Example 1 with FieldLoadExpr
use of org.mapleir.ir.code.expr.FieldLoadExpr in project maple-ir by LLVM-but-worse.
the class LatestValue method makeConstraints.
public void makeConstraints(Expr e) {
for (Expr s : e.enumerateWithSelf()) {
int op = s.getOpcode();
if (op == Opcode.FIELD_LOAD) {
FieldConstraint c = new FieldConstraint((FieldLoadExpr) s);
constraints.add(c);
} else if (ConstraintUtil.isInvoke(op)) {
constraints.add(new InvokeConstraint());
} else if (op == Opcode.ARRAY_LOAD) {
constraints.add(new ArrayConstraint());
}
}
}
Also used :
VarExpr(org.mapleir.ir.code.expr.VarExpr)
Expr(org.mapleir.ir.code.Expr)
FieldLoadExpr(org.mapleir.ir.code.expr.FieldLoadExpr)
Example 2 with FieldLoadExpr
use of org.mapleir.ir.code.expr.FieldLoadExpr in project maple-ir by LLVM-but-worse.
the class FieldRSADecryptionPass method transform.
private void transform(AnalysisContext cxt) {
for (ClassNode cn : cxt.getApplication().iterate()) {
for (MethodNode m : cn.methods) {
ControlFlowGraph cfg = cxt.getIRCache().getFor(m);
for (BasicBlock b : cfg.vertices()) {
for (Stmt stmt : b) {
// String fsKey = "";
if (stmt.getOpcode() == Opcode.FIELD_STORE) {
FieldStoreStmt fs = (FieldStoreStmt) stmt;
// [enc, dec]
Number[] p = pairs.get(key(fs));
if (p != null) {
Expr e = fs.getValueExpression();
e.unlink();
ArithmeticExpr ae = new ArithmeticExpr(new ConstantExpr(p[1], ConstantExpr.computeType(p[1])), e, Operator.MUL);
fs.setValueExpression(ae);
// fsKey = key(fs);
}
}
for (Expr e : stmt.enumerateOnlyChildren()) {
if (e.getOpcode() == FIELD_LOAD) {
CodeUnit par = e.getParent();
FieldLoadExpr fl = (FieldLoadExpr) e;
// [enc, dec]
Number[] p = pairs.get(key(fl));
if (p == null) {
continue;
}
if (par.getOpcode() == ARITHMETIC) {
ArithmeticExpr ae = (ArithmeticExpr) par;
if (ae.getRight().getOpcode() == CONST_LOAD) {
ConstantExpr ce = (ConstantExpr) ae.getRight();
Number cst = (Number) ce.getConstant();
Number res = __mul(cst, p[0], p[0].getClass().equals(Long.class));
// if(!__eq(res, 1, p[0].getClass().equals(Long.class))) {
// System.out.println(cst + " -> " + res);
// System.out.println(" expr: " + fl.getRootParent());
// }
par.overwrite(new ConstantExpr(res, ConstantExpr.computeType(res)), par.indexOf(ce));
continue;
}
}
ArithmeticExpr ae = new ArithmeticExpr(new ConstantExpr(p[0], ConstantExpr.computeType(p[0])), fl.copy(), Operator.MUL);
par.overwrite(ae, par.indexOf(fl));
}
}
}
}
}
}
// for(ClassNode cn : cxt.getClassTree().getClasses().values()) {
// for(MethodNode m : cn.methods) {
// ControlFlowGraph cfg = cxt.getCFGS().getIR(m);
//
// for(BasicBlock b : cfg.vertices()) {
// for(Stmt stmt : b) {
// for(Expr e : stmt.enumerateOnlyChildren()) {
// if(e.getOpcode() == Opcode.ARITHMETIC) {
// ArithmeticExpr ae = (ArithmeticExpr) e;
// if(ae.getRight().getOpcode() == Opcode.CONST_LOAD) {
// ConstantExpr c = (ConstantExpr) ae.getRight();
