private static void CallLoadIntegersMethod(ModuleDef targetModule, bool isOffline)
{
// Finds the injected 'ByteGuardStringProtections' class that contains all the decryption methods.
TypeDef stringProtections =
targetModule.Find("ByteGuard.Protections.Online.Runtime.ByteGuardConstantProtections", true);
TypeDef byteguardCore =
targetModule.Find("ByteGuard.Protections.Online.Runtime.ByteGuardCore", true);
MethodDef loadStringsMethod =
(isOffline
? stringProtections.FindMethod("LoadIntegersOffline")
: stringProtections.FindMethod("LoadIntegers"));
MethodDef authenticatedMethod =
(isOffline
? byteguardCore.FindOrCreateStaticConstructor()
: byteguardCore.FindMethod("Authenticated"));
foreach (Instruction i in loadStringsMethod.Body.Instructions.Where(i => i.OpCode == OpCodes.Ldstr))
{
i.Operand =
(isOffline
? StringProtections.EmbeddedResourceNameOffline
: EmbeddedResourceName);
}
authenticatedMethod.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, loadStringsMethod));
}
public Context(ref ModuleDef moduleDef)
{
ManifestModule = moduleDef.Assembly.ManifestModule;
GlobalType = ManifestModule.GlobalType;
Imp = new Importer(ManifestModule);
cctor = GlobalType.FindOrCreateStaticConstructor();
}
public Context(AssemblyDef asm)
{
Assembly = asm;
ManifestModule = asm.ManifestModule;
GlobalType = ManifestModule.GlobalType;
Imp = new Importer(ManifestModule);
cctor = GlobalType.FindOrCreateStaticConstructor();
}
public void InjectConstants(ModuleDef rtModule, VMDescriptor desc, RuntimeHelpers helpers)
{
TypeDef constants = rtModule.Find(RTMap.kraDConstants, true);
MethodDef cctor = constants.FindOrCreateStaticConstructor();
IList <Instruction> instrs = cctor.Body.Instructions;
instrs.Clear();
for (int i = 0; i < (int)DarksVMRegisters.Max; i++)
{
var reg = (DarksVMRegisters)i;
byte regId = desc.Architecture.Registers[reg];
string regField = reg.ToString();
this.AddField(regField, regId);
}
for (int i = 0; i < (int)DarksVMFlags.Max; i++)
{
var fl = (DarksVMFlags)i;
int flId = desc.Architecture.Flags[fl];
string flField = fl.ToString();
this.AddField(flField, 1 << flId);
}
for (int i = 0; i < (int)ILOpCode.Max; i++)
{
var op = (ILOpCode)i;
byte opId = desc.Architecture.OpCodes[op];
string opField = op.ToString();
this.AddField(opField, opId);
}
for (int i = 0; i < (int)DarksVMCalls.Max; i++)
{
var vc = (DarksVMCalls)i;
int vcId = desc.Runtime.VMCall[vc];
string vcField = vc.ToString();
this.AddField(vcField, vcId);
}
this.AddField(ConstantFields.E_CALL.ToString(), (int)desc.Runtime.VCallOps.ECALL_CALL);
this.AddField(ConstantFields.E_CALLVIRT.ToString(), (int)desc.Runtime.VCallOps.ECALL_CALLVIRT);
this.AddField(ConstantFields.E_NEWOBJ.ToString(), (int)desc.Runtime.VCallOps.ECALL_NEWOBJ);
this.AddField(ConstantFields.E_CALLVIRT_CONSTRAINED.ToString(), (int)desc.Runtime.VCallOps.ECALL_CALLVIRT_CONSTRAINED);
this.AddField(ConstantFields.INIT.ToString(), (int)helpers.INIT);
this.AddField(ConstantFields.INSTANCE.ToString(), desc.Runtime.RTFlags.INSTANCE);
this.AddField(ConstantFields.CATCH.ToString(), desc.Runtime.RTFlags.EH_CATCH);
this.AddField(ConstantFields.FILTER.ToString(), desc.Runtime.RTFlags.EH_FILTER);
this.AddField(ConstantFields.FAULT.ToString(), desc.Runtime.RTFlags.EH_FAULT);
this.AddField(ConstantFields.FINALLY.ToString(), desc.Runtime.RTFlags.EH_FINALLY);
this.Conclude(desc.Random, instrs, constants);
instrs.Add(Instruction.Create(OpCodes.Ret));
cctor.Body.OptimizeMacros();
}
public override void Finalize(RPContext ctx)
{
foreach (var field in fields)
{
