pedump 0.6.6 → 0.6.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +34 -32
  3. data/README.md +8 -0
  4. data/VERSION +1 -1
  5. data/data/ordlookup/oleaut32.dll.yml +796 -0
  6. data/data/ordlookup/pefile2json.py +17 -0
  7. data/data/ordlookup/ws2_32.dll.yml +234 -0
  8. data/data/ordlookup/wsock32.dll.yml +234 -0
  9. data/lib/pedump/cli.rb +92 -9
  10. data/lib/pedump/ordlookup.rb +19 -0
  11. data/lib/pedump/pe.rb +4 -2
  12. data/lib/pedump.rb +28 -0
  13. data/pedump.gemspec +19 -28
  14. metadata +8 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a29cf374abd4b35bce80ba41d7e9be527931e3605217a3b1896005092c9c638d
4
- data.tar.gz: 323f9367be9ebcda64f92ad60816909636b9e78f7afbbba3f4285ea144b088c7
3
+ metadata.gz: 71cf1d5280d69bb55528610be1281415edb247ab051dc30e8f473deb3478b2e2
4
+ data.tar.gz: f35b57ee5d35f2ebffbef16904ed0393f29b5eea1b235e43f13fced736826401
5
5
  SHA512:
6
- metadata.gz: 3ca387ff060430589432109b1555c8ce4f8249a2964369c18191381a7efa51638d93af5685a38ba1f00224bd44da013e3fd2f6a255b40d9745ea654b5d11c782
7
- data.tar.gz: cae940b00dd6d77e896d9593296b3ab3b16d4cdc88ba1bd8e0eded2ee40f7a8427a6513d6ae817bb234752fc909a72827d8b7afd8d0eb5d3a829b239fc9ed47a
6
+ metadata.gz: d2d43650cebbda5b18cfc215460ce7b6bc077f0488a40bec3cb24fbbb941b02acb29a5ee0345b17faa274780f01531847b37b89fe419eacd094d8f507ea402f3
7
+ data.tar.gz: c5137537e4fe3a27250131012e7d4214e793f4ab648ad7f0ead40a3e6305aea01e8a4760bd503cc887ed0617f18750ea193a7caadb4f500e2aede86b713b1565
data/Gemfile.lock CHANGED
@@ -1,14 +1,15 @@
1
1
  GEM
2
2
  remote: https://rubygems.org/
3
3
  specs:
4
- addressable (2.8.0)
5
- public_suffix (>= 2.0.2, < 5.0)
4
+ addressable (2.8.6)
5
+ public_suffix (>= 2.0.2, < 6.0)
6
6
  awesome_print (1.9.2)
7
+ base64 (0.2.0)
7
8
  builder (3.2.4)
8
9
  descendants_tracker (0.0.4)
9
10
  thread_safe (~> 0.3, >= 0.3.1)
10
- diff-lcs (1.5.0)
11
- faraday (1.9.3)
11
+ diff-lcs (1.5.1)
12
+ faraday (1.10.3)
12
13
  faraday-em_http (~> 1.0)
13
14
  faraday-em_synchrony (~> 1.0)
14
15
  faraday-excon (~> 1.1)
@@ -24,14 +25,14 @@ GEM
24
25
  faraday-em_synchrony (1.0.0)
25
26
  faraday-excon (1.1.0)
26
27
  faraday-httpclient (1.0.1)
27
- faraday-multipart (1.0.3)
28
- multipart-post (>= 1.2, < 3)
28
+ faraday-multipart (1.0.4)
29
+ multipart-post (~> 2)
29
30
  faraday-net_http (1.0.1)
30
31
  faraday-net_http_persistent (1.2.0)
31
32
  faraday-patron (1.0.0)
32
33
  faraday-rack (1.0.0)
33
34
  faraday-retry (1.0.3)
34
- git (1.13.1)
35
+ git (1.19.1)
35
36
  addressable (~> 2.8)
36
37
  rchardet (~> 1.8)
37
38
  github_api (0.19.0)
@@ -41,7 +42,7 @@ GEM
41
42
  hashie (~> 3.5, >= 3.5.2)
42
43
  oauth2 (~> 1.0)
43
44
  hashie (3.6.0)
44
- highline (2.0.3)
45
+ highline (3.0.1)
45
46
  iostruct (0.0.5)
46
47
  juwelier (2.4.9)
47
48
  builder
@@ -55,15 +56,16 @@ GEM
55
56
  rake
56
57
  rdoc
57
58
  semver2
58
- jwt (2.3.0)
59
+ jwt (2.8.1)
60
+ base64
59
61
  kamelcase (0.0.2)
60
62
  semver2 (~> 3)
61
- mini_portile2 (2.8.1)
63
+ mini_portile2 (2.8.6)
62
64
  multi_json (1.15.0)
63
65
  multi_xml (0.6.0)
64
- multipart-post (2.3.0)
