Example 21 with IMul
use of net.runelite.asm.attributes.code.instructions.IMul in project runelite by runelite.
the class MultiplicationDeobfuscatorTest method test5.
@Test
public void test5() {
ClassGroup group = ClassGroupFactory.generateGroup();
Code code = group.findClass("test").findMethod("func").getCode();
Instructions ins = code.getInstructions();
code.setMaxStack(2);
Instruction[] prepareVariables = { new LDC(ins, 3), new IStore(ins, 0), new LDC(ins, 2), new IStore(ins, 1) };
for (Instruction i : prepareVariables) {
ins.addInstruction(i);
}
LDC constant1 = new LDC(ins, -2079217519), constant2 = new LDC(ins, -2079217519), constant3 = new LDC(ins, 561453169);
Instruction[] body = { new ILoad(ins, 0), constant1, new IMul(ins), new IStore(ins, 2), new ILoad(ins, 2), new ILoad(ins, 1), constant2, new IMul(ins), new IAdd(ins), constant3, new IMul(ins), new VReturn(ins) };
for (Instruction i : body) {
ins.addInstruction(i);
}
Execution e = new Execution(group);
e.populateInitialMethods();
e.run();
assert constant1.getConstantAsInt() * constant3.getConstantAsInt() == 1;
Deobfuscator d = new MultiplicationDeobfuscator();
d.run(group);
Assert.assertEquals(1, constant1.getConstantAsInt());
Assert.assertEquals(1, constant2.getConstantAsInt());
Assert.assertEquals(1, constant3.getConstantAsInt());
}
Also used :
IStore(net.runelite.asm.attributes.code.instructions.IStore)
ILoad(net.runelite.asm.attributes.code.instructions.ILoad)
Instructions(net.runelite.asm.attributes.code.Instructions)
LDC(net.runelite.asm.attributes.code.instructions.LDC)
Instruction(net.runelite.asm.attributes.code.Instruction)
Code(net.runelite.asm.attributes.Code)
VReturn(net.runelite.asm.attributes.code.instructions.VReturn)
Deobfuscator(net.runelite.deob.Deobfuscator)
Execution(net.runelite.asm.execution.Execution)
ClassGroup(net.runelite.asm.ClassGroup)
IMul(net.runelite.asm.attributes.code.instructions.IMul)
IAdd(net.runelite.asm.attributes.code.instructions.IAdd)
Test(org.junit.Test)
Example 22 with IMul
use of net.runelite.asm.attributes.code.instructions.IMul in project runelite by runelite.
the class MultiplyOneDeobfuscatorTest method test.
@Test
public void test() {
ClassGroup group = ClassGroupFactory.generateGroup();
Code code = group.findClass("test").findMethod("func").getCode();
Instructions ins = code.getInstructions();
code.setMaxStack(2);
// vars[0] = 3
Instruction[] prepareVariables = { new LDC(ins, 3), new IStore(ins, 0) };
for (Instruction i : prepareVariables) ins.addInstruction(i);
Label label = new Label(ins), label2 = new Label(ins);
LDC one = new LDC(ins, 1);
IMul mul = new IMul(ins);
Instruction[] body = { new SiPush(ins, (short) 256), new ILoad(ins, 0), new IfEq(ins, label), label, one, label2, mul, new VReturn(ins) };
for (Instruction i : body) ins.addInstruction(i);
// check execution runs ok
Execution e = new Execution(group);
e.populateInitialMethods();
e.run();
Deobfuscator d = new MultiplyOneDeobfuscator(false);
d.run(group);
Assert.assertTrue(one.getInstructions() == null);
Assert.assertTrue(mul.getInstructions() == null);
}
Also used :
SiPush(net.runelite.asm.attributes.code.instructions.SiPush)
IStore(net.runelite.asm.attributes.code.instructions.IStore)
ILoad(net.runelite.asm.attributes.code.instructions.ILoad)
Label(net.runelite.asm.attributes.code.Label)
Instructions(net.runelite.asm.attributes.code.Instructions)
LDC(net.runelite.asm.attributes.code.instructions.LDC)
IfEq(net.runelite.asm.attributes.code.instructions.IfEq)
Instruction(net.runelite.asm.attributes.code.Instruction)
Code(net.runelite.asm.attributes.Code)
VReturn(net.runelite.asm.attributes.code.instructions.VReturn)
Deobfuscator(net.runelite.deob.Deobfuscator)
Execution(net.runelite.asm.execution.Execution)
ClassGroup(net.runelite.asm.ClassGroup)
IMul(net.runelite.asm.attributes.code.instructions.IMul)
Test(org.junit.Test)
Example 23 with IMul
use of net.runelite.asm.attributes.code.instructions.IMul in project runelite by runelite.
