#!/usr/bin/env ruby

# hdm[at]metasploit.com (c) 2008

emf_type = []
emf_type[0x00000001] = 'EMR_HEADER'
emf_type[0x00000002] = 'EMR_POLYBEZIER'
emf_type[0x00000003] = 'EMR_POLYGON'
emf_type[0x00000004] = 'EMR_POLYLINE'
emf_type[0x00000005] = 'EMR_POLYBEZIERTO'
emf_type[0x00000006] = 'EMR_POLYLINETO'
emf_type[0x00000007] = 'EMR_POLYPOLYLINE'
emf_type[0x00000008] = 'EMR_POLYPOLYGON'
emf_type[0x00000009] = 'EMR_SETWINDOWEXTEX'
emf_type[0x0000000A] = 'EMR_SETWINDOWORGEX'
emf_type[0x0000000B] = 'EMR_SETVIEWPORTEXTEX'
emf_type[0x0000000C] = 'EMR_SETVIEWPORTORGEX'
emf_type[0x0000000D] = 'EMR_SETBRUSHORGEX'
emf_type[0x0000000E] = 'EMR_EOF'
emf_type[0x0000000F] = 'EMR_SETPIXELV'
emf_type[0x00000010] = 'EMR_SETMAPPERFLAGS'
emf_type[0x00000011] = 'EMR_SETMAPMODE'
emf_type[0x00000012] = 'EMR_SETBKMODE'
emf_type[0x00000013] = 'EMR_SETPOLYFILLMODE'
emf_type[0x00000014] = 'EMR_SETROP2'
emf_type[0x00000015] = 'EMR_SETSTRETCHBLTMODE'
emf_type[0x00000016] = 'EMR_SETTEXTALIGN'
emf_type[0x00000017] = 'EMR_SETCOLORADJUSTMENT'
emf_type[0x00000018] = 'EMR_SETTEXTCOLOR'
emf_type[0x00000019] = 'EMR_SETBKCOLOR'
emf_type[0x0000001A] = 'EMR_OFFSETCLIPRGN'
emf_type[0x0000001B] = 'EMR_MOVETOEX'
emf_type[0x0000001C] = 'EMR_SETMETARGN'
emf_type[0x0000001D] = 'EMR_EXCLUDECLIPRECT'
emf_type[0x0000001E] = 'EMR_INTERSECTCLIPRECT'
emf_type[0x0000001F] = 'EMR_SCALEVIEWPORTEXTEX'
emf_type[0x00000020] = 'EMR_SCALEWINDOWEXTEX'
emf_type[0x00000021] = 'EMR_SAVEDC'
emf_type[0x00000022] = 'EMR_RESTOREDC'
emf_type[0x00000023] = 'EMR_SETWORLDTRANSFORM'
emf_type[0x00000024] = 'EMR_MODIFYWORLDTRANSFORM'
emf_type[0x00000025] = 'EMR_SELECTOBJECT'
emf_type[0x00000026] = 'EMR_CREATEPEN'
emf_type[0x00000027] = 'EMR_CREATEBRUSHINDIRECT'
emf_type[0x00000028] = 'EMR_DELETEOBJECT'
emf_type[0x00000029] = 'EMR_ANGLEARC'
emf_type[0x0000002A] = 'EMR_ELLIPSE'
emf_type[0x0000002B] = 'EMR_RECTANGLE'
emf_type[0x0000002C] = 'EMR_ROUNDRECT'
emf_type[0x0000002D] = 'EMR_ARC'
emf_type[0x0000002E] = 'EMR_CHORD'
emf_type[0x0000002F] = 'EMR_PIE'
emf_type[0x00000030] = 'EMR_SELECTPALETTE'
emf_type[0x00000031] = 'EMR_CREATEPALETTE'
emf_type[0x00000032] = 'EMR_SETPALETTEENTRIES'
emf_type[0x00000033] = 'EMR_RESIZEPALETTE'
emf_type[0x00000034] = 'EMR_REALIZEPALETTE'
emf_type[0x00000035] = 'EMR_EXTFLOODFILL'
emf_type[0x00000036] = 'EMR_LINETO'
emf_type[0x00000037] = 'EMR_ARCTO'
emf_type[0x00000038] = 'EMR_POLYDRAW'
emf_type[0x00000039] = 'EMR_SETARCDIRECTION'
emf_type[0x0000003A] = 'EMR_SETMITERLIMIT'
emf_type[0x0000003B] = 'EMR_BEGINPATH'
emf_type[0x0000003C] = 'EMR_ENDPATH'
emf_type[0x0000003D] = 'EMR_CLOSEFIGURE'
emf_type[0x0000003E] = 'EMR_FILLPATH'
emf_type[0x0000003F] = 'EMR_STROKEANDFILLPATH'
emf_type[0x00000040] = 'EMR_STROKEPATH'
emf_type[0x00000041] = 'EMR_FLATTENPATH'
emf_type[0x00000042] = 'EMR_WIDENPATH'
emf_type[0x00000043] = 'EMR_SELECTCLIPPATH'
