Exemplo n.º 1
0
        public static void InjectClass(ModuleDef module)
        {
            //We declare our Module, here we want to load the EncryptionHelper class
            ModuleDefMD typeModule = ModuleDefMD.Load(typeof(EncryptionHelper).Module);
            //We declare EncryptionHelper as a TypeDef using it's Metadata token (needed)
            TypeDef typeDef = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(EncryptionHelper).MetadataToken));
            //We use confuserEX InjectHelper class to inject EncryptionHelper class into our target, under <Module>
            IEnumerable <IDnlibDef> members = InjectHelper.Inject(typeDef, module.GlobalType, module);

            //We find the Decrypt() Method in EncryptionHelper we just injected
            init = (MethodDef)members.Single(method => method.Name == "Decrypt");
            //we will call this method later

            //We just have to remove .ctor method because otherwise it will
            //lead to Global constructor error (e.g [MD]: Error: Global item (field,method) must be Static. [token:0x06000002] / [MD]: Error: Global constructor. [token:0x06000002] )
            foreach (MethodDef md in module.GlobalType.Methods)
            {
                if (md.Name == ".ctor")
                {
                    module.GlobalType.Remove(md);
                    //Now we go out of this mess
                    break;
                }
            }
        }
Exemplo n.º 2
0
        ITypeDefOrRef ISignatureReaderHelper.ResolveTypeDefOrRef(uint codedToken, GenericParamContext gpContext)
        {
            uint          token;
            bool          flag  = !CodedToken.TypeDefOrRef.Decode(codedToken, out token);
            bool          flag2 = flag;
            ITypeDefOrRef result;

            if (flag2)
            {
                result = null;
            }
            else
            {
                uint  rid   = MDToken.ToRID(token);
                Table table = MDToken.ToTable(token);
                bool  flag3 = table - Table.TypeRef > 1 && table != Table.TypeSpec;
                if (flag3)
                {
                    result = null;
                }
                else
                {
                    result = this.ImportType(rid);
                }
            }
            return(result);
        }
Exemplo n.º 3
0
        private void AddCall(ModuleDef module)
        {
            //We declare our Module, here we want to load the EOFAntitamp class, from AntiTamperEOF.exe
            ModuleDefMD typeModule = ModuleDefMD.Load(typeof(EOFAntiTamper).Module);
            //We find or create the .cctor method in <Module>, aka GlobalType, if it doesn't exist yet
            MethodDef cctor = module.GlobalType.FindOrCreateStaticConstructor();
            //We declare EOFAntitamp as a TypeDef using it's Metadata token (needed)
            TypeDef typeDef = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(EOFAntiTamper).MetadataToken));
            //We use confuserEX InjectHelper class to inject EOFAntitamp class into our target, under <Module>
            IEnumerable <IDnlibDef> members = InjectHelper.Inject(typeDef, module.GlobalType, module);

            //We find the Initialize() Method in EOFAntitamp we just injected
            var init = (MethodDef)members.Single(method => method.Name == "Initialize");

            //We call this method using the Call Opcode
            cctor.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, init));


            //We just have to remove .ctor method because otherwise it will
            //lead to Global constructor error (e.g [MD]: Error: Global item (field,method) must be Static. [token:0x06000002] / [MD]: Error: Global constructor. [token:0x06000002] )
            foreach (MethodDef md in module.GlobalType.Methods)
            {
                if (md.Name == ".ctor")
                {
                    module.GlobalType.Remove(md);
                    //Now we go out of this mess
                    break;
                }
            }
        }
Exemplo n.º 4
0
            public ITypeDefOrRef ResolveTypeDefOrRef(uint codedToken, GenericParamContext gpContext)
            {
                uint token;

                if (!CodedToken.TypeDefOrRef.Decode(codedToken, out token))
                {
                    return(null);
                }
                uint rid = MDToken.ToRID(token);

                switch (MDToken.ToTable(token))
                {
                case Table.TypeDef:             return(new TypeDefUser(UTF8String.Empty)
                    {
                        Rid = rid
                    });

