search

EricZimmerman / JLECmd

Automatic and Custom Destinations jump list parser with Windows 10 support
MIT License
74 stars 10 forks source link

Lnk.dll not included in release zip #1

Closed wideglide closed 6 years ago

wideglide commented 6 years ago

Lnk.dll is a dependency, but currently not included in the JLECmd.zip. Shouldn't this be included? I get an error without the DLL present.

EricZimmerman commented 6 years ago

No, as it is embedded inside the main executable. i just extracted JLECmd and it processed a jump list without any errors. what is the exact error you are getting?

wideglide commented 6 years ago

Here's the error without Lnk.dll available.

PS C:\WINDOWS\system32> JLECmd.exe -f 'C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestination
s\5f7b5f1e01b83767.automaticDestinations-ms'

Unhandled Exception: System.BadImageFormatException: Could not load file or assembly 'Lnk, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. The module was expected to contain an assembly manifest.
   at JLECmd.Program.Main(String[] args)

Then, after downloading 'Lnk.dll`.

PS C:\WINDOWS\system32> JLECmd.exe -f 'C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinat
ions\f01b4d95cf55d32a.automaticDestinations-ms'
JLECmd version 0.9.9.0

Author: Eric Zimmerman (saericzimmerman@gmail.com)
https://github.com/EricZimmerman/JLECmd

Command line: -f C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms

Processing 'C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms'

Source file: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms

--- AppId information ---
  AppID: f01b4d95cf55d32a
  Description: Windows Explorer Windows 8.1.

--- DestList information ---
  Expected DestList entries:  4
  Actual DestList entries: 4
  DestList version: 4

and version number

PS C:\WINDOWS\system32> JLEcmd.exe

JLECmd version 0.9.9.0

Author: Eric Zimmerman (saericzimmerman@gmail.com)
https://github.com/EricZimmerman/JLECmd
EricZimmerman commented 6 years ago

what was the exact URL you used to get the version that does this? mine both worked with the one on the releases page as well as my main http://ericzimmerman.github.io/ link

wideglide commented 6 years ago

Here's an execution run inside a MSYS shell, but I get the same result from a PowerShell console. 

localuser@CS483-WIN-TMPLT MINGW64 /c/forensics/bin
$ rm Lnk.dll

localuser@CS483-WIN-TMPLT MINGW64 /c/forensics/bin
$ JLECmd.exe

Unhandled Exception: System.BadImageFormatException: Could not load file or assembly 'Lnk, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. The module was expected to contain an assembly manifest.
   at JLECmd.Program.Main(String[] args)

localuser@CS483-WIN-TMPLT MINGW64 /c/forensics/bin
$ rm JLECmd.exe

localuser@CS483-WIN-TMPLT MINGW64 /c/forensics/bin
$ wget https://ericzimmerman.github.io/Software/JLECmd.zip
--2018-01-08 11:46:28--  https://ericzimmerman.github.io/Software/JLECmd.zip
Resolving ericzimmerman.github.io (ericzimmerman.github.io)... 151.101.1.147, 151.101.65.147, 151.101.129.147, ...
Connecting to ericzimmerman.github.io (ericzimmerman.github.io)|151.101.1.147|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1045144 (1021K) [application/zip]
Saving to: ‘JLECmd.zip.1’

JLECmd.zip.1                  100%[=================================================>]   1021K  --.-KB/s    in 0.07s

2018-01-08 11:46:28 (13.4 MB/s) - ‘JLECmd.zip.1’ saved [1045144/1045144]

localuser@CS483-WIN-TMPLT MINGW64 /c/forensics/bin
$ 7za x JLECmd.zip

7-Zip (a) [64] 16.02 : Copyright (c) 1999-2016 Igor Pavlov : 2016-05-21
p7zip Version 16.02 (locale=en_US.UTF-8,Utf16=on,HugeFiles=on,64 bits,4 CPUs x64)

Scanning the drive for archives:
1 file, 1045144 bytes (1021 KiB)

Extracting archive: JLECmd.zip
--
Path = JLECmd.zip
Type = zip
Physical Size = 1045144

Everything is Ok

Size:       1556080
Compressed: 1045144

localuser@CS483-WIN-TMPLT MINGW64 /c/forensics/bin
$ JLECmd.exe

Unhandled Exception: System.BadImageFormatException: Could not load file or assembly 'Lnk, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies. The module was expected to contain an assembly manifest.
   at JLECmd.Program.Main(String[] args)
wideglide commented 6 years ago

FWIW: The binary in the chocolatey packages repo does work as expected.

wideglide commented 6 years ago

OK, resolved - sort of. The presence of Harlan Carvey's lnk.exe in the same directory as JLECmd.exe , causes Windows to want load the resources from it.

ref: https://github.com/keydet89/Tools/tree/master/exe

EricZimmerman commented 6 years ago

Replace his with lecmd and be done with it.

On Jan 8, 2018 12:10 PM, "tr0gd0r" notifications@github.com wrote:

OK, resolved - sort of. The presence of Harlan Carvey's lnk.exe in the same directory as JLECmd.exe , causes Windows to want load the resources from it.

ref: https://github.com/keydet89/Tools/tree/master/exe

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/EricZimmerman/JLECmd/issues/1#issuecomment-356029967, or mute the thread https://github.com/notifications/unsubscribe-auth/AEEVJj4ADZtgq7bXIyTsTinuKsTYi5wqks5tIkwOgaJpZM4RWoAY .

wideglide commented 6 years ago

Certainly its a more functional and up-to-date tool. I was just building a VM for class and putting all the windows command line tools in the same directory.