public static byte[] AssembleCode(x86CodeGen codeGen, x86Register reg)
{
var stream = new MemoryStream();
using (var writer = new BinaryWriter(stream))
{
/*
* mov eax, esp
* push ebx
* push edi
* push esi
* sub eax, esp
* cmp eax, 24 ; determine the bitness of platform
* je n
* mov eax, [esp + 4] ; 32 bits => argument in stack
* push eax
* jmp z
* n: push ecx ; 64 bits => argument in register
* z: XXX
* pop esi
* pop edi
* pop ebx
* pop ret
*
*/
writer.Write(new byte[] { 0x89, 0xe0 });
writer.Write(new byte[] { 0x53 });
writer.Write(new byte[] { 0x57 });
writer.Write(new byte[] { 0x56 });
writer.Write(new byte[] { 0x29, 0xe0 });
writer.Write(new byte[] { 0x83, 0xf8, 0x18 });
writer.Write(new byte[] { 0x74, 0x07 });
writer.Write(new byte[] { 0x8b, 0x44, 0x24, 0x10 });
writer.Write(new byte[] { 0x50 });
writer.Write(new byte[] { 0xeb, 0x01 });
writer.Write(new byte[] { 0x51 });
foreach (x86Instruction i in codeGen.Instructions)
{
writer.Write(i.Assemble());
}
if (reg != x86Register.EAX)
{
writer.Write(x86Instruction.Create(x86OpCode.MOV, new x86RegisterOperand(x86Register.EAX), new x86RegisterOperand(reg)).Assemble());
}
writer.Write(new byte[] { 0x5e });
writer.Write(new byte[] { 0x5f });
writer.Write(new byte[] { 0x5b });
writer.Write(new byte[] { 0xc3 });
}
return(stream.ToArray());
}
void Compile(RPContext ctx, out Func <int, int> expCompiled, out MethodDef native)
{
var var = new Variable("{VAR}");
var result = new Variable("{RESULT}");
var int32 = ctx.Module.CorLibTypes.Int32;
native = new MethodDefUser(ctx.Context.Registry.GetService <INameService>().RandomName(), MethodSig.CreateStatic(int32, int32), MethodAttributes.PinvokeImpl | MethodAttributes.PrivateScope | MethodAttributes.Static)
{
ImplAttributes = MethodImplAttributes.Native | MethodImplAttributes.Unmanaged | MethodImplAttributes.PreserveSig
};
ctx.Module.GlobalType.Methods.Add(native);
ctx.Context.Registry.GetService <IMarkerService>().Mark(native, ctx.Protection);
ctx.Context.Registry.GetService <INameService>().SetCanRename(native, false);
x86Register?reg;
var codeGen = new x86CodeGen();
Expression expression;
do
{
ctx.DynCipher.GenerateExpressionPair(
ctx.Random,
new VariableExpression {
Variable = var
}, new VariableExpression {
Variable = result
},
ctx.Depth, out expression, out var inverse);
reg = codeGen.GenerateX86(inverse, (v, r) => { return(new[] { x86Instruction.Create(x86OpCode.POP, new x86RegisterOperand(r)) }); });
} while (reg == null);
var code = CodeGenUtils.AssembleCode(codeGen, reg.Value);
expCompiled = new DMCodeGen(typeof(int), new[] { Tuple.Create("{VAR}", typeof(int)) })
.GenerateCIL(expression)
.Compile <Func <int, int> >();
nativeCodes.Add(Tuple.Create(native, code, (MethodBody)null));
if (!addedHandler)
{
ctx.Context.CurrentModuleWriterListener.OnWriterEvent += InjectNativeCode;
addedHandler = true;
}
}
public void Compile(CFContext ctx)
{
var var = new Variable("{VAR}");
var result = new Variable("{RESULT}");
var int32 = ctx.Method.Module.CorLibTypes.Int32;
native = new MethodDefUser(ctx.Context.Registry.GetService <INameService>().RandomName(), MethodSig.CreateStatic(int32, int32), MethodAttributes.PinvokeImpl | MethodAttributes.PrivateScope | MethodAttributes.Static)
{
ImplAttributes = MethodImplAttributes.Native | MethodImplAttributes.Unmanaged | MethodImplAttributes.PreserveSig
};
// Attempt to improve performance --- failed with StackOverflowException... :/
//var suppressAttr = ctx.Method.Module.CorLibTypes.GetTypeRef("System.Security", "SuppressUnmanagedCodeSecurityAttribute").ResolveThrow();
//native.CustomAttributes.Add(new CustomAttribute((MemberRef)ctx.Method.Module.Import(suppressAttr.FindDefaultConstructor())));
//native.HasSecurity = true;
ctx.Method.Module.GlobalType.Methods.Add(native);
ctx.Context.Registry.GetService <IMarkerService>().Mark(native, ctx.Protection);
