Update logger
- It's not static anymore - It implements ILogger - It can ignore errors/warnings but an option to disable it
This commit is contained in:
parent
9fac79c8a5
commit
b152362088
|
@ -57,6 +57,7 @@ namespace de4dot.code {
|
|||
writerOptions.MetaDataOptions.Flags |= MetaDataFlags.KeepOldMaxStack;
|
||||
if (preserveTokens)
|
||||
writerOptions.MetaDataOptions.Flags |= MetaDataFlags.PreserveTokens | MetaDataFlags.PreserveUSOffsets | MetaDataFlags.PreserveExtraSignatureData;
|
||||
writerOptions.Logger = Logger.Instance;
|
||||
module.Write(newFilename, writerOptions);
|
||||
}
|
||||
|
||||
|
|
|
@ -1,85 +0,0 @@
|
|||
/*
|
||||
Copyright (C) 2011-2012 de4dot@gmail.com
|
||||
|
||||
This file is part of de4dot.
|
||||
|
||||
de4dot is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
de4dot is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with de4dot. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
|
||||
namespace de4dot.code {
|
||||
public static class Log {
|
||||
public static int indentLevel = 0;
|
||||
const int indentSize = 2;
|
||||
|
||||
public enum LogLevel {
|
||||
error,
|
||||
warning,
|
||||
normal,
|
||||
verbose,
|
||||
veryverbose,
|
||||
}
|
||||
public static LogLevel logLevel = LogLevel.normal;
|
||||
public static string indentString = "";
|
||||
|
||||
public static bool isAtLeast(LogLevel ll) {
|
||||
return logLevel >= ll;
|
||||
}
|
||||
|
||||
static void initIndentString() {
|
||||
indentString = new string(' ', indentLevel * indentSize);
|
||||
}
|
||||
|
||||
public static void indent() {
|
||||
indentLevel++;
|
||||
initIndentString();
|
||||
}
|
||||
|
||||
public static void deIndent() {
|
||||
if (indentLevel <= 0)
|
||||
throw new ApplicationException("Can't de-indent!");
|
||||
indentLevel--;
|
||||
initIndentString();
|
||||
}
|
||||
|
||||
public static void log(LogLevel l, string format, params object[] args) {
|
||||
if (!isAtLeast(l))
|
||||
return;
|
||||
var indent = l <= LogLevel.warning ? "" : indentString;
|
||||
Console.WriteLine(indent + format, args);
|
||||
}
|
||||
|
||||
public static void e(string format, params object[] args) {
|
||||
log(LogLevel.error, format, args);
|
||||
}
|
||||
|
||||
public static void w(string format, params object[] args) {
|
||||
log(LogLevel.warning, format, args);
|
||||
}
|
||||
|
||||
public static void n(string format, params object[] args) {
|
||||
log(LogLevel.normal, format, args);
|
||||
}
|
||||
|
||||
public static void v(string format, params object[] args) {
|
||||
log(LogLevel.verbose, format, args);
|
||||
}
|
||||
|
||||
public static void vv(string format, params object[] args) {
|
||||
log(LogLevel.veryverbose, format, args);
|
||||
}
|
||||
}
|
||||
}
|
161
de4dot.code/Logger.cs
Normal file
161
de4dot.code/Logger.cs
Normal file
|
@ -0,0 +1,161 @@
|
|||
/*
|
||||
Copyright (C) 2011-2012 de4dot@gmail.com
|
||||
|
||||
This file is part of de4dot.
|
||||
|
||||
de4dot is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
de4dot is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with de4dot. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using dot10.DotNet;
|
||||
|
||||
namespace de4dot.code {
|
||||
public class Logger : ILogger {
|
||||
public readonly static Logger Instance = new Logger();
|
||||
|
||||
int indentLevel = 0;
|
||||
readonly int indentSize = 0;
|
||||
LoggerEvent maxLoggerEvent = LoggerEvent.Info;
|
||||
string indentString = "";
|
||||
Dictionary<string, bool> ignoredMessages = new Dictionary<string, bool>(StringComparer.Ordinal);
|
||||
int numIgnoredMessages;
|
||||
bool canIgnoreMessages;
|
||||
|
||||
public int IndentLevel {
|
||||
get { return indentLevel; }
|
||||
set {
|
||||
if (indentLevel == value)
|
||||
return;
|
||||
indentLevel = value;
|
||||
initIndentString();
|
||||
}
|
||||
}
|
||||
|
||||
public LoggerEvent MaxLoggerEvent {
|
||||
get { return maxLoggerEvent; }
|
||||
set { maxLoggerEvent = value; }
|
||||
}
|
||||
|
||||
public bool CanIgnoreMessages {
|
||||
get { return canIgnoreMessages; }
|
||||
set { canIgnoreMessages = value; }
|
||||
}
|
||||
|
||||
public int NumIgnoredMessages {
|
||||
get { return numIgnoredMessages; }
|
||||
}
|
||||
|
||||
public Logger()
|
||||
: this(2, true) {
|
||||
}
|
||||
|
||||
public Logger(int indentSize, bool canIgnoreMessages) {
|
||||
this.indentSize = indentSize;
|
||||
this.canIgnoreMessages = canIgnoreMessages;
|
||||
}
|
||||
|
||||
void initIndentString() {
|
||||
if (indentLevel < 0)
|
||||
indentLevel = 0;
|
||||
indentString = new string(' ', indentLevel * indentSize);
|
||||
}
|
||||
|
||||
public void indent() {
|
||||
indentLevel++;
|
||||
initIndentString();
|
||||
}
|
||||
|
||||
public void deIndent() {
|
||||
indentLevel--;
|
||||
initIndentString();
|
||||
}
|
||||
|
||||
public void Log(object sender, LoggerEvent loggerEvent, string format, params object[] args) {
|
||||
Log(true, sender, loggerEvent, format, args);
|
||||
}
|
||||
|
||||
public void Log(bool canIgnore, object sender, LoggerEvent loggerEvent, string format, params object[] args) {
|
||||
if (IgnoresEvent(loggerEvent))
|
||||
return;
|
||||
if (canIgnore && ignoreMessage(loggerEvent, format, args))
|
||||
return;
|
||||
|
||||
switch (loggerEvent) {
|
||||
case LoggerEvent.Error:
|
||||
foreach (var l in string.Format(format, args).Split('\n'))
|
||||
LogMessage(string.Empty, string.Format("ERROR: {0}", l));
|
||||
break;
|
||||
|
||||
case LoggerEvent.Warning:
|
||||
foreach (var l in string.Format(format, args).Split('\n'))
|
||||
LogMessage(string.Empty, string.Format("WARNING: {0}", l));
|
||||
break;
|
||||
|
||||
default:
|
||||
var indent = loggerEvent <= LoggerEvent.Warning ? "" : indentString;
|
||||
LogMessage(indent, format, args);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
bool ignoreMessage(LoggerEvent loggerEvent, string format, object[] args) {
|
||||
if (loggerEvent != LoggerEvent.Error && loggerEvent != LoggerEvent.Warning)
|
||||
return false;
|
||||
if (!canIgnoreMessages)
|
||||
return false;
|
||||
if (ignoredMessages.ContainsKey(format)) {
|
||||
numIgnoredMessages++;
|
||||
return true;
|
||||
}
|
||||
ignoredMessages[format] = true;
|
||||
return false;
|
||||
}
|
||||
|
||||
void LogMessage(string indent, string format, params object[] args) {
|
||||
if (args == null || args.Length == 0)
|
||||
Console.WriteLine("{0}{1}", indent, format);
|
||||
else
|
||||
Console.WriteLine(indent + format, args);
|
||||
}
|
||||
|
||||
public bool IgnoresEvent(LoggerEvent loggerEvent) {
|
||||
return loggerEvent > maxLoggerEvent;
|
||||
}
|
||||
|
||||
public static void log(LoggerEvent loggerEvent, string format, params object[] args) {
|
||||
Instance.Log(null, loggerEvent, format, args);
|
||||
}
|
||||
|
||||
public static void e(string format, params object[] args) {
|
||||
Instance.Log(null, LoggerEvent.Error, format, args);
|
||||
}
|
||||
|
||||
public static void w(string format, params object[] args) {
|
||||
Instance.Log(null, LoggerEvent.Warning, format, args);
|
||||
}
|
||||
|
||||
public static void n(string format, params object[] args) {
|
||||
Instance.Log(null, LoggerEvent.Info, format, args);
|
||||
}
|
||||
|
||||
public static void v(string format, params object[] args) {
|
||||
Instance.Log(null, LoggerEvent.Verbose, format, args);
|
||||
}
|
||||
|
||||
public static void vv(string format, params object[] args) {
|
||||
Instance.Log(null, LoggerEvent.VeryVerbose, format, args);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -25,7 +25,7 @@ using de4dot.blocks;
|
|||
|
||||
namespace de4dot.code {
|
||||
class MethodPrinter {
|
||||
Log.LogLevel logLevel;
|
||||
LoggerEvent loggerEvent;
|
||||
IList<Instruction> allInstructions;
|
||||
IList<ExceptionHandler> allExceptionHandlers;
|
||||
Dictionary<Instruction, bool> targets = new Dictionary<Instruction, bool>();
|
||||
|
@ -41,9 +41,9 @@ namespace de4dot.code {
|
|||
Dictionary<Instruction, ExInfo> exInfos = new Dictionary<Instruction, ExInfo>();
|
||||
ExInfo lastExInfo;
|
||||
|
||||
public void print(Log.LogLevel logLevel, IList<Instruction> allInstructions, IList<ExceptionHandler> allExceptionHandlers) {
|
||||
public void print(LoggerEvent loggerEvent, IList<Instruction> allInstructions, IList<ExceptionHandler> allExceptionHandlers) {
|
||||
try {
|
||||
this.logLevel = logLevel;
|
||||
this.loggerEvent = loggerEvent;
|
||||
this.allInstructions = allInstructions;
|
||||
this.allExceptionHandlers = allExceptionHandlers;
|
||||
lastExInfo = new ExInfo();
|
||||
|
@ -121,12 +121,12 @@ namespace de4dot.code {
|
|||
initTargets();
|
||||
initExHandlers();
|
||||
|
||||
Log.indent();
|
||||
Logger.Instance.indent();
|
||||
foreach (var instr in allInstructions) {
|
||||
if (targets.ContainsKey(instr)) {
|
||||
Log.deIndent();
|
||||
Log.log(logLevel, "{0}:", getLabel(instr));
|
||||
Log.indent();
|
||||
Logger.Instance.deIndent();
|
||||
Logger.log(loggerEvent, "{0}:", getLabel(instr));
|
||||
Logger.Instance.indent();
|
||||
}
|
||||
ExInfo exInfo;
|
||||
if (exInfos.TryGetValue(instr, out exInfo))
|
||||
|
@ -135,14 +135,14 @@ namespace de4dot.code {
|
|||
var operandString = getOperandString(instr);
|
||||
var memberReference = instr.Operand as ITokenOperand;
|
||||
if (operandString == "")
|
||||
Log.log(logLevel, "{0}", instrString);
|
||||
Logger.log(loggerEvent, "{0}", instrString);
|
||||
else if (memberReference != null)
|
||||
Log.log(logLevel, "{0,-9} {1} // {2:X8}", instrString, Utils.removeNewlines(operandString), memberReference.MDToken.ToUInt32());
|
||||
Logger.log(loggerEvent, "{0,-9} {1} // {2:X8}", instrString, Utils.removeNewlines(operandString), memberReference.MDToken.ToUInt32());
|
||||
else
|
||||
Log.log(logLevel, "{0,-9} {1}", instrString, Utils.removeNewlines(operandString));
|
||||
Logger.log(loggerEvent, "{0,-9} {1}", instrString, Utils.removeNewlines(operandString));
|
||||
}
|
||||
printExInfo(lastExInfo);
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
string getOperandString(Instruction instr) {
|
||||
|
@ -172,18 +172,18 @@ namespace de4dot.code {
|
|||
}
|
||||
|
||||
void printExInfo(ExInfo exInfo) {
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
foreach (var ex in exInfo.tryStarts)
|
||||
Log.log(logLevel, "// try start: {0}", getExceptionString(ex));
|
||||
Logger.log(loggerEvent, "// try start: {0}", getExceptionString(ex));
|
||||
foreach (var ex in exInfo.tryEnds)
|
||||
Log.log(logLevel, "// try end: {0}", getExceptionString(ex));
|
||||
Logger.log(loggerEvent, "// try end: {0}", getExceptionString(ex));
|
||||
foreach (var ex in exInfo.filterStarts)
|
||||
Log.log(logLevel, "// filter start: {0}", getExceptionString(ex));
|
||||
Logger.log(loggerEvent, "// filter start: {0}", getExceptionString(ex));
|
||||
foreach (var ex in exInfo.handlerStarts)
|
||||
Log.log(logLevel, "// handler start: {0}", getExceptionString(ex));
|
||||
Logger.log(loggerEvent, "// handler start: {0}", getExceptionString(ex));
|
||||
foreach (var ex in exInfo.handlerEnds)
|
||||
Log.log(logLevel, "// handler end: {0}", getExceptionString(ex));
|
||||
Log.indent();
|
||||
Logger.log(loggerEvent, "// handler end: {0}", getExceptionString(ex));
|
||||
Logger.Instance.indent();
|
||||
}
|
||||
|
||||
string getExceptionString(ExceptionHandler ex) {
|
||||
|
|
|
@ -301,7 +301,7 @@ namespace de4dot.code {
|
|||
// We're here if there were no cflow deobfuscation, or if there are two or
|
||||
// more blocks branching to the decrypter method, or the two blocks can't be
|
||||
// merged because one is outside the exception handler (eg. buggy obfuscator).
|
||||
Log.w("Could not find all arguments to method {0} ({1:X8})",
|
||||
Logger.w("Could not find all arguments to method {0} ({1:X8})",
|
||||
Utils.removeNewlines(method),
|
||||
method.MDToken.ToInt32());
|
||||
errors++;
|
||||
|
@ -354,7 +354,7 @@ namespace de4dot.code {
|
|||
int pushes, pops;
|
||||
instr.Instruction.CalculateStackUsage(false, out pushes, out pops);
|
||||
if (!useUnknownArgs || pushes != 1) {
|
||||
Log.w("Could not find all arguments to method {0} ({1:X8}), instr: {2}",
|
||||
Logger.w("Could not find all arguments to method {0} ({1:X8}), instr: {2}",
|
||||
Utils.removeNewlines(method),
|
||||
method.MDToken.ToInt32(),
|
||||
instr);
|
||||
|
|
|
@ -177,7 +177,7 @@ namespace de4dot.code {
|
|||
catch (BadImageFormatException) {
|
||||
if (!unpackNativeImage(deobfuscators))
|
||||
throw new BadImageFormatException();
|
||||
Log.v("Unpacked native file");
|
||||
Logger.v("Unpacked native file");
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -198,7 +198,7 @@ namespace de4dot.code {
|
|||
module = assemblyModule.load(unpackedData);
|
||||
}
|
||||
catch {
|
||||
Log.w("Could not load unpacked data. Deobfuscator: {0}", deob.TypeLong);
|
||||
Logger.w("Could not load unpacked data. Deobfuscator: {0}", deob.TypeLong);
|
||||
continue;
|
||||
}
|
||||
this.deob = deob;
|
||||
|
@ -283,7 +283,7 @@ namespace de4dot.code {
|
|||
catch {
|
||||
val = deob.Type == "un" ? 1 : 0;
|
||||
}
|
||||
Log.v("{0,3}: {1}", val, deob.TypeLong);
|
||||
Logger.v("{0,3}: {1}", val, deob.TypeLong);
|
||||
if (val > 0 && deob.Type != "un")
|
||||
allDetected.Add(deob);
|
||||
if (val > detectVal) {
|
||||
|
@ -294,11 +294,11 @@ namespace de4dot.code {
|
|||
this.deob = null;
|
||||
|
||||
if (allDetected.Count > 1) {
|
||||
Log.n("More than one obfuscator detected:");
|
||||
Log.indent();
|
||||
Logger.n("More than one obfuscator detected:");
|
||||
Logger.Instance.indent();
|
||||
foreach (var deob in allDetected)
|
||||
Log.n("{0} (use: -p {1})", deob.Name, deob.Type);
|
||||
Log.deIndent();
|
||||
Logger.n("{0} (use: -p {1})", deob.Name, deob.Type);
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
return detected;
|
||||
|
@ -309,7 +309,7 @@ namespace de4dot.code {
|
|||
}
|
||||
|
||||
public void save() {
|
||||
Log.n("Saving {0}", options.NewFilename);
|
||||
Logger.n("Saving {0}", options.NewFilename);
|
||||
assemblyModule.save(options.NewFilename, ShouldPreserveTokens(), options.ControlFlowDeobfuscation, deob as IModuleWriterListener);
|
||||
}
|
||||
|
||||
|
@ -353,7 +353,7 @@ namespace de4dot.code {
|
|||
}
|
||||
|
||||
public void deobfuscate() {
|
||||
Log.n("Cleaning {0}", options.Filename);
|
||||
Logger.n("Cleaning {0}", options.Filename);
|
||||
initAssemblyClient();
|
||||
|
||||
for (int i = 0; ; i++) {
|
||||
|
@ -370,7 +370,7 @@ namespace de4dot.code {
|
|||
}
|
||||
|
||||
void reloadModule(byte[] newModuleData, DumpedMethods dumpedMethods) {
|
||||
Log.v("Reloading decrypted assembly (original filename: {0})", Filename);
|
||||
Logger.v("Reloading decrypted assembly (original filename: {0})", Filename);
|
||||
simpleDeobfuscatorFlags.Clear();
|
||||
module = assemblyModule.reload(newModuleData, createDumpedMethodsRestorer(dumpedMethods), deob as IStringDecrypter);
|
||||
deob = deob.moduleReloaded(module);
|
||||
|
@ -460,7 +460,7 @@ namespace de4dot.code {
|
|||
}
|
||||
}
|
||||
|
||||
Log.v("Adding string decrypter; token: {0:X8}, method: {1}", method.MDToken.ToInt32(), Utils.removeNewlines(method.FullName));
|
||||
Logger.v("Adding string decrypter; token: {0:X8}, method: {1}", method.MDToken.ToInt32(), Utils.removeNewlines(method.FullName));
|
||||
tokens.Add(method.MDToken.ToInt32());
|
||||
}
|
||||
}
|
||||
|
@ -538,14 +538,14 @@ namespace de4dot.code {
|
|||
return;
|
||||
}
|
||||
|
||||
Log.v("Deobfuscating methods");
|
||||
Logger.v("Deobfuscating methods");
|
||||
var methodPrinter = new MethodPrinter();
|
||||
var cflowDeobfuscator = new BlocksCflowDeobfuscator(deob.BlocksDeobfuscators);
|
||||
foreach (var method in getAllMethods()) {
|
||||
Log.v("Deobfuscating {0} ({1:X8})", Utils.removeNewlines(method), method.MDToken.ToUInt32());
|
||||
Log.indent();
|
||||
Logger.v("Deobfuscating {0} ({1:X8})", Utils.removeNewlines(method), method.MDToken.ToUInt32());
|
||||
Logger.Instance.indent();
|
||||
|
||||
int oldIndentLevel = Log.indentLevel;
|
||||
int oldIndentLevel = Logger.Instance.IndentLevel;
|
||||
try {
|
||||
deobfuscate(method, cflowDeobfuscator, methodPrinter);
|
||||
}
|
||||
|
@ -554,21 +554,21 @@ namespace de4dot.code {
|
|||
}
|
||||
catch (Exception ex) {
|
||||
if (!canLoadMethodBody(method)) {
|
||||
Log.v("Invalid method body. {0:X8}", method.MDToken.ToInt32());
|
||||
Logger.v("Invalid method body. {0:X8}", method.MDToken.ToInt32());
|
||||
method.Body = new CilBody();
|
||||
}
|
||||
else {
|
||||
Log.w("Could not deobfuscate method {0:X8}. Hello, E.T.: {1}", // E.T. = exception type
|
||||
Logger.w("Could not deobfuscate method {0:X8}. Hello, E.T.: {1}", // E.T. = exception type
|
||||
method.MDToken.ToInt32(),
|
||||
ex.GetType());
|
||||
}
|
||||
}
|
||||
finally {
|
||||
Log.indentLevel = oldIndentLevel;
|
||||
Logger.Instance.IndentLevel = oldIndentLevel;
|
||||
}
|
||||
removeNoInliningAttribute(method);
|
||||
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -616,17 +616,17 @@ namespace de4dot.code {
|
|||
DotNetUtils.restoreBody(method, allInstructions, allExceptionHandlers);
|
||||
|
||||
if (numRemovedLocals > 0)
|
||||
Log.v("Removed {0} unused local(s)", numRemovedLocals);
|
||||
Logger.v("Removed {0} unused local(s)", numRemovedLocals);
|
||||
int numRemovedInstructions = oldNumInstructions - method.Body.Instructions.Count;
|
||||
if (numRemovedInstructions > 0)
|
||||
Log.v("Removed {0} dead instruction(s)", numRemovedInstructions);
|
||||
Logger.v("Removed {0} dead instruction(s)", numRemovedInstructions);
|
||||
|
||||
const Log.LogLevel dumpLogLevel = Log.LogLevel.veryverbose;
|
||||
if (Log.isAtLeast(dumpLogLevel)) {
|
||||
Log.log(dumpLogLevel, "Deobfuscated code:");
|
||||
Log.indent();
|
||||
const LoggerEvent dumpLogLevel = LoggerEvent.VeryVerbose;
|
||||
if (!Logger.Instance.IgnoresEvent(dumpLogLevel)) {
|
||||
Logger.log(dumpLogLevel, "Deobfuscated code:");
|
||||
Logger.Instance.indent();
|
||||
methodPrinter.print(dumpLogLevel, allInstructions, allExceptionHandlers);
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -713,8 +713,8 @@ namespace de4dot.code {
|
|||
if (savedMethodBodies != null)
|
||||
savedMethodBodies.save(method);
|
||||
|
||||
Log.v("{0}: {1} ({2:X8})", msg, Utils.removeNewlines(method), method.MDToken.ToUInt32());
|
||||
Log.indent();
|
||||
Logger.v("{0}: {1} ({2:X8})", msg, Utils.removeNewlines(method), method.MDToken.ToUInt32());
|
||||
Logger.Instance.indent();
|
||||
|
||||
if (hasNonEmptyBody(method)) {
|
||||
try {
|
||||
|
@ -728,11 +728,11 @@ namespace de4dot.code {
|
|||
DotNetUtils.restoreBody(method, allInstructions, allExceptionHandlers);
|
||||
}
|
||||
catch {
|
||||
Log.v("Could not deobfuscate {0:X8}", method.MDToken.ToInt32());
|
||||
Logger.v("Could not deobfuscate {0:X8}", method.MDToken.ToInt32());
|
||||
}
|
||||
}
|
||||
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void ISimpleDeobfuscator.deobfuscate(MethodDef method) {
|
||||
|
@ -759,7 +759,7 @@ namespace de4dot.code {
|
|||
extension = ".dll";
|
||||
var baseDir = Utils.getDirName(options.NewFilename);
|
||||
var newName = Path.Combine(baseDir, assemblyName + extension);
|
||||
Log.n("Creating file {0}", newName);
|
||||
Logger.n("Creating file {0}", newName);
|
||||
using (var writer = new BinaryWriter(new FileStream(newName, FileMode.Create))) {
|
||||
writer.Write(data);
|
||||
}
|
||||
|
|
|
@ -57,7 +57,7 @@ namespace de4dot.code {
|
|||
}
|
||||
}
|
||||
|
||||
Log.v("Decrypted string: {0}", Utils.toCsharpString(decryptedString));
|
||||
Logger.v("Decrypted string: {0}", Utils.toCsharpString(decryptedString));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -265,7 +265,7 @@
|
|||
<Compile Include="deobfuscators\Xenocode\StringDecrypter.cs" />
|
||||
<Compile Include="IDeobfuscatorContext.cs" />
|
||||
<Compile Include="IObfuscatedFile.cs" />
|
||||
<Compile Include="Log.cs" />
|
||||
<Compile Include="Logger.cs" />
|
||||
<Compile Include="DumpedMethodsRestorer.cs" />
|
||||
<Compile Include="MethodPrinter.cs" />
|
||||
<Compile Include="MethodReturnValueInliner.cs" />
|
||||
|
|
|
@ -219,7 +219,7 @@ namespace de4dot.code.deobfuscators.Agile_NET {
|
|||
var peImage = new PeImage(fileData);
|
||||
|
||||
if (!new MethodsDecrypter().decrypt(peImage, module, cliSecureRtType, ref dumpedMethods)) {
|
||||
Log.v("Methods aren't encrypted or invalid signature");
|
||||
Logger.v("Methods aren't encrypted or invalid signature");
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -331,7 +331,7 @@ namespace de4dot.code.deobfuscators.Agile_NET {
|
|||
if (!options.RemoveStackFrameHelper)
|
||||
return;
|
||||
if (stackFrameHelper.ExceptionLoggerRemover.remove(blocks))
|
||||
Log.v("Removed StackFrameHelper code");
|
||||
Logger.v("Removed StackFrameHelper code");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -444,7 +444,7 @@ namespace de4dot.code.deobfuscators.Agile_NET {
|
|||
case DecryptResult.NotEncrypted: return false;
|
||||
|
||||
case DecryptResult.Error:
|
||||
Log.w("Using dynamic method decryption");
|
||||
Logger.w("Using dynamic method decryption");
|
||||
byte[] moduleCctorBytes = getModuleCctorBytes(csRtType);
|
||||
dumpedMethods = de4dot.code.deobfuscators.MethodsDecrypter.decrypt(module.Location, moduleCctorBytes);
|
||||
return true;
|
||||
|
|
|
@ -60,7 +60,7 @@ namespace de4dot.code.deobfuscators.Agile_NET {
|
|||
|
||||
int delegateToken = 0x02000001 + instrs[0].GetLdcI4Value();
|
||||
if (type.MDToken.ToInt32() != delegateToken) {
|
||||
Log.w("Delegate token is not current type");
|
||||
Logger.w("Delegate token is not current type");
|
||||
return null;
|
||||
}
|
||||
|
||||
|
|
|
@ -86,18 +86,18 @@ namespace de4dot.code.deobfuscators.Agile_NET.vm {
|
|||
if (!Detected)
|
||||
return;
|
||||
|
||||
int oldIndent = Log.indentLevel;
|
||||
int oldIndent = Logger.Instance.IndentLevel;
|
||||
try {
|
||||
restore2();
|
||||
}
|
||||
finally {
|
||||
Log.indentLevel = oldIndent;
|
||||
Logger.Instance.IndentLevel = oldIndent;
|
||||
}
|
||||
}
|
||||
|
||||
void restore2() {
|
||||
Log.v("Restoring CSVM methods");
|
||||
Log.indent();
|
||||
Logger.v("Restoring CSVM methods");
|
||||
Logger.Instance.indent();
|
||||
|
||||
var opcodeDetector = getVmOpCodeHandlerDetector();
|
||||
var csvmMethods = new CsvmDataReader(resource.Data).read();
|
||||
|
@ -108,37 +108,37 @@ namespace de4dot.code.deobfuscators.Agile_NET.vm {
|
|||
if (cilMethod == null)
|
||||
throw new ApplicationException(string.Format("Could not find method {0:X8}", csvmMethod.Token));
|
||||
converter.convert(cilMethod, csvmMethod);
|
||||
Log.v("Restored method {0:X8}", cilMethod.MDToken.ToInt32());
|
||||
Logger.v("Restored method {0:X8}", cilMethod.MDToken.ToInt32());
|
||||
printMethod(methodPrinter, cilMethod);
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
static void printMethod(MethodPrinter methodPrinter, MethodDef method) {
|
||||
const Log.LogLevel dumpLogLevel = Log.LogLevel.verbose;
|
||||
if (!Log.isAtLeast(dumpLogLevel))
|
||||
const LoggerEvent dumpLogLevel = LoggerEvent.Verbose;
|
||||
if (Logger.Instance.IgnoresEvent(dumpLogLevel))
|
||||
return;
|
||||
|
||||
Log.indent();
|
||||
Logger.Instance.indent();
|
||||
|
||||
Log.v("Locals:");
|
||||
Log.indent();
|
||||
Logger.v("Locals:");
|
||||
Logger.Instance.indent();
|
||||
for (int i = 0; i < method.Body.LocalList.Count; i++)
|
||||
Log.v("#{0}: {1}", i, method.Body.LocalList[i].Type);
|
||||
Log.deIndent();
|
||||
Logger.v("#{0}: {1}", i, method.Body.LocalList[i].Type);
|
||||
Logger.Instance.deIndent();
|
||||
|
||||
Log.v("Code:");
|
||||
Log.indent();
|
||||
Logger.v("Code:");
|
||||
Logger.Instance.indent();
|
||||
methodPrinter.print(dumpLogLevel, method.Body.Instructions, method.Body.ExceptionHandlers);
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
VmOpCodeHandlerDetector getVmOpCodeHandlerDetector() {
|
||||
var vmFilename = vmAssemblyReference.Name + ".dll";
|
||||
var vmModulePath = Path.Combine(Path.GetDirectoryName(module.Location), vmFilename);
|
||||
Log.v("CSVM filename: {0}", vmFilename);
|
||||
Logger.v("CSVM filename: {0}", vmFilename);
|
||||
|
||||
var dataKey = "cs cached VmOpCodeHandlerDetector";
|
||||
var dict = (Dictionary<string, VmOpCodeHandlerDetector>)deobfuscatorContext.getData(dataKey);
|
||||
|
@ -150,11 +150,11 @@ namespace de4dot.code.deobfuscators.Agile_NET.vm {
|
|||
dict[vmModulePath] = detector = new VmOpCodeHandlerDetector(ModuleDefMD.Load(vmModulePath));
|
||||
|
||||
detector.findHandlers();
|
||||
Log.v("CSVM opcodes:");
|
||||
Log.indent();
|
||||
Logger.v("CSVM opcodes:");
|
||||
Logger.Instance.indent();
|
||||
for (int i = 0; i < detector.Handlers.Count; i++)
|
||||
Log.v("{0:X4}: {1}", i, detector.Handlers[i].Name);
|
||||
Log.deIndent();
|
||||
Logger.v("{0:X4}: {1}", i, detector.Handlers[i].Name);
|
||||
