de4dot
13d5f8e37d
Ignore assemblies that contain native code
2011-11-05 08:04:14 +01:00
de4dot
c66c062753
Fix problem when HasPInvokeInfo == true but PInvokeInfo == null
2011-11-05 07:46:24 +01:00
de4dot
f524989a1e
Re-arrange some code
2011-11-05 07:42:58 +01:00
de4dot
51092fa09a
Add updated cecil submodule
2011-11-05 07:38:12 +01:00
de4dot
2236300943
Update renamer to better rename methods and args
...
Finds InitializeComponent() method and renames it if necessary.
Finds all event handlers and names the args sender and e respectively.
Finds all field event handlers and names them <field>_<event>, eg.
button_Click.
2011-11-04 19:08:23 +01:00
de4dot
7486b73da3
Restore original WinForms class and field names
2011-11-04 15:39:16 +01:00
de4dot
df507526ba
Update renamer code so it's less likely to use an existing name
2011-11-04 13:59:43 +01:00
de4dot
e6a8d50d03
Add updated cecil submodule
2011-11-04 13:58:17 +01:00
de4dot
e01e3c4e7f
Update valid name regex
2011-11-04 11:01:21 +01:00
de4dot
131a57342d
Force field type to same type newobj/newarr calls
2011-11-04 08:22:25 +01:00
de4dot
49b2976965
Handle call instrs with invalid metadata tokens
2011-11-04 07:43:24 +01:00
de4dot
4ce90dbfc0
Only print "found native code" warning once
2011-11-04 07:37:33 +01:00
de4dot
bd3b1e9b20
Check for null before calling unload()
2011-11-04 07:33:14 +01:00
de4dot
37f12ba60f
Some small updates
2011-11-04 07:21:12 +01:00
de4dot
30f713f8f8
Rename isDelegateType() -> derivesFromDelegate()
2011-11-04 00:39:48 +01:00
de4dot
e1715adb48
Update default regex
2011-11-04 00:35:07 +01:00
de4dot
c23d770fbc
Add special case for delegates
2011-11-04 00:09:51 +01:00
de4dot
76241db427
Add isDelegate() method
2011-11-04 00:06:25 +01:00
de4dot
8b0bf54d62
Print <arg_N> if arg N name is empty
2011-11-03 23:32:33 +01:00
de4dot
7a0061e39e
Don't save ByRef types, and method call should be getEnd(0)
2011-11-03 23:25:07 +01:00
de4dot
17f077e275
Update code to handle more cases
2011-11-03 23:01:51 +01:00
de4dot
c1820f1a82
Add method to replace generic params with generic args.
...
The code only handles basic cases, eg. T -> int, but not T[] -> int[].
2011-11-03 22:53:04 +01:00
de4dot
b810292cee
New files' default name is now origname-cleaned.ext
2011-11-03 20:07:50 +01:00
de4dot
a2ecd85044
Deobfuscator type is now 2 chars
2011-11-03 20:03:32 +01:00
de4dot
e7c42c6532
Print updated types when we're done so everything can be sorted
2011-11-03 19:46:29 +01:00
de4dot
42e7583659
Unload loaded modules when renaming is over
2011-11-03 18:55:14 +01:00
de4dot
98cdcf9ca5
Only protect *Invoke methods. Rename and remove a variable
2011-11-03 18:53:58 +01:00
de4dot
555ca393e2
No need to check for typedef since it's checked elsewhere
2011-11-03 18:52:21 +01:00
de4dot
cd7e617ab7
Add updated cecil submodule
2011-11-03 18:51:20 +01:00
de4dot
3dd8649859
Merge branch 'master' into dnr
2011-11-03 07:11:10 +01:00
de4dot
f351a09564
Update symbol renamer to load referenced assemblies.
...
This way it's possible to use a rename-all regex (.*) without renaming
symbols that shouldn't be renamed (eg. methods that are defined in an
interface in a non-deobfuscated module, eg. Dispose()). A warning is
displayed if an assembly can't be loaded.
2011-11-03 06:43:33 +01:00
de4dot
96d086ba2b
Merge branch 'master' into dnr
2011-11-02 05:58:12 +01:00
de4dot
2a967dc699
Call onTypesRenamed() a little later and update throw message with token
2011-11-02 05:57:10 +01:00
de4dot
c918c8e964
Merge branch 'master' into dnr
2011-11-02 04:57:13 +01:00
de4dot
78960c759c
Rebuild dictionaries when types have been renamed
2011-11-02 04:54:54 +01:00
de4dot
b8879e74e6
Merge branch 'master' into dnr
2011-11-02 04:26:12 +01:00
de4dot
ccff408a00
Update code so it can rename duplicate member references
2011-11-02 04:24:22 +01:00
de4dot
8b780a4696
Add ScopeAndTokenKey. Make sure other keys are immutable.
2011-11-02 04:14:59 +01:00
de4dot
3db7a0fedf
Add updates cecil submodule
2011-11-02 02:55:36 +01:00
de4dot
c177c2ff42
Don't print message since the code is now much faster
2011-11-02 02:39:53 +01:00
de4dot
e3b767adcc
Don't create dest dirs if we're just detecting obfuscators
2011-11-02 02:38:20 +01:00
de4dot
2ddf6b00de
Return an empty list instead of null
2011-11-02 02:28:51 +01:00
de4dot
8ff2115083
Remove unused methods, and inline method used only by SA code
2011-11-02 02:25:45 +01:00
de4dot
ade1720d32
Use type cache to look up types (huge speedup in DNR code)
2011-11-02 02:25:07 +01:00
de4dot
f342a481a9
Update Conv_XX emulation. Default case should push unknown int32/64.
2011-11-02 01:19:18 +01:00
de4dot
1938a1c497
Undo what VS did
2011-11-01 18:56:44 +01:00
de4dot
6a07ee5b5e
It's generic code so move it to common parent dir
2011-11-01 18:48:52 +01:00
de4dot
7bdea53134
Check op for null and update detection code
2011-11-01 18:47:26 +01:00
de4dot
6f4447aa98
It's generic code so move it to common parent dir
2011-11-01 18:46:59 +01:00
de4dot
cc8e220281
Also use ldfld/ldflda to detect arg types
2011-11-01 15:53:51 +01:00