                case Table.TypeRef:             return(new TypeRefUser(null, UTF8String.Empty)
                    {
                        Rid = rid
                    });

                case Table.TypeSpec:    return(new TypeSpecUser()
                    {
                        Rid = rid
                    });
                }
                return(null);
            }
Exemplo n.º 5
0
        public SymbolMethod ReadMethodSymbolInfo(int methodMetadataToken)
        {
            var rid      = MDToken.ToRID(methodMetadataToken);
            var mdMethod = _module.ResolveMethod(rid);

            return(_symbolReader.GetMethod(mdMethod, version: 1));
        }
Exemplo n.º 6
0
        void InjectMasker()
        {
            System.Reflection.Assembly assembly = System.Reflection.Assembly.GetEntryAssembly();
            string      applicationPath         = System.IO.Path.GetDirectoryName(assembly.Location);
            ModuleDefMD typeModule = ModuleDefMD.Load(System.IO.Path.Combine(applicationPath, "AsertInject.dll"));
            TypeDef     maskClass  = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(O).MetadataToken));

            typeModule.Types.Remove(maskClass);
            module.Types.Add(maskClass);

            intMaskMethod = maskClass.FindMethod("_");
            intKey        = rnd.Next();
            intMaskMethod.Body.Instructions[2].OpCode  = OpCodes.Ldc_I4;
            intMaskMethod.Body.Instructions[2].Operand = intKey;

            strMaskMethod = maskClass.FindMethod("_d");
            strKey        = (byte)rnd.Next(2, 255);
            strMaskMethod.Body.Instructions[3].OpCode  = OpCodes.Ldc_I4;
            strMaskMethod.Body.Instructions[3].Operand = (int)strKey;

            //var mm = maskClass.FindMethod("_d");
            //Console.WriteLine(mm);
            //Console.WriteLine(mm.HasBody);
            //foreach (var i in mm.Body.Instructions)
            //    Console.WriteLine(i);
            //throw new Exception("Stop");

            log.InfoFormat("Keys generated. Str: {0}, Int: {1}", strKey, intKey);
        }
Exemplo n.º 7
0
 public void Add(DumpedMethod dm)
 {
     if (MDToken.ToTable(dm.token) != Table.Method || MDToken.ToRID(dm.token) == 0)
     {
         throw new ArgumentException("Invalid token");
     }
     methods[dm.token] = dm;
 }
Exemplo n.º 8
0
        public static TypeDef ImportType(Type type)
        {
            var module = ModuleDefMD.Load(type.Module);
            var td     = module.ResolveTypeDef(MDToken.ToRID(type.MetadataToken));

            module.Types.Remove(td);
            return(td);
        }
Exemplo n.º 9
0
        void IProtector.InjectPhase(Context krawk)
        {
            ModuleDefMD             typeModule = ModuleDefMD.Load(typeof(CalliRuntime).Module);
            TypeDef                 typeDef    = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(CalliRuntime).MetadataToken));
            IEnumerable <IDnlibDef> members    = InjectHelper.Inject(typeDef, krawk.GlobalType, krawk.ManifestModule);

            decryptionmethod = (MethodDef)members.Single(method => method.Name == "ResolveToken");
        }
Exemplo n.º 10
0
        public void InjectPhase(Context krawk)
        {
            ModuleDefMD             typeModule = ModuleDefMD.Load(typeof(Krawk.Runtime.AntiDebug).Module);
            TypeDef                 typeDef    = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(Krawk.Runtime.AntiDebug).MetadataToken));
            IEnumerable <IDnlibDef> members    = InjectHelper.Inject(typeDef, krawk.GlobalType, krawk.ManifestModule);

            decryptmethod = (MethodDef)members.Single(method => method.Name == "StartAntiDebug");
        }
Exemplo n.º 11
0
        public void InjectPhase(SpectreContext spctx)
        {
            ModuleDefMD             typeModule = ModuleDefMD.Load(typeof(Runtime.ConstantRuntime).Module);
            TypeDef                 typeDef    = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(Runtime.ConstantRuntime).MetadataToken));
            IEnumerable <IDnlibDef> members    = InjectHelper.Inject(typeDef, spctx.GlobalType, spctx.ManifestModule);

            decryptionmethod = (MethodDef)members.Single(method => method.Name == "DecodeNum");
        }
Exemplo n.º 12
0
        public void InitializeCollatz()
        {
            ModuleDefMD             typeModule = ModuleDefMD.Load(typeof(Runtime.CollatzConjecture).Module);
            MethodDef               cctor      = _module.GlobalType.FindOrCreateStaticConstructor();
            TypeDef                 typeDef    = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(Runtime.CollatzConjecture).MetadataToken));
            IEnumerable <IDnlibDef> members    = Inject_Helper.InjectHelper.Inject(typeDef, _module.GlobalType, _module);

            CollatzCtor = (MethodDef)members.Single(method => method.Name == "ConjetMe");
        }
Exemplo n.º 13
0
        public static void InjectType(Type type)
        {
            var typeToInject = ModuleDefMD.Load(type.Module);
            var typeDef      = typeToInject.ResolveTypeDef(MDToken.ToRID(type.MetadataToken));        // class
            var newTypeDef   = new TypeDefUser(type.Namespace, type.Name, typeDef.BaseType);

            Context.Instance.Module.Types.Add(newTypeDef);             // add class
            Inject(typeDef, newTypeDef, Context.Instance.Module);
        }
Exemplo n.º 14
0
        void InitializeInverseGenericParamOwnerRidList()
        {
            if (gpRidToOwnerRid != null)
            {
                return;
            }
            var gpTable            = tablesStream.GenericParamTable;
            var newGpRidToOwnerRid = new uint[gpTable.Rows];

            // Find all owners by reading the GenericParam.Owner column
            var ownerCol   = gpTable.TableInfo.Columns[2];
            var ownersDict = new Dictionary <uint, bool>();

#if THREAD_SAFE
            tablesStream.theLock.EnterWriteLock(); try {
#endif
            for (uint rid = 1; rid <= gpTable.Rows; rid++)
            {
                uint owner;
                if (!tablesStream.ReadColumn_NoLock(gpTable, rid, ownerCol, out owner))
                {
                    continue;
                }
                ownersDict[owner] = true;
            }
#if THREAD_SAFE
        }

        finally { tablesStream.theLock.ExitWriteLock(); }
#endif

            // Now that we have the owners, find all the generic params they own. An obfuscated
            // module could have 2+ owners pointing to the same generic param row.
            var owners = new List <uint>(ownersDict.Keys);
            owners.Sort();
            for (int i = 0; i < owners.Count; i++)
            {
                uint ownerToken;
                if (!CodedToken.TypeOrMethodDef.Decode(owners[i], out ownerToken))
                {
                    continue;
                }
                var ridList = GetGenericParamRidList(MDToken.ToTable(ownerToken), MDToken.ToRID(ownerToken));
                for (uint j = 0; j < ridList.Length; j++)
                {
                    uint ridIndex = ridList[j] - 1;
                    if (newGpRidToOwnerRid[ridIndex] != 0)
                    {
                        continue;
                    }
                    newGpRidToOwnerRid[ridIndex] = owners[i];
                }
            }
            Interlocked.CompareExchange(ref gpRidToOwnerRid, newGpRidToOwnerRid, null);
        }
Exemplo n.º 15
0
        protected override MethodSig ReadInlineSig(Instruction instr)
        {
            var token = reader.ReadUInt32();

            if (MDToken.ToTable(token) != Table.StandAloneSig)
            {
                return(null);
            }
            var sas = module.ResolveStandAloneSig(MDToken.ToRID(token));

