
|
none: false
|
157
192
|
requirements:
|