Search in sources :

Example 6 with VReturn

use of net.runelite.asm.attributes.code.instructions.VReturn in project runelite by runelite.

the class MultiplicationDeobfuscatorTest method test1.

// aload                 2
// ldc_w                 1587543155
// iload                 4
// imul
// dup_x1
// ldc_w                 -2130376517
// imul
// putfield              class2/field279 I
// ldc_w                 -67313687
// imul
// putstatic             class29/field949 I
@Test
public void test1() {
    ClassGroup group = ClassGroupFactory.generateGroup();
    Code code = group.findClass("test").findMethod("func").getCode();
    Instructions ins = code.getInstructions();
    code.setMaxStack(5);
    // vars[0] = 3
    Instruction[] prepareVariables = { new LDC(ins, 3), new IStore(ins, 0) };
    for (Instruction i : prepareVariables) {
        ins.addInstruction(i);
    }
    LDC constant1 = new LDC(ins, 1587543155), constant2 = new LDC(ins, -2130376517), constant3 = new LDC(ins, -67313687);
    Instruction[] body = { // for dup_x1 to place before this
    new LDC(ins, 0), constant1, new ILoad(ins, 0), new IMul(ins), new Dup_X1(ins), constant2, new IMul(ins), new Pop(ins), new Pop(ins), constant3, new IMul(ins), new Pop(ins), new VReturn(ins) };
    for (Instruction i : body) {
        ins.addInstruction(i);
    }
    // check execution runs ok
    Execution e = new Execution(group);
    e.populateInitialMethods();
    e.run();
    assert constant1.getConstantAsInt() * constant2.getConstantAsInt() == 1;
    assert constant1.getConstantAsInt() * constant3.getConstantAsInt() == -1_095_175_765;
    Deobfuscator d = new MultiplicationDeobfuscator();
    d.run(group);
    Assert.assertEquals(1, constant1.getConstantAsInt());
    Assert.assertEquals(1, constant2.getConstantAsInt());
    Assert.assertEquals(-1_095_175_765, constant3.getConstantAsInt());
}
Also used : IStore(net.runelite.asm.attributes.code.instructions.IStore) ILoad(net.runelite.asm.attributes.code.instructions.ILoad) Instructions(net.runelite.asm.attributes.code.Instructions) LDC(net.runelite.asm.attributes.code.instructions.LDC) Instruction(net.runelite.asm.attributes.code.Instruction) Code(net.runelite.asm.attributes.Code) VReturn(net.runelite.asm.attributes.code.instructions.VReturn) Deobfuscator(net.runelite.deob.Deobfuscator) Pop(net.runelite.asm.attributes.code.instructions.Pop) Execution(net.runelite.asm.execution.Execution) ClassGroup(net.runelite.asm.ClassGroup) Dup_X1(net.runelite.asm.attributes.code.instructions.Dup_X1) IMul(net.runelite.asm.attributes.code.instructions.IMul) Test(org.junit.Test)

Example 7 with VReturn

use of net.runelite.asm.attributes.code.instructions.VReturn in project runelite by runelite.

the class MultiplicationDeobfuscatorTest method test4.

