monocul.us/de4dot-cex
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move console code to new de4dot.cui assembly

Browse Source
This commit is contained in:
de4dot 2011-12-09 09:02:06 +01:00
parent 65bf7a67a7
commit e7ea01f87d
135 changed files with 424 additions and 261 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
de4dot-x64/Program.cs
View File

@ -20,7 +20,7 @@
namespace de4dot_x64 {
class Program {
static int Main(string[] args) {
return de4dot.Program.main(de4dot.StartUpArch.x64, args);
return de4dot.cui.Program.main(args);
}
}
}

6
de4dot-x64/de4dot-x64.csproj
View File

@ -46,9 +46,9 @@
<None Include="App.config" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\de4dot.code\de4dot.code.csproj">
<Project>{4D10B9EB-3BF1-4D61-A389-CB019E8C9622}</Project>
<Name>d4d.code</Name>
<ProjectReference Include="..\de4dot.cui\de4dot.cui.csproj">
<Project>{879E4A7E-C320-42D2-8275-4F1E44CE64AA}</Project>
<Name>de4dot.cui</Name>
</ProjectReference>
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />

2
de4dot.code/AssemblyClient/AssemblyClient.cs
View File

@ -23,7 +23,7 @@ using System.Runtime.Serialization;
using System.Threading;
using AssemblyData;
namespace de4dot.AssemblyClient {
namespace de4dot.code.AssemblyClient {
sealed class AssemblyClient : IAssemblyClient {
const int WAIT_TIME_BEFORE_CONNECTING = 1000;
const int MAX_CONNECT_WAIT_TIME_MS = 2000;

10
de4dot.code/AssemblyClient/AssemblyClientFactory.cs
View File

@ -17,24 +17,24 @@
along with de4dot. If not, see <http://www.gnu.org/licenses/>.
*/
namespace de4dot.AssemblyClient {
interface IAssemblyClientFactory {
namespace de4dot.code.AssemblyClient {
public interface IAssemblyClientFactory {
IAssemblyClient create();
}
class SameAppDomainAssemblyClientFactory : IAssemblyClientFactory {
public class SameAppDomainAssemblyClientFactory : IAssemblyClientFactory {
public IAssemblyClient create() {
return new AssemblyClient(new SameAppDomainAssemblyServerLoader());
}
}
class NewAppDomainAssemblyClientFactory : IAssemblyClientFactory {
public class NewAppDomainAssemblyClientFactory : IAssemblyClientFactory {
public IAssemblyClient create() {
return new AssemblyClient(new NewAppDomainAssemblyServerLoader());
}
}
class NewProcessAssemblyClientFactory : IAssemblyClientFactory {
public class NewProcessAssemblyClientFactory : IAssemblyClientFactory {
public IAssemblyClient create() {
return new AssemblyClient(new NewProcessAssemblyServerLoader());
}

4
de4dot.code/AssemblyClient/IAssemblyClient.cs
View File

@ -20,8 +20,8 @@
using System;
using AssemblyData;
namespace de4dot.AssemblyClient {
interface IAssemblyClient : IDisposable {
namespace de4dot.code.AssemblyClient {
public interface IAssemblyClient : IDisposable {
IAssemblyService Service { get; }
void connect();
void waitConnected();

2
de4dot.code/AssemblyClient/IAssemblyServerLoader.cs
View File

@ -20,7 +20,7 @@
using System;
using AssemblyData;
namespace de4dot.AssemblyClient {
namespace de4dot.code.AssemblyClient {
interface IAssemblyServerLoader : IDisposable {
void loadServer();
IAssemblyService createService();

8
de4dot.code/AssemblyClient/IpcAssemblyServerLoader.cs
View File

@ -20,7 +20,7 @@
using System;
using AssemblyData;
namespace de4dot.AssemblyClient {
namespace de4dot.code.AssemblyClient {
abstract class IpcAssemblyServerLoader : IAssemblyServerLoader {
const string ASSEMBLY_SERVER_FILENAME_X86 = "AssemblyServer.exe";
const string ASSEMBLY_SERVER_FILENAME_X64 = "AssemblyServer-x64.exe";
@ -30,12 +30,16 @@ namespace de4dot.AssemblyClient {
string url;
protected IpcAssemblyServerLoader() {
assemblyServerFilename = Utils.getArchString(ASSEMBLY_SERVER_FILENAME_X86, ASSEMBLY_SERVER_FILENAME_X64);
assemblyServerFilename = getServerName();
ipcName = Utils.randomName(15, 20);
ipcUri = Utils.randomName(15, 20);
url = string.Format("ipc://{0}/{1}", ipcName, ipcUri);
}
static string getServerName() {
return IntPtr.Size == 4 ? ASSEMBLY_SERVER_FILENAME_X86 : ASSEMBLY_SERVER_FILENAME_X64;
}
public void loadServer() {
loadServer(Utils.getPathOfOurFile(assemblyServerFilename));
}

2
de4dot.code/AssemblyClient/NewAppDomainAssemblyServerLoader.cs
View File

@ -20,7 +20,7 @@
using System;
using System.Threading;
namespace de4dot.AssemblyClient {
namespace de4dot.code.AssemblyClient {
// Starts the server in a new app domain.
sealed class NewAppDomainAssemblyServerLoader : IpcAssemblyServerLoader {
AppDomain appDomain;

2
de4dot.code/AssemblyClient/NewProcessAssemblyServerLoader.cs
View File

@ -20,7 +20,7 @@
using System;
using System.Diagnostics;
namespace de4dot.AssemblyClient {
namespace de4dot.code.AssemblyClient {
// Starts the server in a new process
class NewProcessAssemblyServerLoader : IpcAssemblyServerLoader {
Process process;

2
de4dot.code/AssemblyClient/SameAppDomainAssemblyServerLoader.cs
View File

@ -20,7 +20,7 @@
using System;
using AssemblyData;
namespace de4dot.AssemblyClient {
namespace de4dot.code.AssemblyClient {
// Starts the server in the current app domain.
class SameAppDomainAssemblyServerLoader : IAssemblyServerLoader {
IAssemblyService service;