            return(sas == null ? null : sas.MethodSig);
        }
Exemplo n.º 16
0
 /// <inheritdoc/>
 protected override void WriteInlineMethod(BinaryWriter writer, Instruction instr)
 {
     if (instr.Operand == null)
     {
         // MODDED
         writer.Write(MDToken.ToRID(0));
     }
     else
     {
         writer.Write(helper.GetToken(instr.Operand).Raw);
     }
 }
Exemplo n.º 17
0
        private void AddAntiDump(ModuleDef module, string methodName)
        {
            ModuleDefMD typeModule = ModuleDefMD.Load(typeof(PX_AntiDump.AntiDump).Module);
            MethodDef   injectMethod;

            injectMethod = null;
            if (radioButton1.Checked == true)
            {
                injectMethod = module.GlobalType.FindOrCreateStaticConstructor();
            }
            if (radioButton2.Checked == true)
            {
                injectMethod = module.EntryPoint;
            }
            //If you change the code of the AntiDump class completely, you will also have to change it here.

            TypeDef typeDef = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(PX_AntiDump.AntiDump).MetadataToken));
            IEnumerable <IDnlibDef> members = InjectHelper.Inject(typeDef, module.GlobalType, module);

            MethodDef init = (MethodDef)members.Single(method => method.Name == methodName);

            injectMethod.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, init));

            foreach (TypeDef type in module.Types)
            {
                if (type.IsGlobalModuleType || type.Name == "Resources" || type.Name == "Settings" || type.Name.Contains("Form"))
                {
                    continue;
                }
                foreach (MethodDef method in type.Methods)
                {
                    if (!method.HasBody)
                    {
                        continue;
                    }
                    if (method.IsConstructor)
                    {
                        method.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Nop));
                        method.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, init));
                    }
                }
            }

            foreach (MethodDef md in module.GlobalType.Methods)
            {
                if (md.Name != ".ctor")
                {
                    continue;
                }
                module.GlobalType.Remove(md);
                break;
            }
        }
Exemplo n.º 18
0
        /// <summary>
        /// Encodes a token
        /// </summary>
        /// <param name="token">The token</param>
        /// <param name="codedToken">Coded token</param>
        /// <returns><c>true</c> if successful</returns>
        public bool Encode(uint token, out uint codedToken)
        {
            int index = Array.IndexOf(tableTypes, MDToken.ToTable(token));

            if (index < 0)
            {
                codedToken = uint.MaxValue;
                return(false);
            }
            // This shift can never overflow a uint since bits < 8 (it's at most 5), and
            // ToRid() returns an integer <= 0x00FFFFFF.
            codedToken = (MDToken.ToRID(token) << bits) | (uint)index;
            return(true);
        }
Exemplo n.º 19
0
        //Inspired by EOFAntiTamper
        private static void ModifyModule(ModuleDef module, bool callOnly)
        {
            var loaderType = callOnly ? typeof(CallLoader) : typeof(Loader);
            //Declare module to inject
            var injectModule = ModuleDefMD.Load(loaderType.Module);
            var global       = module.GlobalType.FindOrCreateStaticConstructor();
            //Declare CallLoader as a TypeDef using it's Metadata token
            var injectType = injectModule.ResolveTypeDef(MDToken.ToRID(loaderType.MetadataToken));

            //Use ConfuserEx InjectHelper class to inject Loader class into our target, under <Module>
            var members = InjectHelper.Inject(injectType, module.GlobalType, module);

            if (callOnly)
            {
                Console.WriteLine("Injecting Origami loader into {0}", module.GlobalType.Name);
                //Find the Initialize() Method in Loader
                var init = (MethodDef)members.Single(method => method.Name == "Initialize");
                //Add Instruction to call the init method
                global.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, init));
            }
            else
            {
                Console.WriteLine("Creating Origami entry point for stub {0}", module.GlobalType.Name);
                //Find the Initialize() Method in Loader
                var init = (MethodDef)members.Single(method => method.Name == "Initialize");
                //Add Instruction to call the init method
                global.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, init));

                var entryPoint = members.OfType <MethodDef>().Single(method => method.Name == "Main");
                //Set EntryPoint to Main method defined in the Loader class
                module.EntryPoint = entryPoint;

