README.md Description. It will try its best to restore a packed and obfuscated assembly. News: Replace with NOP in the instructions editor. Added copy/paste to instruction editing grid, thanks to Thijs Kroesbergen. Added SilverLight 5 compilation profile. Reflexil is an assembly editor and runs as a plug-in for Reflector or JustDecompile. Reflexil is able to manipulate IL code and save the modified assemblies to disk. Explains why and how to use obfuscation and other methods of code protection in ASP.NET. Find out why companies around the world choose SecureTeam as a Code Protection solution for their.NET Software. Fixed compatibility issue in Themida Demo Nag screen that interacts with some applications returning a wrong window handle From Nova Development: Preserve precious memories to share with loved ones and future generations. Scrapbook Factory Deluxe has everything you need. Assembly Manipulation and C# / VB. NET Code Injection. Reflexil is an assembly editor and runs as a plug- in for Reflector or Just. Decompile. Reflexil is able to manipulate IL code and save the modified assemblies to disk. Reflexil also supports . However, they are unable to modify either the structure or the IL code of assemblies. Reflexil allows such modifications by using the powerful Mono. Cecil library written by Jb EVAIN. Reflexil runs as a plug- in and is directed especially towards IL code handling. It accomplishes this by proposing a complete instruction editor and by allowing C#/VB. NET code injection, as we will see in the following two examples. Demo Application Let's use a very simple application that is able to add two numbers: using System. System. Windows. Forms. Reflexil. Demo. . In order to do so, we have to initially put a string parameter on the stack with ldstr opcode: Then we have to update the . The following operands are supported: Primitive types: byte, sbyte, int. String Instruction reference Multiple instructions references (switch) Parameter or variable reference Internal generic type reference Type, field or method reference using a browser for selecting the suitable element. This browser is like the reflector's one (lazy loading, icons, etc.) In a quite comprehensible way, the Reflector and Reflexil object models are not synchronous: updates made on the IL code will not impact the disassemble window of Reflector. Reflexil and Mono. Cecil do not perform any checks of the emitted code. The only constraint is about coherence between the operand type used for a given opcode. For those who find IL manipulation difficult, the following example shows how to update a method body with C# or VB. NET. Using C#/VB. NET Code Injection You can choose your preferred injection language and input/display bases (binary, octal, decimal, and hexadecimal) with the configuration form: Let's use the . A basic support for intellisense/insight is provided: We can do it again with VB. NET language. Note that in this simple case, we obtain an identical IL code (it is not always the case): Let's save and test our patched assembly: C#/VB. NET Code Injection Features. The code is compiled using System. Code. Dom in a separate App. Domain for a correct resource release. Once compiled, instructions are extracted and then reinserted in the original method body. Parameters, variables, methods, fields and types references are adjusted to match the original assembly. Code injection is limited: it is not possible to refer either to the fields or to the methods defined in ancestral types of the owner type of the original method. You can choose the target framework used by the compilation process. Method Attributes Editor. You can easily update a method signature or change his visibility scope. You are also able to change the return type: Method parameters (and variables) are also editable. Reflexil can load symbols (MDB and PDB files are supported) to display original variable names: Exception Handlers. Reflexil allows to add/update/delete exception handlers associated with a method body. The following types are supported: Catch. Filter (the VB. NET Where clause in Try/Catch blocks) Finally. Fault. Type Attributes Editor. Like methods, you can change any type visibility scope. So you can expose a previously private type to the world: Member manipulation. Reflexil is able to rename, delete or inject class, interface, struct, enum, event, field, method, constructor, property or assembly reference. Smart injection : injecting a new property will generate a field, getter/setter methods and IL code. Resources Editor. You can inject and alter embedded resources, linked resources and assembly linked resources. A complete hex editor is provided to update, export or import files. Custom attributes Editor. Custom attributes are fully supported. Assembly and Assembly Reference Editor. With the assembly editor, you can use a different entry point: You can also update all information regarding identification: version, public key, name and culture. Note that you can also alter any referenced assembly so you can use a different version: Module Editor. With the module editor, you can simply change the kind of your application (transform an executable assembly to a DLL library for instance): Signed Assemblies Support. When saving a signed assembly, the resulting assembly is placed in the . Reflexil can use SDK tools to fix it. Reflexil is able to remove assembly strong name and update referencing assemblies. You can also do it by yourself with the assembly editor: remove the public key and set the Has. Public. Key flag to false. Deobfuscation Support. Reflexil is able to remove obfuscated code thanks to de. Babel NET, Cli. Secure, Code. Fort, Code. Veil, Code. Wall, Crypto. Obfuscator, Deep. Sea, Dotfuscator, dot. NET Reactor, Eazfuscator NET, Goliath NET, ILProtector, Maxto. Code, MPRESS, Rummage, Skater NET, Smart. Assembly, Spices Net and Xenocode are supported. Assembly Verifier. With the assembly verifier (using peverify. NET SDK), you can determine whether the IL code and associated metadata meet type safety requirements. Conclusion. Reflexil is completely based on Mono. Cecil. The interesting thing is that Mono. Cecil can load assemblies without the help of the runtime, so there is no resource release constraint and App. Domain isolation for example. There is no relation between System. Type and Mono. Cecil. Type. Definition, whereas they both materialize the . NET type concept. If we want to programmatically reproduce our first example (Show overload), we can write it very easily, thanks to Mono. Cecil. Change Log////////////////////////////////////////////////////////////////////////////////. Optional ILMerged version to prevent unexpected Mono. Cecil assemblies. New deobfuscation support for Code. Fort, Code. Wall. ILProtector, MPRESS, Rummage. Complete hex editor to update.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |