de4dot
|
fafa60c4c9
|
Update expressions
|
2012-03-10 05:31:07 +01:00 |
|
de4dot
|
4e997910e4
|
Update detection of string decrypter type
|
2012-03-08 19:21:54 +01:00 |
|
de4dot
|
51fe58c4cd
|
Merge branch 'new_code'
|
2012-03-08 18:03:25 +01:00 |
|
de4dot
|
4a7b4f4111
|
Update name regex
|
2012-03-08 16:15:19 +01:00 |
|
de4dot
|
b4525ed58d
|
Support EF 3.3
|
2012-03-06 10:43:06 +01:00 |
|
de4dot
|
48d6a3b6fc
|
Merge branch 'mc'
|
2012-03-01 22:10:36 +01:00 |
|
de4dot
|
86987518d6
|
Method should not be public
|
2012-02-29 11:41:07 +01:00 |
|
de4dot
|
9bf30e165c
|
Rename classes
|
2012-02-29 11:41:06 +01:00 |
|
de4dot
|
9791e63e51
|
Engrish
|
2012-02-29 11:41:05 +01:00 |
|
de4dot
|
8740ba8419
|
Rename variable
|
2012-02-29 11:41:04 +01:00 |
|
de4dot
|
167368f488
|
Attributes are worth less
|
2012-02-29 00:13:57 +01:00 |
|
de4dot
|
b27635f493
|
Remove sealed flag from interfaces
|
2012-02-28 23:57:48 +01:00 |
|
de4dot
|
e6d0c4a043
|
Move version detection to a new class
|
2012-02-28 22:30:22 +01:00 |
|
de4dot
|
77228ecfca
|
Update name regex
|
2012-02-28 22:24:08 +01:00 |
|
de4dot
|
68b4315e95
|
Update detection of the type and remove another type
|
2012-02-28 20:49:03 +01:00 |
|
de4dot
|
269b695245
|
Update detection of that type
|
2012-02-28 20:44:05 +01:00 |
|
de4dot
|
c970e1f6ca
|
Support v3.0 - 3.1
|
2012-02-28 19:42:19 +01:00 |
|
de4dot
|
acb53f535b
|
Throw if init fails
|
2012-02-28 18:18:13 +01:00 |
|
de4dot
|
f37e5a12d0
|
Restore calls to Assembly::GetManifestResourceXXX methods
|
2012-02-28 18:17:33 +01:00 |
|
de4dot
|
d740a3f5f6
|
Move GetManifestResourceStream code to a new class
|
2012-02-28 18:14:41 +01:00 |
|
de4dot
|
e72fb7220a
|
Decrypt embedded assemblies and resources
|
2012-02-27 23:43:45 +01:00 |
|
de4dot
|
9bab65640c
|
Refactor
|
2012-02-27 12:55:37 +01:00 |
|
de4dot
|
3c480f4c6c
|
Add another warning message
|
2012-02-27 01:51:44 +01:00 |
|
de4dot
|
cee04d3bba
|
master was updated
|
2012-02-26 22:57:55 +01:00 |
|
de4dot
|
cf76c14b4b
|
Merge branch 'master' into mc
|
2012-02-26 22:55:06 +01:00 |
|
de4dot
|
efec6625ef
|
Update detection of EF 3.0 and 3.1
|
2012-02-26 22:54:28 +01:00 |
|
de4dot
|
2bff1242c1
|
Add static EF string decrypter
|
2012-02-26 22:48:43 +01:00 |
|
de4dot
|
da1d649ef4
|
Make sure no generic methods are inlined
|
2012-02-25 06:33:38 +01:00 |
|
de4dot
|
10ceb12e30
|
Change return type to IEnumerable<int>
|
2012-02-25 06:25:40 +01:00 |
|
de4dot
|
48758be8f0
|
Use a new class instead of the dict
|
2012-02-25 06:14:19 +01:00 |
|
de4dot
|
d09938ca47
|
Remove classes with null base type
|
2012-02-25 05:28:32 +01:00 |
|
de4dot
|
5288b4b3d2
|
Make sure enum instance field has proper flags set (make peverify happy)
|
2012-02-25 05:15:42 +01:00 |
|
de4dot
|
4ec4bb1d65
|
MC actually does rename symbols so add an updated regex
|
2012-02-23 11:52:19 +01:00 |
|
de4dot
|
6e8b32df21
|
Reverse sort comments
|
2012-02-23 10:59:02 +01:00 |
|
de4dot
|
7c4f014da3
|
Support old MC 3.2
|
2012-02-22 12:38:02 +01:00 |
|
de4dot
|
59ee55105d
|
Support some older MC version
|
2012-02-22 12:14:15 +01:00 |
|
de4dot
|
435d3303c3
|
Merge branch 'master' into mc
|
2012-02-21 17:33:45 +01:00 |
|
de4dot
|
538e4f738d
|
Fix issue #24. Don't remove decrypter type if there was an error
|
2012-02-21 17:14:02 +01:00 |
|
de4dot
|
e5145fcca9
|
Remove MC type and module refs
|
2012-02-21 12:01:39 +01:00 |
|
de4dot
|
7bc3930df9
|
Decrypt resources
|
2012-02-21 11:51:19 +01:00 |
|
de4dot
|
58a94a8420
|
Decrypt methods protected with older MC version
|
2012-02-21 09:26:05 +01:00 |
|
de4dot
|
eb223537f0
|
Decrypt methods (decryption #1-4, not #5-7)
|
2012-02-20 17:20:29 +01:00 |
|
de4dot
|
b422e08fb1
|
Add lookup() method for ModuleReferences
|
2012-02-20 17:18:22 +01:00 |
|
de4dot
|
8536e211dd
|
Detect MC
|
2012-02-20 04:58:46 +01:00 |
|
de4dot
|
fc497b1688
|
Add MaxtoCode files
|
2012-02-20 03:48:59 +01:00 |
|
de4dot
|
d7afc66c6d
|
Don't remove string decrypter type if there's still code calling it
|
2012-02-19 00:50:08 +01:00 |
|
de4dot
|
e18ff9aea1
|
Don't remove string decrypter types if there was an error decrypting strings
|
2012-02-18 08:08:00 +01:00 |
|
de4dot
|
9e16d9cd40
|
Rename method
|
2012-02-13 11:28:08 +01:00 |
|
de4dot
|
5579323b3e
|
Print warning if I/O exception
|
2012-02-13 11:16:38 +01:00 |
|
de4dot
|
981472cd91
|
Methods should be static and have a body
|
2012-02-13 11:11:08 +01:00 |
|
de4dot
|
a35c765f15
|
Rename method
|
2012-02-13 10:20:11 +01:00 |
|
de4dot
|
179ea6d6fd
|
Only string decrypter method is worth 100 points
|
2012-02-12 16:56:26 +01:00 |
|
de4dot
|
3e3be639e5
|
Move reading variable length int32 code to DeobUtils
|
2012-02-12 16:54:48 +01:00 |
|
de4dot
|
67efd5e7e7
|
Rename namespace to Eazfuscator_NET
|
2012-02-12 16:46:39 +01:00 |
|
de4dot
|
c2d13d9059
|
Remove all invalid methods
|
2012-02-12 16:29:29 +01:00 |
|
de4dot
|
4691c805d8
|
Ignore invalid methods
|
2012-02-12 16:25:12 +01:00 |
|
de4dot
|
46f23ce89d
|
Add InvalidMethodsFinder
|
2012-02-12 16:24:59 +01:00 |
|
de4dot
|
c15773b709
|
Merge branch 'cv' into next_version
Conflicts:
blocks/DotNetUtils.cs
|
2012-02-12 14:47:24 +01:00 |
|
de4dot
|
c73fcfc1d0
|
Remove CV type if it is empty
|
2012-02-12 14:38:42 +01:00 |
|
de4dot
|
5ce1f74263
|
Position has already been set to 0
|
2012-02-12 14:29:11 +01:00 |
|
de4dot
|
037cb5bc68
|
Decrypt the remaining (EREX) resources
|
2012-02-12 14:28:53 +01:00 |
|
de4dot
|
9a6bd53cb9
|
Remove obfuscator obfuscator bundle types
|
2012-02-12 13:38:23 +01:00 |
|
de4dot
|
ded45dcb7a
|
Remove proxy method types and main type
|
2012-02-12 13:00:38 +01:00 |
|
de4dot
|
ff55be46b6
|
Rename getField() to getFieldByName() and add a real getField() method
|
2012-02-12 12:53:36 +01:00 |
|
de4dot
|
8999eb8e0f
|
Remove CV main type methods if < v5.0
|
2012-02-12 12:08:46 +01:00 |
|
de4dot
|
42f66c3948
|
Fix detection; 3.2 doesn't have those extra fields
|
2012-02-12 12:03:55 +01:00 |
|
de4dot
|
d6327b401e
|
Remove all anti-reflection types
|
2012-02-12 11:39:00 +01:00 |
|
de4dot
|
80d338637e
|
Add method to remove classes with no base type
|
2012-02-12 11:35:18 +01:00 |
|
de4dot
|
18cd71ecdc
|
Update detection (v5.0)
|
2012-02-11 23:39:37 +01:00 |
|
de4dot
|
070acc59f1
|
Bail out earlier if not encrypted
|
2012-02-11 23:23:51 +01:00 |
|
de4dot
|
91f7d2cb51
|
Find and remove resource decrypter types
|
2012-02-11 23:23:25 +01:00 |
|
de4dot
|
c18bed7d69
|
Add namespace
|
2012-02-11 23:11:54 +01:00 |
|
de4dot
|
bffbe419d5
|
Add hasInteger() method
|
2012-02-11 23:11:41 +01:00 |
|
de4dot
|
d44db9871e
|
Add log message that we have decrypted a resource
|
2012-02-11 21:51:48 +01:00 |
|
de4dot
|
57b947a3da
|
Add InvalidDataException
|
2012-02-11 21:49:22 +01:00 |
|
de4dot
|
ccd7d2ac79
|
Decrypt .resources files
|
2012-02-11 16:46:39 +01:00 |
|
de4dot
|
e5a72396c2
|
Remove length parameter from xxxteaDecrypt()
|
2012-02-11 16:46:02 +01:00 |
|
de4dot
|
ae97752d9c
|
Set data field to a 1-byte array
|
2012-02-09 10:14:59 +01:00 |
|
de4dot
|
ba399609c7
|
Initialize otherInitMethods in 2nd ctor
|
2012-02-09 10:14:29 +01:00 |
|
de4dot
|
45bf016a2e
|
Rename method
|
2012-02-09 10:14:08 +01:00 |
|
de4dot
|
15713a2b38
|
Check assembly for null (it could be a netmodule)
|
2012-02-08 22:01:10 +01:00 |
|
de4dot
|
d5089fa888
|
Remove kill type in deobfuscateBegin()
|
2012-02-08 19:54:05 +01:00 |
|
de4dot
|
b5c8a89b32
|
Remove init method calls called from .ctors
|
2012-02-08 19:40:17 +01:00 |
|
de4dot
|
a8d6aac306
|
Update detection of tamper detection types when proxy calls are enabled
|
2012-02-08 19:36:58 +01:00 |
|
de4dot
|
04247b5533
|
Remove most calls to main CV type
|
2012-02-08 19:21:00 +01:00 |
|
de4dot
|
c757139357
|
Remove string decrypter type
|
2012-02-08 18:58:06 +01:00 |
|
de4dot
|
98c8ea49e9
|
Remove tamper detection code
|
2012-02-08 18:40:24 +01:00 |
|
de4dot
|
1583552825
|
Make sure rvas list is never null
|
2012-02-08 16:14:07 +01:00 |
|
de4dot
|
780da4a0ad
|
Update detection of encrypted methods data
|
2012-02-08 15:52:39 +01:00 |
|
de4dot
|
fa6b0d4054
|
Move detection of CV main type to its own class
|
2012-02-08 15:40:11 +01:00 |
|
de4dot
|
bb89ce2983
|
Remove method since base class now has the same method
|
2012-02-08 15:19:45 +01:00 |
|
de4dot
|
1e3daf3b45
|
Dump embedded assemblies
|
2012-02-08 12:33:02 +01:00 |
|
de4dot
|
09e840923d
|
Search for sig starting from _stub RVA
|
2012-02-08 09:29:49 +01:00 |
|
de4dot
|
a8d4b38c79
|
Mover version info to a new ObfuscatorVersion enum
|
2012-02-08 08:55:45 +01:00 |
|
de4dot
|
0e89c0fc35
|
Only check Version property if methods decrypter was found
|
2012-02-08 08:50:36 +01:00 |
|
de4dot
|
776fd7f69f
|
Speed up finding V5 methods decrypter type
|
2012-02-07 15:17:41 +01:00 |
|
de4dot
|
1076218a81
|
Detect CV version
|
2012-02-07 15:05:27 +01:00 |
|
de4dot
|
6ab0748bdd
|
Decrypt V5 encrypted methods
|
2012-02-07 14:55:20 +01:00 |
|
de4dot
|
f11c51830f
|
Make sure info is copied
|
2012-02-07 14:53:58 +01:00 |
|
de4dot
|
97d09c4c65
|
Make method accessible by sub classes
|
2012-02-07 14:53:34 +01:00 |
|
de4dot
|
3276f433c9
|
Add code to detect V5 methods decrypter
|
2012-02-07 05:08:02 +01:00 |
|
de4dot
|
0aeee176cc
|
Merge v3-v4 and v5 code
|
2012-02-07 04:45:59 +01:00 |
|
de4dot
|
f1a1188409
|
Add a new ctor to copy values from old instance
|
2012-02-07 04:45:04 +01:00 |
|
de4dot
|
8f9cc6d290
|
Re-use v3-v4 string decrypter
|
2012-02-07 03:03:49 +01:00 |
|
de4dot
|
d512889833
|
Fix 'shadow calls' obfuscation
|
2012-02-07 02:07:31 +01:00 |
|
de4dot
|
c2313110b8
|
Add getDelegateTypes() and fix findProxyCall()
|
2012-02-07 02:02:49 +01:00 |
|
de4dot
|
ad8a5078fe
|
Rename method
|
2012-02-07 00:42:32 +01:00 |
|
de4dot
|
2ccb35afb0
|
Add CV5 files
|
2012-02-06 15:55:35 +01:00 |
|
de4dot
|
26bf21a84e
|
Show obfuscator version
|
2012-02-06 15:55:14 +01:00 |
|
de4dot
|
b39725f12f
|
Remove useless 'using'
|
2012-02-06 15:52:19 +01:00 |
|
de4dot
|
0d6542e383
|
Move v3-v4 code to a sub dir
|
2012-02-06 15:49:27 +01:00 |
|
de4dot
|
da3a28f0a8
|
Move (and rename) XXTEA decrypt func to DeobUtils
|
2012-02-06 08:22:55 +01:00 |
|
de4dot
|
b867301797
|
Update valid name regex
|
2012-02-06 08:20:04 +01:00 |
|
de4dot
|
b3750f9d4c
|
Initialize its token field
|
2012-02-05 23:04:24 +01:00 |
|
de4dot
|
542c6bb213
|
Support 3.2 methods decrypter
|
2012-02-05 22:49:10 +01:00 |
|
de4dot
|
d5c3a6964b
|
Support 4.0 methods decrypter
|
2012-02-05 21:27:36 +01:00 |
|
de4dot
|
1903cf8607
|
KILL type is only worth 10 points
|
2012-02-05 19:01:49 +01:00 |
|
de4dot
|
9e4b29034f
|
Finish getStringDecrypterMethods() method
|
2012-02-05 18:59:29 +01:00 |
|
de4dot
|
191fbb84b0
|
Use new getInitializedUInt32Array() method
|
2012-02-05 18:56:05 +01:00 |
|
de4dot
|
c8c4e3341c
|
Add getInitializedUInt32Array() method
|
2012-02-05 18:55:48 +01:00 |
|
de4dot
|
d6ff8b515d
|
Add string decrypter
|
2012-02-05 18:47:31 +01:00 |
|
de4dot
|
029c049bf6
|
Move readVariableLengthInteger() to DeobUtils
|
2012-02-05 18:46:14 +01:00 |
|
de4dot
|
29c5cfc9c8
|
Don't stop if 2nd instr is also a store
|
2012-02-05 18:45:04 +01:00 |
|
de4dot
|
23c72927b5
|
Add CV and methods decrypter
|
2012-02-05 16:17:47 +01:00 |
|
de4dot
|
84f322dbcf
|
Rename method. Ignore generic methods.
|
2012-02-03 16:21:59 +01:00 |
|
de4dot
|
3caad72275
|
Print new resource name
|
2012-02-03 14:35:42 +01:00 |
|
de4dot
|
ed9addb385
|
Make sure only valid methods are restored
|
2012-02-03 14:24:39 +01:00 |
|
de4dot
|
0cc88ba39f
|
Restore resource names
|
2012-02-03 13:22:37 +01:00 |
|
de4dot
|
ebfb88b6f1
|
Don't try to inline methods without a body or no instrs
|
2012-02-03 11:10:48 +01:00 |
|
de4dot
|
bc6630f760
|
Detect other SN attribute
|
2012-02-03 10:45:31 +01:00 |
|
de4dot
|
022bbe15af
|
Update name regex
|
2012-02-03 10:44:58 +01:00 |
|
de4dot
|
3a49d2a603
|
Remove encrypted strings field type
|
2012-02-03 10:13:41 +01:00 |
|
de4dot
|
33010b65a7
|
Add option to remove namespaces with only one type in it
|
2012-02-03 10:07:44 +01:00 |
|
de4dot
|
1008e91524
|
Don't restore method bodies from outside types
|
2012-02-03 10:05:31 +01:00 |
|
de4dot
|
95b835895b
|
Inline the remaining methods
|
2012-02-03 09:44:35 +01:00 |
|
de4dot
|
c09bbf0d01
|
Restore bodies and update calls to real instance method
|
2012-02-03 09:21:15 +01:00 |
|
de4dot
|
e67ecfdff4
|
Remove the methods types
|
2012-02-03 06:33:54 +01:00 |
|
de4dot
|
9a87a2658f
|
Restore method bodies
|
2012-02-03 04:26:55 +01:00 |
|
de4dot
|
814ca402bf
|
Detect classes created by the obfuscator
|
2012-02-03 03:03:19 +01:00 |
|
de4dot
|
3ce28aebb0
|
Inline methods
|
2012-02-02 10:55:30 +01:00 |
|
de4dot
|
b3f17a27a3
|
Add SN string decrypter
|
2012-02-02 06:56:14 +01:00 |
|
de4dot
|
36b4806858
|
Remove useless code and add getArrays() method
|
2012-02-02 06:54:10 +01:00 |
|
de4dot
|
ce7dc67848
|
Fix Issue #19
|
2012-01-30 09:12:26 +01:00 |
|
de4dot
|
a69b17e06d
|
Support embedded assemblies (Silverlight)
|
2012-01-29 18:30:07 +01:00 |
|
de4dot
|
26a3e14d2c
|
Update fields restorer since 2+ types can share same struct
|
2012-01-29 05:06:21 +01:00 |
|
de4dot
|
55dcb0881d
|
Update code since master was updated
|
2012-01-28 18:40:35 +01:00 |
|
de4dot
|
0f9184e9be
|
Merge branch 'master' into newcode
|
2012-01-28 18:38:09 +01:00 |
|
de4dot
|
915018c2fc
|
Use a better method dictionary
|
2012-01-28 02:54:12 +01:00 |
|
de4dot
|
887ee7c9e8
|
Fix method signature
|
2012-01-27 01:02:17 +01:00 |
|
de4dot
|
247cb2be20
|
Compare ElementType instead of calling verifyType for speed
|
2012-01-26 22:40:19 +01:00 |
|
de4dot
|
66969a4e92
|
Remove old code
|
2012-01-25 06:28:25 +01:00 |
|
de4dot
|
71d18ce688
|
Remove useless cast
|
2012-01-25 06:22:47 +01:00 |
|
de4dot
|
cb791a43ae
|
Compare by reference since both are field defs
|
2012-01-25 06:15:33 +01:00 |
|
de4dot
|
c3b9b840e4
|
Code should return true
|
2012-01-25 05:47:34 +01:00 |
|
de4dot
|
2684ccab93
|
Create a unique metadata token since renamer depends on it
|
2012-01-24 17:51:22 +01:00 |
|
de4dot
|
26b2de90af
|
Fix format string: missing {1}
|
2012-01-24 17:11:45 +01:00 |
|
de4dot
|
e9d7f3dbfb
|
Restore fields
|
2012-01-24 17:10:11 +01:00 |
|
de4dot
|
e00ca9a7d2
|
Merge branch 'master' into newcode
|
2012-01-24 15:15:07 +01:00 |
|
de4dot
|
fb1a45c5a4
|
Create a new unique GUID that depends on the module
|
2012-01-24 15:14:57 +01:00 |
|
de4dot
|
94f3fc9369
|
Lower num required found proxies
|
2012-01-24 14:54:23 +01:00 |
|
de4dot
|
8fbcdeb060
|
Make sure it gets an RVA, and change field type to byte
|
2012-01-24 09:06:54 +01:00 |
|
de4dot
|
5c98e81e78
|
Ignore base64 decode exception
|
2012-01-24 07:39:07 +01:00 |
|
de4dot
|
ab0fa2631e
|
Resource must be returned...
|
2012-01-24 05:25:02 +01:00 |
|
de4dot
|
95462d8dda
|
Dump V4 embedded assemblies
|
2012-01-24 05:08:24 +01:00 |
|
de4dot
|
a80482751d
|
Add extra check to make sure we detect the correct method
|
2012-01-24 04:44:23 +01:00 |
|
de4dot
|
ed00c5f2c5
|
Make sure it is static
|
2012-01-24 04:24:44 +01:00 |
|
de4dot
|
6ceea06f5b
|
Decrypt V4 resources
|
2012-01-24 03:22:59 +01:00 |
|
de4dot
|
2c8e685910
|
Ignore prefixes
|
2012-01-24 02:31:57 +01:00 |
|
de4dot
|
88c8dcbb7a
|
Detect V3.5
|
2012-01-24 01:01:30 +01:00 |
|
de4dot
|
d59fa86515
|
Print DS version
|
2012-01-24 00:41:09 +01:00 |
|
de4dot
|
da0cf08b33
|
Merge branch 'master' into newcode
|
2012-01-23 23:19:59 +01:00 |
|
de4dot
|
613a97906a
|
Make sure method hasn't been removed
|
2012-01-23 23:16:01 +01:00 |
|
de4dot
|
f9ed9e403f
|
Support V4 string decryptor
|
2012-01-23 23:13:04 +01:00 |
|
de4dot
|
4cfa0cf1f3
|
Update detection of methods to inline
|
2012-01-23 23:11:39 +01:00 |
|
de4dot
|
981975b750
|
Make sure we don't dump resource resolver's resource
|
2012-01-22 23:46:32 +01:00 |
|
de4dot
|
0ac8c944e5
|
Add call to stringDecryptersAdded()
|
2012-01-22 20:02:05 +01:00 |
|
de4dot
|
991a5281ab
|
Add DS obfuscator support
|
2012-01-22 19:58:31 +01:00 |
|
de4dot
|
080a11c437
|
Merge branch 'master' into newcode
|
2012-01-22 19:53:27 +01:00 |
|
de4dot
|
5876526151
|
Add getInitializedInt16Array() and stop earlier
|
2012-01-22 19:33:36 +01:00 |
|
de4dot
|
8c645504fe
|
Add method to find resource from strings in code
|
2012-01-22 13:00:17 +01:00 |
|
de4dot
|
bf1843ade4
|
Add an inflate() overload
|
2012-01-22 12:59:51 +01:00 |
|
de4dot
|
7962de961c
|
Add getModuleTypeCctor() method
|
2012-01-22 11:15:14 +01:00 |
|
de4dot
|
fde26c0bd2
|
Split method
|
2012-01-21 22:16:07 +01:00 |
|
de4dot
|
ba04092060
|
Call stringDecryptersAdded() after adding string decrypters
|
2012-01-21 22:15:53 +01:00 |
|
de4dot
|
1371392b4a
|
master was updated
|
2012-01-21 20:33:34 +01:00 |
|
de4dot
|
5a4d41cf45
|
Merge branch 'master' into newcode
|
2012-01-21 20:32:33 +01:00 |
|
de4dot
|
2dadd773ec
|
Use ParameterDefinition.Sequence
|
2012-01-21 20:31:47 +01:00 |
|
de4dot
|
2e605b5117
|
Merge branch 'master' into newcode
|
2012-01-21 14:19:52 +01:00 |
|
de4dot
|
f3f8975f01
|
If instance explicit, 'this' is 1st param
|
2012-01-20 19:30:40 +01:00 |
|
de4dot
|
77f4d9ee0c
|
Derive from ValueInlinerBase
|
2012-01-19 19:23:34 +01:00 |
|
de4dot
|
8c90c7b494
|
master was updated
|
2012-01-19 19:19:08 +01:00 |
|
de4dot
|
68b78b0081
|
Merge branch 'master' into newcode
|
2012-01-19 19:17:55 +01:00 |
|
de4dot
|
7f5401625e
|
Rename classes
|
2012-01-19 19:16:44 +01:00 |
|
de4dot
|
45ff4af573
|
Remove detection of Babel in Unknown obfuscator
|
2012-01-19 05:42:00 +01:00 |
|
de4dot
|
dc042d2f9a
|
Decrypt V2 encrypted strings
|
2012-01-19 05:38:58 +01:00 |
|
de4dot
|
ff6a8d4b6f
|
Dump embedded assemblies before decrypting methods
|
2012-01-18 07:53:06 +01:00 |
|
de4dot
|
49c06dec64
|
Dump embedded assemblies
|
2012-01-18 07:43:03 +01:00 |
|
de4dot
|
6ec1222657
|
Move common code to BabelUtils
|
2012-01-18 07:38:35 +01:00 |
|
de4dot
|
ed31063b1b
|
Merge branch 'master' into newcode
|
2012-01-18 06:15:31 +01:00 |
|
de4dot
|
5cb5f41d4a
|
Support latset version of SA
|
2012-01-17 02:54:48 +01:00 |
|
de4dot
|
6c20e18b4d
|
master was updated so fix code here
|
2012-01-14 12:37:20 +01:00 |
|
de4dot
|
48361ae809
|
Merge branch 'master' into newcode
|
2012-01-14 12:35:11 +01:00 |
|
de4dot
|
5f6841e317
|
Add HasHandlers property to base class
|
2012-01-14 12:34:42 +01:00 |
|
de4dot
|
f19be8019e
|
Don't remove any types/methods/etc if it's an unknown obfuscator
|
2012-01-14 12:27:03 +01:00 |
|
de4dot
|
5e3b4a1414
|
Add some checks
|
