From e9b22e9ae2391d1dc362501c282248945b3ca467 Mon Sep 17 00:00:00 2001 From: bitform Date: Sun, 20 Jan 2013 08:56:37 -0500 Subject: Removed logic in scripts to load ps1xml files * Now that PETools and ReverseEngineering are both full-fledged modules with proper manifests, the manifests will take care of loading the appropriate ps1xml files. * Added Usage.txt to ReverseEngineering module. --- PETools/Get-PEHeader.ps1 | 7 ------- ReverseEngineering/Get-KernelModuleInfo.ps1 | 8 -------- ReverseEngineering/Get-PEB.ps1 | 11 ----------- ReverseEngineering/ReverseEngineering.psd1 | 2 +- ReverseEngineering/Usage.txt | 12 ++++++++++++ 5 files changed, 13 insertions(+), 27 deletions(-) create mode 100644 ReverseEngineering/Usage.txt diff --git a/PETools/Get-PEHeader.ps1 b/PETools/Get-PEHeader.ps1 index 354b675..49bfbd6 100644 --- a/PETools/Get-PEHeader.ps1 +++ b/PETools/Get-PEHeader.ps1 @@ -99,13 +99,6 @@ http://www.exploit-monday.com/2012/07/get-peheader.html ) PROCESS { - - # Apply custom view to the PE header format only if file exists and has not yet been applied - $FormatFilePath = Join-Path $PsScriptRoot 'PETools.Format.ps1xml' - - if ((Test-Path $FormatFilePath) -and !(Get-FormatData PEHeader)) { - Update-FormatData -PrependPath $FormatFilePath - } switch ($PsCmdlet.ParameterSetName) { 'OnDisk' { diff --git a/ReverseEngineering/Get-KernelModuleInfo.ps1 b/ReverseEngineering/Get-KernelModuleInfo.ps1 index 0704919..f6f8221 100644 --- a/ReverseEngineering/Get-KernelModuleInfo.ps1 +++ b/ReverseEngineering/Get-KernelModuleInfo.ps1 @@ -48,14 +48,6 @@ To display the output as seen in the example, ensure that Get-KernelModuleInfo.f http://www.exploit-monday.com #> - # Load custom object formatting views - $FormatPath = try { Join-Path $PSScriptRoot Get-KernelModuleInfo.format.ps1xml } catch {} - # Don't load format ps1xml if it doesn't live in the same folder as this script - if ($FormatPath -and (Test-Path $FormatPath)) - { - Update-FormatData -PrependPath (Join-Path $PSScriptRoot Get-KernelModuleInfo.format.ps1xml) - } - $Domain = [AppDomain]::CurrentDomain $DynAssembly = New-Object System.Reflection.AssemblyName('TestAssembly') $AssemblyBuilder = $Domain.DefineDynamicAssembly($DynAssembly, [System.Reflection.Emit.AssemblyBuilderAccess]::Run) diff --git a/ReverseEngineering/Get-PEB.ps1 b/ReverseEngineering/Get-PEB.ps1 index 6dbd55a..dbb95a0 100644 --- a/ReverseEngineering/Get-PEB.ps1 +++ b/ReverseEngineering/Get-PEB.ps1 @@ -57,17 +57,6 @@ http://msdn.microsoft.com/en-us/library/windows/desktop/aa813706(v=vs.85).aspx { Set-StrictMode -Version 2 - # Load custom object formatting views - if (Test-Path .\Get-PEB.format.ps1xml) - { - Update-FormatData -PrependPath .\Get-PEB.format.ps1xml -ErrorAction SilentlyContinue - } - else - { - try { Update-FormatData -PrependPath (Join-Path $PSScriptRoot Get-PEB.format.ps1xml) -ErrorAction SilentlyContinue } - catch { Write-Warning 'To ensure proper output display, place Get-PEB.format.ps1xml in the same folder as this script.' } - } - $mscorlib = [AppDomain]::CurrentDomain.GetAssemblies() | ? { $_.FullName.Split(',')[0].ToLower() -eq 'mscorlib' } $Win32Native = $mscorlib.GetTypes() | ? { $_.FullName -eq 'Microsoft.Win32.Win32Native' } diff --git a/ReverseEngineering/ReverseEngineering.psd1 b/ReverseEngineering/ReverseEngineering.psd1 index 3ad890d..5a1d567 100644 --- a/ReverseEngineering/ReverseEngineering.psd1 +++ b/ReverseEngineering/ReverseEngineering.psd1 @@ -75,7 +75,7 @@ ModuleList = @(@{ModuleName = 'ReverseEngineering'; ModuleVersion = '1.0.0.0'; G # List of all files packaged with this module FileList = 'ReverseEngineering.psm1', 'ReverseEngineering.psd1', 'Get-ILDisassembly.ps1', 'Get-KernelModuleInfo.format.ps1xml', 'Get-KernelModuleInfo.ps1', 'Get-Member.ps1', 'Get-MethodAddress.ps1', 'Get-PEB.format.ps1xml', - 'Get-PEB.ps1', 'Get-Strings.ps1', 'Get-StructFromMemory.ps1' + 'Get-PEB.ps1', 'Get-Strings.ps1', 'Get-StructFromMemory.ps1', 'Usage.txt' # Private data to pass to the module specified in RootModule/ModuleToProcess # PrivateData = '' diff --git a/ReverseEngineering/Usage.txt b/ReverseEngineering/Usage.txt new file mode 100644 index 0000000..dcfae6d --- /dev/null +++ b/ReverseEngineering/Usage.txt @@ -0,0 +1,12 @@ +To install this module, drop the entire PETools folder into one of your module directories. The default PowerShell module paths are listed in the $Env:PSModulePath environment variable. + +The default per-user module path is: "$Env:HomeDrive$Env:HOMEPATH\Documents\WindowsPowerShell\Modules" +The default computer-level module path is: "$Env:windir\System32\WindowsPowerShell\v1.0\Modules" + +To use the module, type `Import-Module ReverseEngineering` + +To see the commands imported, type `Get-Command -Module ReverseEngineering` + +For help on each individual command, Get-Help is your friend. + +Note: The tools contained within this module were all designed such that they can be run individually. Including them in a module simply lends itself to increased portability. \ No newline at end of file -- cgit v1.2.3