@Test
public void test4() {
    ClassGroup group = ClassGroupFactory.generateGroup();
    Code code = group.findClass("test").findMethod("func").getCode();
    Instructions ins = code.getInstructions();
    code.setMaxStack(2);
    Instruction[] prepareVariables = { new LDC(ins, 3), new IStore(ins, 0) };
    for (Instruction i : prepareVariables) {
        ins.addInstruction(i);
    }
    LDC constant1 = new LDC(ins, 1807370871);
    LDC constant2 = new LDC(ins, 981643079);
    Label label1 = new Label(ins);
    Instruction[] body = { new ILoad(ins, 0), new LDC(ins, 2), new IMul(ins), new LDC(ins, 0), new IfEq(ins, label1), new Pop(ins), new LDC(ins, 3), label1, constant1, new IMul(ins), constant2, new IMul(ins), new VReturn(ins) };
    for (Instruction i : body) {
        ins.addInstruction(i);
    }
    Execution e = new Execution(group);
    e.populateInitialMethods();
    e.run();
    assert constant1.getConstantAsInt() * constant2.getConstantAsInt() == 1;
    Deobfuscator d = new MultiplicationDeobfuscator();
    d.run(group);
    Assert.assertEquals(1, constant1.getConstantAsInt());
    Assert.assertEquals(1, constant2.getConstantAsInt());
}
Also used : IStore(net.runelite.asm.attributes.code.instructions.IStore) ILoad(net.runelite.asm.attributes.code.instructions.ILoad) Label(net.runelite.asm.attributes.code.Label) Instructions(net.runelite.asm.attributes.code.Instructions) LDC(net.runelite.asm.attributes.code.instructions.LDC) IfEq(net.runelite.asm.attributes.code.instructions.IfEq) Instruction(net.runelite.asm.attributes.code.Instruction) Code(net.runelite.asm.attributes.Code) VReturn(net.runelite.asm.attributes.code.instructions.VReturn) Deobfuscator(net.runelite.deob.Deobfuscator) Pop(net.runelite.asm.attributes.code.instructions.Pop) Execution(net.runelite.asm.execution.Execution) ClassGroup(net.runelite.asm.ClassGroup) IMul(net.runelite.asm.attributes.code.instructions.IMul) Test(org.junit.Test)

Example 8 with VReturn

use of net.runelite.asm.attributes.code.instructions.VReturn in project runelite by runelite.

the class MultiplicationDeobfuscatorTest method test13.

// sipush                512
// ldc                   -688421113
// imul
// ldc                   -585812297
// imul
// putstatic             class134/field2009 I
@Test
public void test13() {
    ClassGroup group = ClassGroupFactory.generateGroup();
    Code code = group.findClass("test").findMethod("func").getCode();
    Instructions ins = code.getInstructions();
    code.setMaxStack(2);
    LDC constant1 = new LDC(ins, -688421113);
    LDC constant2 = new LDC(ins, -585812297);
    Instruction[] body = { new SiPush(ins, (short) 512), constant1, new IMul(ins), constant2, new IMul(ins), new VReturn(ins) };
    for (Instruction i : body) {
        ins.addInstruction(i);
    }
    Execution e = new Execution(group);
    e.populateInitialMethods();
    e.run();
    assert constant1.getConstantAsInt() * constant2.getConstantAsInt() == 1;
    Deobfuscator d = new MultiplicationDeobfuscator();
    d.run(group);
    Assert.assertEquals(1, constant1.getConstantAsInt());
    Assert.assertEquals(1, constant2.getConstantAsInt());
}
Also used : SiPush(net.runelite.asm.attributes.code.instructions.SiPush) Execution(net.runelite.asm.execution.Execution) ClassGroup(net.runelite.asm.ClassGroup) IMul(net.runelite.asm.attributes.code.instructions.IMul) Instructions(net.runelite.asm.attributes.code.Instructions) LDC(net.runelite.asm.attributes.code.instructions.LDC) Instruction(net.runelite.asm.attributes.code.Instruction) Code(net.runelite.asm.attributes.Code) VReturn(net.runelite.asm.attributes.code.instructions.VReturn) Deobfuscator(net.runelite.deob.Deobfuscator) Test(org.junit.Test)

Example 9 with VReturn

use of net.runelite.asm.attributes.code.instructions.VReturn in project runelite by runelite.

the class MultiplyOneDeobfuscatorTest method test2.

