private Method(
MemberRef sharedMem,
MemberRef prevLocation,
MemberRef onBranch,
bool enableOnBranchCallback,
MethodDef method)
{
this.sharedMem = sharedMem;
this.prevLocation = prevLocation;
this.onBranch = onBranch;
this.enableOnBranchCallback = enableOnBranchCallback;
if (enableOnBranchCallback)
{
onBranchCall = method.Module.Import(typeof(Common.Trace)
.GetMethod(nameof(Common.Trace.OnBranchCall)));
}
body = method.Body;
instructions = body.Instructions.ToList();
if (instructions.Any())
{
instrumented = new Dictionary <Instruction, Instruction>();
body.SimplifyBranches();
body.Instructions.Clear();
FindInstrumentationTargets();
Instrument(method.FullName);
UpdateBranchTargets();
UpdateExceptionHandlers();
body.OptimizeBranches();
}
}
public void ProtectionPhase(SpectreContext spctx)
{
foreach (ModuleDef module in spctx.Assembly.Modules)
{
foreach (TypeDef type in module.Types)
{
foreach (MethodDef method in type.Methods)
{
if (!method.HasBody)
{
continue;
}
if (method.HasBody)
{
if (!method.Body.HasInstructions)
{
continue;
}
}
body = method.Body;
for (int i = 0; i < body.Instructions.Count; i++)
{
if (body.Instructions[i].IsLdcI4())
{
Mutate(spctx, method, i);
i += 2;
}
}
body.SimplifyBranches();
body.OptimizeBranches();
}
}
}
}
internal CilBody Run()
{
var source = _sourceMethod.Body;
_event.Locals.Capacity = source.Variables.Locals.Count;
_event.Locals.AddRange(source.Variables.Locals.Select(Clone));
var instructions = source.Instructions.Select(Clone).ToList();
instructions.SimplifyBranches();
_event.Fragment.Reset(instructions);
FixBrTargets(_event.Fragment);
_event.ExceptionHandlers.AddRange(source.ExceptionHandlers.Select(Clone));
Context.Fire(_event);
instructions = _event.Fragment.ToList();
var body = new CilBody(source.InitLocals, instructions, _event.ExceptionHandlers, _event.Locals);
var emitter = _event.GetEmitter(false);
if (emitter != null)
{
emitter.Commit();
emitter.TempLocals.Flush(body);
body.OptimizeBranches();
}
return(body);
}
public void ProtectionPhase(Context krawk)
{
Console.ForegroundColor = ConsoleColor.Yellow;
Console.WriteLine("Executing Constants...");
Console.ResetColor();
GenerateX86(krawk);
foreach (ModuleDef module in krawk.Assembly.Modules)
{
foreach (TypeDef type in module.Types)
{
if (type.Namespace.Contains(".My"))
{
continue;
}
if (type.FullName.Contains(".My"))
{
continue;
}
foreach (MethodDef method in type.Methods)
{
if (!method.HasBody)
{
continue;
}
if (method.FullName.Contains(".My"))
{
continue;
}
if (method.HasBody)
{
if (!method.Body.HasInstructions)
{
continue;
}
}
if (method.FullName.Contains("Decrypt"))
{
continue;
}
body = method.Body;
for (int i = 0; i < body.Instructions.Count; i++)
{
if (method.Body.Instructions[i].OpCode == OpCodes.Ldstr)
{
Encodestring(krawk, method, i);
i += 2;
}
}
}
body.SimplifyBranches();
body.OptimizeBranches();
}
}
}
private Method(MemberRef sharedMem, MemberRef prevLocation, MethodDef method)
{
this.sharedMem = sharedMem;
this.prevLocation = prevLocation;
body = method.Body;
instructions = body.Instructions.ToList();
instrumented = new Dictionary <Instruction, Instruction>();
body.SimplifyBranches();
body.Instructions.Clear();
FindInstrumentationTargets();
Instrument();
UpdateBranchTargets();
UpdateExceptionHandlers();
body.OptimizeBranches();
}
void IProtector.ProtectionPhase(Context krawk)
{
foreach (ModuleDef module in krawk.Assembly.Modules)
{
foreach (TypeDef type in module.Types)
{
if (type.Namespace.Contains(".My"))
{
continue;
}
foreach (MethodDef method in type.Methods)
{
if (!method.HasBody)
{
continue;
}
if (method.Name.Contains("Krawk_Protector_N"))
{
continue;
}
if (method.HasBody)
{
if (!method.Body.HasInstructions)
{
continue;
}
}
body = method.Body;
