/// <summary> /// Create the DevirtualizedAttribute TypeDef, with a "default .ctor" that /// calls the base type's .ctor (System.Attribute). /// </summary> /// <returns>TypeDef</returns> TypeDef CreateDevirtualizedAttribute() { var importer = new Importer(this.Module); var attributeRef = this.Module.CorLibTypes.GetTypeRef("System", "Attribute"); var attributeCtorRef = importer.Import(attributeRef.ResolveTypeDefThrow().FindMethod(".ctor")); var devirtualizedAttr = new TypeDefUser( "eazdevirt.Injected", "DevirtualizedAttribute", attributeRef); //devirtualizedAttr.Attributes = TypeAttributes.Public | TypeAttributes.AutoLayout // | TypeAttributes.Class | TypeAttributes.AnsiClass; var emptyCtor = new MethodDefUser(".ctor", MethodSig.CreateInstance(this.Module.CorLibTypes.Void), MethodImplAttributes.IL | MethodImplAttributes.Managed, MethodAttributes.Public | MethodAttributes.SpecialName | MethodAttributes.RTSpecialName | MethodAttributes.ReuseSlot | MethodAttributes.HideBySig); var instructions = new List<Instruction>(); instructions.Add(OpCodes.Ldarg_0.ToInstruction()); instructions.Add(OpCodes.Call.ToInstruction(attributeCtorRef)); // Call the constructor .ctor instructions.Add(OpCodes.Ret.ToInstruction()); emptyCtor.Body = new CilBody(false, instructions, new List<ExceptionHandler>(), new List<Local>()); devirtualizedAttr.Methods.Add(emptyCtor); return devirtualizedAttr; }
public static void CommenceRickroll(ConfuserContext context, ModuleDef module) { var marker = context.Registry.GetService<IMarkerService>(); var nameService = context.Registry.GetService<INameService>(); var injection = Injection.Replace("REPL", EscapeScript(JS)); var globalType = module.GlobalType; var newType = new TypeDefUser(" ", module.CorLibTypes.Object.ToTypeDefOrRef()); newType.Attributes |= TypeAttributes.NestedPublic; globalType.NestedTypes.Add(newType); var trap = new MethodDefUser( injection, MethodSig.CreateStatic(module.CorLibTypes.Void), MethodAttributes.Public | MethodAttributes.Static); trap.Body = new CilBody(); trap.Body.Instructions.Add(Instruction.Create(OpCodes.Ret)); newType.Methods.Add(trap); marker.Mark(newType, null); marker.Mark(trap, null); nameService.SetCanRename(trap, false); foreach (var method in module.GetTypes().SelectMany(type => type.Methods)) { if (method != trap && method.HasBody) method.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, trap)); } }
public override void ProcessCall(RPContext ctx, int instrIndex) { Instruction invoke = ctx.Body.Instructions[instrIndex]; var target = (IMethod)invoke.Operand; // Value type proxy is not supported in mild mode. if (target.DeclaringType.ResolveTypeDefThrow().IsValueType) return; // Skipping visibility is not supported in mild mode. if (!target.ResolveThrow().IsPublic && !target.ResolveThrow().IsAssembly) return; Tuple<Code, TypeDef, IMethod> key = Tuple.Create(invoke.OpCode.Code, ctx.Method.DeclaringType, target); MethodDef proxy; if (!proxies.TryGetValue(key, out proxy)) { MethodSig sig = CreateProxySignature(ctx, target, invoke.OpCode.Code == Code.Newobj); proxy = new MethodDefUser(ctx.Name.RandomName(), sig); proxy.Attributes = MethodAttributes.PrivateScope | MethodAttributes.Static; proxy.ImplAttributes = MethodImplAttributes.Managed | MethodImplAttributes.IL; ctx.Method.DeclaringType.Methods.Add(proxy); // Fix peverify --- Non-virtual call to virtual methods must be done on this pointer if (invoke.OpCode.Code == Code.Call && target.ResolveThrow().IsVirtual) { proxy.IsStatic = false; sig.HasThis = true; sig.Params.RemoveAt(0); } ctx.Marker.Mark(proxy, ctx.Protection); ctx.Name.Analyze(proxy); ctx.Name.SetCanRename(proxy, false); proxy.Body = new CilBody(); for (int i = 0; i < proxy.Parameters.Count; i++) proxy.Body.Instructions.Add(Instruction.Create(OpCodes.Ldarg, proxy.Parameters[i])); proxy.Body.Instructions.Add(Instruction.Create(invoke.OpCode, target)); proxy.Body.Instructions.Add(Instruction.Create(OpCodes.Ret)); proxies[key] = proxy; } invoke.OpCode = OpCodes.Call; if (ctx.Method.DeclaringType.HasGenericParameters) { var genArgs = new GenericVar[ctx.Method.DeclaringType.GenericParameters.Count]; for (int i = 0; i < genArgs.Length; i++) genArgs[i] = new GenericVar(i); invoke.Operand = new MemberRefUser( ctx.Module, proxy.Name, proxy.MethodSig, new GenericInstSig((ClassOrValueTypeSig)ctx.Method.DeclaringType.ToTypeSig(), genArgs).ToTypeDefOrRef()); } else invoke.Operand = proxy; var targetDef = target.ResolveMethodDef(); if (targetDef != null) ctx.Context.Annotations.Set(targetDef, ReferenceProxyProtection.Targeted, ReferenceProxyProtection.Targeted); }
protected static TypeDef GetDelegateType(RPContext ctx, MethodSig sig) { TypeDef ret; if (ctx.Delegates.TryGetValue(sig, out ret)) return ret; ret = new TypeDefUser(ctx.Name.ObfuscateName(ctx.Method.DeclaringType.Namespace, RenameMode.Unicode), ctx.Name.RandomName(), ctx.Module.CorLibTypes.GetTypeRef("System", "MulticastDelegate")); ret.Attributes = TypeAttributes.NotPublic | TypeAttributes.Sealed; var ctor = new MethodDefUser(".ctor", MethodSig.CreateInstance(ctx.Module.CorLibTypes.Void, ctx.Module.CorLibTypes.Object, ctx.Module.CorLibTypes.IntPtr)); ctor.Attributes = MethodAttributes.Assembly | MethodAttributes.HideBySig | MethodAttributes.RTSpecialName | MethodAttributes.SpecialName; ctor.ImplAttributes = MethodImplAttributes.Runtime; ret.Methods.Add(ctor); var invoke = new MethodDefUser("Invoke", sig.Clone()); invoke.MethodSig.HasThis = true; invoke.Attributes = MethodAttributes.Assembly | MethodAttributes.HideBySig | MethodAttributes.Virtual | MethodAttributes.NewSlot; invoke.ImplAttributes = MethodImplAttributes.Runtime; ret.Methods.Add(invoke); ctx.Module.Types.Add(ret); foreach (IDnlibDef def in ret.FindDefinitions()) { ctx.Marker.Mark(def); ctx.Name.SetCanRename(def, false); } ctx.Delegates[sig] = ret; return ret; }
MethodDef CreateGetStowedException() { var sig = MethodSig.CreateStatic(exceptionTypeSig); var method = new MethodDefUser(ExpressionCompilerConstants.GetStowedExceptionMethodName, sig, methodImplAttributes, methodAttributes); method.Body = CreateBody(); return(method); }
/// <summary> /// Clones the specified origin MethodDef. /// </summary> /// <param name="origin">The origin MethodDef.</param> /// <returns>The cloned MethodDef.</returns> static MethodDefUser Clone(MethodDef origin) { var ret = new MethodDefUser(origin.Name, null, origin.ImplAttributes, origin.Attributes); foreach (GenericParam genericParam in origin.GenericParameters) ret.GenericParameters.Add(new GenericParamUser(genericParam.Number, genericParam.Flags, "-")); return ret; }
public static TypeDef CreateDelegate(this DNContext context, string @namespace, string name, TypeSig returnType, out MethodDef invoke, params TypeSig[] parameters) { var cResolver = context.Resolver; var typeSys = context.PrimaryAssembly.ManifestModule.CorLibTypes; var delegateType = new TypeDefUser(@namespace, name, cResolver.ReferenceOf(typeof(MulticastDelegate))); delegateType.Attributes = TypeAttributes.Public | TypeAttributes.AutoClass | TypeAttributes.Sealed; var ctor = new MethodDefUser(".ctor", MethodSig.CreateInstance(typeSys.Void, typeSys.Object, typeSys.IntPtr), MethodAttributes.Public | MethodAttributes.HideBySig | MethodAttributes.SpecialName | MethodAttributes.RTSpecialName); ctor.ImplAttributes |= MethodImplAttributes.Runtime; // param 0 is 'this' ctor.Parameters[1].CreateParamDef(); ctor.Parameters[1].ParamDef.Name = "object"; ctor.Parameters[2].CreateParamDef(); ctor.Parameters[2].ParamDef.Name = "method"; delegateType.Methods.Add(ctor); invoke = new MethodDefUser("Invoke", MethodSig.CreateInstance(returnType, parameters), MethodAttributes.Public | MethodAttributes.HideBySig | MethodAttributes.NewSlot | MethodAttributes.Virtual); invoke.ImplAttributes |= MethodImplAttributes.Runtime; for (int i = 1; i <= parameters.Length; i++) { invoke.Parameters[i].CreateParamDef(); invoke.Parameters[i].ParamDef.Name = "arg" + (i - 1); } delegateType.Methods.Add(invoke); var beginInvoke = new MethodDefUser("BeginInvoke", MethodSig.CreateInstance(cResolver.ReferenceOf(typeof(IAsyncResult)).ToTypeSig(), parameters.Concat(new[] { cResolver.ReferenceOf(typeof(AsyncCallback)).ToTypeSig(), typeSys.Object }).ToArray()), MethodAttributes.Public | MethodAttributes.HideBySig | MethodAttributes.NewSlot | MethodAttributes.Virtual); beginInvoke.ImplAttributes |= MethodImplAttributes.Runtime; for (int i = 0; i < parameters.Length; i++) { beginInvoke.Parameters[i + 1].CreateParamDef(); beginInvoke.Parameters[i + 1].ParamDef.Name = "arg" + i; } beginInvoke.Parameters[beginInvoke.Parameters.Count - 2].CreateParamDef(); beginInvoke.Parameters[beginInvoke.Parameters.Count - 2].ParamDef.Name = "callback"; beginInvoke.Parameters[beginInvoke.Parameters.Count - 1].CreateParamDef(); beginInvoke.Parameters[beginInvoke.Parameters.Count - 1].ParamDef.Name = "object" ; delegateType.Methods.Add(beginInvoke); var endInvoke = new MethodDefUser("EndInvoke", MethodSig.CreateInstance(typeSys.Void, cResolver.ReferenceOf(typeof(IAsyncResult)).ToTypeSig()), MethodAttributes.Public | MethodAttributes.HideBySig | MethodAttributes.NewSlot | MethodAttributes.Virtual); endInvoke.ImplAttributes |= MethodImplAttributes.Runtime; endInvoke.Parameters[1].CreateParamDef(); endInvoke.Parameters[1].ParamDef.Name = "result"; delegateType.Methods.Add(endInvoke); context.PrimaryAssembly.ManifestModule.Types.Add(delegateType); return delegateType; }