// iconst_1
// iconst_m1
// iload                 5
// if_icmpeq             LABEL0x56d1
// iload                 5
// iconst_1
// if_icmpne             LABEL0x56e8
// goto                  LABEL0x56d1
// LABEL0x56d1:
// getstatic             class139/field2130 I
// ldc_w                 -1440517609
// imul
// goto                  LABEL0x5708
// LABEL0x56e8:
// getstatic             class139/field2130 I
// ldc_w                 -1440517609
// imul
// getstatic             client/field377 I
// iadd
// iconst_2
// idiv
// LABEL0x5708:
// imul
// putstatic             client/field377 I
// 
// client.field377 = 1 * (-1 != var5 && var5 != 1?(class139.field2130 + client.field377) / 2:class139.field2130);
@Test
public void test2() {
    ClassGroup group = ClassGroupFactory.generateGroup();
    Code code = group.findClass("test").findMethod("func").getCode();
    Instructions ins = code.getInstructions();
    code.setMaxStack(2);
    // vars[0] = 3
    Instruction[] prepareVariables = { new LDC(ins, 3), new IStore(ins, 0), new LDC(ins, 2), new IStore(ins, 1) };
    for (Instruction i : prepareVariables) ins.addInstruction(i);
    Label label = new Label(ins), label2 = new Label(ins), label3 = new Label(ins);
    LDC one = new LDC(ins, 1);
    IMul mul = new IMul(ins);
    Instruction[] body = { one, new LDC(ins, -1), new ILoad(ins, 0), new IfICmpEq(ins, label), new Goto(ins, label2), label, new ILoad(ins, 1), new LDC(ins, -1440517609), new IDiv(ins), new Goto(ins, label3), label2, new ILoad(ins, 1), new LDC(ins, -1440517609), new IDiv(ins), label3, mul, new VReturn(ins) };
    for (Instruction i : body) ins.addInstruction(i);
    // check execution runs ok
    Execution e = new Execution(group);
    e.populateInitialMethods();
    e.run();
    Deobfuscator d = new MultiplyOneDeobfuscator(false);
    d.run(group);
    Assert.assertTrue(one.getInstructions() == null);
    Assert.assertTrue(mul.getInstructions() == null);
}
Also used : IfICmpEq(net.runelite.asm.attributes.code.instructions.IfICmpEq) IStore(net.runelite.asm.attributes.code.instructions.IStore) Goto(net.runelite.asm.attributes.code.instructions.Goto) ILoad(net.runelite.asm.attributes.code.instructions.ILoad) Label(net.runelite.asm.attributes.code.Label) Instructions(net.runelite.asm.attributes.code.Instructions) LDC(net.runelite.asm.attributes.code.instructions.LDC) IDiv(net.runelite.asm.attributes.code.instructions.IDiv) Instruction(net.runelite.asm.attributes.code.Instruction) Code(net.runelite.asm.attributes.Code) VReturn(net.runelite.asm.attributes.code.instructions.VReturn) Deobfuscator(net.runelite.deob.Deobfuscator) Execution(net.runelite.asm.execution.Execution) ClassGroup(net.runelite.asm.ClassGroup) IMul(net.runelite.asm.attributes.code.instructions.IMul) Test(org.junit.Test)

Example 10 with VReturn

use of net.runelite.asm.attributes.code.instructions.VReturn in project runelite by runelite.

the class DupDeobfuscatorTest method test.