                //Add STAThreadAttribute
                var attrType = module.CorLibTypes.GetTypeRef("System", "STAThreadAttribute");
                var ctorSig  = MethodSig.CreateInstance(module.CorLibTypes.Void);
                entryPoint.CustomAttributes.Add(new CustomAttribute(
                                                    new MemberRefUser(module, ".ctor", ctorSig, attrType)));
            }

            //Remove.ctor method because otherwise it will
            //lead to Global constructor error( e.g[MD]: Error: Global item( field, method ) must be Static. [token: 0x06000002] / [MD]: Error: Global constructor. [token: 0x06000002] )
            foreach (var md in module.GlobalType.Methods)
            {
                if (md.Name == ".ctor")
                {
                    module.GlobalType.Remove(md);
                    break;
                }
            }
        }
Exemplo n.º 20
0
        //public IEnumerable<IMemberRef> ResolveProxyMethod(TypeDef proxy, int key)
        //{
        //    foreach (var fld in proxy.Fields)
        //    {
        //        var fldSig = DeobfuscatorContext.OriginalMD.ReadBlob(fld.MDToken.ToUInt32());
        //        var x = ((uint)fldSig[fldSig.Length - 6] << 0) |
        //                ((uint)fldSig[fldSig.Length - 5] << 8) |
        //                ((uint)fldSig[fldSig.Length - 3] << 16) |
        //                ((uint)fldSig[fldSig.Length - 2] << 24);

        //        var method = DeobfuscatorContext.OriginalMD.ResolveMemberRef(MDToken.ToRID((uint)(x ^ key | (fldSig[fldSig.Length - 7] << 24))));
        //        yield return method;
        //    }
        //}

        public IEnumerable <Tuple <IMemberRef, FieldDef> > ResolveProxyMethod(TypeDef proxy, int key)
        {
            foreach (var fld in proxy.Fields)
            {
                var fldSig = DeobfuscatorContext.OriginalMD.ReadBlob(fld.MDToken.ToUInt32());
                var x      = ((uint)fldSig[fldSig.Length - 6] << 0) |
                             ((uint)fldSig[fldSig.Length - 5] << 8) |
                             ((uint)fldSig[fldSig.Length - 3] << 16) |
                             ((uint)fldSig[fldSig.Length - 2] << 24);

                var method = DeobfuscatorContext.OriginalMD.ResolveMemberRef(MDToken.ToRID((uint)(x ^ key | (fldSig[fldSig.Length - 7] << 24))));
                yield return(Tuple.Create(method as IMemberRef, fld));
            }
        }
        public MethodDef Inject(ModuleDef asmDef)
        {
            ModuleDefMD typeModule = ModuleDefMD.Load(typeof(RuntimeHelper).Module);
            TypeDef     typeDef    = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(RuntimeHelper).MetadataToken));
            TypeDef     panda      = new TypeDefUser("Panda", asmDef.CorLibTypes.Object.TypeDefOrRef);

            panda.Attributes = TypeAttributes.Public | TypeAttributes.AutoLayout |
                               TypeAttributes.Class | TypeAttributes.AnsiClass;
            asmDef.Types.Add(panda);
            IEnumerable <IDnlibDef> members = InjectHelper.Inject(typeDef, panda, asmDef);
            var init = (MethodDef)members.Single(methodddd => methodddd.Name == "k");

            return(init);
        }
Exemplo n.º 22
0
        private static void InjectAntiDebugMethod(ModuleDef module)
        {
            ModuleDefMD             typeModule = ModuleDefMD.Load(typeof(DebugChecker).Module);
            TypeDef                 typeDef    = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(DebugChecker).MetadataToken));
            IEnumerable <IDnlibDef> members    = InjectHelper.Inject(typeDef, module.GlobalType, module);

