imports/ImHex-Patterns
1
0
Fork 0
mirror of https://github.com/WerWolv/ImHex-Patterns.git synced 2026-03-28 07:47:02 -05:00
Code Issues Packages Projects Releases Wiki Activity
121 Commits 2 Branches 46 Tags
7ecfcd446d4f64c1b078423d26a46012593fa549
Commit Graph

48 Commits

Author SHA1 Message Date
Nik
7ecfcd446d patterns: Added Microsoft Shell Link pattern 2022-09-02 23:13:43 +02:00
Nik
64136ba16c tests: Added correct ntag test file 2022-09-02 17:22:40 +02:00
Nik
1e45938887 patterns: Added NTAG pattern 2022-09-02 17:14:23 +02:00
Nik
f32b162647 patterns: Added VHDX pattern 2022-08-31 15:08:32 +02:00
WerWolv
a178509b3c patterns: Added stl pattern 2022-08-29 15:23:43 +02:00
WerWolv
7ee489237d patterns: Added Ogg pattern 2022-08-29 15:02:08 +02:00
WerWolv
9fec10000a patterns: Fixed ZigZag encoding in protobuf pattern 2022-08-28 19:07:30 +02:00
WerWolv
b0d8b81861 patterns: Added protobuf pattern 2022-08-28 13:51:58 +02:00
ThePixelCoder
c7fbb661ae patterns: Add GNU program types to ELF (#35) 2022-08-27 12:51:45 +02:00
jz5
7e19b4cb10 patterns: Fixed chunk size issues in WAV pattern. (#44) 2022-08-27 12:50:53 +02:00
WerWolv
f0963603bf patterns: Added bencode pattern 2022-08-27 12:41:59 +02:00
gmestanley
ece86f1124 patterns: Added enhancements for PE pattern (#41) 
The current pattern file for the PE format doesn't have a lot of the format's quirks, so I decided to code them in after I noticed that it doesn't cover the structure known as Rich Header. (Forgive the garbage code for its ProductType enum, it was the only way I found to make the values appear.)
Here are my sources for the improvements included here:

How the MZ header works and some of its variables' names: [How to determine the size of an PE executable file from headers and or footers](https://stackoverflow.com/questions/34684660/how-to-determine-the-size-of-an-pe-executable-file-from-headers-and-or-footers)
The function of some of the MZ header variables: [https://github.com/corkami/pics/blob/master/binary/pe102.png](PE102 by Corkami)
The existence of sections: [https://github.com/corkami/pics/blob/master/binary/pe101/pe101.png](PE101 by Corkami)
The Machine values for LoongArch processors, the architecture enum and how it's used in the Optional Header, Subsystem types, DLL & Section characteristics, how sections, their line numbers and relocations work: [PE Format](https://docs.microsoft.com/en-us/windows/win32/debug/pe-format#the-rsrc-section)
The Machine values for DECAlphaAXP and i860: [Peering Inside the PE: A Tour of the Win32 Portable Executable File Format](https://docs.microsoft.com/en-us/previous-versions/ms809762(v=msdn.10)#the-pe-header)
How the Rich Header works: [https://www.virusbulletin.com/virusbulletin/2020/01/vb2019-paper-rich-headers-leveraging-mysterious-artifact-pe-format/](VB2019 paper: Rich Headers: leveraging this mysterious artifact of the PE format)
Values of products in the Rich Header: [https://securelist.com/the-devils-in-the-rich-header/84348/](The devil’s in the Rich header)
Every other value not found in the above source: Ghidra
 2022-08-10 15:06:10 +02:00
WerWolv
ce2b4d60ca patterns: Added very basic MBR and FAT32 filesystem pattern 2022-08-10 14:36:06 +02:00
WerWolv
0b15299980 patterns: Remove [[static]] attribute from non-static struct in elf pattern 2022-08-07 21:40:54 +02:00
Oded Shapira
65f2b7821b patterns: Fix typo in pe.hexpat (#39) 
Fixed a typo where it said numberOfRelactions to numberOfRelocations.
 2022-08-04 23:49:26 +02:00
WerWolv
660da67e3b patterns: Removed [[static]] attribute from ARFile struct 2022-07-31 14:53:03 +02:00
WerWolv
9e4a1d1d96 git: Fixed line endings of all files 2022-07-26 08:48:01 +02:00
WerWolv
f40943c8cd patterns: Added UF2 pattern 2022-07-08 12:31:54 +02:00
WerWolv
48dd8f68ca patterns: Removed text/plain MIME type from intel hex pattern 2022-06-27 20:40:23 +02:00
WerWolv
f708d192fb patterns: Added Ethernet II Frame pattern 2022-03-17 22:45:18 +01:00
WerWolv
08ace38914 patterns: Added vdf pattern 2022-03-17 00:11:54 +01:00
Lukas Cone
49c4023ce7 patterns: fix bitfields (#33) 2022-03-01 17:02:32 +01:00
Lukas Cone
9c476383ed patterns: improve WAV pattern (#31) 2022-02-19 17:57:13 +01:00
Lukas Cone
5ddf0d6705 patterns: Added ISO pattern (#30) 2022-02-19 17:57:01 +01:00
Lukas Cone
4e8aec1935 patterns: Add TGA pattern (#29) 2022-02-13 01:05:44 +01:00
Lukas Cone
5e069eb265 patterns: Added DDS pattern (#28) 2022-02-12 16:31:13 +01:00
Quentin Fan-Chiang
97ccc8c418 patterns: Added PNG Pattern (#27) 
* starting to flesh out a pattern for PNG