2
de4dot.code/AssemblyModule.cs
View File

@ -24,7 +24,7 @@ using Mono.Cecil;
using Mono.MyStuff;
using de4dot.blocks;
namespace de4dot {
namespace de4dot.code {
class AssemblyModule {
string filename;
ModuleDefinition module;

4
de4dot.code/AssemblyResolver.cs
View File

@ -23,8 +23,8 @@ using System.IO;
using System.Text.RegularExpressions;
using Mono.Cecil;
namespace de4dot {
class AssemblyResolver : DefaultAssemblyResolver {
namespace de4dot.code {
public class AssemblyResolver : DefaultAssemblyResolver {
public static readonly AssemblyResolver Instance = new AssemblyResolver();
Dictionary<string, bool> addedAssemblies = new Dictionary<string, bool>(StringComparer.Ordinal);
Dictionary<string, bool> addedDirectories = new Dictionary<string, bool>(StringComparer.OrdinalIgnoreCase);

8
de4dot.code/IObfuscatedFile.cs
View File

@ -18,12 +18,12 @@
*/
using System.Collections.Generic;
using de4dot.deobfuscators;
using de4dot.code.deobfuscators;
using Mono.Cecil;
using de4dot.renamer;
using de4dot.code.renamer;
namespace de4dot {
interface IObfuscatedFile {
namespace de4dot.code {
public interface IObfuscatedFile {
ModuleDefinition ModuleDefinition { get; }
IDeobfuscator Deobfuscator { get; }
string Filename { get; }

4
de4dot.code/Log.cs
View File

@ -20,8 +20,8 @@
using System;
using System.Collections.Generic;
namespace de4dot {
static class Log {
namespace de4dot.code {
public static class Log {
public static int indentLevel = 0;
const int indentSize = 2;

2
de4dot.code/MethodReturnValueInliner.cs
View File

@ -23,7 +23,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot {
namespace de4dot.code {
// A simple class that statically detects the values of some local variables
class VariableValues {
IList<Block> allBlocks;

6
de4dot.code/NameRegexes.cs
View File

@ -20,8 +20,8 @@
using System.Collections.Generic;
using System.Text.RegularExpressions;
namespace de4dot {
class NameRegex {
namespace de4dot.code {
public class NameRegex {
Regex regex;
public const char invertChar = '!';
@ -50,7 +50,7 @@ namespace de4dot {
}
}
class NameRegexes {
public class NameRegexes {
IList<NameRegex> regexes;
public bool DefaultValue { get; set; }
public const char regexSeparatorChar = '&';

12
de4dot.code/ObfuscatedFile.cs
View File

@ -25,15 +25,15 @@ using System.Text;
using Mono.Cecil;
using Mono.Cecil.Cil;
using Mono.MyStuff;
using de4dot.deobfuscators;
using de4dot.code.deobfuscators;
using de4dot.blocks;
using de4dot.blocks.cflow;
using de4dot.AssemblyClient;
using de4dot.renamer;
using de4dot.PE;
using de4dot.code.AssemblyClient;
using de4dot.code.renamer;
using de4dot.code.PE;
namespace de4dot {
class ObfuscatedFile : IObfuscatedFile, IDeobfuscatedFile {
namespace de4dot.code {
public class ObfuscatedFile : IObfuscatedFile, IDeobfuscatedFile {
Options options;
ModuleDefinition module;
IList<MethodDefinition> allMethods;

18
de4dot.code/Option.cs
View File

@ -21,8 +21,8 @@ using System;
using System.Collections.Generic;
using System.Text.RegularExpressions;
namespace de4dot {
abstract class Option {
namespace de4dot.code {
public abstract class Option {
const string SHORTNAME_PREFIX = "-";
const string LONGNAME_PREFIX = "--";
@ -68,7 +68,7 @@ namespace de4dot {
}
}
class BoolOption : Option {
public class BoolOption : Option {
bool val;
public BoolOption(string shortName, string longName, string description, bool val)
: base(shortName, longName, description) {
@ -96,7 +96,7 @@ namespace de4dot {
}
}
class IntOption : Option {
public class IntOption : Option {
int val;
public IntOption(string shortName, string longName, string description, int val)
: base(shortName, longName, description) {
@ -123,7 +123,7 @@ namespace de4dot {
}
}
class StringOption : Option {
public class StringOption : Option {
string val;
public override string ArgumentValueName {
@ -146,7 +146,7 @@ namespace de4dot {
}
}
class NameRegexOption : Option {
public class NameRegexOption : Option {
NameRegexes val;
public override string ArgumentValueName {
@ -177,7 +177,7 @@ namespace de4dot {
}
}
class RegexOption : Option {
public class RegexOption : Option {
Regex val;
public override string ArgumentValueName {
@ -206,7 +206,7 @@ namespace de4dot {
}
}
class NoArgOption : Option {
public class NoArgOption : Option {
Action action;
bool triggered;
@ -232,7 +232,7 @@ namespace de4dot {
}
}
class OneArgOption : Option {
public class OneArgOption : Option {
Action<string> action;
string typeName;

2
de4dot.code/PE/Cor20Header.cs
View File

@ -19,7 +19,7 @@
using System.IO;
namespace de4dot.PE {
namespace de4dot.code.PE {
class Cor20Header : IFileLocation {
public uint cb;
public ushort majorRuntimeVersion;

2
de4dot.code/PE/DataDirectory.cs
View File

@ -19,7 +19,7 @@
using System.IO;
namespace de4dot.PE {
namespace de4dot.code.PE {
struct DataDirectory {
public uint virtualAddress;
public uint size;

2
de4dot.code/PE/DotNetStream.cs
View File

@ -19,7 +19,7 @@
using System.IO;
namespace de4dot.PE {
namespace de4dot.code.PE {
class DotNetStream : IFileLocation {
public string name;
public uint fileOffset;

2
de4dot.code/PE/FileHeader.cs
View File

@ -19,7 +19,7 @@
using System.IO;
namespace de4dot.PE {
namespace de4dot.code.PE {
enum Machine : ushort {
i386 = 0x14C,
ia64 = 0x200,

