imports/ImHex-Patterns
1
0
Fork 0
mirror of https://github.com/WerWolv/ImHex-Patterns.git synced 2026-03-29 00:10:01 -05:00
Code Issues Packages Projects Releases Wiki Activity
184 Commits 2 Branches 46 Tags
a9ada89bd0204834fb4b4c06e204388bdde624ef
Commit Graph

69 Commits

Author SHA1 Message Date
Nicolás Alvarez
a9ada89bd0 patterns: Minor cleanup to zip pattern (#59) 
* Use spaces instead of tabs in zip.hexpat

* patterns: minor cleanup to ZIP pattern

- Remove empty and unused CentralDirectoryEntry struct.
- Shorten the comment of CentralDirectoryFileHeader.fileOffset. It was so
  long that the tooltip overflowed my screen, and didn't really add much
  information.
- Small whitespace changes.
 2022-11-14 22:46:28 +01:00
Fredrick Brennan
e7ea6fd77f patterns: Added APNG support to PNG pattern (#53) 2022-11-10 10:36:46 +01:00
Fredrick Brennan
ff3c796de8 patterns: Added sRGB, zTXt, tEXt support to PNG pattern (#55) 
* patterns: png.hexpat: APNG support

* patterns: png.hexpat: +sRGB, zTXt, tEXt
 2022-11-10 10:23:42 +01:00
lieyanqzu
0c83764f24 patterns: Fix java class pattern and update to javase17 format (#56) 
fix java class pattern and update to javase17 format
 2022-11-10 10:23:06 +01:00
fr0ntlin3
3b1b7cc379 patterns: Fixed ELF pattern for 32-bit files (#51) 
Co-authored-by: z <z>
 2022-11-06 18:36:37 +01:00
gmestanley
49be43e0e1 patterns: Making pe.hexpat even better (#52) 
* Update pe.hexpat

Implementing a number of things and fixing others

* Update pe.hexpat

Adding the readonlyData pattern

* Update pe.hexpat

Testing putting the number of tabs on Github to 4 instead of 8 (so that comments on the code for the Sections don't break)

* Update pe.hexpat

Reverting change that turned out to be needless

* Update pe.hexpat

Actually sending the `products[while($ != richHeaderEndPosition)]` to `products[while($ < richHeaderEndPosition)]` change
 2022-10-30 12:07:54 +01:00
Nik
16eebea2fb patterns: Added USB Descriptor pattern 2022-10-09 12:46:29 +02:00
Florian Limberger
6cb208d975 patterns: Added pattern for ID3 tags (#48) 
* Add naive first implementation of ID3 patterns

* Refine string handling a bit

* Optimize structs using the static keyword

* Add MIME type pragma and update README
 2022-10-09 12:26:34 +02:00
Nik
665c50b914 patterns: Fixed minidump pattern formatting 2022-10-08 11:20:46 +02:00
Nik
dba93afe06 patterns: Fixed duplicate variable names 2022-09-21 16:34:23 +02:00
Nik
2cfd3c43a7 patterns: Added x-dosexec MIME type to PE pattern 2022-09-13 15:57:34 +02:00
Nik
4bda291de1 patterns: Added minidump pattern 2022-09-13 13:26:50 +02:00
Nik
44216762fd patterns: Added msgpack pattern 2022-09-08 13:29:55 +02:00
Nik
3621144815 patterns: Added BSON pattern 2022-09-07 14:42:38 +02:00
Nik
cfc6a442de patterns: Added basic FLAC metadata pattern 2022-09-07 09:42:51 +02:00
Nik
62b1eb927e patterns: Added Xilinx bitstream pattern 2022-09-05 22:09:23 +02:00
Nik
2baae9c5f6 patterns: Added MIME types to ELF pattern 2022-09-04 23:01:31 +02:00
Nik
fc997133a1 patterns: Fix use of std::core::Endian 2022-09-04 20:26:46 +02:00
Nik
935a26e9f9 patterns: Fixed parsing of WAV files generated by AudaCity 
Thanks to @rikogeln
 2022-09-04 17:45:39 +02:00
Nik
60c5f795a0 patterns: Greatly improve ELF pattern 2022-09-04 14:15:41 +02:00
Nik
a9d6c882ac patterns: Replaced tabs with spaces in lnk pattern 2022-09-02 23:21:40 +02:00
Nik
7ecfcd446d patterns: Added Microsoft Shell Link pattern 2022-09-02 23:13:43 +02:00
Nik
64136ba16c tests: Added correct ntag test file 2022-09-02 17:22:40 +02:00
Nik
1e45938887 patterns: Added NTAG pattern 2022-09-02 17:14:23 +02:00
Nik
f32b162647 patterns: Added VHDX pattern 2022-08-31 15:08:32 +02:00
WerWolv
a178509b3c patterns: Added stl pattern 2022-08-29 15:23:43 +02:00
WerWolv
7ee489237d patterns: Added Ogg pattern 2022-08-29 15:02:08 +02:00
WerWolv
9fec10000a patterns: Fixed ZigZag encoding in protobuf pattern 2022-08-28 19:07:30 +02:00
WerWolv
b0d8b81861 patterns: Added protobuf pattern 2022-08-28 13:51:58 +02:00
ThePixelCoder
c7fbb661ae patterns: Add GNU program types to ELF (#35) 2022-08-27 12:51:45 +02:00
jz5
7e19b4cb10 patterns: Fixed chunk size issues in WAV pattern. (#44) 2022-08-27 12:50:53 +02:00
WerWolv
f0963603bf patterns: Added bencode pattern 2022-08-27 12:41:59 +02:00
gmestanley
ece86f1124 patterns: Added enhancements for PE pattern (#41) 
The current pattern file for the PE format doesn't have a lot of the format's quirks, so I decided to code them in after I noticed that it doesn't cover the structure known as Rich Header. (Forgive the garbage code for its ProductType enum, it was the only way I found to make the values appear.)
Here are my sources for the improvements included here:

