Ejemplo n.º 1
0
 public static GClass876.GStruct3 smethod_2(IntPtr intptr_0, IntPtr intptr_1, out int int_0)
 {
     int_0 = 0;
     GClass876.GStruct3 result = default(GClass876.GStruct3);
     if (GClass876.smethod_1())
     {
         GClass876.GStruct2 gstruct = default(GClass876.GStruct2);
         if (GClass876.VirtualQueryEx(intptr_0, intptr_1, out gstruct, (uint)Marshal.SizeOf(typeof(GClass876.GStruct2))) != 0)
         {
             result.intptr_1 = gstruct.intptr_1;
             result.int_0    = gstruct.int_0;
             result.intptr_0 = gstruct.intptr_0;
             result.int_1    = gstruct.int_2;
             result.long_0   = (long)gstruct.int_1;
             result.State    = gstruct.State;
             result.int_2    = gstruct.int_3;
             return(result);
         }
         int_0 = Marshal.GetLastWin32Error();
     }
     else
     {
         if (GClass876.VirtualQueryEx_1(intptr_0, intptr_1, out result, (uint)Marshal.SizeOf(typeof(GClass876.GStruct3))) != 0)
         {
             return(result);
         }
         int_0 = Marshal.GetLastWin32Error();
     }
     return(result);
 }
Ejemplo n.º 2
0
    public GClass5()
    {
        GClass5.smethod_0();
        this.logger_0 = LogManager.GetLogger("DOPE");
        this.logger_0.Info("Loading DOPE {arch} {version} on {architecture} ({os})", new object[]
        {
            GClass876.smethod_1() ? "x86" : "x64",
            Constants.VersionString,
            Environment.Is64BitOperatingSystem ? "x64" : "x86",
            Environment.OSVersion.VersionString
        });
        AppDomain.CurrentDomain.FirstChanceException += this.method_0;
        AppDomain.CurrentDomain.UnhandledException   += this.method_2;
        base.ShutdownMode = ShutdownMode.OnMainWindowClose;
        GClass82.smethod_2();
        bool flag;

        using (WindowsIdentity current = WindowsIdentity.GetCurrent())
        {
            flag = new WindowsPrincipal(current).IsInRole(WindowsBuiltInRole.Administrator);
        }
        PErkava.IsSupported = flag;
        try
        {
            PErkava.smethod_3();
        }
        catch
        {
            PErkava.IsSupported = false;
        }
        if (flag && PErkava.IsSupported)
        {
            try
            {
                GClass882 gclass = new GClass882();
                gclass.Start();
                PErkava.Host = gclass;
            }
            catch
            {
            }
        }
        this.logger_0.Info("PErkava support status: {status}", PErkava.IsSupported);
        if (PErkava.IsSupported)
        {
            this.logger_0.Info("Use legacy proxy: {proxy}", PErkava.smethod_2());
        }
        AppDomain.CurrentDomain.ProcessExit += this.method_1;
    }
Ejemplo n.º 3
0
    public static bool smethod_1(IntPtr intptr_0, Action <int> action_0 = null)
    {
        List <IntPtr> list = new GClass877(intptr_0).method_0();
        uint          num;

        GClass876.GetWindowThreadProcessId(intptr_0, out num);
        Process processById = Process.GetProcessById((int)num);

        list.Reverse();
        List <uint> list2 = list.Select(new Func <IntPtr, uint>(GClass875.< > c.< > c_0.method_0)).ToList <uint>();

        list2.Add(num);
        if (processById.ProcessName.StartsWith("chrome"))
        {
            list2 = Process.GetProcessesByName("chrome").Select(new Func <Process, uint>(GClass875.< > c.< > c_0.method_1)).ToList <uint>();
            List <uint> list3 = new List <uint>();
            foreach (uint num2 in list2)
            {
                string text = GClass876.smethod_3(num2);
                if (text != null && text.Contains("flash"))
                {
                    list3.Add(num2);
                    Debug.WriteLine(string.Format("Found chrome flash player @{0:X2}", num2));
                }
            }
            list2 = list3;
        }
        list2 = list2.GroupBy(new Func <uint, uint>(GClass875.< > c.< > c_0.method_2)).Select(new Func <IGrouping <uint, uint>, uint>(GClass875.< > c.< > c_0.method_3)).ToList <uint>();
        bool flag = false;
        long num3 = 0L;

        foreach (uint int_ in list2)
        {
            GClass874 gclass = new GClass874((int)int_);
            if (!gclass.method_6())
            {
                MessageBox.Show("Your browser is compiled for different architecture. Please use the " + (GClass876.smethod_1() ? "64" : "32") + "-bit version of PErkava.");
                return(false);
            }
            foreach (GClass876.GStruct3 gstruct in gclass.method_4())
            {
                foreach (IntPtr intptr_ in GClass875.smethod_0(gclass, gstruct, Encoding.UTF8.GetBytes("cc0306d7b0f0c671000bd655485744417a868b29dd77619e42b51f70c28e67d0bbc2caf9dd364cb0419217bcfba86c33735b543fae2b666059b59c631955962afa1f97e0f49f92bf1a5463ae89c751a661e0485c2ec6e011634abfb4a4142157")))
                {
                    flag = true;
                    gclass.method_7(intptr_, Encoding.UTF8.GetBytes("ef09b1bcec67808eeff374b1b51fb155edaac4fcc7a78ed75d5848d6e9eaabee41dec018bb5482d01acea8ce13688bfe33076dde70f06febb80cf3b7327953fb32c08889b815587ded2cdd056d0ec9965b894751848766c27fdee32c707b6fc9"));
                }
                num3 += gstruct.long_0;
                if (action_0 != null)
                {
                    action_0((int)(num3 / 1024L / 1024L));
                }
            }
            if (flag)
            {
                PErkava.hashSet_0.Add((uint)gclass.method_0());
            }
        }
        return(flag);
    }