Examples with Dup_X1 - net.runelite.asm.attributes.code.instructions.Dup_X1

Example 6 with Dup_X1

use of net.runelite.asm.attributes.code.instructions.Dup_X1 in project runelite by runelite.

the class MultiplicationDeobfuscatorTest method test2.

// aload_0
// dup
// getfield              class118/field2201 I
// ldc_w                 -2079217519
// imul
// ldc                   -2079217519
// iadd
// dup_x1
// ldc_w                 561453169
// imul
// putfield              class118/field2201 I
// ldc                   561453169
// imul
@Test
public void test2() {
    ClassGroup group = ClassGroupFactory.generateGroup();
    Code code = group.findClass("test").findMethod("func").getCode();
    Instructions ins = code.getInstructions();
    code.setMaxStack(4);
    // vars[0] = 3
    Instruction[] prepareVariables = { new LDC(ins, 3), new IStore(ins, 0) };
    for (Instruction i : prepareVariables) {
        ins.addInstruction(i);
    }
    LDC constant1 = new LDC(ins, -2079217519), constant2 = new LDC(ins, -2079217519), constant3 = new LDC(ins, 561453169), constant4 = new LDC(ins, 561453169);
    Instruction[] body = { // for dup_x1 to place before this
    new LDC(ins, 0), new ILoad(ins, 0), constant1, new IMul(ins), constant2, new IAdd(ins), // result, 0, result
    new Dup_X1(ins), constant3, new IMul(ins), new Pop(ins), new Pop(ins), constant4, new IMul(ins), new VReturn(ins) };
    for (Instruction i : body) {
        ins.addInstruction(i);
    }
    Execution e = new Execution(group);
    e.populateInitialMethods();
    e.run();
    assert constant1.getConstantAsInt() * constant3.getConstantAsInt() == 1;
    assert constant2.getConstantAsInt() * constant4.getConstantAsInt() == 1;
    Deobfuscator d = new MultiplicationDeobfuscator();
    d.run(group);
    Assert.assertEquals(1, constant1.getConstantAsInt());
    Assert.assertEquals(1, constant2.getConstantAsInt());
    Assert.assertEquals(1, constant3.getConstantAsInt());
    Assert.assertEquals(1, constant4.getConstantAsInt());
}

Also used : IStore(net.runelite.asm.attributes.code.instructions.IStore) ILoad(net.runelite.asm.attributes.code.instructions.ILoad) Instructions(net.runelite.asm.attributes.code.Instructions) LDC(net.runelite.asm.attributes.code.instructions.LDC) Instruction(net.runelite.asm.attributes.code.Instruction) Code(net.runelite.asm.attributes.Code) VReturn(net.runelite.asm.attributes.code.instructions.VReturn) Deobfuscator(net.runelite.deob.Deobfuscator) Pop(net.runelite.asm.attributes.code.instructions.Pop) Execution(net.runelite.asm.execution.Execution) ClassGroup(net.runelite.asm.ClassGroup) Dup_X1(net.runelite.asm.attributes.code.instructions.Dup_X1) IMul(net.runelite.asm.attributes.code.instructions.IMul) IAdd(net.runelite.asm.attributes.code.instructions.IAdd) Test(org.junit.Test)

Example 7 with Dup_X1

use of net.runelite.asm.attributes.code.instructions.Dup_X1 in project runelite by runelite.

the class MultiplicationDeobfuscatorTest method test11.

// 020   aload_0
// 021   aload_0
// 022   iload_1
// 023   ldc                   1129258489
// 024   imul
// 025   dup_x1
// 026   ldc                   -1692330935
// 027   imul
// 028   putfield              class81/field1351 I
// 029   ldc                   1641298955
// 030   imul                                         // this pops other side of dup_x1
// 031   ldc                   1043501435
// 032   imul
// 033   putfield              class81/field1326 I
@Test
public void test11() {
    ClassGroup group = ClassGroupFactory.generateGroup();
    Code code = group.findClass("test").findMethod("func").getCode();
    Instructions ins = code.getInstructions();
    code.setMaxStack(5);
    Instruction[] prepareVariables = { new LDC(ins, 1), new IStore(ins, 0) };
    for (Instruction i : prepareVariables) {
        ins.addInstruction(i);
    }
    LDC constant1 = new LDC(ins, 1129258489), constant2 = new LDC(ins, -1692330935), constant3 = new LDC(ins, 1641298955), constant4 = new LDC(ins, 1043501435);
    Instruction[] body = { // this
    new AConstNull(ins), // this
    new AConstNull(ins), new ILoad(ins, 0), constant1, new IMul(ins), new Dup_X1(ins), constant2, new IMul(ins), // putfield
    new Pop2(ins), constant3, new IMul(ins), constant4, new IMul(ins), // putfield
    new Pop2(ins), new VReturn(ins) };
    for (Instruction i : body) {
        ins.addInstruction(i);
    }
    Execution e = new Execution(group);
    e.populateInitialMethods();
    e.run();
    assert constant1.getConstantAsInt() * constant2.getConstantAsInt() == 1;
    assert constant3.getConstantAsInt() * constant4.getConstantAsInt() * constant1.getConstantAsInt() == 1;
    ;
    Deobfuscator d = new MultiplicationDeobfuscator();
    d.run(group);
    Assert.assertEquals(1, constant1.getConstantAsInt());
    Assert.assertEquals(1, constant2.getConstantAsInt());
    Assert.assertEquals(1, constant3.getConstantAsInt());
    Assert.assertEquals(1, constant4.getConstantAsInt());
}

