mirrors/Detect-It-Easy
2
0
Fork 0
mirror of https://github.com/horsicq/Detect-It-Easy.git synced 2026-06-24 01:54:08 +00:00
Code Issues Projects Releases Packages Wiki Activity

Database fix & update

Browse source
This commit is contained in:
DosX 2024-11-17 12:47:34 +03:00
commit d47f69a001
35 changed files with 199 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

2
db/Amiga/DeliTracker.1.sg
View file

@ -9,4 +9,6 @@ function detect() {
bDetected = true;
sOptions = "Startup code";
}
return result();
}

5
db/Binary/archive.Unity.1.sg
View file

@ -68,4 +68,7 @@ function detect() {
bDetected = true;
}
}
}}
}
return result();
}

2
db/Binary/archive.ZLIB.1.sg
View file

@ -8,5 +8,5 @@ function detect() {
if (detect_zlib(Binary, 0)) {
sName = "ZLIB data";
bDetected = true;
};
}
}

5
db/Binary/audio.VOC.1.sg
View file

@ -135,4 +135,7 @@ function detect() {
if (X.isVerbose()) {
sOption(addEllipsis(info.join('; '), 0x200, 0x100));
sOption(outSz(sz), 'sz:')
}}
}
return result();
}

5
db/Binary/bin.GameMaps.1.sg
View file

@ -7,4 +7,7 @@ init("format", "GameMaps (TED editor)");
function detect() {
if (Binary.compare("'TED5v1.0'")) {
bDetected = true;
}}
}
return result();
}

17
db/COM/Datalight_C.4.sg
View file

@ -1,16 +1,15 @@
// Detect It Easy: detection rule file
// Author: hypn0 <hypn0@mail.ru>
init("compiler","Datalight/Northwest C");
init("compiler", "Datalight/Northwest C");
function detect()
{
if(Binary.compare("eb$$fab8....b9....d3e88cc903c18ed88c06....8bd82b1e....891e....268b1e....2bd881fb....72..bb....8bd003d342b1..d3e38ed08be381eb....81fb....77"))
{
sVersion="3.10 S";
sOptions="by Walter Bright";
bDetected=1;
function detect() {
if (Binary.compare("eb$$fab8....b9....d3e88cc903c18ed88c06....8bd82b1e....891e....268b1e....2bd881fb....72..bb....8bd003d342b1..d3e38ed08be381eb....81fb....77")) {
sVersion = "3.10 S";
sOptions = "by Walter Bright";
bDetected = 1;
}
_setLang("C", bDetected);
}
return result();
}

8
db/MACH/Virbox.2.sg
View file

@ -4,8 +4,10 @@
init("packer", "Virbox");
function detect() {
var nSection = MACH.getSectionNumber("__vdata");
if (nSection != -1) {
if (MACH.getSectionNumber("__vdata") != -1) {
sVersion = "Virbox Protector";
bDetected = true;
}}
}
return result();
}

2
db/PE/ACProtect.2.sg
View file

@ -25,4 +25,6 @@ function detect() {
sVersion = "1.X";
bDetected = true;
}
return result();
}

5
db/PE/Adobe_installers.1.sg
View file

@ -26,4 +26,7 @@ function detect() {
}
}
}
}}
}
return result();
}

14
db/PE/AutorunProEnterprise.1.sg
View file

@ -3,12 +3,14 @@
init("Installer", "Autorun Pro Enterprise");
function detect() {
bDetected = true;
if (!PE.isSectionNamePresent(".rsrc") || PE.isSectionNamePresent("CODE")) {
return null;
}
var n1 = PE.findString(PE.section[".rsrc"].FileOffset, PE.section[".rsrc"].FileSize, "9AutoRunObjects");
var n2 = PE.findString(PE.section[".rsrc"].FileOffset, PE.section[".rsrc"].FileSize, "AutoRunObjects");
if (n1 == -1 && n2 == -1) {
bDetected = false;
}}
if (PE.findString(PE.section[".rsrc"].FileOffset, PE.section[".rsrc"].FileSize, "9AutoRunObjects") !== -1 &&
PE.findString(PE.section[".rsrc"].FileOffset, PE.section[".rsrc"].FileSize, "AutoRunObjects") !== -1) {
bDetected = true;
}
return result();
}

