private void checkIfExePath(string className, MethodDef methodDef)
{
if (methodDef.Body?.Instructions == null)
{
return;
}
foreach (var insn in methodDef.Body.Instructions)
{
if (insn.OpCode != OpCodes.Call)
{
continue;
}
if (!insn.ToString().EndsWith("System.Windows.Forms.Application::get_ExecutablePath()"))
{
continue;
}
var @class = MappingManager.GetClass(UnobfuscatedName)
.OrElse(new ClassObj(UnobfuscatedName, className));
MappingManager.AddClass(@class);
@class.AddMethod("ExePath", methodDef.Name);
}
}
/// <summary>
/// Searches the MethodDef's instruction list for method calls containing placeholder classes then replaces them
/// </summary>
/// <param name="methodDef">The MethodDef to search through</param>
private void SearchAnnexMethod(MethodDef methodDef)
{
//List of all instructions that are a MethodDef
var methodInstructions = methodDef.Body?.Instructions;
if (methodInstructions == null)
{
return;
}
var methodInsn = methodInstructions.ToList();
foreach (var instruction in methodInsn)
{
if (!instruction.ToString().Contains("Annex.placeholder") &&
!instruction.ToString().Contains("#="))
{
continue;
}
var obfuscatedName = instruction.ToString().Contains("#=");
var methodOpcode = instruction.OpCode;
var insnOperand = instruction.Operand;
if (insnOperand is FieldDef)
{
HandleLdfld(instruction);
}
else if (insnOperand is MethodDef)
{
var className = GetClassName(insnOperand);
MappingManager.GetClass(className, IsObfuscatedName(className))
.IfPresent(classObj =>
{
var actualClass = GetClass(classObj.ObfName);
if (insnOperand == OpCodes.Newobj)
{
HandleCtor(actualClass, instruction);
}
else
{
HandleGeneralMethodCall(actualClass, instruction, classObj);
}
})
.Otherwise(() =>
Console.WriteLine(
$"[!!][MethodDef] Class not found... {className} in {methodDef.DeclaringType.FullName}"));
}
else if (insnOperand is TypeDef)
{
var className = GetClassName(insnOperand);
MappingManager.GetClass(className, IsObfuscatedName(className))
.IfPresent(classObj =>
{
instruction.Operand = OpCodes.Isinst.ToInstruction(GetClass(classObj.ObfName)).Operand;
})
.Otherwise(() => Console.WriteLine($"[!!][TypeDef] Class not found... {className}"));
}
}
}
public static void Main(string[] args)
{
const string fileName = @"E:\osu!\osu!.exe";
osu_exe = ModuleDefMD.Load(fileName);
Console.WriteLine("Getting String Deobfuscator method...");
StringDeobfuscator.Init(osu_exe);
Console.WriteLine("Searching for classes...");
foreach (var type in osu_exe.Types)
{
_classMaps.ForEach(c =>
{
c.GetMethods(type.Name, type, type.Methods);
c.GetFields(type.Name, type, type.Fields);
});
}
var @class = MappingManager.GetClass("StringDeobf")
.OrElse(new ClassObj("StringDeobf", StringDeobfuscator.DeobfClassName));
MappingManager.AddClass(@class);
@class.AddMethod("Deobfuscate", StringDeobfuscator.DeobfMethodName);
MappingManager.SaveMappingFile("C:/Users/Andrew/Documents/Annex/Annex/config/mapping.json", _classMaps.Count);
MappingManager.LoadMappingFile();
}
private void HandleStfld(TypeDef actualClass, Instruction instruction)
{
var fieldOperand = (FieldDef)instruction.Operand;
fieldOperand.FieldType = actualClass.ToTypeSig();
if (!fieldOperand.DeclaringType.FullName.Contains("Annex.placeholder"))
{
return;
}
var declaring = fieldOperand.DeclaringType;
var declaringOpt = MappingManager.GetClass(declaring.Name);
if (!declaringOpt.IsPresent())
{
Console.WriteLine("!! [HandleStfld] Declaring Option doesn't exist! " + declaring.Name);
return;
}
var delcaringObj = declaringOpt.Get();
var declaringClass = Patcher.osu_exe.Find(delcaringObj.ObfName, false);
fieldOperand.DeclaringType = declaringClass;
fieldOperand.Name = delcaringObj.GetField(fieldOperand.Name).Get().ObfName;
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
foreach (var methodDef in methodDefs)
{
if (!HasStrings(methodDef, "Are you sure you want to exit osu!?"))
