private void Button1_Click(object sender, EventArgs e)
{
ModuleDefMD module = ModuleDefMD.Load(textBox1.Text);
if (checkBox1.Checked)
{
StringEncPhase.Execute(module);
}
/* if (checkBox2.Checked)
* { OnlinePhase.Execute(module); } */
if (checkBox3.Checked)
{
ProxyString.Execute(module);
}
if (checkBox5.Checked)
{
Anti_Debug.Execute(module);
}
if (checkBox6.Checked)
{
Anti_Tamper.Execute(module);
}
if (checkBox8.Checked)
{
AddIntPhase.Execute(module);
}
if (checkBox4.Checked)
{
ProxyINT.Execute(module);
}
if (checkBox12.Checked)
{
ProxyMeth.Execute(module);
}
if (checkBox10.Checked)
{
RenamerPhase.Execute(module);
}
if (checkBox7.Checked)
{
controlflow.process(module); ControlFlowTask.Execute(module);
}
if (checkBox11.Checked)
{
JumpCFlow.Execute(module);
}
if (checkBox9.Checked)
{
InvalidMDPhase.process(module.Assembly);
}
string text2 = Path.GetDirectoryName(textBox1.Text);
if (!text2.EndsWith("\\"))
{
text2 += "\\";
}
string path = text2 + Path.GetFileNameWithoutExtension(textBox1.Text) + "_protected" +
Path.GetExtension(textBox1.Text);
var opts = new ModuleWriterOptions(module);
opts.PEHeadersOptions.NumberOfRvaAndSizes = 13;
opts.MetaDataOptions.TablesHeapOptions.ExtraData = 0x1337;
opts.Logger = DummyLogger.NoThrowInstance;
module.Write(path, opts);
if (checkBox6.Checked)
{
Anti_Tamper.Md5(path);
}
}
private void Button_Click(object sender, RoutedEventArgs e)
{
var time = DateTime.Now.ToString("hh:mm:ss");
var module = ModuleDefMD.Load(LoadBox.Text);
if (StringEnc.IsChecked == true)
{
StringEncPhase.Execute(module);
ConsoleLog.Foreground = Brushes.Aqua;
ConsoleLog.AppendText($"{time} Processing String Encryption{Environment.NewLine}");
}
if (SOD.IsChecked == true)
{
OnlinePhase.Execute(module);
ConsoleLog.AppendText($"{time} Processing Online Decryption{Environment.NewLine}");
}
if (Cflow.IsChecked == true)
{
ControlFlowObfuscation.Execute(module);
ConsoleLog.AppendText($"{time} Processing Control Flow{Environment.NewLine}");
}
if (IntConf.IsChecked == true)
{
AddIntPhase.Execute2(module);
ConsoleLog.AppendText($"{time} Processing Int Confusion{Environment.NewLine}");
}
if (SUC.IsChecked == true)
{
StackUnfConfusion.Execute(module);
ConsoleLog.AppendText($"{time} Processing StackUnfConfusion{Environment.NewLine}");
}
if (Ahri.IsChecked == true)
{
Arithmetic.Execute(module);
ConsoleLog.AppendText($"{time} Processing Arithmetic{Environment.NewLine}");
}
if (LF.IsChecked == true)
{
L2F.Execute(module);
ConsoleLog.AppendText($"{time} Processing Local Field{Environment.NewLine}");
}
if (LFV2.IsChecked == true)
{
L2FV2.Execute(module);
ConsoleLog.AppendText($"{time} Processing Local Field V2{Environment.NewLine}");
}
if (Calli_.IsChecked == true)
{
Calli.Execute(module);
ConsoleLog.AppendText($"{time} Processing Call To Calli{Environment.NewLine}");
}
if (Proxy_String.IsChecked == true)
{
ProxyString.Execute(module);
ConsoleLog.AppendText($"{time} Processing Proxy Strings{Environment.NewLine}");
}
if (ProxyConstants.IsChecked == true)
{
ProxyINT.Execute(module);
ConsoleLog.AppendText($"{time} Processing Proxy Constants{Environment.NewLine}");
}
if (Proxy_Meth.IsChecked == true)
{
ProxyMeth.Execute(module);
ConsoleLog.AppendText($"{time} Processing Proxy Methods{Environment.NewLine}");
}
if (Renamer.IsChecked == true)
{
RenamerPhase.Execute(module);
ConsoleLog.AppendText($"{time} Processing Renaming{Environment.NewLine}");
}
