1
0
Fork 0
mirror of https://github.com/atom0s/Steamless.git synced 2024-12-31 23:47:40 +01:00
Commit graph

79 commits

Author SHA1 Message Date
atom0s
87732ea284
Update README.md 2023-05-28 02:57:18 -07:00
atom0s
976b194522
Add repo files. 2023-05-28 02:49:31 -07:00
atom0s
0fd49fe42c
Update copyright year to 2023. 2023-05-28 02:14:43 -07:00
atom0s
97db6cb6de
Bump the main executable version. 2023-05-28 02:09:30 -07:00
atom0s
2a63293807
Plugin: (AutomaticPlugin) Add additional error messages for when failing to parse a valid PE file and when an exception happens during parsing. 2023-05-28 02:08:05 -07:00
atom0s
4c3c6e757c
API: (PE32) Adjusted 'Parse' method to exit early if the DOS stub is invalid. (Avoids attempting to read an invalid NT header block.)
API: (PE64) Adjusted 'Parse' method to exit early if the DOS stub is invalid. (Avoids attempting to read an invalid NT header block.)
2023-05-28 02:07:05 -07:00
atom0s
7f92aded2c
API: (PE32) Changed IMAGE_DOS_HEADER structure field 'Signature' to be a full type (ushort) instead of an array.
API: (PE64) Changed IMAGE_DOS_HEADER structure field 'Signature' to be a full type (ushort) instead of an array.
API: (PE32) Changed IMAGE_NT_HEADERS structure field 'Signature' to be a full type (uint) instead of an array.
API: (PE64) Changed IMAGE_NT_HEADERS structure field 'Signature' to be a full type (uint) instead of an array.
API: (PE32) Fixed IMAGE_DOS_HEADER helper property 'IsValid' to use the standard 'IMAGE_DOS_SIGNATURE' value.
API: (PE64) Fixed IMAGE_NT_HEADERS helper property 'IsValid' to use the standard 'IMAGE_NT_SIGNATURE' value.
2023-05-28 01:48:40 -07:00
atom0s
640e57e148
Unpacker 2.0 (x86) - Add support for additional samples. (Header size: 884)
Bump version.
2022-09-26 02:30:40 -07:00
atom0s
fa0d8319f3
Bump version. 2022-09-23 16:04:00 -07:00
atom0s
65b5644afe
Unpacker v2.0 (x86) - Add support for multiple variants of the header.
Unpacker v2.0 (x86) - Fix and rename some of the fields of the stub header.
Unpacker v2.0 (x86) - Add error message for unsupported header sizes to help collect samples.
2022-09-23 16:00:33 -07:00
atom0s
411f4f711c
PE32: Replace manual PE checksum calculations with Win32 API call instead.
PE64: Replace manual PE checksum calculations with Win32 API call instead.

