private bool Fasm_OnInstruction(FacelessAssembly sender, dnlib.DotNet.Emit.Instruction instruction)
{
if (cbPrintInstructions.Checked)
{
Console.WriteLine(">\t{0}\t({1}) {2}", instruction.OpCode, instruction.Operand?.GetType().Name ?? "null", instruction.Operand);
}
if (instruction.OpCode.Code == dnlib.DotNet.Emit.Code.Ret)
{
if (currentNode?.Tag is bool)
{
currentNode.ForeColor = Color.Green;
cbExternalCallBreakpoint.Checked = (bool)currentNode.Tag;
}
else
{
currentNode.ForeColor = Color.Black;
}
currentNode = currentNode.Parent;
}
return(true);
}
public Instructiong Deserialized(Instruction reader) => Instructiong.CreateLdcI4((int)reader.Operand);
static void Main(string[] args)
{
module = ModuleDefMD.Load(args[0]);
AssemblyName assemblyName = AssemblyName.GetAssemblyName(args[0]);
Assembly assembly = Assembly.Load(assemblyName);
Module Module_L = assembly.GetModules()[0];
mod = Module_L;
foreach (EmbeddedResource res in module.Resources)
{
if (res.Name == "Eddy^CZ_")
{
using (new StreamReader(res.GetResourceStream()))
{
byte[] ar = new byte[res.GetResourceStream().Length];
res.GetResourceStream().Read(ar, 0, ar.Length);
byteArrayResource = ar;
}
}
}
byte[] buffer = null;
foreach (EmbeddedResource res in module.Resources)
{
if (res.Name == "Eddy^CZ")
{
using (new StreamReader(res.GetResourceStream()))
{
byte[] arr = new byte[res.GetResourceStream().Length];
res.GetResourceStream().Read(arr, 0, arr.Length);
buffer = arr;
}
}
}
binr = new BinaryReader(new MemoryStream(buffer));
All.val = new ValueStack();
All.val.parameters = new object[1];
All.val.parameters[0] = byteArrayResource;
All.val.locals = new object[10];
All.run(binr);
bool flag = IntPtr.Size == 4;
IntPtr ptr = default(IntPtr);
if (flag)
{
ExtractEmbeddedDlls("NativePRo.dll", File.ReadAllBytes(Directory.GetCurrentDirectory() + "\\X86"));
IntPtr intptr = LoadDll("NativePRo.dll");
ptr = Inisialize.e(intptr, "_a@16");
}
else
{
ExtractEmbeddedDlls("NativePRo.dll", File.ReadAllBytes("X64"));
IntPtr intptr = LoadDll("NativePRo.dll");
ptr = Inisialize.e(intptr, "a");
}
Inisialize.bc = (Inisialize.a)Marshal.GetDelegateForFunctionPointer(ptr, typeof(Inisialize.a));
byteArrayResource = (byte[])All.val.locals[1];
OpCode[] array = new OpCode[256];
OpCode[] array2 = new OpCode[256];
oneByteOpCodes = array;
twoByteOpCodes = array2;
Type typeFromHandle = typeof(OpCode);
Type typeFromHandle2 = typeof(OpCodes);
foreach (FieldInfo fieldInfo in typeFromHandle2.GetFields())
{
bool flag2 = fieldInfo.FieldType == typeFromHandle;
if (flag2)
{
OpCode opCode = (OpCode)fieldInfo.GetValue(null);
ushort num = (ushort)opCode.Value;
bool flag3 = opCode.Size == 1;
if (flag3)
{
byte b = (byte)num;
oneByteOpCodes[(int)b] = opCode;
// Console.WriteLine(opCode.Name);
}
else
{
byte b2 = (byte)(num | 65024);
twoByteOpCodes[(int)b2] = opCode;
//Console.WriteLine(opCode.Name);
}
}
}
foreach (var type in module.Types)
{
try
{
foreach (var method in type.Methods)
{
try
{
if (is_virualized(method))
{
List <dnlib.DotNet.Emit.Instruction> real = new List <dnlib.DotNet.Emit.Instruction>();
for (int i = 0; i < method.Body.Instructions.Count; i++)
{
try
{
if (method.Body.Instructions[i].OpCode == dnlib.DotNet.Emit.OpCodes.Call)
{
if (method.Body.Instructions[i].Operand.ToString().Contains("Runner"))
