Skip to content

sjkim1127/Unlicense_rs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
crates
crates
 
 
docs/changelog
docs/changelog
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Unlicense_rs

This repository is a Rust migration workspace based on the reference project in vendor/unlicense.

The codebase is organized as a multi-crate Cargo workspace rather than a single src package. It already includes the main project structure plus partial implementations for the CLI flow, core orchestration, PE analysis, process abstractions, and import-recovery logic.

Workspace Layout

  • crates/unlicense-cli: clap-based CLI entry point
  • crates/unlicense-core: execution orchestration, configuration, and exit code mapping
  • crates/unlicense-process: ProcessController trait and shared process-related types
  • crates/unlicense-pe: PE parsing, version detection, section probing, and dump utilities
  • crates/unlicense-imports: wrapper detection, IAT discovery/repair, and hash-based helper logic
  • crates/unlicense-emulation: abstraction layer for wrapped API resolution
  • crates/unlicense-frida: Frida backend interface and bundled resource slot

Current Status

  • Cargo workspace structure is in place
  • unlicense-core::run(config) is implemented
  • Themida/WinLicense 2.x and 3.x version detection is implemented
  • .text section probing, pointer helpers, and basic dump APIs are implemented
  • A Rust draft of wrapper detection and IAT repair logic is implemented
  • Mock-based unit tests are included

Not finished yet:

  • No native Frida backend implementation yet
  • No real Unicorn-based emulation yet
  • No production-grade PE rebuild/post-processing equivalent to LIEF/Scylla yet
  • The default CLI currently fails at runtime with a Frida backend unavailable error

In other words, the project is currently in a "Rust workspace with migrated structure and core control flow" state, but it is not yet a fully working unpacker.

CLI

The current CLI shape is:

cargo run -p unlicense-cli -- <pe_to_dump> [--verbose] [--pause-on-oep] [--no-imports] [--force-oep <rva>] [--target-version <2|3>] [--timeout <sec>]

Example:

cargo run -p unlicense-cli -- sample.exe --verbose --target-version 3

Build

cargo check --workspace

Test

cargo test --workspace

Notes

  • The vendor/ directory is reference-only. The root workspace is the actual development target.
  • The initial target platform is Windows x86/x64.
  • The implementation follows a Rust-crates-first strategy, while native dependency boundaries are isolated into dedicated crates.

Next Steps

  • Implement real process spawn/attach/OEP tracing in unlicense-frida
  • Add a real wrapped-API resolution engine in unlicense-emulation
  • Add usable dump rebuild/fix logic in unlicense-pe
  • Expand integration testing and manual validation with real PE samples

About

This is a Rust-based Themida/WinLicense 2.x / 3.x unpacking tool, built as a successor to the ergrelet/unlicense project.

Topics

rust scylla rust-lang dump frida unpacker themida

Resources

Readme

License

MIT license
Activity

Stars

4 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages