Thanks to visit codestin.com
Credit goes to github.com

Skip to content

ScanPE Rich Info Additions #344

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
phutelmyer merged 2 commits into from
Mar 7, 2023
Merged

ScanPE Rich Info Additions #344

phutelmyer merged 2 commits into from
Mar 7, 2023

Conversation

@phutelmyer
Copy link
Contributor

@phutelmyer phutelmyer commented Mar 2, 2023
edited
Loading

Describe the change
Adding functionality to ScanPE in an effort to extract additional rich information such as tool version and tool ID. The rich information can describe the visual studio tool used to compile a PE file.

Describe testing procedures

====================== 122 passed, 20 warnings in 54.07s =======================
[+] Done
Removing intermediate container cdd6be58ab9d
 ---> 7b515d99a812
Step 28/31 : USER root
 ---> Running in 7471eeca71c5
Removing intermediate container 7471eeca71c5
 ---> 5012c9e6e217
Step 29/31 : RUN cd /strelka/ &&     rm -rf /strelka/
 ---> Running in 63a5b59561b9
Removing intermediate container 63a5b59561b9
 ---> 2e8279525a45
Step 30/31 : RUN rm -rf /etc/strelka/
 ---> Running in fe4c3632c3af
Removing intermediate container fe4c3632c3af
 ---> 3284c71ed754
Step 31/31 : USER $USERNAME
 ---> Running in 7b9fa4a41ce2
Removing intermediate container 7b9fa4a41ce2
 ---> 412f43d21890
Successfully built 412f43d21890
Successfully tagged build_backend:latest

Sample output

"rich": {
        "raw_data": {
          "data": "4MU60aSkVIKkpFSCpKRUgt+4WIKmpFSCy7tfgqWkVIInuFqCoKRUgsu7XoKvpFSCy7tQgqCkVIJnqwmCqaRUgqSkVYIHpFSCkoJfgqOkVIJjolKCpaRUgg==",
          "md5": "93680e43cd7576fccf02573cd0b5d273"
        },
        "key": "a4a45482",
        "info": [
          {
            "toolid": 12,
            "count": 2,
            "version": 7291
          },
          {
            "toolid": 11,
            "count": 1,
            "version": 8047
          },
          {
            "toolid": 14,
            "count": 4,
            "version": 7299
          },

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of and tested my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings

@phutelmyer phutelmyer added the enhancement New feature or request label Mar 2, 2023
@phutelmyer phutelmyer merged commit a463909 into master Mar 7, 2023
@phutelmyer phutelmyer deleted the scan-pe-rich-enhancement branch March 28, 2023 13:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@phutelmyer