fix

CodeVirtualizer/Main.cpp

@@ -27,7 +27,9 @@ PVOID MakeExecutableBuffer(PVOID Buffer, ULONG BufferSize)
 VOID PutToFile(PVOID Buffer, ULONG BufferSize)
 {
 	std::ofstream fout;
-	fout.open("C:\\Users\\Iizerd\\Desktop\\Leeg Hake\\Test.m", std::ios::binary | std::ios::out);
+	//
+	fout.open("C:\\Users\\James\\Desktop\\fantern\\Test.m", std::ios::binary | std::ios::out);
+	//fout.open("C:\\Users\\Iizerd\\Desktop\\Leeg Hake\\Test.m", std::ios::binary | std::ios::out);
 	fout.write((PCHAR)Buffer, BufferSize);
 	fout.close();
 }
@@ -91,22 +93,27 @@ int main()
 	XedTablesInit();
 	srand(time(NULL));
 
+	system("pause");
 
 	NATIVE_CODE_BLOCK RetNumBlock;
 	NcDisassemble(&RetNumBlock, RetNumCode, sizeof(RetNumCode));
 	OBFUSCATOR Obf;
 	Obf.Flags = 0;
 	Obf.MinSizeForOpaqueBranch = 1;
-	Obf.InstructionMutateChance = 0;
+	Obf.InstructionMutateChance = 100;
 	Obf.OpaqueBranchChance = 100;
 	Obf.MinDepthForRandomOpaqueBranch = 0;
 	Obf.GlobalBlock = &RetNumBlock;
 	Obf.BlockDivisionFactor = 2;
-	Obf.InstructionMutateChance = 100;
+	Obf.MaxDepth = 800000;
 	ObfObfuscate1(&Obf, &RetNumBlock);
+	Obf.MinSizeForOpaqueBranch = 5;
+	Obf.InstructionMutateChance = 0;
+	Obf.OpaqueBranchChance = 100;
+	ObfObfuscate1(&Obf, &RetNumBlock, 0);
 	Obf.MinSizeForOpaqueBranch = 50;
-	Obf.InstructionMutateChance = 50;
-	ObfObfuscate1(&Obf, &RetNumBlock);
+	ObfObfuscate1(&Obf, &RetNumBlock, 0);
+
 
 	printf("Finished second pas.\n");
 	//Obf.MinSizeForOpaqueBranch = 200;
@@ -114,6 +121,7 @@ int main()
 	//Obf.MinSizeForOpaqueBranch = 30;
 	//ObfObfuscate(&Obf, &RetNumBlock);
 
+	NcDebugPrint(&RetNumBlock);
 
 	ULONG AsmSize;
 	PVOID Asm = NcAssemble(&RetNumBlock, &AsmSize);
@@ -129,6 +137,7 @@ int main()
 	PVOID Exec = MakeExecutableBuffer(Asm, AsmSize);
 	typedef ULONG64(*FnRetNum)(ULONG Num);
 	printf("\n\nSize: %u   Obfuscated: %llu    Original: %llu\n\n", NcCountInstructions(&RetNumBlock), ((FnRetNum)Exec)(1776), RetNum(1776));
+	NcDeleteBlock(&RetNumBlock);
 	system("pause");
 
 

CodeVirtualizer/NativeCode.cpp

@@ -121,13 +121,15 @@ VOID NcUnlink(PNATIVE_CODE_LINK Link)
 	}
 }
 
-ULONG NcCountInstructions(PNATIVE_CODE_BLOCK Block)
+ULONG NcCountInstructions(PNATIVE_CODE_BLOCK Block, BOOL CountCombinedAsOne)
 {
 	ULONG InstructionCount = 0;
 	for (PNATIVE_CODE_LINK T = Block->Start; T && T != Block->End->Next; T = T->Next)
 	{
 		if (T->Flags & CODE_FLAG_IS_LABEL)
 			continue;
+		if (CountCombinedAsOne && T->Next && (T->Flags & CODE_FLAG_DO_NOT_DIVIDE) && !(T->Next->Flags & CODE_FLAG_DO_NOT_DIVIDE))
+			continue;
 		++InstructionCount;
 	}
 	return InstructionCount;

CodeVirtualizer/NativeCode.h

@@ -41,7 +41,7 @@ VOID NcInsertLinkBefore(PNATIVE_CODE_LINK Link1, PNATIVE_CODE_LINK Link2);
 
 VOID NcUnlink(PNATIVE_CODE_LINK Link);
 