Logger.Instance.deIndent();
|
||||
|
||||
return detector;
|
||||
}
|
||||
|
|
|
@ -49,7 +49,7 @@ namespace de4dot.code.deobfuscators.Agile_NET.vm {
|
|||
DotNetUtils.restoreBody(cilMethod, newInstructions, newExceptions);
|
||||
|
||||
if (!operandRestorer.restore(cilMethod))
|
||||
Log.w("Failed to restore one or more instruction operands in CSVM method {0:X8}", cilMethod.MDToken.ToInt32());
|
||||
Logger.w("Failed to restore one or more instruction operands in CSVM method {0:X8}", cilMethod.MDToken.ToInt32());
|
||||
restoreConstrainedPrefix(cilMethod);
|
||||
}
|
||||
|
||||
|
@ -378,7 +378,7 @@ namespace de4dot.code.deobfuscators.Agile_NET.vm {
|
|||
var field = deobfuscatorContext.resolveField(fieldRef);
|
||||
bool isStatic;
|
||||
if (field == null) {
|
||||
Log.w("Could not resolve field {0:X8}. Assuming it's not static.", token);
|
||||
Logger.w("Could not resolve field {0:X8}. Assuming it's not static.", token);
|
||||
isStatic = false;
|
||||
}
|
||||
else
|
||||
|
|
|
@ -111,7 +111,7 @@ namespace de4dot.code.deobfuscators.Babel_NET {
|
|||
|
||||
encryptedResource = BabelUtils.findEmbeddedResource(module, resolverType, simpleDeobfuscator, deob);
|
||||
if (encryptedResource == null) {
|
||||
Log.w("Could not find embedded assemblies resource");
|
||||
Logger.w("Could not find embedded assemblies resource");
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
@ -148,7 +148,7 @@ namespace de4dot.code.deobfuscators.Babel_NET {
|
|||
|
||||
encryptedResource = BabelUtils.findEmbeddedResource(module, decrypterType, simpleDeobfuscator, deob);
|
||||
if (encryptedResource == null) {
|
||||
Log.w("Could not find encrypted constants resource");
|
||||
Logger.w("Could not find encrypted constants resource");
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -256,7 +256,7 @@ namespace de4dot.code.deobfuscators.Babel_NET {
|
|||
if (arrayType == null)
|
||||
continue;
|
||||
if (arrayType.Next.ElementType.GetPrimitiveSize() == -1) {
|
||||
Log.w("Can't decrypt non-primitive type array in method {0:X8}", blocks.Method.MDToken.ToInt32());
|
||||
Logger.w("Can't decrypt non-primitive type array in method {0:X8}", blocks.Method.MDToken.ToInt32());
|
||||
continue;
|
||||
}
|
||||
|
||||
|
@ -269,7 +269,7 @@ namespace de4dot.code.deobfuscators.Babel_NET {
|
|||
var decrypted = decryptArray(info.encryptedField.InitialValue, elemSize);
|
||||
|
||||
initializedDataCreator.addInitializeArrayCode(block, info.start, info.len, info.arrayType.Next.ToTypeDefOrRef(), decrypted);
|
||||
Log.v("Decrypted {0} array: {1} elements", info.arrayType.Next.ToString(), decrypted.Length / elemSize);
|
||||
Logger.v("Decrypted {0} array: {1} elements", info.arrayType.Next.ToString(), decrypted.Length / elemSize);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -206,7 +206,7 @@ namespace de4dot.code.deobfuscators.Babel_NET {
|
|||
|
||||
if (Operations.DecryptStrings != OpDecryptString.None) {
|
||||
if (stringDecrypter.Resource != null)
|
||||
Log.v("Adding string decrypter. Resource: {0}", Utils.toCsharpString(stringDecrypter.Resource.Name));
|
||||
Logger.v("Adding string decrypter. Resource: {0}", Utils.toCsharpString(stringDecrypter.Resource.Name));
|
||||
staticStringInliner.add(stringDecrypter.DecryptMethod, (method, gim, args) => {
|
||||
return stringDecrypter.decrypt(args);
|
||||
});
|
||||
|
|
|
@ -46,7 +46,7 @@ namespace de4dot.code.deobfuscators.Babel_NET {
|
|||
|
||||
static Inflater createNormal(bool noHeader, string errorMessage) {
|
||||
if (errorMessage != null)
|
||||
Log.w("{0}", errorMessage);
|
||||
Logger.w("{0}", errorMessage);
|
||||
return new Inflater(noHeader);
|
||||
}
|
||||
|
||||
|
|
|
@ -113,7 +113,7 @@ namespace de4dot.code.deobfuscators.Babel_NET {
|
|||
ImageReader addImageReader(string name, byte[] data) {
|
||||
var imageReader = new ImageReader(deobfuscatorContext, module, data);
|
||||
if (!imageReader.initialize()) {
|
||||
Log.w("Could not read encrypted methods");
|
||||
Logger.w("Could not read encrypted methods");
|
||||
return null;
|
||||
}
|
||||
if (imageReaders.ContainsKey(name))
|
||||
|
@ -159,11 +159,11 @@ namespace de4dot.code.deobfuscators.Babel_NET {
|
|||
numNonDecryptedMethods++;
|
||||
continue;
|
||||
}
|
||||
Log.v("Decrypting method {0:X8}", info.method.MDToken.ToInt32());
|
||||
Logger.v("Decrypting method {0:X8}", info.method.MDToken.ToInt32());
|
||||
imageReader.restore(info.FullName, info.method);
|
||||
}
|
||||
if (numNonDecryptedMethods > 0)
|
||||
Log.w("{0}/{1} methods not decrypted", numNonDecryptedMethods, totalEncryptedMethods);
|
||||
Logger.w("{0}/{1} methods not decrypted", numNonDecryptedMethods, totalEncryptedMethods);
|
||||
}
|
||||
|
||||
ImageReader getImageReader(string feature) {
|
||||
|
|
|
@ -131,7 +131,7 @@ namespace de4dot.code.deobfuscators.CodeVeil {
|
|||
doc.Load(XmlReader.Create(bundleXmlFile.Data.CreateStream()));
|
||||
var manifest = doc.DocumentElement;
|
||||
if (manifest.Name.ToLowerInvariant() != "manifest") {
|
||||
Log.w("Could not find Manifest element");
|
||||
Logger.w("Could not find Manifest element");
|
||||
return;
|
||||
}
|
||||
foreach (var tmp in manifest.ChildNodes) {
|
||||
|
@ -140,13 +140,13 @@ namespace de4dot.code.deobfuscators.CodeVeil {
|
|||
continue;
|
||||
|
||||
if (assemblyElem.Name.ToLowerInvariant() != "assembly") {
|
||||
Log.w("Unknown element: {0}", assemblyElem.Name);
|
||||
Logger.w("Unknown element: {0}", assemblyElem.Name);
|
||||
continue;
|
||||
}
|
||||
|
||||
int offset = getAttributeValueInt32(assemblyElem, "offset");
|
||||
if (offset < 0) {
|
||||
Log.w("Could not find offset attribute");
|
||||
Logger.w("Could not find offset attribute");
|
||||
continue;
|
||||
}
|
||||
|
||||
|
|
|
@ -323,7 +323,7 @@ namespace de4dot.code.deobfuscators.CodeVeil {
|
|||
if (decrypted == null)
|
||||
continue;
|
||||
|
||||
Log.v("Decrypted resource {0}", Utils.toCsharpString(resource.Name));
|
||||
Logger.v("Decrypted resource {0}", Utils.toCsharpString(resource.Name));
|
||||
module.Resources[i] = new EmbeddedResource(resource.Name, decrypted, resource.Flags);
|
||||
}
|
||||
}
|
||||
|
@ -343,7 +343,7 @@ namespace de4dot.code.deobfuscators.CodeVeil {
|
|||
return null;
|
||||
}
|
||||
catch (Exception ex) {
|
||||
Log.w("Got an exception when decrypting resources: {0} - {1}", ex.GetType(), ex.Message);
|
||||
Logger.w("Got an exception when decrypting resources: {0} - {1}", ex.GetType(), ex.Message);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -248,7 +248,7 @@ namespace de4dot.code.deobfuscators.CodeWall {
|
|||
simpleDeobfuscator.deobfuscate(info.Method);
|
||||
info.Resource = findResource(info.Method);
|
||||
if (info.Resource == null) {
|
||||
Log.w("Could not find encrypted strings resource (Method {0:X8})", info.Method.MDToken.ToInt32());
|
||||
Logger.w("Could not find encrypted strings resource (Method {0:X8})", info.Method.MDToken.ToInt32());
|
||||
continue;
|
||||
}
|
||||
info.Magic1 = findMagic1(info.Method);
|
||||
|
|
|
@ -122,8 +122,8 @@ namespace de4dot.code.deobfuscators.CryptoObfuscator {
|
|||
var decrypted = resourceDecrypter.decrypt(resource.GetResourceStream());
|
||||
var reader = MemoryImageStream.Create(decrypted);
|
||||
int numEncrypted = reader.ReadInt32();
|
||||
Log.v("Restoring {0} encrypted methods", numEncrypted);
|
||||
Log.indent();
|
||||
Logger.v("Restoring {0} encrypted methods", numEncrypted);
|
||||
Logger.Instance.indent();
|
||||
for (int i = 0; i < numEncrypted; i++) {
|
||||
int delegateTypeToken = reader.ReadInt32();
|
||||
uint codeOffset = reader.ReadUInt32();
|
||||
|
@ -132,7 +132,7 @@ namespace de4dot.code.deobfuscators.CryptoObfuscator {
|
|||
decrypt(reader, delegateTypeToken);
|
||||
reader.Position = origOffset;
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void decrypt(IBinaryReader reader, int delegateTypeToken) {
|
||||
|
@ -155,7 +155,7 @@ namespace de4dot.code.deobfuscators.CryptoObfuscator {
|
|||
var bodyReader = new MethodBodyReader(module, reader);
|
||||
bodyReader.read(encMethod);
|
||||
bodyReader.RestoreMethod(encMethod);
|
||||
Log.v("Restored method {0} ({1:X8}). Instrs:{2}, Locals:{3}, Exceptions:{4}",
|
||||
Logger.v("Restored method {0} ({1:X8}). Instrs:{2}, Locals:{3}, Exceptions:{4}",
|
||||
Utils.removeNewlines(encMethod.FullName),
|
||||
encMethod.MDToken.ToInt32(),
|
||||
encMethod.Body.Instructions.Count,
|
||||
|
|
|
@ -328,7 +328,7 @@ namespace de4dot.code.deobfuscators.CryptoObfuscator {
|
|||
|
||||
byte allFlags = (byte)(desEncryptedFlag | deflatedFlag | bitwiseNotEncryptedFlag);
|
||||
if ((flags & ~allFlags) != 0)
|
||||
Log.w("Found unknown resource encryption flags: 0x{0:X2}", flags);
|
||||
Logger.w("Found unknown resource encryption flags: 0x{0:X2}", flags);
|
||||
|
||||
if ((flags & desEncryptedFlag) != 0) {
|
||||
var memStream = new MemoryStream((int)resourceStream.Length);
|
||||
|
|
|
@ -68,7 +68,7 @@ namespace de4dot.code.deobfuscators.CryptoObfuscator {
|
|||
stringResource = DotNetUtils.getResource(module, resourceName) as EmbeddedResource;
|
||||
if (stringResource == null)
|
||||
return;
|
||||
Log.v("Adding string decrypter. Resource: {0}", Utils.toCsharpString(stringResource.Name));
|
||||
Logger.v("Adding string decrypter. Resource: {0}", Utils.toCsharpString(stringResource.Name));
|
||||
|
||||
decryptedData = resourceDecrypter.decrypt(stringResource.GetResourceStream());
|
||||
}
|
||||
|
|
|
@ -308,7 +308,7 @@ namespace de4dot.code.deobfuscators.DeepSea {
|
|||
data30 = new Data30();
|
||||
data30.resource = DeobUtils.getEmbeddedResourceFromCodeStrings(module, resolveHandler);
|
||||
if (data30.resource == null) {
|
||||
Log.w("Could not find resource of encrypted resources");
|
||||
Logger.w("Could not find resource of encrypted resources");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -30,18 +30,18 @@ using de4dot.blocks;
|
|||
namespace de4dot.code.deobfuscators {
|
||||
static class DeobUtils {
|
||||
public static void decryptAndAddResources(ModuleDef module, string encryptedName, Func<byte[]> decryptResource) {
|
||||
Log.v("Decrypting resources, name: {0}", Utils.toCsharpString(encryptedName));
|
||||
Logger.v("Decrypting resources, name: {0}", Utils.toCsharpString(encryptedName));
|
||||
var decryptedResourceData = decryptResource();
|
||||
if (decryptedResourceData == null)
|
||||
throw new ApplicationException("decryptedResourceData is null");
|
||||
var resourceModule = ModuleDefMD.Load(decryptedResourceData);
|
||||
|
||||
Log.indent();
|
||||
Logger.Instance.indent();
|
||||
foreach (var rsrc in resourceModule.Resources) {
|
||||
Log.v("Adding decrypted resource {0}", Utils.toCsharpString(rsrc.Name));
|
||||
Logger.v("Adding decrypted resource {0}", Utils.toCsharpString(rsrc.Name));
|
||||
module.Resources.Add(rsrc);
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
public static T lookup<T>(ModuleDefMD module, T def, string errorMessage) where T : class, ICodedToken {
|
||||
|
|
|
@ -189,7 +189,7 @@ namespace de4dot.code.deobfuscators {
|
|||
foreach (var type in module.GetTypes()) {
|
||||
if (!isTypeWithInvalidBaseType(moduleType, type))
|
||||
continue;
|
||||
Log.v("Adding System.Object as base type: {0} ({1:X8})",
|
||||
Logger.v("Adding System.Object as base type: {0} ({1:X8})",
|
||||
Utils.removeNewlines(type),
|
||||
type.MDToken.ToInt32());
|
||||
type.BaseType = module.CorLibTypes.Object.TypeDefOrRef;
|
||||
|
@ -298,7 +298,7 @@ namespace de4dot.code.deobfuscators {
|
|||
continue;
|
||||
|
||||
if (info.find(destMethod)) {
|
||||
Log.v("Removed call to {0}", Utils.removeNewlines(destMethod));
|
||||
Logger.v("Removed call to {0}", Utils.removeNewlines(destMethod));
|
||||
instrsToDelete.Add(i);
|
||||
}
|
||||
}
|
||||
|
@ -385,27 +385,27 @@ namespace de4dot.code.deobfuscators {
|
|||
if (emptyCctorsToRemove.Count == 0)
|
||||
return;
|
||||
|
||||
Log.v("Removing empty .cctor methods");
|
||||
Log.indent();
|
||||
Logger.v("Removing empty .cctor methods");
|
||||
Logger.Instance.indent();
|
||||
foreach (var cctor in emptyCctorsToRemove) {
|
||||
var type = cctor.DeclaringType;
|
||||
if (type == null)
|
||||
continue;
|
||||
if (type.Methods.Remove(cctor))
|
||||
Log.v("{0:X8}, type: {1} ({2:X8})",
|
||||
Logger.v("{0:X8}, type: {1} ({2:X8})",
|
||||
cctor.MDToken.ToUInt32(),
|
||||
Utils.removeNewlines(type),
|
||||
type.MDToken.ToUInt32());
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void deleteMethods() {
|
||||
if (methodsToRemove.Count == 0)
|
||||
return;
|
||||
|
||||
Log.v("Removing methods");
|
||||
Log.indent();
|
||||
Logger.v("Removing methods");
|
||||
Logger.Instance.indent();
|
||||
foreach (var info in methodsToRemove) {
|
||||
var method = info.obj;
|
||||
if (method == null)
|
||||
|
@ -414,21 +414,21 @@ namespace de4dot.code.deobfuscators {
|
|||
if (type == null)
|
||||
continue;
|
||||
if (type.Methods.Remove(method))
|
||||
Log.v("Removed method {0} ({1:X8}) (Type: {2}) (reason: {3})",
|
||||
Logger.v("Removed method {0} ({1:X8}) (Type: {2}) (reason: {3})",
|
||||
Utils.removeNewlines(method),
|
||||
method.MDToken.ToUInt32(),
|
||||
Utils.removeNewlines(type),
|
||||
info.reason);
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void deleteFields() {