2
de4dot.code/PE/IFileLocation.cs
View File

@ -17,7 +17,7 @@
along with de4dot. If not, see <http://www.gnu.org/licenses/>.
*/
namespace de4dot.PE {
namespace de4dot.code.PE {
interface IFileLocation {
uint Offset { get; }
uint Length { get; }

2
de4dot.code/PE/Metadata.cs
View File

@ -21,7 +21,7 @@ using System;
using System.IO;
using System.Text;
namespace de4dot.PE {
namespace de4dot.code.PE {
class Metadata : IFileLocation {
uint magic;
ushort majorVersion, minorVersion;

2
de4dot.code/PE/MetadataTables.cs
View File

@ -20,7 +20,7 @@
using System;
using System.IO;
namespace de4dot.PE {
namespace de4dot.code.PE {
using MVT = MetadataVarType;
class MetadataTables {

2
de4dot.code/PE/MetadataType.cs
View File

@ -19,7 +19,7 @@
using System.Collections.Generic;
namespace de4dot.PE {
namespace de4dot.code.PE {
enum MetadataIndex {
iModule = 0,
iTypeRef = 1,

2
de4dot.code/PE/MetadataTypeBuilder.cs
View File

@ -20,7 +20,7 @@
using System;
using System.Collections.Generic;
namespace de4dot.PE {
namespace de4dot.code.PE {
enum MetadataVarType {
end,
stop,

2
de4dot.code/PE/OptionalHeader.cs
View File

@ -19,7 +19,7 @@
using System.IO;
namespace de4dot.PE {
namespace de4dot.code.PE {
class OptionalHeader : IFileLocation {
public ushort magic;
public byte majorLinkerVersion;

8
de4dot.code/PE/PeImage.cs
View File

@ -20,8 +20,8 @@
using System;
using System.IO;
namespace de4dot.PE {
class PeImage {
namespace de4dot.code.PE {
public class PeImage {
BinaryReader reader;
BinaryWriter writer;
FileHeader fileHeader;
@ -35,11 +35,11 @@ namespace de4dot.PE {
get { return reader; }
}
public Cor20Header Cor20Header {
internal Cor20Header Cor20Header {
get { return cor20Header; }
}
public Resources Resources {
internal Resources Resources {
get { return resources; }
}

2
de4dot.code/PE/ResourceData.cs
View File

@ -17,7 +17,7 @@
along with de4dot. If not, see <http://www.gnu.org/licenses/>.
*/
namespace de4dot.PE {
namespace de4dot.code.PE {
class ResourceData : ResourceDirectoryEntry {
uint rva;
uint size;

2
de4dot.code/PE/ResourceDirectory.cs
View File

@ -19,7 +19,7 @@
using System.Collections.Generic;
namespace de4dot.PE {
namespace de4dot.code.PE {
class ResourceDirectory : ResourceDirectoryEntry {
Resources resources;
int offset;

2
de4dot.code/PE/ResourceDirectoryEntry.cs
View File

@ -19,7 +19,7 @@
using System.Collections.Generic;
namespace de4dot.PE {
namespace de4dot.code.PE {
abstract class ResourceDirectoryEntry {
protected readonly string name;
protected readonly int id;

2
de4dot.code/PE/Resources.cs
View File

@ -20,7 +20,7 @@
using System.IO;
using System.Text;
namespace de4dot.PE {
namespace de4dot.code.PE {
class Resources {
BinaryReader reader;
uint startOffset;

2
de4dot.code/PE/SectionHeader.cs
View File

@ -20,7 +20,7 @@
using System.IO;
using System.Text;
namespace de4dot.PE {
namespace de4dot.code.PE {
class SectionHeader : IFileLocation {
public byte[] name;
public uint virtualSize;

4
de4dot.code/StringDecrypter.cs
View File

@ -21,10 +21,10 @@ using System;
using System.Collections.Generic;
using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.AssemblyClient;
using de4dot.code.AssemblyClient;
using de4dot.blocks;
namespace de4dot {
namespace de4dot.code {
abstract class StringDecrypter : MethodReturnValueInliner {
protected override void inlineReturnValues(IList<CallResult> callResults) {
foreach (var callResult in callResults) {

4
de4dot.code/UserException.cs
View File

@ -19,8 +19,8 @@
using System;
namespace de4dot {
class UserException : Exception {
namespace de4dot.code {
public class UserException : Exception {
public UserException(string message)
: base(message) {
}

48
de4dot.code/Utils.cs
View File

@ -22,21 +22,16 @@ using System.Collections.Generic;
using System.IO;
using System.Text;
namespace de4dot {
public enum StartUpArch {
x86,
x64,
}
namespace de4dot.code {
// These are in .NET 3.5 and later...
internal delegate TResult Func<TResult>();
internal delegate TResult Func<T, TResult>(T arg);
internal delegate TResult Func<T1, T2, TResult>(T1 arg1, T2 arg2);
internal delegate TResult Func<T1, T2, T3, TResult>(T1 arg1, T2 arg2, T3 arg3);
internal delegate void Action();
internal delegate void Action<T>(T arg);
internal delegate void Action<T1, T2>(T1 arg1, T2 arg2);
internal delegate void Action<T1, T2, T3>(T1 arg1, T2 arg2, T3 arg3);
public delegate TResult Func<TResult>();
public delegate TResult Func<T, TResult>(T arg);
public delegate TResult Func<T1, T2, TResult>(T1 arg1, T2 arg2);
public delegate TResult Func<T1, T2, T3, TResult>(T1 arg1, T2 arg2, T3 arg3);
public delegate void Action();
public delegate void Action<T>(T arg);
public delegate void Action<T1, T2>(T1 arg1, T2 arg2);
public delegate void Action<T1, T2, T3>(T1 arg1, T2 arg2, T3 arg3);
class Tuple<T1, T2> {
public T1 Item1 { get; set; }
@ -55,17 +50,8 @@ namespace de4dot {
}
}
static class Utils {
public static class Utils {
static Random random = new Random();
public static StartUpArch startUpArch = StartUpArch.x86;
public static string getArchString(string x86, string x64) {
switch (startUpArch) {
case StartUpArch.x86: return x86;
case StartUpArch.x64: return x64;
default: throw new ApplicationException(string.Format("Invalid startUpArch {0}", startUpArch));
}
}
public static IEnumerable<T> unique<T>(IEnumerable<T> values) {
// HashSet is only available in .NET 3.5 and later.
@ -172,20 +158,6 @@ namespace de4dot {
return Path.Combine(getOurBaseDir(), filename);
}
public static void printStackTrace(Exception ex, Log.LogLevel logLevel = Log.LogLevel.error) {
var line = new string('-', 78);
Log.log(logLevel, "\n\n");
Log.log(logLevel, line);
Log.log(logLevel, "Stack trace:\n{0}", ex.StackTrace);
Log.log(logLevel, "\n\nERROR: Caught an exception:\n");
Log.log(logLevel, line);
Log.log(logLevel, "Message:");
Log.log(logLevel, " {0}", ex.Message);
Log.log(logLevel, "Type:");
Log.log(logLevel, " {0}", ex.GetType());
Log.log(logLevel, line);
}
// This fixes a mono (tested 2.10.5) String.StartsWith() bug. NB: stringComparison must be
// Ordinal or OrdinalIgnoreCase!
public static bool StartsWith(string left, string right, StringComparison stringComparison) {