// Object o = c.getConstant();
//
// if(o instanceof Long || o instanceof Integer) {
// Number n = (Number) o;
// if(__eq(n, 1, ae.getType().equals(Type.LONG_TYPE))) {
// Expr l = ae.getLeft();
// l.unlink();
//
// CodeUnit aePar = ae.getParent();
// aePar.overwrite(l, aePar.indexOf(ae));
// } else if(__eq(n, 0, ae.getType().equals(Type.LONG_TYPE))) {
// c.unlink();
//
// CodeUnit aePar = ae.getParent();
// aePar.overwrite(c, aePar.indexOf(ae));
// }
// }
// }
// }
// }
// }
// }
// }
// }
}
Also used :
FieldStoreStmt(org.mapleir.ir.code.stmt.FieldStoreStmt)
ClassNode(org.objectweb.asm.tree.ClassNode)
FieldLoadExpr(org.mapleir.ir.code.expr.FieldLoadExpr)
BasicBlock(org.mapleir.ir.cfg.BasicBlock)
ConstantExpr(org.mapleir.ir.code.expr.ConstantExpr)
FieldStoreStmt(org.mapleir.ir.code.stmt.FieldStoreStmt)
Stmt(org.mapleir.ir.code.Stmt)
CodeUnit(org.mapleir.ir.code.CodeUnit)
MethodNode(org.objectweb.asm.tree.MethodNode)
ConstantExpr(org.mapleir.ir.code.expr.ConstantExpr)
ArithmeticExpr(org.mapleir.ir.code.expr.ArithmeticExpr)
Expr(org.mapleir.ir.code.Expr)
FieldLoadExpr(org.mapleir.ir.code.expr.FieldLoadExpr)
ArithmeticExpr(org.mapleir.ir.code.expr.ArithmeticExpr)
ControlFlowGraph(org.mapleir.ir.cfg.ControlFlowGraph)
Example 3 with FieldLoadExpr
use of org.mapleir.ir.code.expr.FieldLoadExpr in project maple-ir by LLVM-but-worse.
the class FieldRSADecryptionPass method accept.
@Override
public int accept(AnalysisContext cxt, IPass prev, List<IPass> completed) {
this.cxt = cxt;
for (MethodNode m : cxt.getIRCache().getActiveMethods()) {
ControlFlowGraph cfg = cxt.getIRCache().getFor(m);
for (BasicBlock b : cfg.vertices()) {
for (Stmt stmt : b) {
for (Expr c : stmt.enumerateOnlyChildren()) {
if (c.getOpcode() == ARITHMETIC) {
ArithmeticExpr arith = (ArithmeticExpr) c;
if (arith.getOperator() == Operator.MUL) {
Expr l = arith.getLeft();
Expr r = arith.getRight();
if (r.getOpcode() == CONST_LOAD && l.getOpcode() == FIELD_LOAD) {
FieldLoadExpr fle = (FieldLoadExpr) l;
ConstantExpr constt = (ConstantExpr) r;
Number n = (Number) constt.getConstant();
boolean isLong = (n instanceof Long);
if (__eq(n, 1, isLong) || __eq(n, 0, isLong)) {
continue;
}
if (n instanceof Integer || n instanceof Long) {
cdecs.getNonNull(key(fle)).add(n);
}
}
}
}
}
if (stmt.getOpcode() == FIELD_STORE) {
FieldStoreStmt fss = (FieldStoreStmt) stmt;
Expr val = fss.getValueExpression();
if (bcheck1(val)) {
if (val.getOpcode() == CONST_LOAD) {
ConstantExpr c = (ConstantExpr) val;
if (c.getConstant() instanceof Integer || c.getConstant() instanceof Long) {
Number n = (Number) c.getConstant();
if (large(n, c.getConstant() instanceof Long)) {
cencs.getNonNull(key(fss)).add(n);
}
}
}
continue;
}
ArithmeticExpr ar = (ArithmeticExpr) val;
if (ar.getRight().getOpcode() == CONST_LOAD) {
ConstantExpr c = (ConstantExpr) ar.getRight();
Number n = (Number) c.getConstant();
