Skip to content
This repository has been archived by the owner on Sep 21, 2024. It is now read-only.

Faile to PE file validation #8

Open
fullstackreverser opened this issue Jan 6, 2023 · 1 comment
Open

Faile to PE file validation #8

fullstackreverser opened this issue Jan 6, 2023 · 1 comment

Comments

@fullstackreverser
Copy link

First of all, Thanks for managing this project.
I tested on assessing the capability of the Windows Defender as VBA on EXCEL. and this project was the most helpful to me. but I found some issues with PE file validation.
The validation routine was perfect but when parsing the file to memory I saw an error occurred.
Fortunately, given my efforts, I was able to resolve the issues. so let me show you my code could you give me PR authority?

@Sunr1seSun
Copy link

' --------------------------------------------------------------------------------
' Method:    FileToByteArray
' Desc:      Reads a file as a Byte array
' Arguments: strFilename - Fullname of the file as a String (ex:
'                'C:\Windows\System32\cmd.exe')
' Returns:   The content of the file as a Byte array
' --------------------------------------------------------------------------------
Private Function FileToByteArray(strFilename As String) As Byte()
    ' File content to String
    Dim strFileContent As String
    Dim iFile As Integer: iFile = FreeFile
    Open strFilename For Binary Access Read As #iFile
        strFileContent = Space(FileLen(strFilename))
        Get #iFile, , strFileContent
    Close #iFile
    
    ' String to Byte array
    Dim baFileContent() As Byte
    baFileContent = StrConv(strFileContent, vbFromUnicode)

    FileToByteArray = baFileContent
End Function

Here is where the problem occurs, invisible characters cannot be accurately restored to binary data, you can try to read binary data directly. I have never written vb before, the code is for reference purposes only.

Private Function FileToByteArray(strFilename As String) As Byte()
    Dim baFileContent() As Byte
    Dim iFile As Integer: iFile = FreeFile
    Open strFilename For Binary Access Read As #iFile
        ReDim baFileContent(0 To LOF(iFile) - 1)
        Get #iFile, , baFileContent
    Close #iFile

    FileToByteArray = baFileContent
End Function

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants