ra/runelite
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

some guessing, fix dup stuff via magic

Browse Source
This commit is contained in:
Adam
2015-09-12 22:15:37 -04:00
parent c463687202
commit a826ac3c47
3 changed files with 42 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/java/net/runelite/deob/attributes/code/instructions/PutField.java
View File

@@ -16,6 +16,7 @@ import net.runelite.deob.pool.NameAndType;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.util.HashSet;
import java.util.List;
import net.runelite.deob.attributes.code.instruction.types.PushConstantInstruction;
import static net.runelite.deob.attributes.code.instructions.PutStatic.translate;
@@ -58,7 +59,7 @@ public class PutField extends Instruction implements SetFieldInstruction
{
Pair pair = encryption.getField(myField);
if (pair != null)
translate(encryption, pair, ins);
translate(encryption, pair, ins, new HashSet());
// XXX move translate() here
// InstructionContext ctx = value.getPushed();
// if (ctx.getInstruction() instanceof IAdd && pair != null)

40
src/main/java/net/runelite/deob/attributes/code/instructions/PutStatic.java
View File

@@ -16,8 +16,9 @@ import net.runelite.deob.pool.NameAndType;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.util.List;
import net.runelite.deob.attributes.code.instruction.types.InvokeInstruction;
import java.util.HashSet;
import java.util.Set;
import net.runelite.deob.attributes.code.instruction.types.DupInstruction;
import net.runelite.deob.attributes.code.instruction.types.PushConstantInstruction;
import net.runelite.deob.deobfuscators.arithmetic.DMath;
import net.runelite.deob.deobfuscators.arithmetic.Encryption;
@@ -70,8 +71,13 @@ public class PutStatic extends Instruction implements SetFieldInstruction
return null;
}
protected static boolean translate(Encryption encryption, Pair pair, InstructionContext ctx)
protected static boolean translate(Encryption encryption, Pair pair, InstructionContext ctx, Set<Instruction> visited)
{
if (visited.contains(ctx.getInstruction()))
return true;
visited.add(ctx.getInstruction());
if (ctx.getInstruction() instanceof LDC_W)
{
LDC_W pci = (LDC_W) ctx.getInstruction();
@@ -90,21 +96,17 @@ public class PutStatic extends Instruction implements SetFieldInstruction
return true;
}
// if (ctx.getInstruction() instanceof InvokeInstruction)
// return false;
//
// if (ctx.getInstruction() instanceof IDiv)
// return false;
boolean ok = ctx.getInstruction() instanceof IAdd ||
ctx.getInstruction() instanceof ISub ||
ctx.getInstruction() instanceof IMul ||
ctx.getInstruction() instanceof SetFieldInstruction;
ctx.getInstruction() instanceof SetFieldInstruction ||
ctx.getInstruction() instanceof DupInstruction;
if (!ok)
return false;
boolean multipleBranches = ctx.getInstruction() instanceof IAdd || ctx.getInstruction() instanceof ISub;
boolean multipleBranches = ctx.getInstruction() instanceof IAdd ||
ctx.getInstruction() instanceof ISub;
boolean retVal = false;
encryption.begin();
@@ -113,7 +115,7 @@ public class PutStatic extends Instruction implements SetFieldInstruction
{
InstructionContext i = sctx.getPushed();
if (translate(encryption, pair, i))
if (translate(encryption, pair, i, visited))
{
retVal = true;
@@ -135,6 +137,18 @@ public class PutStatic extends Instruction implements SetFieldInstruction
encryption.end();
for (StackContext sctx : ctx.getPushes())
{
InstructionContext i = sctx.getPopped();
if (i != null)
translate(encryption, pair, i, visited); // XXX?
else
// this hasn't been popped yet, so it hasn't been executed yet,
// so mark it as encrypted so that when it is executed, we will decrypt it
sctx.encryption = pair.getter;
}
return retVal;
}
@@ -153,7 +167,7 @@ public class PutStatic extends Instruction implements SetFieldInstruction
{
Pair pair = encryption.getField(myField);
if (pair != null)
translate(encryption, pair, ins);
translate(encryption, pair, ins, new HashSet());
// InstructionContext ctx = object.getPushed();
// if (ctx.getInstruction() instanceof IAdd && pair != null)
// {