|
||||
if (fieldsToRemove.Count == 0)
|
||||
return;
|
||||
|
||||
Log.v("Removing fields");
|
||||
Log.indent();
|
||||
Logger.v("Removing fields");
|
||||
Logger.Instance.indent();
|
||||
foreach (var info in fieldsToRemove) {
|
||||
var field = info.obj;
|
||||
if (field == null)
|
||||
|
@ -437,13 +437,13 @@ namespace de4dot.code.deobfuscators {
|
|||
if (type == null)
|
||||
continue;
|
||||
if (type.Fields.Remove(field))
|
||||
Log.v("Removed field {0} ({1:X8}) (Type: {2}) (reason: {3})",
|
||||
Logger.v("Removed field {0} ({1:X8}) (Type: {2}) (reason: {3})",
|
||||
Utils.removeNewlines(field),
|
||||
field.MDToken.ToUInt32(),
|
||||
Utils.removeNewlines(type),
|
||||
info.reason);
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void deleteTypes() {
|
||||
|
@ -451,8 +451,8 @@ namespace de4dot.code.deobfuscators {
|
|||
if (types == null || typesToRemove.Count == 0)
|
||||
return;
|
||||
|
||||
Log.v("Removing types");
|
||||
Log.indent();
|
||||
Logger.v("Removing types");
|
||||
Logger.Instance.indent();
|
||||
var moduleType = DotNetUtils.getModuleType(module);
|
||||
foreach (var info in typesToRemove) {
|
||||
var typeDef = info.obj;
|
||||
|
@ -464,24 +464,24 @@ namespace de4dot.code.deobfuscators {
|
|||
else
|
||||
removed = types.Remove(typeDef);
|
||||
if (removed)
|
||||
Log.v("Removed type {0} ({1:X8}) (reason: {2})",
|
||||
Logger.v("Removed type {0} ({1:X8}) (reason: {2})",
|
||||
Utils.removeNewlines(typeDef),
|
||||
typeDef.MDToken.ToUInt32(),
|
||||
info.reason);
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void deleteCustomAttributes() {
|
||||
if (attrsToRemove.Count == 0)
|
||||
return;
|
||||
|
||||
Log.v("Removing custom attributes");
|
||||
Log.indent();
|
||||
Logger.v("Removing custom attributes");
|
||||
Logger.Instance.indent();
|
||||
deleteCustomAttributes(module.CustomAttributes);
|
||||
if (module.Assembly != null)
|
||||
deleteCustomAttributes(module.Assembly.CustomAttributes);
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void deleteCustomAttributes(IList<CustomAttribute> customAttrs) {
|
||||
|
@ -495,7 +495,7 @@ namespace de4dot.code.deobfuscators {
|
|||
if (new SigComparer().Equals(typeDef, customAttrs[i].AttributeType)) {
|
||||
customAttrs.RemoveAt(i);
|
||||
i--;
|
||||
Log.v("Removed custom attribute {0} ({1:X8}) (reason: {2})",
|
||||
Logger.v("Removed custom attribute {0} ({1:X8}) (reason: {2})",
|
||||
Utils.removeNewlines(typeDef),
|
||||
typeDef.MDToken.ToUInt32(),
|
||||
info.reason);
|
||||
|
@ -506,19 +506,19 @@ namespace de4dot.code.deobfuscators {
|
|||
}
|
||||
|
||||
void deleteOtherAttributes() {
|
||||
Log.v("Removing other attributes");
|
||||
Log.indent();
|
||||
Logger.v("Removing other attributes");
|
||||
Logger.Instance.indent();
|
||||
deleteOtherAttributes(module.CustomAttributes);
|
||||
if (module.Assembly != null)
|
||||
deleteOtherAttributes(module.Assembly.CustomAttributes);
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void deleteOtherAttributes(IList<CustomAttribute> customAttributes) {
|
||||
for (int i = customAttributes.Count - 1; i >= 0; i--) {
|
||||
var attr = customAttributes[i].TypeFullName;
|
||||
if (attr == "System.Runtime.CompilerServices.SuppressIldasmAttribute") {
|
||||
Log.v("Removed attribute {0}", Utils.removeNewlines(attr));
|
||||
Logger.v("Removed attribute {0}", Utils.removeNewlines(attr));
|
||||
customAttributes.RemoveAt(i);
|
||||
}
|
||||
}
|
||||
|
@ -528,16 +528,16 @@ namespace de4dot.code.deobfuscators {
|
|||
if (!module.HasResources || resourcesToRemove.Count == 0)
|
||||
return;
|
||||
|
||||
Log.v("Removing resources");
|
||||
Log.indent();
|
||||
Logger.v("Removing resources");
|
||||
Logger.Instance.indent();
|
||||
foreach (var info in resourcesToRemove) {
|
||||
var resource = info.obj;
|
||||
if (resource == null)
|
||||
continue;
|
||||
if (module.Resources.Remove(resource))
|
||||
Log.v("Removed resource {0} (reason: {1})", Utils.toCsharpString(resource.Name), info.reason);
|
||||
Logger.v("Removed resource {0} (reason: {1})", Utils.toCsharpString(resource.Name), info.reason);
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
protected void setInitLocals() {
|
||||
|
@ -608,7 +608,7 @@ namespace de4dot.code.deobfuscators {
|
|||
|
||||
protected bool removeProxyDelegates(ProxyCallFixerBase proxyCallFixer, bool removeCreators) {
|
||||
if (proxyCallFixer.Errors != 0) {
|
||||
Log.v("Not removing proxy delegates and creator type since errors were detected.");
|
||||
Logger.v("Not removing proxy delegates and creator type since errors were detected.");
|
||||
return false;
|
||||
}
|
||||
addTypesToBeRemoved(proxyCallFixer.DelegateTypes, "Proxy delegate type");
|
||||
|
|
|
@ -85,7 +85,7 @@ namespace de4dot.code.deobfuscators.Dotfuscator {
|
|||
|
||||
var info = new StringDecrypterInfo(method, ldci4.GetLdcI4Value());
|
||||
stringDecrypterMethods.add(info.method, info);
|
||||
Log.v("Found string decrypter method: {0}, magic: 0x{1:X8}", Utils.removeNewlines(info.method), info.magic);
|
||||
Logger.v("Found string decrypter method: {0}, magic: 0x{1:X8}", Utils.removeNewlines(info.method), info.magic);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -364,7 +364,7 @@ namespace de4dot.code.deobfuscators.Eazfuscator_NET {
|
|||
}
|
||||
catch {
|
||||
}
|
||||
Log.w("Could not load assembly from decrypted resource {0}", Utils.toCsharpString(info.ResourceName));
|
||||
Logger.w("Could not load assembly from decrypted resource {0}", Utils.toCsharpString(info.ResourceName));
|
||||
int index = info.Filename.LastIndexOf('.');
|
||||
if (index < 0) {
|
||||
info.SimpleName = info.Filename;
|
||||
|
|
|
@ -210,9 +210,9 @@ namespace de4dot.code.deobfuscators.Eazfuscator_NET {
|
|||
|
||||
if (!findConstants(simpleDeobfuscator)) {
|
||||
if (encryptedResource == null)
|
||||
Log.w("Could not find encrypted resource. Strings cannot be decrypted.");
|
||||
Logger.w("Could not find encrypted resource. Strings cannot be decrypted.");
|
||||
else
|
||||
Log.w("Can't decrypt strings. Possibly a new Eazfuscator.NET version.");
|
||||
Logger.w("Can't decrypt strings. Possibly a new Eazfuscator.NET version.");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -40,7 +40,7 @@ namespace de4dot.code.deobfuscators.Goliath_NET {
|
|||
|
||||
var arrayData = (byte[])callResult.returnValue;
|
||||
initializedDataCreator.addInitializeArrayCode(block, callResult.callStartIndex, num, module.TypeSystem.Byte, arrayData);
|
||||
Log.v("Decrypted array: {0} bytes", arrayData.Length);
|
||||
Logger.v("Decrypted array: {0} bytes", arrayData.Length);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -232,7 +232,7 @@ namespace de4dot.code.deobfuscators.Goliath_NET {
|
|||
localsRestorer.deobfuscate(blocks);
|
||||
if (options.RemoveAntiStrongName) {
|
||||
if (strongNameChecker.deobfuscate(blocks))
|
||||
Log.v("Removed strong name checker code");
|
||||
Logger.v("Removed strong name checker code");
|
||||
}
|
||||
logicalExpressionFixer.deobfuscate(blocks);
|
||||
base.deobfuscateMethodEnd(blocks);
|
||||
|
|
|
@ -39,7 +39,7 @@ namespace de4dot.code.deobfuscators.Goliath_NET {
|
|||
}
|
||||
|
||||
public new void find() {
|
||||
Log.v("Finding all proxy delegates");
|
||||
Logger.v("Finding all proxy delegates");
|
||||
var infos = new List<MyInfo>();
|
||||
foreach (var type in module.GetTypes()) {
|
||||
if (type.BaseType == null || type.BaseType.FullName != "System.MulticastDelegate")
|
||||
|
@ -56,19 +56,19 @@ namespace de4dot.code.deobfuscators.Goliath_NET {
|
|||
if (infos.Count == 0)
|
||||
continue;
|
||||
|
||||
Log.v("Found proxy delegate: {0} ({1:X8})", Utils.removeNewlines(type), type.MDToken.ToUInt32());
|
||||
Logger.v("Found proxy delegate: {0} ({1:X8})", Utils.removeNewlines(type), type.MDToken.ToUInt32());
|
||||
RemovedDelegateCreatorCalls++;
|
||||
Log.indent();
|
||||
Logger.Instance.indent();
|
||||
foreach (var info in infos) {
|
||||
var di = info.delegateInfo;
|
||||
add(info.method, di);
|
||||
Log.v("Field: {0}, Opcode: {1}, Method: {2} ({3:X8})",
|
||||
Logger.v("Field: {0}, Opcode: {1}, Method: {2} ({3:X8})",
|
||||
Utils.removeNewlines(di.field.Name),
|
||||
di.callOpcode,
|
||||
Utils.removeNewlines(di.methodRef),
|
||||
di.methodRef.MDToken.ToUInt32());
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
delegateTypesDict[type] = true;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -200,15 +200,15 @@ namespace de4dot.code.deobfuscators.ILProtector {
|
|||
if (methodInfos.Count == 0)
|
||||
return;
|
||||
|
||||
Log.v("Restoring {0} methods", methodInfos.Count);
|
||||
Log.indent();
|
||||
Logger.v("Restoring {0} methods", methodInfos.Count);
|
||||
Logger.Instance.indent();
|
||||
foreach (var type in module.GetTypes()) {
|
||||
foreach (var method in type.Methods) {
|
||||
if (method.Body == null)
|
||||
continue;
|
||||
|
||||
if (restoreMethod(method)) {
|
||||
Log.v("Restored method {0} ({1:X8}). Instrs:{2}, Locals:{3}, Exceptions:{4}",
|
||||
Logger.v("Restored method {0} ({1:X8}). Instrs:{2}, Locals:{3}, Exceptions:{4}",
|
||||
Utils.removeNewlines(method.FullName),
|
||||
method.MDToken.ToInt32(),
|
||||
method.Body.Instructions.Count,
|
||||
|
@ -217,9 +217,9 @@ namespace de4dot.code.deobfuscators.ILProtector {
|
|||
}
|
||||
}
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
if (methodInfos.Count != 0)
|
||||
Log.w("{0} methods weren't restored", methodInfos.Count);
|
||||
Logger.w("{0} methods weren't restored", methodInfos.Count);
|
||||
}
|
||||
|
||||
const int INVALID_METHOD_ID = -1;
|
||||
|
|
|
@ -251,7 +251,7 @@ namespace de4dot.code.deobfuscators.MPRESS {
|
|||
BitConverter.ToInt16(hash, 6),
|
||||
hash[8], hash[9], hash[10], hash[11],
|
||||
hash[12], hash[13], hash[14], hash[15]);
|
||||
Log.v("Updating MVID: {0}", guid.ToString("B"));
|
||||
Logger.v("Updating MVID: {0}", guid.ToString("B"));
|
||||
module.Mvid = guid;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -146,7 +146,7 @@ namespace de4dot.code.deobfuscators.MaxtoCode {
|
|||
return Encoding.GetEncoding(cp);
|
||||
}
|
||||
catch {
|
||||
Log.w("Invalid code page {0}!", cp);
|
||||
Logger.w("Invalid code page {0}!", cp);
|
||||
return Encoding.Default;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -106,7 +106,7 @@ namespace de4dot.code.deobfuscators.MaxtoCode {
|
|||
return info.Version;
|
||||
}
|
||||
|
||||
Log.w("Could not detect MC version. Magic2: {0:X8} {1:X8}", m2lo, m2hi);
|
||||
Logger.w("Could not detect MC version. Magic2: {0:X8} {1:X8}", m2lo, m2hi);
|
||||
return EncryptionVersion.Unknown;
|
||||
}
|
||||
|
||||
|
@ -531,10 +531,10 @@ namespace de4dot.code.deobfuscators.MaxtoCode {
|
|||
return;
|
||||
if (resourceRva != peImage.Cor20Header.resources.virtualAddress ||
|
||||
resourceSize != peImage.Cor20Header.resources.size) {
|
||||
Log.w("Invalid resource RVA and size found");
|
||||
Logger.w("Invalid resource RVA and size found");
|
||||
}
|
||||
|
||||
Log.v("Decrypting resources @ RVA {0:X8}, {1} bytes", resourceRva, resourceSize);
|
||||
Logger.v("Decrypting resources @ RVA {0:X8}, {1} bytes", resourceRva, resourceSize);
|
||||
|
||||
int resourceOffset = (int)peImage.rvaToOffset(resourceRva);
|
||||
for (int i = 0; i < resourceSize; i++)
|
||||
|
@ -555,11 +555,11 @@ namespace de4dot.code.deobfuscators.MaxtoCode {
|
|||
if (usHeap == null ||
|
||||
peImage.rvaToOffset(usHeapRva) != usHeap.fileOffset ||
|
||||
usHeapSize != usHeap.Length) {
|
||||
Log.w("Invalid #US heap RVA and size found");
|
||||
Logger.w("Invalid #US heap RVA and size found");
|
||||
}
|
||||
|
||||
Log.v("Decrypting strings @ RVA {0:X8}, {1} bytes", usHeapRva, usHeapSize);
|
||||
Log.indent();
|
||||
Logger.v("Decrypting strings @ RVA {0:X8}, {1} bytes", usHeapRva, usHeapSize);
|
||||
Logger.Instance.indent();
|
||||
|
||||
int mcKeyOffset = 0;
|
||||
int usHeapOffset = (int)peImage.rvaToOffset(usHeapRva);
|
||||
|
@ -582,16 +582,16 @@ namespace de4dot.code.deobfuscators.MaxtoCode {
|
|||
}
|
||||
|
||||
try {
|
||||
Log.v("Decrypted string: {0}", Utils.toCsharpString(Encoding.Unicode.GetString(fileData, usHeapOffsetString, stringDataLength - 1)));
|
||||
Logger.v("Decrypted string: {0}", Utils.toCsharpString(Encoding.Unicode.GetString(fileData, usHeapOffsetString, stringDataLength - 1)));
|
||||
}
|
||||
catch {
|
||||
Log.v("Could not decrypt string at offset {0:X8}", usHeapOffsetOrig);
|
||||
Logger.v("Could not decrypt string at offset {0:X8}", usHeapOffsetOrig);
|
||||
}
|
||||
|
||||
usHeapOffset++;
|
||||
}
|
||||
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
byte rolb(byte b, int n) {
|
||||
|
|
|
@ -206,7 +206,7 @@ namespace de4dot.code.deobfuscators {
|
|||
if (delegateCreatorMethods.Count == 0)
|
||||
return;
|
||||
|
||||
Log.v("Finding all proxy delegates");
|
||||
Logger.v("Finding all proxy delegates");
|
||||
foreach (var tmp in getDelegateTypes()) {
|
||||
var type = tmp;
|
||||
var cctor = type.FindClassConstructor();
|
||||
|
@ -219,10 +219,10 @@ namespace de4dot.code.deobfuscators {
|
|||
if (context == null)
|
||||
continue;
|
||||
|
||||
Log.v("Found proxy delegate: {0} ({1:X8})", Utils.removeNewlines(type), type.MDToken.ToUInt32());
|
||||