2012-01-14 12:19:17 +01:00 |
|
de4dot
|
f0ff8df76a
|
Use the method in InitializedDataCreator
|
2012-01-14 12:16:05 +01:00 |
|
de4dot
|
06e8b9f654
|
Use the new Int32ValueInliner class
|
2012-01-14 12:04:59 +01:00 |
|
de4dot
|
b71e8fdfdc
|
Remove newlines from names when calling the logger
|
2012-01-14 11:59:01 +01:00 |
|
de4dot
|
c069d8005c
|
Use methods in DotNetUtils
|
2012-01-14 11:53:38 +01:00 |
|
de4dot
|
ed918c6993
|
Call Dispose() after decrypting methods
|
2012-01-14 11:46:00 +01:00 |
|
de4dot
|
75c8747a0f
|
Merge branch 'master' into newcode
|
2012-01-14 11:41:20 +01:00 |
|
de4dot
|
7b93497bc6
|
Update detection code
|
2012-01-14 11:39:49 +01:00 |
|
de4dot
|
6b4a462757
|
Support v3.0
|
2012-01-14 10:37:15 +01:00 |
|
de4dot
|
e53f4d043d
|
Proxy calls can be proxied
|
2012-01-13 21:30:49 +01:00 |
|
de4dot
|
948cdb47e3
|
Fix what was updated in master
|
2012-01-13 21:30:29 +01:00 |
|
de4dot
|
c583891151
|
Merge branch 'master' into newcode
|
2012-01-13 21:26:48 +01:00 |
|
de4dot
|
b214eaa3c9
|
Add option to keep deobfuscating deobfuscated calls
|
2012-01-13 21:26:31 +01:00 |
|
de4dot
|
17327902c3
|
Refactor method call inliner code
|
2012-01-11 04:38:02 +01:00 |
|
de4dot
|
dfb2332116
|
Print the version number
|
2012-01-11 02:35:02 +01:00 |
|
de4dot
|
f18ed0d6fe
|
Merge branch 'master' into newcode
|
2012-01-10 19:59:27 +01:00 |
|
de4dot
|
b30ccda1f9
|
Add method to remove the assembly info
|
2012-01-10 02:36:39 +01:00 |
|
de4dot
|
9800f91d12
|
Update copyright years
|
2012-01-09 23:04:52 +01:00 |
|
de4dot
|
0dbe743563
|
Merge branch 'master' into newcode
|
2012-01-09 23:02:58 +01:00 |
|
de4dot
|
0d0a40376d
|
Update copyright years
|
2012-01-09 23:02:47 +01:00 |
|
de4dot
|
edd855ad19
|
Merge branch 'master' into newcode
|
2012-01-09 07:55:09 +01:00 |
|
de4dot
|
665a170b9b
|
Make sure HasFieldRVA flag is set
|
2012-01-09 07:55:01 +01:00 |
|
de4dot
|
c9e5b8e91e
|
Update code to handle v3.5 obfuscated assemblies
|
2012-01-09 05:50:32 +01:00 |
|
de4dot
|
1805022073
|
Merge branch 'master' into newcode
|
2012-01-09 05:30:49 +01:00 |
|
de4dot
|
fd12b92e4b
|
Update detection due to new cflow deob code
|
2012-01-09 03:19:13 +01:00 |
|
de4dot
|
496941258a
|
Support v4.2
|
2012-01-08 21:48:37 +01:00 |
|
de4dot
|
b02cb11a61
|
Merge branch 'master' into newcode
|
2012-01-08 19:09:18 +01:00 |
|
de4dot
|
2f1ec392b9
|
Update detection of offset field
|
2012-01-08 19:08:23 +01:00 |
|
de4dot
|
0398666c93
|
Update detection of <Module> type
|
2012-01-08 18:46:23 +01:00 |
|
de4dot
|
28f8bdcc89
|
Some fixes
|
2012-01-08 18:38:37 +01:00 |
|
de4dot
|
f9592f5fdc
|
Method was renamed in master
|
2012-01-07 20:31:06 +01:00 |
|
de4dot
|
134869db6d
|
Merge branch 'skater' into newcode
Conflicts:
de4dot.cui/Program.cs
|
2012-01-07 20:29:07 +01:00 |
|
de4dot
|
b647a9387b
|
Merge branch 'goliath' into newcode
|
2012-01-07 20:28:10 +01:00 |
|
de4dot
|
44e58066b3
|
Add support for another obfuscator
|
2012-01-07 20:27:07 +01:00 |
|
de4dot
|
03a27110e7
|
Rename method to toInt32()
|
2012-01-07 19:14:15 +01:00 |
|
de4dot
|
a54cfbf996
|
Update detection of string decrypter type
|
2012-01-07 00:04:31 +01:00 |
|
de4dot
|
20222561b3
|
Add System.Object as base type if needed
|
2012-01-03 20:14:28 +01:00 |
|
de4dot
|
9a7d28472d
|
Remove new lines when printing method/type names
|
2012-01-03 19:52:40 +01:00 |
|
de4dot
|
6963e89581
|
Update detection of delegate fields and remove useless method
|
2012-01-03 19:22:45 +01:00 |
|
de4dot
|
d3c801efb6
|
Add code to initialize arrays
|
2012-01-03 15:25:25 +01:00 |
|
de4dot
|
6e80b5bb94
|
Move bool inliner and create some more useful value inliners
|
2012-01-03 10:38:09 +01:00 |
|
de4dot
|
e79ee9832d
|
Add desDecrypt(). Move deflate() to DeobUtils.
