monocul.us/de4dot-cex
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remember to add this as first arg if HasThis is set

Browse Source
This commit is contained in:
de4dot 2011-10-21 19:32:37 +02:00
parent 8c2f26bfcb
commit a594b11254
4 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
blocks/cflow/BlockCflowDeobfuscator.cs
View File

@ -26,9 +26,9 @@ namespace de4dot.blocks.cflow {
Block block;
InstructionEmulator instructionEmulator = new InstructionEmulator();
public void init(Block block, IList<ParameterDefinition> args, IList<VariableDefinition> locals) {
public void init(Blocks blocks, Block block) {
this.block = block;
instructionEmulator.init(false, args, locals);
instructionEmulator.init(blocks.Method.HasThis, false, blocks.Method.Parameters, blocks.Locals);
}
// Returns true if code was updated, false otherwise

2
blocks/cflow/BlocksCflowDeobfuscator.cs
View File

@ -53,7 +53,7 @@ namespace de4dot.blocks.cflow {
var lastInstr = block.LastInstr;
if (!DotNetUtils.isConditionalBranch(lastInstr.OpCode.Code) && lastInstr.OpCode.Code != Code.Switch)
continue;
blockCflowDeobfuscator.init(block, blocks.Method.Parameters, blocks.Locals);
blockCflowDeobfuscator.init(blocks, block);
changed |= blockCflowDeobfuscator.deobfuscate();
}

4
blocks/cflow/InstructionEmulator.cs
View File

@ -30,12 +30,14 @@ namespace de4dot.blocks.cflow {
List<Value> args = new List<Value>();
List<Value> locals = new List<Value>();
public void init(bool initLocals, IList<ParameterDefinition> parameterDefinitions, IList<VariableDefinition> variableDefinitions) {
public void init(bool hasThis, bool initLocals, IList<ParameterDefinition> parameterDefinitions, IList<VariableDefinition> variableDefinitions) {
this.parameterDefinitions = parameterDefinitions;
this.variableDefinitions = variableDefinitions;
valueStack.init();
args.Clear();
if (hasThis)
args.Add(new UnknownValue());
foreach (var arg in parameterDefinitions)
args.Add(getUnknownValue(arg.ParameterType));

6
blocks/cflow/SwitchCflowDeobfuscator.cs
View File

@ -119,7 +119,7 @@ namespace de4dot.blocks.cflow {
foreach (var source in new List<Block>(block.Sources)) {
if (!isBranchBlock(source))
continue;
instructionEmulator.init(false, blocks.Method.Parameters, blocks.Locals);
instructionEmulator.init(blocks.Method.HasThis, false, blocks.Method.Parameters, blocks.Locals);
instructionEmulator.emulate(source.Instructions);
var target = getSwitchTarget(switchTargets, switchFallThrough, source, instructionEmulator.pop());
@ -145,7 +145,7 @@ namespace de4dot.blocks.cflow {
foreach (var source in new List<Block>(block.Sources)) {
if (!isBranchBlock(source))
continue;
instructionEmulator.init(false, blocks.Method.Parameters, blocks.Locals);
instructionEmulator.init(blocks.Method.HasThis, false, blocks.Method.Parameters, blocks.Locals);
instructionEmulator.emulate(source.Instructions);
var target = getSwitchTarget(switchTargets, switchFallThrough, source, instructionEmulator.getLocal(switchVariable));
@ -168,7 +168,7 @@ namespace de4dot.blocks.cflow {
foreach (var source in new List<Block>(block.Sources)) {
if (!isBranchBlock(source))
continue;
instructionEmulator.init(false, blocks.Method.Parameters, blocks.Locals);
instructionEmulator.init(blocks.Method.HasThis, false, blocks.Method.Parameters, blocks.Locals);
instructionEmulator.emulate(source.Instructions);
var target = getSwitchTarget(switchTargets, switchFallThrough, source, instructionEmulator.pop());