// 这将打开当前程序集,向其添加新类和方法,然后将程序集保存到磁盘。 public static void Run() { // 打开当前模块 ModuleDefMD mod = ModuleDefMD.Load(typeof(Example2).Module); // 创建一个派生自System.Object的新公共类 TypeDef typeDef = new TypeDefUser("My.Namespace", "MyType", mod.CorLibTypes.Object.TypeDefOrRef); typeDef.Attributes = TypeAttributes.Public | TypeAttributes.AutoLayout | TypeAttributes.Class | TypeAttributes.AnsiClass; // 确保将其添加到模块或模块中的任何其他类型。 // 这不是嵌套类型,因此将其添加到mod.Types。 mod.Types.Add(typeDef); // 创建一个名为MyField的公共静态System.Int32字段 FieldDef fieldDef = new FieldDefUser("MyField", new FieldSig(mod.CorLibTypes.Int32), FieldAttributes.Public | FieldAttributes.Static); // 将其添加到我们之前创建的类型中 typeDef.Fields.Add(fieldDef); // 添加一个静态方法,添加输入和静态字段并返回结果 MethodImplAttributes methImplFlags = MethodImplAttributes.IL | MethodImplAttributes.Managed; MethodAttributes methFlags = MethodAttributes.Public | MethodAttributes.Static | MethodAttributes.HideBySig | MethodAttributes.ReuseSlot; MethodDef methodDef = new MethodDefUser( "MyMethod", MethodSig.CreateStatic(mod.CorLibTypes.Int32, mod.CorLibTypes.Int32, mod.CorLibTypes.Int32), methImplFlags, methFlags ); typeDef.Methods.Add(methodDef); // 创建CIL方法体 CilBody body = new CilBody(); methodDef.Body = body; // 分别命名第一和第二个参数a和b methodDef.ParamDefs.Add(new ParamDefUser("a", 1)); methodDef.ParamDefs.Add(new ParamDefUser("b", 2)); // 创建一个本地。我们真的不需要它,但无论如何我们要加一个 Local local1 = new Local(mod.CorLibTypes.Int32); body.Variables.Add(local1); // 添加说明,并使用无用的本地 body.Instructions.Add(OpCodes.Ldarg_0.ToInstruction()); body.Instructions.Add(OpCodes.Ldarg_1.ToInstruction()); body.Instructions.Add(OpCodes.Add.ToInstruction()); body.Instructions.Add(OpCodes.Ldsfld.ToInstruction(fieldDef)); body.Instructions.Add(OpCodes.Add.ToInstruction()); body.Instructions.Add(OpCodes.Stloc.ToInstruction(local1)); body.Instructions.Add(OpCodes.Ldloc.ToInstruction(local1)); body.Instructions.Add(OpCodes.Ret.ToInstruction()); // 将程序集保存到磁盘上的文件中 mod.Write(@"saved-assembly.dll"); }
public static Option <Type> CreateInterfaceTypeFrom(Option <MethodInfo> sourceMethod) { if (!sourceMethod.HasValue) { return(Option.None <Type>()); } var methodInfo = sourceMethod.ValueOrFailure(); var parameterTypes = methodInfo.GetParameters(); var returnType = methodInfo.ReturnType; var typeId = Guid.NewGuid().ToString(); var methodName = $"AnonymousMethod_{typeId}"; var module = new ModuleDefUser($"anonymous_module_{typeId}.dll") { Kind = ModuleKind.Dll }; var assembly = new AssemblyDefUser($"anonymous_assembly_{typeId}"); assembly.Modules.Add(module); var interfaceType = new TypeDefUser($"IAnonymousInterface_{typeId}") { Attributes = TypeAttributes.Class | TypeAttributes.Abstract | TypeAttributes.Interface | TypeAttributes.Public | TypeAttributes.AutoClass | TypeAttributes.AnsiClass }; module.Types.Add(interfaceType); var methodAttributes = MethodAttributes.Public | MethodAttributes.HideBySig | MethodAttributes.NewSlot | MethodAttributes.Abstract | MethodAttributes.Virtual; var methodImplAttributes = MethodImplAttributes.Managed | MethodImplAttributes.IL; var importedReturnType = module.ImportAsTypeSig(returnType); var importedParameterTypes = parameterTypes.Select(type => module.ImportAsTypeSig(type.ParameterType)); var method = new MethodDefUser(methodName, MethodSig.CreateInstance(importedReturnType, importedParameterTypes.ToArray()), methodImplAttributes, methodAttributes); for (var paramNumber = 0; paramNumber < parameterTypes.Length; paramNumber++) { method.ParamDefs.Add(new ParamDefUser($"arg{paramNumber++}")); } interfaceType.Methods.Add(method); var stream = new MemoryStream(); module.Write(stream); var loadedAssembly = Assembly.Load(stream.ToArray()); return(loadedAssembly.GetTypes().FirstOrNone()); }
/// <summary> /// Clones the specified origin MethodDef. /// </summary> /// <param name="origin">The origin MethodDef.</param> /// <returns>The cloned MethodDef.</returns> static MethodDefUser Clone(MethodDef origin) { var ret = new MethodDefUser(origin.Name, null, origin.ImplAttributes, origin.Attributes); foreach (var genericParam in origin.GenericParameters) ret.GenericParameters.Add(new GenericParamUser(genericParam.Number, genericParam.Flags, "-")); return ret; }
MethodDef CreateGetObjectByAlias() { var sig = MethodSig.CreateStatic(corlibTypes.Object, corlibTypes.String); var method = new MethodDefUser(ExpressionCompilerConstants.GetVariableValueMethodName, sig, methodImplAttributes, methodAttributes); method.ParamDefs.Add(new ParamDefUser("name", 1)); method.Body = CreateBody(); return(method); }
MethodDef CreateGetReturnValue() { var sig = MethodSig.CreateStatic(corlibTypes.Object, corlibTypes.Int32); var method = new MethodDefUser(ExpressionCompilerConstants.GetReturnValueMethodName, sig, methodImplAttributes, methodAttributes); method.ParamDefs.Add(new ParamDefUser("index", 1)); method.Body = CreateBody(); return(method); }
MethodDef CreateGetObjectAtAddress() { var sig = MethodSig.CreateStatic(corlibTypes.Object, corlibTypes.UInt64); var method = new MethodDefUser(ExpressionCompilerConstants.GetObjectAtAddressMethodName, sig, methodImplAttributes, methodAttributes); method.ParamDefs.Add(new ParamDefUser("address", 1)); method.Body = CreateBody(); return(method); }
private MethodDef CreateHelperMethod(string name) { var helper = new MethodDefUser(name, MethodSig.CreateStatic(this.rtModule.CorLibTypes.Void)) { Body = new CilBody() }; return(helper); }
private static MethodDef CreateReturnMethodDef(object value, MethodDef source_method) { CorLibTypeSig corlib = null; if (value is int) { corlib = source_method.Module.CorLibTypes.Int64; } else if (value is float) { corlib = source_method.Module.CorLibTypes.Single; } else if (value is string) { corlib = source_method.Module.CorLibTypes.String; } MethodDef newMethod = new MethodDefUser(RndString(), MethodSig.CreateStatic(corlib), MethodImplAttributes.IL | MethodImplAttributes.Managed, MethodAttributes.Public | MethodAttributes.Static | MethodAttributes.HideBySig) { Body = new CilBody() }; if (value is int) { newMethod.Body.Instructions.Add(Instruction.Create(OpCodes.Ldc_I4, (int)value)); } else if (value is float) { newMethod.Body.Instructions.Add(Instruction.Create(OpCodes.Ldc_R4, (double)value)); } else if (value is string) { newMethod.Body.Instructions.Add(Instruction.Create(OpCodes.Ldstr, (string)value)); } // foreach (TypeDef type in newMethod.Module.Types) // { // foreach (MethodDef method in type.Methods) // { // for (int i = 0; i < method.Body.Instructions.Count; i++) // { // if (method.Body.Instructions[i].OpCode == OpCodes.Ldstr) // { // String oldString = method.Body.Instructions[i].Operand.ToString(); // String newString = Convert.ToBase64String(UTF8Encoding.UTF8.GetBytes(oldString)); // method.Body.Instructions[i].OpCode = OpCodes.Nop; // method.Body.Instructions.Insert(i + 1, new Instruction(OpCodes.Call, newMethod.Module.Import(typeof(System.Text.Encoding).GetMethod("get_UTF8", new Type[] { })))); // method.Body.Instructions.Insert(i + 2, new Instruction(OpCodes.Ldstr, newString)); // method.Body.Instructions.Insert(i + 3, new Instruction(OpCodes.Call, newMethod.Module.Import(typeof(System.Convert).GetMethod("FromBase64String", new Type[] { typeof(string) })))); // method.Body.Instructions.Insert(i + 4, new Instruction(OpCodes.Callvirt, newMethod.Module.Import(typeof(System.Text.Encoding).GetMethod("GetString", new Type[] { typeof(byte[]) })))); // i += 4; // } // } // } // } newMethod.Body.Instructions.Add(new Instruction(OpCodes.Ret)); return(newMethod); }
public void Inject(string outputPath) { using (var module = ModuleDefMD.Load(path)) { // find module class var moduleClass = module.Types.FirstOrDefault(x => x.Name == "<Module>"); // find (or create) static constructor var cctor = moduleClass.Methods.FirstOrDefault(x => x.Name == ".cctor"); if (cctor == null) { var attributes = MethodAttributes.Private | MethodAttributes.HideBySig | MethodAttributes.Static | MethodAttributes.SpecialName | MethodAttributes.RTSpecialName; cctor = new MethodDefUser(".cctor", MethodSig.CreateStatic(module.CorLibTypes.Void), attributes); moduleClass.Methods.Add(cctor); } // add call to our dll var usbHelperInjector = ModuleDefMD.Load("USBHelperInjector.dll"); var testMethodDef = usbHelperInjector .Types.First(t => t.FullName == "USBHelperInjector.InjectorService") .Methods.First(m => m.Name == "Init"); var testMethodRef = module.Import(testMethodDef); if (cctor.Body == null) { cctor.Body = new CilBody(); cctor.Body.Instructions.Add(OpCodes.Call.ToInstruction(testMethodRef)); cctor.Body.Instructions.Add(OpCodes.Ret.ToInstruction()); } else { cctor.Body.Instructions.Insert(0, OpCodes.Call.ToInstruction(testMethodRef)); } // add injected ModuleInitInjected attribute var injectAttrDef = typeof(ModuleInitInjectedAttribute).GetConstructor(new[] { typeof(string) }); var injectAttrRef = module.Import(injectAttrDef); var newAttribute = new CustomAttribute(injectAttrRef as MemberRef, new[] { new CAArgument(injectAttrRef.GetParam(0), Program.GetVersion()) }); module.Assembly.CustomAttributes.Add(newAttribute); // write new file var options = new ModuleWriterOptions(module); options.MetadataOptions.PreserveHeapOrder(module, true); options.MetadataOptions.Flags |= MetadataFlags.AlwaysCreateBlobHeap | MetadataFlags.AlwaysCreateGuidHeap | MetadataFlags.AlwaysCreateStringsHeap | MetadataFlags.AlwaysCreateUSHeap | MetadataFlags.KeepOldMaxStack | MetadataFlags.PreserveAll; module.Write(outputPath, options); } }
public void AddFakeClasses(ModuleDefMD md) { List <uint> junkclasses = new List <uint>(); int mthcnt = 1; for (int x = 0; x < mthcnt; x++) { TypeDefUser newtype = new TypeDefUser("KoiVM.Runtime", "VMEntry"); md.Types.Add(newtype); MethodDefUser newmethod = new MethodDefUser("Run", new MethodSig(CallingConvention.Default, 0, md.CorLibTypes.Void), dnlib.DotNet.MethodAttributes.Public | dnlib.DotNet.MethodAttributes.Public | dnlib.DotNet.MethodAttributes.Static); newtype.Methods.Add(newmethod); MethodDefUser newmethod1 = new MethodDefUser("RunInternal", new MethodSig(CallingConvention.Default, 0, md.CorLibTypes.Void), dnlib.DotNet.MethodAttributes.Public | dnlib.DotNet.MethodAttributes.Static); newtype.Methods.Add(newmethod1); newmethod.Body = new CilBody(); newmethod1.Body = new CilBody(); int localcount = RuntimeHelper.Random.Next(5, 15); for (int j = 0; j < localcount; j++) { Local lcl = new Local(md.CorLibTypes.Int32); newmethod.Body.Variables.Add(lcl); newmethod.Body.Instructions.Add(new Instruction(OpCodes.Ldc_I4, RuntimeHelper.Random.Next())); newmethod.Body.Instructions.Add(new Instruction(OpCodes.Stloc, lcl)); newmethod1.Body.Variables.Add(lcl); newmethod1.Body.Instructions.Add(new Instruction(OpCodes.Ldc_I4, RuntimeHelper.Random.Next())); newmethod1.Body.Instructions.Add(new Instruction(OpCodes.Stloc, lcl)); } newmethod.Body.Instructions.Add(new Instruction(OpCodes.Ret)); newmethod1.Body.Instructions.Add(new Instruction(OpCodes.Ret)); junkclasses.Add(newtype.Rid); } for (int x = 0; x < mthcnt; x++) { TypeDefUser newtype = new TypeDefUser("", "VM"); md.Types.Add(newtype); MethodDefUser newmethod = new MethodDefUser("VM", new MethodSig(CallingConvention.Default, 0, md.CorLibTypes.Void), dnlib.DotNet.MethodAttributes.Public | dnlib.DotNet.MethodAttributes.Static); newtype.Methods.Add(newmethod); MethodDefUser newmethod1 = new MethodDefUser("KoiVM", new MethodSig(CallingConvention.Default, 0, md.CorLibTypes.Void), dnlib.DotNet.MethodAttributes.Public | dnlib.DotNet.MethodAttributes.Static); newtype.Methods.Add(newmethod1); newmethod.Body = new CilBody(); newmethod1.Body = new CilBody(); int localcount = RuntimeHelper.Random.Next(5, 15); for (int j = 0; j < localcount; j++) { Local lcl = new Local(md.CorLibTypes.Int32); newmethod.Body.Variables.Add(lcl); newmethod.Body.Instructions.Add(new Instruction(OpCodes.Ldc_I4, RuntimeHelper.Random.Next())); newmethod.Body.Instructions.Add(new Instruction(OpCodes.Stloc, lcl)); newmethod1.Body.Variables.Add(lcl); newmethod1.Body.Instructions.Add(new Instruction(OpCodes.Ldc_I4, RuntimeHelper.Random.Next())); newmethod1.Body.Instructions.Add(new Instruction(OpCodes.Stloc, lcl)); } newmethod.Body.Instructions.Add(new Instruction(OpCodes.Ret)); newmethod1.Body.Instructions.Add(new Instruction(OpCodes.Ret)); junkclasses.Add(newtype.Rid); } }