How the MZ header works and some of its variables' names: [How to determine the size of an PE executable file from headers and or footers](https://stackoverflow.com/questions/34684660/how-to-determine-the-size-of-an-pe-executable-file-from-headers-and-or-footers)
The function of some of the MZ header variables: [https://github.com/corkami/pics/blob/master/binary/pe102.png](PE102 by Corkami)
The existence of sections: [https://github.com/corkami/pics/blob/master/binary/pe101/pe101.png](PE101 by Corkami)
The Machine values for LoongArch processors, the architecture enum and how it's used in the Optional Header, Subsystem types, DLL & Section characteristics, how sections, their line numbers and relocations work: [PE Format](https://docs.microsoft.com/en-us/windows/win32/debug/pe-format#the-rsrc-section)
The Machine values for DECAlphaAXP and i860: [Peering Inside the PE: A Tour of the Win32 Portable Executable File Format](https://docs.microsoft.com/en-us/previous-versions/ms809762(v=msdn.10)#the-pe-header)
How the Rich Header works: [https://www.virusbulletin.com/virusbulletin/2020/01/vb2019-paper-rich-headers-leveraging-mysterious-artifact-pe-format/](VB2019 paper: Rich Headers: leveraging this mysterious artifact of the PE format)
Values of products in the Rich Header: [https://securelist.com/the-devils-in-the-rich-header/84348/](The devil’s in the Rich header)
Every other value not found in the above source: Ghidra
 2022-08-10 15:06:10 +02:00
WerWolv
ce2b4d60ca patterns: Added very basic MBR and FAT32 filesystem pattern 2022-08-10 14:36:06 +02:00
WerWolv
0b15299980 patterns: Remove [[static]] attribute from non-static struct in elf pattern 2022-08-07 21:40:54 +02:00
Oded Shapira
65f2b7821b patterns: Fix typo in pe.hexpat (#39) 
Fixed a typo where it said numberOfRelactions to numberOfRelocations.
 2022-08-04 23:49:26 +02:00
WerWolv
660da67e3b patterns: Removed [[static]] attribute from ARFile struct 2022-07-31 14:53:03 +02:00
WerWolv
9e4a1d1d96 git: Fixed line endings of all files 2022-07-26 08:48:01 +02:00
WerWolv
f40943c8cd patterns: Added UF2 pattern 2022-07-08 12:31:54 +02:00
WerWolv
48dd8f68ca patterns: Removed text/plain MIME type from intel hex pattern 2022-06-27 20:40:23 +02:00
WerWolv
f708d192fb patterns: Added Ethernet II Frame pattern 2022-03-17 22:45:18 +01:00
WerWolv
08ace38914 patterns: Added vdf pattern 2022-03-17 00:11:54 +01:00
Lukas Cone
49c4023ce7 patterns: fix bitfields (#33) 2022-03-01 17:02:32 +01:00
Lukas Cone
9c476383ed patterns: improve WAV pattern (#31) 2022-02-19 17:57:13 +01:00
Lukas Cone
5ddf0d6705 patterns: Added ISO pattern (#30) 2022-02-19 17:57:01 +01:00
Lukas Cone
4e8aec1935 patterns: Add TGA pattern (#29) 2022-02-13 01:05:44 +01:00
Lukas Cone
5e069eb265 patterns: Added DDS pattern (#28) 2022-02-12 16:31:13 +01:00
Quentin Fan-Chiang
97ccc8c418 patterns: Added PNG Pattern (#27) 
* starting to flesh out a pattern for PNG

* using defines to improve readability

* data type changes to wip png pattern

* read png chunks until end of file

* iccp chunk and commenting

* Move IHDR out of array

* Function and pointer fixes

Co-authored-by: Foster Brereton <fbrereto@adobe.com>
 2022-02-09 16:56:04 +01:00
WerWolv
d8261c013c patterns: Included required stdlib files 2022-01-30 22:30:10 +01:00
Thomas PORTASSAU
00b7c912f2 Updated zip, fixed CDSize (#25) 2022-01-18 00:43:17 +01:00