/// <summary> /// Runs the specified cloaking task. /// </summary> /// <param name="context">The running context of this cloak job.</param> public void RunTask(ICloakContext context) { //Optimization on it's own will screw up our original changes so let's fix it up first context.ReloadAssemblyDefinitions(); //Now get the dictionary and optimize var dictionary = context.GetAssemblyDefinitions(); foreach (AssemblyDefinition assembly in dictionary.Values) { //We'll search methods only at this point foreach (ModuleDefinition moduleDefinition in assembly.Modules) { //Go through each type foreach (TypeDefinition typeDefinition in moduleDefinition.GetAllTypes()) { //Go through each method foreach (MethodDefinition methodDefinition in typeDefinition.Methods) { if (methodDefinition.HasBody) { OutputHelper.WriteMethod(typeDefinition, methodDefinition); methodDefinition.Body.OptimizeMacros(); } } } } } }
/// <summary> /// Runs the specified cloaking task. /// </summary> /// <param name="context">The running context of this cloak job.</param> public void RunTask(ICloakContext context) { Dictionary<string, AssemblyDefinition> assemblyCache = context.GetAssemblyDefinitions(); foreach (string assembly in assemblyCache.Keys) { AssemblyDefinition def = assemblyCache[assembly]; Type si = typeof (SuppressIldasmAttribute); CustomAttribute found = null; foreach (CustomAttribute attr in def.CustomAttributes) { if (attr.Constructor.DeclaringType.FullName == si.FullName) { found = attr; break; } } //Only add if it's not there already if (found == null) { //Add one MethodReference constructor = def.MainModule.Import(typeof (SuppressIldasmAttribute).GetConstructor(Type.EmptyTypes)); CustomAttribute attr = new CustomAttribute(constructor); def.CustomAttributes.Add(attr); } } }
/// <summary> /// Runs the specified cloaking task. /// </summary> /// <param name="context">The running context of this cloak job.</param> public void RunTask(ICloakContext context) { Dictionary <string, AssemblyDefinition> assemblyCache = context.GetAssemblyDefinitions(); foreach (string assembly in assemblyCache.Keys) { AssemblyDefinition def = assemblyCache[assembly]; Type si = typeof(SuppressIldasmAttribute); CustomAttribute found = null; foreach (CustomAttribute attr in def.CustomAttributes) { if (attr.Constructor.DeclaringType.FullName == si.FullName) { found = attr; break; } } //Only add if it's not there already if (found == null) { //Add one MethodReference constructor = def.MainModule.Import(typeof(SuppressIldasmAttribute).GetConstructor(Type.EmptyTypes)); CustomAttribute attr = new CustomAttribute(constructor); def.CustomAttributes.Add(attr); } } }
/// <summary> /// Runs the specified cloaking task. /// </summary> /// <param name="context">The running context of this cloak job.</param> public void RunTask(ICloakContext context) { foreach (AssemblyDefinition assembly in context.GetAssemblyDefinitions().Values) { Simplify(assembly); } context.ReloadAssemblyDefinitions(); }
/// <summary> /// Runs the specified cloaking task. /// </summary> public void RunTask(ICloakContext context) { //Loop through each assembly and obfuscate it foreach (AssemblyDefinition definition in context.GetAssemblyDefinitions().Values) { Obfuscate(context, definition); } }
/// <summary> /// Runs the specified cloaking task. /// </summary> /// <param name="context">The running context of this cloak job.</param> public void RunTask(ICloakContext context) { //Go through each assembly and encrypt the strings //for each assembly inject a decryption routine - we'll let the obfuscator hide it properly //Loop through each assembly and obfuscate it foreach (AssemblyDefinition definition in context.GetAssemblyDefinitions().Values) { EncryptStringsInAssembly(definition); } }
public void RunTask(ICloakContext context) { //Go through each assembly //for each assembly inject a decryption routine - we'll let the obfuscator hide it properly //Loop through each assembly and obfuscate it foreach (AssemblyDefinition definition in context.GetAssemblyDefinitions().Values) { CombineLocalsInAssembly(definition); } }
