Last active
April 27, 2018 13:02
-
-
Save arjunae/2c6aa40fb08eb3760ee7d81ac7f23a00 to your computer and use it in GitHub Desktop.
identify w32/w64 binaries using pure Batch Steampunk
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| mode 112,20 | |
| REM ---------------- Test Batch ----------------- | |
| REM List and Identify Binaries Platform (w32/w64) | |
| REM -------------------------------------------- | |
| echo ... Display executables Platform, starting from current Directory... | |
| echo ... Click outputPane and press Key. | |
| pause >NUL | |
| call :sub_lister | |
| pause | |
| exit /b 0 | |
| REM List all Files, begin from current DIR | |
| :sub_lister | |
| setlocal EnableDelayedExpansion | |
| ECHO Searching for PE Header in files... | |
| FOR /R %%I IN (*.dll) DO ( | |
| set file=%%I | |
| call :sub_platform | |
| ) | |
| FOR /R %%I IN (*.EXE) DO ( | |
| set file=%%I | |
| call :sub_platform | |
| ) | |
| ::runas /noprofile /user:Tho cmd | |
| exit /b 0 | |
| :end_sub | |
| :sub_platform | |
| REM -1 suggests that a binary is compressed | |
| SET PLAT=NIL | |
| SET OFFSET=0 | |
| REM Offsets MSVC/MINGW==120 BORLAND==131 PaCKERS >xxx | |
| for /f "delims=:" %%A in ('findstr /o "^.*PE..L." "%file%"') do ( | |
| if %%A LEQ 200 (SET PLAT=win32) ELSE (SET PLAT=NIL) | |
| if %%A LEQ 200 (SET OFFSET=%%A) ELSE (SET OFFSET=-1) | |
| ) | |
| for /f "delims=:" %%B in ('findstr /o "^.*PE..d." "%file%"') do ( | |
| if %%B LEQ 200 (SET PLAT=win64) ELSE (SET PLAT=NIL) | |
| if %%B LEQ 200 (SET OFFSET=%%B) ELSE (SET OFFSET=-1) | |
| ) | |
| IF PLAT NEQ NIL echo -- [ %PLAT% ] [ %OFFSET% ] %FILE% | |
| exit /b 0 | |
| :end_sub | |
| :freude | |
| :: wait some time... | |
| ping 1.0.3.0 /n 1 /w 2000 >NUL |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment