bool InitializeInfos2(IDecrypter decrypter) { int numMethods = ReadInt32(0) ^ ReadInt32(4); if (numMethods < 0) { throw new ApplicationException("Invalid number of encrypted methods"); } xorKey = (uint)numMethods; int numEncryptedDataInfos = ((int)structSize - 0xC) / ENCRYPTED_DATA_INFO_SIZE; var encryptedDataInfos = new byte[numEncryptedDataInfos][]; uint offset = 8; infos.Clear(); for (int i = 0; i < numMethods; i++, offset += structSize) { uint methodBodyRva = ReadEncryptedUInt32(offset); uint totalSize = ReadEncryptedUInt32(offset + 4); /*uint methodInstructionRva =*/ ReadEncryptedUInt32(offset + 8); // Read the method body header and method body (instrs + exception handlers). // The method body header is always in the first one. The instrs + ex handlers // are always in the last 4, and evenly divided (each byte[] is totalLen / 4). // The 2nd one is for the exceptions (or padding), but it may be null. uint offset2 = offset + 0xC; int exOffset = 0; for (int j = 0; j < encryptedDataInfos.Length; j++, offset2 += ENCRYPTED_DATA_INFO_SIZE) { // readByte(offset2); <-- index int encryptionType = ReadEncryptedInt16(offset2 + 1); uint dataOffset = ReadEncryptedUInt32(offset2 + 3); uint encryptedSize = ReadEncryptedUInt32(offset2 + 7); uint realSize = ReadEncryptedUInt32(offset2 + 11); if (j >= 3 && dataOffset == xorKey && encryptedSize == xorKey) { encryptedDataInfos[j] = null; continue; } if (j == 1) { exOffset = ReadEncryptedInt32(offset2 + 15); } if (j == 1 && exOffset == 0) { encryptedDataInfos[j] = null; } else { encryptedDataInfos[j] = Decrypt(decrypter, encryptionType, dataOffset, encryptedSize, realSize); } } var decryptedData = new byte[totalSize]; int copyOffset = 0; copyOffset = CopyData(decryptedData, encryptedDataInfos[0], copyOffset); for (int j = 2; j < encryptedDataInfos.Length; j++) { copyOffset = CopyData(decryptedData, encryptedDataInfos[j], copyOffset); } CopyData(decryptedData, encryptedDataInfos[1], exOffset); // Exceptions or padding if (!MethodBodyParser.Verify(decryptedData)) { throw new InvalidMethodBody(); } var info = new DecryptedMethodInfo(methodBodyRva, decryptedData); infos[info.bodyRva] = info; } return(true); }
public void initializeInfos() { initializeDecrypter(); int numMethods = readInt32(0) ^ readInt32(4); if (numMethods < 0) throw new ApplicationException("Invalid number of encrypted methods"); xorKey = (uint)numMethods; uint rvaDispl = !mainType.IsOld && peImage.readUInt32(0x2008) != 0x48 ? 0x1000U : 0; int numEncryptedDataInfos = ((int)structSize - 0xC) / ENCRYPTED_DATA_INFO_SIZE; var encryptedDataInfos = new byte[numEncryptedDataInfos][]; uint offset = 8; for (int i = 0; i < numMethods; i++, offset += structSize) { uint methodBodyRva = readEncryptedUInt32(offset) - rvaDispl; uint totalSize = readEncryptedUInt32(offset + 4); uint methodInstructionRva = readEncryptedUInt32(offset + 8) - rvaDispl; var decryptedData = new byte[totalSize]; // Read the method body header and method body (instrs + exception handlers). // The method body header is always in the first one. The instrs + ex handlers // are always in the last 4, and evenly divided (each byte[] is totalLen / 4). // The 2nd one is for the exceptions (or padding), but it may be null. uint offset2 = offset + 0xC; int exOffset = 0; for (int j = 0; j < encryptedDataInfos.Length; j++, offset2 += ENCRYPTED_DATA_INFO_SIZE) { // readByte(offset2); <-- index int encryptionType = readEncryptedInt16(offset2 + 1); uint dataOffset = readEncryptedUInt32(offset2 + 3); uint encryptedSize = readEncryptedUInt32(offset2 + 7); uint realSize = readEncryptedUInt32(offset2 + 11); if (j == 1) exOffset = readEncryptedInt32(offset2 + 15); if (j == 1 && exOffset == 0) encryptedDataInfos[j] = null; else encryptedDataInfos[j] = decrypt(encryptionType, dataOffset, encryptedSize, realSize); } int copyOffset = 0; copyOffset = copyData(decryptedData, encryptedDataInfos[0], copyOffset); for (int j = 2; j < encryptedDataInfos.Length; j++) copyOffset = copyData(decryptedData, encryptedDataInfos[j], copyOffset); copyData(decryptedData, encryptedDataInfos[1], exOffset); // Exceptions or padding var info = new DecryptedMethodInfo(methodBodyRva, decryptedData); infos[info.bodyRva] = info; } }
