Many improvements.

2026-01-02 08:33:20 +00:00 · 2018-02-11 21:11:58 -08:00
parent 508646044e
commit 4b5c77b4fd
127 changed files with 51725 additions and 35030 deletions
--- a/Debug/PE.js
+++ b/Debug/PE.js
@@ -0,0 +1,122 @@
+// JavaScript source code
+
+var fs = require('fs');
+//var buffer = fs.readFileSync('test.bin');
+//var tls = require('tls');
+
+//var pem = tls.loadpkcs7b(buffer);
+//console.log(pem.toString());
+
+
+
+
+var fd = fs.openSync(process.execPath.replace('MeshConsole', 'MC2'), 'rb+');
+var bytesRead;
+var dosHeader = new Buffer(64);
+var ntHeader = new Buffer(24);
+var optHeader;
+
+console.log(process.execPath.replace('MeshConsole', 'MC2'));
+
+bytesRead = fs.readSync(fd, dosHeader, 0, 64, 0);
+if (dosHeader.readUInt16LE(0).toString(16).toUpperCase() != '5A4D')
+{
+    console.log('unrecognized binary format');
+}
+
+bytesRead = fs.readSync(fd, ntHeader, 0, ntHeader.length, dosHeader.readUInt32LE(60));
+
+if (ntHeader.slice(0, 4).toString('hex') != '50450000')
+{
+    console.log('not PE format');
+}
+
+switch (ntHeader.readUInt16LE(4).toString(16))
+{
+    case '14c':
+        console.log('x86 binary');
+        break;
+    case '8664':
+        console.log('x64 binary');
+        break;
+    default:
+        console.log('unknown binary type');
+        break;
+}
+
+console.log('Optional Size = ' + ntHeader.readUInt16LE(20) + 'bytes');
+optHeader = new Buffer(ntHeader.readUInt16LE(20));
+bytesRead = fs.readSync(fd, optHeader, 0, optHeader.length, dosHeader.readUInt32LE(60) + 24);
+var numRVA = undefined;
+var CertificateTableAddress = undefined;
+var CertificateTableSize = undefined;
+
+switch (optHeader.readUInt16LE(0).toString(16).toUpperCase())
+{
+    case '10B':
+        console.log('Found IMAGE_NT_OPTIONAL_HDR32_MAGIC');
+        numRVA = optHeader.readUInt32LE(92);
+        CertificateTableAddress = optHeader.readUInt32LE(128);
+        CertificateTableSize = optHeader.readUInt32LE(132);
+        break;
+    case '20B':
+        console.log('Found IMAGE_NT_OPTIONAL_HDR64_MAGIC');
+        numRVA = optHeader.readUInt32LE(108);
+        CertificateTableAddress = optHeader.readUInt32LE(144);
+        CertificateTableSize = optHeader.readUInt32LE(148);
+        break;
+    default:
+        console.log('Unknown Value found for Optional Magic: ' + ntHeader.readUInt16LE(24).toString(16).toUpperCase());
+        break;
+}
+
+console.log('Number of RVA Entries: ' + numRVA.toString());
+console.log('Certificate Table Address: ' + CertificateTableAddress.toString(16).toUpperCase());
+console.log('Certificate Table Size: ' + CertificateTableSize.toString());
+
+var hdr = new Buffer(8);
+fs.readSync(fd, hdr, 0, hdr.length, CertificateTableAddress);
+console.log('dwLength = ' + hdr.readUInt32LE(0).toString());
+
+console.log('Updating Table Entries: ');
+optHeader.writeUInt32LE(6848, 132);
+hdr.writeUInt32LE(6848, 0);
+
+console.log('written', fs.writeSync(fd, optHeader, 0, optHeader.length, dosHeader.readUInt32LE(60) + 24));
+console.log('written', fs.writeSync(fd, hdr, 0, hdr.length, CertificateTableAddress));
+
+console.log('Done!');
+
+
+fs.closeSync(fd);
+
+//switch (hdr.readUInt16LE(6).toString(16).toUpperCase())
+//{
+//    case '1':
+//        console.log('Cert Type = X509');
+//        break;
+//    case '2':
+//        console.log('Cert Type = PKCS#7')
+//        break;
+//    case '3':
+//        console.log('Cert Type = RESERVED')
+//        break;
+//    case '4':
+//        console.log('Cert Type = TERMINAL_SERVER')
+//        break;
+//}
+
+//var cert = new Buffer(hdr.readUInt32LE(0) - 8);
+//fs.readSync(fd, cert, 0, cert.length, CertificateTableAddress + hdr.length);
+
+//console.log('Cert Length: ' + cert.length);
+//console.log(cert.toString());
+
+//console.log(1);
+//var ws = fs.createWriteStream("test.txt", { flags: "wb" });
+//ws.write(cert);
+//console.log(2);
+//ws.end();
+//console.log(3);
+
+