Logger.v("Found proxy delegate: {0} ({1:X8})", Utils.removeNewlines(type), type.MDToken.ToUInt32());
|
||||
RemovedDelegateCreatorCalls++;
|
||||
|
||||
Log.indent();
|
||||
Logger.Instance.indent();
|
||||
foreach (var field in type.Fields) {
|
||||
if (!field.IsStatic)
|
||||
continue;
|
||||
|
@ -234,13 +234,13 @@ namespace de4dot.code.deobfuscators {
|
|||
if (calledMethod == null)
|
||||
continue;
|
||||
addDelegateInfo(new DelegateInfo(field, calledMethod, callOpcode));
|
||||
Log.v("Field: {0}, Opcode: {1}, Method: {2} ({3:X8})",
|
||||
Logger.v("Field: {0}, Opcode: {1}, Method: {2} ({3:X8})",
|
||||
Utils.removeNewlines(field.Name),
|
||||
callOpcode,
|
||||
Utils.removeNewlines(calledMethod),
|
||||
calledMethod.MDToken.Raw);
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
delegateTypesDict[type] = true;
|
||||
}
|
||||
}
|
||||
|
@ -269,7 +269,7 @@ namespace de4dot.code.deobfuscators {
|
|||
}
|
||||
else {
|
||||
errors++;
|
||||
Log.w("Could not fix proxy call. Method: {0} ({1:X8}), Proxy type: {2} ({3:X8})",
|
||||
Logger.w("Could not fix proxy call. Method: {0} ({1:X8}), Proxy type: {2} ({3:X8})",
|
||||
Utils.removeNewlines(blocks.Method),
|
||||
blocks.Method.MDToken.ToInt32(),
|
||||
Utils.removeNewlines(di.field.DeclaringType),
|
||||
|
@ -354,7 +354,7 @@ namespace de4dot.code.deobfuscators {
|
|||
|
||||
// Oooops!!! The obfuscator is buggy. Well, let's hope it is, or it's my code. ;)
|
||||
|
||||
Log.w("Holy obfuscator bugs, Batman! Found a proxy delegate call with no instance push in {0:X8}. Replacing it with a throw...", obfuscatedMethod.MDToken.ToInt32());
|
||||
Logger.w("Holy obfuscator bugs, Batman! Found a proxy delegate call with no instance push in {0:X8}. Replacing it with a throw...", obfuscatedMethod.MDToken.ToInt32());
|
||||
block.insert(i, Instruction.Create(OpCodes.Ldnull));
|
||||
block.replace(i + 1, 1, Instruction.Create(OpCodes.Throw));
|
||||
i++;
|
||||
|
@ -387,7 +387,7 @@ namespace de4dot.code.deobfuscators {
|
|||
if (delegateCreatorMethods.Count == 0)
|
||||
return;
|
||||
|
||||
Log.v("Finding all proxy delegates");
|
||||
Logger.v("Finding all proxy delegates");
|
||||
find2();
|
||||
}
|
||||
|
||||
|
@ -403,11 +403,11 @@ namespace de4dot.code.deobfuscators {
|
|||
if (context == null)
|
||||
continue;
|
||||
|
||||
Log.v("Found proxy delegate: {0} ({1:X8})", Utils.removeNewlines(type), type.MDToken.ToUInt32());
|
||||
Logger.v("Found proxy delegate: {0} ({1:X8})", Utils.removeNewlines(type), type.MDToken.ToUInt32());
|
||||
RemovedDelegateCreatorCalls++;
|
||||
var fieldToMethod = getFieldToMethodDictionary(type);
|
||||
|
||||
Log.indent();
|
||||
Logger.Instance.indent();
|
||||
foreach (var field in type.Fields) {
|
||||
MethodDef proxyMethod;
|
||||
if (!fieldToMethod.TryGetValue(field, out proxyMethod))
|
||||
|
@ -420,13 +420,13 @@ namespace de4dot.code.deobfuscators {
|
|||
if (calledMethod == null)
|
||||
continue;
|
||||
add(proxyMethod, new DelegateInfo(field, calledMethod, callOpcode));
|
||||
Log.v("Field: {0}, Opcode: {1}, Method: {2} ({3:X8})",
|
||||
Logger.v("Field: {0}, Opcode: {1}, Method: {2} ({3:X8})",
|
||||
Utils.removeNewlines(field.Name),
|
||||
callOpcode,
|
||||
Utils.removeNewlines(calledMethod),
|
||||
calledMethod.MDToken.ToUInt32());
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
delegateTypesDict[type] = true;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -219,7 +219,7 @@ namespace de4dot.code.deobfuscators.Rummage {
|
|||
var decrypted = decrypt(info);
|
||||
|
||||
instrs[i] = new Instr(Instruction.Create(OpCodes.Ldstr, decrypted));
|
||||
Log.v("Decrypted string: {0}", Utils.toCsharpString(decrypted));
|
||||
Logger.v("Decrypted string: {0}", Utils.toCsharpString(decrypted));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -306,7 +306,7 @@ namespace de4dot.code.deobfuscators.Skater_NET {
|
|||
continue;
|
||||
|
||||
instrs[i] = new Instr(Instruction.Create(OpCodes.Ldstr, decrypted));
|
||||
Log.v("Decrypted string: {0}", Utils.toCsharpString(decrypted));
|
||||
Logger.v("Decrypted string: {0}", Utils.toCsharpString(decrypted));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -45,7 +45,7 @@ namespace de4dot.code.deobfuscators.SmartAssembly {
|
|||
var returned = new Dictionary<Resource, bool>();
|
||||
foreach (var info in assemblyResolverInfo.EmbeddedAssemblyInfos) {
|
||||
if (info.resource == null) {
|
||||
Log.w("Could not find embedded resource {0}", Utils.toCsharpString(info.resourceName));
|
||||
Logger.w("Could not find embedded resource {0}", Utils.toCsharpString(info.resourceName));
|
||||
continue;
|
||||
}
|
||||
if (returned.ContainsKey(info.resource))
|
||||
|
|
|
@ -145,11 +145,11 @@ namespace de4dot.code.deobfuscators.SmartAssembly {
|
|||
list.Add(info);
|
||||
}
|
||||
|
||||
Log.v("Found embedded assemblies:");
|
||||
Log.indent();
|
||||
Logger.v("Found embedded assemblies:");
|
||||
Logger.Instance.indent();
|
||||
foreach (var info in list)
|
||||
Log.v("{0}", info.assemblyName);
|
||||
Log.deIndent();
|
||||
Logger.v("{0}", info.assemblyName);
|
||||
Logger.Instance.deIndent();
|
||||
|
||||
return true;
|
||||
}
|
||||
|
|
|
@ -409,12 +409,12 @@ namespace de4dot.code.deobfuscators.SmartAssembly {
|
|||
foreach (var info in stringDecrypterInfos) {
|
||||
if (initd.ContainsKey(info))
|
||||
continue;
|
||||
Log.v("String decrypter not initialized. Token {0:X8}", info.StringsEncodingClass.MDToken.ToInt32());
|
||||
Logger.v("String decrypter not initialized. Token {0:X8}", info.StringsEncodingClass.MDToken.ToInt32());
|
||||
}
|
||||
}
|
||||
|
||||
void initStringDecrypter(StringDecrypterInfo info) {
|
||||
Log.v("Adding string decrypter. Resource: {0}", Utils.toCsharpString(info.StringsResource.Name));
|
||||
Logger.v("Adding string decrypter. Resource: {0}", Utils.toCsharpString(info.StringsResource.Name));
|
||||
var decrypter = new StringDecrypter(info);
|
||||
if (decrypter.CanDecrypt) {
|
||||
staticStringInliner.add(DotNetUtils.getMethod(info.GetStringDelegate, "Invoke"), (method, gim, args) => {
|
||||
|
@ -489,14 +489,14 @@ namespace de4dot.code.deobfuscators.SmartAssembly {
|
|||
if (!options.RemoveAutomatedErrorReporting)
|
||||
return;
|
||||
if (automatedErrorReportingFinder.remove(blocks))
|
||||
Log.v("Removed Automated Error Reporting code");
|
||||
Logger.v("Removed Automated Error Reporting code");
|
||||
}
|
||||
|
||||
void removeTamperProtection(Blocks blocks) {
|
||||
if (!options.RemoveTamperProtection)
|
||||
return;
|
||||
if (tamperProtectionRemover.remove(blocks))
|
||||
Log.v("Removed Tamper Protection code");
|
||||
Logger.v("Removed Tamper Protection code");
|
||||
}
|
||||
|
||||
void removeMemoryManagerStuff() {
|
||||
|
|
|
@ -68,7 +68,7 @@ namespace de4dot.code.deobfuscators.SmartAssembly {
|
|||
|
||||
int delegateToken = 0x02000001 + DotNetUtils.getLdcI4Value(instrs[0]);
|
||||
if (type.MDToken.ToInt32() != delegateToken) {
|
||||
Log.w("Delegate token is not current type");
|
||||
Logger.w("Delegate token is not current type");
|
||||
return null;
|
||||
}
|
||||
|
||||
|
@ -93,7 +93,7 @@ namespace de4dot.code.deobfuscators.SmartAssembly {
|
|||
}
|
||||
|
||||
if (methodIndex >= memberReferences.Count) {
|
||||
Log.w("Ignoring invalid methodIndex: {0:X8}, field: {1:X8}", methodIndex, field.MDToken.ToInt32());
|
||||
Logger.w("Ignoring invalid methodIndex: {0:X8}, field: {1:X8}", methodIndex, field.MDToken.ToInt32());
|
||||
calledMethod = null;
|
||||
return;
|
||||
}
|
||||
|
|
|
@ -63,7 +63,7 @@ namespace de4dot.code.deobfuscators.SmartAssembly {
|
|||
return false;
|
||||
|
||||
resourceInfo = info;
|
||||
Log.v("Found embedded assemblies resource {0}", Utils.toCsharpString(info.resourceName));
|
||||
Logger.v("Found embedded assemblies resource {0}", Utils.toCsharpString(info.resourceName));
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -296,7 +296,7 @@ namespace de4dot.code.deobfuscators.SmartAssembly {
|
|||
|
||||
if (tamperBlocks == null) {
|
||||
if (isTamperProtected(allBlocks))
|
||||
Log.w("Could not remove tamper protection code: {0} ({1:X8})", Utils.removeNewlines(blocks.Method), blocks.Method.MDToken.ToUInt32());
|
||||
Logger.w("Could not remove tamper protection code: {0} ({1:X8})", Utils.removeNewlines(blocks.Method), blocks.Method.MDToken.ToUInt32());
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
|
@ -134,7 +134,7 @@ namespace de4dot.code.deobfuscators.Spices_Net {
|
|||
if (resourceNamespace != ns)
|
||||
return;
|
||||
|
||||
Log.v("Restoring resource name: '{0}' => '{1}'",
|
||||
Logger.v("Restoring resource name: '{0}' => '{1}'",
|
||||
Utils.removeNewlines(resource.Name),
|
||||
Utils.removeNewlines(newName));
|
||||
resource.Name = newName;
|
||||
|
|
|
@ -91,7 +91,7 @@ namespace de4dot.code.deobfuscators.Spices_Net {
|
|||
var list = methodToOrigMethods.find(calledMethod);
|
||||
var method = list[0];
|
||||
|
||||
Log.v("Restored method body {0:X8} from method {1:X8}",
|
||||
Logger.v("Restored method body {0:X8} from method {1:X8}",
|
||||
method.MDToken.ToInt32(),
|
||||
calledMethod.MDToken.ToInt32());
|
||||
DotNetUtils.copyBodyFromTo(calledMethod, method);
|
||||
|
|
|
@ -184,12 +184,12 @@ namespace de4dot.code.deobfuscators {
|
|||
if (fields.Count == 0)
|
||||
return;
|
||||
|
||||
Log.v("Changing field types to real type");
|
||||
Logger.v("Changing field types to real type");
|
||||
fields.Sort((a, b) => a.token.CompareTo(b.token));
|
||||
Log.indent();
|
||||
Logger.Instance.indent();
|
||||
foreach (var updatedField in fields)
|
||||
Log.v("Field {0:X8}: type {1} ({2:X8})", updatedField.token, Utils.removeNewlines(updatedField.newFieldType.FullName), updatedField.newFieldType.MDToken.ToInt32());
|
||||
Log.deIndent();
|
||||
Logger.v("Field {0:X8}: type {1} ({2:X8})", updatedField.token, Utils.removeNewlines(updatedField.newFieldType.FullName), updatedField.newFieldType.MDToken.ToInt32());
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void restoreMethodTypes() {
|
||||
|
@ -197,14 +197,14 @@ namespace de4dot.code.deobfuscators {
|
|||
if (methods.Count == 0)
|
||||
return;
|
||||
|
||||
Log.v("Changing method args and return types to real type");
|
||||
Logger.v("Changing method args and return types to real type");
|
||||
methods.Sort((a, b) => a.token.CompareTo(b.token));
|
||||
Log.indent();
|
||||
Logger.Instance.indent();
|
||||
foreach (var updatedMethod in methods) {
|
||||
Log.v("Method {0:X8}", updatedMethod.token);
|
||||
Log.indent();
|
||||
Logger.v("Method {0:X8}", updatedMethod.token);
|
||||
Logger.Instance.indent();
|
||||
if (updatedMethod.newReturnType != null) {
|
||||
Log.v("ret: {0} ({1:X8})",
|
||||
Logger.v("ret: {0} ({1:X8})",
|
||||
Utils.removeNewlines(updatedMethod.newReturnType.FullName),
|
||||
updatedMethod.newReturnType.MDToken.ToInt32());
|
||||
}
|
||||
|
@ -212,14 +212,14 @@ namespace de4dot.code.deobfuscators {
|
|||
var updatedArg = updatedMethod.newArgTypes[i];
|
||||
if (updatedArg == null)
|
||||
continue;
|
||||
Log.v("arg {0}: {1} ({2:X8})",
|
||||
Logger.v("arg {0}: {1} ({2:X8})",
|
||||
i,
|
||||
Utils.removeNewlines(updatedArg.FullName),
|
||||
updatedArg.MDToken.ToInt32());
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
bool deobfuscateMethods() {
|
||||
|
|
|
@ -99,7 +99,7 @@ namespace de4dot.code.deobfuscators {
|
|||
|
||||
block.replace(callResult.callStartIndex, num, Instruction.CreateLdcI4((bool)callResult.returnValue ? 1 : 0));
|
||||
removeUnboxInstruction(block, callResult.callStartIndex + 1, "System.Boolean");
|
||||
Log.v("Decrypted boolean: {0}", callResult.returnValue);
|
||||
Logger.v("Decrypted boolean: {0}", callResult.returnValue);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -112,7 +112,7 @@ namespace de4dot.code.deobfuscators {
|
|||
|
||||
block.replace(callResult.callStartIndex, num, Instruction.CreateLdcI4((int)callResult.returnValue));
|
||||
removeUnboxInstruction(block, callResult.callStartIndex + 1, "System.Int32");
|
||||
Log.v("Decrypted int32: {0}", callResult.returnValue);
|
||||
Logger.v("Decrypted int32: {0}", callResult.returnValue);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -125,7 +125,7 @@ namespace de4dot.code.deobfuscators {
|
|||
|
||||
block.replace(callResult.callStartIndex, num, Instruction.Create(OpCodes.Ldc_I8, (long)callResult.returnValue));
|
||||
removeUnboxInstruction(block, callResult.callStartIndex + 1, "System.Int64");
|
||||
Log.v("Decrypted int64: {0}", callResult.returnValue);
|
||||
Logger.v("Decrypted int64: {0}", callResult.returnValue);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -138,7 +138,7 @@ namespace de4dot.code.deobfuscators {
|
|||
|
||||
block.replace(callResult.callStartIndex, num, Instruction.Create(OpCodes.Ldc_R4, (float)callResult.returnValue));
|
||||
removeUnboxInstruction(block, callResult.callStartIndex + 1, "System.Single");
|
||||
Log.v("Decrypted single: {0}", callResult.returnValue);
|
||||
Logger.v("Decrypted single: {0}", callResult.returnValue);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -151,7 +151,7 @@ namespace de4dot.code.deobfuscators {
|
|||
|
||||
block.replace(callResult.callStartIndex, num, Instruction.Create(OpCodes.Ldc_R8, (double)callResult.returnValue));