emf_type[0x00000044] = 'EMR_ABORTPATH'
emf_type[0x00000045] = 'EMR_RESERVED_69'
emf_type[0x00000046] = 'EMR_COMMENT'
emf_type[0x00000047] = 'EMR_FILLRGN'
emf_type[0x00000048] = 'EMR_FRAMERGN'
emf_type[0x00000049] = 'EMR_INVERTRGN'
emf_type[0x0000004A] = 'EMR_PAINTRGN'
emf_type[0x0000004B] = 'EMR_EXTSELECTCLIPRGN'
emf_type[0x0000004C] = 'EMR_BITBLT'
emf_type[0x0000004D] = 'EMR_STRETCHBLT'
emf_type[0x0000004E] = 'EMR_MASKBLT'
emf_type[0x0000004F] = 'EMR_PLGBLT'
emf_type[0x00000050] = 'EMR_SETDIBITSTODEVICE'
emf_type[0x00000051] = 'EMR_STRETCHDIBITS'
emf_type[0x00000052] = 'EMR_EXTCREATEFONTINDIRECTW'
emf_type[0x00000053] = 'EMR_EXTTEXTOUTA'
emf_type[0x00000054] = 'EMR_EXTTEXTOUTW'
emf_type[0x00000055] = 'EMR_POLYBEZIER16'
emf_type[0x00000056] = 'EMR_POLYGON16'
emf_type[0x00000057] = 'EMR_POLYLINE16'
emf_type[0x00000058] = 'EMR_POLYBEZIERTO16'
emf_type[0x00000059] = 'EMR_POLYLINETO16'
emf_type[0x0000005A] = 'EMR_POLYPOLYLINE16'
emf_type[0x0000005B] = 'EMR_POLYPOLYGON16'
emf_type[0x0000005C] = 'EMR_POLYDRAW16'
emf_type[0x0000005D] = 'EMR_CREATEMONOBRUSH'
emf_type[0x0000005E] = 'EMR_CREATEDIBPATTERNBRUSHPT'
emf_type[0x0000005F] = 'EMR_EXTCREATEPEN'
emf_type[0x00000060] = 'EMR_POLYTEXTOUTA'
emf_type[0x00000061] = 'EMR_POLYTEXTOUTW'
emf_type[0x00000062] = 'EMR_SETICMMODE'
emf_type[0x00000063] = 'EMR_CREATECOLORSPACE'
emf_type[0x00000064] = 'EMR_SETCOLORSPACE'
emf_type[0x00000065] = 'EMR_DELETECOLORSPACE'
emf_type[0x00000066] = 'EMR_GLSRECORD'
emf_type[0x00000067] = 'EMR_GLSBOUNDEDRECORD'
emf_type[0x00000068] = 'EMR_PIXELFORMAT'
emf_type[0x00000069] = 'EMR_DRAWESCAPE'
emf_type[0x0000006A] = 'EMR_EXTESCAPE'
emf_type[0x0000006B] = 'EMR_RESERVED_107'
emf_type[0x0000006C] = 'EMR_SMALLTEXTOUT'
emf_type[0x0000006D] = 'EMR_FORCEUFIMAPPING'
emf_type[0x0000006E] = 'EMR_NAMEDESCAPE'
emf_type[0x0000006F] = 'EMR_COLORCORRECTPALETTE'
emf_type[0x00000070] = 'EMR_SETICMPROFILEA'
emf_type[0x00000071] = 'EMR_SETICMPROFILEW'
emf_type[0x00000072] = 'EMR_ALPHABLEND'
emf_type[0x00000073] = 'EMR_SETLAYOUT'
emf_type[0x00000074] = 'EMR_TRANSPARENTBLT'
emf_type[0x00000075] = 'EMR_RESERVED_117'
emf_type[0x00000076] = 'EMR_GRADIENTFILL'
emf_type[0x00000077] = 'EMR_SETLINKEDUFIS'
emf_type[0x00000078] = 'EMR_SETTEXTJUSTIFICATION'
emf_type[0x00000079] = 'EMR_COLORMATCHTOTARGETW'
emf_type[0x0000007A] = 'EMR_CREATECOLORSPACEW'

 
def usage
	$stderr.puts "usage: #{$0} file.emf"
end


while(inp = ARGV.shift())
fd = File.open(inp, 'rb')

begin
while(true)
	otype = fd.read(4).unpack("V")[0]
	osize = fd.read(4).unpack("V")[0]
	odata = fd.read(osize-8)
	
	output = "#{inp} "
	output += emf_type[otype] || sprintf("EMR_UNKNOWN_%.8x", otype)
	output += " #{osize} bytes [ #{odata.unpack("H*")[0]} ]"
	$stdout.puts output
	break if otype == 0x0000000E
end
rescue ::Interrupt
	raise $!
rescue ::Exception
end

fd.close
end