I was trying to avoid using Win32 API calls in this project for the most part, however, this calculation has multiple conditions that can alter its result. Steamless was only producing proper checksums about 40% of the time as a result of this. Instead, the project will now use the system API call 'MapFileAndCheckSum' to calculate the checksum properly.
2022-09-23 15:58:12 -07:00
atom0s
51be8ca795
API: Add import for MapFileAndCheckSum. 2022-09-23 15:54:19 -07:00
atom0s
b6d445fda4
AutomaticPlugin - Added support for logging service usage.
AutomaticPlugin - Added detection and logging output to mention if a file is most likely not packed with SteamStub.
Core - Fixed issue with AutomaticPlugin not properly initializing.
Unpacker v2.0 (x86) - Adjusted how the code section RVA is determined. (Moved a second check to 'optional feature' state for now.)
2022-09-21 18:55:29 -07:00
atom0s
1bdd96e657
* Unpacker v2.1 (x86) - Updated the header to handle the StubData more correctly. 2022-04-24 21:34:23 -07:00
atom0s
0b67eab1d1
Unpacker v2.1 (x86) - Updated the header information based on new sample info. 2022-04-15 19:28:59 -07:00
atom0s
2023853b31
Small cleanup. 2022-04-04 22:03:28 -07:00
atom0s
700425f68a
CLI: Remove .pdb generation on Release mode.
Unpacker: Variant v10x86 - Fix incorrect output path when compiled for Release mode.
2022-04-04 21:59:42 -07:00
atom0s
c2719b776d
CLI: Fix issues where Steamless.API.dll was required to be in the same folder as the CLI executable.
CLI: Fix Steamless.API.dll reference being copied to main output folder.
2022-04-04 21:55:49 -07:00
atom0s
0a38c2476c
Bump version number. 2022-04-04 21:40:50 -07:00
atom0s
25f3584e39
Core: fix release mode output folder for new CLI version. 2022-04-04 21:39:00 -07:00
atom0s
62ffbe6732
Core: Added Steamless.CLI to run Steamless from the command line.
Core: Bumped version to 3.0.0.15
2022-04-04 21:37:35 -07:00
atom0s
9adc76d6da
Bump version. 2022-03-27 00:20:44 -07:00
atom0s
6b7fa1d977
Updated the project README.md
Updated the AboutView.
2022-03-27 00:19:57 -07:00
atom0s
d97e1a4426
Add Patreon link to FUNDING.yml 2022-03-26 02:52:24 -07:00
atom0s
540b4b067f
API: PE64 - Add new functionality to Pe64Helpers to recalculate a PE file checksum.
Unpackers: (x64) Ensure all unpacked files default to a checksum of 0.
Unpackers: (x64) Add support for new RecalculateFileChecksum setting.
2022-03-26 02:38:35 -07:00
atom0s
2380a4bd8a
Unpackers: (x86) - Ensure all unpacked files default to a checksum of 0. 2022-03-26 02:25:36 -07:00
atom0s
7cb8eaf613
Core: Fix typo with new ZeroDosStubData option checkbox using wrong field bool.
API: Add new option RecalculateFileChecksum to allow unpacked files to have their PE checksum recalculated.
API: PE32 - Add new functionality to Pe32Helpers to recalculate a PE file checksum.
Unpackers: (x86) Add support for new RecalculateFileChecksum setting.

64bit handling to be added soon.
2022-03-26 02:23:03 -07:00
atom0s
12c312b4db
API: Add new option to zero the DOS stub data when unpacking.
Core: Add UI option to enable/disable the new zero DOS stub data option.
Unpackers: Add support for new zero DOS stub data option.
API: `DontRealignSections` and `ZeroDosStubData` are now default enabled as this is the general 'correct' way to handle most files. (Some files do require the section alignment to happen and some files may use the DOS stub for self-validation and such. Adjust accordingly when using Steamless.)
2022-03-25 20:09:21 -07:00
atom0s
18c389ce3c
Unpacker: v10.x86 - Finish implementing SteamStub variant v1.0 (x86) unpacker. (Fixes #22)
This unpacker is currently considered beta. Since I only have 1 sample that uses this variant at the moment, it is not possible to confirm the data and signatures being used are consistent across the board. This variant is also very basic and does not seem to include any means of real protection. (ie. encrypting the code section.) I'd assume this version also did not support x64 files or TLS callbacks so most of the work the other variants can do is left out until other samples prove this needs to support those kinds of features.
2022-03-25 19:33:17 -07:00
atom0s
39ad5a2631
Update project information copyrights. 2022-03-25 18:53:29 -07:00
atom0s
5c2c32cab4
Begin variant v1.0 x86 plugin support. 2022-03-25 18:52:33 -07:00
atom0s
9c16bcc8a5
API: PE32 Adjusted FindPattern to return a long instead of uint. Default return is now -1.
API: PE36 Adjusted FindPattern to return a long instead of uint. Default return is now -1.
Unpackers: Updated all usages of FindPattern to reflect new API change.
2022-03-25 18:49:50 -07:00
atom0s
d3a9dad663
Bump version number. 2022-03-25 16:49:01 -07:00
atom0s
b97f148945
Unpacker: v30.x64 - Renamed header field Unknown0003 to HasTlsCallback.
Unpacker: v30.x64 - Add support for handling files packed with TlsCallback overrides.

This feature is currently only supported in this variant for the time being. (Until other samples are provided that have a TlsCallback override for the other variants.)

