public void Save(string newFilename, MetaDataFlags mdFlags, IModuleWriterListener writerListener) {
if (module.IsILOnly) {
var writerOptions = new ModuleWriterOptions(module, writerListener);
writerOptions.MetaDataOptions.Flags |= mdFlags;
writerOptions.Logger = Logger.Instance;
module.Write(newFilename, writerOptions);
}
else {
var writerOptions = new NativeModuleWriterOptions(module, writerListener);
writerOptions.MetaDataOptions.Flags |= mdFlags;
writerOptions.Logger = Logger.Instance;
writerOptions.KeepExtraPEData = true;
writerOptions.KeepWin32Resources = true;
module.NativeWrite(newFilename, writerOptions);
}
}
static void Main(string[] args)
{
Console.Title = "########################";
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine("[build from 20.12.2020]\nVMP.NET Killer (dev: https://github.com/DarkBullNull/)");
Console.WriteLine("Please see the guide before using it");
Console.WriteLine("If there are any errors, please create an issue");
Console.ForegroundColor = ConsoleColor.Yellow;
Console.Write("Enter path file (drag and drop): ");
var pathFile = Console.ReadLine()?.Replace("\"", "");
Console.WriteLine("Select options:\n" +
"\t 1 - Bypass anti-VM (1213 build)\n" +
"\t 2 - Bypass CRC and anti-debug\n" +
"\t 3 - Bypass all\n" +
"\t 4 - Method Call Hiding remove\n");
Int32.TryParse(Console.ReadLine(), out var userParams);
Console.ForegroundColor = ConsoleColor.Blue;
ModuleDefMD moduleDef = ModuleDefMD.Load(pathFile);
Controller controller = new Controller(ref moduleDef, pathFile, userParams);
var nativeModuleWriter = new dnlib.DotNet.Writer.NativeModuleWriterOptions(moduleDef, false);
nativeModuleWriter.Logger = DummyLogger.NoThrowInstance;
nativeModuleWriter.MetadataOptions.Flags = MetadataFlags.PreserveAll |
MetadataFlags.KeepOldMaxStack |
MetadataFlags.PreserveExtraSignatureData |
MetadataFlags.PreserveBlobOffsets |
MetadataFlags.PreserveUSOffsets |
MetadataFlags.PreserveStringsOffsets;
nativeModuleWriter.Cor20HeaderOptions.Flags = ComImageFlags.ILOnly;
Console.WriteLine("Saving...");
var newFilePath = pathFile.Substring(0, pathFile.Length - 4) + ".justify.exe";
moduleDef.NativeWrite(newFilePath, nativeModuleWriter);
var patchCrcMetadata = new PatchCRCMetadata(newFilePath);
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine("Done!");
Thread.Sleep(5000);
}
static void Main(string[] args)
{
Console.Title = "########################";
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine("VMP.NET Killer (dev: https://github.com/DarkBullNull/)");
Console.WriteLine("Please see the guide before using it");
Console.WriteLine("If there are any errors, please create an issue");
Console.ForegroundColor = ConsoleColor.Yellow;
Console.Write("Enter path file (drag and drop): ");
var pathFile = Console.ReadLine();
Console.WriteLine("Select options:\n" +
"\t 1 - Bypass anti-VM\n" +
"\t 2 - Bypass CRC and anti-debug\n" +
"\t 3 - Bypass all\n");
Int32.TryParse(Console.ReadLine(), out var userParams);
Console.ForegroundColor = ConsoleColor.Blue;
ModuleDefMD moduleDef = ModuleDefMD.Load(pathFile);
var imageProtectedVanillaFile = Path.GetDirectoryName(pathFile) + @"\vmp.exe";
var test = moduleDef.Cor20HeaderFlags;
var nativeModuleWriter = new dnlib.DotNet.Writer.NativeModuleWriterOptions(moduleDef, false);
Controller controller = new Controller(ref moduleDef, imageProtectedVanillaFile, userParams);
nativeModuleWriter.Logger = DummyLogger.NoThrowInstance;
nativeModuleWriter.MetadataOptions.Flags = MetadataFlags.PreserveAll |
MetadataFlags.KeepOldMaxStack |
MetadataFlags.PreserveExtraSignatureData |
MetadataFlags.PreserveBlobOffsets |
MetadataFlags.PreserveUSOffsets |
MetadataFlags.PreserveStringsOffsets;
nativeModuleWriter.Cor20HeaderOptions.Flags = new ComImageFlags();
Console.WriteLine("Saving...");
moduleDef.NativeWrite(pathFile.Substring(0, pathFile.Length - 4) + ".justify.exe", nativeModuleWriter);
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine("Done!");
Thread.Sleep(10000);
}
public static AssemblyDefinition Translate(ModuleDefMD manifestModule)
{
using (var assemblyStream = new MemoryStream())
{
try
{
if (manifestModule.IsILOnly)
{
var writerOptions = new ModuleWriterOptions(manifestModule);
writerOptions.Logger = DummyLogger.NoThrowInstance;
MetaDataOptions metaDataOptions = new MetaDataOptions();
metaDataOptions.Flags = MetaDataFlags.PreserveAll;
manifestModule.Write(assemblyStream, writerOptions);
}
else
{
var writerOptions = new NativeModuleWriterOptions(manifestModule);
writerOptions.Logger = DummyLogger.NoThrowInstance;
MetaDataOptions metaDataOptions = new MetaDataOptions();
metaDataOptions.Flags = MetaDataFlags.PreserveAll;
manifestModule.NativeWrite(assemblyStream, writerOptions);
}
}
catch (Exception)
{
if (assemblyStream.Length == 0)