5
de4dot.code/de4dot.code.csproj
View File

@ -8,7 +8,7 @@
<ProjectGuid>{4D10B9EB-3BF1-4D61-A389-CB019E8C9622}</ProjectGuid>
<OutputType>Library</OutputType>
<AppDesignerFolder>Properties</AppDesignerFolder>
<RootNamespace>de4dot</RootNamespace>
<RootNamespace>de4dot.code</RootNamespace>
<AssemblyName>de4dot.code</AssemblyName>
<TargetFrameworkVersion>v2.0</TargetFrameworkVersion>
<FileAlignment>512</FileAlignment>
@ -56,7 +56,6 @@
<Compile Include="AssemblyClient\NewProcessAssemblyServerLoader.cs" />
<Compile Include="AssemblyClient\SameAppDomainAssemblyServerLoader.cs" />
<Compile Include="AssemblyResolver.cs" />
<Compile Include="CommandLineParser.cs" />
<Compile Include="deobfuscators\ArrayFinder.cs" />
<Compile Include="deobfuscators\CliSecure\CliSecureRtType.cs" />
<Compile Include="deobfuscators\CliSecure\Deobfuscator.cs" />
@ -121,7 +120,6 @@
<Compile Include="deobfuscators\Unknown\Deobfuscator.cs" />
<Compile Include="deobfuscators\Xenocode\Deobfuscator.cs" />
<Compile Include="deobfuscators\Xenocode\StringDecrypter.cs" />
<Compile Include="FilesDeobfuscator.cs" />
<Compile Include="IObfuscatedFile.cs" />
<Compile Include="Log.cs" />
<Compile Include="AssemblyModule.cs" />
@ -145,7 +143,6 @@
<Compile Include="PE\Resources.cs" />
<Compile Include="PE\SectionHeader.cs" />
<Compile Include="PE\DotNetStream.cs" />
<Compile Include="Program.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
<Compile Include="renamer\asmmodules\EventDef.cs" />
<Compile Include="renamer\asmmodules\ExternalAssemblies.cs" />

2
de4dot.code/deobfuscators/ArrayFinder.cs
View File

@ -23,7 +23,7 @@ using Mono.Cecil.Cil;
using de4dot.blocks;
using de4dot.blocks.cflow;
namespace de4dot.deobfuscators {
namespace de4dot.code.deobfuscators {
class ArrayFinder {
List<byte[]> arrays = new List<byte[]>();

2
de4dot.code/deobfuscators/CliSecure/CliSecureRtType.cs
View File

@ -20,7 +20,7 @@
using System;
using Mono.Cecil;
namespace de4dot.deobfuscators.CliSecure {
namespace de4dot.code.deobfuscators.CliSecure {
class CliSecureRtType {
ModuleDefinition module;
TypeDefinition cliSecureRtType;

6
de4dot.code/deobfuscators/CliSecure/Deobfuscator.cs
View File

@ -21,10 +21,10 @@ using System.Collections.Generic;
using Mono.Cecil;
using Mono.MyStuff;
using de4dot.blocks;
using de4dot.PE;
using de4dot.code.PE;
namespace de4dot.deobfuscators.CliSecure {
class DeobfuscatorInfo : DeobfuscatorInfoBase {
namespace de4dot.code.deobfuscators.CliSecure {
public class DeobfuscatorInfo : DeobfuscatorInfoBase {
public const string THE_NAME = "CliSecure";
public const string THE_TYPE = "cs";
const string DEFAULT_REGEX = @"[a-zA-Z_0-9>}$]$";

4
de4dot.code/deobfuscators/CliSecure/MethodsDecrypter.cs
View File

@ -20,9 +20,9 @@
using System;
using System.Collections.Generic;
using Mono.MyStuff;
using de4dot.PE;
using de4dot.code.PE;
namespace de4dot.deobfuscators.CliSecure {
namespace de4dot.code.deobfuscators.CliSecure {
class CodeHeader {
public byte[] signature;
public byte[] decryptionKey;

2
de4dot.code/deobfuscators/CliSecure/ProxyDelegateFinder.cs
View File

@ -23,7 +23,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.CliSecure {
namespace de4dot.code.deobfuscators.CliSecure {
class ProxyDelegateFinder : ProxyDelegateFinderBase {
IList<MemberReference> memberReferences;

2
de4dot.code/deobfuscators/CliSecure/ResourceDecrypter.cs
View File

@ -23,7 +23,7 @@ using System.Text;
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.CliSecure {
namespace de4dot.code.deobfuscators.CliSecure {
class ResourceDecrypter {
ModuleDefinition module;
TypeDefinition rsrcType;