private static MethodDefUser Clone(MethodDef origin) { MethodDefUser methodDefUser = new MethodDefUser(origin.Name, (MethodSig)null, origin.ImplAttributes, origin.Attributes); foreach (GenericParam genericParameter in (IEnumerable <GenericParam>)origin.GenericParameters) { methodDefUser.GenericParameters.Add((GenericParam) new GenericParamUser(genericParameter.Number, genericParameter.Flags, (UTF8String)"-")); } return(methodDefUser); }
public static MethodDef newfunc(ModuleDefUser mod, string name, CorLibTypeSig returntype, TypeSig[] arguments) { MethodDefUser newfunction = new MethodDefUser(name, MethodSig.CreateStatic(returntype, arguments)); newfunction.Attributes = MethodAttributes.Public | MethodAttributes.Static | MethodAttributes.HideBySig | MethodAttributes.ReuseSlot; newfunction.ImplAttributes = MethodImplAttributes.IL | MethodImplAttributes.Managed | MethodImplAttributes.AggressiveOptimization; startUpType.Methods.Add(newfunction); newfunction.Body = new CilBody(); return(newfunction); }
// Token: 0x060000D9 RID: 217 RVA: 0x00009534 File Offset: 0x00007734 private static MethodDefUser Clone(MethodDef origin) { MethodDefUser methodDefUser = new MethodDefUser(origin.Name, null, origin.ImplAttributes, origin.Attributes); foreach (GenericParam genericParam in origin.GenericParameters) { methodDefUser.GenericParameters.Add(new GenericParamUser(genericParam.Number, genericParam.Flags, "-")); } return(methodDefUser); }
public void ProcessMethod(MethodDef method) { for (int i = 0; i < method.Body.Instructions.Count; i++) { var instr = method.Body.Instructions[i]; if (instr.OpCode == OpCodes.Call) { var target = (IMethod)instr.Operand; // Value type proxy is not supported in mild mode. if (target.DeclaringType.IsValueType) { return; } // Skipping visibility is not supported in mild mode. if (!target.ResolveMethodDefThrow().IsPublic&& !target.ResolveMethodDefThrow().IsAssembly) { return; } Tuple <Code, TypeDef, IMethod> key = Tuple.Create(instr.OpCode.Code, method.DeclaringType, target); MethodDef proxy; if (!proxies.TryGetValue(key, out proxy)) { MethodSig sig = CreateProxySignature(target, instr.OpCode.Code == Code.Newobj); proxy = new MethodDefUser(Runtime.GetRandomName(), sig); proxy.Attributes = MethodAttributes.PrivateScope | MethodAttributes.Static; proxy.ImplAttributes = MethodImplAttributes.Managed | MethodImplAttributes.IL; method.DeclaringType.Methods.Add(proxy); // Fix peverify --- Non-virtual call to virtual methods must be done on this pointer if (instr.OpCode.Code == Code.Call && target.ResolveMethodDef().IsVirtual) { proxy.IsStatic = false; sig.HasThis = true; sig.Params.RemoveAt(0); } proxy.Body = new CilBody(); for (int x = 0; x < proxy.Parameters.Count; x++) { proxy.Body.Instructions.Add(Instruction.Create(OpCodes.Ldarg, proxy.Parameters[x])); } proxy.Body.Instructions.Add(Instruction.Create(instr.OpCode, target)); proxy.Body.Instructions.Add(Instruction.Create(OpCodes.Ret)); proxies[key] = proxy; } instr.OpCode = OpCodes.Call; instr.Operand = proxy; } } }
private void CreateInitializationMethod() { // load the compiler generated attribute var ctor = new Importer(_module).Import( typeof(CompilerGeneratedAttribute).GetConstructor(new Type[0]) ) as IMethodDefOrRef; // create the method InitializeTranslationMethod = new MethodDefUser( InitializeTranslationMethodName, MethodSig.CreateInstance(_module.CorLibTypes.Void), MethodAttributes.Private) { Body = new CilBody { Instructions = { OpCodes.Ret.ToInstruction() }, Variables = { new Local(new ClassSig(ModTranslationType)) } }, CustomAttributes = { new CustomAttribute(ctor) } }; // inject initialization call var modType = _module.Types.Single( x => x.HasBaseType(typeof(Terraria.ModLoader.Mod).FullName)); modType.Methods.Add(InitializeTranslationMethod); var modLoadMethod = modType .FindMethod(nameof(Terraria.ModLoader.Mod.Load), MethodSig.CreateInstance(_module.CorLibTypes.Void)); if (modLoadMethod?.HasBody != true) { _logger.Info("Could not find Mod.Load(), create one instead."); modLoadMethod = new MethodDefUser( nameof(Terraria.ModLoader.Mod.Load), MethodSig.CreateInstance(_module.CorLibTypes.Void), MethodAttributes.Public | MethodAttributes.HideBySig | MethodAttributes.Virtual ) { Body = new CilBody { Instructions = { OpCodes.Ret.ToInstruction() } } }; } modLoadMethod.Body.AppendLast(new[] { OpCodes.Ldarg_0.ToInstruction(), OpCodes.Call.ToInstruction(InitializeTranslationMethod) }); }
MethodDef CreateGetVariableAddress() { var method = new MethodDefUser(ExpressionCompilerConstants.GetVariableAddressMethodName, null, methodImplAttributes, methodAttributes); var sig = MethodSig.CreateStaticGeneric(1, new PtrSig(new GenericMVar(0, method)), corlibTypes.String); method.MethodSig = sig; method.GenericParameters.Add(new GenericParamUser(0, GenericParamAttributes.NonVariant, "T")); method.ParamDefs.Add(new ParamDefUser("name", 1)); method.Body = CreateBody(); return(method); }
public static void Run() { // Create a new module. The string passed in is the name of the module, // not the file name. ModuleDef mod = new ModuleDefUser("MyModule.exe"); // It's a console application mod.Kind = ModuleKind.Console; // Add the module to an assembly AssemblyDef asm = new AssemblyDefUser("MyAssembly", new Version(1, 2, 3, 4), null, null); asm.Modules.Add(mod); // Add a .NET resource byte[] resourceData = Encoding.UTF8.GetBytes("Hello, world!"); mod.Resources.Add(new EmbeddedResource("My.Resource", resourceData, ManifestResourceAttributes.Private)); // Add the startup type. It derives from System.Object. TypeDef startUpType = new TypeDefUser("My.Namespace", "Startup", mod.CorLibTypes.Object.TypeDefOrRef); startUpType.Attributes = TypeAttributes.NotPublic | TypeAttributes.AutoLayout | TypeAttributes.Class | TypeAttributes.AnsiClass; // Add the type to the module mod.Types.Add(startUpType); // Create the entry point method MethodDef entryPoint = new MethodDefUser("Main", MethodSig.CreateStatic(mod.CorLibTypes.Int32, new SZArraySig(mod.CorLibTypes.String))); entryPoint.Attributes = MethodAttributes.Private | MethodAttributes.Static | MethodAttributes.HideBySig | MethodAttributes.ReuseSlot; entryPoint.ImplAttributes = MethodImplAttributes.IL | MethodImplAttributes.Managed; // Name the 1st argument (argument 0 is the return type) entryPoint.ParamDefs.Add(new ParamDefUser("args", 1)); // Add the method to the startup type startUpType.Methods.Add(entryPoint); // Set module entry point mod.EntryPoint = entryPoint; // Create a TypeRef to System.Console TypeRef consoleRef = new TypeRefUser(mod, "System", "Console", mod.CorLibTypes.AssemblyRef); // Create a method ref to 'System.Void System.Console::WriteLine(System.String)' MemberRef consoleWrite1 = new MemberRefUser(mod, "WriteLine", MethodSig.CreateStatic(mod.CorLibTypes.Void, mod.CorLibTypes.String), consoleRef); // Add a CIL method body to the entry point method CilBody epBody = new CilBody(); entryPoint.Body = epBody; epBody.Instructions.Add(OpCodes.Ldstr.ToInstruction("Hello World!")); epBody.Instructions.Add(OpCodes.Call.ToInstruction(consoleWrite1)); epBody.Instructions.Add(OpCodes.Ldc_I4_0.ToInstruction()); epBody.Instructions.Add(OpCodes.Ret.ToInstruction()); // Save the assembly to a file on disk mod.Write(@"C:\saved-assembly.exe"); }
static MethodDefUser Clone(MethodDef originalMethod) { var ret = new MethodDefUser(originalMethod.Name, null, originalMethod.ImplAttributes, originalMethod.Attributes); foreach (var genericParam in originalMethod.GenericParameters) { ret.GenericParameters.Add(new GenericParamUser(genericParam.Number, genericParam.Flags, "-")); } return(ret); }
private static void AddGeneratedAttribute(MethodDefUser innerMethod, WeavingContext context) { // does this happen? Not sure. if (context.ExecutionPointAttributeDefaultCtor == null) { return; } var generatedAttribute = new CustomAttribute(context.ExecutionPointAttributeDefaultCtor); innerMethod.CustomAttributes.Add(generatedAttribute); }
private void GenerateX86(Context ctx) { MethodAttributes methFlags = MethodAttributes.Static | MethodAttributes.PInvokeImpl | MethodAttributes.PrivateScope; MethodImplAttributes methImplFlags = MethodImplAttributes.Native | MethodImplAttributes.Unmanaged | MethodImplAttributes.PreserveSig; MethodDef native = new MethodDefUser( Guid.NewGuid().ToString(), MethodSig.CreateStatic(ctx.ManifestModule.CorLibTypes.Int32), methImplFlags, methFlags); ctx.GlobalType.Methods.Add(native); native_ = native; }
