private static void Decrypt(byte[] target, int targetOffset, byte[] source, int sourceOffset, int length, ref DecryptContext ctx) { int si = sourceOffset; int ti = targetOffset; for (int i = 0; i < length; i++, si++, ti++) { var p = (byte)(source[si] ^ ctx.Key); ctx.Hash ^= p << ((ctx.Index % 4) * 8); target[ti] = p; ctx.Index += 1; } }
public object Deserialize(Stream stream) { var p = new Packet(); var intBytes = new byte[4]; // Read Len and Checksum var startPos = stream.Position; int len = stream.Read32BitEncodedInt(); int hash = stream.Read32BitEncodedInt(); // Decrypt and Check Chcksum ArraySegment <byte> s0, s1; GetBuffers(stream, (int)startPos + 8, len - 4, out s0, out s1); var ctx = new DecryptContext { Key = _deserializeWrapKey }; Decrypt(s0.Array, s0.Offset, s0.Array, s0.Offset, s0.Count, ref ctx); Decrypt(s1.Array, s1.Offset, s1.Array, s1.Offset, s1.Count, ref ctx); if (ctx.Hash != hash) { throw new IOException("Hash mismatch"); } if (_deserializeWrapKey != 0) { _deserializeWrapKey += 1; if (_deserializeWrapKey == 0) { _deserializeWrapKey = 1; } } // Read PacketType, ActorId, RequestId var header = stream.ReadByte(); p.Type = (PacketType)(header & 0x0F); p.ActorId = stream.Read7BitEncodedInt(); p.RequestId = stream.Read7BitEncodedInt(); // Read Message if ((header & 0x80) != 0) { if (p.Type == PacketType.System) { p.Message = stream.ReadString(); } else { var messageTypeAlias = stream.Read7BitEncodedInt(); var messageLen = stream.Read32BitEncodedInt(); Type type = _data.TypeTable.GetType(messageTypeAlias); if (type == null) { throw new Exception("Cannot resolve message type. TypeAlias=" + messageTypeAlias); } p.Message = Activator.CreateInstance(type); _data.MessageSerializer.Deserialize(stream, p.Message, type, messageLen); } } // Read Exception if ((header & 0x40) != 0) { p.Exception = _exceptionSerializer.Deserialize(stream); } var consumedLen = (int)(stream.Position - startPos); if (len + 4 != consumedLen) { throw new Exception("Mismatched length: " + (len + 4) + " " + consumedLen); } return(p); }
unsafe DumpedMethod decryptMethod(uint token) { if (!canDecryptMethods()) { throw new ApplicationException("Can't decrypt methods since compileMethod() isn't hooked yet"); } ctx = new DecryptContext(); ctx.dm = new DumpedMethod(); ctx.dm.token = token; ctx.method = monoModule.LookupToken((int)token) as MethodDefinition; if (ctx.method == null) { throw new ApplicationException(string.Format("Could not find method {0:X8}", token)); } byte *mh = (byte *)hInstModule + ctx.method.RVA; byte *code; if (mh == (byte *)hInstModule) { ctx.dm.mhMaxStack = 0; ctx.dm.mhCodeSize = 0; ctx.dm.mhFlags = 0; ctx.dm.mhLocalVarSigTok = 0; code = null; } else if ((*mh & 3) == 2) { uint headerSize = 1; ctx.dm.mhMaxStack = 8; ctx.dm.mhCodeSize = (uint)(*mh >> 2); ctx.dm.mhFlags = 2; ctx.dm.mhLocalVarSigTok = 0; code = mh + headerSize; } else { uint headerSize = (uint)((mh[1] >> 4) * 4); ctx.dm.mhMaxStack = *(ushort *)(mh + 2); ctx.dm.mhCodeSize = *(uint *)(mh + 4); ctx.dm.mhFlags = *(ushort *)mh; ctx.dm.mhLocalVarSigTok = *(uint *)(mh + 8); code = mh + headerSize; } CORINFO_METHOD_INFO info = default(CORINFO_METHOD_INFO); info.ILCode = new IntPtr(code); info.ILCodeSize = ctx.dm.mhCodeSize; info.maxStack = ctx.dm.mhMaxStack; info.scope = moduleToDecryptScope; initializeOurComp(); if (code == null) { ctx.dm.code = new byte[0]; updateFromMethodDefTableRow(); } else { callMethodDelegate(*(IntPtr *)jitterVtbl, jitterInstance, ourCompMem, new IntPtr(&info), 0, new IntPtr(0x12345678), new IntPtr(0x3ABCDEF0)); } var dm = ctx.dm; ctx = null; return(dm); }
public object Deserialize(Stream stream) { var p = new Packet(); var intBytes = new byte[4]; // Read Len and Checksum var startPos = stream.Position; int len = stream.Read32BitEncodedInt(); int hash = stream.Read32BitEncodedInt(); // Decrypt and Check Chcksum ArraySegment<byte> s0, s1; GetBuffers(stream, (int)startPos + 8, len - 4, out s0, out s1); var ctx = new DecryptContext { Key = _deserializeWrapKey }; Decrypt(s0.Array, s0.Offset, s0.Array, s0.Offset, s0.Count, ref ctx); Decrypt(s1.Array, s1.Offset, s1.Array, s1.Offset, s1.Count, ref ctx); if (ctx.Hash != hash) throw new IOException("Hash mismatch"); if (_deserializeWrapKey != 0) { _deserializeWrapKey += 1; if (_deserializeWrapKey == 0) _deserializeWrapKey = 1; } // Read PacketType, ActorId, RequestId var header = stream.ReadByte(); p.Type = (PacketType)(header & 0x0F); p.ActorId = stream.Read7BitEncodedInt(); p.RequestId = stream.Read7BitEncodedInt(); // Read Message if ((header & 0x80) != 0) { if (p.Type == PacketType.System) { p.Message = stream.ReadString(); } else { var messageTypeAlias = stream.Read7BitEncodedInt(); var messageLen = stream.Read32BitEncodedInt(); Type type = _data.TypeTable.GetType(messageTypeAlias); if (type == null) throw new Exception("Cannot resolve message type. TypeAlias=" + messageTypeAlias); p.Message = Activator.CreateInstance(type); _data.MessageSerializer.Deserialize(stream, p.Message, type, messageLen); } } // Read Exception if ((header & 0x40) != 0) { p.Exception = _exceptionSerializer.Deserialize(stream); } var consumedLen = (int)(stream.Position - startPos); if (len + 4 != consumedLen) throw new Exception("Mismatched length: " + (len + 4) + " " + consumedLen); return p; }