2
de4dot.code/deobfuscators/CliSecure/StackFrameHelper.cs
View File

@ -21,7 +21,7 @@ using System;
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.CliSecure {
namespace de4dot.code.deobfuscators.CliSecure {
class StackFrameHelper {
ModuleDefinition module;
TypeDefinition stackFrameHelperType;

2
de4dot.code/deobfuscators/CliSecure/StringDecrypter.cs
View File

@ -21,7 +21,7 @@ using System;
using System.Text;
using Mono.Cecil;
namespace de4dot.deobfuscators.CliSecure {
namespace de4dot.code.deobfuscators.CliSecure {
class StringDecrypter {
ModuleDefinition module;
TypeDefinition stringDecrypterType;

2
de4dot.code/deobfuscators/CryptoObfuscator/AntiDebugger.cs
View File

@ -20,7 +20,7 @@
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.CryptoObfuscator {
namespace de4dot.code.deobfuscators.CryptoObfuscator {
class AntiDebugger {
ModuleDefinition module;
ISimpleDeobfuscator simpleDeobfuscator;

2
de4dot.code/deobfuscators/CryptoObfuscator/AssemblyResolver.cs
View File

@ -24,7 +24,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.CryptoObfuscator {
namespace de4dot.code.deobfuscators.CryptoObfuscator {
class AssemblyResolver {
ModuleDefinition module;
TypeDefinition resolverType;

4
de4dot.code/deobfuscators/CryptoObfuscator/Deobfuscator.cs
View File

@ -22,8 +22,8 @@ using System.Text.RegularExpressions;
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.CryptoObfuscator {
class DeobfuscatorInfo : DeobfuscatorInfoBase {
namespace de4dot.code.deobfuscators.CryptoObfuscator {
public class DeobfuscatorInfo : DeobfuscatorInfoBase {
public const string THE_NAME = "Crypto Obfuscator";
public const string THE_TYPE = "co";
const string DEFAULT_REGEX = @"!^(get_|set_|add_|remove_)?[A-Z]{1,3}(?:`\d+)?$&!^(get_|set_|add_|remove_)?c[0-9a-f]{32}(?:`\d+)?$&" + DeobfuscatorBase.DEFAULT_VALID_NAME_REGEX;

2
de4dot.code/deobfuscators/CryptoObfuscator/ProxyDelegateFinder.cs
View File

@ -23,7 +23,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.CryptoObfuscator {
namespace de4dot.code.deobfuscators.CryptoObfuscator {
class ProxyDelegateFinder : ProxyDelegateFinderBase {
Dictionary<MethodDefinition, ProxyCreatorType> methodToType = new Dictionary<MethodDefinition, ProxyCreatorType>();

2
de4dot.code/deobfuscators/CryptoObfuscator/ResourceDecrypter.cs
View File

@ -23,7 +23,7 @@ using System.IO.Compression;
using System.Security.Cryptography;
using Mono.Cecil;
namespace de4dot.deobfuscators.CryptoObfuscator {
namespace de4dot.code.deobfuscators.CryptoObfuscator {
class ResourceDecrypter {
const int BUFLEN = 0x8000;
ModuleDefinition module;

2
de4dot.code/deobfuscators/CryptoObfuscator/ResourceResolver.cs
View File

@ -22,7 +22,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.CryptoObfuscator {
namespace de4dot.code.deobfuscators.CryptoObfuscator {
class ResourceResolver {
ModuleDefinition module;
ResourceDecrypter resourceDecrypter;

2
de4dot.code/deobfuscators/CryptoObfuscator/StringDecrypter.cs
View File

@ -21,7 +21,7 @@ using System.Text;
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.CryptoObfuscator {
namespace de4dot.code.deobfuscators.CryptoObfuscator {
class StringDecrypter {
ModuleDefinition module;
EmbeddedResource stringResource;

2
de4dot.code/deobfuscators/CryptoObfuscator/TamperDetection.cs
View File

@ -20,7 +20,7 @@
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.CryptoObfuscator {
namespace de4dot.code.deobfuscators.CryptoObfuscator {
class TamperDetection {
ModuleDefinition module;
TypeDefinition tamperType;

2
de4dot.code/deobfuscators/DeobUtils.cs
View File

@ -21,7 +21,7 @@ using System;
using System.IO;
using Mono.Cecil;
namespace de4dot.deobfuscators {
namespace de4dot.code.deobfuscators {
static class DeobUtils {
public static void decryptAndAddResources(ModuleDefinition module, string encryptedName, Func<byte[]> decryptResource) {
Log.v("Decrypting resources, name: {0}", Utils.toCsharpString(encryptedName));

4
de4dot.code/deobfuscators/DeobfuscatorBase.cs
View File

@ -23,9 +23,9 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using Mono.MyStuff;
using de4dot.blocks;
using de4dot.PE;
using de4dot.code.PE;
namespace de4dot.deobfuscators {
namespace de4dot.code.deobfuscators {
abstract class DeobfuscatorBase : IDeobfuscator, IWriterListener {
public const string DEFAULT_VALID_NAME_REGEX = @"^[a-zA-Z_<{$][a-zA-Z_0-9<>{}$.`-]*$";

4
de4dot.code/deobfuscators/DeobfuscatorInfoBase.cs
View File

@ -19,8 +19,8 @@
using System.Collections.Generic;
namespace de4dot.deobfuscators {
abstract class DeobfuscatorInfoBase : IDeobfuscatorInfo {
namespace de4dot.code.deobfuscators {
public abstract class DeobfuscatorInfoBase : IDeobfuscatorInfo {
protected NameRegexOption validNameRegex;
public DeobfuscatorInfoBase(string nameRegex = null) {

4
de4dot.code/deobfuscators/Dotfuscator/Deobfuscator.cs
View File

@ -22,8 +22,8 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.Dotfuscator {
class DeobfuscatorInfo : DeobfuscatorInfoBase {
namespace de4dot.code.deobfuscators.Dotfuscator {
public class DeobfuscatorInfo : DeobfuscatorInfoBase {
public const string THE_NAME = "Dotfuscator";
public const string THE_TYPE = "df";
const string DEFAULT_REGEX = @"!^[a-z][a-z0-9]{0,2}$&!^A_[0-9]+$&" + DeobfuscatorBase.DEFAULT_VALID_NAME_REGEX;

