forked from Noice2k/NsisDecompiler
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathNsisFile.h
172 lines (133 loc) · 4.23 KB
/
NsisFile.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
#pragma once
#include "stdafx.h"
#include <vector>
#include "Header.h"
#include "Compressor.h"
#include "LZMA.h"
#include "crc32.h"
#include "GlobalVars.h"
struct sfile
{
byte * pointer;
DWORD size;
int offset;
char filename[0x200];
};
static int *cur_langtable;
class CNsisFile
{
public:
CNsisFile(void);
~CNsisFile(void);
// load dump
void LoadDump(char * filename);
// load exe dump
void LoadExeDump(char * filename);
// save all nsis files to disk
void DumpFiles(char * path);
// save exe dump afer changes
void SaveExeDump(char * filename);
// processing header
bool ProcessingHeader();
// the data dump
std::vector<byte> _dump;
// the first header, used to detect the begin of nsis compressed data
firstheader _firstheader;
// the main file header, this header in compressed
header _globalheader;
header _uheader;
// the current offset;
int _offset;
// the dump structure: global_dump = [4 bytes size header dump][header dump][...]
// the global dump
std::vector<byte> _global_dump;
// the header dump
std::vector<byte> _header_dump;
// compressor/decompresor
CCompressor _compressor;
DWORD PE_CRC(DWORD crc, const unsigned char *buf, unsigned int len);
unsigned _crc_offset;
CGlobalVars _global_vars;
//private:
bool LoadPages();
bool LoadSection();
bool LoadEntries();
bool LoadStrings();
bool LoadLandTables();
//
void ProcessingEntries();
void ProcessingFunctions();
void FunctionFormatText(int entstart,std::string functiontype, std::string name);
void CNsisFile::myRegGetStr(HKEY root, const TCHAR *sub, const TCHAR *name, TCHAR *out, int x64);
std::string EntryToString(entry ent);
// decode functions
std::string DecodePushPop(entry ent);
std::string DecodeAssign(entry ent);
std::string DecodeIntOp(entry ent);
std::string DecodeStrCmp(entry ent);
std::string DecodeCall(entry ent);
std::string DecodeNopJump(entry ent);
std::string DecodeExtractFile(entry ent);
std::string DecodeFileOperation(entry ent);
std::string DecodeIfFileExists(entry ent);
std::string DecodeExecute(entry ent);
std::string DecodeCallDllFunction(entry ent);
std::string DecodeStrLen(entry ent);
std::string DecodeSetFlag(entry ent);
std::string DecodeIntCmp(entry ent);
std::string DecodeIntFmt(entry ent);
std::string DecodeFindFiles(entry ent);
std::string DecodeIfFlag(entry ent);
std::string DecodeReadRegStr(entry ent);
std::string DecodeCreateDir(entry ent);
std::string DecodeDeleteFile(entry ent);
std::string DecodeSleep(entry ent);
std::string DecodeGetTempFileName(entry ent);
std::string DecodeMessageBox(entry ent);
std::string FormatFunction(int start);
std::string GetNsisString(int offset,bool isvalue = false);
std::string GetStringFromParm(entry ent,int id,bool isvalue = false);
// install pages
std::vector<page> _nsis_pages;
// install section
std::vector<section> _nsis_section;
// install entries - the executabled code
std::vector<entry> _nsis_entry;
// install entries - the human relabile text code
std::vector<std::string> _nsis_script_code;
// byte array to the stings
std::vector<TCHAR> _nsis_string_table;
std::vector<int> _nsis_launguage_table;
// vector to nsis files (inclide uninstaller, plugins and installation files)
std::vector<sfile> _nsis_files;
std::vector<int> _nsis_function_entry;
//////////////////////////////////////////////////////////////////////////
//
// PE variables and funcrions
private:
// all variables for PE format start from _pe_
// full exe file dump
std::vector<byte> _pe_full_dump;
// msdos file header
IMAGE_DOS_HEADER _pe_dos_header;
// msdos stab - short programm to show string "this progamm dont work in msdos"
std::vector<byte> _pe_msdos_stub;
// PE file header
IMAGE_NT_HEADERS _pe_nt_header;
// vector of sections
std::vector<IMAGE_SECTION_HEADER> _pe_section_headers;
// .text
std::vector<unsigned char> _pe_dot_text_section;
// .rdata
std::vector<byte> _pe_dot_rdata_section;
// .data
std::vector<byte> _pe_dot_data_section;
// .rsrc
std::vector<byte> _pe_dot_rsrc_section;
// .reloc
std::vector<byte> _pe_dot_reloc_section;
// Certificate tabel
std::vector<byte> _pe_certificatr_table;
// resource table
std::vector<byte> _pe_resource_table;
};