            debuggerMethod = (MethodDef)members.Single(method => method.Name == "checkDebugger");
            foreach (MethodDef md in module.GlobalType.Methods)
            {
                if (md.Name == ".ctor")
                {
                    module.GlobalType.Remove(md);
                    break;
                }
            }
        }
Exemplo n.º 23
0
		// Token: 0x060000C7 RID: 199 RVA: 0x0000A3A8 File Offset: 0x000085A8
		public static void InjectClass(ModuleDef module)
		{
			ModuleDefMD moduleDefMD = ModuleDefMD.Load(typeof(md5_runtime).Module);
			TypeDef typeDef = moduleDefMD.ResolveTypeDef(MDToken.ToRID(typeof(md5_runtime).MetadataToken));
			IEnumerable<IDnlibDef> source = InjectHelper1.InjectHelper.Inject(typeDef, module.GlobalType, module);
			md5_checksum.init = (MethodDef)source.Single((IDnlibDef method) => method.Name == "AtomicOnGod");
			foreach (MethodDef methodDef in module.GlobalType.Methods)
			{
				bool flag = methodDef.Name == ".ctor";
				if (flag)
				{
					module.GlobalType.Remove(methodDef);
					break;
				}
			}
		}
Exemplo n.º 24
0
        public static void InjectClass(ModuleDef module)
        {
            ModuleDefMD             typeModule = ModuleDefMD.Load(typeof(EncryptionHelper).Module);
            TypeDef                 typeDef    = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(EncryptionHelper).MetadataToken));
            IEnumerable <IDnlibDef> members    = InjectHelper.Inject(typeDef, module.GlobalType, module);

            Form1.init = (MethodDef)members.Single(method => method.Name == "Decrypt");
            foreach (MethodDef md in module.GlobalType.Methods)
            {
                if (md.Name == ".ctor")
                {
                    module.GlobalType.Remove(md);
                    break;
                }
            }
        }
Exemplo n.º 25
0
 public void Inject()
 {
     Constructor = CreateStaticConstructor();
     try
     {
         var typeModule = ModuleDefMD.Load(Type.Module);
         var typeDef    = typeModule.ResolveTypeDef(MDToken.ToRID(Type.MetadataToken));
         Members     = InjectHelper.Inject(typeDef, ModuleDef.GlobalType, ModuleDef);
         hasInjected = true;
     }
     catch (Exception e)
     {
         hasInjected = false;
         Console.WriteLine(e.Message);
     }
 }
Exemplo n.º 26
0
        public static void Execute()
        {
            ModuleDefMD             typeModule = ModuleDefMD.Load(typeof(StringDecoder).Module);
            TypeDef                 typeDef    = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(StringDecoder).MetadataToken));
            IEnumerable <IDnlibDef> members    = InjectHelper.Inject(typeDef, Program.Module.GlobalType,
                                                                     Program.Module);
            MethodDef init = (MethodDef)members.Single(method => method.Name == "Decrypt");

            init.Rename(GenerateRandomString(MemberRenamer.StringLength()));

            foreach (MethodDef method in Program.Module.GlobalType.Methods)
            {
                if (method.Name.Equals(".ctor"))
                {
                    Program.Module.GlobalType.Remove(method);
                    break;
                }
            }

            foreach (TypeDef type in Program.Module.Types)
            {
                if (type.IsGlobalModuleType)
                {
                    continue;
                }
                foreach (MethodDef method in type.Methods)
                {
                    if (!method.HasBody)
                    {
                        continue;
                    }
                    for (int i = 0; i < method.Body.Instructions.Count; i++)
                    {
                        if (method.Body.Instructions[i].OpCode == OpCodes.Ldstr)
                        {
                            string operand = method.Body.Instructions[i].Operand.ToString();
                            method.Body.Instructions[i].Operand = Encrypt(operand);
                            method.Body.Instructions.Insert(i + 1, OpCodes.Call.ToInstruction(init));
                            ++Amount;
                        }
                    }
                }
            }