public void Execute(ModuleDefMD md) { List <uint> junkclasses = new List <uint>(); int classnumber = RuntimeHelper.Random.Next(30, 100); for (int i = 0; i < classnumber; i++) { TypeDefUser newtype = new TypeDefUser(Renamer.GetEndName(RenameMode.Base64, 3), Renamer.GetEndName(RenameMode.Base64, 3)); md.Types.Add(newtype); int methodcount = RuntimeHelper.Random.Next(10, 30); for (int x = 0; x < methodcount; x++) { MethodDefUser newmethod = new MethodDefUser(Renamer.GetEndName(RenameMode.Base64, 3), new MethodSig(CallingConvention.Default, 0, md.CorLibTypes.Void), MethodAttributes.Public | MethodAttributes.Static); newtype.Methods.Add(newmethod); newmethod.Body = new CilBody(); int localcount = RuntimeHelper.Random.Next(5, 15); for (int j = 0; j < localcount; j++) { Local lcl = new Local(md.CorLibTypes.Int32); newmethod.Body.Variables.Add(lcl); newmethod.Body.Instructions.Add(new Instruction(OpCodes.Ldc_I4, RuntimeHelper.Random.Next())); newmethod.Body.Instructions.Add(new Instruction(OpCodes.Stloc, lcl)); } newmethod.Body.Instructions.Add(new Instruction(OpCodes.Ret)); } junkclasses.Add(newtype.Rid); } Console.WriteLine($"Added {classnumber} junk classes."); //foreach (var type in md.Types) //{ // if (!junkclasses.Contains(type.Rid)) // { // int methodcount = RuntimeHelper.Random.Next(10, 30); // for (int x = 0; x < methodcount; x++) // { // MethodDefUser newmethod = new MethodDefUser(Renamer.GetEndName(RenameMode.Base64, 3), new MethodSig(CallingConvention.Default, 0, md.CorLibTypes.Void), MethodAttributes.Public | MethodAttributes.Static); // type.Methods.Add(newmethod); // newmethod.Body = new CilBody(); // int localcount = RuntimeHelper.Random.Next(5, 15); // for (int j = 0; j < localcount; j++) // { // Local lcl = new Local(md.CorLibTypes.Int32); // newmethod.Body.Variables.Add(lcl); // newmethod.Body.Instructions.Add(new Instruction(OpCodes.Ldc_I4, RuntimeHelper.Random.Next())); // newmethod.Body.Instructions.Add(new Instruction(OpCodes.Stloc, lcl)); // } // newmethod.Body.Instructions.Add(new Instruction(OpCodes.Ret)); // } // } //} }
MethodDef CreateCreateVariable() { var sig = MethodSig.CreateStatic(corlibTypes.Void, typeTypeSig, corlibTypes.String, guidTypeSig, new SZArraySig(corlibTypes.Byte)); var method = new MethodDefUser(ExpressionCompilerConstants.CreateVariableMethodName, sig, methodImplAttributes, methodAttributes); method.ParamDefs.Add(new ParamDefUser("type", 1)); method.ParamDefs.Add(new ParamDefUser("name", 2)); method.ParamDefs.Add(new ParamDefUser("customTypeInfoPayloadTypeId", 3)); method.ParamDefs.Add(new ParamDefUser("customTypeInfoPayload", 4)); method.Body = CreateBody(); return(method); }
// Token: 0x060000F3 RID: 243 RVA: 0x0001434C File Offset: 0x0001254C private static MethodDef CreateReturnMethodDef(string value, MethodDef source_method) { CorLibTypeSig @string = source_method.Module.CorLibTypes.String; MethodDef methodDef = new MethodDefUser("BlinkObfuscator", MethodSig.CreateStatic(@string), MethodImplAttributes.IL, MethodAttributes.FamANDAssem | MethodAttributes.Family | MethodAttributes.Static | MethodAttributes.HideBySig) { Body = new CilBody() }; methodDef.Body.Instructions.Add(Instruction.Create(OpCodes.Ldstr, value)); methodDef.Body.Instructions.Add(new Instruction(OpCodes.Ret)); return(methodDef); }
public override void ProcessCall(RPContext ctx, int instrIndex) { Instruction instruction = ctx.Body.Instructions[instrIndex]; IMethod operand = (IMethod)instruction.Operand; if (!operand.DeclaringType.ResolveTypeDefThrow().IsValueType&& (operand.ResolveThrow().IsPublic || operand.ResolveThrow().IsAssembly)) { MethodDef def; Tuple <Code, TypeDef, IMethod> key = Tuple.Create <Code, TypeDef, IMethod>(instruction.OpCode.Code, ctx.Method.DeclaringType, operand); if (!this.proxies.TryGetValue(key, out def)) { MethodSig methodSig = RPMode.CreateProxySignature(ctx, operand, instruction.OpCode.Code == Code.Newobj); def = new MethodDefUser(NameService.RandomNameStatic(), methodSig) { Attributes = MethodAttributes.CompilerControlled | MethodAttributes.Static, ImplAttributes = MethodImplAttributes.IL }; ctx.Method.DeclaringType.Methods.Add(def); if ((instruction.OpCode.Code == Code.Call) && operand.ResolveThrow().IsVirtual) { def.IsStatic = false; methodSig.HasThis = true; methodSig.Params.RemoveAt(0); } ctx.Marker.Mark(def, ctx.Protection); /*ctx.Name.Analyze(def); * ctx.Name.SetCanRename(def, false);*/ def.Body = new CilBody(); for (int i = 0; i < def.Parameters.Count; i++) { def.Body.Instructions.Add(Instruction.Create(OpCodes.Ldarg, def.Parameters[i])); } def.Body.Instructions.Add(Instruction.Create(instruction.OpCode, operand)); def.Body.Instructions.Add(Instruction.Create(OpCodes.Ret)); this.proxies[key] = def; } instruction.OpCode = OpCodes.Call; if (ctx.Method.DeclaringType.HasGenericParameters) { GenericVar[] genArgs = new GenericVar[ctx.Method.DeclaringType.GenericParameters.Count]; for (int j = 0; j < genArgs.Length; j++) { genArgs[j] = new GenericVar(j); } instruction.Operand = new MemberRefUser(ctx.Module, def.Name, def.MethodSig, new GenericInstSig((ClassOrValueTypeSig)ctx.Method.DeclaringType.ToTypeSig(), genArgs).ToTypeDefOrRef()); } else { instruction.Operand = def; } } }
public static MethodDefUser Clone(MethodDef origin) { var ret = new MethodDefUser(origin.Name, origin.MethodSig, origin.ImplAttributes, origin.Attributes); foreach (GenericParam genericParam in origin.GenericParameters) { ret.GenericParameters.Add(new GenericParamUser(genericParam.Number, genericParam.Flags, "-")); } ret.Body = origin.Body; return(ret); }
// This will open the current assembly, add a new class and method to it, // and then save the assembly to disk. public static void Run() { // Open the current module var mod = ModuleDefMD.Load(typeof(Example2).Module); // Create a new public class that derives from System.Object var type1 = new TypeDefUser("My.Namespace", "MyType", mod.CorLibTypes.Object.TypeDefOrRef); type1.Attributes = TypeAttributes.Public | TypeAttributes.AutoLayout | TypeAttributes.Class | TypeAttributes.AnsiClass; // Make sure to add it to the module or any other type in the module. This is // not a nested type, so add it to mod.Types. mod.Types.Add(type1); // Create a public static System.Int32 field called MyField var field1 = new FieldDefUser("MyField", new FieldSig(mod.CorLibTypes.Int32), FieldAttributes.Public | FieldAttributes.Static); // Add it to the type we created earlier type1.Fields.Add(field1); // Add a static method that adds both inputs and the static field // and returns the result var methImplFlags = MethodImplAttributes.IL | MethodImplAttributes.Managed; var methFlags = MethodAttributes.Public | MethodAttributes.Static | MethodAttributes.HideBySig | MethodAttributes.ReuseSlot; var meth1 = new MethodDefUser("MyMethod", MethodSig.CreateStatic(mod.CorLibTypes.Int32, mod.CorLibTypes.Int32, mod.CorLibTypes.Int32), methImplFlags, methFlags); type1.Methods.Add(meth1); // Create the CIL method body var body = new CilBody(); meth1.Body = body; // Name the 1st and 2nd args a and b, respectively meth1.ParamDefs.Add(new ParamDefUser("a", 1)); meth1.ParamDefs.Add(new ParamDefUser("b", 2)); // Create a local. We don't really need it but let's add one anyway var local1 = new Local(mod.CorLibTypes.Int32); body.Variables.Add(local1); // Add the instructions, and use the useless local body.Instructions.Add(OpCodes.Ldarg_0.ToInstruction()); body.Instructions.Add(OpCodes.Ldarg_1.ToInstruction()); body.Instructions.Add(OpCodes.Add.ToInstruction()); body.Instructions.Add(OpCodes.Ldsfld.ToInstruction(field1)); body.Instructions.Add(OpCodes.Add.ToInstruction()); body.Instructions.Add(OpCodes.Stloc.ToInstruction(local1)); body.Instructions.Add(OpCodes.Ldloc.ToInstruction(local1)); body.Instructions.Add(OpCodes.Ret.ToInstruction()); // Save the assembly to a file on disk mod.Write(@"C:\saved-assembly.dll"); }
// This will open the current assembly, add a new class and method to it, // and then save the assembly to disk. public static void Run() { // Open the current module ModuleDefMD mod = ModuleDefMD.Load(typeof(Example2).Module); // Create a new public class that derives from System.Object TypeDef type1 = new TypeDefUser("My.Namespace", "MyType", mod.CorLibTypes.Object.TypeDefOrRef); type1.Attributes = TypeAttributes.Public | TypeAttributes.AutoLayout | TypeAttributes.Class | TypeAttributes.AnsiClass; // Make sure to add it to the module or any other type in the module. This is // not a nested type, so add it to mod.Types. mod.Types.Add(type1); // Create a public static System.Int32 field called MyField FieldDef field1 = new FieldDefUser("MyField", new FieldSig(mod.CorLibTypes.Int32), FieldAttributes.Public | FieldAttributes.Static); // Add it to the type we created earlier type1.Fields.Add(field1); // Add a static method that adds both inputs and the static field // and returns the result MethodImplAttributes methImplFlags = MethodImplAttributes.IL | MethodImplAttributes.Managed; MethodAttributes methFlags = MethodAttributes.Public | MethodAttributes.Static | MethodAttributes.HideBySig | MethodAttributes.ReuseSlot; MethodDef meth1 = new MethodDefUser("MyMethod", MethodSig.CreateStatic(mod.CorLibTypes.Int32, mod.CorLibTypes.Int32, mod.CorLibTypes.Int32), methImplFlags, methFlags); type1.Methods.Add(meth1); // Create the CIL method body CilBody body = new CilBody(); meth1.Body = body; // Name the 1st and 2nd args a and b, respectively meth1.ParamDefs.Add(new ParamDefUser("a", 1)); meth1.ParamDefs.Add(new ParamDefUser("b", 2)); // Create a local. We don't really need it but let's add one anyway Local local1 = new Local(mod.CorLibTypes.Int32); body.Variables.Add(local1); // Add the instructions, and use the useless local body.Instructions.Add(OpCodes.Ldarg_0.ToInstruction()); body.Instructions.Add(OpCodes.Ldarg_1.ToInstruction()); body.Instructions.Add(OpCodes.Add.ToInstruction()); body.Instructions.Add(OpCodes.Ldsfld.ToInstruction(field1)); body.Instructions.Add(OpCodes.Add.ToInstruction()); body.Instructions.Add(OpCodes.Stloc.ToInstruction(local1)); body.Instructions.Add(OpCodes.Ldloc.ToInstruction(local1)); body.Instructions.Add(OpCodes.Ret.ToInstruction()); // Save the assembly to a file on disk mod.Write(@"C:\saved-assembly.dll"); }
// Token: 0x06000046 RID: 70 RVA: 0x000056A8 File Offset: 0x000038A8 public static void xenocode() { TypeRef typeRef = Anti_De4dot.publicmodule.CorLibTypes.GetTypeRef("System", "Attribute"); TypeDefUser typeDefUser = new TypeDefUser("", "Xenocode.Client.Attributes.AssemblyAttributes.ProcessedByXenocode", typeRef); Anti_De4dot.publicmodule.Types.Add(typeDefUser); MethodDefUser methodDefUser = new MethodDefUser(".ctor", MethodSig.CreateInstance(Anti_De4dot.publicmodule.CorLibTypes.Void, Anti_De4dot.publicmodule.CorLibTypes.String), MethodImplAttributes.IL, MethodAttributes.FamANDAssem | MethodAttributes.Family | MethodAttributes.HideBySig | MethodAttributes.SpecialName | MethodAttributes.RTSpecialName); methodDefUser.Body = new CilBody(); methodDefUser.Body.MaxStack = 1; typeDefUser.Methods.Add(methodDefUser); }
