From a9359729e99054e70a127e138b064b2d803f8a70 Mon Sep 17 00:00:00 2001
From: de4dot <de4dot@gmail.com>
Date: Thu, 20 Mar 2014 15:57:49 +0100
Subject: [PATCH] Detect .NET Reactor 4.8

---
 .../deobfuscators/dotNET_Reactor/v4/Deobfuscator.cs    | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/de4dot.code/deobfuscators/dotNET_Reactor/v4/Deobfuscator.cs b/de4dot.code/deobfuscators/dotNET_Reactor/v4/Deobfuscator.cs
index eccc159e..47d18400 100644
--- a/de4dot.code/deobfuscators/dotNET_Reactor/v4/Deobfuscator.cs
+++ b/de4dot.code/deobfuscators/dotNET_Reactor/v4/Deobfuscator.cs
@@ -361,6 +361,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
 			bool compileMethodHasConstant_0x70000000 = DeobUtils.HasInteger(compileMethod, 0x70000000);	// 4.0-4.1
 			DeobfuscatedFile.Deobfuscate(methodsDecrypter.Method);
 			bool hasCorEnableProfilingString = FindString(methodsDecrypter.Method, "Cor_Enable_Profiling");	// 4.1-4.4
+			bool hasCatchString = FindString(methodsDecrypter.Method, "catch: ");	// <= 4.7
 
 			if (compileMethodHasConstant_0x70000000) {
 				if (hasCorEnableProfilingString)
@@ -368,7 +369,6 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
 				return DeobfuscatorInfo.THE_NAME + " 4.0";
 			}
 			if (!hasCorEnableProfilingString) {
-				// 4.x or 4.5 - 4.6
 				bool callsReverse = DotNetUtils.CallsMethod(methodsDecrypter.Method, "System.Void System.Array::Reverse(System.Array)");
 				if (!callsReverse)
 					return DeobfuscatorInfo.THE_NAME + " 4.0 - 4.4";
@@ -382,7 +382,9 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
 					case 10:
 						if (!hasSymmetricAlgorithm)
 							return DeobfuscatorInfo.THE_NAME + " 4.6";
-						return DeobfuscatorInfo.THE_NAME + " 4.7";
+						if (hasCatchString)
+							return DeobfuscatorInfo.THE_NAME + " 4.7";
+						return DeobfuscatorInfo.THE_NAME + " 4.8";
 					}
 				}
 				else {
@@ -392,7 +394,9 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
 					case 9:
 						if (!hasSymmetricAlgorithm)
 							return DeobfuscatorInfo.THE_NAME + " 4.6";
-						return DeobfuscatorInfo.THE_NAME + " 4.7";
+						if (hasCatchString)
+							return DeobfuscatorInfo.THE_NAME + " 4.7";
+						return DeobfuscatorInfo.THE_NAME + " 4.8";
 					}
 				}