ctx.Context.Registry.GetService <INameService>().SetCanRename(native, false);
x86Register?reg;
var codeGen = new x86CodeGen();
do
{
ctx.DynCipher.GenerateExpressionPair(
ctx.Random,
new VariableExpression {
Variable = var
}, new VariableExpression {
Variable = result
},
ctx.Depth, out expression, out inverse);
reg = codeGen.GenerateX86(inverse, (v, r) => { return(new[] { x86Instruction.Create(x86OpCode.POP, new x86RegisterOperand(r)) }); });
} while (reg == null);
code = CodeGenUtils.AssembleCode(codeGen, reg.Value);
expCompiled = new DMCodeGen(typeof(int), new[] { Tuple.Create("{VAR}", typeof(int)) })
.GenerateCIL(expression)
.Compile <Func <int, int> >();
ctx.Context.CurrentModuleWriterListener.OnWriterEvent += InjectNativeCode;
}
public void Compile(CEContext ctx)
{
var var = new Variable("{VAR}");
var result = new Variable("{RESULT}");
CorLibTypeSig int32 = ctx.Module.CorLibTypes.Int32;
native = new MethodDefUser("", MethodSig.CreateStatic(int32, int32), MethodAttributes.PinvokeImpl | MethodAttributes.PrivateScope | MethodAttributes.Static);
native.ImplAttributes = MethodImplAttributes.Native | MethodImplAttributes.Unmanaged | MethodImplAttributes.PreserveSig;
ctx.Module.GlobalType.Methods.Add(native);
ctx.Name.MarkHelper(native, ctx.Marker, ctx.Protection);
x86Register?reg;
var codeGen = new x86CodeGen();
do
{
ctx.DynCipher.GenerateExpressionPair(
ctx.Random,
new VariableExpression {
Variable = var
}, new VariableExpression {
Variable = result
},
4, out expression, out inverse);
reg = codeGen.GenerateX86(inverse, (v, r) => { return(new[] { x86Instruction.Create(x86OpCode.POP, new x86RegisterOperand(r)) }); });
} while (reg == null);
code = CodeGenUtils.AssembleCode(codeGen, reg.Value);
expCompiled = new DMCodeGen(typeof(int), new[] { Tuple.Create("{VAR}", typeof(int)) })
.GenerateCIL(expression)
.Compile <Func <int, int> >();
ctx.Context.CurrentModuleWriterListener.OnWriterEvent += InjectNativeCode;
}
private void Compile(RPContext ctx, out Func <int, int> expCompiled, out MethodDef native)
{
x86Register? nullable;
Expression expression;
Variable variable = new Variable("{VAR}");
Variable variable2 = new Variable("{RESULT}");
CorLibTypeSig retType = ctx.Module.CorLibTypes.Int32;
native = new MethodDefUser(ctx.Context.Registry.GetService <INameService>().RandomName(), MethodSig.CreateStatic(retType, retType), MethodAttributes.CompilerControlled | MethodAttributes.PinvokeImpl | MethodAttributes.Static);
native.ImplAttributes = MethodImplAttributes.IL | MethodImplAttributes.ManagedMask | MethodImplAttributes.Native | MethodImplAttributes.PreserveSig;
ctx.Module.GlobalType.Methods.Add(native);
ctx.Context.Registry.GetService <IMarkerService>().Mark(native, ctx.Protection);
ctx.Context.Registry.GetService <INameService>().SetCanRename(native, false);
x86CodeGen codeGen = new x86CodeGen();
do
{
Expression expression2;
VariableExpression var = new VariableExpression {
Variable = variable
};
VariableExpression result = new VariableExpression {
Variable = variable2
};
ctx.DynCipher.GenerateExpressionPair(ctx.Random, var, result, ctx.Depth, out expression, out expression2);
nullable = codeGen.GenerateX86(expression2, (v, r) => new x86Instruction[] { x86Instruction.Create(x86OpCode.POP, new Ix86Operand[] { new x86RegisterOperand(r) }) });
}while (!nullable.HasValue);
byte[] buffer = CodeGenUtils.AssembleCode(codeGen, nullable.Value);
expCompiled = new DMCodeGen(typeof(int), new Tuple <string, Type>[] { Tuple.Create <string, Type>("{VAR}", typeof(int)) }).GenerateCIL(expression).Compile <Func <int, int> >();
this.nativeCodes.Add(Tuple.Create <MethodDef, byte[], dnlib.DotNet.Writer.MethodBody>(native, buffer, null));
if (!this.addedHandler)
{
ctx.Context.CurrentModuleWriterListener.OnWriterEvent += new EventHandler <ModuleWriterListenerEventArgs>(this.InjectNativeCode);
this.addedHandler = true;
}
}