* using defines to improve readability

* data type changes to wip png pattern

* read png chunks until end of file

* iccp chunk and commenting

* Move IHDR out of array

* Function and pointer fixes

Co-authored-by: Foster Brereton <fbrereto@adobe.com>
 2022-02-09 16:56:04 +01:00
WerWolv
d8261c013c patterns: Included required stdlib files 2022-01-30 22:30:10 +01:00
Thomas PORTASSAU
00b7c912f2 Updated zip, fixed CDSize (#25) 2022-01-18 00:43:17 +01:00
WerWolv
5ec2c64eda patterns: Added Nintendo Switch PRODINFO pattern 2021-12-09 14:13:54 -08:00
WerWolv
91609bd3b4 patterns: Added Icon/Cursor image pattern 2021-11-28 15:09:30 +01:00
WerWolv
19a0c7143a patterns: Added ARM Cortex M vector table pattern (#23) 2021-11-28 15:09:30 +01:00
WerWolv
b2ff4dc4c0 patterns: Added Nintendo Switch NRO format pattern (#22) 
* add intel_hex format (#15)

* pattern: Added Nintendo Switch NACP file format pattern (#21)

* patterns: Added Nintendo Switch NRO format pattern

Co-authored-by: Matt Farstad <matthewwilliamfarstad@gmail.com>
 2021-11-28 15:09:30 +01:00
WerWolv
3160e592b5 patterns: Java class pattern tabs -> spaces 2021-11-21 10:51:56 +01:00
WerWolv
a10170c697 pattern: Added Java class pattern 2021-11-21 00:45:10 +01:00
WerWolv
c24f1f28d2 pattern: Added Nintendo Switch NACP file format pattern (#21) 2021-10-17 23:30:33 +02:00
Matt Farstad
9da4707ac3 add intel_hex format (#15) 2021-10-17 19:30:56 +02:00
WerWolv
4eff8460ba includes: Added pattern language standard library (#19) 
* libstd: Initial standard library work

bit operations, fixed point, numeric limits and math functions

* libstd: Added ctype, rustint, stdint and string library, expand bit, fxpt and math library

* patterns: Drastically improve ELF pattern

* patterns: Added atmosphere AFE2

* patterns: tabs -> spaces

* patterns: Added archive file pattern
 2021-09-30 12:55:42 +02:00
Fabian Wahlster
0bed03fd88 Pattern for SPIR-V 1.5 rev 4 (#17) 
* Patter for SPIR-V 1.5 rev 4

* Merge headers into spirv.hexpat

* use padding for Version
 2021-06-17 16:52:18 +02:00
Ilja van Sprundel
d672934033 Add pcap support to hex patterns (#16) 
* Add initial pcap support 

Assumes little endian and fixed to 1000 packets, but it's a start.

* update readme for pcap entry

added initial pcap support
 2021-06-02 16:08:25 +02:00
WerWolv
7c3db44abc patterns: Fix removal of nextAfter builtin function 2021-05-22 00:03:05 +02:00
ThisALV
72ea939745 patterns: Handle application/x-sharedlib mime-type as ELF binary (#13) 
* Fix : Added pragma for multiple PE MIME types.

* Use magic db instead of application/octet-stream MIME-type.

* Fix: handles shared libs mime type as ELF format

* Updates README.md for new ELF mime-type
 2021-04-20 21:52:13 +02:00
Quentin Fan-Chiang
0488b98b88 Patterns for .zip files and .wav files (#12) 
* create .wav file pattern

* create .zip file pattern

* update readme with wav and zip

* update some names in wav pattern
 2021-03-30 20:55:52 +02:00
Matthias Mailänder
92d0abc57d Add a simple BMP parser. (#11) 2021-03-30 20:55:14 +02:00
ThisALV
2f41f6e233 Improved PE patterns for both x86 and x64 files. (#9) 
* Improved PE patterns for both x86 and x64 files.

Added sections table and data directories.
Support for 64bits binaries.
Separated files for 32bits and 64bits binaries.

* Deleted old PE pattern.

* Single file used for both PE32 and PE32+.

Change FORMAT preprocessor constant to switch mode.

* Improved sections table localization.

Using recently added nextAfter() builtin-function to locate sections
table.

* Automatic detection for 64bits executables.

Automatically detect if PE32+ format is enabled by checking machine
value.

* Updated README.md for single PE hexpat file.

* Use String for sections name.

* Remove silly usage of define preprocessor.
 2021-01-24 14:31:51 +01:00
ThisALV
bec4233ff6 Fixed ELF header pattern (#7) 
* Fixed ELF header pattern

* Fix : missing pattern offset
 2020-12-21 21:03:59 +01:00
Matt Farstad
f93971dfe4 Added MIDI pattern (#5) 2020-12-12 00:29:36 +01:00
WerWolv
f2d85fd506 Uploaded currently available files 2020-12-03 21:49:54 +01:00