|
||||
removeUnboxInstruction(block, callResult.callStartIndex + 1, "System.Double");
|
||||
Log.v("Decrypted double: {0}", callResult.returnValue);
|
||||
Logger.v("Decrypted double: {0}", callResult.returnValue);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -102,7 +102,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v3 {
|
|||
return data;
|
||||
|
||||
if (shouldUnpack)
|
||||
Log.w("Could not unpack the file");
|
||||
Logger.w("Could not unpack the file");
|
||||
return null;
|
||||
}
|
||||
|
||||
|
|
|
@ -157,7 +157,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v3 {
|
|||
return patch2(peImage);
|
||||
}
|
||||
catch {
|
||||
Log.w("Could not patch the file");
|
||||
Logger.w("Could not patch the file");
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -312,7 +312,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v3 {
|
|||
public override void deobfuscateMethodEnd(Blocks blocks) {
|
||||
if (options.RemoveAntiStrongName) {
|
||||
if (antiStrongName.remove(blocks))
|
||||
Log.v("Removed Anti Strong Name code");
|
||||
Logger.v("Removed Anti Strong Name code");
|
||||
}
|
||||
base.deobfuscateMethodEnd(blocks);
|
||||
}
|
||||
|
|
|
@ -84,7 +84,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
|
|||
if (!encryptedResource.FoundResource)
|
||||
return;
|
||||
|
||||
Log.v("Adding boolean decrypter. Resource: {0}", Utils.toCsharpString(encryptedResource.Resource.Name));
|
||||
Logger.v("Adding boolean decrypter. Resource: {0}", Utils.toCsharpString(encryptedResource.Resource.Name));
|
||||
decryptedData = encryptedResource.decrypt();
|
||||
}
|
||||
|
||||
|
|
|
@ -549,7 +549,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
|
|||
if (!options.RemoveAntiStrongName)
|
||||
return;
|
||||
if (antiStrongname.remove(blocks))
|
||||
Log.v("Removed anti strong name code");
|
||||
Logger.v("Removed anti strong name code");
|
||||
}
|
||||
|
||||
TypeDef getDecrypterType() {
|
||||
|
@ -587,7 +587,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
|
|||
if (canRemoveDecrypterType)
|
||||
addTypeToBeRemoved(decrypterType, "Decrypter type");
|
||||
else
|
||||
Log.v("Could not remove decrypter type");
|
||||
Logger.v("Could not remove decrypter type");
|
||||
|
||||
base.deobfuscateEnd();
|
||||
}
|
||||
|
|
|
@ -198,7 +198,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
|
|||
|
||||
int methodIndex;
|
||||
if (!rvaToIndex.TryGetValue(rva, out methodIndex)) {
|
||||
Log.w("Could not find method having code RVA {0:X8}", rva);
|
||||
Logger.w("Could not find method having code RVA {0:X8}", rva);
|
||||
continue;
|
||||
}
|
||||
uint methodToken = 0x06000001 + (uint)methodIndex;
|
||||
|
@ -301,7 +301,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
|
|||
if (methodToNativeMethod.Count == 0)
|
||||
return;
|
||||
|
||||
Log.v("Encrypting native methods");
|
||||
Logger.v("Encrypting native methods");
|
||||
|
||||
var stream = new MemoryStream();
|
||||
var writer = new BinaryWriter(stream);
|
||||
|
@ -325,7 +325,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
|
|||
else
|
||||
codeRva += 4 * (uint)(codeWriter.ReadByteAtRva(codeRva + 1) >> 4);
|
||||
|
||||
Log.v("Native method {0:X8}, code RVA {1:X8}", method.MDToken.ToInt32(), codeRva);
|
||||
Logger.v("Native method {0:X8}, code RVA {1:X8}", method.MDToken.ToInt32(), codeRva);
|
||||
|
||||
writer.Write(codeRva);
|
||||
writer.Write(0x70000000 + index++);
|
||||
|
@ -334,7 +334,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
|
|||
}
|
||||
|
||||
if (index != 0)
|
||||
Log.n("Re-encrypted {0}/{1} native methods", index, totalEncryptedNativeMethods);
|
||||
Logger.n("Re-encrypted {0}/{1} native methods", index, totalEncryptedNativeMethods);
|
||||
|
||||
var encryptedData = stream.ToArray();
|
||||
xorEncrypt(encryptedData);
|
||||
|
|
|
@ -159,7 +159,7 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v4 {
|
|||
encryptedResource.init(simpleDeobfuscator);
|
||||
if (!encryptedResource.FoundResource)
|
||||
return;
|
||||
Log.v("Adding string decrypter. Resource: {0}", Utils.toCsharpString(encryptedResource.Resource.Name));
|
||||
Logger.v("Adding string decrypter. Resource: {0}", Utils.toCsharpString(encryptedResource.Resource.Name));
|
||||
decryptedData = encryptedResource.decrypt();
|
||||
}
|
||||
|
||||
|
|
|
@ -75,7 +75,7 @@ namespace de4dot.code.renamer {
|
|||
public void rename() {
|
||||
if (modules.Empty)
|
||||
return;
|
||||
Log.n("Renaming all obfuscated symbols");
|
||||
Logger.n("Renaming all obfuscated symbols");
|
||||
|
||||
modules.initialize();
|
||||
renameResourceKeys();
|
||||
|
@ -113,7 +113,7 @@ namespace de4dot.code.renamer {
|
|||
var overrideMethod = overrides[i].MethodDeclaration;
|
||||
if (method.MethodDef.Name != overrideMethod.Name)
|
||||
continue;
|
||||
Log.v("Removed useless override from method {0} ({1:X8}), override: {2:X8}",
|
||||
Logger.v("Removed useless override from method {0} ({1:X8}), override: {2:X8}",
|
||||
Utils.removeNewlines(method.MethodDef),
|
||||
method.MethodDef.MDToken.ToInt32(),
|
||||
overrideMethod.MDToken.ToInt32());
|
||||
|
@ -125,7 +125,7 @@ namespace de4dot.code.renamer {
|
|||
}
|
||||
|
||||
void renameTypeDefinitions() {
|
||||
Log.v("Renaming obfuscated type definitions");
|
||||
Logger.v("Renaming obfuscated type definitions");
|
||||
|
||||
foreach (var module in modules.TheModules) {
|
||||
if (module.ObfuscatedFile.RemoveNamespaceWithOneType)
|
||||
|
@ -164,43 +164,43 @@ namespace de4dot.code.renamer {
|
|||
if (list.Count != maxClasses)
|
||||
continue;
|
||||
var ns = list[0].TypeDef.Namespace;
|
||||
Log.v("Removing namespace: {0}", Utils.removeNewlines(ns));
|
||||
Logger.v("Removing namespace: {0}", Utils.removeNewlines(ns));
|
||||
foreach (var type in list)
|
||||
memberInfos.type(type).newNamespace = "";
|
||||
}
|
||||
}
|
||||
|
||||
void renameTypeDefinitions(IEnumerable<MTypeDef> typeDefs) {
|
||||
Log.indent();
|
||||
Logger.Instance.indent();
|
||||
foreach (var typeDef in typeDefs) {
|
||||
rename(typeDef);
|
||||
renameTypeDefinitions(typeDef.NestedTypes);
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void rename(MTypeDef type) {
|
||||
var typeDefinition = type.TypeDef;
|
||||
var info = memberInfos.type(type);
|
||||
|
||||
Log.v("Type: {0} ({1:X8})", Utils.removeNewlines(typeDefinition.FullName), typeDefinition.MDToken.ToUInt32());
|
||||
Log.indent();
|
||||
Logger.v("Type: {0} ({1:X8})", Utils.removeNewlines(typeDefinition.FullName), typeDefinition.MDToken.ToUInt32());
|
||||
Logger.Instance.indent();
|
||||
|
||||
renameGenericParams(type.GenericParams);
|
||||
|
||||
if (RenameTypes && info.gotNewName()) {
|
||||
var old = typeDefinition.Name;
|
||||
typeDefinition.Name = new UTF8String(info.newName);
|
||||
Log.v("Name: {0} => {1}", Utils.removeNewlines(old), Utils.removeNewlines(typeDefinition.Name));
|
||||
Logger.v("Name: {0} => {1}", Utils.removeNewlines(old), Utils.removeNewlines(typeDefinition.Name));
|
||||
}
|
||||
|
||||
if (RenameNamespaces && info.newNamespace != null) {
|
||||
var old = typeDefinition.Namespace;
|
||||
typeDefinition.Namespace = new UTF8String(info.newNamespace);
|
||||
Log.v("Namespace: {0} => {1}", Utils.removeNewlines(old), Utils.removeNewlines(typeDefinition.Namespace));
|
||||
Logger.v("Namespace: {0} => {1}", Utils.removeNewlines(old), Utils.removeNewlines(typeDefinition.Namespace));
|
||||
}
|
||||
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void renameGenericParams(IEnumerable<MGenericParamDef> genericParams) {
|
||||
|
@ -211,34 +211,34 @@ namespace de4dot.code.renamer {
|
|||
if (!info.gotNewName())
|
||||
continue;
|
||||
param.GenericParam.Name = new UTF8String(info.newName);
|
||||
Log.v("GenParam: {0} => {1}", Utils.removeNewlines(info.oldFullName), Utils.removeNewlines(param.GenericParam.FullName));
|
||||
Logger.v("GenParam: {0} => {1}", Utils.removeNewlines(info.oldFullName), Utils.removeNewlines(param.GenericParam.FullName));
|
||||
}
|
||||
}
|
||||
|
||||
void renameMemberDefinitions() {
|
||||
Log.v("Renaming member definitions #2");
|
||||
Logger.v("Renaming member definitions #2");
|
||||
|
||||
var allTypes = new List<MTypeDef>(modules.AllTypes);
|
||||
allTypes.Sort((a, b) => a.Index.CompareTo(b.Index));
|
||||
|
||||
Log.indent();
|
||||
Logger.Instance.indent();
|
||||
foreach (var typeDef in allTypes)
|
||||
renameMembers(typeDef);
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void renameMembers(MTypeDef type) {
|
||||
var info = memberInfos.type(type);
|
||||
|
||||
Log.v("Type: {0}", Utils.removeNewlines(info.type.TypeDef.FullName));
|
||||
Log.indent();
|
||||
Logger.v("Type: {0}", Utils.removeNewlines(info.type.TypeDef.FullName));
|
||||
Logger.Instance.indent();
|
||||
|
||||
renameFields(info);
|
||||
renameProperties(info);
|
||||
renameEvents(info);
|
||||
renameMethods(info);
|
||||
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
void renameFields(TypeInfo info) {
|
||||
|
@ -249,7 +249,7 @@ namespace de4dot.code.renamer {
|
|||
if (!fieldInfo.gotNewName())
|
||||
continue;
|
||||
fieldDef.FieldDef.Name = new UTF8String(fieldInfo.newName);
|
||||
Log.v("Field: {0} ({1:X8}) => {2}",
|
||||
Logger.v("Field: {0} ({1:X8}) => {2}",
|
||||
Utils.removeNewlines(fieldInfo.oldFullName),
|
||||
fieldDef.FieldDef.MDToken.ToUInt32(),
|
||||
Utils.removeNewlines(fieldDef.FieldDef.FullName));
|
||||
|
@ -264,7 +264,7 @@ namespace de4dot.code.renamer {
|
|||
if (!propInfo.gotNewName())
|
||||
continue;
|
||||
propDef.PropertyDef.Name = new UTF8String(propInfo.newName);
|
||||
Log.v("Property: {0} ({1:X8}) => {2}",
|
||||
Logger.v("Property: {0} ({1:X8}) => {2}",
|
||||
Utils.removeNewlines(propInfo.oldFullName),
|
||||
propDef.PropertyDef.MDToken.ToUInt32(),
|
||||
Utils.removeNewlines(propDef.PropertyDef.FullName));
|
||||
|
@ -279,7 +279,7 @@ namespace de4dot.code.renamer {
|
|||
if (!eventInfo.gotNewName())
|
||||
continue;
|
||||
eventDef.EventDef.Name = new UTF8String(eventInfo.newName);
|
||||
Log.v("Event: {0} ({1:X8}) => {2}",
|
||||
Logger.v("Event: {0} ({1:X8}) => {2}",
|
||||
Utils.removeNewlines(eventInfo.oldFullName),
|
||||
eventDef.EventDef.MDToken.ToUInt32(),
|
||||
Utils.removeNewlines(eventDef.EventDef.FullName));
|
||||
|
@ -291,14 +291,14 @@ namespace de4dot.code.renamer {
|
|||
return;
|
||||
foreach (var methodDef in info.type.AllMethodsSorted) {
|
||||
var methodInfo = memberInfos.method(methodDef);
|
||||
Log.v("Method {0} ({1:X8})", Utils.removeNewlines(methodInfo.oldFullName), methodDef.MethodDef.MDToken.ToUInt32());
|
||||
Log.indent();
|
||||
Logger.v("Method {0} ({1:X8})", Utils.removeNewlines(methodInfo.oldFullName), methodDef.MethodDef.MDToken.ToUInt32());
|
||||
Logger.Instance.indent();
|
||||
|
||||
renameGenericParams(methodDef.GenericParams);
|
||||
|
||||
if (RenameMethods && methodInfo.gotNewName()) {
|
||||
methodDef.MethodDef.Name = new UTF8String(methodInfo.newName);
|
||||
Log.v("Name: {0} => {1}", Utils.removeNewlines(methodInfo.oldFullName), Utils.removeNewlines(methodDef.MethodDef.FullName));
|
||||
Logger.v("Name: {0} => {1}", Utils.removeNewlines(methodInfo.oldFullName), Utils.removeNewlines(methodDef.MethodDef.FullName));
|
||||
}
|
||||
|
||||
if (RenameMethodArgs) {
|
||||
|
@ -309,22 +309,22 @@ namespace de4dot.code.renamer {
|
|||
param.ParameterDefinition.CreateParamDef();
|
||||
param.ParameterDefinition.Name = paramInfo.newName;
|
||||
if (param.IsReturnParameter)
|
||||
Log.v("RetParam: {0} => {1}", Utils.removeNewlines(paramInfo.oldName), Utils.removeNewlines(paramInfo.newName));
|
||||
Logger.v("RetParam: {0} => {1}", Utils.removeNewlines(paramInfo.oldName), Utils.removeNewlines(paramInfo.newName));
|
||||
else
|
||||
Log.v("Param ({0}/{1}): {2} => {3}", param.ParameterDefinition.MethodSigIndex + 1, methodDef.MethodDef.MethodSig.GetParamCount(), Utils.removeNewlines(paramInfo.oldName), Utils.removeNewlines(paramInfo.newName));
|
||||
Logger.v("Param ({0}/{1}): {2} => {3}", param.ParameterDefinition.MethodSigIndex + 1, methodDef.MethodDef.MethodSig.GetParamCount(), Utils.removeNewlines(paramInfo.oldName), Utils.removeNewlines(paramInfo.newName));
|
||||
}
|
||||
}
|
||||
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
}
|
||||
|
||||
void renameMemberReferences() {
|
||||
Log.v("Renaming references to other definitions");
|
||||
Logger.v("Renaming references to other definitions");
|
||||
foreach (var module in modules.TheModules) {
|
||||
if (modules.TheModules.Count > 1)
|
||||
Log.v("Renaming references to other definitions ({0})", module.Filename);
|
||||
Log.indent();
|
||||
Logger.v("Renaming references to other definitions ({0})", module.Filename);
|
||||
Logger.Instance.indent();
|
||||
foreach (var refToDef in module.MethodRefsToRename)
|
||||
refToDef.reference.Name = refToDef.definition.Name;
|
||||
foreach (var refToDef in module.FieldRefsToRename)
|
||||
|
@ -333,18 +333,18 @@ namespace de4dot.code.renamer {
|
|||
info.cattr.NamedArguments[info.index].Name = info.reference.Name;
|
||||
foreach (var info in module.CustomAttributePropertyReferences)
|
||||
info.cattr.NamedArguments[info.index].Name = info.reference.Name;
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