{
continue;
}
var @class = MappingManager.GetClass(UnobfuscatedName)
.OrElse(new ClassObj(UnobfuscatedName, className));
MappingManager.AddClass(@class);
@class.AddMethod("ExitGame", methodDef.Name); //methodSig (1): bool
var insn = methodDef.Body.Instructions;
if (!(insn[insn.Count - 2].Operand is MethodDef showScreenDef))
{
Console.WriteLine("Can't get ShowScreen");
return;
}
@class.AddMethod("ShowScreen", showScreenDef.Name); //methodSig (1): GuiScreen
FindKeyPressMethod(@class, methodDefs);
return;
}
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
ClassObj @class = null;
foreach (var method in methodDefs)
{
if (!HasStrings(method,
"chickenmcnuggets{0}o15{1}{2}smustard{3}{4}uu{5}{6}{7}{8}{9}{10}{11}Q{12}{13}{15}{14:yyMMddHHmmss}{16}")
)
{
continue;
}
@class = MappingManager.GetClass(UnobfuscatedName)
.OrElse(new ClassObj(UnobfuscatedName, className));
MappingManager.AddClass(@class);
//@class.AddMethod("GetJoinedMods", method.Name); //Mods mods, bool abreviated, bool displayNone, bool parens, bool ?space?
}
if (@class != null)
{
FindSubmitRequest(@class, methodDefs);
FindFields(@class, methodDefs);
}
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
var stringList = new List <string>();
foreach (var method in methodDefs)
{
MethodDef addMethod = null;
if (method.Body != null && method.Body.Instructions != null)
{
for (int i = 0; i < method.Body.Instructions.Count; i++)
{
var previnsn = i == 0 ? null : method.Body.Instructions[i - 1];
var insn = method.Body.Instructions[i];
var nextinsn = i + 1 == method.Body.Instructions.Count ? null : method.Body.Instructions[i + 1];
if (insn.OpCode == OpCodes.Call && previnsn != null && previnsn.OpCode == OpCodes.Ldloc_1)
{
if (insn.Operand is IMethodDefOrRef)
{
var callingMethod = insn.Operand as IMethodDefOrRef;
if (ClrHelper.MatchesSig(callingMethod.MethodSig, "?"))
{
addMethod = callingMethod.ResolveMethodDef();
}
}
}
if (insn.OpCode != OpCodes.Call || previnsn == null || previnsn.OpCode != OpCodes.Ldc_I4)
{
continue;
}
if (!insn.ToString().EndsWith(Program.DeobfuscatorInsn))
{
continue;
}
var str = StringDeobfuscator.Deobfuscate((int)previnsn.Operand);
stringList.Add(str);
}
}
if (IsInitOpts(stringList))
{
var @class = MappingManager.GetClass("GuiOptions").OrElse(new ClassObj("GuiOptions", className));
MappingManager.AddClass(@class);
@class.AddMethod("OnInit", method.Name);
if (addMethod != null)
{
@class.AddMethod("AddOption", addMethod.Name);
}
}
stringList.Clear();
}
}
private void AddDrawableClass(MethodDef methodDef)
{
var drawableParam = methodDef.MethodSig.Params[0];
Console.WriteLine("Drawable: " + methodDef.MethodSig.Params[0]);
var drawableClass = MappingManager.GetClass("Drawable")
.OrElse(new ClassObj("Drawable", drawableParam.TypeName));
MappingManager.AddClass(drawableClass);
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
ClassObj @class;
if ((@class = FindByStrings(className, methodDefs, "hit0", "hit300", "spinner-osu", "particle")) == null)
{
return;
}
foreach (var methodDef in methodDefs)
{
if (!methodDef.HasBody)
{
continue;
}
var instructions = methodDef.Body.Instructions;
if (instructions.Count < 7)
{
continue;
}
for (var i = 3; i < instructions.Count - 3; i++)
{
bool IsDouble(Instruction x) => x.OpCode == OpCodes.Ldc_R8;
double Val(Instruction x) => (double)x.Operand;
var insn = instructions[i];
var insnP1 = instructions[i + 1];
var insnP2 = instructions[i + 2];
if (!IsDouble(insn) || !IsDouble(insnP1) || !IsDouble(insnP2))
{
continue;
}
if (Val(insn) != 1800f || Val(insnP1) != 1200f || Val(insnP2) != 450f)
{
continue;
}
@class.AddMethod("UpdateMapValues", methodDef.Name);
var field = instructions[i + 5].Operand as FieldDef;
Console.WriteLine("PreEmpt" + field.FullName);
var @parentClass = MappingManager.GetClass("HitObjectManagerParent")