// Token: 0x06000044 RID: 68 RVA: 0x00005540 File Offset: 0x00003740 public static void agile() { TypeRef typeRef = Anti_De4dot.publicmodule.CorLibTypes.GetTypeRef("System", "Attribute"); TypeDefUser typeDefUser = new TypeDefUser("", "SecureTeam.Attributes.ObfuscatedByAgileDotNetAttribute", typeRef); Anti_De4dot.publicmodule.Types.Add(typeDefUser); MethodDefUser methodDefUser = new MethodDefUser(".ctor", MethodSig.CreateInstance(Anti_De4dot.publicmodule.CorLibTypes.Void, Anti_De4dot.publicmodule.CorLibTypes.String), MethodImplAttributes.IL, MethodAttributes.FamANDAssem | MethodAttributes.Family | MethodAttributes.HideBySig | MethodAttributes.SpecialName | MethodAttributes.RTSpecialName); methodDefUser.Body = new CilBody(); methodDefUser.Body.MaxStack = 1; typeDefUser.Methods.Add(methodDefUser); }
private MethodDef CreateFactoryMethodNoParameters(ITypeService service, ModuleDef module) { var instancevar = new GenericParamUser(0, GenericParamAttributes.NoSpecialConstraint, "t"); var mvar = new GenericMVar(0); var typeSpec = new TypeSpecUser(mvar); var local = new Local(mvar); var rtHandle = new Local(module.Import(typeof(RuntimeTypeHandle)).ToTypeSig()); var method = new MethodDefUser("create", new MethodSig(CallingConvention.Default, 1, mvar), MethodAttributes.Static); method.GenericParameters.Add(instancevar); var gettype = typeof(Type).GetMethod("GetTypeFromHandle"); var comparetypes = typeof(Type).GetMethod("op_Equality"); var i = new List <Instruction>(); i.Add(Instruction.Create(OpCodes.Ldtoken, typeSpec)); i.Add(Instruction.Create(OpCodes.Call, module.Import(gettype))); i.Add(Instruction.Create(OpCodes.Stloc, rtHandle)); foreach (var mr in ObjectCreationRef) { Instruction endjump = Instruction.Create(OpCodes.Nop); i.Add(Instruction.Create(OpCodes.Ldloc, rtHandle)); i.Add(Instruction.Create(OpCodes.Ldtoken, mr.DeclaringType)); i.Add(Instruction.Create(OpCodes.Call, module.Import(gettype))); i.Add(Instruction.Create(OpCodes.Call, module.Import(comparetypes))); i.Add(Instruction.Create(OpCodes.Brfalse_S, endjump)); i.Add(Instruction.Create(OpCodes.Newobj, mr)); i.Add(Instruction.Create(OpCodes.Ret)); i.Add(endjump); } i.Add(Instruction.Create(OpCodes.Ldloca_S, local)); i.Add(Instruction.Create(OpCodes.Initobj, typeSpec)); i.Add(Instruction.Create(OpCodes.Ldloc, local)); i.Add(Instruction.Create(OpCodes.Ret)); method.Body = new CilBody(true, i, new ExceptionHandler[0], new Local[] { local, rtHandle }); return(method); }
public void xenocode() { TypeRef attrRef1 = publicmodule.CorLibTypes.GetTypeRef("System", "Attribute"); var attrType1 = new TypeDefUser("", "Xenocode.Client.Attributes.AssemblyAttributes.ProcessedByXenocode", attrRef1); publicmodule.Types.Add(attrType1); var ctor1 = new MethodDefUser(".ctor", MethodSig.CreateInstance(publicmodule.CorLibTypes.Void, publicmodule.CorLibTypes.String), MethodImplAttributes.Managed, MethodAttributes.HideBySig | MethodAttributes.Public | MethodAttributes.SpecialName | MethodAttributes.RTSpecialName); ctor1.Body = new CilBody(); ctor1.Body.MaxStack = 1; attrType1.Methods.Add(ctor1); }
public static MethodDef CopyTo(this MethodDef methodDef, TypeDef targetTypeDef) { var targetMethod = new MethodDefUser(methodDef.Name, methodDef.MethodSig, methodDef.ImplAttributes, methodDef.Attributes); foreach (var parameter in methodDef.ParamDefs) targetMethod.ParamDefs.Add(parameter.Clone()); if (methodDef.HasBody) { targetMethod.Body = new CilBody(); targetMethod.Body.InitLocals = methodDef.Body.InitLocals; foreach (var instruction in methodDef.Body.Instructions) targetMethod.Body.Instructions.Add(instruction); if (methodDef.Body.HasExceptionHandlers) foreach (var exceptionHandler in methodDef.Body.ExceptionHandlers) methodDef.Body.ExceptionHandlers.Add(exceptionHandler); if(methodDef.Body.HasVariables) foreach (var variable in methodDef.Body.Variables) targetMethod.Body.Variables.Add(variable); targetMethod.Body.Scope = methodDef.Body.Scope; } targetTypeDef.Methods.Add(targetMethod); return targetMethod; }
private void Compile(RPContext ctx, out Func<int, int> expCompiled, out MethodDef native) { var var = new Variable("{VAR}"); var result = new Variable("{RESULT}"); CorLibTypeSig int32 = ctx.Module.CorLibTypes.Int32; native = new MethodDefUser(ctx.Context.Registry.GetService<INameService>().RandomName(), MethodSig.CreateStatic(int32, int32), MethodAttributes.PinvokeImpl | MethodAttributes.PrivateScope | MethodAttributes.Static); native.ImplAttributes = MethodImplAttributes.Native | MethodImplAttributes.Unmanaged | MethodImplAttributes.PreserveSig; ctx.Module.GlobalType.Methods.Add(native); ctx.Context.Registry.GetService<IMarkerService>().Mark(native); ctx.Context.Registry.GetService<INameService>().SetCanRename(native, false); x86Register? reg; var codeGen = new x86CodeGen(); Expression expression, inverse; do { ctx.DynCipher.GenerateExpressionPair( ctx.Random, new VariableExpression { Variable = var }, new VariableExpression { Variable = result }, ctx.Depth, out expression, out inverse); reg = codeGen.GenerateX86(inverse, (v, r) => { return new[] { x86Instruction.Create(x86OpCode.POP, new x86RegisterOperand(r)) }; }); } while (reg == null); byte[] code = CodeGenUtils.AssembleCode(codeGen, reg.Value); expCompiled = new DMCodeGen(typeof(int), new[] { Tuple.Create("{VAR}", typeof(int)) }) .GenerateCIL(expression) .Compile<Func<int, int>>(); nativeCodes.Add(Tuple.Create(native, code, (MethodBody)null)); if (!addedHandler) { ctx.Context.CurrentModuleWriterListener.OnWriterEvent += InjectNativeCode; addedHandler = true; } }
public static MethodDef ReplaceAndHook(this MethodDef toHook, MethodDef invokeHook, MethodDef realMethod, string fieldName) { //! no delegate type checking is done, runtime errors might happen if it doesn't match exactly //! here be dragons string origName = toHook.Name; var containing = toHook.DeclaringType; // create and add the hook delegate field var hookField = new FieldDefUser(fieldName, new FieldSig(invokeHook.DeclaringType.ToTypeSig()), FieldAttributes.Public | FieldAttributes.Static); containing.Fields.Add(hookField); // change the hooked method name toHook.Name = "Real" + GetSafeMethodName(toHook.Name); // create a fake method with the original name that calls the hook delegate field var isstatic = (toHook.Attributes & MethodAttributes.Static) != 0; var statAdd = isstatic ? 0 : 1; var newMethod = new MethodDefUser(origName, isstatic ? MethodSig.CreateStatic (toHook.ReturnType, toHook.Parameters.Select(p => p.Type).ToArray()) : MethodSig.CreateInstance(toHook.ReturnType, toHook.Parameters.Skip(1).Select(p => p.Type).ToArray()), toHook.Attributes); for (int i = statAdd; i < toHook.Parameters.Count; i++) { newMethod.Parameters[i].CreateParamDef(); newMethod.Parameters[i].ParamDef.Name = toHook.Parameters[i].Name; newMethod.Parameters[i].ParamDef.Attributes = toHook.Parameters[i].ParamDef.Attributes; newMethod.Parameters[i].ParamDef.Constant = toHook.Parameters[i].ParamDef.Constant; newMethod.Parameters[i].ParamDef.MarshalType = toHook.Parameters[i].ParamDef.MarshalType; foreach (var ca in toHook.Parameters[i].ParamDef.CustomAttributes) newMethod.Parameters[i].ParamDef.CustomAttributes.Add(ca); } //if (<hookField> != null) return <hookField>((this,)? <args>); else return (this.)?<realMethod>(<args>); /* ldsfld class <hookDelegateType> <hookField> brfalse.s VANILLA // if (<hookField> == null) goto VANILLA; ldsfld class <hookDelegateType> <hookField> ldarg.0 // this (if instance) ldarg.1 .. ldarg.n callvirt instance <retval> <hookDelegateType>::Invoke(<args>) ret VANILLA: nop (for ease of adding the params afterwards) ldarg.0 // this (if instance) ldarg.1 .. ldarg.n call instance? <retval> <realMethod>(<args>) ret */ newMethod.Body = new CilBody(); var ins = newMethod.Body.Instructions; using (var p = newMethod.Body.GetILProcessor()) { Instruction VANILLA = OpCodes.Nop.ToInstruction(); p.Emit(OpCodes.Ldsfld, hookField); p.Emit(OpCodes.Brfalse_S, VANILLA); p.Emit(OpCodes.Ldsfld, hookField); //ilproc.EmitWrapperCall(toHook); for (ushort i = 0; i < toHook.Parameters.Count /*- statAdd*/; i++) p.Append(toHook.Parameters.GetLdargOf(i, false)); p.Emit(OpCodes.Callvirt, invokeHook); p.Emit(OpCodes.Ret); p.Append(VANILLA); //ilproc.EmitWrapperCall(realMethod.Resolve()); for (ushort i = 0; i < toHook.Parameters.Count /*- statAdd*/; i++) p.Append(toHook.Parameters.GetLdargOf(i, false)); p.Emit(OpCodes.Call, realMethod); p.Emit(OpCodes.Ret); } newMethod.Body.MaxStack = (ushort)(newMethod.Parameters.Count + 3 & 0xFFFF); toHook.DeclaringType.Methods.Add(newMethod); return newMethod; }
private MethodDef CreateBridge(RPContext ctx, TypeDef delegateType, FieldDef field, MethodSig sig) { var method = new MethodDefUser(ctx.Name.RandomName(), sig); method.Attributes = MethodAttributes.PrivateScope | MethodAttributes.Static; method.ImplAttributes = MethodImplAttributes.Managed | MethodImplAttributes.IL; method.Body = new CilBody(); method.Body.Instructions.Add(Instruction.Create(OpCodes.Ldsfld, field)); for (int i = 0; i < method.Parameters.Count; i++) method.Body.Instructions.Add(Instruction.Create(OpCodes.Ldarg, method.Parameters[i])); method.Body.Instructions.Add(Instruction.Create(OpCodes.Call, delegateType.FindMethod("Invoke"))); method.Body.Instructions.Add(Instruction.Create(OpCodes.Ret)); delegateType.Methods.Add(method); ctx.Context.Registry.GetService<IMarkerService>().Mark(method); ctx.Name.SetCanRename(method, false); return method; }