|
2012-01-02 22:35:02 +01:00 |
|
de4dot
|
ba43220da2
|
Update code for GO 5.6.0
|
2012-01-02 07:02:43 +01:00 |
|
de4dot
|
b23c35e049
|
Update detection code
|
2012-01-01 18:50:46 +01:00 |
|
de4dot
|
417fe04bba
|
Don't need to detect GO here anymore
|
2012-01-01 18:15:32 +01:00 |
|
de4dot
|
90ebd92333
|
Method was renamed in master
|
2012-01-01 12:11:09 +01:00 |
|
de4dot
|
1b98808558
|
Merge branch 'master' into goliath
|
2011-12-31 16:35:01 +01:00 |
|
de4dot
|
b3a29a7be1
|
Merge branch 'master' into skater
|
2011-12-31 16:34:01 +01:00 |
|
de4dot
|
e744e24a51
|
Use methods dict
|
2011-12-31 16:32:57 +01:00 |
|
de4dot
|
99350b456d
|
Use the methods dict
|
2011-12-31 16:15:38 +01:00 |
|
de4dot
|
cd359243a2
|
Remove unused method
|
2011-12-31 16:00:11 +01:00 |
|
de4dot
|
6b629f20c7
|
Use aesDecrypt() method
|
2011-12-31 15:12:41 +01:00 |
|
de4dot
|
f2115b77bb
|
Merge branch 'master' into goliath
|
2011-12-31 15:07:35 +01:00 |
|
de4dot
|
8df6561061
|
Add Skater .NET support
|
2011-12-31 13:14:02 +01:00 |
|
de4dot
|
eb63c27fc9
|
Add des3Decrypt() method
|
2011-12-31 12:58:32 +01:00 |
|
de4dot
|
1fc70d8d9e
|
Add Goliath.NET obfuscator support
|
2011-12-29 08:26:36 +01:00 |
|
de4dot
|
b52c5f12fe
|
Add InitializedDataCreator field to base class
|
2011-12-29 08:23:46 +01:00 |
|
de4dot
|
b930e8fd97
|
Add InitializedDataCreator class
|
2011-12-29 08:22:41 +01:00 |
|
de4dot
|
3e70d1fa63
|
Use field dict and update code
|
2011-12-28 13:33:10 +01:00 |
|
de4dot
|
8de51ca227
|
Update code that removes methods and types
|
2011-12-28 13:30:44 +01:00 |
|
de4dot
|
ffbceae488
|
Update methods inliner code
|
2011-12-28 13:28:17 +01:00 |
|
de4dot
|
dd588bf9f8
|
Add MethodCollection class
|
2011-12-28 13:26:04 +01:00 |
|
de4dot
|
c14eef2750
|
Update code for SA 1.x-3.x obfuscated assemblies
|
2011-12-26 20:40:18 +01:00 |
|
de4dot
|
f468aebda5
|
Dump resources in applications (library mode)
|
2011-12-26 20:32:42 +01:00 |
|
de4dot
|
0a4fb0619b
|
Move to DNR dir
|
2011-12-26 20:28:48 +01:00 |
|
de4dot
|
ed97f9a826
|
Add getExtension() method
|
2011-12-26 20:27:57 +01:00 |
|
de4dot
|
259ec3455b
|
Rename method
|
2011-12-25 23:10:17 +01:00 |
|
de4dot
|
a0d65b2e86
|
Rename method
|
2011-12-22 23:51:26 +01:00 |
|
de4dot
|
24076419dc
|
Rename method, update code
|
2011-12-22 23:50:33 +01:00 |
|
de4dot
|
63648a9505
|
Update detection of ASN code
|
2011-12-22 19:17:57 +01:00 |
|
de4dot
|
1a1350410a
|
Only call patcher if we need to patch it
|
2011-12-22 19:17:48 +01:00 |
|
de4dot
|
1b32fdd3b6
|
Write warning message if we couldn't unpack it
|
2011-12-22 18:48:24 +01:00 |
|
de4dot
|
c86daacda8
|
Add workaround for DNR patch bug
|
2011-12-22 17:40:21 +01:00 |
|
de4dot
|
a38781c1d0
|
Support SA 1.x-3.x
|
2011-12-22 05:41:28 +01:00 |
|
de4dot
|
222132f43b
|
Remove useless using directive
|
2011-12-22 05:37:29 +01:00 |
|
de4dot
|
7b71a565ec
|
Move method to DotNetUtils
|
2011-12-22 05:37:10 +01:00 |
|
de4dot
|
823d3b07a7
|
Refactor string decrypter
|
2011-12-21 19:22:23 +01:00 |
|
de4dot
|
d24da2f24c
|
Move method to base class
|
2011-12-21 19:21:06 +01:00 |
|
de4dot
|
f87fabd6aa
|
Move DNR v3 and v4 code to a DNR sub dir
|
2011-12-21 18:55:36 +01:00 |
|
de4dot
|
03ff9a61cb
|
Update strings
|
2011-12-21 18:30:37 +01:00 |
|
de4dot
|
a473f9eb02
|
Remove native lib linked resource
|
2011-12-21 18:20:59 +01:00 |
|
de4dot
|
4abe33f729
|
Remove obfuscator init calls from .ctors
|
2011-12-21 18:12:04 +01:00 |
|
de4dot
|
9136e674e5
|
Add anti strong name code
|
2011-12-21 18:04:49 +01:00 |
|
de4dot
|
1fd7319b19
|
Move patcher code to DecrypterType
|
2011-12-21 16:56:12 +01:00 |
|
de4dot
|
1e7dbfad97
|
Refactor
|
2011-12-21 07:13:19 +01:00 |
|
de4dot
|
2a651f5b5e
|
Update code and fix some bugs
|
2011-12-21 06:41:42 +01:00 |
|
de4dot
|
289c11b296
|
Refactor
|
2011-12-21 06:41:06 +01:00 |
|
de4dot
|
795ab8bee1
|
Update detection code
|
2011-12-21 06:40:10 +01:00 |
|
de4dot
|
13b84383f2
|
Update detection code
|
2011-12-21 06:39:56 +01:00 |
|
de4dot
|
74b8299ef2
|
Remove native lib module refs
|
2011-12-21 00:41:09 +01:00 |
|
de4dot
|
c516d61ad7
|
Decrypt library mode files
|
2011-12-21 00:31:27 +01:00 |
|
de4dot
|
15b4cefe89
|
Move method to base class
|
2011-12-21 00:30:17 +01:00 |
|
de4dot
|
0d92b37536
|
Create DNR3 dir
|
2011-12-20 21:47:45 +01:00 |
|
de4dot
|
dd60af245a
|
Unpack DNR 3.x application mode files
|
2011-12-20 20:16:57 +01:00 |
|
de4dot
|
746997dfe3
|
Add DNR 3.x application mode unpacker
|
2011-12-20 20:16:18 +01:00 |
|
de4dot
|
4a0a3fb2fc
|
Add isCompressed() method
|
2011-12-20 20:13:37 +01:00 |
|
de4dot
|
87b4f70de9
|
Add decrypt() method
|
2011-12-20 20:13:08 +01:00 |
|
de4dot
|
4444b143fd
|
Add method to get int32 array