@Test
public void test() {
    ClassGroup group = ClassGroupFactory.generateGroup();
    Code code = group.findClass("test").findMethod("func").getCode();
    Instructions ins = code.getInstructions();
    code.setMaxStack(5);
    Instruction[] prepareVariables = { new LDC(ins, 1), new IStore(ins, 0) };
    for (Instruction i : prepareVariables) {
        ins.addInstruction(i);
    }
    LDC constant1 = new LDC(ins, 1129258489), constant2 = new LDC(ins, -1692330935), constant3 = new LDC(ins, 1641298955), constant4 = new LDC(ins, 1043501435);
    Instruction[] body = { // this
    new AConstNull(ins), // this
    new AConstNull(ins), new ILoad(ins, 0), constant1, new IMul(ins), new Dup_X1(ins), constant2, new IMul(ins), // putfield
    new Pop2(ins), constant3, new IMul(ins), constant4, new IMul(ins), // putfield
    new Pop2(ins), new VReturn(ins) };
    for (Instruction i : body) {
        ins.addInstruction(i);
    }
    Execution e = new Execution(group);
    e.populateInitialMethods();
    e.run();
    assert constant1.getConstantAsInt() * constant2.getConstantAsInt() == 1;
    assert constant3.getConstantAsInt() * constant4.getConstantAsInt() * constant1.getConstantAsInt() == 1;
    Deobfuscator d = new DupDeobfuscator();
    d.run(group);
    // assert the dup_x1 was removed
    long dupCount = ins.getInstructions().stream().filter(i -> i instanceof Dup_X1).count();
    Assert.assertEquals(0, dupCount);
}
Also used : Pop2(net.runelite.asm.attributes.code.instructions.Pop2) AConstNull(net.runelite.asm.attributes.code.instructions.AConstNull) GetField(net.runelite.asm.attributes.code.instructions.GetField) IMul(net.runelite.asm.attributes.code.instructions.IMul) Dup(net.runelite.asm.attributes.code.instructions.Dup) Code(net.runelite.asm.attributes.Code) Test(org.junit.Test) Type(net.runelite.asm.Type) Deobfuscator(net.runelite.deob.Deobfuscator) Execution(net.runelite.asm.execution.Execution) ClassGroup(net.runelite.asm.ClassGroup) Class(net.runelite.asm.pool.Class) ClassGroupFactory(net.runelite.deob.ClassGroupFactory) ILoad(net.runelite.asm.attributes.code.instructions.ILoad) LDC(net.runelite.asm.attributes.code.instructions.LDC) IStore(net.runelite.asm.attributes.code.instructions.IStore) VReturn(net.runelite.asm.attributes.code.instructions.VReturn) Instructions(net.runelite.asm.attributes.code.Instructions) Field(net.runelite.asm.pool.Field) IAdd(net.runelite.asm.attributes.code.instructions.IAdd) Instruction(net.runelite.asm.attributes.code.Instruction) Assert(org.junit.Assert) Dup_X1(net.runelite.asm.attributes.code.instructions.Dup_X1) IStore(net.runelite.asm.attributes.code.instructions.IStore) ILoad(net.runelite.asm.attributes.code.instructions.ILoad) Pop2(net.runelite.asm.attributes.code.instructions.Pop2) Instructions(net.runelite.asm.attributes.code.Instructions) LDC(net.runelite.asm.attributes.code.instructions.LDC) AConstNull(net.runelite.asm.attributes.code.instructions.AConstNull) Instruction(net.runelite.asm.attributes.code.Instruction) Code(net.runelite.asm.attributes.Code) VReturn(net.runelite.asm.attributes.code.instructions.VReturn) Deobfuscator(net.runelite.deob.Deobfuscator) Execution(net.runelite.asm.execution.Execution) ClassGroup(net.runelite.asm.ClassGroup) Dup_X1(net.runelite.asm.attributes.code.instructions.Dup_X1) IMul(net.runelite.asm.attributes.code.instructions.IMul) Test(org.junit.Test)

Aggregations

VReturn (net.runelite.asm.attributes.code.instructions.VReturn)31 Code (net.runelite.asm.attributes.Code)30 Instructions (net.runelite.asm.attributes.code.Instructions)30 Instruction (net.runelite.asm.attributes.code.Instruction)28 ClassGroup (net.runelite.asm.ClassGroup)26 LDC (net.runelite.asm.attributes.code.instructions.LDC)26 Test (org.junit.Test)25 IStore (net.runelite.asm.attributes.code.instructions.IStore)23 ILoad (net.runelite.asm.attributes.code.instructions.ILoad)21 IMul (net.runelite.asm.attributes.code.instructions.IMul)19 Execution (net.runelite.asm.execution.Execution)18 Deobfuscator (net.runelite.deob.Deobfuscator)18 Pop (net.runelite.asm.attributes.code.instructions.Pop)11 IAdd (net.runelite.asm.attributes.code.instructions.IAdd)10 Label (net.runelite.asm.attributes.code.Label)9 LDC (net.runelite.asm.attributes.code.InstructionType.LDC)6 Dup_X1 (net.runelite.asm.attributes.code.instructions.Dup_X1)6 AConstNull (net.runelite.asm.attributes.code.instructions.AConstNull)5 IfEq (net.runelite.asm.attributes.code.instructions.IfEq)5 SiPush (net.runelite.asm.attributes.code.instructions.SiPush)5