boolean isLong = c.getConstant() instanceof Long;
if (__eq(n, 1, isLong) || __eq(n, 0, isLong)) {
continue;
}
if (ar.getOperator() == Operator.ADD) {
if (!large(n, isLong)) {
continue;
}
}
cencs.getNonNull(key(fss)).add(n);
}
}
}
for (Stmt stmt : b) {
if (stmt.getOpcode() == FIELD_STORE) {
if (key((FieldStoreStmt) stmt).equals("co.k I")) {
// System.out.println("HERE1: " + stmt);
//
// System.out.println(cfg);
}
handleFss((FieldStoreStmt) stmt);
}
for (Expr e : stmt.enumerateOnlyChildren()) {
if (e.getOpcode() == FIELD_LOAD) {
if (key((FieldLoadExpr) e).equals("co.k I")) {
// System.out.println("HERE2: " + stmt);
}
handleFle(stmt, (FieldLoadExpr) e);
}
}
}
}
}
Set<String> keys = new HashSet<>();
keys.addAll(cencs.keySet());
keys.addAll(cdecs.keySet());
for (String k : keys) {
boolean _longint = k.endsWith("J");
Set<Number> encs = cencs.getNonNull(k);
Set<Number> decs = cdecs.getNonNull(k);
try {
Number[] pair = get_pair(encs, decs, constants.getNonNull(k), _longint);
if (pair.length != 2) {
Set<Number> extended = new HashSet<>(constants.getNonNull(k));
extended.addAll(dangerConstants.getNonNull(k));
pair = get_pair(encs, decs, extended, _longint);
}
if (pair.length != 2) {
// System.out.println("No pair for: " + k);
// System.out.println("Constants: " + constants.getNonNull(k));
// System.out.println("Dconsts : " + dangerConstants.getNonNull(k));
// System.out.println("Encs : " + encs);
// System.out.println("Decs : " + decs);
} else {
pairs.put(k, pair);
// System.out.println("for: " + k + ": " + Arrays.toString(pair));
}
} catch (IllegalStateException e) {
System.err.println();
System.err.println("Constants: " + constants.getNonNull(k));
System.out.println("Dconsts : " + dangerConstants.getNonNull(k));
System.err.println("Encs : " + encs);
System.err.println("Decs : " + decs);
System.err.println("key: " + k);
throw e;
}
}
System.out.printf(" identified %n field encoder/decoder pairs.%n", pairs.size());
transform(cxt);
return pairs.size();
}
Also used :
FieldStoreStmt(org.mapleir.ir.code.stmt.FieldStoreStmt)
FieldLoadExpr(org.mapleir.ir.code.expr.FieldLoadExpr)
BasicBlock(org.mapleir.ir.cfg.BasicBlock)
ConstantExpr(org.mapleir.ir.code.expr.ConstantExpr)
FieldStoreStmt(org.mapleir.ir.code.stmt.FieldStoreStmt)
Stmt(org.mapleir.ir.code.Stmt)
BigInteger(java.math.BigInteger)
MethodNode(org.objectweb.asm.tree.MethodNode)
ConstantExpr(org.mapleir.ir.code.expr.ConstantExpr)
ArithmeticExpr(org.mapleir.ir.code.expr.ArithmeticExpr)
Expr(org.mapleir.ir.code.Expr)
FieldLoadExpr(org.mapleir.ir.code.expr.FieldLoadExpr)
ArithmeticExpr(org.mapleir.ir.code.expr.ArithmeticExpr)
ControlFlowGraph(org.mapleir.ir.cfg.ControlFlowGraph)
HashSet(java.util.HashSet)
Example 4 with FieldLoadExpr
use of org.mapleir.ir.code.expr.FieldLoadExpr in project maple-ir by LLVM-but-worse.
the class FieldRenamerPass method accept.