the class MultiplyOneDeobfuscatorTest method testDir.
@Test
public void testDir() {
ClassGroup group = ClassGroupFactory.generateGroup();
Code code = group.findClass("test").findMethod("func").getCode();
Instructions ins = code.getInstructions();
code.setMaxStack(2);
// vars[0] = 3
Instruction[] prepareVariables = { new LDC(ins, 3), new IStore(ins, 0) };
for (Instruction i : prepareVariables) ins.addInstruction(i);
Label label = new Label(ins), label2 = new Label(ins);
LDC one = new LDC(ins, 1);
Instruction[] body = { new SiPush(ins, (short) 256), new ILoad(ins, 0), new IfEq(ins, label), new LDC(ins, 2), new Goto(ins, label2), label, one, label2, new IMul(ins), new VReturn(ins) };
for (Instruction i : body) ins.addInstruction(i);
// check execution runs ok
Execution e = new Execution(group);
e.populateInitialMethods();
e.run();
Deobfuscator d = new MultiplyOneDeobfuscator(false);
d.run(group);
Assert.assertTrue(one.getInstructions() != null);
}
Also used :
SiPush(net.runelite.asm.attributes.code.instructions.SiPush)
IStore(net.runelite.asm.attributes.code.instructions.IStore)
Goto(net.runelite.asm.attributes.code.instructions.Goto)
ILoad(net.runelite.asm.attributes.code.instructions.ILoad)
Label(net.runelite.asm.attributes.code.Label)
Instructions(net.runelite.asm.attributes.code.Instructions)
LDC(net.runelite.asm.attributes.code.instructions.LDC)
IfEq(net.runelite.asm.attributes.code.instructions.IfEq)
Instruction(net.runelite.asm.attributes.code.Instruction)
Code(net.runelite.asm.attributes.Code)
VReturn(net.runelite.asm.attributes.code.instructions.VReturn)
Deobfuscator(net.runelite.deob.Deobfuscator)
Execution(net.runelite.asm.execution.Execution)
ClassGroup(net.runelite.asm.ClassGroup)
IMul(net.runelite.asm.attributes.code.instructions.IMul)
Test(org.junit.Test)
Example 24 with IMul
use of net.runelite.asm.attributes.code.instructions.IMul in project runelite by runelite.
the class ModArith method findUses.
