Windows 目录文件由全局属性集合和每个文件属性集合组成,然后对这些属性集合进行数字签名并用于在安装过程中验证 Windows 驱动程序包。
\n要访问文件中存储的信息,您可以使用和.cat中的 Windows API 。WinTrust.dllbcrypt.dll
解析文件的示例.cat:
//\n// \xc2\xa9 2023 by Igor Levicki. All Rights Reserved.\n//\n// License : MIT NO-AI\n//\n// Permission is hereby granted, free of charge, to any person obtaining a copy of this software\n// and associated documentation files (the \xe2\x80\x9cSoftware\xe2\x80\x9d), to deal in the Software without restriction,\n// including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,\n// and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so.\n//\n// Permission is not granted to use this software or any of the associated files as sample data for the\n// purposes of building machine learning models.\n//\n// THE SOFTWARE IS PROVIDED \xe2\x80\x9cAS IS\xe2\x80\x9d, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT\n// LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.\n// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,\n// WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE\n// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n//\n\n#include <Windows.h>\n#include <mscat.h>\n#include <WinTrust.h>\n#include <mssip.h>\n\n#pragma comment(lib, "wintrust.lib")\n#pragma comment(lib, "bcrypt.lib")\n\nint wmain(int argc, wchar_t *argv[])\n{\n HCRYPTPROV hProv;\n\n if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, 0)) {\n DWORD Error = GetLastError();\n if (Error == NTE_BAD_KEYSET) {\n if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET)) {\n return 1;\n }\n }\n }\n\n HANDLE hCat = CryptCATOpen(L"nv_disp.cat", CRYPTCAT_OPEN_EXISTING, hProv, CRYPTCAT_VERSION_1, 0);\n\n // Enumerate global catalog attributes (entries shown in General tab)\n CRYPTCATATTRIBUTE *pCatAttr = NULL;\n\n for (pCatAttr = CryptCATEnumerateCatAttr(hCat, pCatAttr); pCatAttr != NULL; pCatAttr = CryptCATEnumerateCatAttr(hCat, pCatAttr)) {\n // TODO: Do what you want with global attributes here\n }\n\n // Enumerate catalog members (entries shown in Security Catalog tab under Catalog Entries)\n CRYPTCATMEMBER *pMember = NULL;\n\n for (pMember = CryptCATEnumerateMember(hCat, pMember); pMember != NULL; pMember = CryptCATEnumerateMember(hCat, pMember)) {\n // Member ReferenceTag is essentially a hash (SHA1, SHA256, ...) of a catalog member\n wprintf(L"Reference Tag : %s\\n", pMember->pwszReferenceTag);\n\n // EXAMPLE #1:\n // Get a specific attribute of a catalog member by name ("File" in this case represents filename)\n CRYPTCATATTRIBUTE *pFileAttr = CryptCATGetAttrInfo(hCat, pMember, L"File");\n // Get the filename\n wchar_t *FileName = (wchar_t*)pFileAttr->pbValue;\n\n // EXAMPLE #2:\n // Enumerate all attributes of a catalog member (entries shown in Security Catalog tab under Entry Details)\n CRYPTCATATTRIBUTE *pAttr = NULL;\n\n for (pAttr = CryptCATEnumerateAttr(hCat, pMember, pAttr); pAttr != NULL; pAttr = CryptCATEnumerateAttr(hCat, pMember, pAttr)) {\n // TODO: Do what you want with catalog member attributes here\n }\n }\n\n if (hCat != NULL) {\n CryptCATClose(hCat);\n }\n\n if (hProv != NULL) {\n CryptReleaseContext(hProv, 0);\n }\n \n return 0;\n}\n