Windows Jump List 文件解析器

using System; using System.Collections.Generic; using System.IO; using System.Linq; using CommandLine; using CommandLine.Text; using dtformats; using pyolecf;

namespace WindowsJumpListParser { class Program { static void Main(string[] args) { var parser = new Parser(with => with.HelpWriter = null); // Disable default help output var result = parser.ParseArguments(args);

        if (result.Tag == ParserResultType.NotParsed)
        {
            ShowHelp(result); // Show custom help with details
            return;
        }

        var options = ((Parsed<Options>)result).Value;

        try
        {
            if (!ParseAndProcessJumpList(options.Source, options.Debug))
            {
                System.Environment.ExitCode = 1;
                return;
            }
        }
        catch (Exception ex)
        {
            Console.WriteLine($'An error occurred: {ex.Message}');
            System.Environment.ExitCode = 1;
        }
    }

    private static bool ParseAndProcessJumpList(string source, bool debug)
    {
        // Initialize logging
        if (debug)
        {
            Logger.Initialize(LogLevel.Debug);
        }
        else
        {
            Logger.Initialize(LogLevel.Info);
        }

        // Create file system helper
        var fileSystemHelper = new NativeFileSystemHelper();

        // Create output writer
        var outputWriter = new StdoutWriter();

        // Open output writer
        try
        {
            outputWriter.Open();
        }
        catch (IOException ex)
        {
            Console.WriteLine($'Unable to open output writer with error: {ex.Message}');
            return false;
        }

        // Open source file
        var fileObject = fileSystemHelper.OpenFileByPath(source);
        if (fileObject == null)
        {
            Console.WriteLine('Unable to open source file.');
            return false;
        }

        // Check if file is OLECF
        bool isOlecf = false;
        try
        {
            isOlecf = pyolecf.check_file_signature_file_object(fileObject);
        }
        finally
        {
            fileObject.Close();
        }

        // Create appropriate Jump List file object
        JumpListFile jumpListFile;
        if (isOlecf)
        {
            jumpListFile = new AutomaticDestinationsFile(debug, fileSystemHelper, outputWriter);
        }
        else
        {
            jumpListFile = new CustomDestinationsFile(debug, fileSystemHelper, outputWriter);
        }

        // Open Jump List file
        jumpListFile.Open(source);

        // Get Jump List entries
        var jumpListEntries = jumpListFile.GetJumpListEntries().ToList();

        Console.WriteLine('Windows Jump List information:');
        Console.WriteLine($'Number of entries:		{jumpListEntries.Count:d}');
        Console.WriteLine();

        // Print information about each entry
        foreach (var jumpListEntry in jumpListEntries)
        {
            Console.WriteLine($'Entry: {jumpListEntry.identifier}');

            // Print shell items
            bool printHeader = true;
            foreach (var shellItem in jumpListEntry.GetShellItems())
            {
                if (printHeader)
                {
                    Console.WriteLine($'	Shell items:');
                    printHeader = false;
                }

                Console.WriteLine($'		0x{shellItem.class_type:02x}');
            }

            // Print properties
            printHeader = true;
            foreach (var (formatIdentifier, propertyRecord) in jumpListEntry.GetProperties())
            {
                if (printHeader)
                {
                    Console.WriteLine($'	Properties:');
                    printHeader = false;
                }

                Console.WriteLine($'		{{{formatIdentifier}}}/{propertyRecord.entry_type:d}');
            }

            Console.WriteLine();
        }

        // Close Jump List file and output writer
        jumpListFile.Close();
        outputWriter.Close();

        return true;
    }

    private static void ShowHelp(ParserResult<Options> result)
    {
        // Custom help output
        Console.WriteLine(HelpText.AutoBuild(result, h => h.AdditionalNewLineAfterOption = true, e => e));
        Console.WriteLine();
        Console.WriteLine('Usage: WindowsJumpListParser.exe [-d] <source>');
        Console.WriteLine();
        Console.WriteLine('Options:');
        Console.WriteLine('-d, --debug	Enable debug output.');
        Console.WriteLine('<source>		Path of the Windows Jump List file.');
    }
}

[Verb('parse', HelpText = 'Parse a Windows Jump List file.')]
public class Options
{
    [Value(0, MetaName = 'source', Required = true, HelpText = 'Path of the Windows Jump List file.')]
    public string Source { get; set; }

    [Option('d', 'debug', Default = false, HelpText = 'Enable debug output.')]
    public bool Debug { get; set; }
}

public static class Logger
{
    private static LogLevel _logLevel = LogLevel.Info; // Default log level

    public static void Initialize(LogLevel logLevel)
    {
        _logLevel = logLevel;
    }

    public static void Debug(string message)
    {
        if (_logLevel >= LogLevel.Debug)
        {
            Console.WriteLine($'[DEBUG] {message}');
        }
    }

    public static void Info(string message)
    {
        if (_logLevel >= LogLevel.Info)
        {
            Console.WriteLine($'[INFO] {message}');
        }
    }
}

public enum LogLevel
{
    Debug,
    Info
}

} ')