DrakiaXYZ/AssemblyTool
0
0
Fork 0
Code Pull Requests Activity
AssemblyTool/RecodeItLib/Remapper/DeObfuscator.cs

74 lines
2.6 KiB
C#
Raw Normal View History

Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
using dnlib.DotNet;
using dnlib.DotNet.Emit;
Add De-obfuscator
2024-06-22 12:39:10 -04:00
using ReCodeIt.Utils;
using System.Diagnostics;
namespace ReCodeItLib.Remapper;
public static class Deobfuscator
{
public static void Deobfuscate(string assemblyPath)
{
fix pathing
2024-08-09 21:55:31 +01:00
var executablePath = Path.Combine(DataProvider.DataPath, "De4dot", "de4dot.exe");
Add De-obfuscator
2024-06-22 12:39:10 -04:00
string token;
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
ModuleContext modCtx = ModuleDef.CreateModuleContext();
ModuleDefMD module = ModuleDefMD.Load(assemblyPath, modCtx);
var potentialStringDelegates = new List<MethodDef>();
Add De-obfuscator
2024-06-22 12:39:10 -04:00
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
foreach (var type in module.GetTypes())
{
foreach (var method in type.Methods)
Add De-obfuscator
2024-06-22 12:39:10 -04:00
{
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
if (method.ReturnType.FullName != "System.String"
|| method.Parameters.Count != 1
|| method.Parameters[0].Type.FullName != "System.Int32"
|| method.Body == null
|| !method.IsStatic)
Add De-obfuscator
2024-06-22 12:39:10 -04:00
{
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
continue;
}
Add De-obfuscator
2024-06-22 12:39:10 -04:00
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
if (!method.Body.Instructions.Any(x =>
x.OpCode.Code == Code.Callvirt &&
Fix DeObfuscate command InvalidCastException + put de4dot in sub dir of data.
2024-08-09 14:35:18 -04:00
((IMethodDefOrRef)x.Operand).FullName == "System.Object System.AppDomain::GetData(System.String)"))
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
{
continue;
Add De-obfuscator
2024-06-22 12:39:10 -04:00
}
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
potentialStringDelegates.Add(method);
Add De-obfuscator
2024-06-22 12:39:10 -04:00
}
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
}
Add De-obfuscator
2024-06-22 12:39:10 -04:00
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
if (potentialStringDelegates.Count != 1)
{
Logger.Log($"Expected to find 1 potential string delegate method; found {potentialStringDelegates.Count}. Candidates: {string.Join("\r\n", potentialStringDelegates.Select(x => x.FullName))}");
}
Add De-obfuscator
2024-06-22 12:39:10 -04:00
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
var methodDef = potentialStringDelegates[0];
MDToken deobfRid = methodDef.MDToken;
Add De-obfuscator
2024-06-22 12:39:10 -04:00
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
// Construct the token string (similar to Mono.Cecil's format)
token = $"0x{(deobfRid.Raw | deobfRid.Rid):x4}";
Console.WriteLine($"Deobfuscation token: {token}");
Add De-obfuscator
2024-06-22 12:39:10 -04:00
var process = Process.Start(executablePath,
$"--un-name \"!^<>[a-z0-9]$&!^<>[a-z0-9]__.*$&![A-Z][A-Z]\\$<>.*$&^[a-zA-Z_<{{$][a-zA-Z_0-9<>{{}}$.`-]*$\" \"{assemblyPath}\" --strtyp delegate --strtok \"{token}\"");
process.WaitForExit();
// Fixes "ResolutionScope is null" by rewriting the assembly
var cleanedDllPath = Path.Combine(Path.GetDirectoryName(assemblyPath), Path.GetFileNameWithoutExtension(assemblyPath) + "-cleaned.dll");
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
ModuleDefMD assemblyRewrite = null;
Add De-obfuscator
2024-06-22 12:39:10 -04:00
using (var memoryStream = new MemoryStream(File.ReadAllBytes(cleanedDllPath)))
{
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
assemblyRewrite = ModuleDefMD.Load(memoryStream, modCtx);
Add De-obfuscator
2024-06-22 12:39:10 -04:00
}
Dnlib refactor * First compiling build * fix out path * fix hollow * Traditional loops in favor of linq for clarity * Start refactor * Refactor part 2 * Rename variable * Better error reason handling * Clean up enum * Refactor part 3 * Use combo boxes in favor of updowns * Update tooltips * fix is nested tree view display * Capitialization * Refactor part ?? * remove unused methods * Expanded IsNested Check * TypeFilter class + Fix CLI bug * Remove reflection, change IsDerived and IsNested checks * Remove optional out for IsPublic * Remove nullable from IsPublic * fix logger not resetting color * actually fix it... * remove redundant if else on IsPublic check * Add logging to indicate all types have been filtered out * Default IsPublic to true * remove duplicate method call * Refactor logger to be on its own thread * Multithread remapping and grouped logging for threads * 5 more filters * Finish migrating to the new system * bug fixes * Add empty string validation to text fields * re-enable renamer * restore renamer * Multi threaded renaming, still broken * Basis for method renaming * More renamer work, might get a passing build now? * Re-enable publicizer * Rework logging * re-enable mapping updates * fix hollow * Iterate over all types instead of just one to re-link fields * Add reference list command --------- Co-authored-by: clodan <clodan@clodan.com>
2024-06-26 14:45:54 -04:00
assemblyRewrite.Write(cleanedDllPath);
Add De-obfuscator
2024-06-22 12:39:10 -04:00
}
}
Copy Permalink