Also used : IStore(net.runelite.asm.attributes.code.instructions.IStore) ILoad(net.runelite.asm.attributes.code.instructions.ILoad) Pop2(net.runelite.asm.attributes.code.instructions.Pop2) Instructions(net.runelite.asm.attributes.code.Instructions) LDC(net.runelite.asm.attributes.code.instructions.LDC) AConstNull(net.runelite.asm.attributes.code.instructions.AConstNull) Instruction(net.runelite.asm.attributes.code.Instruction) Code(net.runelite.asm.attributes.Code) VReturn(net.runelite.asm.attributes.code.instructions.VReturn) Deobfuscator(net.runelite.deob.Deobfuscator) Execution(net.runelite.asm.execution.Execution) ClassGroup(net.runelite.asm.ClassGroup) Dup_X1(net.runelite.asm.attributes.code.instructions.Dup_X1) IMul(net.runelite.asm.attributes.code.instructions.IMul) Test(org.junit.Test)

Example 8 with Dup_X1

use of net.runelite.asm.attributes.code.instructions.Dup_X1 in project runelite by runelite.

the class DupDeobfuscator method visit.

private void visit(InstructionContext i) {
    if (!(i.getInstruction() instanceof DupInstruction)) {
        return;
    }
    DupInstruction di = (DupInstruction) i.getInstruction();
    // stack values being duplicated
    List<StackContext> sctxs = di.getDuplicated(i);
    for (StackContext sctx : sctxs) {
        InstructionContext ic = sctx.getPushed();
        if (ic.getInstruction() instanceof IMul) {
            if (i.getInstruction() instanceof Dup) {
                logger.debug("Dup instruction {} duplicates multiplication result {}", i, ic);
                undup(i);
                ++count;
                return;
            }
            if (i.getInstruction() instanceof Dup_X1) {
                logger.debug("Dup_X1 instruction {} duplicates multiplication result {}", i, ic);
                undup_x1(i);
                ++count;
                return;
            }
            logger.warn("Dup instruction {} pops imul", i);
        } else if (ic.getInstruction() instanceof LMul) {
            if (i.getInstruction() instanceof Dup2_X1) {
                logger.debug("Dup_X2 instruction {} duplicates multiplication result {}", i, ic);
                undup2_x1(i);
                ++count;
                return;
            }
            logger.warn("Dup instruction {} pops lmul", i);
        }
    }
    // find if mul pops anything duplicated
    sctxs = di.getCopies(i);
    for (StackContext sctx : sctxs) {
        for (InstructionContext ic : sctx.getPopped()) {
            if (ic.getInstruction() instanceof IMul) {
                if (i.getInstruction() instanceof Dup) {
                    logger.debug("imul {} pops dup instruction {}", ic, i);
                    undup(i);
                    ++count;
                    return;
                }
                if (i.getInstruction() instanceof Dup_X1) {
                    logger.debug("imul {} pops dup x1 instruction {}", ic, i);
                    undup_x1(i);
                    ++count;
                    return;
                }
                logger.warn("imul pops dup instruction {}", i);
            } else if (ic.getInstruction() instanceof LMul) {
                if (i.getInstruction() instanceof Dup2_X1) {
                    logger.debug("imul {} pops dup2 x1 instruction {}", ic, i);
                    undup2_x1(i);
                    ++count;
                    return;
                }
                logger.warn("lmul pops dup instruction {}", i);
            }
        }
    }
}

Also used : InstructionContext(net.runelite.asm.execution.InstructionContext) Dup2_X1(net.runelite.asm.attributes.code.instructions.Dup2_X1) StackContext(net.runelite.asm.execution.StackContext) Dup_X1(net.runelite.asm.attributes.code.instructions.Dup_X1) DupInstruction(net.runelite.asm.attributes.code.instruction.types.DupInstruction) IMul(net.runelite.asm.attributes.code.instructions.IMul) LMul(net.runelite.asm.attributes.code.instructions.LMul) Dup(net.runelite.asm.attributes.code.instructions.Dup)

Aggregations

Dup_X1 (net.runelite.asm.attributes.code.instructions.Dup_X1)8 Instructions (net.runelite.asm.attributes.code.Instructions)7 IMul (net.runelite.asm.attributes.code.instructions.IMul)7 ClassGroup (net.runelite.asm.ClassGroup)6 Code (net.runelite.asm.attributes.Code)6 Instruction (net.runelite.asm.attributes.code.Instruction)6 ILoad (net.runelite.asm.attributes.code.instructions.ILoad)6 IStore (net.runelite.asm.attributes.code.instructions.IStore)6 LDC (net.runelite.asm.attributes.code.instructions.LDC)6 VReturn (net.runelite.asm.attributes.code.instructions.VReturn)6 Execution (net.runelite.asm.execution.Execution)6 Deobfuscator (net.runelite.deob.Deobfuscator)6 Test (org.junit.Test)6 AConstNull (net.runelite.asm.attributes.code.instructions.AConstNull)3 Dup (net.runelite.asm.attributes.code.instructions.Dup)3 IAdd (net.runelite.asm.attributes.code.instructions.IAdd)3 Pop (net.runelite.asm.attributes.code.instructions.Pop)3 Pop2 (net.runelite.asm.attributes.code.instructions.Pop2)3 Type (net.runelite.asm.Type)2 GetField (net.runelite.asm.attributes.code.instructions.GetField)2