.OrElse(new ClassObj("HitObjectManagerParent", field.DeclaringType.Name));
MappingManager.AddClass(@parentClass);
@parentClass.AddField("ApproachRatePrecise", field.Name);
return;
}
}
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
foreach (var methodDef in methodDefs)
{
if (!methodDef.Name.Equals("ToString") || !HasStrings(methodDef, "0", "1"))
{
continue;
}
var @class = MappingManager.GetClass("BoolObj").OrElse(new ClassObj("BoolObj", className));
MappingManager.AddClass(@class);
}
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
foreach (var methodDef in methodDefs)
{
checkIfExePath(className, methodDef);
if (!HasStrings(methodDef, ".require_update", "help.txt", "Force update requested", "osu!.exe"))
{
continue;
}
var @class = MappingManager.GetClass(UnobfuscatedName)
.OrElse(new ClassObj(UnobfuscatedName, className));
MappingManager.AddClass(@class);
@class.AddMethod("Main", methodDef.Name);
}
}
protected Syringe(string clazz, bool classObj = true)
{
_methodInjectors = new List <Tuple <string, MethodSyringe> >();
if (classObj)
{
var classObjOpt = MappingManager.GetClass(clazz);
if (!classObjOpt.IsPresent())
{
Console.WriteLine("Syringe ClassObj not found: " + clazz);
}
ClassObj = classObjOpt.Get();
}
else
{
ClassName = clazz;
}
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
foreach (var method in methodDefs)
{
var strings = GetMethodStrings(method);
if (!strings.Contains("stars") || !strings.Contains("length") ||
!strings.Contains("keys") || !strings.Contains("played"))
{
continue;
}
var @class = MappingManager.GetClass(UnobfuscatedName)
.OrElse(new ClassObj(UnobfuscatedName, className));
MappingManager.AddClass(@class);
}
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
ClassObj @class = null;
foreach (var method in methodDefs)
{
if (!HasStrings(method, "Cannot convert a map to osz2 which does not have a Beatmapset ID."))
{
continue;
}
@class = MappingManager.GetClass(UnobfuscatedName)
.OrElse(new ClassObj(UnobfuscatedName, className));
MappingManager.AddClass(@class);
//@class.AddMethod("GetJoinedMods", method.Name); //Mods mods, bool abreviated, bool displayNone, bool parens, bool ?space?
}
}
private void HandleClassBase(TypeDef typeDef)
{
var baseType = typeDef.BaseType;
if (baseType == null || !baseType.FullName.Contains("Annex.placeholder"))
{
return;
}
var classObjOpt = MappingManager.GetClass(baseType.Name);
if (!classObjOpt.IsPresent())
{
Console.WriteLine("!! Class Object is missing for: " + baseType.Name);
return;
}
typeDef.BaseType = Patcher.osu_exe.Find(classObjOpt.Get().ObfName, false);
}
private void HandleMethodSig(MethodSig methodSig)
{
for (var index = 0; index < methodSig.Params.Count; index++)
{
var methodSigParam = methodSig.Params[index];
if (!methodSigParam.FullName.StartsWith("Annex.placeholder"))
{
continue;
}
var typeName = methodSigParam.TypeName;
var classObjOpt = MappingManager.GetClass(typeName);
var classObj = classObjOpt.Get();
var actualClass = Patcher.osu_exe.Find(classObj.ObfName, false);
methodSig.Params[index] = actualClass.ToTypeSig();
}
}
private void HandleLdfld(Instruction instruction)
{
var fieldOperand = (FieldDef)instruction.Operand;
var fieldName = fieldOperand.Name;
var declaringName = fieldOperand.DeclaringType.FullName;
var fieldTypeName = fieldOperand.FieldType.FullName;
//Replaces the field's type with the obfuscated class name
if (IsPlaceholder(fieldTypeName) || IsObfuscatedName(fieldTypeName))
{
var typeName = fieldOperand.FieldType.TypeName;
MappingManager.GetClass(typeName, IsObfuscatedName(typeName))
.IfPresent(classObj => fieldOperand.FieldType = GetClass(classObj.ObfName).ToTypeSig())
.Otherwise(
() => Console.WriteLine($"[!!] FieldType not found... {fieldOperand.FieldType.TypeName}"));
}
//Replaces the field's declaring class. Aka we extend and the field is in the paren't class.