/// <summary> /// Runs the specified cloaking task. /// </summary> /// <param name="context">The running context of this cloak job.</param> public void RunTask(ICloakContext context) { Dictionary<string, AssemblyDefinition> assemblyCache = context.GetAssemblyDefinitions(); foreach (string assembly in assemblyCache.Keys) { //Save the assembly string outputPath = Path.Combine(context.Settings.OutputDirectory, Path.GetFileName(assembly)); OutputHelper.WriteLine("Outputting assembly to {0}", outputPath); assemblyCache[assembly].Write(outputPath); } }
/// <summary> /// Runs the specified cloaking task. /// </summary> /// <param name="context">The running context of this cloak job.</param> public void RunTask(ICloakContext context) { Dictionary <string, AssemblyDefinition> assemblyCache = context.GetAssemblyDefinitions(); foreach (string assembly in assemblyCache.Keys) { //Save the assembly string outputPath = Path.Combine(context.Settings.OutputDirectory, Path.GetFileName(assembly)); OutputHelper.WriteLine("Outputting assembly to {0}", outputPath); assemblyCache[assembly].Write(outputPath); } }
/// <summary> /// Runs the specified cloaking task. /// </summary> /// <param name="context">The running context of this cloak job.</param> public void RunTask(ICloakContext context) { //Get out if rename is turned off if (context.Settings.NoRename) return; //Go through the members and build up a mapping graph //If this is done then the members in the graph will be obfuscated, otherwise we'll //just obfuscate private members //Loop through each assembly and process it foreach (AssemblyDefinition definition in context.GetAssemblyDefinitions().Values) { ProcessAssembly(context, definition); } }
/// <summary> /// Runs the specified cloaking task. /// </summary> /// <param name="context">The running context of this cloak job.</param> public void RunTask(ICloakContext context) { //Get out if rename is turned off if (context.Settings.NoRename) { return; } //Go through the members and build up a mapping graph //If this is done then the members in the graph will be obfuscated, otherwise we'll //just obfuscate private members //Loop through each assembly and process it foreach (AssemblyDefinition definition in context.GetAssemblyDefinitions().Values) { ProcessAssembly(context, definition); } }
/// <summary> /// Runs the specified cloaking task. /// </summary> /// <param name="context">The running context of this cloak job.</param> public void RunTask(ICloakContext context) { //We don't need to do this if (method == ConfusionMethod.None) return; //Go through each assembly foreach (AssemblyDefinition definition in context.GetAssemblyDefinitions().Values) { switch (method) { case ConfusionMethod.InvalidIl: ConfuseDecompilationWithInvalidIl(definition); break; default: throw new ArgumentOutOfRangeException(); } } }
/// <summary> /// Runs the specified cloaking task. /// </summary> /// <param name="context">The running context of this cloak job.</param> public void RunTask(ICloakContext context) { //We don't need to do this if (method == ConfusionMethod.None) { return; } //Go through each assembly foreach (AssemblyDefinition definition in context.GetAssemblyDefinitions().Values) { switch (method) { case ConfusionMethod.InvalidIl: ConfuseDecompilationWithInvalidIl(definition); break; default: throw new ArgumentOutOfRangeException(); } } }
