public DynamicGenerator(int seed, ModuleDefinition mod, bool useMath = false) { rand = new Random(seed); Module = mod; injection = AssemblyDefinition.ReadAssembly(typeof(Iid).Assembly.Location); injection.MainModule.ReadSymbols(); ExpGen = new ExpressionGenerator(rand.Next(500000), Module); MathGen = new MathGenerator(rand.Next(500000), Module); emit = Instruction.Create(OpCodes.Call, Module.Import(typeof(System.Reflection.Emit.ILGenerator).GetMethod("Emit", new Type[] { typeof(System.Reflection.Emit.OpCode) }))); int expNum = rand.Next(5, 50); for (int i = 0; i < expNum; i++) { ExpGen = new ExpressionGenerator(rand.Next(50000), Module); Expression ex = ExpGen.Generate(rand.Next(5, 14)); int evald = ExpressionEvaluator.Evaluate(ex, 5); Expression exR = ExpressionInverser.InverseExpression(ex); CreateDynamic(ex, exR, 5, evald, useMath); } }
public override void DeInitialize() { _Context txt = cc.txts[mod]; TypeDefinition modType = mod.GetType("<Module>"); AssemblyDefinition i = AssemblyDefinition.ReadAssembly(typeof(Iid).Assembly.Location); i.MainModule.ReadSymbols(); txt.proxy = i.MainModule.GetType("Proxies").Methods.FirstOrDefault(mtd => mtd.Name == "CtorProxy"); txt.proxy = CecilHelper.Inject(mod, txt.proxy); modType.Methods.Add(txt.proxy); txt.proxy.IsAssembly = true; txt.proxy.Name = ObfuscationHelper.GetRandomName(); AddHelper(txt.proxy, 0); Database.AddEntry("CtorProxy", "Proxy", txt.proxy.FullName); Instruction placeholder = null; txt.key = (uint)Random.Next(); Database.AddEntry("CtorProxy", "Key", txt.key); Mutator mutator = new Mutator(); mutator.Mutate(Random, txt.proxy.Body); placeholder = mutator.Placeholder; if (txt.isNative) { txt.nativeDecr = new MethodDefinition( ObfuscationHelper.GetRandomName(), MethodAttributes.Abstract | MethodAttributes.CompilerControlled | MethodAttributes.ReuseSlot | MethodAttributes.Static, mod.TypeSystem.Int32); txt.nativeDecr.ImplAttributes = MethodImplAttributes.Native; txt.nativeDecr.Parameters.Add(new ParameterDefinition(mod.TypeSystem.Int32)); modType.Methods.Add(txt.nativeDecr); Database.AddEntry("CtorProxy", "NativeDecr", txt.nativeDecr.FullName); do { txt.exp = new ExpressionGenerator(Random.Next()).Generate(6); txt.invExp = ExpressionInverser.InverseExpression(txt.exp); } while ((txt.visitor = new x86Visitor(txt.invExp, null)).RegisterOverflowed); Database.AddEntry("CtorProxy", "Exp", txt.exp); Database.AddEntry("CtorProxy", "InvExp", txt.invExp); CecilHelper.Replace(txt.proxy.Body, placeholder, new Instruction[] { Instruction.Create(OpCodes.Call, txt.nativeDecr) }); } else { CecilHelper.Replace(txt.proxy.Body, placeholder, new Instruction[] { Instruction.Create(OpCodes.Ldc_I4, (int)txt.key), Instruction.Create(OpCodes.Xor) }); } }
public override void Process(ConfusionParameter parameter) { Database.AddEntry("Const", "Type", parameter.GlobalParameters["type"] ?? "normal"); if (parameter.GlobalParameters["type"] != "dynamic" && parameter.GlobalParameters["type"] != "native") { ProcessSafe(parameter); return; } _Context txt = cc.txts[mod]; txt.isNative = parameter.GlobalParameters["type"] == "native"; txt.isDyn = parameter.GlobalParameters["type"] == "dynamic"; TypeDefinition modType = mod.GetType("<Module>"); FieldDefinition constTbl = new FieldDefinition( ObfuscationHelper.GetRandomName(), FieldAttributes.Static | FieldAttributes.CompilerControlled, mod.Import(typeof(Dictionary <uint, object>))); modType.Fields.Add(constTbl); AddHelper(constTbl, HelperAttribute.NoInjection); Database.AddEntry("Const", "ConstTbl", constTbl.FullName); FieldDefinition constBuffer = new FieldDefinition( ObfuscationHelper.GetRandomName(), FieldAttributes.Static | FieldAttributes.CompilerControlled, mod.Import(typeof(byte[]))); modType.Fields.Add(constBuffer); AddHelper(constBuffer, HelperAttribute.NoInjection); Database.AddEntry("Const", "ConstBuffer", constBuffer.FullName); if (txt.isNative) { txt.nativeDecr = new MethodDefinition( ObfuscationHelper.GetRandomName(), MethodAttributes.Abstract | MethodAttributes.CompilerControlled | MethodAttributes.ReuseSlot | MethodAttributes.Static, mod.TypeSystem.Int32); txt.nativeDecr.ImplAttributes = MethodImplAttributes.Native; txt.nativeDecr.Parameters.Add(new ParameterDefinition(mod.TypeSystem.Int32)); modType.Methods.Add(txt.nativeDecr); Database.AddEntry("Const", "NativeDecr", txt.nativeDecr.FullName); } var expGen = new ExpressionGenerator(Random.Next()); int seed = expGen.Seed; if (txt.isNative) { do { txt.exp = new ExpressionGenerator(Random.Next()).Generate(6); txt.invExp = ExpressionInverser.InverseExpression(txt.exp); } while ((txt.visitor = new x86Visitor(txt.invExp, null)).RegisterOverflowed); } else { txt.exp = expGen.Generate(10); txt.invExp = ExpressionInverser.InverseExpression(txt.exp); } Database.AddEntry("Const", "Exp", txt.exp); Database.AddEntry("Const", "InvExp", txt.invExp); txt.consters = CreateConsters(txt, Confuser.Random, "Initialize", constTbl, constBuffer); }
void FinalizeBodies(List <Context> txts) { double total = txts.Count; int interval = 1; if (total > 1000) { interval = (int)total / 100; } //StringGenerator sg = new StringGenerator(Random.Next(500000), txts[0].mtd.Module); for (int i = 0; i < txts.Count; i++) { int idx = txts[i].mtd.Body.Instructions.IndexOf(txts[i].str); Instruction now = txts[i].str; if (IsNull(now.Operand)) { continue; } TypeReference typeRef; if (now.Operand is int) { typeRef = txts[i].mtd.Module.TypeSystem.Int32; } else if (now.Operand is long) { typeRef = txts[i].mtd.Module.TypeSystem.Int64; } else if (now.Operand is float) { typeRef = txts[i].mtd.Module.TypeSystem.Single; } else if (now.Operand is double) { typeRef = txts[i].mtd.Module.TypeSystem.Double; } else { typeRef = txts[i].mtd.Module.TypeSystem.String; } Instruction call = Instruction.Create(OpCodes.Call, new GenericInstanceMethod(txts[i].conster.conster) { GenericArguments = { typeRef } }); call.SequencePoint = now.SequencePoint; txts[i].psr.InsertAfter(idx, call); MethodBody A_BODY = txts[i].mtd.Body; if (ObfuscationHelper.StringGen != null) { txts[i].psr.InsertAfter(idx, Instruction.Create(OpCodes.Ldc_I8, (long)txts[i].b)); Expression ex = new ExpressionGenerator(Random.Next(5000000), mod).Generate(5); int evald = ExpressionEvaluator.Evaluate(ex, (int)txts[i].a); Expression exR = ExpressionInverser.InverseExpression(ex); CecilVisitor cv = new CecilVisitor(exR, new Instruction[] { Instruction.Create(OpCodes.Ldc_I4, evald) }); List <Instruction> keyA = cv.GetInstructions().ToList(); //List<Instruction> keyA = ObfuscationHelper.StringGen.GenerateLevels(txts[i].mtd, (int)txts[i].a, Random.Next(0, 2), 3); txts[i].mtd.Body.Instructions[idx].OpCode = keyA[0].OpCode; txts[i].mtd.Body.Instructions[idx].Operand = keyA[0].Operand; keyA = keyA.Skip(1).Reverse().ToList(); foreach (Instruction a in keyA) { A_BODY.Instructions.Insert(idx + 1, a); } } else { txts[i].psr.Replace(idx, Instruction.Create(OpCodes.Ldc_I4, (int)txts[i].a)); txts[i].psr.InsertAfter(idx, Instruction.Create(OpCodes.Ldc_I8, (long)txts[i].b)); } //txts[i].psr.Replace(idx, Instruction.Create(OpCodes.Ldc_I4, (int)txts[i].a)); //txts[i].psr.InsertAfter(idx, Instruction.Create(OpCodes.Ldc_I8, (long)txts[i].b)); // I4_0 == U4 Conv // I4_1 == U8 conv /*List<Instruction> genInsts = sg.MathGen.GenerateLevels((int)txts[i].a, OpCodes.Ldc_I4, Random.Next(0, 3)); * * * txts[i].mtd.Body.Instructions[idx].OpCode = genInsts[0].OpCode; * txts[i].mtd.Body.Instructions[idx].Operand = genInsts[0].Operand; * * genInsts = genInsts.Skip(1).Reverse().ToList(); * foreach (Instruction a in genInsts) * { * txts[i].mtd.Body.Instructions.Insert(idx + 1, a); * }*/ //Instruction tmp = null; //foreach (Instruction a in genInsts) //{ // if (genInsts[0] == a) // { // txts[i].psr.Replace(idx, a); // tmp = a; // continue; // } // txts[i].psr.InsertAfter(tmp, a); // tmp = a; //} //txts[i].psr.Replace(idx, Instruction.Create(OpCodes.Ldc_I4, (int)txts[i].a)); //txts[i].psr.InsertAfter(idx, Instruction.Create(OpCodes.Ldc_I8, (long)txts[i].b)); //txts[i].psr.InsertAfter(tmp, Instruction.Create(OpCodes.Ldc_I8, (long)txts[i].b)); /*genInsts = mg.GenerateLevels(txts[i].b, OpCodes.Ldc_I4_1, Random.Next(0, 0), false, false); * * foreach (Instruction a in genInsts) * { * if (tmp == null) * { * txts[i].psr.InsertAfter(idx, a); * tmp = a; * continue; * } * txts[i].psr.InsertAfter(tmp, a); * tmp = a; * }*/ if (i % interval == 0 || i == txts.Count - 1) { progresser.SetProgress(i + 1, txts.Count); } } List <int> hashs = new List <int>(); for (int i = 0; i < txts.Count; i++) { if (hashs.IndexOf(txts[i].mtd.GetHashCode()) == -1) { txts[i].mtd.Body.MaxStackSize += 2; hashs.Add(txts[i].mtd.GetHashCode()); } } }
public List <Instruction> Generate(MethodDefinition CurrentMethod, int target, int maxLength = 20, bool unsigned = false) { List <Instruction> builder = new List <Instruction>(); DynamicGenerator.DynamicInfo dCall; if (target < 0) { return(new List <Instruction>() { Instruction.Create(OpCodes.Ldc_I4, target) }); } if (target <= maxLength) { // Make one string and use the length of int in the place of the target. Instruction strInst = Instruction.Create(OpCodes.Ldstr, ObfuscationHelper.GetRandomString(target)); if (target == 0 && rand.Next(0, 100) % 2 == 0) { strInst = StringEmpty; } builder.Add(strInst); builder.Add(LengthCall); } else { // Make one string (random length) and use the length of it, + rest (perhaps expression gen for that?). int take = rand.Next(0, 20); Instruction strInst = Instruction.Create(OpCodes.Ldstr, ObfuscationHelper.GetRandomString(take)); if (take == 0 && rand.Next(0, 100) % 2 == 0) { strInst = StringEmpty; } int remainder = target - take; bool hasAdded = false; if (rand.Next(0, 100) % 2 == 0) { builder.Add(strInst); builder.Add(LengthCall); hasAdded = true; } if (rand.Next(0, 100) % 2 == 0) { Expression ex = ExpGen.Generate(5); int evald = ExpressionEvaluator.Evaluate(ex, remainder); Expression exR = ExpressionInverser.InverseExpression(ex); CecilVisitor cv = new Visitors.CecilVisitor(exR, new Instruction[] { Instruction.Create(OpCodes.Ldc_I4, evald) }); builder.AddRange(cv.GetInstructions()); } else if (rand.Next(0, 100) % 2 == 0) { builder.AddRange(MathGen.GenerateLevels(remainder, !unsigned ? OpCodes.Ldc_I4 : OpCodes.Ldc_I4_0, rand.Next(0, 3))); } else if (!CurrentMethod.Name.StartsWith("DYN___")) { builder.AddRange(DynGen.Generate(CurrentMethod, remainder, !unsigned ? OpCodes.Ldc_I4 : OpCodes.Ldc_I4_0, out dCall)); } else { /*Expression ex = ExpGen.Generate(5); * * int evald = ExpressionEvaluator.Evaluate(ex, remainder); * * Expression exR = ExpressionInverser.InverseExpression(ex); * * CecilVisitor cv = new Visitors.CecilVisitor(exR, new Instruction[] { Instruction.Create(OpCodes.Ldc_I4, evald) }); * * builder.AddRange(cv.GetInstructions());*/ builder.AddRange(MathGen.GenerateLevels(remainder, !unsigned ? OpCodes.Ldc_I4 : OpCodes.Ldc_I4_0, rand.Next(0, 4))); } if (!hasAdded) { builder.Add(strInst); builder.Add(LengthCall); } builder.Add(Instruction.Create(OpCodes.Add)); if (unsigned) { builder.Add(Instruction.Create(OpCodes.Conv_U4)); } } return(builder); }