-ULONG NcCountInstructions(PNATIVE_CODE_BLOCK Block);
+ULONG NcCountInstructions(PNATIVE_CODE_BLOCK Block, BOOL CountCombinedAsOne = FALSE);
 
 ULONG NcCalcBlockSizeInBytes(PNATIVE_CODE_BLOCK Block);
 

CodeVirtualizer/Obfuscator.cpp

@@ -5,7 +5,11 @@
 
 VOID ObfObfuscate1(POBFUSCATOR Obf, PNATIVE_CODE_BLOCK Block, ULONG Depth)
 {
-	ULONG InstructionCount = NcCountInstructions(Block);
+	if (Depth > Obf->MaxDepth)
+		return;
+
+	ULONG InstructionCount = NcCountInstructions(Block, FALSE);
+	printf("Depth: %u, InstCount: %u\n", Depth, InstructionCount);
 	if (InstructionCount <= Obf->MinSizeForOpaqueBranch)
 	{
 		for (PNATIVE_CODE_LINK T = Block->Start; T && T != Block->End->Next;)
@@ -23,6 +27,13 @@ VOID ObfObfuscate1(POBFUSCATOR Obf, PNATIVE_CODE_BLOCK Block, ULONG Depth)
 				PNATIVE_CODE_BLOCK PreOp = JitEmitPreRipMov(T);
 				PNATIVE_CODE_BLOCK PostOp = JitEmitPostRipMov(T);
 
+				if (T->Prev)
+					T->Prev->Next = PreOp->Start;
+				PreOp->End->Next = T;
+				
+
+
+
 				NcInsertBlockBefore(T, PreOp, FALSE);
 				NcInsertBlockAfter(T, PostOp, FALSE);
 
@@ -31,6 +42,9 @@ VOID ObfObfuscate1(POBFUSCATOR Obf, PNATIVE_CODE_BLOCK Block, ULONG Depth)
 				if (Block->End == T)
 					Block->End = PostOp->End;
 
+				delete PreOp;
+				delete PostOp;
+
 				//for (ULONG i = 0; i < T->RawDataSize; i++)
 				//	T->RawData[i] = (UCHAR)(rand() % 255);
 
@@ -43,7 +57,8 @@ VOID ObfObfuscate1(POBFUSCATOR Obf, PNATIVE_CODE_BLOCK Block, ULONG Depth)
 	}
 	else
 	{
-		ULONG TargetCount = max(Obf->MinSizeForOpaqueBranch, InstructionCount / ((Obf->Flags & OBF_ATTRIBUTE_RANDOMIZE_DIVISOR) ? (rand() % Obf->BlockDivisionFactor) : Obf->BlockDivisionFactor)); // max(Obf->MinBlockSize, InstructionCount / Obf->BlockDivisionFactor);
+		//ULONG TargetCount = max(Obf->MinSizeForOpaqueBranch, InstructionCount / ((Obf->Flags & OBF_ATTRIBUTE_RANDOMIZE_DIVISOR) ? (rand() % Obf->BlockDivisionFactor) : Obf->BlockDivisionFactor)); // max(Obf->MinBlockSize, InstructionCount / Obf->BlockDivisionFactor);
+		ULONG TargetCount = (InstructionCount / ((Obf->Flags & OBF_ATTRIBUTE_RANDOMIZE_DIVISOR) ? (rand() % Obf->BlockDivisionFactor) : Obf->BlockDivisionFactor)); // max(Obf->MinBlockSize, InstructionCount / Obf->BlockDivisionFactor);
 		ULONG CurrentCount = 0;
 		PNATIVE_CODE_LINK NewBlockStart = Block->Start;
 		for (PNATIVE_CODE_LINK T = Block->Start; T && T != Block->End->Next;)
@@ -62,9 +77,9 @@ VOID ObfObfuscate1(POBFUSCATOR Obf, PNATIVE_CODE_BLOCK Block, ULONG Depth)
 				continue;
 			}
 