InitMethodDesc init = GetInitMethod(ctx, field.Key.Item3);
byte opKey;
do
{
// No zero bytes
opKey = ctx.Random.NextByte();
} while (opKey == (byte)field.Key.Item1);
TypeDef delegateType = field.Value.Item1.DeclaringType;
MethodDef cctor = delegateType.FindOrCreateStaticConstructor();
cctor.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, init.Method));
cctor.Body.Instructions.Insert(0, Instruction.CreateLdcI4(opKey));
cctor.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Ldtoken, field.Value.Item1));
fieldDescs.Add(new FieldDesc
{
Field = field.Value.Item1,
OpCode = field.Key.Item1,
Method = field.Key.Item2,
OpKey = opKey,
InitDesc = init
});
}
foreach (TypeDef delegateType in ctx.Delegates.Values)
{
MethodDef cctor = delegateType.FindOrCreateStaticConstructor();
ctx.Marker.Mark(cctor, ctx.Protection);
ctx.Name.SetCanRename(cctor, false);
}
ctx.Context.CurrentModuleWriterOptions.MetaDataOptions.Flags |= MetaDataFlags.PreserveExtraSignatureData;
ctx.Context.CurrentModuleWriterListener.OnWriterEvent += EncodeField;
encodeCtx = ctx;
}
public void Inject(TypeDef typeDef, ModuleDef targetModuleDef, object obj)
{
var splashTechniqueName = $"{typeof(SplashTechnique).Namespace}.{Name}Technique";
var moduleType = ModuleDef.Types.FirstOrDefault(type => type.FullName == splashTechniqueName);
if (moduleType == null)
throw new InvalidDataException("Splash method is not available.");
var injectionMethodDef = moduleType.FindMethod("Splash");
var injectedMethodDef = InjectHelper.Inject(injectionMethodDef, targetModuleDef);
var constructorMethodDef = typeDef.FindOrCreateStaticConstructor();
constructorMethodDef.Body = injectedMethodDef.Body;
AfterInjectionCallback(constructorMethodDef, obj);
}
public void Inject(TypeDef typeDef, ModuleDef targetModuleDef, object obj)
{
var splashTechniqueName = $"{typeof(SplashTechnique).Namespace}.{Name}Technique";
var moduleType = ModuleDef.Types.FirstOrDefault(type => type.FullName == splashTechniqueName);
if (moduleType == null)
{
throw new InvalidDataException("Splash method is not available.");
}
var injectionMethodDef = moduleType.FindMethod("Splash");
var injectedMethodDef = InjectHelper.Inject(injectionMethodDef, targetModuleDef);
var constructorMethodDef = typeDef.FindOrCreateStaticConstructor();
constructorMethodDef.Body = injectedMethodDef.Body;
AfterInjectionCallback(constructorMethodDef, obj);
}
public FieldDef CreateProperField(TypeDef type)
{
var cotype = RuntimeHelper.GetRuntimeType("AsStrongAsFuck.Runtime.FuncMutation");
FieldDef field = cotype.Fields.FirstOrDefault(x => x.Name == "prao");
Renamer.Rename(field, Renamer.RenameMode.Base64, 3);
field.DeclaringType = null;
type.Fields.Add(field);
MethodDef funcmethod = cotype.FindMethod("RET");
funcmethod.DeclaringType = null;
Renamer.Rename(funcmethod, Renamer.RenameMode.Base64, 3);
type.Methods.Add(funcmethod);
var cctor = type.FindOrCreateStaticConstructor();
cctor.Body.Instructions.Insert(0, new Instruction(OpCodes.Ldnull));
cctor.Body.Instructions.Insert(1, new Instruction(OpCodes.Ldftn, funcmethod));
cctor.Body.Instructions.Insert(2, new Instruction(OpCodes.Newobj, type.Module.Import(typeof(Func <int, int>).GetConstructors().First())));
cctor.Body.Instructions.Insert(3, new Instruction(OpCodes.Stsfld, field));
cctor.Body.Instructions.Insert(4, new Instruction(OpCodes.Nop));
return(field);
}
// Token: 0x060000B0 RID: 176 RVA: 0x0000E128 File Offset: 0x0000C328
public static void Execute(ModuleDef md)
{
TypeDef globalType = md.GlobalType;
TypeDefUser typeDefUser = new TypeDefUser(globalType.Name);