// find potential getters/setters for each field
private void findUses(MethodContext mctx) {
for (InstructionContext ctx : mctx.getInstructionContexts()) {
if (ctx.getInstruction() instanceof IMul || ctx.getInstruction() instanceof LMul) {
Instruction one = ctx.getPops().get(0).getPushed().getInstruction();
Instruction two = ctx.getPops().get(1).getPushed().getInstruction();
PushConstantInstruction pc = null;
GetFieldInstruction gf = null;
if (one instanceof PushConstantInstruction && two instanceof GetFieldInstruction) {
pc = (PushConstantInstruction) one;
gf = (GetFieldInstruction) two;
} else if (two instanceof PushConstantInstruction && one instanceof GetFieldInstruction) {
pc = (PushConstantInstruction) two;
gf = (GetFieldInstruction) one;
}
if (pc == null) {
continue;
}
Field field = gf.getMyField();
if (field == null) {
continue;
}
FieldInfo fieldInfo = getFieldInfo(field);
// parse the full multiplication expression to
// get all associated constants
List<InstructionContext> insInExpr = getInsInExpr(ctx, new HashSet(), true);
for (InstructionContext ctx2 : insInExpr) {
if (!(ctx2.getInstruction() instanceof PushConstantInstruction)) {
continue;
}
PushConstantInstruction pci3 = (PushConstantInstruction) ctx2.getInstruction();
Number value = (Number) pci3.getConstant();
// field * constant
if (value instanceof Integer || value instanceof Long) {
fieldInfo.getters.add(value);
}
}
} else if (ctx.getInstruction() instanceof SetFieldInstruction) {
SetFieldInstruction sf = (SetFieldInstruction) ctx.getInstruction();
Field field = sf.getMyField();
if (field == null) {
continue;
}
FieldInfo fieldInfo = getFieldInfo(field);
// value being set
InstructionContext pushedsfi = ctx.getPops().get(0).getPushed();
pushedsfi = pushedsfi.resolve(ctx.getPops().get(0));
if (!(pushedsfi.getInstruction() instanceof IMul) && !(pushedsfi.getInstruction() instanceof LMul) && !(pushedsfi.getInstruction() instanceof IAdd) && !(pushedsfi.getInstruction() instanceof LAdd) && !(pushedsfi.getInstruction() instanceof ISub) && !(pushedsfi.getInstruction() instanceof LSub)) {
if (pushedsfi.getInstruction() instanceof LDC) {
PushConstantInstruction ldc = (PushConstantInstruction) pushedsfi.getInstruction();
if (ldc.getConstant() instanceof Integer || ldc.getConstant() instanceof Long) {
Number i = (Number) ldc.getConstant();
// field = constant
fieldInfo.setters.add(i);
}
}
continue;
}
Instruction one = pushedsfi.getPops().get(0).getPushed().getInstruction();
Instruction two = pushedsfi.getPops().get(1).getPushed().getInstruction();
// field = field + imul
if (pushedsfi.getInstruction() instanceof IAdd) {
if (one instanceof IMul && two instanceof GetFieldInstruction) {
one = pushedsfi.getPops().get(0).getPushed().getPops().get(0).getPushed().getInstruction();
two = pushedsfi.getPops().get(0).getPushed().getPops().get(1).getPushed().getInstruction();
}
}
// if both one and two are constants then one of them must not be a setter
PushConstantInstruction pc = null;
if (one instanceof PushConstantInstruction && !(two instanceof PushConstantInstruction)) {
pc = (PushConstantInstruction) one;
} else if (two instanceof PushConstantInstruction && !(one instanceof PushConstantInstruction)) {
pc = (PushConstantInstruction) two;
}
if (pc == null) {
continue;
}
Number value2 = (Number) pc.getConstant();
// field = something * constant
if (value2 instanceof Integer || value2 instanceof Long) {
fieldInfo.setters.add(value2);
}
}
}
}
Also used :
InstructionContext(net.runelite.asm.execution.InstructionContext)
SetFieldInstruction(net.runelite.asm.attributes.code.instruction.types.SetFieldInstruction)
PushConstantInstruction(net.runelite.asm.attributes.code.instruction.types.PushConstantInstruction)
LDC(net.runelite.asm.attributes.code.instructions.LDC)
DivisionInstruction(net.runelite.asm.attributes.code.instruction.types.DivisionInstruction)
FieldInstruction(net.runelite.asm.attributes.code.instruction.types.FieldInstruction)
PushConstantInstruction(net.runelite.asm.attributes.code.instruction.types.PushConstantInstruction)
ArrayStoreInstruction(net.runelite.asm.attributes.code.instruction.types.ArrayStoreInstruction)
InvokeInstruction(net.runelite.asm.attributes.code.instruction.types.InvokeInstruction)
SetFieldInstruction(net.runelite.asm.attributes.code.instruction.types.SetFieldInstruction)
GetFieldInstruction(net.runelite.asm.attributes.code.instruction.types.GetFieldInstruction)
Instruction(net.runelite.asm.attributes.code.Instruction)
Field(net.runelite.asm.Field)
ISub(net.runelite.asm.attributes.code.instructions.ISub)
LAdd(net.runelite.asm.attributes.code.instructions.LAdd)
LSub(net.runelite.asm.attributes.code.instructions.LSub)
IMul(net.runelite.asm.attributes.code.instructions.IMul)
IAdd(net.runelite.asm.attributes.code.instructions.IAdd)
LMul(net.runelite.asm.attributes.code.instructions.LMul)
GetFieldInstruction(net.runelite.asm.attributes.code.instruction.types.GetFieldInstruction)
HashSet(java.util.HashSet)
Example 25 with IMul
use of net.runelite.asm.attributes.code.instructions.IMul in project runelite by runelite.