}
|
||||
|
||||
void renameResources() {
|
||||
Log.v("Renaming resources");
|
||||
Logger.v("Renaming resources");
|
||||
foreach (var module in modules.TheModules) {
|
||||
if (modules.TheModules.Count > 1)
|
||||
Log.v("Renaming resources ({0})", module.Filename);
|
||||
Log.indent();
|
||||
Logger.v("Renaming resources ({0})", module.Filename);
|
||||
Logger.Instance.indent();
|
||||
renameResources(module);
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -387,17 +387,17 @@ namespace de4dot.code.renamer {
|
|||
}
|
||||
|
||||
void renameTypeReferences() {
|
||||
Log.v("Renaming references to type definitions");
|
||||
Logger.v("Renaming references to type definitions");
|
||||
var theModules = modules.TheModules;
|
||||
foreach (var module in theModules) {
|
||||
if (theModules.Count > 1)
|
||||
Log.v("Renaming references to type definitions ({0})", module.Filename);
|
||||
Log.indent();
|
||||
Logger.v("Renaming references to type definitions ({0})", module.Filename);
|
||||
Logger.Instance.indent();
|
||||
foreach (var refToDef in module.TypeRefsToRename) {
|
||||
refToDef.reference.Name = refToDef.definition.Name;
|
||||
refToDef.reference.Namespace = refToDef.definition.Namespace;
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -581,7 +581,7 @@ namespace de4dot.code.renamer {
|
|||
return null;
|
||||
if (propDef.GetMethod != null)
|
||||
return null;
|
||||
Log.v("Restoring property getter {0} ({1:X8}), Property: {2} ({3:X8})",
|
||||
Logger.v("Restoring property getter {0} ({1:X8}), Property: {2} ({3:X8})",
|
||||
Utils.removeNewlines(propMethod),
|
||||
propMethod.MethodDef.MDToken.ToInt32(),
|
||||
Utils.removeNewlines(propDef.PropertyDef),
|
||||
|
@ -610,7 +610,7 @@ namespace de4dot.code.renamer {
|
|||
return null;
|
||||
if (propDef.SetMethod != null)
|
||||
return null;
|
||||
Log.v("Restoring property setter {0} ({1:X8}), Property: {2} ({3:X8})",
|
||||
Logger.v("Restoring property setter {0} ({1:X8}), Property: {2} ({3:X8})",
|
||||
Utils.removeNewlines(propMethod),
|
||||
propMethod.MethodDef.MDToken.ToInt32(),
|
||||
Utils.removeNewlines(propDef.PropertyDef),
|
||||
|
@ -636,7 +636,7 @@ namespace de4dot.code.renamer {
|
|||
|
||||
propDef = ownerType.create(newProp);
|
||||
memberInfos.add(propDef);
|
||||
Log.v("Restoring property: {0}", Utils.removeNewlines(newProp));
|
||||
Logger.v("Restoring property: {0}", Utils.removeNewlines(newProp));
|
||||
return propDef;
|
||||
}
|
||||
|
||||
|
@ -805,7 +805,7 @@ namespace de4dot.code.renamer {
|
|||
return null;
|
||||
if (eventDef.AddMethod != null)
|
||||
return null;
|
||||
Log.v("Restoring event adder {0} ({1:X8}), Event: {2} ({3:X8})",
|
||||
Logger.v("Restoring event adder {0} ({1:X8}), Event: {2} ({3:X8})",
|
||||
Utils.removeNewlines(eventMethod),
|
||||
eventMethod.MethodDef.MDToken.ToInt32(),
|
||||
Utils.removeNewlines(eventDef.EventDef),
|
||||
|
@ -831,7 +831,7 @@ namespace de4dot.code.renamer {
|
|||
return null;
|
||||
if (eventDef.RemoveMethod != null)
|
||||
return null;
|
||||
Log.v("Restoring event remover {0} ({1:X8}), Event: {2} ({3:X8})",
|
||||
Logger.v("Restoring event remover {0} ({1:X8}), Event: {2} ({3:X8})",
|
||||
Utils.removeNewlines(eventMethod),
|
||||
eventMethod.MethodDef.MDToken.ToInt32(),
|
||||
Utils.removeNewlines(eventDef.EventDef),
|
||||
|
@ -861,12 +861,12 @@ namespace de4dot.code.renamer {
|
|||
|
||||
eventDef = ownerType.create(newEvent);
|
||||
memberInfos.add(eventDef);
|
||||
Log.v("Restoring event: {0}", Utils.removeNewlines(newEvent));
|
||||
Logger.v("Restoring event: {0}", Utils.removeNewlines(newEvent));
|
||||
return eventDef;
|
||||
}
|
||||
|
||||
void prepareRenameMemberDefinitions(MethodNameGroups groups) {
|
||||
Log.v("Renaming member definitions #1");
|
||||
Logger.v("Renaming member definitions #1");
|
||||
|
||||
prepareRenameEntryPoints();
|
||||
|
||||
|
@ -1578,7 +1578,7 @@ namespace de4dot.code.renamer {
|
|||
continue;
|
||||
var methodDef = modules.resolveMethod(entryPoint);
|
||||
if (methodDef == null) {
|
||||
Log.w(string.Format("Could not find entry point. Module: {0}, Method: {1}", module.ModuleDefMD.Location, Utils.removeNewlines(entryPoint)));
|
||||
Logger.w(string.Format("Could not find entry point. Module: {0}, Method: {1}", module.ModuleDefMD.Location, Utils.removeNewlines(entryPoint)));
|
||||
continue;
|
||||
}
|
||||
if (!methodDef.isStatic())
|
||||
|
|
|
@ -43,23 +43,23 @@ namespace de4dot.code.renamer {
|
|||
}
|
||||
|
||||
public void rename() {
|
||||
Log.v("Renaming resource keys ({0})", module);
|
||||
Log.indent();
|
||||
Logger.v("Renaming resource keys ({0})", module);
|
||||
Logger.Instance.indent();
|
||||
foreach (var type in module.GetTypes()) {
|
||||
string resourceName = getResourceName(type);
|
||||
if (resourceName == null)
|
||||
continue;
|
||||
var resource = getResource(resourceName);
|
||||
if (resource == null) {
|
||||
Log.w("Could not find resource {0}", Utils.removeNewlines(resourceName));
|
||||
Logger.w("Could not find resource {0}", Utils.removeNewlines(resourceName));
|
||||
continue;
|
||||
}
|
||||
Log.v("Resource: {0}", Utils.toCsharpString(resource.Name));
|
||||
Log.indent();
|
||||
Logger.v("Resource: {0}", Utils.toCsharpString(resource.Name));
|
||||
Logger.Instance.indent();
|
||||
rename(type, resource);
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
|
||||
EmbeddedResource getResource(string resourceName) {
|
||||
|
@ -97,7 +97,7 @@ namespace de4dot.code.renamer {
|
|||
if (ctor.FullName != "System.Void System.Resources.ResourceManager::.ctor(System.String,System.Reflection.Assembly)")
|
||||
continue;
|
||||
if (resourceName == null) {
|
||||
Log.w("Could not find resource name");
|
||||
Logger.w("Could not find resource name");
|
||||
continue;
|
||||
}
|
||||
|
||||
|
@ -190,7 +190,7 @@ namespace de4dot.code.renamer {
|
|||
if (ldstrIndex >= 0)
|
||||
ldstr = instrs[ldstrIndex];
|
||||
if (ldstr == null || (name = ldstr.Operand as string) == null) {
|
||||
Log.w("Could not find string argument to method {0}", calledMethod);
|
||||
Logger.w("Could not find string argument to method {0}", calledMethod);
|
||||
continue;
|
||||
}
|
||||
|
||||
|
@ -199,7 +199,7 @@ namespace de4dot.code.renamer {
|
|||
continue; // should not be renamed
|
||||
|
||||
ldstr.Operand = info.newName;
|
||||
Log.v("Renamed resource key {0} => {1}", Utils.toCsharpString(info.element.Name), Utils.toCsharpString(info.newName));
|
||||
Logger.v("Renamed resource key {0} => {1}", Utils.toCsharpString(info.element.Name), Utils.toCsharpString(info.newName));
|
||||
info.element.Name = info.newName;
|
||||
info.foundInCode = true;
|
||||
}
|
||||
|
@ -207,7 +207,7 @@ namespace de4dot.code.renamer {
|
|||
|
||||
foreach (var info in renamed) {
|
||||
if (!info.foundInCode)
|
||||
Log.w("Could not find resource key {0} in code", Utils.removeNewlines(info.element.Name));
|
||||
Logger.w("Could not find resource key {0} in code", Utils.removeNewlines(info.element.Name));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -82,10 +82,10 @@ namespace de4dot.code.renamer {
|
|||
bool renameCodeString = module.ObfuscatedFile.RenameResourcesInCode ||
|
||||
isCallingResourceManagerCtor(instrs, i, typeInfo);
|
||||
if (!renameCodeString)
|
||||
Log.v("Possible resource name in code: '{0}' => '{1}' in method {2}", Utils.removeNewlines(codeString), newName, Utils.removeNewlines(method));
|
||||
Logger.v("Possible resource name in code: '{0}' => '{1}' in method {2}", Utils.removeNewlines(codeString), newName, Utils.removeNewlines(method));
|
||||
else {
|
||||
instr.Operand = newName;
|
||||
Log.v("Renamed resource string in code: '{0}' => '{1}' ({2})", Utils.removeNewlines(codeString), newName, Utils.removeNewlines(method));
|
||||
Logger.v("Renamed resource string in code: '{0}' => '{1}' ({2})", Utils.removeNewlines(codeString), newName, Utils.removeNewlines(method));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -155,7 +155,7 @@ namespace de4dot.code.renamer {
|
|||
var newName = newTypeName + resource.Name.String.Substring(oldFullName.Length);
|
||||
newNames[resource] = new RenameInfo(resource, info, newName);
|
||||
|
||||
Log.v("Renamed resource in resources: {0} => {1}", Utils.removeNewlines(resource.Name), newName);
|
||||
Logger.v("Renamed resource in resources: {0} => {1}", Utils.removeNewlines(resource.Name), newName);
|
||||
resource.Name = new UTF8String(newName);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -162,7 +162,7 @@ namespace de4dot.code.renamer.asmmodules {
|
|||
if (namedArg.IsField) {
|
||||
var fieldDef = findField(typeDef, namedArg.Name, namedArg.Type);
|
||||
if (fieldDef == null) {
|
||||
Log.w("Could not find field {0} in attribute {1} ({2:X8})",
|
||||
Logger.w("Could not find field {0} in attribute {1} ({2:X8})",
|
||||
Utils.toCsharpString(namedArg.Name),
|
||||
Utils.toCsharpString(typeDef.TypeDef.Name),
|
||||
typeDef.TypeDef.MDToken.ToInt32());
|
||||
|
@ -174,7 +174,7 @@ namespace de4dot.code.renamer.asmmodules {
|
|||
else {
|
||||
var propDef = findProperty(typeDef, namedArg.Name, namedArg.Type);
|
||||
if (propDef == null) {
|
||||
Log.w("Could not find property {0} in attribute {1} ({2:X8})",
|
||||
Logger.w("Could not find property {0} in attribute {1} ({2:X8})",
|
||||
Utils.toCsharpString(namedArg.Name),
|
||||
Utils.toCsharpString(typeDef.TypeDef.Name),
|
||||
typeDef.TypeDef.MDToken.ToInt32());
|
||||
|
|
|
@ -155,25 +155,25 @@ namespace de4dot.code.renamer.asmmodules {
|
|||
}
|
||||
|
||||
void findAllMemberReferences() {
|
||||
Log.v("Finding all MemberReferences");
|
||||
Logger.v("Finding all MemberReferences");
|
||||
int index = 0;
|
||||
foreach (var module in modules) {
|
||||
if (modules.Count > 1)
|
||||
Log.v("Finding all MemberReferences ({0})", module.Filename);
|
||||
Log.indent();
|
||||
Logger.v("Finding all MemberReferences ({0})", module.Filename);
|
||||
Logger.Instance.indent();
|
||||
module.findAllMemberReferences(ref index);
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
}
|
||||
|
||||
void resolveAllRefs() {
|
||||
Log.v("Resolving references");
|
||||
Logger.v("Resolving references");
|
||||
foreach (var module in modules) {
|
||||
if (modules.Count > 1)
|
||||
Log.v("Resolving references ({0})", module.Filename);
|
||||
Log.indent();
|
||||
Logger.v("Resolving references ({0})", module.Filename);
|
||||
Logger.Instance.indent();
|
||||
module.resolveAllRefs(this);
|
||||
Log.deIndent();
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -449,7 +449,7 @@ namespace de4dot.code.renamer.asmmodules {
|
|||
}
|
||||
if (isAutoCreatedType(typeRef))
|
||||
return null;
|
||||
Log.e("Could not resolve TypeReference {0} ({1:X8}) (from {2} -> {3})",
|
||||
Logger.e("Could not resolve TypeReference {0} ({1:X8}) (from {2} -> {3})",
|
||||
Utils.removeNewlines(typeRef),
|
||||
typeRef.MDToken.ToInt32(),
|
||||
typeRef.OwnerModule,
|
||||
|
@ -470,7 +470,7 @@ namespace de4dot.code.renamer.asmmodules {
|
|||
}
|
||||
if (isAutoCreatedType(methodRef.DeclaringType))
|
||||
return null;
|
||||
Log.e("Could not resolve MethodReference {0} ({1:X8}) (from {2} -> {3})",
|
||||
Logger.e("Could not resolve MethodReference {0} ({1:X8}) (from {2} -> {3})",
|
||||
Utils.removeNewlines(methodRef),
|
||||
methodRef.MDToken.ToInt32(),
|
||||
methodRef.DeclaringType.OwnerModule,
|
||||
|
@ -491,7 +491,7 @@ namespace de4dot.code.renamer.asmmodules {
|
|||
}
|
||||
if (isAutoCreatedType(fieldReference.DeclaringType))
|
||||
return null;
|
||||
Log.e("Could not resolve FieldReference {0} ({1:X8}) (from {2} -> {3})",
|
||||
Logger.e("Could not resolve FieldReference {0} ({1:X8}) (from {2} -> {3})",
|
||||
Utils.removeNewlines(fieldReference),
|
||||
fieldReference.MDToken.ToInt32(),
|
||||
fieldReference.DeclaringType.OwnerModule,
|
||||
|
|
|
@ -625,7 +625,7 @@ namespace de4dot.code.renamer.asmmodules {
|
|||
if (!TypeDef.IsImport &&
|
||||
!hasAttribute("System.Runtime.InteropServices.ComImportAttribute") &&
|
||||
!hasAttribute("System.Runtime.InteropServices.TypeLibTypeAttribute")) {
|
||||
Log.w("Could not find interface method {0} ({1:X8}). Type: {2} ({3:X8})",
|
||||
Logger.w("Could not find interface method {0} ({1:X8}). Type: {2} ({3:X8})",
|
||||
Utils.removeNewlines(pair.Key.methodDef.MethodDef),
|
||||
pair.Key.methodDef.MethodDef.MDToken.ToInt32(),
|
||||
Utils.removeNewlines(TypeDef),
|
||||
|
|
|
@ -20,6 +20,7 @@
|
|||
using System;
|
||||
using System.IO;
|
||||
using System.Collections.Generic;
|
||||
using dot10.DotNet;
|
||||
using de4dot.code;
|
||||
using de4dot.code.deobfuscators;
|
||||
using de4dot.code.AssemblyClient;
|
||||
|
@ -144,10 +145,10 @@ namespace de4dot.cui {
|
|||
filesOptions.OneFileAtATime = true;
|
||||
}));
|
||||
miscOptions.Add(new NoArgOption("v", null, "Verbose", () => {
|
||||
Log.logLevel = Log.LogLevel.verbose;
|
||||
Logger.Instance.MaxLoggerEvent = LoggerEvent.Verbose;
|
||||
}));
|
||||
miscOptions.Add(new NoArgOption("vv", null, "Very verbose", () => {
|
||||
Log.logLevel = Log.LogLevel.veryverbose;
|
||||
Logger.Instance.MaxLoggerEvent = LoggerEvent.VeryVerbose;
|
||||
}));
|
||||
miscOptions.Add(new NoArgOption("h", "help", "Show this help message", () => {