65
- nokogiri (1.14.3)
66
- mini_portile2 (~> 2.8.0)
66
+ multipart-post (2.4.0)
67
+ nokogiri (1.16.4)
68
+ mini_portile2 (~> 2.8.2)
67
69
  racc (~> 1.4)
68
70
  oauth2 (1.4.11)
69
71
  faraday (>= 0.17.3, < 3.0)
@@ -71,37 +73,37 @@ GEM
71
73
  multi_json (~> 1.3)
72
74
  multi_xml (~> 0.5)
73
75
  rack (>= 1.2, < 4)
74
- psych (4.0.3)
76
+ psych (5.1.2)
75
77
  stringio
76
- public_suffix (4.0.6)
77
- racc (1.6.2)
78
- rack (3.0.6.1)
78
+ public_suffix (5.0.5)
79
+ racc (1.7.3)
80
+ rack (3.0.10)
79
81
  rainbow (3.1.1)
80
- rake (13.0.6)
82
+ rake (13.2.1)
81
83
  rchardet (1.8.0)
82
- rdoc (6.4.0)
84
+ rdoc (6.6.3.1)
83
85
  psych (>= 4.0.0)
84
- rspec (3.12.0)
85
- rspec-core (~> 3.12.0)
86
- rspec-expectations (~> 3.12.0)
87
- rspec-mocks (~> 3.12.0)
88
- rspec-core (3.12.0)
89
- rspec-support (~> 3.12.0)
90
- rspec-expectations (3.12.0)
86
+ rspec (3.13.0)
87
+ rspec-core (~> 3.13.0)
88
+ rspec-expectations (~> 3.13.0)
89
+ rspec-mocks (~> 3.13.0)
90
+ rspec-core (3.13.0)
91
+ rspec-support (~> 3.13.0)
92
+ rspec-expectations (3.13.0)
91
93
  diff-lcs (>= 1.2.0, < 2.0)
92
- rspec-support (~> 3.12.0)
94
+ rspec-support (~> 3.13.0)
93
95
  rspec-its (1.3.0)
94
96
  rspec-core (>= 3.0.0)
95
97
  rspec-expectations (>= 3.0.0)
96
- rspec-mocks (3.12.0)
98
+ rspec-mocks (3.13.0)
97
99
  diff-lcs (>= 1.2.0, < 2.0)
98
- rspec-support (~> 3.12.0)
99
- rspec-support (3.12.0)
100
+ rspec-support (~> 3.13.0)
101
+ rspec-support (3.13.1)
100
102
  ruby2_keywords (0.0.5)
101
103
  semver2 (3.4.2)
102
- stringio (3.0.1)
104
+ stringio (3.1.0)
103
105
  thread_safe (0.3.6)
104
- zhexdump (0.0.2)
106
+ zhexdump (0.1.0)
105
107
 
106
108
  PLATFORMS
107
109
  ruby
data/README.md CHANGED
@@ -4,6 +4,11 @@ pedump [![Build Status](https://travis-ci.org/zed-0xff/pedump.png?branch=mast
4
4
  News
5
5
  ----
6
6
  ```
7
+ 2024.04.20 - cli: add --set-dll-char to patch dll characteristics
8
+ pe: imphash calculation
9
+ cli: added --imphash option
10
+ 2024.01.15 - add "--set-os-version VER" cmdline option for patching OS version in PE header
11
+ 2023.12.04 - workaround IO.pread() not available on windows
7
12
  2021.02.18 - updated gems; changed open-uri to URI.open; enabled SSL on https://pedump.me/
8
13
  2020.08.09 - CLI: added resource extracting with --extract ID
9
14
  2020.07.28 - 0.6.1; better RICH HDR parsing/output
@@ -73,6 +78,7 @@ Usage
73
78
  -I, --imports
74
79
  -E, --exports
75
80
  -V, --version-info
81
+ --imphash
76
82
  --packer
77
83
  --deep packer deep scan, significantly slower
78
84
  -P, --packer-only packer/compiler detect only,
@@ -88,6 +94,8 @@ Usage
88
94
  ID: section:rva/0x1000 - section by RVA
89
95
  ID: section:raw/0x400 - section by RAW_PTR
90
96
  --va2file VA Convert RVA to file offset
97
+ --set-os-version VER Patch OS version in PE header
98
+ --set-dll-char X Patch IMAGE_OPTIONAL_HEADER32.DllCharacteristics
91
99
 
92
100
  -W, --web Uploads files to a https://pedump.me
93
101
  for a nice HTML tables with image previews,
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.6.6
1
+ 0.6.9