Notes on how this file type works can be found here: https://github.com/atom0s/Steamless/issues/20#issuecomment-1078821463

This fixes: #20
2022-03-25 16:46:38 -07:00
atom0s
0ad40aeabd
API: PE32 - Fix SizeOfImage alignment.
API: PE64 - Fix SizeOfImage alignment.
Unpacker: v20.x86 - Fix SizeOfImage alignment.
Unpacker: v21.x86 - Fix SizeOfImage alignment.
Unpacker: v30.x64 - Fix incorrect TlsOepRva being stored and used.
Unpacker: v30.x64 - Fix incorrect TlsOepRva calculations when reading payload and SteamDRMP.dll.
Unpacker: v31.x64 - Fix incorrect TlsOepRva being stored and used.
Unpacker: v31.x64 - Fix incorrect TlsOepRva calculations when reading payload and SteamDRMP.dll.
2022-03-24 00:58:32 -07:00
atom0s
079a086129
API: Add new option to allow disabling of section realignment.
Core: Add support for new disable section realignment option.
Unpacker: v20.x86 - Add support for new disable section realignment option.
Unpacker: v21.x86 - Add support for new disable section realignment option.
Unpacker: v30.x86 - Add support for new disable section realignment option.
Unpacker: v30.x64 - Add support for new disable section realignment option.
Unpacker: v31.x86 - Add support for new disable section realignment option.
Unpacker: v31.x64 - Add support for new disable section realignment option.
2022-03-23 00:26:02 -07:00
atom0s
75afb9e425
Unpacker: v31.x64 - Bump unpacker version.
Previous commit fixes #65
2022-03-22 14:46:24 -07:00
atom0s
f83d140ebf
API: Add ToString overrides to the section entries to allow easier debugging.
Unpacker: v31.x64 - Remove code section size check. (Some virtualized files will have an empty code section.)
Unpacker: v31.x64 - Allow empty code section files to still unpack by skipping decryption step.
2022-03-22 14:44:49 -07:00
atom0s
5b02106fca
Bump version numbers. 2022-03-22 03:47:51 -07:00
atom0s
d3423cde0e
API: PE64 - Add check for TlsDirectory.AddressOfCallBacks == 0 to prevent attempting to reference invalid data.
Unpacker: v31.x64 - Adjust size of data searched when determining the variant version. Fixes #56
Misc: Update project copyrights.
Misc: Remove some unused/dead code from the UI.
2022-03-22 03:46:48 -07:00
atom0s
b31c7a1884
Fixed 2.1 (x86) unpacker using the wrong encryption size when the .text section is encrypted. (Fixes #57) 2021-09-23 22:51:31 -07:00
atom0s
2a10df60c1
Update README. 2020-12-18 02:31:35 -08:00
atom0s
6b06ba9902
File version bump for 3.0.0.11 release. 2020-12-18 02:24:32 -08:00
atom0s
769232fc65
Add support for the real stub 2.0 variant. (This is a first-go at this version. I only have 1 sample with this version of the stub so it is solely based on this one exe. The full stub has been reversed for this file though. You can find more about that in issue #37) 2020-12-18 02:10:09 -08:00
atom0s
82d763940a
Fix a few more renames. 2020-12-17 23:39:35 -08:00
atom0s
69b2053f57
Finish 2.0 to 2.1 renaming. 2020-12-17 23:19:02 -08:00
atom0s
5b286530a4
Renamed SteamStub variant 2.0 to 2.1. This is a major change due to a file being presented that looks to be an earlier version of the 2.x variant. This new (older) file presents like 2.x however, it predates some more common features such as the XTEA encryption seen in 2.1 and newer. This version seems less feature-rich and thus I feel it's actually 2.0. 2020-12-17 23:16:20 -08:00
atom0s
869b893ac3
Update more copyrights to 2020.
Update Paypal links to use newer Paypal.me format.
Fix issue with structure size casting that can cause an exception when trying to read a stub header structure.
Fix typo's on some spelling.
2020-12-17 23:10:04 -08:00
atom0s
0b6374e497 Merge branch 'master' of https://github.com/atom0s/Steamless 2020-08-17 01:52:40 -07:00
atom0s
676c863b08 Updated copyright date ranges.
Fixed issue with memory errors due to incorrect structure mapping handling.
2020-08-17 01:52:21 -07:00