GP-1864 Added loader for dump files. Initial implementation supports MS

Minidump, Userdump and Pagedump formats.
2025-10-03 17:59:46 +02:00 · 2022-04-05 21:57:43 +00:00 · 2022-04-05 21:57:43 +00:00 · 9b73a785e2
commit 9b73a785e2
parent e55bdc3b8f
83 changed files with 13552 additions and 50 deletions
--- a/Ghidra/Features/FileFormats/ghidra_scripts/ApplyPEToDumpFileScript.java
+++ b/Ghidra/Features/FileFormats/ghidra_scripts/ApplyPEToDumpFileScript.java
@ -0,0 +1,35 @@
+/* ###
+ * IP: GHIDRA
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+//Given a raw binary PE image,
+//this script will create data structures
+//representing the PE header. Including,
+//but not limited to, the PE header,
+//section headers, optional header, etc.
+//@category Binary
+
+import ghidra.app.script.GhidraScript;
+import ghidra.file.formats.dump.cmd.ModuleToPeHelper;
+
+public class ApplyPEToDumpFileScript extends GhidraScript {
+
+	@Override
+	public void run() throws Exception {
+		if (currentProgram != null) {
+			ModuleToPeHelper.queryModules(currentProgram, monitor);
+		}
+	}
+
+}