|
||||
usage();
|
||||
|
@ -275,7 +276,7 @@ namespace de4dot.cui {
|
|||
|
||||
void exitError(string msg) {
|
||||
usage();
|
||||
Log.e("\n\nERROR: {0}\n", msg);
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Error, "\n\nERROR: {0}\n", msg);
|
||||
exit(2);
|
||||
}
|
||||
|
||||
|
@ -285,35 +286,35 @@ namespace de4dot.cui {
|
|||
|
||||
void usage() {
|
||||
string progName = getProgramBaseName();
|
||||
Log.n("Some of the advanced options may be incompatible, causing a nice exception.");
|
||||
Log.n("With great power comes great responsibility.");
|
||||
Log.n("");
|
||||
Log.n("{0} <options> <file options>", progName);
|
||||
Log.n("Options:");
|
||||
Logger.n("Some of the advanced options may be incompatible, causing a nice exception.");
|
||||
Logger.n("With great power comes great responsibility.");
|
||||
Logger.n("");
|
||||
Logger.n("{0} <options> <file options>", progName);
|
||||
Logger.n("Options:");
|
||||
foreach (var option in miscOptions)
|
||||
printOption(option);
|
||||
Log.n("");
|
||||
Log.n("File options:");
|
||||
Logger.n("");
|
||||
Logger.n("File options:");
|
||||
foreach (var option in fileOptions)
|
||||
printOption(option);
|
||||
Log.n("");
|
||||
Log.n("Deobfuscator options:");
|
||||
Logger.n("");
|
||||
Logger.n("Deobfuscator options:");
|
||||
foreach (var info in deobfuscatorInfos) {
|
||||
Log.n("Type {0} ({1})", info.Type, info.Name);
|
||||
Logger.n("Type {0} ({1})", info.Type, info.Name);
|
||||
foreach (var option in info.getOptions())
|
||||
printOption(option);
|
||||
Log.n("");
|
||||
Logger.n("");
|
||||
}
|
||||
printInfos("String decrypter types", stringDecrypterTypes);
|
||||
Log.n("");
|
||||
Log.n("Multiple regexes can be used if separated by '{0}'.", NameRegexes.regexSeparatorChar);
|
||||
Log.n("Use '{0}' if you want to invert the regex. Example: {0}^[a-z\\d]{{1,2}}${1}{0}^[A-Z]_\\d+${1}^[\\w.]+$", NameRegex.invertChar, NameRegexes.regexSeparatorChar);
|
||||
Log.n("");
|
||||
Log.n("Examples:");
|
||||
Log.n("{0} -r c:\\my\\files -ro c:\\my\\output", progName);
|
||||
Log.n("{0} file1 file2 file3", progName);
|
||||
Log.n("{0} file1 -f file2 -o file2.out -f file3 -o file3.out", progName);
|
||||
Log.n("{0} file1 --strtyp delegate --strtok 06000123", progName);
|
||||
Logger.n("");
|
||||
Logger.n("Multiple regexes can be used if separated by '{0}'.", NameRegexes.regexSeparatorChar);
|
||||
Logger.n("Use '{0}' if you want to invert the regex. Example: {0}^[a-z\\d]{{1,2}}${1}{0}^[A-Z]_\\d+${1}^[\\w.]+$", NameRegex.invertChar, NameRegexes.regexSeparatorChar);
|
||||
Logger.n("");
|
||||
Logger.n("Examples:");
|
||||
Logger.n("{0} -r c:\\my\\files -ro c:\\my\\output", progName);
|
||||
Logger.n("{0} file1 file2 file3", progName);
|
||||
Logger.n("{0} file1 -f file2 -o file2.out -f file3 -o file3.out", progName);
|
||||
Logger.n("{0} file1 --strtyp delegate --strtok 06000123", progName);
|
||||
}
|
||||
|
||||
string getProgramBaseName() {
|
||||
|
@ -321,7 +322,7 @@ namespace de4dot.cui {
|
|||
}
|
||||
|
||||
void printInfos(string desc, Infos infos) {
|
||||
Log.n("{0}", desc);
|
||||
Logger.n("{0}", desc);
|
||||
foreach (var info in infos.getInfos())
|
||||
printOptionAndExplanation(info.name, info.desc);
|
||||
}
|
||||
|
@ -342,11 +343,11 @@ namespace de4dot.cui {
|
|||
const string prefix = " ";
|
||||
string left = string.Format(string.Format("{{0,-{0}}}", maxCols), option);
|
||||
if (option.Length > maxCols) {
|
||||
Log.n("{0}{1}", prefix, left);
|
||||
Log.n("{0}{1} {2}", prefix, new string(' ', maxCols), explanation);
|
||||
Logger.n("{0}{1}", prefix, left);
|
||||
Logger.n("{0}{1} {2}", prefix, new string(' ', maxCols), explanation);
|
||||
}
|
||||
else
|
||||
Log.n("{0}{1} {2}", prefix, left, explanation);
|
||||
Logger.n("{0}{1} {2}", prefix, left, explanation);
|
||||
}
|
||||
|
||||
string getOptionAndArgName(Option option, string optionName) {
|
||||
|
|
|
@ -91,7 +91,7 @@ namespace de4dot.cui {
|
|||
|
||||
void deobfuscateOneAtATime() {
|
||||
foreach (var file in loadAllFiles()) {
|
||||
int oldIndentLevel = Log.indentLevel;
|
||||
int oldIndentLevel = Logger.Instance.IndentLevel;
|
||||
try {
|
||||
file.deobfuscateBegin();
|
||||
file.deobfuscate();
|
||||
|
@ -104,12 +104,12 @@ namespace de4dot.cui {
|
|||
deobfuscatorContext.clear();
|
||||
}
|
||||
catch (Exception ex) {
|
||||
Log.w("Could not deobfuscate {0}. Use -v to see stack trace", file.Filename);
|
||||
Program.printStackTrace(ex, Log.LogLevel.verbose);
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Warning, "Could not deobfuscate {0}. Use -v to see stack trace", file.Filename);
|
||||
Program.printStackTrace(ex, LoggerEvent.Verbose);
|
||||
}
|
||||
finally {
|
||||
file.deobfuscateCleanUp();
|
||||
Log.indentLevel = oldIndentLevel;
|
||||
Logger.Instance.IndentLevel = oldIndentLevel;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -182,12 +182,12 @@ namespace de4dot.cui {
|
|||
bool add(IObfuscatedFile file, bool skipUnknownObfuscator, bool isFromPossibleFiles) {
|
||||
var key = Utils.getFullPath(file.Filename);
|
||||
if (allFiles.ContainsKey(key)) {
|
||||
Log.w("Ingoring duplicate file: {0}", file.Filename);
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Warning, "Ingoring duplicate file: {0}", file.Filename);
|
||||
return false;
|
||||
}
|
||||
allFiles[key] = true;
|
||||
|
||||
int oldIndentLevel = Log.indentLevel;
|
||||
int oldIndentLevel = Logger.Instance.IndentLevel;
|
||||
try {
|
||||
file.DeobfuscatorContext = options.DeobfuscatorContext;
|
||||
file.load(options.CreateDeobfuscators());
|
||||
|
@ -197,28 +197,28 @@ namespace de4dot.cui {
|
|||
}
|
||||
catch (BadImageFormatException) {
|
||||
if (isFromPossibleFiles)
|
||||
Log.w("The file isn't a .NET PE file: {0}", file.Filename);
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Warning, "The file isn't a .NET PE file: {0}", file.Filename);
|
||||
return false; // Not a .NET file
|
||||
}
|
||||
catch (EndOfStreamException) {
|
||||
return false;
|
||||
}
|
||||
catch (Exception ex) {
|
||||
Log.w("Could not load file ({0}): {1}", ex.GetType(), file.Filename);
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Warning, "Could not load file ({0}): {1}", ex.GetType(), file.Filename);
|
||||
return false;
|
||||
}
|
||||
finally {
|
||||
Log.indentLevel = oldIndentLevel;
|
||||
Logger.Instance.IndentLevel = oldIndentLevel;
|
||||
}
|
||||
|
||||
var deob = file.Deobfuscator;
|
||||
if (skipUnknownObfuscator && deob.Type == "un") {
|
||||
Log.v("Skipping unknown obfuscator: {0}", file.Filename);
|
||||
Logger.v("Skipping unknown obfuscator: {0}", file.Filename);
|
||||
removeModule(file.ModuleDefMD);
|
||||
return false;
|
||||
}
|
||||
else {
|
||||
Log.n("Detected {0} ({1})", deob.Name, file.Filename);
|
||||
Logger.n("Detected {0} ({1})", deob.Name, file.Filename);
|
||||
if (options.CreateDestinationDir)
|
||||
createDirectories(Path.GetDirectoryName(file.NewFilename));
|
||||
return true;
|
||||
|
|
|
@ -20,6 +20,7 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Text;
|
||||
using dot10.DotNet;
|
||||
using de4dot.code;
|
||||
using de4dot.code.deobfuscators;
|
||||
|
||||
|
@ -67,14 +68,17 @@ namespace de4dot.cui {
|
|||
public static int main(string[] args) {
|
||||
int exitCode = 0;
|
||||
|
||||
const string showAllMessagesEnvName = "SHOWALLMESSAGES";
|
||||
try {
|
||||
if (Console.OutputEncoding.IsSingleByte)
|
||||
Console.OutputEncoding = new UTF8Encoding(false);
|
||||
|
||||
Log.n("");
|
||||
Log.n("de4dot v{0} Copyright (C) 2011-2012 de4dot@gmail.com", System.Reflection.Assembly.GetExecutingAssembly().GetName().Version);
|
||||
Log.n("Latest version and source code: https://github.com/0xd4d/de4dot");
|
||||
Log.n("");
|
||||
Logger.Instance.CanIgnoreMessages = !hasEnv(showAllMessagesEnvName);
|
||||
|
||||
Logger.n("");
|
||||
Logger.n("de4dot v{0} Copyright (C) 2011-2012 de4dot@gmail.com", System.Reflection.Assembly.GetExecutingAssembly().GetName().Version);
|
||||
Logger.n("Latest version and source code: https://github.com/0xd4d/de4dot");
|
||||
Logger.n("");
|
||||
|
||||
var options = new FilesDeobfuscator.Options();
|
||||
parseCommandLine(args, options);
|
||||
|
@ -84,26 +88,31 @@ namespace de4dot.cui {
|
|||
exitCode = ex.code;
|
||||
}
|
||||
catch (UserException ex) {
|
||||
Log.e("ERROR: {0}", ex.Message);
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Error, "ERROR: {0}", ex.Message);
|
||||
exitCode = 1;
|
||||
}
|
||||
catch (Exception ex) {
|
||||
if (printFullStackTrace()) {
|
||||
printStackTrace(ex);
|
||||
Log.e("\nTry the latest version before reporting this problem!");
|
||||
Log.e("Send bug reports to de4dot@gmail.com or go to https://github.com/0xd4d/de4dot/issues");
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Error, "\nTry the latest version before reporting this problem!");
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Error, "Send bug reports to de4dot@gmail.com or go to https://github.com/0xd4d/de4dot/issues");
|
||||
}
|
||||
else {
|
||||
Log.e("\n\n");
|
||||
Log.e("Hmmmm... something didn't work. Try the latest version.");
|
||||
Log.e(" EX: {0} : message: {1}", ex.GetType(), ex.Message);
|
||||
Log.e("If it's a supported obfuscator, it could be a bug or a new obfuscator version.");
|
||||
Log.e("If it's an unsupported obfuscator, make sure the methods are decrypted!");
|
||||
Log.e("Send bug reports to de4dot@gmail.com or go to https://github.com/0xd4d/de4dot/issues");
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Error, "\n\n");
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Error, "Hmmmm... something didn't work. Try the latest version.");
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Error, " EX: {0} : message: {1}", ex.GetType(), ex.Message);
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Error, "If it's a supported obfuscator, it could be a bug or a new obfuscator version.");
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Error, "If it's an unsupported obfuscator, make sure the methods are decrypted!");
|
||||
Logger.Instance.Log(false, null, LoggerEvent.Error, "Send bug reports to de4dot@gmail.com or go to https://github.com/0xd4d/de4dot/issues");
|
||||
}
|
||||
exitCode = 1;
|
||||
}
|
||||
|
||||
if (Logger.Instance.NumIgnoredMessages > 0) {
|
||||
Logger.n("Ignored {0} warnings/errors", Logger.Instance.NumIgnoredMessages);
|
||||
Logger.n("Set environment variable {0}=1 to see all messages", showAllMessagesEnvName);
|
||||
}
|
||||
|
||||
if (isN00bUser()) {
|
||||
Console.Error.WriteLine("\n\nPress any key to exit...\n");
|
||||
try {
|
||||
|
@ -117,7 +126,7 @@ namespace de4dot.cui {
|
|||
}
|
||||
|
||||
static bool printFullStackTrace() {
|
||||
if (Log.isAtLeast(Log.LogLevel.verbose))
|
||||
if (!Logger.Instance.IgnoresEvent(LoggerEvent.Verbose))
|
||||
return true;
|
||||
if (hasEnv("STACKTRACE"))
|
||||
return true;
|
||||
|
@ -143,31 +152,31 @@ namespace de4dot.cui {
|
|||
}
|
||||
|
||||
public static void printStackTrace(Exception ex) {
|
||||
printStackTrace(ex, Log.LogLevel.error);
|
||||
printStackTrace(ex, LoggerEvent.Error);
|
||||
}
|
||||
|
||||
public static void printStackTrace(Exception ex, Log.LogLevel logLevel) {
|
||||
public static void printStackTrace(Exception ex, LoggerEvent loggerEvent) {
|
||||
var line = new string('-', 78);
|
||||
Log.log(logLevel, "\n\n");
|
||||
Log.log(logLevel, line);
|
||||
Log.log(logLevel, "Stack trace:\n{0}", ex.StackTrace);
|
||||
Log.log(logLevel, "\n\nERROR: Caught an exception:\n");
|
||||
Log.log(logLevel, line);
|
||||
Log.log(logLevel, "Message:");
|
||||
Log.log(logLevel, " {0}", ex.Message);
|
||||
Log.log(logLevel, "Type:");
|
||||
Log.log(logLevel, " {0}", ex.GetType());
|
||||
Log.log(logLevel, line);
|
||||
Logger.Instance.Log(false, null, loggerEvent, "\n\n");
|
||||
Logger.Instance.Log(false, null, loggerEvent, line);
|
||||
Logger.Instance.Log(false, null, loggerEvent, "Stack trace:\n{0}", ex.StackTrace);
|
||||
Logger.Instance.Log(false, null, loggerEvent, "\n\nERROR: Caught an exception:\n");
|
||||
Logger.Instance.Log(false, null, loggerEvent, line);
|
||||
Logger.Instance.Log(false, null, loggerEvent, "Message:");
|
||||
Logger.Instance.Log(false, null, loggerEvent, " {0}", ex.Message);
|
||||
Logger.Instance.Log(false, null, loggerEvent, "Type:");
|
||||
Logger.Instance.Log(false, null, loggerEvent, " {0}", ex.GetType());
|
||||
Logger.Instance.Log(false, null, loggerEvent, line);
|
||||
}
|
||||
|
||||
static void parseCommandLine(string[] args, FilesDeobfuscator.Options options) {
|
||||
new CommandLineParser(deobfuscatorInfos, options).parse(args);
|
||||
|
||||
Log.vv("Args:");
|
||||
Log.indent();
|
||||
Logger.vv("Args:");
|
||||
Logger.Instance.indent();
|
||||
foreach (var arg in args)
|
||||
Log.vv("{0}", Utils.toCsharpString(arg));
|
||||
Log.deIndent();
|
||||
Logger.vv("{0}", Utils.toCsharpString(arg));
|
||||
Logger.Instance.deIndent();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
2
dot10
2
dot10
|
@ -1 +1 @@
|
|||
Subproject commit b7407502ce4ed0ca05e445d12b5b003d95de2e03
|
||||
Subproject commit ea0f778fdbfc57fc95f328c60d6406b2f1995b77
|
Loading…
Reference in New Issue
Block a user