if (!IsPlaceholder(declaringName) && !IsObfuscatedName(declaringName))
{
return;
}
var declaringTypeName = fieldOperand.DeclaringType.Name;
MappingManager.GetClass(declaringTypeName, IsObfuscatedName(declaringTypeName))
.IfPresent(classObj =>
{
fieldOperand.DeclaringType = GetClass(classObj.ObfName);
//If the declaring type is a placeholder class then the field name must also be
classObj.GetField(fieldName.String)
.IfPresent(fieldObj =>
{
var path = Patcher.osu_exe.Find(classObj.ObfName, false).FindField(fieldObj.ObfName);
instruction.Operand = instruction.OpCode.ToInstruction(path).Operand;
})
.Otherwise(() => Console.WriteLine($"[!!] FieldName not found... {fieldName}"));
})
.Otherwise(() =>
Console.WriteLine($"[!!] DeclaringType not found... {fieldOperand.DeclaringType.Name}"));
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
ClassObj @class = null;
foreach (var method in methodDefs)
{
var strings = GetMethodStrings(method);
if (!ClrHelper.MatchesSig(method, "Mods", "Boolean", "Boolean", "Boolean", "Boolean"))
{
continue;
}
if (!strings.Contains("DoubleTime") || !strings.Contains("DT") ||
!strings.Contains("None") || !strings.Contains("Cinema"))
{
continue;
}
@class = MappingManager.GetClass(UnobfuscatedName)
.OrElse(new ClassObj(UnobfuscatedName, className));
MappingManager.AddClass(@class);
@class.AddMethod("GetJoinedMods", method.Name); //Mods mods, bool abreviated, bool displayNone, bool parens, bool ?space?
}
if (@class == null)
{
return;
}
foreach (var method in methodDefs)
{
if (!ClrHelper.MatchesSig(method, "Mods"))
{
continue;
}
if (method.Body.Instructions.Count == 5)
{
@class.AddMethod("IsModActive", method.Name); //Mods mods
}
}
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
var keys =
from method in methodDefs
let strings = GetMethodStrings(method)
where strings.Count != 0
where strings.Contains("D") || strings.Contains("")
select method.Body.Instructions.Where(i => i.ToString().Contains("Microsoft.Xna.Framework.Input.Keys"));
if (!keys.Any(insn => insn.Any()))
{
return;
}
var @class = MappingManager.GetClass(UnobfuscatedName)
.OrElse(new ClassObj(UnobfuscatedName, className));
MappingManager.AddClass(@class);
FindComponentManager(methodDefs, @class);
}
private void SetMethodsPublic()
{
var classes = Patcher.osu_exe.GetTypes();
var mappedClasses = classes.Where(t => MappingManager.GetClass(t.Name, true).IsPresent());
foreach (var mappedClass in mappedClasses)
{
var classObj = MappingManager.GetClass(mappedClass.Name, true).Get();
var mappedMethods = mappedClass.Methods.Where(m => classObj.GetMethod(m.Name, true).IsPresent());
foreach (var mappedMethod in mappedMethods)
{
var methodObj = classObj.GetMethod(mappedMethod.Name, true).Get();
if ((mappedMethod.Access & MethodAttributes.Public) != MethodAttributes.Public)
{
mappedMethod.Access = MethodAttributes.Public;
}
}
}
}
private void ReplaceSigs(MethodDef methodDef)
{
var parems = methodDef.Parameters;
for (var i = 0; i < methodDef.Parameters.Count; i++)
{
if (parems[i].Type.FullName.Contains("Annex.placeholder"))
{
var cleanName = parems[i].Type.TypeName.Replace("&", "");
var dirtyName = parems[i].Type.TypeName;
Console.WriteLine("Clean: " + dirtyName);
var classObj = MappingManager.GetClass(cleanName);
if (!classObj.IsPresent())
{
Console.WriteLine("!! [Replace] Class obj not found");
continue;
}
var actual = Patcher.osu_exe.Find(classObj.Get().ObfName, false);
Console.WriteLine(">> " + parems[i].Type.FullName);
//Console.WriteLine(parems[i].ParamDef.FullName);
//Console.WriteLine(parems[i].Type.Is);
parems[i].Type = actual.ToTypeSig();
//parems[i].ParamDef.Attributes
//.WriteLine(parems[i].ParamDef.);
// parems[i] = actual.ToTypeSig();
// parems[i].TryGetTypeDef() = ElementType.FnPtr;
//Console.WriteLine(">> " + parems[i].TypeName);
}
}
}
protected ClassObj FindByStrings(string className, IList <FieldDef> fieldDefs, params string[] strings)
{
ClassObj @class = null;
foreach (var method in fieldDefs)
{
if (!HasStrings(method, strings))
{
continue;
}
@class = MappingManager.GetClass(UnobfuscatedName)
.OrElse(new ClassObj(UnobfuscatedName, className));
MappingManager.AddClass(@class);
return(@class);
//@class.AddMethod("GetJoinedMods", method.Name); //Mods mods, bool abreviated, bool displayNone, bool parens, bool ?space?