|
2011-12-20 20:12:47 +01:00 |
|
de4dot
|
bc5d829714
|
Also check ldftn opcodes
|
2011-12-19 15:44:23 +01:00 |
|
de4dot
|
d35e92b53c
|
Update field type
|
2011-12-15 16:17:04 +01:00 |
|
de4dot
|
929d943112
|
Update deobfuscator
|
2011-12-15 16:16:21 +01:00 |
|
de4dot
|
00f7b7feda
|
The real Main() may be called from a DNR-created Main() method
|
2011-12-11 11:08:32 +01:00 |
|
de4dot
|
78bb21832e
|
Fix bug by resetting stream offset
|
2011-12-09 23:43:02 +01:00 |
|
de4dot
|
e7ea01f87d
|
Move console code to new de4dot.cui assembly
|
2011-12-09 09:02:06 +01:00 |
|
de4dot
|
0fd4ddf209
|
Change type from ez to ef
|
2011-12-08 09:53:13 +01:00 |
|
de4dot
|
5247927eff
|
Update regex
|
2011-12-08 09:52:23 +01:00 |
|
de4dot
|
b2801872d7
|
Update detection of invalid types when restoring field/method arg types
|
2011-12-04 20:01:02 +01:00 |
|
de4dot
|
973e958ff1
|
Add better check for invalid entries
|
2011-12-02 18:48:01 +01:00 |
|
de4dot
|
160527447c
|
Fix bug in methods decrypter
|
2011-12-02 15:20:27 +01:00 |
|
de4dot
|
b8564335b8
|
Remove stack frame helper code only if the option is enabled
|
2011-12-02 15:20:09 +01:00 |
|
de4dot
|
ec896da8ab
|
Unpack .NET 1.x DNR native images
|
2011-12-01 14:16:23 +01:00 |
|
de4dot
|
3311e28a87
|
Don't re-read native file after unpacking it
|
2011-11-30 20:19:50 +01:00 |
|
de4dot
|
68d962fb6e
|
Return null if inflated data isn't an MZ file
|
2011-11-30 19:10:56 +01:00 |
|
de4dot
|
8637ef5e1a
|
Unpack DNR 4.0-4.4 + .NET 2.0+ native files
|
2011-11-30 19:06:25 +01:00 |
|
de4dot
|
fde811d183
|
Move isCode() to DeobUtils
|
2011-11-30 19:04:49 +01:00 |
|
de4dot
|
b7a44b459d
|
Add code to unpack DNR 4.0/4.1 + .NET 2.0+ native files
|
2011-11-30 18:28:48 +01:00 |
|
de4dot
|
f567e09845
|
Add 'using de4dot.PE'
|
2011-11-30 18:27:01 +01:00 |
|
de4dot
|
28ec2485fc
|
Update code to handle unpacked native images
|
2011-11-30 18:26:36 +01:00 |
|
de4dot
|
98342f2a0c
|
Move read file code to Utils
|
2011-11-30 18:21:01 +01:00 |
|
de4dot
|
4a26534ad0
|
Don't remove proxy delegate types and creator type if errors were detected
|
2011-11-28 11:45:48 +01:00 |
|
de4dot
|
d7c42185a8
|
Update detection of CliSecureRT type
|
2011-11-28 11:25:18 +01:00 |
|
de4dot
|
dab8907f8c
|
Detect EZ version
|
2011-11-27 08:28:17 +01:00 |
|
de4dot
|
a90fd1fa2f
|
Update detection of the empty class
|
2011-11-26 12:34:17 +01:00 |
|
de4dot
|
cec8758ed2
|
Check if there are any refs left to the decrypter type
|
2011-11-26 12:21:18 +01:00 |
|
de4dot
|
df6678626e
|
Print total number of encrypted methods
|
2011-11-26 12:20:04 +01:00 |
|
de4dot
|
0ce27f8a2d
|
Print some info about the encrypted native methods
|
2011-11-25 15:33:13 +01:00 |
|
de4dot
|
51892f62a2
|
Re-encrypt native methods
|
2011-11-25 15:24:12 +01:00 |
|
de4dot
|
07f0376b45
|
Add methods to encrypt resource data, and set new data
|
2011-11-25 15:21:29 +01:00 |
|
de4dot
|
d9a776aa3f
|
Have DeobfuscatorBase implement IWriterListener
|
2011-11-25 15:19:56 +01:00 |
|
de4dot
|
900ec1bf07
|
Add code to dump DNR native methods to a file
|
2011-11-25 15:16:50 +01:00 |
|
de4dot
|
b259991415
|
Some fixes:
- Remove empty class only if methods are inlined
- Don't add .cctor methods to possibly-inlined-methods list
|
2011-11-24 23:58:42 +01:00 |
|
de4dot
|
0516e4540d
|
Remove calls to empty class
|
2011-11-24 10:44:01 +01:00 |
|
de4dot
|
eee2c509be
|
Make sure decrypter type is removed
|
2011-11-24 10:10:39 +01:00 |
|
de4dot
|
17660c225e
|
Update decrypter detection code
|
2011-11-24 10:08:29 +01:00 |
|
de4dot
|
73d1316b2d
|
Add a new random name regex
|
2011-11-24 07:57:31 +01:00 |
|
de4dot
|
3bfb2e7dc7
|
Update DNR detection
|
2011-11-24 07:49:50 +01:00 |
|
de4dot
|
0c4abcc039
|
Update detection of possibly inlined methods
|
2011-11-24 06:48:23 +01:00 |
|
de4dot
|
e68cedd44b
|
Update tamper code
|
2011-11-24 05:25:34 +01:00 |
|
de4dot
|
4a65770c59
|
Check each part of the namespace instead of all of it at once
|
2011-11-23 11:50:34 +01:00 |
|
de4dot
|
80f90d3e6a
|
Update regex
|
2011-11-23 11:32:36 +01:00 |
|
de4dot
|
0c36e74834
|
Add option to disable restoring props/events from method names
|
2011-11-23 05:45:30 +01:00 |
|
de4dot
|
397f5f5b5b
|
Update DNR valid-name-check code
|
2011-11-23 05:28:57 +01:00 |
|
de4dot
|
7dbb0144ca
|
Check for null args
|
2011-11-21 11:03:45 +01:00 |
|
de4dot
|
d014835c7c
|
Add Utils.compareInt32() and use it
|
2011-11-21 10:32:36 +01:00 |
|
de4dot
|
e9e0588cb6
|
Use Utils.StartsWith() since mono's impl is buggy
|
2011-11-17 04:22:12 +01:00 |
|
de4dot
|
195c7194cb
|
Rename types
|
2011-11-17 04:17:03 +01:00 |
|
de4dot
|
d7149abe4e
|
Warn if an unused string decrypter is found
|
2011-11-14 06:21:43 +01:00 |
