mirror of
https://github.com/moonD4rk/HackBrowserData.git
synced 2026-05-19 18:58:03 +02:00
slimwang
c3d30b9e8a
* build(abe): add zig-cc payload build system + C reflective loader * feat(abe): add reflective injector and Go ABE key-retriever primitives * feat(abe): wire ABERetriever into DefaultRetriever chain + --abe-key CLI * feat(abe): route Chromium v20 ciphertext through AES-GCM with ABE key
33 lines
539 B
Go
33 lines
539 B
Go
//go:build windows
|
|
|
|
package injector
|
|
|
|
import (
|
|
"bytes"
|
|
"debug/pe"
|
|
"fmt"
|
|
)
|
|
|
|
type Arch string
|
|
|
|
const (
|
|
ArchAMD64 Arch = "amd64"
|
|
Arch386 Arch = "386"
|
|
ArchUnknown Arch = "unknown"
|
|
)
|
|
|
|
func DetectPEArch(peBytes []byte) (Arch, error) {
|
|
f, err := pe.NewFile(bytes.NewReader(peBytes))
|
|
if err != nil {
|
|
return ArchUnknown, fmt.Errorf("parse PE: %w", err)
|
|
}
|
|
switch f.Machine {
|
|
case pe.IMAGE_FILE_MACHINE_AMD64:
|
|
return ArchAMD64, nil
|
|
case pe.IMAGE_FILE_MACHINE_I386:
|
|
return Arch386, nil
|
|
default:
|
|
return ArchUnknown, nil
|
|
}
|
|
}
|