@Override
public int accept(AnalysisContext cxt, IPass prev, List<IPass> completed) {
Map<FieldNode, String> remapped = new HashMap<>();
// int totalFields = 0;
// int i = RenamingUtil.computeMinimum(totalFields);
ApplicationClassSource source = cxt.getApplication();
int i = RenamingUtil.numeric("aaaaa");
for (ClassNode cn : source.iterate()) {
// totalFields += cn.fields.size();
for (FieldNode fn : cn.fields) {
remapped.put(fn, RenamingUtil.createName(i++));
}
}
InvocationResolver resolver = cxt.getInvocationResolver();
for (ClassNode cn : source.iterate()) {
for (MethodNode m : cn.methods) {
ControlFlowGraph cfg = cxt.getIRCache().getFor(m);
for (BasicBlock b : cfg.vertices()) {
for (Stmt stmt : b) {
if (stmt.getOpcode() == Opcode.FIELD_STORE) {
FieldStoreStmt fs = (FieldStoreStmt) stmt;
FieldNode f = resolver.findField(fs.getOwner(), fs.getName(), fs.getDesc(), fs.getInstanceExpression() == null);
if (f != null) {
if (remapped.containsKey(f)) {
fs.setName(remapped.get(f));
} else if (mustMark(source, f.owner.name)) {
System.err.println(" no remap for " + f + ", owner: " + f.owner.name);
}
} else {
if (mustMark(source, fs.getOwner())) {
System.err.println(" can't resolve field(set): " + fs.getOwner() + "." + fs.getName() + " " + fs.getDesc() + ", " + (fs.getInstanceExpression() == null));
}
}
}
for (Expr e : stmt.enumerateOnlyChildren()) {
if (e.getOpcode() == Opcode.FIELD_LOAD) {
FieldLoadExpr fl = (FieldLoadExpr) e;
FieldNode f = resolver.findField(fl.getOwner(), fl.getName(), fl.getDesc(), fl.getInstanceExpression() == null);
if (f != null) {
if (remapped.containsKey(f)) {
fl.setName(remapped.get(f));
} else if (mustMark(source, f.owner.name)) {
System.err.println(" no remap for " + f + ", owner: " + f.owner.name);
}
} else {
if (mustMark(source, fl.getOwner())) {
System.err.println(" can't resolve field(get): " + fl.getOwner() + "." + fl.getName() + " " + fl.getDesc() + ", " + (fl.getInstanceExpression() == null));
}
}
}
}
}
}
}
}
for (Entry<FieldNode, String> e : remapped.entrySet()) {
e.getKey().name = e.getValue();
}
System.out.printf(" Renamed %d fields.%n", remapped.size());
return remapped.size();
}
Also used :
FieldStoreStmt(org.mapleir.ir.code.stmt.FieldStoreStmt)
ClassNode(org.objectweb.asm.tree.ClassNode)
FieldLoadExpr(org.mapleir.ir.code.expr.FieldLoadExpr)
FieldNode(org.objectweb.asm.tree.FieldNode)
HashMap(java.util.HashMap)
BasicBlock(org.mapleir.ir.cfg.BasicBlock)
FieldStoreStmt(org.mapleir.ir.code.stmt.FieldStoreStmt)
Stmt(org.mapleir.ir.code.Stmt)
ApplicationClassSource(org.mapleir.app.service.ApplicationClassSource)
MethodNode(org.objectweb.asm.tree.MethodNode)
Expr(org.mapleir.ir.code.Expr)
FieldLoadExpr(org.mapleir.ir.code.expr.FieldLoadExpr)
ControlFlowGraph(org.mapleir.ir.cfg.ControlFlowGraph)
InvocationResolver(org.mapleir.app.service.InvocationResolver)
Aggregations
Expr (org.mapleir.ir.code.Expr)4
FieldLoadExpr (org.mapleir.ir.code.expr.FieldLoadExpr)4
BasicBlock (org.mapleir.ir.cfg.BasicBlock)3
ControlFlowGraph (org.mapleir.ir.cfg.ControlFlowGraph)3
Stmt (org.mapleir.ir.code.Stmt)3
FieldStoreStmt (org.mapleir.ir.code.stmt.FieldStoreStmt)3
MethodNode (org.objectweb.asm.tree.MethodNode)3
ArithmeticExpr (org.mapleir.ir.code.expr.ArithmeticExpr)2
ConstantExpr (org.mapleir.ir.code.expr.ConstantExpr)2
ClassNode (org.objectweb.asm.tree.ClassNode)2
BigInteger (java.math.BigInteger)1
HashMap (java.util.HashMap)1
HashSet (java.util.HashSet)1
ApplicationClassSource (org.mapleir.app.service.ApplicationClassSource)1
InvocationResolver (org.mapleir.app.service.InvocationResolver)1
CodeUnit (org.mapleir.ir.code.CodeUnit)1
VarExpr (org.mapleir.ir.code.expr.VarExpr)1
FieldNode (org.objectweb.asm.tree.FieldNode)1
