Upload

Author: void-stack

.idea/.idea.DNR 6.7 Cflow/.idea/.gitignore

@@ -0,0 +1,16 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DNR 6.7 Cflow", "DNR 6.7 Cflow\DNR 6.7 Cflow.csproj", "{F606B3A7-E390-442C-9BF4-8882C6AD4B19}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{F606B3A7-E390-442C-9BF4-8882C6AD4B19}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{F606B3A7-E390-442C-9BF4-8882C6AD4B19}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{F606B3A7-E390-442C-9BF4-8882C6AD4B19}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{F606B3A7-E390-442C-9BF4-8882C6AD4B19}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+EndGlobal

.idea/.idea.DNR 6.7 Cflow/.idea/.name

@@ -0,0 +1,6 @@
+<wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
+	<s:Boolean x:Key="/Default/UserDictionary/Words/=Brfalse/@EntryIndexedValue">True</s:Boolean>
+	<s:Boolean x:Key="/Default/UserDictionary/Words/=Brtrue/@EntryIndexedValue">True</s:Boolean>
+	<s:Boolean x:Key="/Default/UserDictionary/Words/=Cflow/@EntryIndexedValue">True</s:Boolean>
+	<s:Boolean x:Key="/Default/UserDictionary/Words/=Deob/@EntryIndexedValue">True</s:Boolean>
+	<s:Boolean x:Key="/Default/UserDictionary/Words/=nocflow/@EntryIndexedValue">True</s:Boolean></wpf:ResourceDictionary>

.idea/.idea.DNR 6.7 Cflow/.idea/encodings.xml

@@ -0,0 +1,130 @@
+using System.Linq;
+using de4dot.blocks;
+using de4dot.blocks.cflow;
+using dnlib.DotNet;
+using dnlib.DotNet.Emit;
+
+namespace DNR.Core
+{
+    // Credits: https://github.com/SychicBoy/.NetReactorCfCleaner This is just my recoded updated version
+    internal static class CflowRemover
+    {
+        public static uint FixedMethods { get; private set; }
+
+        public static void Execute(Context ctx)
+        {
+            SimplifyArithmetic(ctx);
+
+            var CfDeob = new BlocksCflowDeobfuscator();
+
+            foreach (var TypeDef in ctx.Module.Types.ToArray())
+                foreach (var MethodDef in TypeDef.Methods.Where(x => x.HasBody && ContainsSwitch(x)).ToArray())
+                    try {
+                        var blocks = new Blocks(MethodDef);
+                        blocks.MethodBlocks.GetAllBlocks();
+                        blocks.RemoveDeadBlocks();
+                        blocks.RepartitionBlocks();
+                        blocks.UpdateBlocks();
+                        blocks.Method.Body.SimplifyBranches();
+                        blocks.Method.Body.OptimizeBranches();
+                        CfDeob.Initialize(blocks);
+                        CfDeob.Deobfuscate();
+                        blocks.RepartitionBlocks();
+                        blocks.GetCode(out var instructions, out var exceptionHandlers);
+                        DotNetUtils.RestoreBody(MethodDef, instructions, exceptionHandlers);
+                    }
+                    catch {
+                        // ignored
+                    }
+        }
+
+        private static void SimplifyArithmetic(Context ctx)
+        {
+            var logger = ctx.Options.Logger;
+
+            foreach (var type in ctx.Module.Types)
+            foreach (var method in type.Methods.Where(x =>
+                x.HasBody && x.Body.HasInstructions && x.Body.Instructions.Count >= 3)) {
+                var Instructions = method.Body.Instructions;
+
+                for (var i = 1; i < Instructions.Count; i++) {
+                    if (i + 1 >= Instructions.Count) continue;
+
+                    var prevInstr = Instructions[i - 1];
+                    var curInstr = Instructions[i];
+                    var nextInstr = Instructions[i + 1];
+                    
+                    // Too lazy to strip these two into one function
+                    #region Ldsfld
+                    if (curInstr.OpCode == OpCodes.Brtrue &&
+                        nextInstr.OpCode == OpCodes.Pop &&
+                        prevInstr.OpCode == OpCodes.Ldsfld) {
+                        /*if (prevInstr.Operand.ToString().Contains("System.Boolean")) {
+                            logger.Info($"Brtrue with Boolean: {method.FullName}");
+                            prevInstr.OpCode = OpCodes.Nop;
+                            curInstr.OpCode = OpCodes.Br_S;
+                            FixedMethods++;
+                        }
+                        else*/ {
+                            logger.Info($"Brtrue:  {method.FullName}");
+                            prevInstr.OpCode = OpCodes.Nop;
+                            curInstr.OpCode = OpCodes.Br_S;
+                            FixedMethods++;
+                        }
+                    }
+
+                    else if (curInstr.OpCode == OpCodes.Brfalse &&
+                             nextInstr.OpCode == OpCodes.Pop &&
+                             prevInstr.OpCode == OpCodes.Ldsfld) {
+                        /*if (prevInstr.Operand.ToString().Contains("System.Boolean")) {
+                            logger.Info($"Brfalse with Boolean: {method.FullName}");
+                            prevInstr.OpCode = OpCodes.Nop;
+                            curInstr.OpCode = OpCodes.Br_S;
+                            FixedMethods++;
+                        }
+                        else*/ {
+                            logger.Info($"Brfalse: {method.FullName}");
+                            prevInstr.OpCode = OpCodes.Nop;
+                            curInstr.OpCode = OpCodes.Br_S;
+                            FixedMethods++;
+                        }
+                    }
+                    #endregion
+                    #region Call
+                    if (curInstr.OpCode == OpCodes.Brtrue &&
+                        nextInstr.OpCode == OpCodes.Pop &&
+                        prevInstr.OpCode == OpCodes.Call) {
+                        if (prevInstr.Operand.ToString().Contains("System.Boolean")) {
+                            logger.Info($"Call with Boolean: {method.FullName}");
+                            prevInstr.OpCode = OpCodes.Nop;
+                            curInstr.OpCode = OpCodes.Br_S;
+                        }
+                        else {
+                            logger.Info($"Call:  {method.FullName}");
+                            prevInstr.OpCode = OpCodes.Nop;
+                            curInstr.OpCode = OpCodes.Nop;
+                        }
+                    }
+
+                    else if (curInstr.OpCode == OpCodes.Brfalse &&
+                             nextInstr.OpCode == OpCodes.Pop &&
+                             prevInstr.OpCode == OpCodes.Call) {
+                        if (prevInstr.Operand.ToString().Contains("System.Boolean")) {
+                            logger.Info($"Call with Boolean: {method.FullName}");
+                            prevInstr.OpCode = OpCodes.Nop;
+                            curInstr.OpCode = OpCodes.Nop;
+                        }
+                        else {
+                            logger.Info($"Call: {method.FullName}");
+                            prevInstr.OpCode = OpCodes.Nop;
+                            curInstr.OpCode = OpCodes.Br_S;
+                        }
+                    }
+                    #endregion
+                }
+            }
+        }
+
+        private static bool ContainsSwitch(MethodDef method) => method.Body.Instructions.Any(t => t.OpCode == OpCodes.Switch);
+    }
+}

.idea/.idea.DNR 6.7 Cflow/.idea/indexLayout.xml

@@ -0,0 +1,29 @@
+using dnlib.DotNet;
+using dnlib.DotNet.Writer;
+
+namespace DNR.Core
+{
+    public class Context
+    {
+        public CtxOptions Options { get; }
+        public ModuleDefMD Module { get; }
+
+        public Context(CtxOptions ctxOptions)
+        {
+            Options = ctxOptions;
+            Module = ModuleDefMD.Load(Options.FilePath);
+        }
+
+        public void Save()
+        {
+            var writerOptions = new ModuleWriterOptions(Module) {
+                Logger = DummyLogger.NoThrowInstance,
+                MetadataOptions = {
+                    Flags = MetadataFlags.PreserveAll & MetadataFlags.KeepOldMaxStack
+                }
+            };
+
+            Module.Write(Options.OutputPath, writerOptions);
+        }
+    }
+}

.idea/.idea.DNR 6.7 Cflow/.idea/vcs.xml

@@ -0,0 +1,20 @@
+using System.IO;
+using DNR.Utils;
+
+namespace DNR.Core
+{
+    public class CtxOptions
+    {
+        public CtxOptions(string filePath, ILogger logger)
+        {
+            Logger = logger;
+            FilePath = filePath;
+            OutputPath = Path.Combine(Path.GetDirectoryName(filePath)!,
+                $"{Path.GetFileNameWithoutExtension(filePath)}-nocflow{Path.GetExtension(filePath)}");
+        }
+
+        public ILogger Logger { get; }
+        public string FilePath { get; }
+        public string OutputPath { get; }
+    }
+}