the class MultiplyOneDeobfuscator method visit.
private void visit(MethodContext mctx) {
for (InstructionContext ictx : mctx.getInstructionContexts()) {
Instruction instruction = ictx.getInstruction();
if (!(instruction instanceof IMul) && !(instruction instanceof LMul)) {
continue;
}
Instructions ins = ictx.getInstruction().getInstructions();
if (ins == null) {
continue;
}
List<Instruction> ilist = ins.getInstructions();
if (!ilist.contains(ictx.getInstruction())) {
// already done
continue;
}
StackContext one = ictx.getPops().get(0);
StackContext two = ictx.getPops().get(1);
StackContext other = null;
int removeIdx = -1;
if (one.getPushed().getInstruction() instanceof PushConstantInstruction && DMath.equals((Number) ((PushConstantInstruction) one.getPushed().getInstruction()).getConstant(), 1)) {
removeIdx = 0;
other = two;
} else if (two.getPushed().getInstruction() instanceof PushConstantInstruction && DMath.equals((Number) ((PushConstantInstruction) two.getPushed().getInstruction()).getConstant(), 1)) {
removeIdx = 1;
other = one;
}
if (removeIdx == -1) {
continue;
}
if (onlyConstants && !(other.getPushed().getInstruction() instanceof PushConstantInstruction)) {
continue;
}
if (!MultiplicationDeobfuscator.isOnlyPath(ictx, removeIdx == 0 ? one : two)) {
continue;
}
// remove 1
ictx.removeStack(removeIdx);
// remove mul
ins.remove(instruction);
++count;
}
}
Also used :
InstructionContext(net.runelite.asm.execution.InstructionContext)
PushConstantInstruction(net.runelite.asm.attributes.code.instruction.types.PushConstantInstruction)
StackContext(net.runelite.asm.execution.StackContext)
IMul(net.runelite.asm.attributes.code.instructions.IMul)
Instructions(net.runelite.asm.attributes.code.Instructions)
LMul(net.runelite.asm.attributes.code.instructions.LMul)
PushConstantInstruction(net.runelite.asm.attributes.code.instruction.types.PushConstantInstruction)
Instruction(net.runelite.asm.attributes.code.Instruction)
Aggregations
IMul (net.runelite.asm.attributes.code.instructions.IMul)30
Instruction (net.runelite.asm.attributes.code.Instruction)28
Instructions (net.runelite.asm.attributes.code.Instructions)25
LDC (net.runelite.asm.attributes.code.instructions.LDC)23
Code (net.runelite.asm.attributes.Code)21
VReturn (net.runelite.asm.attributes.code.instructions.VReturn)19
ClassGroup (net.runelite.asm.ClassGroup)18
IStore (net.runelite.asm.attributes.code.instructions.IStore)18
Execution (net.runelite.asm.execution.Execution)18
Test (org.junit.Test)18
ILoad (net.runelite.asm.attributes.code.instructions.ILoad)17
Deobfuscator (net.runelite.deob.Deobfuscator)17
LMul (net.runelite.asm.attributes.code.instructions.LMul)9
Label (net.runelite.asm.attributes.code.Label)8
PushConstantInstruction (net.runelite.asm.attributes.code.instruction.types.PushConstantInstruction)7
Dup_X1 (net.runelite.asm.attributes.code.instructions.Dup_X1)7
IAdd (net.runelite.asm.attributes.code.instructions.IAdd)7
Pop (net.runelite.asm.attributes.code.instructions.Pop)7
InstructionContext (net.runelite.asm.execution.InstructionContext)7
Method (net.runelite.asm.Method)5