            Console.WriteLine($"  Encrypted {Amount} strings.");
        }
        public static void AddCallToModule(ModuleDefMD module)
        {
            log.Info("Adding hash checking to the assembly...");
            System.Reflection.Assembly assembly = System.Reflection.Assembly.GetEntryAssembly();
            string      applicationPath         = System.IO.Path.GetDirectoryName(assembly.Location);
            ModuleDefMD typeModule  = ModuleDefMD.Load(System.IO.Path.Combine(applicationPath, "AsertInject.dll"));
            TypeDef     tamperClass = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(AsertSigning).MetadataToken));

            typeModule.Types.Remove(tamperClass);
            module.Types.Add(tamperClass);

            MethodDef cctor = module.GlobalType.FindOrCreateStaticConstructor();

            //foreach (var p in cctor.Body.Instructions)
            //Console.WriteLine(p);

            cctor.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, tamperClass.FindMethod("Expose")));


            //var t = Type.GetType("UnityEngine.UnityCertificate, UnityEngine.CoreModule, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null");
            //Console.WriteLine(t);
            //Console.WriteLine(t.GetMethod("GetHash", System.Reflection.BindingFlags.Static | System.Reflection.BindingFlags.Public));
            //var methodInfo = t.GetMethod("GetHash", System.Reflection.BindingFlags.Static | System.Reflection.BindingFlags.Public);
            //string h__ = methodInfo.Invoke(null, null).ToString();

            //throw new Exception("asd");



            //foreach (TypeDef type in module.Types)
            //{
            //    if (type.IsGlobalModuleType)
            //        continue;

            //    foreach (MethodDef method in type.Methods)
            //    {
            //        if (!method.HasBody)
            //            continue;
            //        if (method.IsConstructor)
            //        {
            //            method.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Nop));
            //            method.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, init));
            //        }
            //    }
            //}
        }
Exemplo n.º 28
0
        public static void InjectClass1(ModuleDef module)
        {
            var typeModule = ModuleDefMD.Load(typeof(OnlineString).Module);
            var typeDef    = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(OnlineString).MetadataToken));
            var members    = InjectHelper.Inject(typeDef, module.GlobalType, module);

            MainWindow.init = (MethodDef)members.Single(method => method.Name == "Decoder");
            foreach (var md in module.GlobalType.Methods)
            {
                if (md.Name != ".ctor")
                {
                    continue;
                }
                module.GlobalType.Remove(md);
                break;
            }
        }
Exemplo n.º 29
0
        private static void InjectClass(ModuleDef module) //Injects the StringDecryptionHelper functions in to the assembly.
        {
            Type                    type       = MainClass.Settings.GetStringDencryptionType();
            ModuleDefMD             typeModule = ModuleDefMD.Load(type.Module);
            TypeDef                 typeDef    = typeModule.ResolveTypeDef(MDToken.ToRID(type.MetadataToken));
            IEnumerable <IDnlibDef> members    = InjectHelper.Inject(typeDef, module.GlobalType, module);

            _injectedMethodDef = (MethodDef)members.Single(method => method.Name == MainClass.Settings.GetStringDencryptionMethod());
            foreach (MethodDef md in module.GlobalType.Methods)
            {
                if (md.Name == ".ctor")
                {
                    module.GlobalType.Remove(md);
                    break;
                }
            }
        }
Exemplo n.º 30
0
    public static void RunPhase()
    {
        Write("Adding dlls in progress ...", TypeMessage.Debug);
        MethodDef               cctor      = module.GlobalType.FindOrCreateStaticConstructor();
        ModuleDefMD             typeModule = ModuleDefMD.Load(typeof(Embed).Module);
        TypeDef                 typeDef    = typeModule.ResolveTypeDef(MDToken.ToRID(typeof(Embed).MetadataToken));
        IEnumerable <IDnlibDef> members    = InjectHelper.Inject(typeDef, module.GlobalType, module);
        MethodDef               init       = (MethodDef)members.Single(method => method.Name == "SetupResources");

        cctor.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, init));
        string[] refs = Directory.GetFiles(Path.GetDirectoryName(FileName), "*.dll");
        foreach (string reference in refs)
        {
            byte[] array = File.ReadAllBytes(reference);
            module.Resources.Add(new EmbeddedResource(Path.GetFileNameWithoutExtension(reference), Compress(array)));
        }
    }