New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Normalize/remove Unicode characters in file names #920

Merged

psrok1 merged 1 commit into master from fix/normalize-unicode-names

Jul 12, 2024

Member

psrok1 commented Jul 12, 2024

Right now, Drakvuf isn't really good at handling Unicode names, leaving them in native encoding and placing directly into JSON string

JSON decode error occurred when tried to parse injector's logs. Raw log line: b'{"Plugin": "inject", "TimeStamp": "1720614534.086632", "Method": "WriteFile", "Status": "Success", "ProcessName": "C:\\\\Users\\\\user\\\\Desktop\\\\FV-xxx dasdasd Zapytanie o cen\\304\\231 arbejdsmetodes.bat", "Arguments": "dasdasd Zapytanie o cen\\304\\231 arbejdsmetodes.bat", "InjectedPid": 0, "InjectedTid": 0}\n'

As a workaround, this PR converts'/removes Unicode characters into ASCII. If we're left with empty name, random name will be generated.


          Normalize/remove Unicode characters in file names

6613d40

msm-cert approved these changes

View reviewed changes

psrok1 merged commit 31addc9 into master

6 checks passed

psrok1 deleted the fix/normalize-unicode-names branch

July 12, 2024 11:08

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet