Example 1 with Dup
use of net.runelite.asm.attributes.code.instructions.Dup in project runelite by runelite.
the class MaxMemoryTransformer method insert.
private void insert(Instructions ins, int idx) {
Class randomClass = new net.runelite.asm.pool.Class("java/util/Random");
ins.getInstructions().remove(idx);
// pop runtime
ins.getInstructions().add(idx++, new Pop(ins));
ins.getInstructions().add(idx++, new New(ins, randomClass));
ins.getInstructions().add(idx++, new Dup(ins));
// new Random
ins.getInstructions().add(idx++, new InvokeSpecial(ins, new net.runelite.asm.pool.Method(randomClass, "<init>", new Signature("()V"))));
ins.getInstructions().add(idx++, new LDC(ins, 31457280));
// nextInt(31457280)
ins.getInstructions().add(idx++, new InvokeVirtual(ins, new net.runelite.asm.pool.Method(randomClass, "nextInt", new Signature("(I)I"))));
ins.getInstructions().add(idx++, new LDC(ins, 230686720));
// 230686720 + nextInt(31457280)
ins.getInstructions().add(idx++, new IAdd(ins));
ins.getInstructions().add(idx++, new I2L(ins));
}
Also used :
New(net.runelite.asm.attributes.code.instructions.New)
I2L(net.runelite.asm.attributes.code.instructions.I2L)
InvokeSpecial(net.runelite.asm.attributes.code.instructions.InvokeSpecial)
LDC(net.runelite.asm.attributes.code.instructions.LDC)
Method(net.runelite.asm.Method)
Pop(net.runelite.asm.attributes.code.instructions.Pop)
InvokeVirtual(net.runelite.asm.attributes.code.instructions.InvokeVirtual)
Signature(net.runelite.asm.signature.Signature)
Class(net.runelite.asm.pool.Class)
IAdd(net.runelite.asm.attributes.code.instructions.IAdd)
Dup(net.runelite.asm.attributes.code.instructions.Dup)
Example 2 with Dup
use of net.runelite.asm.attributes.code.instructions.Dup in project runelite by runelite.
the class DupDeobfuscator method undup.
private void undup(InstructionContext ictx) {
assert ictx.getInstruction() instanceof Dup;
Instructions instructions = ictx.getInstruction().getInstructions();
StackContext duplicated = ictx.getPops().get(0);
int idx = instructions.getInstructions().indexOf(ictx.getInstruction());
assert idx != -1;
// replace dup with duplicated instructions
instructions.remove(ictx.getInstruction());
// insert copy
copy(duplicated, instructions, idx);
}
Also used :
StackContext(net.runelite.asm.execution.StackContext)
Instructions(net.runelite.asm.attributes.code.Instructions)
Dup(net.runelite.asm.attributes.code.instructions.Dup)
Example 3 with Dup
use of net.runelite.asm.attributes.code.instructions.Dup in project runelite by runelite.
the class InjectConstruct method injectConstruct.
public void injectConstruct(ClassFile targetClass, java.lang.reflect.Method apiMethod) throws InjectionException {
logger.info("Injecting construct for {}", apiMethod);
assert targetClass.findMethod(apiMethod.getName()) == null;
Class<?> typeToConstruct = apiMethod.getReturnType();
ClassFile vanillaClass = inject.findVanillaForInterface(typeToConstruct);
if (vanillaClass == null) {
throw new InjectionException("Unable to find vanilla class which implements interface " + typeToConstruct);
}
Signature sig = inject.javaMethodToSignature(apiMethod);
Signature constructorSig = new Signature.Builder().addArguments(Stream.of(apiMethod.getParameterTypes()).map(arg -> {
ClassFile vanilla = inject.findVanillaForInterface(arg);
if (vanilla != null) {
return new Type("L" + vanilla.getName() + ";");
}
return Inject.classToType(arg);
}).collect(Collectors.toList())).setReturnType(Type.VOID).build();
Method vanillaConstructor = vanillaClass.findMethod("<init>", constructorSig);
if (vanillaConstructor == null) {
throw new InjectionException("Unable to find constructor for " + vanillaClass.getName() + ".<init>" + constructorSig);
}
Method setterMethod = new Method(targetClass, apiMethod.getName(), sig);
setterMethod.setAccessFlags(ACC_PUBLIC);
targetClass.addMethod(setterMethod);
Code code = new Code(setterMethod);
setterMethod.setCode(code);
Instructions instructions = code.getInstructions();
List<Instruction> ins = instructions.getInstructions();
ins.add(new New(instructions, vanillaClass.getPoolClass()));
ins.add(new Dup(instructions));
int idx = 1;
int parameter = 0;
for (Type type : vanillaConstructor.getDescriptor().getArguments()) {
Instruction load = inject.createLoadForTypeIndex(instructions, type, idx);
idx += type.getSize();
ins.add(load);
Type paramType = sig.getTypeOfArg(parameter);
if (!type.equals(paramType)) {
CheckCast checkCast = new CheckCast(instructions);
checkCast.setType(type);
ins.add(checkCast);
}
++parameter;
}
ins.add(new InvokeSpecial(instructions, vanillaConstructor.getPoolMethod()));
ins.add(new Return(instructions));
}
Also used :
New(net.runelite.asm.attributes.code.instructions.New)
ClassFile(net.runelite.asm.ClassFile)
Return(net.runelite.asm.attributes.code.instructions.Return)
InvokeSpecial(net.runelite.asm.attributes.code.instructions.InvokeSpecial)
Instructions(net.runelite.asm.attributes.code.Instructions)
Method(net.runelite.asm.Method)
CheckCast(net.runelite.asm.attributes.code.instructions.CheckCast)
Instruction(net.runelite.asm.attributes.code.Instruction)
Code(net.runelite.asm.attributes.Code)
Type(net.runelite.asm.Type)
Signature(net.runelite.asm.signature.Signature)
Dup(net.runelite.asm.attributes.code.instructions.Dup)
Example 4 with Dup
use of net.runelite.asm.attributes.code.instructions.Dup in project runelite by runelite.
the class DupDeobfuscatorTest method test2.
// 035 aload_0 // this
// 036 dup // this this
// 037 getfield class153/field2097 I // this I
// 038 ldc 830083863
// 039 imul // this I
// 040 ldc 830083863
// 041 iadd // this I
// 042 dup_x1 // I this I
@Test
public void test2() {
ClassGroup group = ClassGroupFactory.generateGroup();
Code code = group.findClass("test").findMethod("func").getCode();
Instructions ins = code.getInstructions();
code.setMaxStack(3);
Instruction[] body = { // this
new AConstNull(ins), // this this
new Dup(ins), new GetField(ins, new Field(new Class("test"), "field", Type.INT)), // this this I I
new LDC(ins, 830083863), // this this I
new IMul(ins), new LDC(ins, 830083863), new IAdd(ins), new Dup_X1(ins), new LDC(ins, 636900519), // pops dup
new IMul(ins), new VReturn(ins) };
for (Instruction i : body) {
ins.addInstruction(i);
}
Execution e = new Execution(group);
e.populateInitialMethods();
e.run();
Deobfuscator d = new DupDeobfuscator();
d.run(group);
// assert the dup wasn't duplicated
long dupCount = ins.getInstructions().stream().filter(i -> i instanceof Dup).count();
Assert.assertEquals(1, dupCount);
// assert the dup_x1 was removed
dupCount = ins.getInstructions().stream().filter(i -> i instanceof Dup_X1).count();
Assert.assertEquals(0, dupCount);
}
Also used :
Pop2(net.runelite.asm.attributes.code.instructions.Pop2)
AConstNull(net.runelite.asm.attributes.code.instructions.AConstNull)
GetField(net.runelite.asm.attributes.code.instructions.GetField)
IMul(net.runelite.asm.attributes.code.instructions.IMul)
Dup(net.runelite.asm.attributes.code.instructions.Dup)
Code(net.runelite.asm.attributes.Code)
Test(org.junit.Test)
Type(net.runelite.asm.Type)
Deobfuscator(net.runelite.deob.Deobfuscator)
Execution(net.runelite.asm.execution.Execution)
ClassGroup(net.runelite.asm.ClassGroup)
Class(net.runelite.asm.pool.Class)
ClassGroupFactory(net.runelite.deob.ClassGroupFactory)
ILoad(net.runelite.asm.attributes.code.instructions.ILoad)
LDC(net.runelite.asm.attributes.code.instructions.LDC)
IStore(net.runelite.asm.attributes.code.instructions.IStore)
VReturn(net.runelite.asm.attributes.code.instructions.VReturn)
Instructions(net.runelite.asm.attributes.code.Instructions)
Field(net.runelite.asm.pool.Field)
IAdd(net.runelite.asm.attributes.code.instructions.IAdd)
Instruction(net.runelite.asm.attributes.code.Instruction)
Assert(org.junit.Assert)
Dup_X1(net.runelite.asm.attributes.code.instructions.Dup_X1)
GetField(net.runelite.asm.attributes.code.instructions.GetField)
Instructions(net.runelite.asm.attributes.code.Instructions)
AConstNull(net.runelite.asm.attributes.code.instructions.AConstNull)
LDC(net.runelite.asm.attributes.code.instructions.LDC)
Instruction(net.runelite.asm.attributes.code.Instruction)
Code(net.runelite.asm.attributes.Code)
VReturn(net.runelite.asm.attributes.code.instructions.VReturn)
Deobfuscator(net.runelite.deob.Deobfuscator)
GetField(net.runelite.asm.attributes.code.instructions.GetField)
Field(net.runelite.asm.pool.Field)
Execution(net.runelite.asm.execution.Execution)
ClassGroup(net.runelite.asm.ClassGroup)
Dup_X1(net.runelite.asm.attributes.code.instructions.Dup_X1)
IMul(net.runelite.asm.attributes.code.instructions.IMul)
Class(net.runelite.asm.pool.Class)
IAdd(net.runelite.asm.attributes.code.instructions.IAdd)
Dup(net.runelite.asm.attributes.code.instructions.Dup)
Test(org.junit.Test)
Example 5 with Dup
use of net.runelite.asm.attributes.code.instructions.Dup in project runelite by runelite.
