Added ps1xml file for Get-ILDisassembly

Output from Get-ILDisassembly is slightly cleaner.

Author: Matt Graeber

ReverseEngineering/Get-ILDisassembly.format.ps1xml

@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<Configuration>
+    <ViewDefinitions>
+        <View>
+            <Name>ILInstructionView</Name>
+            <ViewSelectedBy>
+		        <TypeName>IL_INSTRUCTION</TypeName>
+		    </ViewSelectedBy>
+            <TableControl>
+            <AutoSize/>
+                <TableHeaders>
+                    <TableColumnHeader>
+                        <Label>Position</Label>
+                    </TableColumnHeader>
+                    <TableColumnHeader>
+                        <Label>Instruction</Label>
+                    </TableColumnHeader>
+                    <TableColumnHeader>
+                        <Label>Operand</Label>
+                    </TableColumnHeader>
+                </TableHeaders>
+                <TableRowEntries>
+                    <TableRowEntry>
+                        <TableColumnItems>
+                            <TableColumnItem>
+                                <PropertyName>Position</PropertyName>
+                            </TableColumnItem>
+                            <TableColumnItem>
+                                <PropertyName>Instruction</PropertyName>
+                            </TableColumnItem>
+                            <TableColumnItem>
+                                <PropertyName>Operand</PropertyName>
+                            </TableColumnItem>
+                        </TableColumnItems>
+                    </TableRowEntry>
+                </TableRowEntries>
+            </TableControl>
+        </View>
+    </ViewDefinitions>
+</Configuration>

ReverseEngineering/Get-ILDisassembly.ps1

@@ -201,8 +201,11 @@ http://www.ecma-international.org/publications/files/ECMA-ST/Ecma-335.pdf
         }
 
         # Return a custom object containing a position, instruction, and fully-qualified operand
-        New-Object PSObject -Property $Instruction
+        $InstructionObject = New-Object PSObject -Property $Instruction
+        $InstructionObject.PSObject.TypeNames.Insert(0, 'IL_INSTRUCTION')
 
+        $InstructionObject
+
         # Adjust the position in the opcode array accordingly
         $Position += $OperandLength
     }

ReverseEngineering/ReverseEngineering.psd1

@@ -52,7 +52,7 @@ PowerShellVersion = '2.0'
 # TypesToProcess = @()
 
 # Format files (.ps1xml) to be loaded when importing this module
-FormatsToProcess = 'Get-PEB.format.ps1xml', 'Get-NtSystemInformation.format.ps1xml'
+FormatsToProcess = 'Get-PEB.format.ps1xml', 'Get-NtSystemInformation.format.ps1xml', 'Get-ILDisassembly.format.ps1xml'
 
 # Modules to import as nested modules of the module specified in RootModule/ModuleToProcess
 # NestedModules = @()
@@ -76,7 +76,7 @@ ModuleList = @(@{ModuleName = 'ReverseEngineering'; ModuleVersion = '1.0.0.0'; G
 FileList = 'ReverseEngineering.psm1', 'ReverseEngineering.psd1', 'Get-ILDisassembly.ps1', 'Get-NtSystemInformation.format.ps1xml',
                'Get-NtSystemInformation.ps1', 'Get-Member.ps1', 'Get-MethodAddress.ps1', 'Get-PEB.format.ps1xml',
                'Get-PEB.ps1', 'Get-Strings.ps1', 'Get-StructFromMemory.ps1', 'ConvertTo-String.ps1',
-               'New-Object.ps1', 'Usage.md'
+               'New-Object.ps1', 'Get-ILDisassembly.format.ps1xml', 'Usage.md'
 
 # Private data to pass to the module specified in RootModule/ModuleToProcess
 # PrivateData = ''