for (int i = 0; i < body.Instructions.Count; i++)
{
if (body.Instructions[i].OpCode == OpCodes.Ldc_I4)
{
Mutate(krawk, method, i);
i += 2;
}
}
body.SimplifyBranches();
body.OptimizeBranches();
}
}
}
}
void IProtector.ProtectionPhase(Context krawk)
{
foreach (ModuleDef module in krawk.Assembly.Modules)
{
foreach (TypeDef type in module.Types)
{
foreach (MethodDef method in type.Methods)
{
if (!method.HasBody)
{
continue;
}
if (method.HasBody)
{
if (!method.Body.HasInstructions)
{
continue;
}
}
body = method.Body;
for (int i = 0; i < body.Instructions.Count; i++)
{
if (method.Body.Instructions[i].OpCode == OpCodes.Ldstr)
{
Mutate(krawk, method, i, "String");
i += 2;
}
if (method.Body.Instructions[i].IsLdcI4())
{
Mutate(krawk, method, i, "Int");
}
}
body.SimplifyBranches();
body.OptimizeBranches();
}
}
}
}
protected override void Execute(ConfuserContext context, ProtectionParameters parameters)
{
for (int i = 1; i < 1; i++)
{
foreach (IDnlibDef dnlibDef in parameters.Targets)
{
MethodDef def = (MethodDef)dnlibDef;
CilBody body = def.Body;
body.SimplifyBranches();
Random random = new Random();
int num2 = 0;
while (num2 < body.Instructions.Count)
{
if (body.Instructions[num2].IsLdcI4())
{
int num3 = body.Instructions[num2].GetLdcI4Value();
int num4 = random.Next(5, 40);
body.Instructions[num2].OpCode = OpCodes.Ldc_I4;
body.Instructions[num2].Operand = num4 * num3;
body.Instructions.Insert(num2 + 1, Instruction.Create(OpCodes.Ldc_I4, num4));
body.Instructions.Insert(num2 + 2, Instruction.Create(OpCodes.Div));
num2 += 3;
}
else
{
num2++;
}
}
Random random2 = new Random();
int num5 = 0;
ITypeDefOrRef type = null;
for (int j = 0; j < def.Body.Instructions.Count; j++)
{
Instruction instruction = def.Body.Instructions[j];
if (instruction.IsLdcI4())
{
switch (random2.Next(1, 8))
{
case 1:
type = def.Module.Import(typeof(int));
num5 = 4;
break;
case 2:
type = def.Module.Import(typeof(sbyte));
num5 = 1;
break;
case 3:
type = def.Module.Import(typeof(byte));
num5 = 1;
break;
case 4:
type = def.Module.Import(typeof(bool));
num5 = 1;
break;
case 5:
type = def.Module.Import(typeof(decimal));
num5 = 16;
break;
case 6:
type = def.Module.Import(typeof(short));
num5 = 2;
break;
case 7:
type = def.Module.Import(typeof(long));
num5 = 8;
break;
}
int num6 = random2.Next(1, 1000);
bool flag = Convert.ToBoolean(random2.Next(0, 2));
switch ((num5 != 0) ? ((Convert.ToInt32(instruction.Operand) % num5 == 0) ? random2.Next(1, 5) : random2.Next(1, 4)) : random2.Next(1, 4))
{
case 1:
def.Body.Instructions.Insert(j + 1, Instruction.Create(OpCodes.Sizeof, type));
def.Body.Instructions.Insert(j + 2, Instruction.Create(OpCodes.Add));
instruction.Operand = Convert.ToInt32(instruction.Operand) - num5 + (flag ? (-num6) : num6);
goto IL_43A;
case 2:
def.Body.Instructions.Insert(j + 1, Instruction.Create(OpCodes.Sizeof, type));
def.Body.Instructions.Insert(j + 2, Instruction.Create(OpCodes.Sub));
instruction.Operand = Convert.ToInt32(instruction.Operand) + num5 + (flag ? (-num6) : num6);
goto IL_43A;
case 3:
def.Body.Instructions.Insert(j + 1, Instruction.Create(OpCodes.Sizeof, type));
def.Body.Instructions.Insert(j + 2, Instruction.Create(OpCodes.Add));
instruction.Operand = Convert.ToInt32(instruction.Operand) - num5 + (flag ? (-num6) : num6);
goto IL_43A;
case 4:
def.Body.Instructions.Insert(j + 1, Instruction.Create(OpCodes.Sizeof, type));
def.Body.Instructions.Insert(j + 2, Instruction.Create(OpCodes.Mul_Ovf_Un));
instruction.Operand = Convert.ToInt32(instruction.Operand) - num5 + (flag ? (-num6) : num6);
goto IL_43A;
case 5:
def.Body.Instructions.Insert(j + 1, Instruction.Create(OpCodes.Sizeof, type));
def.Body.Instructions.Insert(j + 2, Instruction.Create(OpCodes.Add_Ovf_Un));