4
de4dot.code/deobfuscators/Eazfuscator/Deobfuscator.cs
View File

@ -22,8 +22,8 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.Eazfuscator {
class DeobfuscatorInfo : DeobfuscatorInfoBase {
namespace de4dot.code.deobfuscators.Eazfuscator {
public class DeobfuscatorInfo : DeobfuscatorInfoBase {
public const string THE_NAME = "Eazfuscator.NET";
public const string THE_TYPE = "ef";
const string DEFAULT_REGEX = @"!^#=&!^dje_.+_ejd$&" + DeobfuscatorBase.DEFAULT_VALID_NAME_REGEX;

2
de4dot.code/deobfuscators/ExceptionLoggerRemover.cs
View File

@ -22,7 +22,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators {
namespace de4dot.code.deobfuscators {
class ExceptionLoggerRemover {
Dictionary<MethodReference, bool> exceptionLoggerMethods = new Dictionary<MethodReference, bool>();

4
de4dot.code/deobfuscators/IDeobfuscatedFile.cs
View File

@ -17,8 +17,8 @@
along with de4dot. If not, see <http://www.gnu.org/licenses/>.
*/
namespace de4dot.deobfuscators {
interface IDeobfuscatedFile : ISimpleDeobfuscator {
namespace de4dot.code.deobfuscators {
public interface IDeobfuscatedFile : ISimpleDeobfuscator {
void createAssemblyFile(byte[] data, string assemblyName, string extension = null);
void stringDecryptersAdded();
}

14
de4dot.code/deobfuscators/IDeobfuscator.cs
View File

@ -22,11 +22,11 @@ using System.Collections.Generic;
using Mono.Cecil;
using Mono.MyStuff;
using de4dot.blocks;
using de4dot.renamer;
using de4dot.PE;
using de4dot.code.renamer;
using de4dot.code.PE;
namespace de4dot.deobfuscators {
interface IDeobfuscatorOptions {
namespace de4dot.code.deobfuscators {
public interface IDeobfuscatorOptions {
bool RenameResourcesInCode { get; }
}
@ -39,7 +39,7 @@ namespace de4dot.deobfuscators {
}
[Flags]
enum StringFeatures {
public enum StringFeatures {
AllowNoDecryption = 1,
AllowStaticDecryption = 2,
AllowDynamicDecryption = 4,
@ -47,11 +47,11 @@ namespace de4dot.deobfuscators {
}
[Flags]
enum RenamingOptions {
public enum RenamingOptions {
RemoveNamespaceIfOneType = 1,
}
interface IDeobfuscator : INameChecker {
public interface IDeobfuscator : INameChecker {
string Type { get; }
string TypeLong { get; }
string Name { get; }

4
de4dot.code/deobfuscators/IDeobfuscatorInfo.cs
View File

@ -19,8 +19,8 @@
using System.Collections.Generic;
namespace de4dot.deobfuscators {
interface IDeobfuscatorInfo {
namespace de4dot.code.deobfuscators {
public interface IDeobfuscatorInfo {
string Type { get; }
string Name { get; }
IDeobfuscator createDeobfuscator();

4
de4dot.code/deobfuscators/ISimpleDeobfuscator.cs
View File

@ -19,8 +19,8 @@
using Mono.Cecil;
namespace de4dot.deobfuscators {
interface ISimpleDeobfuscator {
namespace de4dot.code.deobfuscators {
public interface ISimpleDeobfuscator {
void deobfuscate(MethodDefinition method);
void decryptStrings(MethodDefinition method, IDeobfuscator deob);
}

6
de4dot.code/deobfuscators/Operations.cs
View File

@ -17,14 +17,14 @@
along with de4dot. If not, see <http://www.gnu.org/licenses/>.
*/
namespace de4dot.deobfuscators {
enum OpDecryptString {
namespace de4dot.code.deobfuscators {
public enum OpDecryptString {
None,
Static,
Dynamic,
}
interface IOperations {
public interface IOperations {
bool KeepObfuscatorTypes { get; }
OpDecryptString DecryptStrings { get; }
}

2
de4dot.code/deobfuscators/ProxyDelegateFinderBase.cs
View File

@ -23,7 +23,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators {
namespace de4dot.code.deobfuscators {
abstract class ProxyDelegateFinderBase {
protected ModuleDefinition module;
protected List<MethodDefinition> delegateCreatorMethods = new List<MethodDefinition>();

2
de4dot.code/deobfuscators/RandomNameChecker.cs
View File

@ -21,7 +21,7 @@ using System.Collections.Generic;
using System.Text;
using System.Text.RegularExpressions;
namespace de4dot.deobfuscators {
namespace de4dot.code.deobfuscators {
static class RandomNameChecker {
static Regex noUpper = new Regex(@"^[^A-Z]+$");
static Regex allUpper = new Regex(@"^[A-Z]+$");

2
de4dot.code/deobfuscators/SmartAssembly/AssemblyResolver.cs
View File

@ -21,7 +21,7 @@ using System;
using System.Collections.Generic;
using Mono.Cecil;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class AssemblyResolver {
ResourceDecrypter resourceDecrypter;
AssemblyResolverInfo assemblyResolverInfo;

2
de4dot.code/deobfuscators/SmartAssembly/AssemblyResolverInfo.cs
View File

@ -24,7 +24,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
public class EmbeddedAssemblyInfo {
public string assemblyName;
public string simpleName;

2
de4dot.code/deobfuscators/SmartAssembly/AutomatedErrorReportingFinder.cs
View File

@ -22,7 +22,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class AutomatedErrorReportingFinder {
ModuleDefinition module;
ExceptionLoggerRemover exceptionLoggerRemover = new ExceptionLoggerRemover();