}
return(null);
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
bool Contains(List <string> strings) => strings.Contains(fallbackStr) || strings.Contains(timeoutStr);
if (MappingManager.Classes.Find(c => c.Name.Equals(UnobfuscatedName)) != null)
{
return;
}
if (!methodDefs.Select(GetMethodStrings).Any(Contains))
{
return;
}
var @class = MappingManager.GetClass(UnobfuscatedName)
.OrElse(new ClassObj(UnobfuscatedName, className));
MappingManager.AddClass(@class);
Optional <MethodDef> .OfNullable(methodDefs
.First(method => method.Body.Instructions.Any(insn => insn.ToString().Contains("GetResponseStream"))))
.IfPresent(m => @class.AddMethod("StartResponse", m.Name));
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
ClassObj @class = null;
foreach (var method in methodDefs)
{
if (!HasStrings(method, "SubmissionCache"))
{
continue;
}
if (!ClrHelper.MatchesSig(method, "String", "Boolean"))
{
continue;
}
@class = MappingManager.GetClass(UnobfuscatedName)
.OrElse(new ClassObj(UnobfuscatedName, className));
MappingManager.AddClass(@class);
//@class.AddMethod("GetJoinedMods", method.Name); //Mods mods, bool abreviated, bool displayNone, bool parens, bool ?space?
}
}
private void AddComponentManagerClass(FieldDef field)
{
var componentManagerClass = MappingManager.GetClass("ComponentManager")
.OrElse(new ClassObj("ComponentManager", field.FieldType.TypeName));
MappingManager.AddClass(componentManagerClass);
var compManager = Program.osu_exe.Find(field.FieldType.TypeName, false);
foreach (var compManagerMethod in compManager.Methods)
{
var hasNullCheck = HasOpcodePattern(compManagerMethod, OpCodes.Ldarg_1, OpCodes.Brtrue_S, OpCodes.Ret);
var hasCount = HasOpcodePattern(compManagerMethod, OpCodes.Callvirt, OpCodes.Ldc_I4_0, OpCodes.Ble_S);
var hasGreaterZero = HasOpcodePattern(compManagerMethod, OpCodes.Ldloc_0, OpCodes.Ldc_I4_0, OpCodes.Bge_S);
if (!hasNullCheck || !hasCount || !hasGreaterZero)
{
continue;
}
componentManagerClass.AddMethod("AddComponent", compManagerMethod.Name);
AddDrawableClass(compManagerMethod);
return;
}
}
public override void GetMethods(string className, TypeDef type, IList <MethodDef> methodDefs)
{
Console.WriteLine("wwww");
bool Contains(List <string> strings) => strings.Contains("There was an error during timing calculations") ||
strings.Contains("user is hacking?");
if (MappingManager.Classes.Find(c => c.Name.Equals(UnobfuscatedName)) != null)
{
return;
}
if (!methodDefs.Select(GetMethodStrings).Any(Contains))
{
return;
}
var @class = MappingManager.GetClass(UnobfuscatedName)
.OrElse(new ClassObj(UnobfuscatedName, className));
MappingManager.AddClass(@class);
Optional <MethodDef> .OfNullable(methodDefs.First(m => Contains(GetMethodStrings(m))))
.IfPresent(m => @class.AddMethod("AudioCheck", m.Name));
}