diff --git a/de4dot.code/AssemblyModule.cs b/de4dot.code/AssemblyModule.cs
index 29b8dd99..c241433a 100644
--- a/de4dot.code/AssemblyModule.cs
+++ b/de4dot.code/AssemblyModule.cs
@@ -60,10 +60,16 @@ namespace de4dot.code {
module.Write(newFilename, writerOptions);
}
- public ModuleDefMD reload(byte[] newModuleData, DumpedMethods dumpedMethods) {
+ public ModuleDefMD reload(byte[] newModuleData, DumpedMethodsRestorer dumpedMethodsRestorer, IStringDecrypter stringDecrypter) {
TheAssemblyResolver.Instance.removeModule(module);
- //TODO: Use dumped methods
- return setModule(ModuleDefMD.Load(newModuleData, moduleContext));
+ var mod = ModuleDefMD.Load(newModuleData, moduleContext);
+ if (dumpedMethodsRestorer != null)
+ dumpedMethodsRestorer.Module = mod;
+ mod.StringDecrypter = stringDecrypter;
+ mod.MethodDecrypter = dumpedMethodsRestorer;
+ mod.TablesStream.ColumnReader = dumpedMethodsRestorer;
+ mod.TablesStream.MethodRowReader = dumpedMethodsRestorer;
+ return setModule(mod);
}
public override string ToString() {
diff --git a/de4dot.code/DumpedMethodsRestorer.cs b/de4dot.code/DumpedMethodsRestorer.cs
new file mode 100644
index 00000000..5932e405
--- /dev/null
+++ b/de4dot.code/DumpedMethodsRestorer.cs
@@ -0,0 +1,71 @@
+/*
+ Copyright (C) 2011-2012 de4dot@gmail.com
+
+ This file is part of de4dot.
+
+ de4dot is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ de4dot is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with de4dot. If not, see .
+*/
+
+using System.Collections.Generic;
+using dot10.PE;
+using dot10.DotNet.MD;
+using dot10.DotNet.Emit;
+using dot10.DotNet;
+using de4dot.blocks;
+
+namespace de4dot.code {
+ class DumpedMethodsRestorer : IRowReader, IColumnReader, IMethodDecrypter {
+ ModuleDefMD module;
+ DumpedMethods dumpedMethods;
+
+ public ModuleDefMD Module {
+ set { module = value; }
+ }
+
+ public DumpedMethodsRestorer(DumpedMethods dumpedMethods) {
+ this.dumpedMethods = dumpedMethods;
+ }
+
+ public virtual RawMethodRow ReadRow(uint rid) {
+ var dm = dumpedMethods.get(rid);
+ if (dm == null)
+ return null;
+ return new RawMethodRow(dm.mdRVA, dm.mdImplFlags, dm.mdFlags, dm.mdName, dm.mdSignature, dm.mdParamList);
+ }
+
+ public bool ReadColumn(MDTable table, uint rid, ColumnInfo column, out uint value) {
+ if (table.Table == Table.Method) {
+ var row = ReadRow(rid);
+ if (row != null) {
+ value = row.Read(column.Index);
+ return true;
+ }
+ }
+
+ value = 0;
+ return false;
+ }
+
+ public bool HasMethodBody(uint rid) {
+ return dumpedMethods.get(rid) != null;
+ }
+
+ public MethodBody GetMethodBody(uint rid, RVA rva, IList parameters) {
+ var dm = dumpedMethods.get(rid);
+ if (dm == null)
+ return null;
+ return MethodBodyReader.Create(module, dm.code, dm.extraSections, parameters);
+ }
+ }
+}
diff --git a/de4dot.code/ObfuscatedFile.cs b/de4dot.code/ObfuscatedFile.cs
index cd2a4f95..0e494a63 100644
--- a/de4dot.code/ObfuscatedFile.cs
+++ b/de4dot.code/ObfuscatedFile.cs
@@ -372,13 +372,19 @@ namespace de4dot.code {
void reloadModule(byte[] newModuleData, DumpedMethods dumpedMethods) {
Log.v("Reloading decrypted assembly (original filename: {0})", Filename);
simpleDeobfuscatorFlags.Clear();
- module = assemblyModule.reload(newModuleData, dumpedMethods);
+ module = assemblyModule.reload(newModuleData, createDumpedMethodsRestorer(dumpedMethods), deob as IStringDecrypter);
deob = deob.moduleReloaded(module);
initializeDeobfuscator();
deob.DeobfuscatedFile = this;
updateDynamicStringInliner();
}
+ DumpedMethodsRestorer createDumpedMethodsRestorer(DumpedMethods dumpedMethods) {
+ if (dumpedMethods == null || dumpedMethods.Count == 0)
+ return null;
+ return new DumpedMethodsRestorer(dumpedMethods);
+ }
+
void initAssemblyClient() {
if (assemblyClient == null)
return;
diff --git a/de4dot.code/de4dot.code.csproj b/de4dot.code/de4dot.code.csproj
index 18821323..ba134565 100644
--- a/de4dot.code/de4dot.code.csproj
+++ b/de4dot.code/de4dot.code.csproj
@@ -266,6 +266,7 @@
+
diff --git a/dot10 b/dot10
index 37baf8da..467c01e8 160000
--- a/dot10
+++ b/dot10
@@ -1 +1 @@
-Subproject commit 37baf8dadc492180aa050f726ab1a9557ffe44e1
+Subproject commit 467c01e824587bb5c09608c58adac718c465a356