private static void ResolveEB2S(ref string source)
{
MatchCollection toDo;
toDo = Regex.Matches(source, "Execute\\(BinaryToString\\((\"|')0x[\\dA-F]+(\"|')\\)\\)", RegexOptions.IgnoreCase | RegexOptions.Multiline);
for (int i = 0; i < toDo.Count; i++)
{
string workingOn;
Match lastMatch;
workingOn = toDo[i].Value;
while ((lastMatch = Regex.Match(workingOn, "Execute\\(BinaryToString\\((\"|')(0x[\\dA-F]+)(\"|')\\)\\)", RegexOptions.IgnoreCase)).Success)
{
workingOn = AutoShit.BinaryToString(lastMatch.Groups[2].Value);
}
source = source.Replace(toDo[i].Value, workingOn);
}
}
private static void RemoveArrayObfuscation(ref string source, string tblSource)
{
string arrayName, decryptName, separator;
string[] values;
MatchCollection toFix;
arrayName = getArrayName(source);
decryptName = getBin2StrName(source, arrayName);
separator = getSeparator(source, arrayName);
values = tblSource.Split(new string[] { separator }, StringSplitOptions.RemoveEmptyEntries);
toFix = Regex.Matches(source, String.Format("\\$(\\w+) = {0}\\(\\${1}\\[(\\d+)\\]\\)", decryptName, arrayName), RegexOptions.IgnoreCase | RegexOptions.Multiline);
foreach (Match tmp in toFix)
{
string varName;
int i;
varName = tmp.Groups[1].Value;
i = int.Parse(tmp.Groups[2].Value);
source = source.Replace(String.Format("${0}", varName), string.Format("\"{0}\"", AutoShit.BinaryToString(values[i - 1], false)));
}
// REMOVE THE methodcrypt() CALLS.
toFix = Regex.Matches(source, String.Format("{0}\\((\"|')([\\dA-F]+)(\"|')\\)", decryptName), RegexOptions.Multiline | RegexOptions.IgnoreCase);
foreach (Match tmp in toFix)
{
source = source.Replace(tmp.Value, String.Format("\"{0}\"", AutoShit.BinaryToString(tmp.Groups[2].Value, false)));
}
RemoveArrayRests(ref source);
}