the class DupDeobfuscator method visit.
private void visit(InstructionContext i) {
if (!(i.getInstruction() instanceof DupInstruction)) {
return;
}
DupInstruction di = (DupInstruction) i.getInstruction();
// stack values being duplicated
List<StackContext> sctxs = di.getDuplicated(i);
for (StackContext sctx : sctxs) {
InstructionContext ic = sctx.getPushed();
if (ic.getInstruction() instanceof IMul) {
if (i.getInstruction() instanceof Dup) {
logger.debug("Dup instruction {} duplicates multiplication result {}", i, ic);
undup(i);
++count;
return;
}
if (i.getInstruction() instanceof Dup_X1) {
logger.debug("Dup_X1 instruction {} duplicates multiplication result {}", i, ic);
undup_x1(i);
++count;
return;
}
logger.warn("Dup instruction {} pops imul", i);
} else if (ic.getInstruction() instanceof LMul) {
if (i.getInstruction() instanceof Dup2_X1) {
logger.debug("Dup_X2 instruction {} duplicates multiplication result {}", i, ic);
undup2_x1(i);
++count;
return;
}
logger.warn("Dup instruction {} pops lmul", i);
}
}
// find if mul pops anything duplicated
sctxs = di.getCopies(i);
for (StackContext sctx : sctxs) {
for (InstructionContext ic : sctx.getPopped()) {
if (ic.getInstruction() instanceof IMul) {
if (i.getInstruction() instanceof Dup) {
logger.debug("imul {} pops dup instruction {}", ic, i);
undup(i);
++count;
return;
}
if (i.getInstruction() instanceof Dup_X1) {
logger.debug("imul {} pops dup x1 instruction {}", ic, i);
undup_x1(i);
++count;
return;
}
logger.warn("imul pops dup instruction {}", i);
} else if (ic.getInstruction() instanceof LMul) {
if (i.getInstruction() instanceof Dup2_X1) {
logger.debug("imul {} pops dup2 x1 instruction {}", ic, i);
undup2_x1(i);
++count;
return;
}
logger.warn("lmul pops dup instruction {}", i);
}
}
}
}
Also used :
InstructionContext(net.runelite.asm.execution.InstructionContext)
Dup2_X1(net.runelite.asm.attributes.code.instructions.Dup2_X1)
StackContext(net.runelite.asm.execution.StackContext)
Dup_X1(net.runelite.asm.attributes.code.instructions.Dup_X1)
DupInstruction(net.runelite.asm.attributes.code.instruction.types.DupInstruction)
IMul(net.runelite.asm.attributes.code.instructions.IMul)
LMul(net.runelite.asm.attributes.code.instructions.LMul)
Dup(net.runelite.asm.attributes.code.instructions.Dup)
Aggregations
Dup (net.runelite.asm.attributes.code.instructions.Dup)6
Instructions (net.runelite.asm.attributes.code.Instructions)4
Method (net.runelite.asm.Method)3
Type (net.runelite.asm.Type)3
Instruction (net.runelite.asm.attributes.code.Instruction)3
IMul (net.runelite.asm.attributes.code.instructions.IMul)3
StackContext (net.runelite.asm.execution.StackContext)3
ClassFile (net.runelite.asm.ClassFile)2
Code (net.runelite.asm.attributes.Code)2
Dup_X1 (net.runelite.asm.attributes.code.instructions.Dup_X1)2
GetField (net.runelite.asm.attributes.code.instructions.GetField)2
IAdd (net.runelite.asm.attributes.code.instructions.IAdd)2
ILoad (net.runelite.asm.attributes.code.instructions.ILoad)2
IStore (net.runelite.asm.attributes.code.instructions.IStore)2
InvokeSpecial (net.runelite.asm.attributes.code.instructions.InvokeSpecial)2
LDC (net.runelite.asm.attributes.code.instructions.LDC)2
New (net.runelite.asm.attributes.code.instructions.New)2
Execution (net.runelite.asm.execution.Execution)2
InstructionContext (net.runelite.asm.execution.InstructionContext)2
Class (net.runelite.asm.pool.Class)2
