Code Monkey home page Code Monkey logo

javapeparser's Introduction

PE Parser

A simple PE parser written in Java that returns detailed warnings and errors.

Usage

First, create an input stream.

// Stream from file
CadesStreamReader stream = new CadesFileStream(new File("peFile.dll"));
// Stream from bytes
CadesStreamReader stream = new CadesBufferStream(peFileBytes);
// Or, make your own stream by implementing CadesStreamReader

Next, attempt to parse the PE headers (and print any errors or warnings).

// Print the error on failure
PeImage pe = PeImage.read(stream).ifErr(err -> {
    System.out.println("Error: " + err);
}).ifOk(val -> { // Print any warnings after parsing
    for (ParseError warning : val.warnings)
        System.out.println("Warning: " + warning);
}).getOkOrDefault(null); // Return the parsed value, or null

Now, you can print any info.

if (pe != null) {
    System.out.println("is64bit: " + pe.ntHeaders.is64bit());

    pe.imports.ifOk(imports -> {
        for (LibraryImports lib : imports) {
            System.out.printf("%s imports from \"%s\":%n", lib.entries.size(), lib.name);
            for (ImportEntry entry : lib.entries)
                System.out.printf("\tname=%s, ordinal=%s%n", entry.name, entry.ordinal);
        }
    }).ifErr(err -> System.out.printf("No imports: %s%n", err.toString()));

    pe.exports.ifOk(exports -> {
        System.out.printf("This file exports under the library name \"%s\"%n", exports.name);
        for (ExportEntry entry : exports.entries)
            System.out.printf("\tname=%s, ordinal=%s%n", entry.name, entry.ordinal);
    }).ifErr(err -> System.out.printf("No exports: %s%n", err.toString()));
}

More usage

Much of the data in a portable executable is optional. Optional data uses the ParseResult class, which holds either a value or ParseError object. There are multiple ways to handle ParseResult.

You can manually check for values and errors accordingly.

ParseResult<ArrayList<LibraryImports>> imports = pe.imports;
if (imports.isOk())
    printImports(imports.getOk());
else
    System.out.println(imports.getErr());

You can ignore any errors and only use the ok values (when available).

pe.imports.ifOk(imports -> printImports(imports));

Or, you can use a classic null check (and log errors on the side).

ArrayList<LibraryImports> imports = pe.imports
        .ifErr(err -> System.out.println(err)) // Optional call
        .getOkOrDefault(null);

if (imports != null)
    printImports(imports);

Commit reminders

  • Update version in pom.xml
  • Compile with mvn package

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.