public void ProtectionPhase(SpectreContext spctx)
{
foreach (ModuleDef module in spctx.Assembly.Modules)
{
foreach (TypeDef type in module.Types)
{
foreach (MethodDef method in type.Methods)
{
if (!method.HasBody)
{
continue;
}
if (method.HasBody)
{
if (!method.Body.HasInstructions)
{
continue;
}
}
body = method.Body;
for (int i = 0; i < body.Instructions.Count; i++)
{
if (body.Instructions[i].IsLdcI4())
{
Mutate(spctx, method, i);
i += 2;
}
}
body.SimplifyBranches();
body.OptimizeBranches();
}
}
}
}
public void InjectPhase(SpectreContext spctx)
{
ModuleDefMD typeModule = ModuleDefMD.Load(typeof(Runtime.ConstantRuntime).Module);
TypeDef typeDef = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(Runtime.ConstantRuntime).MetadataToken));
IEnumerable <IDnlibDef> members = InjectHelper.Inject(typeDef, spctx.GlobalType, spctx.ManifestModule);
decryptionmethod = (MethodDef)members.Single(method => method.Name == "DecodeNum");
}
private void Mutate(SpectreContext spctx, MethodDef method, int i)
{
body = method.Body;
int rndkey = LeetRandom.rnd.Next(0, int.MaxValue);
int newoperand = body.Instructions[i].GetLdcI4Value() + rndkey;
body.Instructions[i] = Instruction.CreateLdcI4(newoperand);
body.Instructions.Insert(i + 1, Instruction.CreateLdcI4(rndkey));
body.Instructions.Insert(i + 2, OpCodes.Sub.ToInstruction());
}
public void ProtectionPhase(SpectreContext spctx)
{
var ManifestModule = spctx.ManifestModule;
//Create Ref
TypeRef supressref = ManifestModule.CorLibTypes.GetTypeRef("System.Runtime.CompilerServices", "SuppressIldasmAttribute");
var ctorRef = new MemberRefUser(ManifestModule, ".ctor", MethodSig.CreateInstance(ManifestModule.CorLibTypes.Void), supressref);
var supressattribute = new CustomAttribute(ctorRef);
//add Attribute
ManifestModule.CustomAttributes.Add(supressattribute);
}
public void ProtectionPhase(SpectreContext spctx)
{
RenameMode mode = RenameMode.UNREADABLE;
foreach (ModuleDef module in spctx.Assembly.Modules)
{
foreach (TypeDef type in module.Types)
{
if (Utils.CanRename(type))
{
type.Name = Utils.GenerateName(mode);
}
foreach (MethodDef method in type.Methods)
{
if (Utils.CanRename(method))
{
method.Name = Utils.GenerateName(mode);
}
foreach (var param in method.Parameters)
{
param.Name = Utils.GenerateName(mode);
}
}
foreach (FieldDef field in type.Fields)
{
if (Utils.CanRename(field))
{
field.Name = Utils.GenerateName(mode);
}
}
foreach (EventDef eventf in type.Events)
{
if (Utils.CanRename(eventf))
{
eventf.Name = Utils.GenerateName(mode);
}
}
}
}
}
private void EncodeNumeric(SpectreContext spctx, MethodDef method, int i)
{
body = method.Body;
int key = LeetRandom.rnd.Next(0, int.MaxValue);
FieldDef field = new FieldDefUser(Guid.NewGuid().ToString(), new FieldSig(spctx.ManifestModule.CorLibTypes.Int32), FieldAttributes.Public | FieldAttributes.Static);
//Add Field
spctx.GlobalType.Fields.Add(field);
int cctorbdycount = spctx.cctor.Body.Instructions.Count;
//Init Field
spctx.cctor.Body.Instructions.Insert(cctorbdycount - 1, Instruction.Create(OpCodes.Stsfld, field));
spctx.cctor.Body.Instructions.Insert(cctorbdycount - 1, Instruction.CreateLdcI4(key));
int operand = body.Instructions[i].GetLdcI4Value();
int newoperand = EncodeNum(operand, key);
body.Instructions[i] = Instruction.CreateLdcI4(newoperand);
body.Instructions.Insert(i + 1, Instruction.Create(OpCodes.Ldsfld, field)); // insert int field
body.Instructions.Insert(i + 2, Instruction.Create(OpCodes.Call, decryptionmethod));
}
private void btnObf_Click(object sender, RoutedEventArgs e)
{
foreach (var item in lvassemblys.Items)
{
var current = item as LvAssembly;
try
{
AssemblyDef asm = AssemblyDef.Load(current.Path);
SpectreContext spctx = new SpectreContext(asm);
var rule = new Rule(enable_renamer, enable_antiildasm, enable_constantprotection, enable_constantmutation);
new Core(spctx, rule).DoObfuscation();
var opts = new ModuleWriterOptions(spctx.ManifestModule);
opts.Logger = DummyLogger.NoThrowInstance;
foreach (var path in dict)
{
if (path.Key.Equals(current.Path))
{
asm.Write(path.Value, opts);
}
}
}
catch (Exception) { throw; }
}
}
public void InjectPhase(SpectreContext spctx)
{
}
public Core(SpectreContext spctx, Rule rule)
{
this.spctx = spctx;
this.rule = rule;
}