|
de4dot
|
cf6387a4c1
|
Fix some problems with new assemblies
|
2011-11-12 21:04:24 +01:00 |
|
de4dot
|
c62ca29df5
|
Update code for DNR 4.3+ obfuscated assemblies
|
2011-11-12 16:04:51 +01:00 |
|
de4dot
|
b80024bbc5
|
Find the method in a nested class (DNR 4.3+)
|
2011-11-12 15:22:17 +01:00 |
|
de4dot
|
07826f133e
|
Update names since it's anti strong name code
|
2011-11-12 15:15:47 +01:00 |
|
de4dot
|
7df264d59c
|
Remove tamper detection code
|
2011-11-12 13:31:08 +01:00 |
|
de4dot
|
4b335f9489
|
Add a TypeLong property
|
2011-11-12 11:31:07 +01:00 |
|
de4dot
|
76825d3a9b
|
Encrypted resources aren't always using the public key token
|
2011-11-12 11:19:10 +01:00 |
|
de4dot
|
0318c85a07
|
Convert 'return some_int' native methods to CIL code
|
2011-11-11 20:55:39 +01:00 |
|
de4dot
|
fb4128cbfb
|
Update a few strings
|
2011-11-10 14:48:33 +01:00 |
|
de4dot
|
ff3b1b0ecc
|
Rename random names
|
2011-11-10 00:47:22 +01:00 |
|
de4dot
|
3e803ef6d8
|
Read at most 2MB at a time from files
|
2011-11-10 00:44:37 +01:00 |
|
de4dot
|
c562c335e8
|
Add option to remove namespace if there's only one class in it
|
2011-11-09 12:08:48 +01:00 |
|
de4dot
|
ca232b521a
|
Update regex
|
2011-11-08 22:11:19 +01:00 |
|
de4dot
|
c6bdd51573
|
Rename --dr-dump-embedded -> --dr-embedded
|
2011-11-08 21:43:57 +01:00 |
|
de4dot
|
22739f5cd9
|
Remove decrypter type (all refs to it should be gone now)
|
2011-11-08 21:27:03 +01:00 |
|
de4dot
|
3bfb100fd5
|
Add resource decrypter
|
2011-11-08 19:32:10 +01:00 |
|
de4dot
|
0f627d728c
|
Use new FieldTypes code
|
2011-11-08 19:27:27 +01:00 |
|
de4dot
|
fec1ec7e35
|
Add FieldTypes class and re-use LocalTypes code
|
2011-11-08 19:26:59 +01:00 |
|
de4dot
|
6d1cca149a
|
Only check static methods
|
2011-11-08 11:36:09 +01:00 |
|
de4dot
|
c381423c48
|
Remove metadata token obfuscator type
|
2011-11-08 10:39:35 +01:00 |
|
de4dot
|
4e8f8a295b
|
Remove assembly resolver type only if we're inlining methods
|
2011-11-08 10:37:39 +01:00 |
|
de4dot
|
8c91b56cb5
|
Save embedded assemblies to disk
|
2011-11-08 10:27:18 +01:00 |
|
de4dot
|
5e3beef064
|
Remove unused variable
|
2011-11-08 10:26:27 +01:00 |
|
de4dot
|
7617d92b3b
|
Decrypt methods encrypted with the new methods encrypter
|
2011-11-07 16:16:18 +01:00 |
|
de4dot
|
a94d1406db
|
Rename some fields, and only remove types/etc if users wants it
|
2011-11-06 18:01:37 +01:00 |
|
de4dot
|
045e6ecf73
|
Use better property names
|
2011-11-06 15:24:30 +01:00 |
|
de4dot
|
a4e4a7284e
|
Add Xenocode support (dumped modules only)
|
2011-11-06 14:42:52 +01:00 |
|
de4dot
|
d60ab64c25
|
Move code to read module data to DeobUtils.cs
|
2011-11-06 13:46:50 +01:00 |
|
de4dot
|
f424e8eabf
|
Add static methods decrypter and refactor into multiple classes
|
2011-11-06 12:19:26 +01:00 |
|
de4dot
|
a0509d2735
|
Use the new lookup() method
|
2011-11-06 12:18:35 +01:00 |
|
de4dot
|
bee77cdfe7
|
Make delegateCreatorMethods list protected
|
2011-11-06 12:16:30 +01:00 |
|
de4dot
|
fb2707a49b
|
Add lookup() generic method. Useful when reloading module.
|
2011-11-06 12:16:06 +01:00 |
|
de4dot
|
75a464a7f4
|
Merge branch 'master' into dnr
|
2011-11-05 14:27:40 +01:00 |
|
de4dot
|
198d5c3f74
|
Remove memory manager from Main()
|
2011-11-05 10:10:36 +01:00 |
|
de4dot
|
e01e3c4e7f
|
Update valid name regex
|
2011-11-04 11:01:21 +01:00 |
|
de4dot
|
131a57342d
|
Force field type to same type newobj/newarr calls
|
2011-11-04 08:22:25 +01:00 |
|
de4dot
|
49b2976965
|
Handle call instrs with invalid metadata tokens
|
2011-11-04 07:43:24 +01:00 |
|
de4dot
|
4ce90dbfc0
|
Only print "found native code" warning once
|
2011-11-04 07:37:33 +01:00 |
|
de4dot
|
37f12ba60f
|
Some small updates
|
2011-11-04 07:21:12 +01:00 |
|
de4dot
|
30f713f8f8
|
Rename isDelegateType() -> derivesFromDelegate()
|
2011-11-04 00:39:48 +01:00 |
|
de4dot
|
e1715adb48
|
Update default regex
|
2011-11-04 00:35:07 +01:00 |
|
de4dot
|
c23d770fbc
|
Add special case for delegates
|
2011-11-04 00:09:51 +01:00 |
|
de4dot
|
7a0061e39e
|
Don't save ByRef types, and method call should be getEnd(0)
|
2011-11-03 23:25:07 +01:00 |
|
de4dot
|
17f077e275
|
Update code to handle more cases
|
2011-11-03 23:01:51 +01:00 |
|
de4dot
|
a2ecd85044
|
Deobfuscator type is now 2 chars
|
2011-11-03 20:03:32 +01:00 |
|
de4dot
|
e7c42c6532
|
Print updated types when we're done so everything can be sorted
|
2011-11-03 19:46:29 +01:00 |
|
de4dot
|
c177c2ff42
|
Don't print message since the code is now much faster
|
2011-11-02 02:39:53 +01:00 |
|
de4dot
|
8ff2115083
|
Remove unused methods, and inline method used only by SA code
|
2011-11-02 02:25:45 +01:00 |
|
de4dot
|
1938a1c497
|
Undo what VS did
|
2011-11-01 18:56:44 +01:00 |
|