public override void DeobfuscateBegin()
{
base.DeobfuscateBegin();
cliSecureRtType.FindStringDecrypterMethod();
stringDecrypter.AddDecrypterInfos(cliSecureRtType.StringDecrypterInfos);
stringDecrypter.Initialize();
AddAttributesToBeRemoved(cliSecureAttributes, "Obfuscator attribute");
if (options.DecryptResources)
{
DecryptResources(resourceDecrypter);
AddCctorInitCallToBeRemoved(resourceDecrypter.RsrcRrrMethod);
}
stackFrameHelper = new StackFrameHelper(Module);
stackFrameHelper.Find();
foreach (var type in Module.Types)
{
if (type.FullName == "InitializeDelegate" && DotNetUtils.DerivesFromDelegate(type))
{
this.AddTypeToBeRemoved(type, "Obfuscator type");
}
}
proxyCallFixer.Find();
foreach (var info in stringDecrypter.StringDecrypterInfos)
{
staticStringInliner.Add(info.Method, (method, gim, args) => stringDecrypter.Decrypt((string)args[0]));
}
DeobfuscatedFile.StringDecryptersAdded();
if (options.DecryptMethods)
{
AddCctorInitCallToBeRemoved(cliSecureRtType.InitializeMethod);
AddCctorInitCallToBeRemoved(cliSecureRtType.PostInitializeMethod);
FindPossibleNamesToRemove(cliSecureRtType.LoadMethod);
}
if (options.RestoreVmCode && (csvmV1.Detected || csvmV2.Detected))
{
if (csvmV1.Detected && csvmV1.Restore())
{
AddResourceToBeRemoved(csvmV1.Resource, "CSVM data resource");
}
else if (csvmV2.Detected && csvmV2.Restore())
{
AddResourceToBeRemoved(csvmV2.Resource, "CSVM data resource");
}
else
{
Logger.e("Couldn't restore VM methods. Use --dont-rename or it will not run");
PreserveTokensAndTypes();
}
}
}
public override void deobfuscateBegin()
{
base.deobfuscateBegin();
cliSecureRtType.findStringDecrypterMethod();
stringDecrypter.Method = cliSecureRtType.StringDecrypterMethod;
addAttributesToBeRemoved(cliSecureAttributes, "Obfuscator attribute");
if (options.DecryptResources)
{
decryptResources(resourceDecrypter);
addCctorInitCallToBeRemoved(resourceDecrypter.RsrcRrrMethod);
}
stackFrameHelper = new StackFrameHelper(module);
stackFrameHelper.find();
foreach (var type in module.Types)
{
if (type.FullName == "InitializeDelegate" && DotNetUtils.derivesFromDelegate(type))
{
this.addTypeToBeRemoved(type, "Obfuscator type");
}
}
proxyCallFixer.find();
staticStringInliner.add(stringDecrypter.Method, (method, gim, args) => stringDecrypter.decrypt((string)args[0]));
DeobfuscatedFile.stringDecryptersAdded();
if (options.DecryptMethods)
{
addCctorInitCallToBeRemoved(cliSecureRtType.InitializeMethod);
addCctorInitCallToBeRemoved(cliSecureRtType.PostInitializeMethod);
findPossibleNamesToRemove(cliSecureRtType.LoadMethod);
}
if (options.RestoreVmCode)
{
if (csvm.restore())
{
addResourceToBeRemoved(csvm.Resource, "CSVM data resource");
}
else
{
Logger.e("Couldn't restore VM methods. Use --dont-rename or it will not run");
preserveTokensAndTypes();
}
}
}
public override void DeobfuscateBegin() {
base.DeobfuscateBegin();
cliSecureRtType.FindStringDecrypterMethod();
stringDecrypter.AddDecrypterInfos(cliSecureRtType.StringDecrypterInfos);
stringDecrypter.Initialize();
AddAttributesToBeRemoved(cliSecureAttributes, "Obfuscator attribute");
if (options.DecryptResources) {
DecryptResources(resourceDecrypter);
AddCctorInitCallToBeRemoved(resourceDecrypter.RsrcRrrMethod);
}
stackFrameHelper = new StackFrameHelper(module);
stackFrameHelper.Find();
foreach (var type in module.Types) {
if (type.FullName == "InitializeDelegate" && DotNetUtils.DerivesFromDelegate(type))
this.AddTypeToBeRemoved(type, "Obfuscator type");
}
proxyCallFixer.Find();
foreach (var info in stringDecrypter.StringDecrypterInfos)
staticStringInliner.Add(info.Method, (method, gim, args) => stringDecrypter.Decrypt((string)args[0]));
DeobfuscatedFile.StringDecryptersAdded();
if (options.DecryptMethods) {
AddCctorInitCallToBeRemoved(cliSecureRtType.InitializeMethod);
AddCctorInitCallToBeRemoved(cliSecureRtType.PostInitializeMethod);
FindPossibleNamesToRemove(cliSecureRtType.LoadMethod);
}
if (options.RestoreVmCode && (csvmV1.Detected || csvmV2.Detected)) {
if (csvmV1.Detected && csvmV1.Restore())
AddResourceToBeRemoved(csvmV1.Resource, "CSVM data resource");
else if (csvmV2.Detected && csvmV2.Restore())
AddResourceToBeRemoved(csvmV2.Resource, "CSVM data resource");
else {
Logger.e("Couldn't restore VM methods. Use --dont-rename or it will not run");
PreserveTokensAndTypes();
}
}
}