return null;
}
assemblyStream.Position = 0;
AssemblyDefinition newAssembly = AssemblyDefinition.ReadAssembly(assemblyStream);
return newAssembly;
}
}
static void Main(string[] args)
{
Console.ForegroundColor = ConsoleColor.Green;
Console.Write("Enter path file (drag and drop): ");
Console.ForegroundColor = ConsoleColor.DarkRed;
var pathFile = Console.ReadLine();
var imageProtectedVanillaFile = Path.GetDirectoryName(pathFile) + @"\vmp.exe";
Console.ForegroundColor = ConsoleColor.Yellow;
ModuleDefMD moduleDef = ModuleDefMD.Load(pathFile);
Controller controller = new Controller(ref moduleDef, imageProtectedVanillaFile);
var nativeModuleWriter = new dnlib.DotNet.Writer.NativeModuleWriterOptions(moduleDef, false);
nativeModuleWriter.Logger = DummyLogger.NoThrowInstance;
nativeModuleWriter.MetadataOptions.Flags = MetadataFlags.PreserveAll | MetadataFlags.KeepOldMaxStack | MetadataFlags.PreserveExtraSignatureData | MetadataFlags.PreserveBlobOffsets | MetadataFlags.PreserveUSOffsets | MetadataFlags.PreserveStringsOffsets;
nativeModuleWriter.Cor20HeaderOptions.Flags = new ComImageFlags();
Console.ForegroundColor = ConsoleColor.Magenta;
Console.WriteLine("Saving...");
moduleDef.NativeWrite(pathFile.Substring(0, pathFile.Length - 4) + ".justify.exe", nativeModuleWriter);
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine("Done!");
Thread.Sleep(800);
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="module">The module</param>
/// <param name="options">Options or <c>null</c></param>
public NativeModuleWriter(ModuleDefMD module, NativeModuleWriterOptions options)
{
this.module = module;
this.options = options;
this.peImage = module.MetaData.PEImage;
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="module">The module</param>
/// <param name="options">Options or <c>null</c></param>
public NativeModuleWriter(ModuleDefMD module, NativeModuleWriterOptions options) {
this.module = module;
this.options = options;
this.peImage = module.MetaData.PEImage;
}
/// <summary>
/// Requests the current module to be written as mix-mode module, and return the native writer options.
/// </summary>
/// <returns>The native writer options.</returns>
public NativeModuleWriterOptions RequestNative()
{
if (CurrentModule == null)
return null;
if (CurrentModuleWriterOptions == null)
CurrentModuleWriterOptions = new NativeModuleWriterOptions(CurrentModule);
if (CurrentModuleWriterOptions is NativeModuleWriterOptions)
return (NativeModuleWriterOptions)CurrentModuleWriterOptions;
var newOptions = new NativeModuleWriterOptions(CurrentModule, CurrentModuleWriterOptions.Listener);
// Clone the current options to the new options
newOptions.AddCheckSum = CurrentModuleWriterOptions.AddCheckSum;
newOptions.Cor20HeaderOptions = CurrentModuleWriterOptions.Cor20HeaderOptions;
newOptions.Logger = CurrentModuleWriterOptions.Logger;
newOptions.MetaDataLogger = CurrentModuleWriterOptions.MetaDataLogger;
newOptions.MetaDataOptions = CurrentModuleWriterOptions.MetaDataOptions;
newOptions.ModuleKind = CurrentModuleWriterOptions.ModuleKind;
newOptions.PEHeadersOptions = CurrentModuleWriterOptions.PEHeadersOptions;
newOptions.ShareMethodBodies = CurrentModuleWriterOptions.ShareMethodBodies;
newOptions.StrongNameKey = CurrentModuleWriterOptions.StrongNameKey;
newOptions.StrongNamePublicKey = CurrentModuleWriterOptions.StrongNamePublicKey;
newOptions.Win32Resources = CurrentModuleWriterOptions.Win32Resources;
CurrentModuleWriterOptions = newOptions;
return newOptions;
}
public void InitializeFrom(NativeModuleWriterOptions options) {
InitializeFromInternal((ModuleWriterOptionsBase)options);
KeepExtraPEData = options.KeepExtraPEData;
KeepWin32Resources = options.KeepWin32Resources;
}
public ModuleWriterOptionsBase CreateWriterOptions() {
if (UseMixedMode) {
var options = new NativeModuleWriterOptions((ModuleDefMD)module);
CopyTo(options);
options.KeepExtraPEData = KeepExtraPEData;
options.KeepWin32Resources = KeepWin32Resources;
return options;
}
else {
var options = new ModuleWriterOptions();
CopyTo(options);
if (module.ManagedEntryPoint != null || module.NativeEntryPoint == 0)
options.Cor20HeaderOptions.Flags &= ~ComImageFlags.NativeEntryPoint;
return options;
}
}
private void btnSave_Click(object sender, EventArgs e)
{
if (string.IsNullOrWhiteSpace(txtPath.Text))
return;
try
{
if (_module.IsILOnly)
{
ModuleWriterOptions writer = new ModuleWriterOptions(_module);
if (chkNoThrowInstanceLogger.Checked)
writer.Logger = DummyLogger.NoThrowInstance;
MetaDataOptions metaDataOptions = writer.MetaDataOptions;
#region MetaDataSetters
if (chkPreserveTypeRefRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveTypeRefRids;
if (chkPreserveTypeDefRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveTypeDefRids;