5
db/PE/AverCryptor.2.sg
View file

@ -16,4 +16,7 @@ function detect() {
}
bDetected = true;
}
}}
}
return result();
}

5
db/PE/BattleshipCrypter.2.sg
View file

@ -6,4 +6,7 @@ function detect() {
if (PE.compareEP("6818144000E8F0FFFFFF0000000000003000000038000000000000007A88CD659A43264D8DF747BE8615237F")) {
sVersion = "v1.0";
bDetected = true;
}}
}
return result();
}

5
db/PE/Blizzard_PrePatch.1.sg
View file

@ -9,4 +9,7 @@ function detect() {
sVersion = "2.xx";
bDetected = true;
}
}}
}
return result();
}

5
db/PE/BulletProofSoft_installer.1.sg
View file

@ -8,4 +8,7 @@ function detect() {
if (PE.compareOverlay("1f8b08", 0x3000)) {
bDetected = true;
}
}}
}
return result();
}

5
db/PE/Denuvo.2.sg
View file

@ -91,4 +91,7 @@ function detect() {
bDetected = true;
}
}
}}
}
return result();
}

5
db/PE/Gentee_Installer.1.sg
View file

@ -29,4 +29,7 @@ function detect() {
}
if (PE.compareEP("558bec81ec........5356576a..ff15........68........ff15........85c074..6a..a1........50ff15........8bf06a..56ff15")) {
bDetected = true;
}}
}
return result();
}

5
db/PE/GoldSrc.3.sg
View file

@ -14,4 +14,7 @@ function detect() {
bDetected = true;
sOptions = "API v" + PE.getString(n3 + 12, n3 + 3);
}}
}
return result();
}

5
db/PE/Huan.1.sg
View file

@ -6,4 +6,7 @@ init("cryptor", "Huan");
function detect() {
if (PE.isSectionNamePresent(".huan")) {
bDetected = true;
}}
}
return result();
}

5
db/PE/I-D_Media_installer.1.sg
View file

@ -9,4 +9,7 @@ function detect() {
sVersion = "1.0.0.13";
bDetected = true;
}
}}
}
return result();
}

5
db/PE/Microsoft_dotNET_installer.1.sg
View file

@ -10,4 +10,7 @@ function detect() {
sOptions = "7zip";
bDetected = true;
}
}}
}
return result();
}

3
db/PE/NetReactor.2.sg
View file

@ -99,4 +99,5 @@ function detect() {
_setResult("protector", ".NET Reactor", version, options);
}
}}
}
}

5
db/PE/Nuitka.1.sg
View file

@ -20,4 +20,7 @@ function detect() {
bDetected = true;
sOptions = "OneFile";
}
}}
}
return result();
}

5
db/PE/PELock.2.sg
View file

@ -41,4 +41,7 @@ function detect() {
if (clc > 0 && stc > 0 && movzx != 0 && (sub > imul || sub == 0 && imul == 0) && bt == 0 && bsf == 0) {
bDetected = true;
}
}}
}
return result();
}

2
db/PE/Photo_Compiler.2.sg
View file

@ -10,4 +10,6 @@ function detect(bShowType, bShowOptions) {
bDetected = true;
}
}
return result();
}

5
db/PE/PwdProtect.2.sg
View file

@ -5,4 +5,7 @@ init("protector", "PwdProtect");
function detect() {
if (PE.isSectionNamePresent(".pwdprot")) {
bDetected = true;
}}
}
return result();
}

5
db/PE/Squishy.2.sg
View file

@ -5,4 +5,7 @@ init("packer", "Squishy");
function detect() {
if (PE.isSectionNamePresent("logicoma")) {
bDetected = true;
}}
}
return result();
}

5
db/PE/SwiftView_installer.1.sg
View file

@ -9,4 +9,7 @@ function detect() {
sVersion = "6.1";
bDetected = true;
}
}}
}
return result();
}

5
db/PE/TheArk.2.sg
View file

@ -5,4 +5,7 @@ init("packer", "TheArk");
function detect() {
if (PE.isSectionNamePresent("adr") && PE.isSectionNamePresent("have") && PE.isSectionNamePresent("30cm") && PE.isSectionNamePresent(".tw")) {
bDetected = true;
}}
}
return result();
}

