예제 #1
0
        VmOpCodeHandlerDetector getVmOpCodeHandlerDetector()
        {
            var vmFilename   = vmAssemblyReference.Name + ".dll";
            var vmModulePath = Path.Combine(Path.GetDirectoryName(module.FullyQualifiedName), vmFilename);

            Log.v("CSVM filename: {0}", vmFilename);

            var dataKey = "cs cached VmOpCodeHandlerDetector";
            var dict    = (Dictionary <string, VmOpCodeHandlerDetector>)deobfuscatorContext.getData(dataKey);

            if (dict == null)
            {
                deobfuscatorContext.setData(dataKey, dict = new Dictionary <string, VmOpCodeHandlerDetector>(StringComparer.OrdinalIgnoreCase));
            }
            VmOpCodeHandlerDetector detector;

            if (dict.TryGetValue(vmModulePath, out detector))
            {
                return(detector);
            }
            dict[vmModulePath] = detector = new VmOpCodeHandlerDetector(ModuleDefinition.ReadModule(vmModulePath));

            detector.findHandlers();
            Log.v("CSVM opcodes:");
            Log.indent();
            for (int i = 0; i < detector.Handlers.Count; i++)
            {
                Log.v("{0:X4}: {1}", i, detector.Handlers[i].Name);
            }
            Log.deIndent();

            return(detector);
        }
예제 #2
0
 public CsvmToCilMethodConverter(IDeobfuscatorContext deobfuscatorContext, ModuleDefinition module, VmOpCodeHandlerDetector opCodeDetector)
 {
     this.deobfuscatorContext = deobfuscatorContext;
     this.module         = module;
     this.opCodeDetector = opCodeDetector;
 }
예제 #3
0
 public CsvmToCilMethodConverter(IDeobfuscatorContext deobfuscatorContext, ModuleDefinition module, VmOpCodeHandlerDetector opCodeDetector)
 {
     this.deobfuscatorContext = deobfuscatorContext;
     this.module = module;
     this.opCodeDetector = opCodeDetector;
 }
예제 #4
0
파일: Csvm.cs 프로젝트: Joelone/de4dot
        VmOpCodeHandlerDetector getVmOpCodeHandlerDetector()
        {
            var vmFilename = vmAssemblyReference.Name + ".dll";
            var vmModulePath = Path.Combine(Path.GetDirectoryName(module.FullyQualifiedName), vmFilename);
            Log.v("CSVM filename: {0}", vmFilename);

            var dataKey = "cs cached VmOpCodeHandlerDetector";
            var dict = (Dictionary<string, VmOpCodeHandlerDetector>)deobfuscatorContext.getData(dataKey);
            if (dict == null)
                deobfuscatorContext.setData(dataKey, dict = new Dictionary<string, VmOpCodeHandlerDetector>(StringComparer.OrdinalIgnoreCase));
            VmOpCodeHandlerDetector detector;
            if (dict.TryGetValue(vmModulePath, out detector))
                return detector;
            dict[vmModulePath] = detector = new VmOpCodeHandlerDetector(ModuleDefinition.ReadModule(vmModulePath));

            detector.findHandlers();
            Log.v("CSVM opcodes:");
            Log.indent();
            for (int i = 0; i < detector.Handlers.Count; i++)
                Log.v("{0:X4}: {1}", i, detector.Handlers[i].Name);
            Log.deIndent();

            return detector;
        }