Updated security/pev to 0.70 Changelog for this version: pev 0.70 - December 26, 2013 ! Missing full/English documentation. ! Missing valid XML and HTML output formats. ! pestr: no support for --net option when parsing unicode strings. ! pestr: unable to handle too big strings. * libpe: rewritten, now using mmap. (Jardel Weyrich). * pestr: added countries domains suffixes. * readpe and peres: output enhancements (Jardel Weyrich). + pehash: sections and headers hash calculation (Jardel Weyrich). + pehash: ssdeep fuzzy hash calculation. + pehash: support for new digest hashes like sha512, ripemd160 and more. + peres: added new tool to analyze/extract PE resources (Marcelo Fleury). + pescan: cpl malware detection. + pescan: undocumented anti-disassembly fpu trick detection. + pesec: show and extract cerfiticates from digitally signed binaries (Jardel Weyrich). - readpe can't show functions exported by ID only. - readpe: fixed subsystem types (Dmitry Mostovenko).diff -r1.2 -r1.3 pkgsrc/security/pev/Makefile
(khorben)
@@ -1,26 +1,27 @@ | @@ -1,26 +1,27 @@ | |||
1 | # $NetBSD: Makefile,v 1.2 2014/12/09 13:26:40 khorben Exp $ | 1 | # $NetBSD: Makefile,v 1.3 2014/12/09 14:37:06 khorben Exp $ | |
2 | # | 2 | # | |
3 | 3 | |||
4 | DISTNAME= pev-0.60 | 4 | DISTNAME= pev-0.70 | |
5 | PKGREVISION= 1 | |||
6 | CATEGORIES= security | 5 | CATEGORIES= security | |
7 | MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=pev/} | 6 | MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=pev/} | |
8 | 7 | |||
8 | WRKSRC= ${WRKDIR}/pev | |||
9 | ||||
9 | MAINTAINER= khorben@defora.org | 10 | MAINTAINER= khorben@defora.org | |
10 | HOMEPAGE= http://pev.sourceforge.net/ | 11 | HOMEPAGE= http://pev.sourceforge.net/ | |
11 | COMMENT= The PE analysis toolkit | 12 | COMMENT= The PE analysis toolkit | |
12 | 13 | |||
13 | LICENSE= gnu-gpl-v3 | 14 | LICENSE= gnu-gpl-v3 | |
14 | 15 | |||
15 | USE_TOOLS+= gmake | 16 | USE_TOOLS+= gmake | |
16 | 17 | |||
18 | .include "../../mk/bsd.prefs.mk" | |||
19 | ||||
17 | MAKE_FLAGS+= DESTDIR=${DESTDIR} | 20 | MAKE_FLAGS+= DESTDIR=${DESTDIR} | |
18 | MAKE_FLAGS+= PREFIX=${PREFIX} | 21 | MAKE_FLAGS+= prefix=${PREFIX} | |
22 | MAKE_FLAGS+= mandir=${PREFIX}/${PKGMANDIR} | |||
19 | AUTO_MKDIRS= yes | 23 | AUTO_MKDIRS= yes | |
20 | 24 | |||
21 | #pre-install: | |||
22 | # ${MKDIR} ${DESTDIR}${PREFIX}/man/man1 | |||
23 | ||||
24 | .include "../../security/openssl/buildlink3.mk" | 25 | .include "../../security/openssl/buildlink3.mk" | |
25 | .include "../../devel/pcre/buildlink3.mk" | 26 | .include "../../devel/pcre/buildlink3.mk" | |
26 | .include "../../mk/bsd.pkg.mk" | 27 | .include "../../mk/bsd.pkg.mk" |
@@ -1,23 +1,25 @@ | @@ -1,23 +1,25 @@ | |||
1 | @comment $NetBSD: PLIST,v 1.1 2014/08/02 14:11:08 khorben Exp $ | 1 | @comment $NetBSD: PLIST,v 1.2 2014/12/09 14:37:06 khorben Exp $ | |
