C# (CSharp) VelerSoftware.SZC.Obfuscator.Confuser.Core CecilHelper 예제들

예제 #1

파일: Confuser.cs 프로젝트: wmade/SoftwareZator-2012

        void ProcessStructuralPhases(ModuleDefinition mod, IDictionary <IConfusion, NameValueCollection> globalParams, IEnumerable <Phase> phases)
        {
            ConfusionParameter cParam = new ConfusionParameter();
            bool end1 = false;

            foreach (StructurePhase i in from i in phases where (i is StructurePhase)orderby(int) i.Priority + i.PhaseID * 10 ascending select i)
            {
                if (!end1 && i.PhaseID > 1)
                {
                    MarkModule(mod);
                    MarkObfuscateHelpers(mod);
                    CecilHelper.RefreshTokens(mod);
                    end1 = true;
                }
                List <IAnnotationProvider> mems = GetTargets(mod, i.Confusion);
                if (mems.Count == 0)
                {
                    continue;
                }

                i.Confuser = this;
                param.Logger.Log("Executing " + i.Confusion.Name + " Phase " + i.PhaseID + "...");

                i.Initialize(mod);
                if (globalParams.ContainsKey(i.Confusion))
                {
                    cParam.GlobalParameters = globalParams[i.Confusion];
                }
                else
                {
                    cParam.GlobalParameters = new NameValueCollection();
                }
                if (i.WholeRun == true)
                {
                    cParam.Parameters = null;
                    cParam.Target     = null;
                    i.Process(cParam);
                    param.Logger.Progress(1);
                }
                else
                {
                    if (i is IProgressProvider)
                    {
                        cParam.Parameters = new NameValueCollection();
                        foreach (IAnnotationProvider mem in mems)
                        {
                            NameValueCollection memParam = (from set in mem.Annotations["ConfusionSets"] as IDictionary <IConfusion, NameValueCollection> where set.Key.Phases.Contains(i) select set.Value).FirstOrDefault();
                            string hash = mem.GetHashCode().ToString("X8");
                            foreach (string pkey in memParam.AllKeys)
                            {
                                cParam.Parameters[hash + "_" + pkey] = memParam[pkey];
                            }
                        }
                        cParam.Target = mems;
                        (i as IProgressProvider).SetProgresser(param.Logger);
                        i.Process(cParam);
                    }
                    else
                    {
                        double total    = mems.Count;
                        int    interval = 1;
                        if (total > 1000)
                        {
                            interval = (int)total / 100;
                        }
                        int now = 0;
                        foreach (IAnnotationProvider mem in mems)
                        {
                            cParam.Parameters = (from set in mem.Annotations["ConfusionSets"] as IDictionary <IConfusion, NameValueCollection> where set.Key.Phases.Contains(i) select set.Value).FirstOrDefault();
                            cParam.Target     = mem;
                            i.Process(cParam);
                            if (now % interval == 0 || now == total - 1)
                            {
                                param.Logger.Progress((now + 1) / total);
                            }
                            now++;
                        }
                    }
                    param.Logger.Progress(1);
                }
                i.DeInitialize();
            }
        }

예제 #2

        protected override void PackCore(out AssemblyDefinition asm, PackerParameter parameter)
        {
            ModuleDefinition originMain = parameter.Modules[0];

            asm = AssemblyDefinition.CreateAssembly(originMain.Assembly.Name, originMain.Name, new ModuleParameters()
            {
                Architecture = originMain.Architecture, Kind = originMain.Kind, Runtime = originMain.Runtime
            });
            ModuleDefinition mod = asm.MainModule;

            Random           rand = new Random();
            int              key0 = rand.Next(0, 0xff);
            int              key1 = rand.Next(0, 0xff);
            EmbeddedResource res  = new EmbeddedResource(Encoding.UTF8.GetString(Guid.NewGuid().ToByteArray()), ManifestResourceAttributes.Private, Encrypt(parameter.PEs[0], key0));

            mod.Resources.Add(res);
            for (int i = 1; i < parameter.Modules.Length; i++)
            {
                if (parameter.Modules[i].IsMain)
                {
                    mod.Resources.Add(new EmbeddedResource(GetNewName(parameter.Modules[i].Assembly.Name.FullName, key1), ManifestResourceAttributes.Private, Encrypt(parameter.PEs[i], key0)));
                }
                else
                {
                    mod.Resources.Add(new EmbeddedResource(GetNewName(parameter.Modules[i].Name, key1), ManifestResourceAttributes.Private, Encrypt(parameter.PEs[i], key0)));  //TODO: Support for multi-module asssembly
                }
            }
            AssemblyDefinition ldrC = AssemblyDefinition.ReadAssembly(typeof(Iid).Assembly.Location);
            TypeDefinition t        = CecilHelper.Inject(mod, ldrC.MainModule.GetType("CompressShell"));
            foreach (Instruction inst in t.GetStaticConstructor().Body.Instructions)
            {
                if (inst.Operand is string)
                {
                    inst.Operand = res.Name;
                }
            }
            foreach (Instruction inst in t.Methods.FirstOrDefault(mtd => mtd.Name == "Decrypt").Body.Instructions)
            {
                if (inst.Operand is int && (int)inst.Operand == 0x12345678)
                {
                    inst.Operand = key0;
                }
            }
            foreach (Instruction inst in t.Methods.FirstOrDefault(mtd => mtd.Name == "DecryptAsm").Body.Instructions)
            {
                if (inst.Operand is int && (int)inst.Operand == 0x12345678)
                {
                    inst.Operand = key1;
                }
            }
            t.Namespace       = "";
            t.DeclaringType   = null;
            t.IsNestedPrivate = false;
            t.IsNotPublic     = true;
            mod.Types.Add(t);

            MethodDefinition cctor = new MethodDefinition(".cctor", MethodAttributes.Private | MethodAttributes.HideBySig |
                                                          MethodAttributes.SpecialName | MethodAttributes.RTSpecialName |
                                                          MethodAttributes.Static, mod.TypeSystem.Void);
            mod.GetType("<Module>").Methods.Add(cctor);
            MethodBody bdy  = cctor.Body = new MethodBody(cctor);
            ILProcessor psr = bdy.GetILProcessor();
            psr.Emit(OpCodes.Call, mod.Import(typeof(AppDomain).GetProperty("CurrentDomain").GetGetMethod()));
            psr.Emit(OpCodes.Ldnull);
            psr.Emit(OpCodes.Ldftn, t.Methods.FirstOrDefault(mtd => mtd.Name == "DecryptAsm"));
            psr.Emit(OpCodes.Newobj, mod.Import(typeof(ResolveEventHandler).GetConstructor(new Type[] { typeof(object), typeof(IntPtr) })));
            psr.Emit(OpCodes.Callvirt, mod.Import(typeof(AppDomain).GetEvent("AssemblyResolve").GetAddMethod()));
            psr.Emit(OpCodes.Ret);

            MethodDefinition main = t.Methods.FirstOrDefault(mtd => mtd.Name == "Main");
            mod.EntryPoint = main;
        }