Noisette-Obfuscator
Noisette-Obfuscator copied to clipboard
XenocodeRCE
Really really close to creating control flow graph/integrity
Hey, I've come really really close to creating CFG/Integrity, where an integer in the app will increase or decrease to prevent anti tamper.
Here's what I've got so far, and the only problem I have is after it runs the protection for Main() the number wont be right for the next method.
https://pastebin.com/AL38M37t
Okay, fixed the code now ( I was accidentally processing the same method twice). Now the only problem I'm aware of is that we can't know the execution order of all the methods, and so we don't know which order to process the methods in. Or am I wrong??
@gigajew You are not wrong : we cannot know 99% of the call order in a file. However :
• We know that Initializecomponent() is called by the .ctor for every Form class type • We know that Dispose() is called by the .ctor for every Form class type • We know that constructor (.ctor / .cctor) are called every time you initialize a Class • Main in program is always executed after the <Module> .ctor
This could easily be implemented as long as you keep a separate int variable for each method though. So it's pretty neat.
Can you create a new pull request ? https://github.com/XenocodeRCE/Noisette-Obfuscator/pulls
Maybe this way I can help you to improve it
I see one problem that I am sure of. It messes up Booleans because they are stored as integers in the IL. (Ldc_I4_1 and Ldc_I4_0) so they have to be skipped. I found another problem that I am investigating right now.