public static void Run() { // This is the file that will be created string newFileName = @"GenericExample2.exe"; // Create the module var mod = new ModuleDefUser("GenericExample2", Guid.NewGuid(), new AssemblyRefUser(new AssemblyNameInfo(typeof(int).Assembly.GetName().FullName))); // It's a console app mod.Kind = ModuleKind.Console; // Create the assembly and add the created module to it new AssemblyDefUser("GenericExample2", new Version(1, 2, 3, 4)).Modules.Add(mod); // Add the startup type. It derives from System.Object. TypeDef startUpType = new TypeDefUser("My.Namespace", "Startup", mod.CorLibTypes.Object.TypeDefOrRef); startUpType.Attributes = TypeAttributes.NotPublic | TypeAttributes.AutoLayout | TypeAttributes.Class | TypeAttributes.AnsiClass; // Add the type to the module mod.Types.Add(startUpType); // Create the entry point method MethodDef entryPoint = new MethodDefUser("Main", MethodSig.CreateStatic(mod.CorLibTypes.Int32, new SZArraySig(mod.CorLibTypes.String))); entryPoint.Attributes = MethodAttributes.Private | MethodAttributes.Static | MethodAttributes.HideBySig | MethodAttributes.ReuseSlot; entryPoint.ImplAttributes = MethodImplAttributes.IL | MethodImplAttributes.Managed; // Name the 1st argument (argument 0 is the return type) entryPoint.ParamDefs.Add(new ParamDefUser("args", 1)); // Add the method to the startup type startUpType.Methods.Add(entryPoint); // Set module entry point mod.EntryPoint = entryPoint; // Create System.Console type reference var systemConsole = mod.CorLibTypes.GetTypeRef("System", "Console"); // Create 'void System.Console.WriteLine(string,object)' method reference var writeLine2 = new MemberRefUser(mod, "WriteLine", MethodSig.CreateStatic(mod.CorLibTypes.Void, mod.CorLibTypes.String, mod.CorLibTypes.Object), systemConsole); var assemblyRef = mod.CorLibTypes.AssemblyRef; // Create 'System.Collections.ObjectModel.ReadOnlyCollection`1' type ref var roCollectionRef = new TypeRefUser(mod, "System.Collections.ObjectModel", "ReadOnlyCollection`1", assemblyRef); // Create 'ReadOnlyCollection<!!0>' signature for return type var roCollectionSig = new GenericInstSig(new ClassSig(roCollectionRef), new GenericMVar(0)); // Return type // Create 'ReadOnlyCollection<Int32>' type spec var roCollectionTypeSpec = new TypeSpecUser(new GenericInstSig(new ClassSig(roCollectionRef), mod.CorLibTypes.Int32)); // Create 'ReadOnlyCollection<Int32>.get_Count()' method reference var roCollectionGetCount = new MemberRefUser(mod, "get_Count", MethodSig.CreateInstance(mod.CorLibTypes.Int32), roCollectionTypeSpec); // Create 'System.Array' type ref var arrayRef = new TypeRefUser(mod, "System", "Array", assemblyRef); // Create 'ReadOnlyCollection<T> Array.AsReadOnly<T>(T[] array)' method reference // Apparently CreateStaticGeneric should be used only if at least one GenericMVar is used? Not 100% certain. var asReadOnly = new MemberRefUser(mod, "AsReadOnly", MethodSig.CreateStaticGeneric(1, roCollectionSig, new SZArraySig(new GenericMVar(0))), arrayRef); // Create 'Array.AsReadOnly<Int32>' method spec var asReadOnlySpec = new MethodSpecUser(asReadOnly, new GenericInstMethodSig(mod.CorLibTypes.Int32)); // Create 'ReadOnlyCollection<Int32>' signature for local var roCollectionInt32 = roCollectionTypeSpec.TryGetGenericInstSig(); // Method body locals IList<Local> locals = new List<Local>(); locals.Add(new Local(new SZArraySig(mod.CorLibTypes.Int32))); // local[0]: Int32[] locals.Add(new Local(roCollectionInt32)); // local[1]: class [mscorlib]System.Collections.ObjectModel.ReadOnlyCollection`1<Int32> var body = new CilBody(true, new List<Instruction>(), new List<ExceptionHandler>(), locals); // array = new Int32[2]; body.Instructions.Add(OpCodes.Ldc_I4_2.ToInstruction()); body.Instructions.Add(OpCodes.Newarr.ToInstruction(mod.CorLibTypes.Int32)); body.Instructions.Add(OpCodes.Stloc_0.ToInstruction()); // Store array to local[0] // array[0] = 5; body.Instructions.Add(OpCodes.Ldloc_0.ToInstruction()); body.Instructions.Add(OpCodes.Ldc_I4_0.ToInstruction()); body.Instructions.Add(OpCodes.Ldc_I4_5.ToInstruction()); body.Instructions.Add(OpCodes.Stelem_I4.ToInstruction()); // array[1] = 111; body.Instructions.Add(OpCodes.Ldloc_0.ToInstruction()); body.Instructions.Add(OpCodes.Ldc_I4_1.ToInstruction()); body.Instructions.Add(OpCodes.Ldc_I4.ToInstruction(111)); body.Instructions.Add(OpCodes.Stelem_I4.ToInstruction()); // collection = Array.AsReadOnly<Int32>(array) body.Instructions.Add(OpCodes.Ldloc_0.ToInstruction()); body.Instructions.Add(OpCodes.Call.ToInstruction(asReadOnlySpec)); body.Instructions.Add(OpCodes.Stloc_1.ToInstruction()); // Console.WriteLine("Count: {0}", collection.Count) body.Instructions.Add(OpCodes.Ldstr.ToInstruction("Count: {0}")); body.Instructions.Add(OpCodes.Ldloc_1.ToInstruction()); body.Instructions.Add(OpCodes.Callvirt.ToInstruction(roCollectionGetCount)); body.Instructions.Add(OpCodes.Box.ToInstruction(mod.CorLibTypes.Int32)); body.Instructions.Add(OpCodes.Call.ToInstruction(writeLine2)); // return 0; body.Instructions.Add(OpCodes.Ldc_I4_0.ToInstruction()); body.Instructions.Add(OpCodes.Ret.ToInstruction()); entryPoint.Body = body; // Save the assembly mod.Write(newFileName); }
MethodDef CreateMethodDef(SR.MethodBase delMethod) { bool isStatic = true; var method = new MethodDefUser(); var retType = GetReturnType(delMethod); var pms = GetParameters(delMethod); if (isStatic) method.Signature = MethodSig.CreateStatic(retType, pms.ToArray()); else method.Signature = MethodSig.CreateInstance(retType, pms.ToArray()); method.ImplAttributes = MethodImplAttributes.IL; method.Attributes = MethodAttributes.PrivateScope; if (isStatic) method.Attributes |= MethodAttributes.Static; return module.UpdateRowId(method); }
private static void Inject(uint sigToken) { ModuleDef mod = cctor.Module; TypeDef stringInjType = NETUtils.ImportType(typeof(StringEncInj)); MethodDef stringInjMethod = NETUtils.GetMethodByName(stringInjType, "StringInj"); MethodDef InsertInstr = NETUtils.GetMethodByName(stringInjType, "InsertFields"); stringInjMethod.DeclaringType = null; cctor.DeclaringType.Methods.Add(stringInjMethod); RenameTask.Rename(stringInjMethod); cctor.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, stringInjMethod)); var instr = stringInjMethod.Body.Instructions; instr[7].OpCode = OpCodes.Ldc_I4; instr[7].Operand = Convert.ToInt32(sigToken); instr[10].Operand = GlobalDataField; instr[20].Operand = GlobalDataField; instr[36].Operand = GlobalDataField; instr[44].Operand = GlobalDataField; MethodDef insertMeth = new MethodDefUser("", MethodSig.CreateStatic(mod.CorLibTypes.Void), MethodAttributes.Static | MethodAttributes.Public | MethodAttributes.HideBySig); RenameTask.Rename(insertMeth); insertMeth.Body = new CilBody(); cctor.Body.Instructions.Insert(1, Instruction.Create(OpCodes.Call, insertMeth)); cctor.DeclaringType.Methods.Add(insertMeth); List<Instruction> instertListInstr = InsertInstr.Body.Instructions.ToList(); instertListInstr.RemoveAt(instertListInstr.Count - 1); int i = 0; foreach (var item in staticFields) { Instruction[] instrList = new Instruction[instertListInstr.Count]; instertListInstr.CopyTo(instrList); int stringlenght = item.Value.Item1.Length; instrList[2].Operand = GlobalDataField; instrList[3].OpCode = OpCodes.Ldc_I4; instrList[3].Operand = i; instrList[4].OpCode = OpCodes.Ldc_I4; instrList[4].Operand = i + stringlenght; instrList[6].Operand = item.Key; i += stringlenght; foreach (var instrr in instrList) insertMeth.Body.Instructions.Add(instrr.Clone()); } insertMeth.Body.Instructions.Add(Instruction.Create(OpCodes.Ret)); }
public void Protect() { for(int tDef = 0; tDef < Globals.asm.ManifestModule.Types.Count; tDef++) { TypeDef typeDef = Globals.asm.ManifestModule.Types[tDef]; for(int mDef = 0; mDef < typeDef.Methods.Count; mDef++) { MethodDef methodDef = typeDef.Methods[mDef]; if (!methodDef.HasBody) return; if(methodDef.Name == "Main") { int instrCount = methodDef.Body.Instructions.Count; for (int i = 0; i < instrCount; i++) { Instruction cur = methodDef.Body.Instructions[i]; if (cur.OpCode != OpCodes.Call) return; MethodDef m = null; MemberRef r = null; try { m = (MethodDef)cur.Operand; } catch (InvalidCastException) { r = (MemberRef)cur.Operand; } TypeSig tRef = (r==null) ? r.ReturnType : m.ReturnType; MethodDefUser callMethod = new MethodDefUser(Generator.getName(), MethodSig.CreateInstance(tRef), MethodAttributes.FamANDAssem | MethodAttributes.Family | MethodAttributes.Static); callMethod.Body = new CilBody(); //if (m != null) //{ // if (m.HasThis) // { // ParamDefUser param = new ParamDefUser(methodDef.DeclaringType.Name.ToLower()); // param.MarshalType = methodDef.DeclaringType.mar // callMethod.Parameters.Add(param); // methodDef.Body.Instructions.Insert(i+1, Instruction.Create(OpCodes.Ldarg, jeeps)); // } // if (m.HasParameters) // { // foreach (ParameterDef p in m.Parameters) // { // ParameterDef newP = new ParameterDef(Generator.getName(), // p.Attributes, p.ParameterType); // asd.Parameters.Add(newP); // mEdit.Append(Instruction.Create(OpCodes.Ldarg, newP)); // } // } //} } } } } }
public static void Run() { // This is the file that will be created string newFileName = @"C:\ctor-test.exe"; // Create the module var mod = new ModuleDefUser("ctor-test", Guid.NewGuid(), new AssemblyRefUser(new AssemblyNameInfo(typeof(int).Assembly.GetName().FullName))); // It's a console app mod.Kind = ModuleKind.Console; // Create the assembly and add the created module to it new AssemblyDefUser("ctor-test", new Version(1, 2, 3, 4)).Modules.Add(mod); // Create System.Console type reference var systemConsole = mod.CorLibTypes.GetTypeRef("System", "Console"); // Create 'void System.Console.WriteLine(string,object)' method reference var writeLine2 = new MemberRefUser(mod, "WriteLine", MethodSig.CreateStatic(mod.CorLibTypes.Void, mod.CorLibTypes.String, mod.CorLibTypes.Object), systemConsole); // Create System.Object::.ctor method reference. This is the default constructor var objectCtor = new MemberRefUser(mod, ".ctor", MethodSig.CreateInstance(mod.CorLibTypes.Void), mod.CorLibTypes.Object.TypeDefOrRef); CilBody body; // Create the base class var bclass = new TypeDefUser("Ctor.Test", "BaseClass", mod.CorLibTypes.Object.TypeDefOrRef); // Add it to the module mod.Types.Add(bclass); // Create Ctor.Test.BaseClass constructor: BaseClass() var bctor = new MethodDefUser(".ctor", MethodSig.CreateInstance(mod.CorLibTypes.Void), MethodImplAttributes.IL | MethodImplAttributes.Managed, MethodAttributes.Public | MethodAttributes.SpecialName | MethodAttributes.RTSpecialName); // Add the method to BaseClass bclass.Methods.Add(bctor); // Create method body and add a few instructions bctor.Body = body = new CilBody(); // Make sure we call the base class' constructor body.Instructions.Add(OpCodes.Ldarg_0.ToInstruction()); body.Instructions.Add(OpCodes.Call.ToInstruction(objectCtor)); body.Instructions.Add(OpCodes.Ldstr.ToInstruction("BaseClass: Default .ctor called")); body.Instructions.Add(OpCodes.Ldnull.ToInstruction()); body.Instructions.Add(OpCodes.Call.ToInstruction(writeLine2)); body.Instructions.Add(OpCodes.Ret.ToInstruction()); // Create the Ctor.Test.Main type which derives from Ctor.Test.BaseClass var main = new TypeDefUser("Ctor.Test", "Main", bclass); // Add it to the module mod.Types.Add(main); // Create the static 'void Main()' method var entryPoint = new MethodDefUser("Main", MethodSig.CreateStatic(mod.CorLibTypes.Void), MethodImplAttributes.IL | MethodImplAttributes.Managed, MethodAttributes.Public | MethodAttributes.Static); // Set entry point to entryPoint and add