89
src/main/java/net/runelite/deob/deobfuscators/arithmetic/ModArith.java
View File

@@ -113,15 +113,14 @@ public class ModArith implements Deobfuscator
continue;
List<Integer> constants = null;
// try
// {
// constants = findAssocConstants(field, ctx);
// System.out.println(field.getName() + " " + constants);
// for (int i : constants)
// if (i != 1 && i != 0)
// constantSetters.put(field, i);
// }
// catch (OtherFieldException ex) { }
try
{
constants = findAssocConstants(field, ctx);
for (int i : constants)
if (i != 1 && i != 0)
constantSetters.put(field, i);
}
catch (OtherFieldException ex) { }
StackContext value = ctx.getPops().get(0); // the first thing poppe from both putfield and putstatic is the value
if (!(value.getPushed().getInstruction() instanceof IMul))
@@ -250,83 +249,21 @@ public class ModArith implements Deobfuscator
Collection<Integer> getters = constantGetters.getCollection(f),
setters = constantSetters.getCollection(f);
if (f.getName().equals("field605"))
{
int i =4;
}
if (getters == null || setters == null)
continue;
Pair answer = reduce(getters, setters);
if (answer == null)
{
// answer = guess(getters);
answer = guess(getters);
if (answer == null)
continue;
System.out.println("Guessing getter for " + f.getName() + " is " + answer.getter + " setter " + answer.setter);
}
answer.field = f;
pairs.add(answer);
}
}
// private List<Field> getFieldsInExpression(InstructionContext ctx, List<Integer> constants)
// {
// return check(ctx, new HashSet<InstructionContext>(), constants);
// }
//
// private List<Field> check(InstructionContext context, Set<InstructionContext> visited, List<Integer> constants)
// {
// List<Field> fields = new ArrayList<>();
//
// if (visited.contains(context))
// return fields;
//
// visited.add(context);
//
// if (context.getInstruction() instanceof InvokeInstruction)
// {
// // field = func(field * constant), the output of the function isn't directly related to the result of field * constant
// return fields;
// }
//
// if (context.getInstruction() instanceof FieldInstruction)
// {
// FieldInstruction fi = (FieldInstruction) context.getInstruction();
// Field myf = fi.getMyField();
// if (myf != null)
// fields.add(myf);
// }
//
// if (context.getInstruction() instanceof PushConstantInstruction)
// {
// PushConstantInstruction pci = (PushConstantInstruction) context.getInstruction();
// int i = (int) pci.getConstant().getObject();
// constants.add(i);
// }
//
// for (StackContext ctx : context.getPops())
// {
// InstructionContext i = ctx.getPushed();
//
// fields.addAll(check(i, visited, constants));
// }
//
// for (StackContext ctx : context.getPushes())
// {
// InstructionContext i = ctx.getPopped();
//
// if (i == null)
// continue;
//
// fields.addAll(check(i, visited, constants));
// }
//
// return fields;
// }
@Override
public void run(ClassGroup group)
@@ -351,16 +288,16 @@ public class ModArith implements Deobfuscator
reduce();
int i = 0;
int start = 0, end = pairs.size(); // 0-64 ok
int start = 0, end = pairs.size();
for (int j = start; j < end; ++j)
//for (Pair pair : pairs)
{
Pair pair = pairs.get(j);
Field field = pair.field;
if (!field.getName().equals("field2982") && !field.getName().equals("field2963"))
if (!field.getName().equals("field1980") && !field.getName().equals("field1961"))
{
// continue;
// continue;
}
System.out.println("Processing " + field.getName() + " getter " + pair.getter + " setter " + pair.setter);