/// <summary> /// Runs the specified cloaking task. /// </summary> /// <param name="context">The running context of this cloak job.</param> public void RunTask(ICloakContext context) { //WARNING: This task may potentially break complex applications. Please test this //thorougly before deployment. // //This task must be run last (in place of OutputAssembliesTask) as it does the following // 1. Encrypts all obfuscated assemblies supplied to this program // 2. Calculates the hash of each of the obfuscated assemblies (as opposed to encrypted) // 3. Creates a bootstrapper assembly including each of the assemblies as resources // - The bootstrapper essentially extracts each of it's contents into memory (n.b. attack point) // It then checks the hash of the bytes and if successful, loads the bytes into the current AppDomain. // //So getting down to business... the first think we need to do is go through each assembly and //encrypt using Symmetric encryption //Lets generate a password string passwordKey = Guid.NewGuid().ToString(); Guid salt = Guid.NewGuid(); Rfc2898DeriveBytes password = new Rfc2898DeriveBytes(passwordKey, salt.ToByteArray(), PasswordIterations); //Get the key bytes and initialisation vector byte[] keyBytes = password.GetBytes(KeySize / 8); byte[] initVector = password.GetBytes(InitVectorSize); //Go through each assembly, calculate the hash and encrypt Dictionary<string, byte[]> encryptedAssemblies = new Dictionary<string, byte[]>(); Dictionary<string, byte[]> hashedAssemblies = new Dictionary<string, byte[]>(); Dictionary<string, AssemblyDefinition> assemblies = context.GetAssemblyDefinitions(); foreach (string assembly in assemblies.Keys) { //Get the raw data of the assembly byte[] assemblyRawData; using (MemoryStream ms = new MemoryStream()) { assemblies[assembly].Write(ms); assemblyRawData = ms.ToArray(); } #if OUTPUT_PRE_TAMPER File.WriteAllBytes(context.Settings.OutputDirectory + "\\" + Path.GetFileName(assembly), assemblyRawData); #endif //Calculate the hash hashedAssemblies.Add(assembly, HashData(assemblyRawData)); //Now encrypt it encryptedAssemblies.Add(assembly, EncryptData(assemblyRawData, keyBytes, initVector)); } //Now we've got that information - it's up to us to generate a bootstrapper assembly //We'll do this by starting from scratch AssemblyDefinition bootstrapperAssembly = AssemblyDefinition.CreateAssembly(new AssemblyNameDefinition(context.Settings.TamperProofAssemblyName, new Version(1, 0)), null, context.Settings.TamperProofAssemblyType == AssemblyType.Windows ? ModuleKind.Windows : ModuleKind.Console); //Add some resources - encrypted assemblies #if USE_FRIENDLY_NAMING const string resourceNamespace = "Resources"; #else string resourceNamespace = context.NameManager.GenerateName(NamingTable.Type); #endif foreach (string assembly in encryptedAssemblies.Keys) { //We'll randomise the names using the type table #if USE_FRIENDLY_NAMING string resourceName = resourceNamespace + "." + Path.GetFileName(assembly); #else string resourceName = resourceNamespace + "." + context.NameManager.GenerateName(NamingTable.Type); #endif string hashName = resourceName + ".v0"; bootstrapperAssembly.MainModule.Resources.Add(new EmbeddedResource(resourceName, ManifestResourceAttributes.Private, encryptedAssemblies[assembly])); bootstrapperAssembly.MainModule.Resources.Add(new EmbeddedResource( hashName, ManifestResourceAttributes.Private, hashedAssemblies[assembly])); //If it has an entry point then save this as well AssemblyDefinition def = assemblies[assembly]; if (def.EntryPoint != null) { StringBuilder entryPointHelper = new StringBuilder(); entryPointHelper.AppendLine(resourceName); entryPointHelper.AppendLine(def.EntryPoint.DeclaringType.Namespace + "." + def.EntryPoint.DeclaringType.Name); entryPointHelper.AppendLine(def.EntryPoint.Name); bootstrapperAssembly.MainModule.Resources.Add(new EmbeddedResource( resourceName + ".e", ManifestResourceAttributes.Private, Encoding.Unicode.GetBytes(entryPointHelper.ToString()))); } } //Now make it do something BuildBootstrapper(context, bootstrapperAssembly, passwordKey, salt); //Finally save this assembly to our output path string outputPath = Path.Combine(context.Settings.OutputDirectory, context.Settings.TamperProofAssemblyName + ".exe"); OutputHelper.WriteLine("Outputting assembly to {0}", outputPath); bootstrapperAssembly.Write(outputPath); }