//delegate preperation & JIT Stack fixes
private unsafe void PreJit()
{
Win32.Print("PreJIT: FindMatchingMethods");
MethodInfo method = typeof(JitEncrypt).GetMethod("FindMethods", BindingFlags.Instance | BindingFlags.NonPublic);
RuntimeHelpers.PrepareMethod(method.MethodHandle);
Win32.Print("PreJIT: ContainsKey");
method = typeof(Dictionary <long, JitMethodBase>).GetMethod("ContainsKey", BindingFlags.Instance | BindingFlags.Public);
RuntimeHelpers.PrepareMethod(method.MethodHandle);
Win32.Print("PreJIT: FindMatchingMethods [Call]");
//--- Note the following requests are required to prevent stack overflow exceptions on some deep .net methods that they call
Data.CorMethodInfo64 methodInfo = new Data.CorMethodInfo64() //--- create fake data structure pointing to our fake method
{
moduleHandle = new IntPtr(int.MaxValue),
methodHandle = new IntPtr(int.MaxValue - 0x06000000)
};
JitMethodBase temp = new JitMethodBase(methodInfo.moduleHandle, int.MaxValue, method, new ClrEncrypted(EncryptionType.aes, false)); //--- define our fake method
JitMethodBase temp2 = new JitMethodBase(methodInfo.moduleHandle, int.MaxValue, method, new MethodHash("fake method hash")); //--- define our fake method
long value = temp.hMODULE.ToInt64() + temp.Token; //--- calculate our fake method's lookup token
EncryptedMethods.Add(value, temp); //--- add our fake method to our dictioanry
HashedMethods.Add(value, temp2);
FindMethods(&methodInfo); // use FindMethods to PreJit the entire chain
EncryptedMethods.Clear(); //--- clear our dictionary of our fake method to prevent issues
HashedMethods.Clear();
if (AntiDebug.DetectDebuggers())
{
Win32.Print("Debugger Present");
SafeCrash.ForceCrash();
}
}
//delegate preperation & JIT Stack fixes
private unsafe void PreJit()
{
Win32.Print("PreJIT: FindMatchingMethods");
MethodInfo method = typeof(JitEncrypt).GetMethod("FindMethods", BindingFlags.Instance | BindingFlags.NonPublic);
System.Runtime.CompilerServices.RuntimeHelpers.PrepareMethod(method.MethodHandle);
Win32.Print("PreJIT: DoesMatch");
method = typeof(JitMethodBase).GetMethod("DoesMatch", BindingFlags.Instance | BindingFlags.Public);
System.Runtime.CompilerServices.RuntimeHelpers.PrepareMethod(method.MethodHandle);
Win32.Print("PreJIT: FindMatchingMethods [Call]");
//--- Note the following requests are required to prevent stack overflow exceptions on some deep .net methods that they call
Data.CorMethodInfo64 methodInfo = new Data.CorMethodInfo64()
{
moduleHandle = IntPtr.Zero,
methodHandle = IntPtr.Zero
};
FindMethods(&methodInfo);
Win32.Print("PreJIT: DoesMatch [Call]");
JitMethodBase temp = new JitMethodBase(method.Module.GetHMODULE(), method.MetadataToken, method, new ClrEncrypted(EncryptionType.aes, false));
temp.DoesMatch(IntPtr.Zero, 0);
if (AntiDebug.DetectDebuggers())
{
Win32.Print("Debugger Present");
SafeCrash.ForceCrash();
}
}