4
de4dot.code/deobfuscators/SmartAssembly/Deobfuscator.cs
View File

@ -28,8 +28,8 @@ using de4dot.blocks;
// SmartAssembly can add so much junk that it's very difficult to find and remove all of it.
// I remove some safe types that are almost guaranteed not to have any references in the code.
namespace de4dot.deobfuscators.SmartAssembly {
class DeobfuscatorInfo : DeobfuscatorInfoBase {
namespace de4dot.code.deobfuscators.SmartAssembly {
public class DeobfuscatorInfo : DeobfuscatorInfoBase {
public const string THE_NAME = "SmartAssembly";
public const string THE_TYPE = "sa";
BoolOption removeAutomatedErrorReporting;

2
de4dot.code/deobfuscators/SmartAssembly/MemoryManagerInfo.cs
View File

@ -20,7 +20,7 @@
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class MemoryManagerInfo {
ModuleDefinition module;
TypeDefinition memoryManagerType;

2
de4dot.code/deobfuscators/SmartAssembly/ProxyDelegateFinder.cs
View File

@ -23,7 +23,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class ProxyDelegateFinder : ProxyDelegateFinderBase {
static readonly Dictionary<char, int> specialCharsDict = new Dictionary<char, int>();
static readonly char[] specialChars = new char[] {

2
de4dot.code/deobfuscators/SmartAssembly/ResolverInfoBase.cs
View File

@ -22,7 +22,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
abstract class ResolverInfoBase {
protected ModuleDefinition module;
ISimpleDeobfuscator simpleDeobfuscator;

2
de4dot.code/deobfuscators/SmartAssembly/ResourceDecrypter.cs
View File

@ -23,7 +23,7 @@ using System.Security.Cryptography;
using Mono.Cecil;
using ICSharpCode.SharpZipLib.Zip.Compression;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class ResourceDecrypter {
ResourceDecrypterInfo resourceDecrypterInfo;

2
de4dot.code/deobfuscators/SmartAssembly/ResourceDecrypterInfo.cs
View File

@ -22,7 +22,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class ResourceDecrypterInfo {
ModuleDefinition module;
TypeDefinition simpleZipType;

2
de4dot.code/deobfuscators/SmartAssembly/ResourceResolver.cs
View File

@ -22,7 +22,7 @@ using System.IO;
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class ResourceResolver {
ModuleDefinition module;
AssemblyResolver assemblyResolver;

2
de4dot.code/deobfuscators/SmartAssembly/ResourceResolverInfo.cs
View File

@ -21,7 +21,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class ResourceResolverInfo : ResolverInfoBase {
EmbeddedAssemblyInfo resourceInfo;
AssemblyResolverInfo assemblyResolverInfo;

2
de4dot.code/deobfuscators/SmartAssembly/SimpleZipInfo.cs
View File

@ -20,7 +20,7 @@
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class SimpleZipInfo {
public static bool isSimpleZipDecryptMethod_QuickCheck(ModuleDefinition module, MethodReference method, out TypeDefinition simpleZipType) {

2
de4dot.code/deobfuscators/SmartAssembly/StringDecrypter.cs
View File

@ -20,7 +20,7 @@
using System;
using System.Text;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class StringDecrypter {
int stringOffset;
byte[] decryptedData;

2
de4dot.code/deobfuscators/SmartAssembly/StringDecrypterInfo.cs
View File

@ -23,7 +23,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class StringDecrypterInfo {
ModuleDefinition module;
ResourceDecrypter resourceDecrypter;

2
de4dot.code/deobfuscators/SmartAssembly/StringEncoderClassFinder.cs
View File

@ -22,7 +22,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class StringsEncoderInfo {
// SmartAssembly.HouseOfCards.Strings, the class that creates the string decrypter
// delegates

2
de4dot.code/deobfuscators/SmartAssembly/TamperProtectionRemover.cs
View File

@ -23,7 +23,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.SmartAssembly {
namespace de4dot.code.deobfuscators.SmartAssembly {
class TamperProtectionRemover {
ModuleDefinition module;
List<MethodDefinition> pinvokeMethods = new List<MethodDefinition>();

2
de4dot.code/deobfuscators/StringCounts.cs
View File

@ -22,7 +22,7 @@ using System.Collections.Generic;
using Mono.Cecil;
using Mono.Cecil.Cil;
namespace de4dot.deobfuscators {
namespace de4dot.code.deobfuscators {
class StringCounts {
Dictionary<string, int> strings = new Dictionary<string, int>(StringComparer.Ordinal);

2
de4dot.code/deobfuscators/TypesRestorer.cs
View File

@ -22,7 +22,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators {
namespace de4dot.code.deobfuscators {
// Restore the type of all fields / parameters that have had their type turned into object.
// This thing requires a lot more code than I have time to do now (similar to symbol renaming)
// so it will be a basic implementation only.

6
de4dot.code/deobfuscators/Unknown/Deobfuscator.cs
View File

@ -19,8 +19,8 @@
using System.Text.RegularExpressions;
namespace de4dot.deobfuscators.Unknown {
class DeobfuscatorInfo : DeobfuscatorInfoBase {
namespace de4dot.code.deobfuscators.Unknown {
public class DeobfuscatorInfo : DeobfuscatorInfoBase {
public const string THE_NAME = "Unknown";
public const string THE_TYPE = "un";
public DeobfuscatorInfo()
@ -61,7 +61,7 @@ namespace de4dot.deobfuscators.Unknown {
get { return obfuscatorName ?? "Unknown Obfuscator"; }
}
public Deobfuscator(Options options)
internal Deobfuscator(Options options)
: base(options) {
}

4
de4dot.code/deobfuscators/Xenocode/Deobfuscator.cs
View File

@ -20,8 +20,8 @@
using System.Collections.Generic;
using Mono.Cecil;
namespace de4dot.deobfuscators.Xenocode {
class DeobfuscatorInfo : DeobfuscatorInfoBase {
namespace de4dot.code.deobfuscators.Xenocode {
public class DeobfuscatorInfo : DeobfuscatorInfoBase {
public const string THE_NAME = "Xenocode";
public const string THE_TYPE = "xc";
const string DEFAULT_REGEX = @"!^[oO01l]{4,}$&!^(get_|set_|add_|remove_|_)?x[a-f0-9]{16,}$&" + DeobfuscatorBase.DEFAULT_VALID_NAME_REGEX;