2 | bin/ofs2rva | 2 | bin/ofs2rva | |
3 | bin/pedis | 3 | bin/pedis | |
4 | bin/pehash | 4 | bin/pehash | |
5 | bin/pepack | 5 | bin/pepack | |
6 | bin/peres | |||
6 | bin/pescan | 7 | bin/pescan | |
7 | bin/pesec | 8 | bin/pesec | |
8 | bin/pestr | 9 | bin/pestr | |
9 | bin/readpe | 10 | bin/readpe | |
10 | bin/rva2ofs | 11 | bin/rva2ofs | |
11 | lib/libpe.so | 12 | lib/libpe.so | |
12 | lib/libpe.so.1 | 13 | lib/libpe.so.1 | |
13 | lib/libpe.so.1.0 | 14 | lib/libpe.so.1.0 | |
14 | man/man1/ofs2rva.1 | 15 | man/man1/ofs2rva.1.gz | |
15 | man/man1/pedis.1 | 16 | man/man1/pedis.1.gz | |
16 | man/man1/pehash.1 | 17 | man/man1/pehash.1.gz | |
17 | man/man1/pepack.1 | 18 | man/man1/pepack.1.gz | |
18 | man/man1/pescan.1 | 19 | man/man1/peres.1.gz | |
19 | man/man1/pesec.1 | 20 | man/man1/pescan.1.gz | |
20 | man/man1/pestr.1 | 21 | man/man1/pesec.1.gz | |
21 | man/man1/readpe.1 | 22 | man/man1/pestr.1.gz | |
22 | man/man1/rva2ofs.1 | 23 | man/man1/readpe.1.gz | |
24 | man/man1/rva2ofs.1.gz | |||
23 | share/pev/userdb.txt | 25 | share/pev/userdb.txt |
@@ -1,8 +1,9 @@ | @@ -1,8 +1,9 @@ | |||
1 | $NetBSD: distinfo,v 1.3 2014/12/09 13:26:40 khorben Exp $ | 1 | $NetBSD: distinfo,v 1.4 2014/12/09 14:37:06 khorben Exp $ | |
2 | 2 | |||
3 | SHA1 (pev-0.60.tar.gz) = 8d5e0bafb6dd4da0dcda6837928ad4babb6c8a94 | 3 | SHA1 (pev-0.70.tar.gz) = b2d1191c3b57049c78ef77b8f54f7f78838af129 | |
4 | RMD160 (pev-0.60.tar.gz) = f585355f5971e72f208b56ad0db1ca8ba603f3cd | 4 | RMD160 (pev-0.70.tar.gz) = 9ffe6dccecdfbeba09e34f9a212c2abcf3861ef0 | |
5 | Size (pev-0.60.tar.gz) = 212932 bytes | 5 | Size (pev-0.70.tar.gz) = 254821 bytes | |
6 | SHA1 (patch-lib_libpe_Makefile) = 5adf4a60f3320da9deddf74a740dd152b1810f0a | 6 | SHA1 (patch-Makefile) = 39b31541b2f51e82e9807aed36723105959aa26c | |
7 | SHA1 (patch-src_Makefile) = 3a2aed9ed69b4ce0e6a297d39eb81010f24cab48 | 7 | SHA1 (patch-lib_libpe_Makefile) = 11d1beba07b313a4baf2e95b5b56dfd7da4787f9 | |
8 | SHA1 (patch-src_pepack.c) = 189b2c40a72453e3b1f3cc6efbbebda373bb37b0 | 8 | SHA1 (patch-src_Makefile) = 2f04a23d40c1859ba1094a00822c0a0294fe3e5b | |
9 | SHA1 (patch-src_pepack.c) = acb6dc0d1d9b20c13a61275b4f08f5903fec14f9 |
$NetBSD: patch-Makefile,v 1.1 2014/12/09 14:37:06 khorben Exp $
No longer insist on a particular make(1) flavor
--- Makefile.orig 2013-12-27 10:39:49.000000000 +0000
+++ Makefile
@@ -1,14 +1,14 @@
LIBPE_DIR = lib/libpe
PEV_DIR = src
-MAKE = make
+#MAKE = make
VERSION = 0.70
ZIPFILE = pev-$(VERSION)-win32.zip
# just call each separated Makefile
all:
%:
- cd $(LIBPE_DIR); $(MAKE) $@
- cd $(PEV_DIR); $(MAKE) $@
+ cd $(LIBPE_DIR) && $(MAKE) $@
+ cd $(PEV_DIR) && $(MAKE) $@
# zip rule only Cygwin targets
zip:
@@ -1,27 +1,35 @@ | @@ -1,27 +1,35 @@ | |||
