public void FindHandlers()
{
if (vmOpCodes != null)
{
return;
}
deobfuscator = new MyDeobfuscator(module);
var csvmInfo = new CsvmInfo(module);
csvmInfo.Initialize();
var vmHandlerTypes = FindVmHandlerTypes();
if (vmHandlerTypes == null)
{
throw new ApplicationException("Could not find CSVM opcode handler types");
}
var composites = CreateCompositeOpCodeHandlers(csvmInfo, vmHandlerTypes);
foreach (var handlerInfos in OpCodeHandlerInfos.HandlerInfos)
{
if (!DetectCompositeHandlers(composites, handlerInfos))
{
continue;
}
vmOpCodes = CreateVmOpCodes(composites);
break;
}
if (vmOpCodes == null)
{
throw new ApplicationException("Could not find any/all CSVM handlers");
}
}
public void FindHandlers() {
if (vmOpCodes != null)
return;
deobfuscator = new MyDeobfuscator(module);
var csvmInfo = new CsvmInfo(module);
csvmInfo.Initialize();
var vmHandlerTypes = FindVmHandlerTypes();
if (vmHandlerTypes == null)
throw new ApplicationException("Could not find CSVM opcode handler types");
var composites = CreateCompositeOpCodeHandlers(csvmInfo, vmHandlerTypes);
foreach (var handlerInfos in OpCodeHandlerInfos.HandlerInfos) {
var otherHandlers = CreateOtherHandlers(csvmInfo, handlerInfos);
if (!DetectCompositeHandlers(composites, otherHandlers))
continue;
vmOpCodes = CreateVmOpCodes(composites);
break;
}
if (vmOpCodes == null)
throw new ApplicationException("Could not find any/all CSVM handlers");
}
static MethodDef GetExecMethod(MyDeobfuscator deobfuscator, TypeDef type)
{
MethodDef readMethod, execMethod;
GetReadAndExecMethods(type, out readMethod, out execMethod);
deobfuscator.Deobfuscate(execMethod);
SimplifyInstructions(execMethod);
return(execMethod);
}
static MethodDef GetExecMethod(MyDeobfuscator deobfuscator, TypeDef type) {
MethodDef readMethod, execMethod;
GetReadAndExecMethods(type, out readMethod, out execMethod);
deobfuscator.Deobfuscate(execMethod);
SimplifyInstructions(execMethod);
return execMethod;
}