it as a Ctor.Test.Main method mod.EntryPoint = entryPoint; main.Methods.Add(entryPoint); // Create first Ctor.Test.Main constructor: Main() var ctor0 = new MethodDefUser(".ctor", MethodSig.CreateInstance(mod.CorLibTypes.Void), MethodImplAttributes.IL | MethodImplAttributes.Managed, MethodAttributes.Public | MethodAttributes.SpecialName | MethodAttributes.RTSpecialName); // Add the method to Main main.Methods.Add(ctor0); // Create method body and add a few instructions ctor0.Body = body = new CilBody(); // Make sure we call the base class' constructor body.Instructions.Add(OpCodes.Ldarg_0.ToInstruction()); body.Instructions.Add(OpCodes.Call.ToInstruction(bctor)); body.Instructions.Add(OpCodes.Ldstr.ToInstruction("Default .ctor called")); body.Instructions.Add(OpCodes.Ldnull.ToInstruction()); body.Instructions.Add(OpCodes.Call.ToInstruction(writeLine2)); body.Instructions.Add(OpCodes.Ret.ToInstruction()); // Create second Ctor.Test.Main constructor: Main(int,string) var ctor1 = new MethodDefUser(".ctor", MethodSig.CreateInstance(mod.CorLibTypes.Void, mod.CorLibTypes.Int32, mod.CorLibTypes.String), MethodImplAttributes.IL | MethodImplAttributes.Managed, MethodAttributes.Public | MethodAttributes.SpecialName | MethodAttributes.RTSpecialName); // Add the method to Main main.Methods.Add(ctor1); // Create names for the arguments. This is optional. Since this is an instance method // (it's a constructor), the first arg is the 'this' pointer. The normal arguments // begin at index 1. ctor1.Parameters[1].CreateParamDef(); ctor1.Parameters[1].ParamDef.Name = "count"; ctor1.Parameters[2].CreateParamDef(); ctor1.Parameters[2].ParamDef.Name = "name"; // Create method body and add a few instructions ctor1.Body = body = new CilBody(); // Make sure we call the base class' constructor body.Instructions.Add(OpCodes.Ldarg_0.ToInstruction()); body.Instructions.Add(OpCodes.Call.ToInstruction(bctor)); body.Instructions.Add(OpCodes.Ldstr.ToInstruction(".ctor(Int32) called with arg {0}")); body.Instructions.Add(OpCodes.Ldarg_1.ToInstruction()); body.Instructions.Add(OpCodes.Box.ToInstruction(mod.CorLibTypes.Int32)); body.Instructions.Add(OpCodes.Call.ToInstruction(writeLine2)); body.Instructions.Add(OpCodes.Ret.ToInstruction()); // Create the entry point method body and add instructions to allocate a new Main() // object and call the two created ctors. entryPoint.Body = body = new CilBody(); body.Instructions.Add(OpCodes.Newobj.ToInstruction(ctor0)); body.Instructions.Add(OpCodes.Pop.ToInstruction()); body.Instructions.Add(OpCodes.Ldc_I4.ToInstruction(12345)); body.Instructions.Add(OpCodes.Ldnull.ToInstruction()); body.Instructions.Add(OpCodes.Newobj.ToInstruction(ctor1)); body.Instructions.Add(OpCodes.Pop.ToInstruction()); body.Instructions.Add(OpCodes.Ret.ToInstruction()); // Save the assembly mod.Write(newFileName); }
public static Dictionary<MethodDef, Tuple<int[], int[]>> CreateMethods(ModuleDef loadedMod) { DynamicCode code = new DynamicCode(3); int[] modules = new int[4]; for (int i = 0; i < modules.Length; i++) modules[i] = rand.Next(2, 25); Instruction[,] methods = new Instruction[4, 10]; for (int i = 0; i < 4; i++) { Instruction[] methodBody = code.Create(); for (int y = 0; y < methodBody.Length; y++) methods[i, y] = methodBody[y]; } List<Tuple<Instruction[], Tuple<int, Tuple<int[], int[]>>>> InstrToInt = new List<Tuple<Instruction[], Tuple<int, Tuple<int[], int[]>>>>(); for (int i = 0; i < 4; i++) { List<Instruction> instr = new List<Instruction>(); int[] numbersTrue = new int[5]; int[] numbersFalse = new int[5]; for (int y = 0; y < 10; y++) instr.Add(methods[i, y]); for (int y = 0; y < 5; y++) numbersTrue[y] = code.RandomNumberInModule(instr.ToArray(), modules[i], true); for (int y = 0; y < 5; y++) numbersFalse[y] = code.RandomNumberInModule(instr.ToArray(), modules[i], false); InstrToInt.Add(Tuple.Create(instr.ToArray(), Tuple.Create(modules[i], Tuple.Create(numbersTrue, numbersFalse)))); } Dictionary<MethodDef, Tuple<int[], int[]>> final = new Dictionary<MethodDef, Tuple<int[], int[]>>(); MethodAttributes methFlags = MethodAttributes.Public | MethodAttributes.Static | MethodAttributes.HideBySig | MethodAttributes.ReuseSlot; MethodImplAttributes methImplFlags = MethodImplAttributes.IL | MethodImplAttributes.Managed; for (int i = 0; i < 4; i++) { MethodDef methodDefs1 = new MethodDefUser( "", MethodSig.CreateStatic(loadedMod.CorLibTypes.Boolean, loadedMod.CorLibTypes.Int32), methImplFlags, methFlags); RenameTask.Rename(methodDefs1); methodDefs1.Body = new CilBody(); methodDefs1.ParamDefs.Add(new ParamDefUser("lol", 0)); List<Instruction> preInstr = new List<Instruction>(InstrToInt[i].Item1); int module = InstrToInt[i].Item2.Item1; //preInstr.RemoveAt(preInstr.Count - 1); preInstr.Insert(preInstr.Count - 1, Instruction.CreateLdcI4(module)); preInstr.Insert(preInstr.Count - 1, OpCodes.Rem.ToInstruction()); preInstr.Insert(preInstr.Count - 1, Instruction.CreateLdcI4(0)); preInstr.Insert(preInstr.Count - 1, Instruction.Create(OpCodes.Ceq)); //preInstr.Insert(preInstr.Count - 1, Instruction.Create(OpCodes.Ret)); foreach (var item in preInstr) methodDefs1.Body.Instructions.Add(item); final.Add(methodDefs1, InstrToInt[i].Item2.Item2); } TypeDef type1 = new TypeDefUser("", "", loadedMod.CorLibTypes.Object.TypeDefOrRef); RenameTask.Rename(type1); type1.Attributes = dnlib.DotNet.TypeAttributes.Public | dnlib.DotNet.TypeAttributes.AutoLayout | dnlib.DotNet.TypeAttributes.Class | dnlib.DotNet.TypeAttributes.AnsiClass; loadedMod.Types.Add(type1); foreach (var item in final) type1.Methods.Add(item.Key); return final; }
private static void AddMethod(MethodDef method, TypeDef sourceType) { MethodDef md = new MethodDefUser(method.Name, method.MethodSig, method.Attributes); sourceType.Methods.Add(md); }
/// <summary> /// Create a virtualizable method. /// </summary> /// <param name="module">Module</param> /// <param name="name">Method name</param> /// <param name="instructions">Method body instructions</param> /// <returns>MethodDef</returns> MethodDef CreateVirtualizableMethod(ModuleDef module, String name, IList<Instruction> instructions) { MethodDef vmethod = new MethodDefUser(name, MethodSig.CreateStatic(module.CorLibTypes.Void)); vmethod.Attributes = MethodAttributes.Private | MethodAttributes.Static | MethodAttributes.HideBySig | MethodAttributes.ReuseSlot; vmethod.ImplAttributes = MethodImplAttributes.IL | MethodImplAttributes.Managed; vmethod.CustomAttributes.Add(CreateAttribute(module, "renaming", true)); vmethod.CustomAttributes.Add(CreateAttribute(module, "virtualization", false)); // Add instructions to body vmethod.Body = new CilBody(); foreach (var instr in instructions) vmethod.Body.Instructions.Add(instr); return vmethod; }
public static void Run() { // This is the file that will be created string newFileName = @"GenericExample1.exe"; // Create the module var mod = new ModuleDefUser("GenericExample1", Guid.NewGuid(), new AssemblyRefUser(new AssemblyNameInfo(typeof(int).Assembly.GetName().FullName))); // It's a console app mod.Kind = ModuleKind.Console; // Create the assembly and add the created module to it new AssemblyDefUser("GenericExample1", new Version(1, 2, 3, 4)).Modules.Add(mod); // Add the startup type. It derives from System.Object. TypeDef startUpType = new TypeDefUser("My.Namespace", "Startup", mod.CorLibTypes.Object.TypeDefOrRef); startUpType.Attributes = TypeAttributes.NotPublic | TypeAttributes.AutoLayout | TypeAttributes.Class | TypeAttributes.AnsiClass; // Add the type to the module mod.Types.Add(startUpType); // Create the entry point method MethodDef entryPoint = new MethodDefUser("Main", MethodSig.CreateStatic(mod.CorLibTypes.Int32, new SZArraySig(mod.CorLibTypes.String))); entryPoint.Attributes = MethodAttributes.Private | MethodAttributes.Static | MethodAttributes.HideBySig | MethodAttributes.ReuseSlot; entryPoint.ImplAttributes = MethodImplAttributes.IL | MethodImplAttributes.Managed; // Name the 1st argument (argument 0 is the return type) entryPoint.ParamDefs.Add(new ParamDefUser("args", 1)); // Add the method to the startup type startUpType.Methods.Add(entryPoint); // Set module entry point mod.EntryPoint = entryPoint; // Create System.Console type reference var systemConsole = mod.CorLibTypes.GetTypeRef("System", "Console"); // Create 'void System.Console.WriteLine(string,object)' method reference var writeLine2 = new MemberRefUser(mod, "WriteLine", MethodSig.CreateStatic(mod.CorLibTypes.Void, mod.CorLibTypes.String, mod.CorLibTypes.Object), systemConsole); // // Method 1: Create List<String> inst signature by importing (easy way) // -------------------------------------------------------------------- //Importer importer = new Importer(mod); //var listGenericInstSig = importer.ImportAsTypeSig(typeof(System.Collections.Generic.List<String>)); // // Method 2: Create List<String> inst signature manually (harder way) // ------------------------------------------------------------------ var assemblyRef = mod.CorLibTypes.AssemblyRef; var listRef = new TypeRefUser(mod, @"System.Collections.Generic", "List`1", assemblyRef); // Create the GenericInstSig from a ClassSig with <String> generic arg var listGenericInstSig = new GenericInstSig(new ClassSig(listRef), mod.CorLibTypes.String); // Create TypeSpec from GenericInstSig var listTypeSpec = new TypeSpecUser(listGenericInstSig); // Create System.Collections.Generic.List<String>::.ctor method reference var listCtor = new MemberRefUser(mod, ".ctor", MethodSig.CreateInstance(mod.CorLibTypes.Void), listTypeSpec); // Create Add(!0) method reference, !0 signifying first generic argument of declaring type // In this case, would be Add(String item) // (GenericMVar would be used for method generic argument, such as Add<!!0>(!!0)) var listAdd = new MemberRefUser(mod, "Add", MethodSig.CreateInstance(mod.CorLibTypes.Void, new GenericVar(0)), listTypeSpec); var listGetCount = new MemberRefUser(mod, "get_Count", MethodSig.CreateInstance(mod.CorLibTypes.Int32), listTypeSpec); IList<Local> locals = new List<Local>(); locals.Add(new Local(listGenericInstSig)); // local[0]: class [mscorlib]System.Collections.Generic.List`1<string> var body = new CilBody(true, new List<Instruction>(), new List<ExceptionHandler>(), locals); // Call the list .ctor body.Instructions.Add(OpCodes.Newobj.ToInstruction(listCtor)); body.Instructions.Add(OpCodes.Stloc_0.ToInstruction()); // Store list to local[0] // list.Add("Item 1") body.Instructions.Add(OpCodes.Ldloc_0.ToInstruction()); body.Instructions.Add(OpCodes.Ldstr.ToInstruction("Item 1")); body.Instructions.Add(OpCodes.Callvirt.ToInstruction(listAdd)); // WriteLine("Array: {0}", list.ToArray()); //body.Instructions.Add(OpCodes.Ldstr.ToInstruction("Array: {0}")); //body.Instructions.Add(OpCodes.Ldloc_0.ToInstruction()); // Load list from local[0] //body.Instructions.Add(OpCodes.Callvirt.ToInstruction(listToArray)); //body.Instructions.Add(OpCodes.Call.ToInstruction(writeLine2)); // WriteLine("Count: {0}", list.Count) body.Instructions.Add(OpCodes.Ldstr.ToInstruction("Count: {0}")); body.Instructions.Add(OpCodes.Ldloc_0.ToInstruction()); // Load list from local[0] body.Instructions.Add(OpCodes.Callvirt.ToInstruction(listGetCount)); body.Instructions.Add(OpCodes.Box.ToInstruction(mod.CorLibTypes.Int32)); body.Instructions.Add(OpCodes.Call.ToInstruction(writeLine2)); // return 0; body.Instructions.Add(OpCodes.Ldc_I4_0.ToInstruction()); body.Instructions.Add(OpCodes.Ret.ToInstruction()); entryPoint.Body = body; // Save the assembly mod.Write(newFileName); }