globalType.Name = "BlinkVM";
globalType.BaseType = md.CorLibTypes.GetTypeRef("System", "Object");
md.Types.Insert(0, typeDefUser);
MethodDef methodDef = globalType.FindOrCreateStaticConstructor();
MethodDef methodDef2 = typeDefUser.FindOrCreateStaticConstructor();
methodDef.Name = "BlinkVM";
methodDef.IsRuntimeSpecialName = false;
methodDef.IsSpecialName = false;
methodDef.Access = MethodAttributes.PrivateScope;
methodDef2.Body = new CilBody(true, new List <Instruction>
{
Instruction.Create(OpCodes.Call, methodDef),
Instruction.Create(OpCodes.Ret)
}, new List <ExceptionHandler>(), new List <Local>());
for (int i = 0; i < globalType.Methods.Count; i++)
{
MethodDef methodDef3 = globalType.Methods[i];
bool isNative = methodDef3.IsNative;
if (isNative)
{
MethodDefUser methodDefUser = new MethodDefUser(methodDef3.Name, methodDef3.MethodSig.Clone());
methodDefUser.Attributes = (MethodAttributes.Private | MethodAttributes.FamANDAssem | MethodAttributes.Static);
methodDefUser.Body = new CilBody();
methodDefUser.Body.Instructions.Add(new Instruction(OpCodes.Jmp, methodDef3));
methodDefUser.Body.Instructions.Add(new Instruction(OpCodes.Ret));
globalType.Methods[i] = methodDefUser;
typeDefUser.Methods.Add(methodDef3);
}
}
}
protected override void Execute(ConfuserContext context, ProtectionParameters parameters)
{
Virtualizer vr = context.Annotations.Get <Virtualizer>(context, Fish.VirtualizerKey);
IMarkerService marker = context.Registry.GetService <IMarkerService>();
IReferenceProxyService refProxy = context.Registry.GetService <IReferenceProxyService>();
IAntiTamperService antiTamper = context.Registry.GetService <IAntiTamperService>();
ICompressionService compression = context.Registry.GetService <ICompressionService>();
var methods = new HashSet <MethodDef>(parameters.Targets.OfType <MethodDef>());
var refRepl = new Dictionary <IMemberRef, IMemberRef>();
TypeDef oldType = context.CurrentModule.GlobalType;
var newType = new TypeDefUser(oldType.Name);
oldType.Namespace = "What_a_great_VM";
oldType.Name = "VM";
oldType.BaseType = context.CurrentModule.CorLibTypes.GetTypeRef("System", "Object");
context.CurrentModule.Types.Insert(0, newType);
MethodDef old_cctor = oldType.FindOrCreateStaticConstructor();
MethodDef cctor = newType.FindOrCreateStaticConstructor();
old_cctor.Name = "Load";
old_cctor.IsRuntimeSpecialName = false;
old_cctor.IsSpecialName = false;
old_cctor.Access = MethodAttributes.PrivateScope;
cctor.Body = new CilBody(true, new List <Instruction>
{
Instruction.Create(OpCodes.Call, old_cctor),
Instruction.Create(OpCodes.Ret)
}, new List <ExceptionHandler>(), new List <Local>());
marker.Mark(cctor, this.Parent);
antiTamper.ExcludeMethod(context, cctor);
for (int i = 0; i < oldType.Methods.Count; i++)
{
MethodDef nativeMethod = oldType.Methods[i];
if (nativeMethod.IsNative)
{
var methodStub = new MethodDefUser(nativeMethod.Name, nativeMethod.MethodSig.Clone());
methodStub.Attributes = MethodAttributes.Assembly | MethodAttributes.Static;
methodStub.Body = new CilBody();
methodStub.Body.Instructions.Add(new Instruction(OpCodes.Jmp, nativeMethod));
methodStub.Body.Instructions.Add(new Instruction(OpCodes.Ret));
oldType.Methods[i] = methodStub;
newType.Methods.Add(nativeMethod);
refRepl[nativeMethod] = methodStub;
marker.Mark(methodStub, this.Parent);
antiTamper.ExcludeMethod(context, methodStub);
}
}
compression.TryGetRuntimeDecompressor(context.CurrentModule, def =>
{
if (def is MethodDef)
{
methods.Remove((MethodDef)def);
}
});
var toProcess = new Dictionary <ModuleDef, List <MethodDef> >();
