Skip to content

Releases: pan-unit42/dotnetfile

Release v0.2.9

10 Sep 09:39
@TheEnergyStory TheEnergyStory
v0.2.9
21d7f12

Choose a tag to compare

View all tags
Release v0.2.9 Latest
Latest

New

  • get_assembly_attributes() that returns all assembly attributes
  • get_assembly_attributes_with_values() that returns common assembly attributes and their values by @th3spis in #14
  • get_assembly_attribute_value() that returns value of a given assembly attribute
  • #Blob stream custom attributes parser with signature (element) types and calling convention definitions
  • get_fully_qualified_memberref_names() that returns fully qualified MemberRef names by @th3spis in #12
  • get_assemblyref_names_with_versions() that returns AssemblyRef names and their versions by @gitgitwhat in #11
  • Internal get_reasonable_display_unicode_string_for_bytes() that returns Unicode string from bytes by @cauliflowerdoughnuts in #13
  • get_token_strings() that returns all strings from a token
  • is_reference_assembly() that checks if an assembly is a reference assembly
  • stream_name_padding_bytes_patched anti-parsing check
  • Internal methods (_blob_signature_helper() -> code cleanup, _get_metadata_table_row_size() -> monkey patch fix)
  • Directory support for dotnetfile_dump.py example
  • Added example scripts as console commands (dotnetfile_dump, dotnetfile_disassemble)

Improvements

  • Custom attributes parsing in parse_blob_stream()
  • Skip interface type and more delegate methods in get_entry_points()
  • Better Unicode string conversion in parse_us_stream() by @cauliflowerdoughnuts in #13
  • Minor improvements (get_memberref_hash(), read_reasonable_string(), get_reasonable_display_string_for_bytes(), added missing typings)
  • Better support for stream names with patched padding bytes (anti analysis trick) in field_text()

Fixed

  • Better support for empty and corrupted methods in _get_method_header_information()
  • Better boundary checks in _is_reader_position_valid()
  • Get correct row sizes for special assemblies in _get_metadata_table_row_size()
  • Better support for corrupted resources in parse_dotnet_resources() and _read_serialized_string()
  • Updated documentation and dotnetfile_dump.py with new methods

Contributors

gitgitwhat, th3spis, and cauliflowerdoughnuts
Assets 2
Loading

Release v0.2.4

29 Aug 19:44
@TheEnergyStory TheEnergyStory
v0.2.4
c7ce2c5

Choose a tag to compare

View all tags
Release v0.2.4

New

  • Fast-load
  • Added method header parser to get RVA, header/code size and raw IL bytes
  • Added (internal) get_user_string() method by @tbeadle in #3
  • Detection and support for more anti metadata/parsing tricks (mixed case stream names, invalid entries in MethodDef table, maximum length exceeding strings in #Strings stream)
  • Available on PyPI by @daddycocoaman in #2
  • Simple disassembler code example

Improvements

  • get_string() method better handles obfuscator tricks
  • DotNetPEParser handles PathLike objects by @mariesosa in #4
  • Better error handling for corrupt resources

Fixed

  • Fixed sorting in TypeRef hash method
  • Typo fixes in documentation by @botherder @julupu in #5 and #6
  • Various other small fixes

Contributors

botherder, tbeadle, and 3 other contributors
Loading