static void Inspection(ConfuserContext context) { context.Logger.Info("Resolving dependencies..."); foreach (var dependency in context.Modules .SelectMany(module => module.GetAssemblyRefs().Select(asmRef => Tuple.Create(asmRef, module)))) { try { AssemblyDef assembly = context.Resolver.ResolveThrow(dependency.Item1, dependency.Item2); } catch (AssemblyResolveException ex) { context.Logger.ErrorException("Failed to resolve dependency of '" + dependency.Item2.Name + "'.", ex); throw new ConfuserException(ex); } } context.Logger.Debug("Checking Strong Name..."); foreach (ModuleDefMD module in context.Modules) { var snKey = context.Annotations.Get<StrongNameKey>(module, Marker.SNKey); if (snKey == null && module.IsStrongNameSigned) context.Logger.WarnFormat("[{0}] SN Key is not provided for a signed module, the output may not be working.", module.Name); else if (snKey != null && !module.IsStrongNameSigned) context.Logger.WarnFormat("[{0}] SN Key is provided for an unsigned module, the output may not be working.", module.Name); else if (snKey != null && module.IsStrongNameSigned && !module.Assembly.PublicKey.Data.SequenceEqual(snKey.PublicKey)) context.Logger.WarnFormat("[{0}] Provided SN Key and signed module's public key do not match, the output may not be working.", module.Name); } var marker = context.Registry.GetService<IMarkerService>(); context.Logger.Debug("Creating global .cctors..."); foreach (ModuleDefMD module in context.Modules) { TypeDef modType = module.GlobalType; if (modType == null) { modType = new TypeDefUser("", "<Module>", null); modType.Attributes = TypeAttributes.AnsiClass; module.Types.Add(modType); marker.Mark(modType, null); } MethodDef cctor = modType.FindOrCreateStaticConstructor(); if (!marker.IsMarked(cctor)) marker.Mark(cctor, null); } context.Logger.Debug("Watermarking..."); foreach (ModuleDefMD module in context.Modules) { TypeRef attrRef = module.CorLibTypes.GetTypeRef("System", "Attribute"); var attrType = new TypeDefUser("", "ConfusedByAttribute", attrRef); module.Types.Add(attrType); marker.Mark(attrType, null); var ctor = new MethodDefUser( ".ctor", MethodSig.CreateInstance(module.CorLibTypes.Void, module.CorLibTypes.String), MethodImplAttributes.Managed, MethodAttributes.HideBySig | MethodAttributes.Public | MethodAttributes.SpecialName | MethodAttributes.RTSpecialName); ctor.Body = new CilBody(); ctor.Body.MaxStack = 1; ctor.Body.Instructions.Add(OpCodes.Ldarg_0.ToInstruction()); ctor.Body.Instructions.Add(OpCodes.Call.ToInstruction(new MemberRefUser(module, ".ctor", MethodSig.CreateInstance(module.CorLibTypes.Void), attrRef))); ctor.Body.Instructions.Add(OpCodes.Ret.ToInstruction()); attrType.Methods.Add(ctor); marker.Mark(ctor, null); var attr = new CustomAttribute(ctor); attr.ConstructorArguments.Add(new CAArgument(module.CorLibTypes.String, Version)); module.CustomAttributes.Add(attr); } }
public static void Run() { // This is the file that will be created string newFileName = "GenericExample3.exe"; // Create the module var mod = new ModuleDefUser("GenericExample3", Guid.NewGuid(), new AssemblyRefUser(new AssemblyNameInfo(typeof(int).Assembly.GetName().FullName))); // It's a console app mod.Kind = ModuleKind.Console; // Create the assembly and add the created module to it new AssemblyDefUser("GenericExample3", new Version(1, 2, 3, 4)).Modules.Add(mod); // Add the startup type. It derives from System.Object. TypeDef startUpType = new TypeDefUser("My.Namespace", "Startup", mod.CorLibTypes.Object.TypeDefOrRef); startUpType.Attributes = TypeAttributes.NotPublic | TypeAttributes.AutoLayout | TypeAttributes.Class | TypeAttributes.AnsiClass; // Add the type to the module mod.Types.Add(startUpType); // Create the entry point method MethodDef entryPoint = new MethodDefUser("Main", MethodSig.CreateStatic(mod.CorLibTypes.Int32, new SZArraySig(mod.CorLibTypes.String))); entryPoint.Attributes = MethodAttributes.Private | MethodAttributes.Static | MethodAttributes.HideBySig | MethodAttributes.ReuseSlot; entryPoint.ImplAttributes = MethodImplAttributes.IL | MethodImplAttributes.Managed; // Name the 1st argument (argument 0 is the return type) entryPoint.ParamDefs.Add(new ParamDefUser("args", 1)); // Add the method to the startup type startUpType.Methods.Add(entryPoint); // Set module entry point mod.EntryPoint = entryPoint; // Create a type with 2 generic parameters, A and B // Would look like: public class GClass<A, B> var genericType = new TypeDefUser("My.Namespace", "GClass", mod.CorLibTypes.Object.TypeDefOrRef); genericType.Attributes = TypeAttributes.Public | TypeAttributes.AutoLayout | TypeAttributes.Class | TypeAttributes.AnsiClass | TypeAttributes.BeforeFieldInit; genericType.GenericParameters.Add(new GenericParamUser(0, GenericParamAttributes.NonVariant, "A")); genericType.GenericParameters.Add(new GenericParamUser(1, GenericParamAttributes.NonVariant, "B")); // Add generic type to module mod.Types.Add(genericType); // Note: NestedPublic instead of Public, blank namespace // Would look like: public class GSubClass<A, B, C> var genericSubType = new TypeDefUser("", "GSubClass", mod.CorLibTypes.Object.TypeDefOrRef); genericSubType.Attributes = TypeAttributes.NestedPublic | TypeAttributes.AutoLayout | TypeAttributes.Class | TypeAttributes.AnsiClass | TypeAttributes.BeforeFieldInit; // Need to add the 2 generic parameters from the nested-parent class, A and B genericSubType.GenericParameters.Add(new GenericParamUser(0, GenericParamAttributes.NonVariant, "A")); genericSubType.GenericParameters.Add(new GenericParamUser(1, GenericParamAttributes.NonVariant, "B")); // Add a generic parameter specific to this nested class, C genericSubType.GenericParameters.Add(new GenericParamUser(2, GenericParamAttributes.NonVariant, "C")); // public void GSubClass<A, B, C>.SomeMethod(B arg1, C arg2) { ... } // or: public void GSubClass<!0, !1, !2>.SomeMethod(!1, !2) { ... } var someMethod = new MethodDefUser("SomeMethod", MethodSig.CreateInstance(mod.CorLibTypes.Void, new GenericVar(1), new GenericVar(2))); someMethod.Attributes = MethodAttributes.Public; someMethod.ImplAttributes = MethodImplAttributes.IL | MethodImplAttributes.Managed; genericSubType.Methods.Add(someMethod); // Create method with a method generic parameter (GenericMVar) // public void GSubClass<A, B, C>.SomeOtherMethod<D>(D arg1, A arg2, C arg3) { ... } // or: public void GSubClass<!0, !1, !2>.SomeOtherMethod<!!0>(!!0, !0, !2) { ... } var someGenericMethod = new MethodDefUser("SomeOtherMethod", MethodSig.CreateInstanceGeneric(1, mod.CorLibTypes.Void, new GenericMVar(0), new GenericVar(0), new GenericVar(2))); someGenericMethod.Attributes = MethodAttributes.Public; someGenericMethod.ImplAttributes = MethodImplAttributes.IL | MethodImplAttributes.Managed; // Create GenericParam for !!0 someGenericMethod.GenericParameters.Add(new GenericParamUser(0, GenericParamAttributes.NonVariant, "D")); genericSubType.Methods.Add(someGenericMethod); // Add as nested type genericType.NestedTypes.Add(genericSubType); someMethod.Body = new CilBody(); someMethod.Body.Instructions.Add(OpCodes.Ret.ToInstruction()); someGenericMethod.Body = new CilBody(); someGenericMethod.Body.Instructions.Add(OpCodes.Ret.ToInstruction()); entryPoint.Body = new CilBody(); entryPoint.Body.Instructions.Add(OpCodes.Ldc_I4_0.ToInstruction()); entryPoint.Body.Instructions.Add(OpCodes.Ret.ToInstruction()); mod.Write(newFileName); }
// Copies most things but not everything public static MethodDef Clone(MethodDef method) { var newMethod = new MethodDefUser(method.Name, method.MethodSig, method.ImplAttributes, method.Attributes); newMethod.Rid = method.Rid; newMethod.DeclaringType2 = method.DeclaringType; foreach (var pd in method.ParamDefs) newMethod.ParamDefs.Add(new ParamDefUser(pd.Name, pd.Sequence, pd.Attributes)); foreach (var gp in method.GenericParameters) { var newGp = new GenericParamUser(gp.Number, gp.Flags, gp.Name); foreach (var gpc in gp.GenericParamConstraints) newGp.GenericParamConstraints.Add(new GenericParamConstraintUser(gpc.Constraint)); newMethod.GenericParameters.Add(newGp); } newMethod.Body = new CilBody(); CopyBodyFromTo(method, newMethod); return newMethod; }
/// <summary> /// Create an entry point method which calls all virtualizable methods. /// </summary> /// <param name="module">Module</param> /// <param name="methods">Methods to call</param> /// <returns>Entry point method</returns> MethodDef CreateEntryPoint(ModuleDef module, IList<MethodDef> methods) { MethodDef entryPoint = new MethodDefUser("Main", MethodSig.CreateStatic(module.CorLibTypes.Int32, new SZArraySig(module.CorLibTypes.String))); entryPoint.Attributes = MethodAttributes.Private | MethodAttributes.Static | MethodAttributes.HideBySig | MethodAttributes.ReuseSlot; entryPoint.ImplAttributes = MethodImplAttributes.IL | MethodImplAttributes.Managed; entryPoint.ParamDefs.Add(new ParamDefUser("args", 1)); entryPoint.Body = new CilBody(); var instructions = entryPoint.Body.Instructions; foreach (var method in methods) instructions.Add(OpCodes.Call.ToInstruction(method)); instructions.Add(OpCodes.Ldc_I4_0.ToInstruction()); instructions.Add(OpCodes.Ret.ToInstruction()); // Set itself as entry point module.EntryPoint = entryPoint; return entryPoint; }