-			if (CurrentCount == TargetCount)
+			if (CurrentCount >= TargetCount)
 			{
-				if (Depth >= Obf->MinDepthForRandomOpaqueBranch && (rand() % 100) <= Obf->OpaqueBranchChance)
+				if (Depth >= Obf->MinDepthForRandomOpaqueBranch && (rand() % 100) <= Obf->OpaqueBranchChance && CurrentCount <= Obf->MinSizeForOpaqueBranch)
 				{
 					NATIVE_CODE_BLOCK NotTaken, Taken;
 					ObfCreateOpaqueBranches(NewBlockStart, T, &NotTaken, &Taken);
@@ -89,15 +104,27 @@ VOID ObfObfuscate1(POBFUSCATOR Obf, PNATIVE_CODE_BLOCK Block, ULONG Depth)
 			}
 			T = T->Next;
 		}
-		if (NewBlockStart)
+		/*if (NewBlockStart && CurrentCount >= Obf->MinSizeForOpaqueBranch)
 		{
-			NATIVE_CODE_BLOCK NotTaken, Taken;
-			ObfCreateOpaqueBranches(NewBlockStart, Block->End, &NotTaken, &Taken);
-			ObfObfuscate1(Obf, &NotTaken, Depth + 1);
-			ObfObfuscate1(Obf, &Taken, Depth + 1);
-			ObfCombineOpaqueBranches(&NotTaken, &Taken, NcGenUnusedLabelId(Obf->GlobalBlock), NcGenUnusedLabelId(Obf->GlobalBlock));
-			ObfInsertOpaqueBranchBlock(NewBlockStart, Block->End, &NotTaken);
-		}
+			if (Depth >= Obf->MinDepthForRandomOpaqueBranch && (rand() % 100) <= Obf->OpaqueBranchChance && CurrentCount <= Obf->MinSizeForOpaqueBranch)
+			{
+				NATIVE_CODE_BLOCK NotTaken, Taken;
+				ObfCreateOpaqueBranches(NewBlockStart, Block->End, &NotTaken, &Taken);
+				ObfObfuscate1(Obf, &NotTaken, Depth + 1);
+				ObfObfuscate1(Obf, &Taken, Depth + 1);
+				ObfCombineOpaqueBranches(&NotTaken, &Taken, NcGenUnusedLabelId(Obf->GlobalBlock), NcGenUnusedLabelId(Obf->GlobalBlock));
+				ObfInsertOpaqueBranchBlock(NewBlockStart, Block->End, &NotTaken);
+			}
+			else
+			{
+				NATIVE_CODE_BLOCK TempBlock;
+				if (NcDeepCopyPartialBlock(NewBlockStart, Block->End, &TempBlock))
+				{
+					ObfObfuscate1(Obf, &TempBlock, Depth + 1);
+					ObfInsertOpaqueBranchBlock(NewBlockStart, Block->End, &TempBlock);
+				}
+			}
+		}*/
 	}
 
 

CodeVirtualizer/Obfuscator.h

@@ -23,6 +23,7 @@ typedef struct _OBFUSCATOR
 
 	ULONG Flags;
 	PNATIVE_CODE_BLOCK GlobalBlock;
+	ULONG MaxDepth;
 }OBFUSCATOR, *POBFUSCATOR;
 
 BOOL ObfJitInst();

CodeVirtualizer/x64/Debug/Assembly.lst

@@ -1,4 +1,4 @@
-Microsoft (R) Macro Assembler (x64) Version 14.27.29111.0   10/18/21 14:21:08
+Microsoft (R) Macro Assembler (x64) Version 14.29.30038.1   10/23/21 14:21:58
 Assembly.asm						     Page 1 - 1
 
 
@@ -23,7 +23,7 @@ Assembly.asm						     Page 1 - 1
  0000001E			NextFunction ENDP
 
 				END
-Microsoft (R) Macro Assembler (x64) Version 14.27.29111.0   10/18/21 14:21:08
+Microsoft (R) Macro Assembler (x64) Version 14.29.30038.1   10/23/21 14:21:58
 Assembly.asm						     Symbols 2 - 1
 
 

CodeVirtualizer/x64/Debug/CodeVirtualizer.exe.recipe

@@ -1,7 +1,11 @@
 <?xml version="1.0" encoding="utf-8"?>
 <Project>
-  <ProjectOutputs>C:\$Fanta\code-virtualizer\x64\Debug\CodeVirtualizer.exe</ProjectOutputs>
-  <ContentFiles></ContentFiles>
-  <SatelliteDlls></SatelliteDlls>
-  <NonRecipeFileRefs></NonRecipeFileRefs>
+  <ProjectOutputs>
+    <ProjectOutput>
+      <FullPath>C:\@\Work\code-virtualizer\x64\Debug\CodeVirtualizer.exe</FullPath>
+    </ProjectOutput>
+  </ProjectOutputs>
+  <ContentFiles />
+  <SatelliteDlls />
+  <NonRecipeFileRefs />
 </Project>