instruction.Operand = Convert.ToInt32(instruction.Operand) - num5 + (flag ? (-num6) : num6);
goto IL_43A;
case 6:
def.Body.Instructions.Insert(j + 1, Instruction.Create(OpCodes.Sizeof, type));
def.Body.Instructions.Insert(j + 2, Instruction.Create(OpCodes.Mul));
instruction.Operand = Convert.ToInt32(instruction.Operand) / num5;
break;
default:
goto IL_43A;
}
IL_484:
j += 2;
goto IL_48A;
IL_43A:
def.Body.Instructions.Insert(j + 3, Instruction.CreateLdcI4(num6));
def.Body.Instructions.Insert(j + 4, Instruction.Create(flag ? OpCodes.Add : OpCodes.Sub));
j += 2;
goto IL_484;
}
IL_48A :;
}
body.OptimizeBranches();
}
}
}
// Token: 0x06000097 RID: 151 RVA: 0x0000C8AC File Offset: 0x0000AAAC
public static void DisConstants(ModuleDef md)
{
foreach (TypeDef typeDef in md.Types)
{
foreach (MethodDef methodDef in typeDef.Methods)
{
for (int i = 1; i < 1; i++)
{
CilBody body = methodDef.Body;
body.SimplifyBranches();
Random random = new Random();
int j = 0;
while (j < body.Instructions.Count)
{
bool flag = body.Instructions[j].IsLdcI4();
if (flag)
{
int ldcI4Value = body.Instructions[j].GetLdcI4Value();
int num = random.Next(5, 40);
body.Instructions[j].OpCode = OpCodes.Ldc_I4;
body.Instructions[j].Operand = num * ldcI4Value;
body.Instructions.Insert(j + 1, Instruction.Create(OpCodes.Ldc_I4, num));
body.Instructions.Insert(j + 2, Instruction.Create(OpCodes.Div));
j += 3;
}
else
{
j++;
}
}
Random random2 = new Random();
int num2 = 0;
ITypeDefOrRef type = null;
for (int k = 0; k < methodDef.Body.Instructions.Count; k++)
{
Instruction instruction = methodDef.Body.Instructions[k];
bool flag2 = instruction.IsLdcI4();
if (flag2)
{
switch (random2.Next(1, 8))
{
case 1:
type = methodDef.Module.Import(typeof(int));
num2 = 4;
break;
case 2:
type = methodDef.Module.Import(typeof(sbyte));
num2 = 1;
break;
case 3:
type = methodDef.Module.Import(typeof(byte));
num2 = 1;
break;
case 4:
type = methodDef.Module.Import(typeof(bool));
num2 = 1;
break;
case 5:
type = methodDef.Module.Import(typeof(decimal));
num2 = 16;
break;
case 6:
type = methodDef.Module.Import(typeof(short));
num2 = 2;
break;
case 7:
type = methodDef.Module.Import(typeof(long));
num2 = 8;
break;
}
int num3 = random2.Next(1, 1000);
bool flag3 = Convert.ToBoolean(random2.Next(0, 2));
switch ((num2 != 0) ? ((Convert.ToInt32(instruction.Operand) % num2 == 0) ? random2.Next(1, 5) : random2.Next(1, 4)) : random2.Next(1, 4))
{
case 1:
methodDef.Body.Instructions.Insert(k + 1, Instruction.Create(OpCodes.Sizeof, type));
methodDef.Body.Instructions.Insert(k + 2, Instruction.Create(OpCodes.Add));
instruction.Operand = Convert.ToInt32(instruction.Operand) - num2 + (flag3 ? (-num3) : num3);
goto IL_493;
case 2:
methodDef.Body.Instructions.Insert(k + 1, Instruction.Create(OpCodes.Sizeof, type));
methodDef.Body.Instructions.Insert(k + 2, Instruction.Create(OpCodes.Sub));
instruction.Operand = Convert.ToInt32(instruction.Operand) + num2 + (flag3 ? (-num3) : num3);
goto IL_493;
case 3:
methodDef.Body.Instructions.Insert(k + 1, Instruction.Create(OpCodes.Sizeof, type));
methodDef.Body.Instructions.Insert(k + 2, Instruction.Create(OpCodes.Add));
instruction.Operand = Convert.ToInt32(instruction.Operand) - num2 + (flag3 ? (-num3) : num3);
goto IL_493;
case 4:
methodDef.Body.Instructions.Insert(k + 1, Instruction.Create(OpCodes.Sizeof, type));
methodDef.Body.Instructions.Insert(k + 2, Instruction.Create(OpCodes.Mul));
instruction.Operand = Convert.ToInt32(instruction.Operand) / num2;
break;
default:
goto IL_493;
}
IL_48A:
k += 2;
goto IL_4E2;
IL_493:
methodDef.Body.Instructions.Insert(k + 3, Instruction.CreateLdcI4(num3));
methodDef.Body.Instructions.Insert(k + 4, Instruction.Create(flag3 ? OpCodes.Add : OpCodes.Sub));
k += 2;
goto IL_48A;
}
IL_4E2 :;
}
body.OptimizeBranches();
}
}
}
}
