Beispiel #1
0
        VmOpCodeHandlerDetector getVmOpCodeHandlerDetector()
        {
            var vmFilename   = vmAssemblyRef.Name + ".dll";
            var vmModulePath = Path.Combine(Path.GetDirectoryName(module.Location), vmFilename);

            Logger.v("CSVM filename: {0}", vmFilename);

            var dataKey = "cs cached VmOpCodeHandlerDetector";
            var dict    = (Dictionary <string, VmOpCodeHandlerDetector>)deobfuscatorContext.getData(dataKey);

            if (dict == null)
            {
                deobfuscatorContext.setData(dataKey, dict = new Dictionary <string, VmOpCodeHandlerDetector>(StringComparer.OrdinalIgnoreCase));
            }
            VmOpCodeHandlerDetector detector;

            if (dict.TryGetValue(vmModulePath, out detector))
            {
                return(detector);
            }
            dict[vmModulePath] = detector = new VmOpCodeHandlerDetector(ModuleDefMD.Load(vmModulePath));

            detector.findHandlers();
            Logger.v("CSVM opcodes:");
            Logger.Instance.indent();
            for (int i = 0; i < detector.Handlers.Count; i++)
            {
                Logger.v("{0:X4}: {1}", i, detector.Handlers[i].Name);
            }
            Logger.Instance.deIndent();

            return(detector);
        }
 public CsvmToCilMethodConverter(IDeobfuscatorContext deobfuscatorContext, ModuleDefMD module, VmOpCodeHandlerDetector opCodeDetector)
 {
     this.deobfuscatorContext = deobfuscatorContext;
     this.module         = module;
     this.opCodeDetector = opCodeDetector;
 }
 public CsvmToCilMethodConverter(IDeobfuscatorContext deobfuscatorContext, ModuleDefMD module, VmOpCodeHandlerDetector opCodeDetector)
 {
     this.deobfuscatorContext = deobfuscatorContext;
     this.module = module;
     this.opCodeDetector = opCodeDetector;
 }