github.com/saferwall/pe@v1.5.2/cmd/main.go (about) 1 // Copyright 2018 Saferwall. All rights reserved. 2 // Use of this source code is governed by Apache v2 license 3 // license that can be found in the LICENSE file. 4 5 package main 6 7 import ( 8 "flag" 9 "fmt" 10 "os" 11 "runtime" 12 ) 13 14 type config struct { 15 wantDOSHeader bool 16 wantRichHeader bool 17 wantNTHeader bool 18 wantCOFF bool 19 wantDataDirs bool 20 wantSections bool 21 wantExport bool 22 wantImport bool 23 wantResource bool 24 wantException bool 25 wantCertificate bool 26 wantReloc bool 27 wantDebug bool 28 wantTLS bool 29 wantLoadCfg bool 30 wantBoundImp bool 31 wantIAT bool 32 wantDelayImp bool 33 wantCLR bool 34 } 35 36 func main() { 37 38 dumpCmd := flag.NewFlagSet("dump", flag.ExitOnError) 39 dumpDOSHdr := dumpCmd.Bool("dosheader", false, "Dump DOS header") 40 dumpRichHdr := dumpCmd.Bool("richheader", false, "Dump Rich header") 41 dumpNTHdr := dumpCmd.Bool("ntheader", false, "Dump NT header") 42 dumpCOFF := dumpCmd.Bool("coff", false, "Dump COFF symbols") 43 dumpDirs := dumpCmd.Bool("directories", false, "Dump data directories") 44 dumpSections := dumpCmd.Bool("sections", false, "Dump sections") 45 dumpExport := dumpCmd.Bool("export", false, "Dump export table") 46 dumpImport := dumpCmd.Bool("import", false, "Dump import table") 47 dumpResource := dumpCmd.Bool("resource", false, "Dump resource table") 48 dumpException := dumpCmd.Bool("exception", false, "Dump exception table") 49 dumpCertificate := dumpCmd.Bool("cert", false, "Dump certificate directory") 50 dumpReloc := dumpCmd.Bool("reloc", false, "Dump relocation table") 51 dumpDebug := dumpCmd.Bool("debug", false, "Dump debug infos") 52 dumpTLS := dumpCmd.Bool("tls", false, "Dump TLS") 53 dumpLoadCfg := dumpCmd.Bool("loadconfig", false, "Dump load configuration table") 54 dumpBoundImport := dumpCmd.Bool("bound", false, "Dump bound import table") 55 dumpIAT := dumpCmd.Bool("iat", false, "Dump IAT") 56 dumpDelayedImport := dumpCmd.Bool("delay", false, "Dump delay import descriptor") 57 dumpCLR := dumpCmd.Bool("clr", false, "Dump CLR") 58 59 verCmd := flag.NewFlagSet("version", flag.ExitOnError) 60 61 if len(os.Args) < 2 { 62 showHelp() 63 } 64 65 switch os.Args[1] { 66 67 case "dump": 68 dumpCmd.Parse(os.Args[3:]) 69 70 cfg := config{ 71 wantDOSHeader: *dumpDOSHdr, 72 wantRichHeader: *dumpRichHdr, 73 wantNTHeader: *dumpNTHdr, 74 wantCOFF: *dumpCOFF, 75 wantDataDirs: *dumpDirs, 76 wantSections: *dumpSections, 77 wantExport: *dumpExport, 78 wantImport: *dumpImport, 79 wantResource: *dumpResource, 80 wantException: *dumpException, 81 wantCertificate: *dumpCertificate, 82 wantReloc: *dumpReloc, 83 wantDebug: *dumpDebug, 84 wantTLS: *dumpTLS, 85 wantLoadCfg: *dumpLoadCfg, 86 wantBoundImp: *dumpBoundImport, 87 wantIAT: *dumpIAT, 88 wantDelayImp: *dumpDelayedImport, 89 wantCLR: *dumpCLR, 90 } 91 92 // Start as many workers you want, default to cpu count -1. 93 numWorkers := runtime.GOMAXPROCS(runtime.NumCPU() - 1) 94 for w := 1; w <= numWorkers; w++ { 95 go loopFilesWorker(cfg) 96 } 97 98 if !isDirectory(os.Args[2]) { 99 // Input path in a single file. 100 parsePE(os.Args[2], cfg) 101 } else { 102 // Input path in a directory. 103 LoopDirsFiles(os.Args[2]) 104 wg.Wait() 105 } 106 107 case "version": 108 verCmd.Parse(os.Args[2:]) 109 fmt.Println("You are using version 1.3.0") 110 default: 111 showHelp() 112 } 113 } 114 115 func showHelp() { 116 fmt.Print( 117 ` 118 ╔═╗╔═╗ ┌─┐┌─┐┬─┐┌─┐┌─┐┬─┐ 119 ╠═╝║╣ ├─┘├─┤├┬┘└─┐├┤ ├┬┘ 120 ╩ ╚═╝ ┴ ┴ ┴┴└─└─┘└─┘┴└─ 121 122 A PE-Parser built for speed and malware-analysis in mind. 123 Brought to you by Saferwall (c) 2018 MIT 124 `) 125 fmt.Println("\nAvailable sub-commands 'dump' or 'version' subcommands") 126 127 os.Exit(1) 128 }