{
#region Resolve Method
int md = (int)((MethodDef)method).MDToken.Raw;
MethodBase callingMethod = Module_L.ResolveMethod(md);
dnlib.DotNet.Emit.Instruction instr = new dnlib.DotNet.Emit.Instruction();
#endregion
#region Параметры
int position = method.Body.Instructions[i - 4].GetLdcI4Value();
int size = method.Body.Instructions[i - 3].GetLdcI4Value();
int ID = method.Body.Instructions[i - 2].GetLdcI4Value();
Console.WriteLine("Recovering Method - " + method.FullName + "_Keys --_--" + position.ToString() + "--_--" + size.ToString() + "--_--" + ID.ToString());
#endregion
#region асшифровка Опкодов
byte[] array4 = byteArrayGrabber(byteArrayResource, position, size);
byte[] key = MD5.Create().ComputeHash(Encoding.ASCII.GetBytes(method.Name));
byte[] ilasByteArray = callingMethod.GetMethodBody().GetILAsByteArray();
Inisialize.bc(array4, array4.Length, ilasByteArray, ilasByteArray.Length);
byte[] bytes = Decrypt(key, array4);
#endregion
#region Получение Опкодов из Ресурсов
System.Reflection.MethodBody methodBody = callingMethod.GetMethodBody();
BinaryReader binaryReader = new BinaryReader(new MemoryStream(bytes));
ParameterInfo[] parameters2 = callingMethod.GetParameters();
List <LocalBuilder> list = new List <LocalBuilder>();
int num = 0;
bool isStatic = callingMethod.IsStatic;
Type[] array5;
if (isStatic)
{
array5 = new Type[parameters2.Length];
}
else
{
array5 = new Type[parameters2.Length + 1];
array5[0] = callingMethod.DeclaringType;
num = 1;
}
for (int z = 0; z < parameters2.Length; z++)
{
ParameterInfo parameterInfo = parameters2[z];
array5[num + z] = parameterInfo.ParameterType;
}
DynamicMethod dynamicMethod = new DynamicMethod("", (callingMethod.MemberType == MemberTypes.Constructor) ? null : ((MethodInfo)callingMethod).ReturnParameter.ParameterType, array5, Module_L, true);
ILGenerator ilgenerator = dynamicMethod.GetILGenerator();
IList <LocalVariableInfo> localVariables = methodBody.LocalVariables;
foreach (LocalVariableInfo localVariableInfo in localVariables)
{
list.Add(ilgenerator.DeclareLocal(localVariableInfo.LocalType));
}
int count = binaryReader.ReadInt32();
int num2 = binaryReader.ReadInt32();
Dictionary <int, Label> dictionary = new Dictionary <int, Label>();
for (int j = 0; j < num2; j++)
{
Label value = ilgenerator.DefineLabel();
dictionary.Add(j, value);
}
for (int k = 0; k < num2; k++)
{
short num3 = binaryReader.ReadInt16();
bool flags = num3 >= 0 && (int)num3 < oneByteOpCodes.Length;
OpCode opcode;
if (flags)
{
opcode = oneByteOpCodes[(int)num3];
}
else
{
byte b = (byte)((int)num3 | 65024);
opcode = twoByteOpCodes[(int)b];
}
#endregion
byte opType = binaryReader.ReadByte();
object a = OperandInitialiser.Initialise(opType, binaryReader, assembly.GetModules()[0], dictionary, list);
try
{
real.Add(OpcodeConverter.converter(opcode, a, binaryReader, assembly.GetModules()[0]));
}
catch
{
}
}
}
}
}
catch (Exception ex)
{
}
}
method.Body.Instructions.Clear();
foreach (var fes in real)
{
method.Body.Instructions.Add(fes);
}
}
}
catch (Exception ex)
{
}
}
}
catch
{
}
}
module.Write("lsd.exe", new ModuleWriterOptions(module)
{
MetaDataOptions =
{
Flags = MetaDataFlags.PreserveAll
},
Logger = DummyLogger.NoThrowInstance
});
Console.WriteLine("=================================");
Console.ReadLine();
}
