monocul.us/de4dot-cex
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
300 Commits 2 Branches 1 Tag 5 MiB
c90a1b0454
Commit Graph

300 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
de4dot
51092fa09a Add updated cecil submodule 2011-11-05 07:38:12 +01:00
de4dot
2236300943 Update renamer to better rename methods and args 
Finds InitializeComponent() method and renames it if necessary.
Finds all event handlers and names the args sender and e respectively.
Finds all field event handlers and names them <field>_<event>, eg.
button_Click.
 2011-11-04 19:08:23 +01:00
de4dot
7486b73da3 Restore original WinForms class and field names 2011-11-04 15:39:16 +01:00
de4dot
df507526ba Update renamer code so it's less likely to use an existing name 2011-11-04 13:59:43 +01:00
de4dot
e6a8d50d03 Add updated cecil submodule 2011-11-04 13:58:17 +01:00
de4dot
e01e3c4e7f Update valid name regex 2011-11-04 11:01:21 +01:00
de4dot
131a57342d Force field type to same type newobj/newarr calls 2011-11-04 08:22:25 +01:00
de4dot
49b2976965 Handle call instrs with invalid metadata tokens 2011-11-04 07:43:24 +01:00
de4dot
4ce90dbfc0 Only print "found native code" warning once 2011-11-04 07:37:33 +01:00
de4dot
bd3b1e9b20 Check for null before calling unload() 2011-11-04 07:33:14 +01:00
de4dot
37f12ba60f Some small updates 2011-11-04 07:21:12 +01:00
de4dot
30f713f8f8 Rename isDelegateType() -> derivesFromDelegate() 2011-11-04 00:39:48 +01:00
de4dot
e1715adb48 Update default regex 2011-11-04 00:35:07 +01:00
de4dot
c23d770fbc Add special case for delegates 2011-11-04 00:09:51 +01:00
de4dot
76241db427 Add isDelegate() method 2011-11-04 00:06:25 +01:00
de4dot
8b0bf54d62 Print <arg_N> if arg N name is empty 2011-11-03 23:32:33 +01:00
de4dot
7a0061e39e Don't save ByRef types, and method call should be getEnd(0) 2011-11-03 23:25:07 +01:00
de4dot
17f077e275 Update code to handle more cases 2011-11-03 23:01:51 +01:00
de4dot
c1820f1a82 Add method to replace generic params with generic args. 
The code only handles basic cases, eg. T -> int, but not T[] -> int[].
 2011-11-03 22:53:04 +01:00
de4dot
b810292cee New files' default name is now origname-cleaned.ext 2011-11-03 20:07:50 +01:00
de4dot
a2ecd85044 Deobfuscator type is now 2 chars 2011-11-03 20:03:32 +01:00
de4dot
e7c42c6532 Print updated types when we're done so everything can be sorted 2011-11-03 19:46:29 +01:00
de4dot
42e7583659 Unload loaded modules when renaming is over 2011-11-03 18:55:14 +01:00
de4dot
98cdcf9ca5 Only protect *Invoke methods. Rename and remove a variable 2011-11-03 18:53:58 +01:00
de4dot
555ca393e2 No need to check for typedef since it's checked elsewhere 2011-11-03 18:52:21 +01:00
de4dot
cd7e617ab7 Add updated cecil submodule 2011-11-03 18:51:20 +01:00
de4dot
3dd8649859 Merge branch 'master' into dnr 2011-11-03 07:11:10 +01:00
de4dot
f351a09564 Update symbol renamer to load referenced assemblies. 
This way it's possible to use a rename-all regex (.*) without renaming
symbols that shouldn't be renamed (eg. methods that are defined in an
interface in a non-deobfuscated module, eg. Dispose()). A warning is
displayed if an assembly can't be loaded.
 2011-11-03 06:43:33 +01:00
de4dot
96d086ba2b Merge branch 'master' into dnr 2011-11-02 05:58:12 +01:00
de4dot
2a967dc699 Call onTypesRenamed() a little later and update throw message with token 2011-11-02 05:57:10 +01:00
de4dot
c918c8e964 Merge branch 'master' into dnr 2011-11-02 04:57:13 +01:00
de4dot
78960c759c Rebuild dictionaries when types have been renamed 2011-11-02 04:54:54 +01:00
de4dot
b8879e74e6 Merge branch 'master' into dnr 2011-11-02 04:26:12 +01:00
de4dot
ccff408a00 Update code so it can rename duplicate member references 2011-11-02 04:24:22 +01:00
de4dot
8b780a4696 Add ScopeAndTokenKey. Make sure other keys are immutable. 2011-11-02 04:14:59 +01:00
de4dot
3db7a0fedf Add updates cecil submodule 2011-11-02 02:55:36 +01:00
de4dot
c177c2ff42 Don't print message since the code is now much faster 2011-11-02 02:39:53 +01:00
de4dot
e3b767adcc Don't create dest dirs if we're just detecting obfuscators 2011-11-02 02:38:20 +01:00
de4dot
2ddf6b00de Return an empty list instead of null 2011-11-02 02:28:51 +01:00
de4dot
8ff2115083 Remove unused methods, and inline method used only by SA code 2011-11-02 02:25:45 +01:00
de4dot
ade1720d32 Use type cache to look up types (huge speedup in DNR code) 2011-11-02 02:25:07 +01:00
de4dot
f342a481a9 Update Conv_XX emulation. Default case should push unknown int32/64. 2011-11-02 01:19:18 +01:00
de4dot
1938a1c497 Undo what VS did 2011-11-01 18:56:44 +01:00
de4dot
6a07ee5b5e It's generic code so move it to common parent dir 2011-11-01 18:48:52 +01:00
de4dot
7bdea53134 Check op for null and update detection code 2011-11-01 18:47:26 +01:00
de4dot
6f4447aa98 It's generic code so move it to common parent dir 2011-11-01 18:46:59 +01:00
de4dot
cc8e220281 Also use ldfld/ldflda to detect arg types 2011-11-01 15:53:51 +01:00
de4dot
c354ded987 Add code to restore ldtoken instructions 2011-11-01 15:17:26 +01:00
de4dot
4d5c625c78 Add updated cecil submodule 2011-11-01 15:16:15 +01:00
de4dot
5170e62e21 Add code to remove inlined methods and option to disable it 2011-11-01 14:23:30 +01:00