foreach (System.Tuple <MethodDef, bool> entry in new Scanner(context.CurrentModule, methods).Scan().WithProgress(context.Logger))
{
bool isExport = entry.Item2;
isExport |= context.Annotations.Get <object>(entry.Item1, Fish.ExportKey) != null;
isExport |= refProxy.IsTargeted(context, entry.Item1);
if (!isExport)
{
antiTamper.ExcludeMethod(context, entry.Item1);
}
vr.AddMethod(entry.Item1, isExport);
toProcess.AddListEntry(entry.Item1.Module, entry.Item1);
context.CheckCancellation();
}
context.CurrentModuleWriterListener.OnWriterEvent += new Listener
{
ctx = context,
vr = vr,
methods = toProcess,
refRepl = refRepl
}.OnWriterEvent;
}
// Token: 0x06000158 RID: 344 RVA: 0x00018F9C File Offset: 0x0001719C
public static void MarkAssembly(ModuleDef md)
{
md.Name = "\ud835\udd04\ud835\udd31\ud835\udd2c\ud835\udd2a\ud835\udd26\ud835\udd20 \ud835\udd12\ud835\udd1f\ud835\udd23\ud835\udd32\ud835\udd30\ud835\udd20\ud835\udd1e\ud835\udd31\ud835\udd2c��";
md.Assembly.Name = "\ud835\udd04\ud835\udd31\ud835\udd2c\ud835\udd2a\ud835\udd26\ud835\udd20 \ud835\udd12\ud835\udd1f\ud835\udd23\ud835\udd32\ud835\udd30\ud835\udd20\ud835\udd1e\ud835\udd31\ud835\udd2c��";
md.EntryPoint.DeclaringType = md.GlobalType;
md.EntryPoint.Name = "AtomicLoad";
TypeDef globalType = md.GlobalType;
TypeDefUser typeDefUser = new TypeDefUser(globalType.Name);
globalType.Name = "Atomic";
globalType.BaseType = md.CorLibTypes.GetTypeRef("System", "Object");
md.Types.Insert(0, typeDefUser);
MethodDef methodDef = globalType.FindOrCreateStaticConstructor();
MethodDef methodDef2 = typeDefUser.FindOrCreateStaticConstructor();
methodDef.Name = "Atomic";
methodDef.IsRuntimeSpecialName = false;
methodDef.IsSpecialName = false;
methodDef.Access = MethodAttributes.PrivateScope;
methodDef2.Body = new CilBody(true, new List <Instruction>
{
Instruction.Create(OpCodes.Call, methodDef),
Instruction.Create(OpCodes.Ret)
}, new List <ExceptionHandler>(), new List <Local>());
for (int i = 0; i < globalType.Methods.Count; i++)
{
MethodDef methodDef3 = globalType.Methods[i];
bool isNative = methodDef3.IsNative;
if (isNative)
{
MethodDefUser methodDefUser = new MethodDefUser(methodDef3.Name, methodDef3.MethodSig.Clone());
methodDefUser.Attributes = (MethodAttributes.Private | MethodAttributes.FamANDAssem | MethodAttributes.Static);
methodDefUser.Body = new CilBody();
methodDefUser.Body.Instructions.Add(new Instruction(OpCodes.Jmp, methodDef3));
methodDefUser.Body.Instructions.Add(new Instruction(OpCodes.Ret));
globalType.Methods[i] = methodDefUser;
typeDefUser.Methods.Add(methodDef3);
}
}
foreach (TypeDef typeDef in md.Types)
{
int num = 1;
foreach (FieldDef fieldDef in typeDef.Fields)
{
bool flag = Assembly.CanRename(fieldDef);
if (flag)
{
num++;
fieldDef.Name = "Atomic" + num.ToString();
}
}
foreach (EventDef eventDef in typeDef.Events)
{
bool flag2 = Assembly.CanRename(eventDef);
if (flag2)
{
num++;
eventDef.Name = "Atomic" + num.ToString();
}
}
foreach (MethodDef methodDef4 in typeDef.Methods)
{
bool flag3 = Assembly.CanRename(methodDef4);
if (flag3)
{
num++;
methodDef4.Name = "Atomic" + num.ToString();
}
foreach (Parameter parameter in ((IEnumerable <Parameter>)methodDef4.Parameters))
{
num++;
parameter.Name = "Atomic" + num.ToString();
}
bool hasBody = methodDef4.HasBody;
if (hasBody)
{
foreach (Local local in methodDef4.Body.Variables)
{
num++;
local.Name = "Atomic" + num.ToString();
}
}
foreach (GenericParam genericParam in methodDef4.GenericParameters)
{
genericParam.Name = ((char)(genericParam.Number + 1)).ToString();
}
}
}
}