2
de4dot.code/deobfuscators/Xenocode/StringDecrypter.cs
View File

@ -21,7 +21,7 @@ using System.Text;
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.Xenocode {
namespace de4dot.code.deobfuscators.Xenocode {
class StringDecrypter {
const int STRING_DECRYPTER_KEY_CONST = 1789;
ModuleDefinition module;

2
de4dot.code/deobfuscators/dotNET_Reactor/AntiStrongname.cs
View File

@ -22,7 +22,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.dotNET_Reactor {
namespace de4dot.code.deobfuscators.dotNET_Reactor {
class AntiStrongName {
TypeDefinition decrypterType;
MethodDefinition antiStrongNameMethod;

2
de4dot.code/deobfuscators/dotNET_Reactor/AssemblyResolver.cs
View File

@ -23,7 +23,7 @@ using System.IO;
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.dotNET_Reactor {
namespace de4dot.code.deobfuscators.dotNET_Reactor {
class ResourceInfo {
public EmbeddedResource resource;
public string name;

2
de4dot.code/deobfuscators/dotNET_Reactor/BoolValueInliner.cs
View File

@ -22,7 +22,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.dotNET_Reactor {
namespace de4dot.code.deobfuscators.dotNET_Reactor {
class BoolValueInliner : MethodReturnValueInliner {
Dictionary<MethodReferenceAndDeclaringTypeKey, Func<MethodDefinition, object[], bool>> boolDecrypters = new Dictionary<MethodReferenceAndDeclaringTypeKey, Func<MethodDefinition, object[], bool>>();

2
de4dot.code/deobfuscators/dotNET_Reactor/BooleanDecrypter.cs
View File

@ -21,7 +21,7 @@ using System;
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.dotNET_Reactor {
namespace de4dot.code.deobfuscators.dotNET_Reactor {
class BooleanDecrypter {
ModuleDefinition module;
EncryptedResource encryptedResource;

6
de4dot.code/deobfuscators/dotNET_Reactor/Deobfuscator.cs
View File

@ -25,10 +25,10 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using Mono.MyStuff;
using de4dot.blocks;
using de4dot.PE;
using de4dot.code.PE;
namespace de4dot.deobfuscators.dotNET_Reactor {
class DeobfuscatorInfo : DeobfuscatorInfoBase {
namespace de4dot.code.deobfuscators.dotNET_Reactor {
public class DeobfuscatorInfo : DeobfuscatorInfoBase {
public const string THE_NAME = ".NET Reactor";
public const string THE_TYPE = "dr";
const string DEFAULT_REGEX = DeobfuscatorBase.DEFAULT_VALID_NAME_REGEX;

2
de4dot.code/deobfuscators/dotNET_Reactor/EmptyClass.cs
View File

@ -20,7 +20,7 @@
using Mono.Cecil;
using de4dot.blocks;
namespace de4dot.deobfuscators.dotNET_Reactor {
namespace de4dot.code.deobfuscators.dotNET_Reactor {
// Detect some empty class that is called from most .ctor's
class EmptyClass {
ModuleDefinition module;

2
de4dot.code/deobfuscators/dotNET_Reactor/EncryptedResource.cs
View File

@ -25,7 +25,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.dotNET_Reactor {
namespace de4dot.code.deobfuscators.dotNET_Reactor {
class EncryptedResource {
ModuleDefinition module;
MethodDefinition resourceDecrypterMethod;

2
de4dot.code/deobfuscators/dotNET_Reactor/MetadataTokenObfuscator.cs
View File

@ -21,7 +21,7 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using de4dot.blocks;
namespace de4dot.deobfuscators.dotNET_Reactor {
namespace de4dot.code.deobfuscators.dotNET_Reactor {
// Find the class that returns a RuntimeTypeHandle/RuntimeFieldHandle. The value passed to
// its methods is the original metadata token, which will be different when we save the file.
class MetadataTokenObfuscator {

4
de4dot.code/deobfuscators/dotNET_Reactor/MethodsDecrypter.cs
View File

@ -24,9 +24,9 @@ using Mono.Cecil;
using Mono.Cecil.Cil;
using Mono.MyStuff;
using de4dot.blocks;
using de4dot.PE;
using de4dot.code.PE;
namespace de4dot.deobfuscators.dotNET_Reactor {
namespace de4dot.code.deobfuscators.dotNET_Reactor {
class MethodsDecrypter {
ModuleDefinition module;
EncryptedResource encryptedResource;

2
de4dot.code/deobfuscators/dotNET_Reactor/NativeFileDecrypter.cs
View File

@ -19,7 +19,7 @@
using System;
namespace de4dot.deobfuscators.dotNET_Reactor {
namespace de4dot.code.deobfuscators.dotNET_Reactor {
class NativeFileDecrypter {
byte[] key;
byte kb = 0;

4
de4dot.code/deobfuscators/dotNET_Reactor/NativeImageUnpacker.cs
View File

@ -20,9 +20,9 @@
using System;
using System.IO;
using ICSharpCode.SharpZipLib.Zip.Compression;
using de4dot.PE;
using de4dot.code.PE;
namespace de4dot.deobfuscators.dotNET_Reactor {
namespace de4dot.code.deobfuscators.dotNET_Reactor {
class NativeImageUnpacker {
PeImage peImage;
bool isNet1x;

2
de4dot.code/deobfuscators/dotNET_Reactor/QuickLZ.cs
View File

@ -11,7 +11,7 @@
using System;
namespace de4dot.deobfuscators.dotNET_Reactor {
namespace de4dot.code.deobfuscators.dotNET_Reactor {
static class QuickLZ {
static uint read32(byte[] data, int index) {
return BitConverter.ToUInt32(data, index);

Some files were not shown because too many files have changed in this diff Show More