1 | $NetBSD: patch-lib_libpe_Makefile,v 1.1 2014/08/02 14:11:08 khorben Exp $ | 1 | $NetBSD: patch-lib_libpe_Makefile,v 1.2 2014/12/09 14:37:06 khorben Exp $ | |
2 | 2 | |||
3 | Fixed generation and installation of the libpe shared library on NetBSD | 3 | Fixed generation and installation of the libpe shared library on NetBSD | |
4 | 4 | |||
5 | --- lib/libpe/Makefile.orig 2012-10-31 03:59:14.000000000 +0000 | 5 | --- lib/libpe/Makefile.orig 2013-12-27 10:39:52.000000000 +0000 | |
6 | +++ lib/libpe/Makefile | 6 | +++ lib/libpe/Makefile | |
7 | @@ -30,6 +30,8 @@ all: pe.c pe.h | 7 | @@ -70,6 +70,8 @@ libpe: CPPFLAGS += -D_GNU_SOURCE | |
8 | $(CC) -o $(LIBNAME).o $(CFLAGS) $(SRC) | 8 | libpe: $(libpe_OBJS) | |
9 | ifeq ($(PLATFORM_OS), Linux) | 9 | ifeq ($(PLATFORM_OS), Linux) | |
10 | $(CC) -shared -Wl,-soname,$(LIBNAME).so.1 -o $(LIBNAME).so $(LIBNAME).o | 10 | $(LINK) -shared -Wl,-soname,$(LIBNAME).so.1 $(LDFLAGS) -o $(LIBNAME).so $^ | |
11 | +else ifeq ($(PLATFORM_OS), NetBSD) | 11 | +else ifeq ($(PLATFORM_OS), NetBSD) | |
12 | + $(CC) -shared -Wl,-soname,$(LIBNAME).so.1 -o $(LIBNAME).so $(LIBNAME).o | 12 | + $(LINK) -shared -Wl,-soname,$(LIBNAME).so.1 $(LDFLAGS) -o $(LIBNAME).so $^ | |
13 | else ifeq ($(PLATFORM_OS), Darwin) | 13 | else ifeq ($(PLATFORM_OS), Darwin) | |
14 | $(CC) -headerpad_max_install_names -dynamiclib \ | 14 | $(LINK) -headerpad_max_install_names -dynamiclib \ | |
15 | -flat_namespace -install_name $(LIBNAME).$(VERSION).dylib \ | 15 | -flat_namespace -install_name $(LIBNAME).$(VERSION).dylib \ | |
16 | @@ -46,6 +48,11 @@ ifeq ($(PLATFORM_OS), Linux) | 16 | @@ -88,6 +90,10 @@ ifeq ($(PLATFORM_OS), Linux) | |
17 | $(INSTALL) $(LIBNAME).so $(DEST)/$(LIBNAME).so.$(VERSION) | 17 | $(INSTALL_DATA) $(LIBNAME).so $(DEST)/$(LIBNAME).so.$(VERSION) | |
18 | cd $(DEST); $(SYMLINK) $(LIBNAME).so.$(VERSION) $(LIBNAME).so | 18 | cd $(DEST); $(SYMLINK) $(LIBNAME).so.$(VERSION) $(LIBNAME).so | |
19 | cd $(DEST); $(SYMLINK) $(LIBNAME).so.$(VERSION) $(LIBNAME).so.1 | 19 | cd $(DEST); $(SYMLINK) $(LIBNAME).so.$(VERSION) $(LIBNAME).so.1 | |
20 | +else ifeq ($(PLATFORM_OS), NetBSD) | 20 | +else ifeq ($(PLATFORM_OS), NetBSD) | |
21 | + $(STRIP) $(LIBNAME).so | 21 | + $(INSTALL_DATA) $(LIBNAME).so $(DEST)/$(LIBNAME).so.$(VERSION) | |
22 | + $(INSTALL) $(LIBNAME).so $(DEST)/$(LIBNAME).so.$(VERSION) | |||
23 | + cd $(DEST); $(SYMLINK) $(LIBNAME).so.$(VERSION) $(LIBNAME).so | 22 | + cd $(DEST); $(SYMLINK) $(LIBNAME).so.$(VERSION) $(LIBNAME).so | |
24 | + cd $(DEST); $(SYMLINK) $(LIBNAME).so.$(VERSION) $(LIBNAME).so.1 | 23 | + cd $(DEST); $(SYMLINK) $(LIBNAME).so.$(VERSION) $(LIBNAME).so.1 | |
25 | else ifeq ($(PLATFORM_OS), Darwin) | 24 | else ifeq ($(PLATFORM_OS), Darwin) | |
25 | $(INSTALL_DATA) $(LIBNAME).dylib $(DEST)/$(LIBNAME).$(VERSION).dylib | |||