if (Anti_De4dot.IsChecked == true)
{
AntiDe4dot.Execute(module.Assembly);
ConsoleLog.AppendText($"{time} Processing Anti De4dot{Environment.NewLine}");
}
if (JumpCflow.IsChecked == true)
{
JumpCFlow.Execute(module);
ConsoleLog.AppendText($"{time} Processing Jump Control flow{Environment.NewLine}");
}
if (AntiDebug.IsChecked == true)
{
Anti_Debug.Execute(module);
ConsoleLog.AppendText($"{time} Processing Anti Debug{Environment.NewLine}");
}
if (Anti_Dump.IsChecked == true)
{
AntiDump.Execute(module);
ConsoleLog.AppendText($"{time} Processing Anti Dump{Environment.NewLine}");
}
if (AntiTamper.IsChecked == true)
{
Protection.Anti.AntiTamper.Execute(module);
ConsoleLog.AppendText($"{time} Processing Anti Tamper{Environment.NewLine}");
}
if (InvalidMD.IsChecked == true)
{
InvalidMDPhase.Execute(module.Assembly);
ConsoleLog.AppendText($"{time} Processing Invalid MetaData{Environment.NewLine}");
}
var text2 = Path.GetDirectoryName(LoadBox.Text);
if (text2 != null && !text2.EndsWith("\\"))
{
text2 += "\\";
}
var path = $"{text2}{Path.GetFileNameWithoutExtension(LoadBox.Text)}_protected{Path.GetExtension(LoadBox.Text)}";
module.Write(path,
new ModuleWriterOptions(module)
{
PEHeadersOptions = { NumberOfRvaAndSizes = 13 }, Logger = DummyLogger.NoThrowInstance
});
ConsoleLog.AppendText($"{time} {path}");
if (AntiTamper.IsChecked == true)
{
Protection.Anti.AntiTamper.Sha256(path);
}
}
private void Button_Click(object sender, RoutedEventArgs e)
{
var time = DateTime.Now.ToString("hh:mm:ss");
ModuleContext modCtx = ModuleDef.CreateModuleContext();
var module = ModuleDefMD.Load(Program.Text, modCtx);
ConsoleLog.Foreground = Brushes.Black;
ConsoleLog.AppendText($"{time} Starting obfuscation{Environment.NewLine}");
if (String_Encryption.IsChecked == true)
{
StringEncPhase.Execute(module);
ConsoleLog.AppendText($"{time} Processing string encryption{Environment.NewLine}");
}
if (Online_Decryption.IsChecked == true)
{
OnlinePhase.Execute(module);
ConsoleLog.AppendText($"{time} Processing online decryption{Environment.NewLine}");
}
if (Cflow.IsChecked == true)
{
ControlFlowObfuscation.Execute(module);
ConsoleLog.AppendText($"{time} Processing control flow{Environment.NewLine}");
}
if (IntConf.IsChecked == true)
{
AddIntPhase.Execute2(module);
ConsoleLog.AppendText($"{time} Processing integer confusion{Environment.NewLine}");
}
if (SUC.IsChecked == true)
{
StackUnfConfusion.Execute(module);
ConsoleLog.AppendText($"{time} Processing stack confusion{Environment.NewLine}");
}
if (Ahri.IsChecked == true)
{
Arithmetic.Execute(module);
ConsoleLog.AppendText($"{time} Processing math calculations{Environment.NewLine}");
}
if (LF.IsChecked == true)
{
L2F.Execute(module);
ConsoleLog.AppendText($"{time} Processing constant fields{Environment.NewLine}");
}
if (LFV2.IsChecked == true)
{
L2FV2.Execute(module);
ConsoleLog.AppendText($"{time} Processing local fields{Environment.NewLine}");
}
if (Calli_.IsChecked == true)
{
Calli.Execute(module);
ConsoleLog.AppendText($"{time} Processing calli conversion{Environment.NewLine}");
}
if (Proxy_String.IsChecked == true)
{
ProxyString.Execute(module);
ConsoleLog.AppendText($"{time} Processing proxy strings{Environment.NewLine}");
}
if (ProxyConstants.IsChecked == true)
{
ProxyINT.Execute(module);
ConsoleLog.AppendText($"{time} Processing proxy constants{Environment.NewLine}");
}
if (Proxy_Meth.IsChecked == true)
{
ProxyMeth.Execute(module);