5
db/PE/UFI_installer.1.sg
View file

@ -2,12 +2,13 @@
// Author: A.S.L. <asl@onet.eu> 2020.09.30
// Exeinfo Pe - don't detect this installer
init("installer", "UFI installer(Flash tool)");
init("installer", "UFI installer");
function detect() {
if ((PE.compareEP("558BEC")) && (PE.resource["BINFILE"]) && (PE.resource["BINFILE_2"])) {
sVersion = "1.x";
sVersion = "1.X, Flash";
bDetected = true;
}
return result();
}

2
db/PE/VMProtect.2.sg
View file

@ -150,6 +150,8 @@ function detect() {
sOptions = "DS";
}
}
return result();
}
function detectVMP(sSectionName) {

5
db/PE/WiX_Toolset_installer.1.sg
View file

@ -15,4 +15,7 @@ function detect() {
sVersion = "1.0";
bDetected = true;
}
}}
}
return result();
}

9
db/PE/Xash.3.sg
View file

@ -8,11 +8,12 @@ function detect() {
return null;
}
if (PE.findString(PE.section[".data"].FileOffset, PE.section[".data"].FileSize, "Xash Error") != -1 &&
PE.findString(PE.section[".data"].FileOffset, PE.section[".data"].FileSize, "xash.dll") != -1 &&
PE.findString(PE.section[".data"].FileOffset, PE.section[".data"].FileSize, "Unable to load the xash.dll") != -1) {
bDetected = true;
var dataSection = PE.section[".data"];
if (PE.findString(dataSection.FileOffset, dataSection.FileSize, "Xash Error") != -1 &&
PE.findString(dataSection.FileOffset, dataSection.FileSize, "xash.dll") != -1 &&
PE.findString(dataSection.FileOffset, dataSection.FileSize, "Unable to load the xash.dll") != -1) {
bDetected = true;
}
return result();

5
db/PE/inPEct.1.sg
View file

@ -4,4 +4,7 @@ function detect() {
if (PE.compareEP("E8000000005D5583C5208BF58BFEB9......00BA........AD8BD833C2C1C20703D3ABE2F3")) {
sVersion = "1.1";
bDetected = true;
}}
}
return result();
}

1
db/PE/DockerDesktopInstaller.1.sg → db_extra/PE/DockerDesktopInstaller.1.sg Executable file → Normal file
View file

@ -16,4 +16,5 @@ function detect() {
}
}
return result();
}

70
show-no-result.js Normal file
View file

@ -0,0 +1,70 @@
const fs = require('fs');
const path = require('path');
const { exec } = require('child_process');
// Функция для проверки содержимого файла
function checkFileContent(filePath) {
return new Promise((resolve, reject) => {
fs.readFile(filePath, 'utf8', (err, data) => {
if (err) {
return reject(err);
}
const hasDetectFunction = data.includes('function detect(');
const hasReturnResult = data.includes('return result(');
if (hasDetectFunction && !hasReturnResult) {
resolve(filePath);
} else {
resolve(null);
}
});
});
}
// Функция для обхода папок и поиска файлов
async function findFiles(rootDir, extensions, results = []) {
const files = fs.readdirSync(rootDir);
for (const file of files) {
const filePath = path.join(rootDir, file);
const stat = fs.statSync(filePath);
if (stat.isDirectory()) {
await findFiles(filePath, extensions, results);
} else if (extensions.includes(path.extname(file))) {
const result = await checkFileContent(filePath);
if (result) {
results.push(result);
}
}
}
return results;
}
// Основная функция для поиска файлов в указанных папках
async function main() {
const directories = ['db', 'db_extra', 'db_custom'];
const extensions = ['.sg'];
let results = [];
for (const dir of directories) {
if (fs.existsSync(dir)) {
const dirResults = await findFiles(dir, extensions);
results = results.concat(dirResults);
}
}
console.log('Files matching criteria:');
results.forEach(file => {
console.log(file);
exec(`code ${file}`, (err) => {
if (err) {
console.error(`Error opening file ${file}:`, err);
}
});
});
}
main().catch(err => console.error(err));