26 | cd $(DEST); $(SYMLINK) $(LIBNAME).$(VERSION).dylib $(LIBNAME).dylib | |||
27 | @@ -102,6 +108,8 @@ installdirs: | |||
28 | strip-binaries: | |||
29 | ifeq ($(PLATFORM_OS), Linux) | |||
30 | $(STRIP) $(LIBNAME).so | |||
31 | +else ifeq ($(PLATFORM_OS), NetBSD) | |||
32 | + $(STRIP) $(LIBNAME).so | |||
33 | else ifeq ($(PLATFORM_OS), Darwin) | |||
26 | $(STRIP) $(LIBNAME).dylib | 34 | $(STRIP) $(LIBNAME).dylib | |
27 | $(INSTALL) $(LIBNAME).dylib $(DEST)/$(LIBNAME).$(VERSION).dylib | 35 | else ifeq ($(PLATFORM_OS), CYGWIN) |
@@ -1,29 +1,29 @@ | @@ -1,29 +1,29 @@ | |||
1 | $NetBSD: patch-src_pepack.c,v 1.1 2014/12/09 13:26:40 khorben Exp $ | 1 | $NetBSD: patch-src_pepack.c,v 1.2 2014/12/09 14:37:06 khorben Exp $ | |
2 | 2 | |||
3 | Fixed the path to userdb.txt (see pkg/49458) | 3 | Fixed the path to userdb.txt (see pkg/49458) | |
4 | 4 | |||
5 | --- src/pepack.c.orig 2012-10-31 03:59:14.000000000 +0000 | 5 | --- src/pepack.c.orig 2013-12-27 10:39:49.000000000 +0000 | |
6 | +++ src/pepack.c | 6 | +++ src/pepack.c | |
7 | @@ -21,6 +21,13 @@ | 7 | @@ -21,6 +21,13 @@ | |
8 | 8 | |||
9 | #include "pepack.h" | 9 | #include "common.h" | |
10 | 10 | |||
11 | +#ifndef PREFIX | 11 | +#ifndef PREFIX | |
12 | +# define PREFIX "/usr" | 12 | +# define PREFIX "/usr" | |
13 | +#endif | 13 | +#endif | |
14 | +#ifndef DATADIR | 14 | +#ifndef DATADIR | |
15 | +# define DATADIR PREFIX "/share" | 15 | +# define DATADIR PREFIX "/share" | |
16 | +#endif | 16 | +#endif | |
17 | + | 17 | + | |
18 | struct options config; | 18 | #define PROGRAM "pepack" | |
19 | static int ind; | 19 | #define MAX_SIG_SIZE 2048 | |
20 | 20 | |||
21 | @@ -119,7 +126,7 @@ bool loaddb(FILE **fp) | 21 | @@ -133,7 +140,7 @@ static bool loaddb(FILE **fp, const opti | |
22 | *fp = fopen(dbfile, "r"); | 22 | *fp = fopen(dbfile, "r"); | |
23 | 23 | if (!*fp) { | ||
24 | if (!*fp) | 24 | // TODO(jweyrich): This might change - Should we use a config.h with a constant from $(SHAREDIR)? | |
25 | - *fp = fopen("/usr/share/pev/userdb.txt", "r"); | 25 | - *fp = fopen("/usr/share/pev/userdb.txt", "r"); | |
26 | + *fp = fopen(DATADIR "/pev/userdb.txt", "r"); | 26 | + *fp = fopen(DATADIR "/pev/userdb.txt", "r"); | |
27 | } | |||
27 | 28 | |||
28 | return (*fp != NULL); | 29 | return *fp != NULL; | |
29 | } |
@@ -1,26 +1,58 @@ | @@ -1,26 +1,58 @@ | |||
1 | $NetBSD: patch-src_Makefile,v 1.2 2014/12/09 13:26:40 khorben Exp $ | 1 | $NetBSD: patch-src_Makefile,v 1.3 2014/12/09 14:37:06 khorben Exp $ | |
2 | 2 | |||
3 | Fixed DESTDIR support | 3 | Fixed DESTDIR support | |
4 | 4 | |||
5 | --- src/Makefile.orig 2013-01-23 12:37:31.000000000 +0000 | 5 | --- src/Makefile.orig 2013-12-27 10:39:49.000000000 +0000 | |
6 | +++ src/Makefile | 6 | +++ src/Makefile | |