if (chkPreserveFieldRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveFieldRids;
if (chkPreserveMethodRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveMethodRids;
if (chkPreserveParamRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveParamRids;
if (chkPreserveMemberRefRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveMemberRefRids;
if (chkPreserveStandAloneSigRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveStandAloneSigRids;
if (chkPreserveEventRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveEventRids;
if (chkPreservePropertyRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreservePropertyRids;
if (chkPreserveTypeSpecRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveTypeSpecRids;
if (chkPreserveMethodSpecRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveMethodSpecRids;
if (chkPreserveAllMethodRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveAllMethodRids;
if (chkPreserveRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveRids;
if (chkPreserveStringOffsets.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveStringsOffsets;
if (chkPreserveUSOffsets.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveUSOffsets;
if (chkPreserveBlobOffsets.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveBlobOffsets;
if (chkPreserveExtraSignatureData.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveExtraSignatureData;
if (chkPreserveAll.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveAll;
if (chkKeepOldMaxStack.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.KeepOldMaxStack;
if (chkAlwaysCreateGuidHeap.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.AlwaysCreateGuidHeap;
if (chkAlwaysCreateStringsHeap.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.AlwaysCreateStringsHeap;
if (chkAlwaysCreateUSHeap.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.AlwaysCreateUSHeap;
if (chkAlwaysCreateBlobHeap.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.AlwaysCreateBlobHeap;
#endregion
_module.Write(txtPath.Text, writer);
}
else
{
NativeModuleWriterOptions writer = new NativeModuleWriterOptions(_module);
if (chkNoThrowInstanceLogger.Checked)
writer.Logger = DummyLogger.NoThrowInstance;
MetaDataOptions metaDataOptions = writer.MetaDataOptions;
#region MetaDataSetters
if (chkPreserveTypeRefRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveTypeRefRids;
if (chkPreserveTypeDefRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveTypeDefRids;
if (chkPreserveFieldRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveFieldRids;
if (chkPreserveMethodRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveMethodRids;
if (chkPreserveParamRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveParamRids;
if (chkPreserveMemberRefRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveMemberRefRids;
if (chkPreserveStandAloneSigRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveStandAloneSigRids;
if (chkPreserveEventRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveEventRids;
if (chkPreservePropertyRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreservePropertyRids;
if (chkPreserveTypeSpecRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveTypeSpecRids;
if (chkPreserveMethodSpecRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveMethodSpecRids;
if (chkPreserveAllMethodRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveAllMethodRids;
if (chkPreserveRids.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveRids;
if (chkPreserveStringOffsets.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveStringsOffsets;
if (chkPreserveUSOffsets.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveUSOffsets;
if (chkPreserveBlobOffsets.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveBlobOffsets;
if (chkPreserveExtraSignatureData.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveExtraSignatureData;
if (chkPreserveAll.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.PreserveAll;
if (chkKeepOldMaxStack.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.KeepOldMaxStack;
if (chkAlwaysCreateGuidHeap.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.AlwaysCreateGuidHeap;
if (chkAlwaysCreateStringsHeap.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.AlwaysCreateStringsHeap;
if (chkAlwaysCreateUSHeap.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.AlwaysCreateUSHeap;
if (chkAlwaysCreateBlobHeap.Checked)
metaDataOptions.Flags = metaDataOptions.Flags | MetaDataFlags.AlwaysCreateBlobHeap;
#endregion
_module.NativeWrite(txtPath.Text, writer);
}
}
catch (Exception o)
{
MessageBox.Show("Could not write assembly!" + Environment.NewLine + Environment.NewLine + o.Message,
"Error");
return;
}
MessageBox.Show("Assembly written to:" + Environment.NewLine + txtPath.Text, "Success");
Close();
}