monocul.us/de4dot-cex
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update detection due to new cflow deob code

Browse Source
This commit is contained in:
de4dot 2012-01-09 03:19:13 +01:00
parent 12b327bef3
commit fd12b92e4b
1 changed files with 43 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
de4dot.code/deobfuscators/dotNET_Reactor/v3/AntiStrongName.cs
View File

@ -66,46 +66,53 @@ namespace de4dot.code.deobfuscators.dotNET_Reactor.v3 {
return false; return false;
var badBlock = block.FallThrough; var badBlock = block.FallThrough;
var goodblock = block.Targets[0];
if (badBlock == null) if (badBlock == null)
return false; return false;
if (badBlock.Sources.Count != 1)
return false;
var goodblock = block.Targets[0];
instrs = badBlock.Instructions; if (badBlock == goodblock) {
if (instrs.Count != 12) // All of the bad block was removed by the cflow deobfuscator. It was just a useless
return false; // calculation (div by zero).
index = 0; block.replaceLastInstrsWithBranch(numInstrsToRemove, goodblock);
if (!instrs[index++].isLdcI4()) }
return false; else if (badBlock.Sources.Count == 1) {
if (!instrs[index].isStloc()) instrs = badBlock.Instructions;
return false; if (instrs.Count != 12)
var local = Instr.getLocalVar(blocks.Locals, instrs[index++]); return false;
if (local == null) index = 0;
return false; if (!instrs[index++].isLdcI4())
if (!checkLdloc(blocks.Locals, instrs[index++], local)) return false;
return false; if (!instrs[index].isStloc())
if (!checkLdloc(blocks.Locals, instrs[index++], local)) return false;
return false; var local = Instr.getLocalVar(blocks.Locals, instrs[index++]);
if (instrs[index++].OpCode.Code != Code.Sub) if (local == null)
return false; return false;
if (instrs[index++].OpCode.Code != Code.Conv_U1) if (!checkLdloc(blocks.Locals, instrs[index++], local))
return false; return false;
if (!checkStloc(blocks.Locals, instrs[index++], local)) if (!checkLdloc(blocks.Locals, instrs[index++], local))
return false; return false;
if (!checkLdloc(blocks.Locals, instrs[index++], local)) if (instrs[index++].OpCode.Code != Code.Sub)
return false; return false;
if (!checkLdloc(blocks.Locals, instrs[index++], local)) if (instrs[index++].OpCode.Code != Code.Conv_U1)
return false; return false;
if (instrs[index++].OpCode.Code != Code.Div) if (!checkStloc(blocks.Locals, instrs[index++], local))
return false; return false;
if (instrs[index++].OpCode.Code != Code.Conv_U1) if (!checkLdloc(blocks.Locals, instrs[index++], local))
return false; return false;
if (!checkStloc(blocks.Locals, instrs[index++], local)) if (!checkLdloc(blocks.Locals, instrs[index++], local))
return false; return false;
if (instrs[index++].OpCode.Code != Code.Div)
return false;
if (instrs[index++].OpCode.Code != Code.Conv_U1)
return false;
if (!checkStloc(blocks.Locals, instrs[index++], local))
return false;
block.replaceLastInstrsWithBranch(numInstrsToRemove, goodblock); block.replaceLastInstrsWithBranch(numInstrsToRemove, goodblock);
badBlock.Parent.removeDeadBlock(badBlock); badBlock.Parent.removeDeadBlock(badBlock);
}
else
return false;
return true; return true;
} }