7 | @@ -20,15 +20,17 @@ RM = rm -f | 7 | @@ -56,7 +56,8 @@ ifeq ($(PLATFORM_OS), Darwin) | |
8 | SOURCES = output.c | 8 | endif | |
9 | PROGS = readpe pedis pepack pescan rva2ofs pesec ofs2rva pestr pehash pestr | |||
10 | INSTALL = install -m 0755 | |||
11 | -SHAREDIR = /usr/share/pev | |||
12 | +SHAREDIR = $(DESTDIR)$(PREFIX)/share/pev | |||
13 | MAN = ../doc/manpages | |||
14 | -MANDIR = /usr/share/man/man1 | |||
15 | +MANDIR = $(DESTDIR)$(PREFIX)/man/man1 | |||
16 | 9 | |||
17 | ####### Build rules | 10 | PROGS = readpe rva2ofs ofs2rva pehash pesec pescan pepack pestr pedis peres | |
11 | -SHAREDIR = $(datadir)/pev | |||
12 | +MAN1DIR = $(DESTDIR)$(man1dir) | |||
13 | +SHAREDIR = $(DESTDIR)$(datadir)/pev | |||
14 | LIBPE = $(srcdir)/../lib/libpe | |||
15 | LIBUDIS86 = $(srcdir)/../lib/libudis86 | |||
16 | LIBFUZZY = $(srcdir)/../lib/libfuzzy | |||
17 | @@ -68,6 +69,8 @@ MANDIR = $(srcdir)/../doc/manpages | |||
18 | 18 | |||
19 | # 'make' will compile all binaries | |||
20 | all: $(PROGS) | 19 | all: $(PROGS) | |
21 | 20 | |||
22 | +pepack: CPPFLAGS += -DPREFIX=\"$(PREFIX)\" | 21 | +pepack: CPPFLAGS += -DPREFIX=\"$(prefix)\" | |
23 | + | 22 | + | |
24 | pestr: CPPFLAGS += -D_GNU_SOURCE=1 | 23 | pesec: LDFLAGS += -lcrypto | |
25 | pestr: LDFLAGS += -lpcre | 24 | pesec: compat/strlcat.c | |
26 | pestr: pestr.c | 25 | ||
26 | @@ -85,13 +88,13 @@ pescan: LDFLAGS += -lm | |||
27 | # Generic rule matching binary names and sources | |||
28 | ||||
29 | %: %.c | |||
30 | - $(CC) $(CFLAGS) $(DFLAGS) output.c malloc_s.c $^ -o $@ $(LDFLAGS) | |||
31 | + $(CC) $(CPPFLAGS) $(CFLAGS) $(DFLAGS) output.c malloc_s.c $^ -o $@ $(LDFLAGS) | |||
32 | ||||
33 | install: installdirs | |||
34 | for prog in $(PROGS); do \ | |||
35 | - $(INSTALL_PROGRAM) -m 755 $$prog $(DEST); \ | |||
36 | + $(INSTALL_PROGRAM) -m 755 $$prog $(DEST)/$$prog; \ | |||
37 | $(CHK_FILE_EXISTS) $(MANDIR)/$$prog$(man1ext) && \ | |||
38 | - gzip -c -9 $(MANDIR)/$$prog$(man1ext) > $(man1dir)/$$prog$(man1ext).gz || \ | |||
39 | + gzip -c -9 $(MANDIR)/$$prog$(man1ext) > $(MAN1DIR)/$$prog$(man1ext).gz || \ | |||
40 | echo -n; \ | |||
41 | done | |||
42 | # TODO: Should we copy it anyway if it already exists? | |||
43 | @@ -99,13 +102,13 @@ install: installdirs | |||
44 | ||||
45 | installdirs: | |||
46 | @$(CHK_DIR_EXISTS) $(DEST) || $(MKDIR) $(DEST) | |||
47 | - @$(CHK_DIR_EXISTS) $(man1dir) || $(MKDIR) $(man1dir) | |||
48 | + @$(CHK_DIR_EXISTS) $(MAN1DIR) || $(MKDIR) $(MAN1DIR) | |||
49 | @$(CHK_DIR_EXISTS) $(SHAREDIR) || $(MKDIR) $(SHAREDIR) | |||
50 | ||||
51 | uninstall: | |||
52 | for prog in $(PROGS); do \ | |||
53 | $(RM) $(DEST)/$$prog; \ | |||
54 | - $(RM) $(man1dir)/$$prog$(man1ext).gz; \ | |||
55 | + $(RM) $(MAN1DIR)/$$prog$(man1ext).gz; \ | |||
56 | done | |||
57 | ||||
58 | clean: |