bool InitializeInfos2(IDecrypter decrypter) { int numMethods = ReadInt32(0) ^ ReadInt32(4); if (numMethods < 0) throw new ApplicationException("Invalid number of encrypted methods"); xorKey = (uint)numMethods; int numEncryptedDataInfos = ((int)structSize - 0xC) / ENCRYPTED_DATA_INFO_SIZE; var encryptedDataInfos = new byte[numEncryptedDataInfos][]; uint offset = 8; infos.Clear(); for (int i = 0; i < numMethods; i++, offset += structSize) { uint methodBodyRva = ReadEncryptedUInt32(offset); uint totalSize = ReadEncryptedUInt32(offset + 4); uint methodInstructionRva = ReadEncryptedUInt32(offset + 8); // Read the method body header and method body (instrs + exception handlers). // The method body header is always in the first one. The instrs + ex handlers // are always in the last 4, and evenly divided (each byte[] is totalLen / 4). // The 2nd one is for the exceptions (or padding), but it may be null. uint offset2 = offset + 0xC; int exOffset = 0; for (int j = 0; j < encryptedDataInfos.Length; j++, offset2 += ENCRYPTED_DATA_INFO_SIZE) { // readByte(offset2); <-- index int encryptionType = ReadEncryptedInt16(offset2 + 1); uint dataOffset = ReadEncryptedUInt32(offset2 + 3); uint encryptedSize = ReadEncryptedUInt32(offset2 + 7); uint realSize = ReadEncryptedUInt32(offset2 + 11); if (j >= 3 && dataOffset == xorKey && encryptedSize == xorKey) { encryptedDataInfos[j] = null; continue; } if (j == 1) exOffset = ReadEncryptedInt32(offset2 + 15); if (j == 1 && exOffset == 0) encryptedDataInfos[j] = null; else encryptedDataInfos[j] = Decrypt(decrypter, encryptionType, dataOffset, encryptedSize, realSize); } var decryptedData = new byte[totalSize]; int copyOffset = 0; copyOffset = CopyData(decryptedData, encryptedDataInfos[0], copyOffset); for (int j = 2; j < encryptedDataInfos.Length; j++) copyOffset = CopyData(decryptedData, encryptedDataInfos[j], copyOffset); CopyData(decryptedData, encryptedDataInfos[1], exOffset); // Exceptions or padding if (!MethodBodyParser.Verify(decryptedData)) throw new InvalidMethodBody(); var info = new DecryptedMethodInfo(methodBodyRva, decryptedData); infos[info.bodyRva] = info; } return true; }
public void initializeInfos() { initializeDecrypter(); int numMethods = readInt32(0) ^ readInt32(4); if (numMethods < 0) { throw new ApplicationException("Invalid number of encrypted methods"); } xorKey = (uint)numMethods; uint rvaDispl = !mainType.IsOld && peImage.readUInt32(0x2008) != 0x48 ? 0x1000U : 0; int numEncryptedDataInfos = ((int)structSize - 0xC) / ENCRYPTED_DATA_INFO_SIZE; var encryptedDataInfos = new byte[numEncryptedDataInfos][]; uint offset = 8; for (int i = 0; i < numMethods; i++, offset += structSize) { uint methodBodyRva = readEncryptedUInt32(offset) - rvaDispl; uint totalSize = readEncryptedUInt32(offset + 4); uint methodInstructionRva = readEncryptedUInt32(offset + 8) - rvaDispl; var decryptedData = new byte[totalSize]; // Read the method body header and method body (instrs + exception handlers). // The method body header is always in the first one. The instrs + ex handlers // are always in the last 4, and evenly divided (each byte[] is totalLen / 4). // The 2nd one is for the exceptions (or padding), but it may be null. uint offset2 = offset + 0xC; int exOffset = 0; for (int j = 0; j < encryptedDataInfos.Length; j++, offset2 += ENCRYPTED_DATA_INFO_SIZE) { // readByte(offset2); <-- index int encryptionType = readEncryptedInt16(offset2 + 1); uint dataOffset = readEncryptedUInt32(offset2 + 3); uint encryptedSize = readEncryptedUInt32(offset2 + 7); uint realSize = readEncryptedUInt32(offset2 + 11); if (j == 1) { exOffset = readEncryptedInt32(offset2 + 15); } if (j == 1 && exOffset == 0) { encryptedDataInfos[j] = null; } else { encryptedDataInfos[j] = decrypt(encryptionType, dataOffset, encryptedSize, realSize); } } int copyOffset = 0; copyOffset = copyData(decryptedData, encryptedDataInfos[0], copyOffset); for (int j = 2; j < encryptedDataInfos.Length; j++) { copyOffset = copyData(decryptedData, encryptedDataInfos[j], copyOffset); } copyData(decryptedData, encryptedDataInfos[1], exOffset); // Exceptions or padding var info = new DecryptedMethodInfo(methodBodyRva, decryptedData); infos[info.bodyRva] = info; } }