Summary: Constants | Methods | Inherited Methods | [Expand All]

public class

CodelessSignatureManager

extends Object
implements IEventListener

java.lang.Object
↳	com.pnfsoftware.jeb.core.units.code.asm.sig.codeless.CodelessSignatureManager

Class Overview

Manage a set of ExecutableModel, such that an unknown binary can be matched against these models (see {match(INativeCodeUnit, CodelessSignaturePackageEntry)), or identified as containing code from the models (see {identifyLibraries(INativeCodeUnit)).

This manager is intended to be used in post analysis 'one shot' style; in particular it does not keep any storage of already loaded/matched signatures.

Summary

Constants
String	CODELESS_FOLDER_DEFAULT_NAME
String	CODELESS_SIGS_EXTENSION

Public Methods
void	addFolder(File folder, boolean doRescan)
List<CodelessSignaturePackageEntry>	getAvailablePackages() Provides the list of available signature packages entries (never null).
static CodelessSignatureManager	getInstance(IEnginesContext enginesContext)
INativeCodeUnit<IInstruction>	getMatchableUnit() Search first suitable code unit that can be matched, in current project.
LibraryIdentificationResults	identifyLibraries(INativeCodeUnit<IInstruction> codeUnit)
boolean	importState(INativeCodeUnit<IInstruction> codeUnit, MatchingState state)
boolean	isMatched(INativeCodeUnit<IInstruction> codeUnit, CodelessSignaturePackageEntry entry) Check if a signature package has been matched against given code unit.
MatchingState	match(INativeCodeUnit<IInstruction> codeUnit, CodelessSignaturePackageEntry entry) Match given unit against given reference model.
void	onEvent(IEvent event)
void	rescan()
List<CodelessSignaturePackageEntry>	scan() Scan default folder to provide list of available packages.

[Expand]

Inherited Methods

From class java.lang.Object

From interface com.pnfsoftware.jeb.util.events.IEventListener

Constants

public static final String CODELESS_FOLDER_DEFAULT_NAME

Constant Value: "codeless"

public static final String CODELESS_SIGS_EXTENSION

Constant Value: ".codeless-siglib"

Public Methods

public void addFolder (File folder, boolean doRescan)

public List<CodelessSignaturePackageEntry> getAvailablePackages ()

Provides the list of available signature packages entries (never null). The corresponding packages are not necessarily loaded.

public static CodelessSignatureManager getInstance (IEnginesContext enginesContext)

public INativeCodeUnit<IInstruction> getMatchableUnit ()

Search first suitable code unit that can be matched, in current project.

FIXME: replace by a proper search for all compatible units, and let client decides which ones should be matched.

public LibraryIdentificationResults identifyLibraries (INativeCodeUnit<IInstruction> codeUnit)

public boolean importState (INativeCodeUnit<IInstruction> codeUnit, MatchingState state)

public boolean isMatched (INativeCodeUnit<IInstruction> codeUnit, CodelessSignaturePackageEntry entry)

Check if a signature package has been matched against given code unit.

public MatchingState match (INativeCodeUnit<IInstruction> codeUnit, CodelessSignaturePackageEntry entry)

Match given unit against given reference model.

Note that a new Matcher is instantiated each time.

Returns

final matching state, null if matching failed

public void onEvent (IEvent event)

public void rescan ()

public List<CodelessSignaturePackageEntry> scan ()

Scan default folder to provide list of available packages.

This method should be executed once at startup.

Classes

Enums