ConsoleLog.AppendText($"{time} Processing proxy methods{Environment.NewLine}");
}
if (Anti_De4dot.IsChecked == true)
{
AntiDecompile.Execute(module.Assembly);
ConsoleLog.AppendText($"{time} Processing anti-decompile{Environment.NewLine}");
}
if (JumpCflow.IsChecked == true)
{
JumpCFlow.Execute(module);
ConsoleLog.AppendText($"{time} Processing flow conversion{Environment.NewLine}");
}
if (AntiDebug.IsChecked == true)
{
Anti_Debug.Execute(module);
ConsoleLog.AppendText($"{time} Processing anti-debug{Environment.NewLine}");
}
if (Anti_Dump.IsChecked == true)
{
AntiDump.Execute(module);
ConsoleLog.AppendText($"{time} Processing anti-dump{Environment.NewLine}");
}
if (AntiTamper.IsChecked == true)
{
Protection.Software.AntiTamper.Execute(module);
ConsoleLog.AppendText($"{time} Processing anti-tamper{Environment.NewLine}");
}
if (InvalidMD.IsChecked == true)
{
InvalidMDPhase.Execute(module.Assembly);
ConsoleLog.AppendText($"{time} Processing invalid metadata{Environment.NewLine}");
}
var text2 = Path.GetDirectoryName(Program.Text);
if (text2 != null && !text2.EndsWith("\\"))
{
text2 += "\\";
}
var path = $"{text2}{Path.GetFileNameWithoutExtension(Program.Text)}_protected{Path.GetExtension(Program.Text)}";
module.Write(path,
new ModuleWriterOptions(module)
{
PEHeadersOptions = { NumberOfRvaAndSizes = 13 }, Logger = DummyLogger.NoThrowInstance
});
ConsoleLog.AppendText($"{time} File: {path}{Environment.NewLine}{Environment.NewLine}");
if (AntiTamper.IsChecked == true)
{
Protection.Software.AntiTamper.Sha256(path);
}
}
static void Main(string[] args)
{
#region Initialize
Console.Title = "Rzy Protector V2 Unpacker - by illuZion#9999";
WriteTitle();
if (args.Length != 1)
{
Write("Please, drag 'n' drop the file to unpack!", Type.Error);
Leave();
}
string directory = args[0];
try { module = ModuleDefMD.Load(directory); assembly = AssemblyDef.Load(directory); filePath = directory; }
catch { Write("Not a .NET Assembly...", Type.Error); Leave(); }
#endregion Initialize
#region Unpack
Hide_Methods.Execute(module);
Call_to_Calli.Execute(module);
Empty_Types.Execute(module);
Maths(module);
Local_To_Field.Execute(module);
Constants.Execute(module);
Maths(module);
String_Protection.Execute(module);
Fake_Obfuscator.Execute(module);
Anti_ILDasm.Execute(module);
Anti_De4dot.Execute(module);
Anti_Dnspy.Execute(module);
Anti_VM.Execute(module);
Anti_Debug.Execute(module);
Anti_Dump.Execute(module);
Remove_Nops.Execute(module);
#endregion Unpack
#region Save the file
Write("Saving the unpacked file...", Type.Info);
string text = Path.GetDirectoryName(directory);
if (!text.EndsWith("\\"))
{
text += "\\";
}
string filename = string.Format("{0}{1}-Unpacked{2}", text, Path.GetFileNameWithoutExtension(directory), Path.GetExtension(directory));
ModuleWriterOptions writerOptions = new ModuleWriterOptions(module);
writerOptions.MetadataOptions.Flags |= MetadataFlags.PreserveAll;
writerOptions.Logger = DummyLogger.NoThrowInstance;
NativeModuleWriterOptions NativewriterOptions = new NativeModuleWriterOptions(module, true);
NativewriterOptions.MetadataOptions.Flags |= MetadataFlags.PreserveAll;
NativewriterOptions.Logger = DummyLogger.NoThrowInstance;
if (module.IsILOnly)
{
module.Write(filename, writerOptions);
}
else
{
module.NativeWrite(filename, NativewriterOptions);
}
Write($"File saved at: {filename}", Type.Success);
Leave();
#endregion Save the file
}
