more busywork

3 years ago · a88fbcbde1
parent 9368f5288a
commit a88fbcbde1
8 changed files with 86 additions and 19 deletions
--- a/CodeVirtualizer/CodeVirtualizer.vcxproj
+++ b/CodeVirtualizer/CodeVirtualizer.vcxproj
@ -151,6 +151,7 @@
  <ItemGroup>
    <ClCompile Include="NativeCode.cpp" />
    <ClCompile Include="Main.cpp" />
+    <ClCompile Include="Obfuscator.cpp" />
    <ClCompile Include="RipMovInst.cpp" />
    <ClCompile Include="RipXorInst.cpp" />
    <ClCompile Include="Virtualizer.cpp" />
@ -161,6 +162,7 @@
  <ItemGroup>
    <ClInclude Include="Code.h" />
    <ClInclude Include="NativeCode.h" />
+    <ClInclude Include="Obfuscator.h" />
    <ClInclude Include="RipMovInst.h" />
    <ClInclude Include="RipXorInst.h" />
    <ClInclude Include="Virtualizer.h" />
--- a/CodeVirtualizer/CodeVirtualizer.vcxproj.filters
+++ b/CodeVirtualizer/CodeVirtualizer.vcxproj.filters
@ -26,6 +26,9 @@
    <ClInclude Include="RipMovInst.h">
      <Filter>Obfuscator\RipMovInst</Filter>
    </ClInclude>
+    <ClInclude Include="Obfuscator.h">
+      <Filter>Obfuscator</Filter>
+    </ClInclude>
  </ItemGroup>
  <ItemGroup>
    <ClCompile Include="Main.cpp" />
@ -50,6 +53,9 @@
    <ClCompile Include="RipMovInst.cpp">
      <Filter>Obfuscator\RipMovInst</Filter>
    </ClCompile>
+    <ClCompile Include="Obfuscator.cpp">
+      <Filter>Obfuscator</Filter>
+    </ClCompile>
  </ItemGroup>
  <ItemGroup>
    <Filter Include="Xed">
--- a/CodeVirtualizer/NativeCode.cpp
+++ b/CodeVirtualizer/NativeCode.cpp
@ -73,9 +73,57 @@ VOID NcConcat(PNATIVE_CODE_BLOCK Block1, PNATIVE_CODE_BLOCK Block2)
 	//update the label names so that there are no conflicts between the two blocks
 }

+ULONG NcGenUnusedLabelId(STDVECTOR<ULONG> CONST& LabelIds)
+{
+	ULONG ReturnLabelId = rand();
+	while (StdFind(LabelIds.begin(), LabelIds.end(), ReturnLabelId) != LabelIds.end())
+		ReturnLabelId = rand();
+	return ReturnLabelId;
+}
+
+VOID NcChangeLabelId(PNATIVE_CODE_BLOCK Block1, ULONG Original, ULONG New)
+{
+	for (PNATIVE_CODE_LINK T = Block1->Start; T; T = T->Next)
+	{
+		if ((T->Flags & CODE_FLAG_IS_LABEL) && T->Label == Original)
+			T->Label = New;
+	}
+}
+
+VOID NcFixLabelsForBlocks(PNATIVE_CODE_BLOCK Block1, PNATIVE_CODE_BLOCK Block2)
+{
+	STDVECTOR<ULONG> BlockOneLabels;
+	for (PNATIVE_CODE_LINK T = Block1->Start; T; T = T->Next)
+	{
+		if ((T->Flags & CODE_FLAG_IS_LABEL) && StdFind(BlockOneLabels.begin(), BlockOneLabels.end(), T->Label) != BlockOneLabels.end())
+			BlockOneLabels.push_back(T->Label);
+	}
+
+	for (PNATIVE_CODE_LINK T = Block2->Start; T; T = T->Next)
+	{
+		if ((T->Flags & CODE_FLAG_IS_LABEL) && StdFind(BlockOneLabels.begin(), BlockOneLabels.end(), T->Label) != BlockOneLabels.end())
+			NcChangeLabelId(Block2, T->Label, NcGenUnusedLabelId(BlockOneLabels));
+	}
+}
+
 BOOL NcInsertBlockAfter(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block)
 {
-	return FALSE;
+	if (!Link || !Link->Block || !Block || !Block->Start || !Block->End || Link->Block == Block)
+		return FALSE;
+
+	if (Block->HasRelativeJumps && Link->Block->HasRelativeJumps)
+		NcFixLabelsForBlocks(Link->Block, Block);
+
+	if (Link->Next)
+		Link->Next->Prev = Block->End;
+	Block->End->Next = Link->Next;
+	Block->Start->Prev = Link;
+	Link->Next = Block->Start;
+
+	for (PNATIVE_CODE_LINK T = Block->Start; T; T = T->Next)
+		T->Block = Link->Block;
+
+	return TRUE;
 }

 BOOL NcInsertBlockBefore(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block)
@ -84,24 +132,16 @@ BOOL NcInsertBlockBefore(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block)
 		return FALSE;

 	if (Block->HasRelativeJumps && Link->Block->HasRelativeJumps)
-	{
-		//TODO: increment all labels inside of the block being added
-		return FALSE;
-	}
-	else
-	{
-		if (Link->Prev)
-			Link->Prev->Next = Block->Start;
-		Block->Start->Prev = Link->Prev;
-
-		Block->End->Next = Link;
-		Link->Prev = Block->End;
-	}
+		NcFixLabelsForBlocks(Link->Block, Block);
+	
+	if (Link->Prev)
+		Link->Prev->Next = Block->Start;
+	Block->Start->Prev = Link->Prev;
+	Block->End->Next = Link;
+	Link->Prev = Block->End;

 	for (PNATIVE_CODE_LINK T = Block->Start; T; T = T->Next)
-	{
 		T->Block = Link->Block;
-	}

 	return TRUE;
 }
--- a/CodeVirtualizer/NativeCode.h
+++ b/CodeVirtualizer/NativeCode.h
@ -38,6 +38,12 @@ VOID NcUnlink(PNATIVE_CODE_LINK Link);

 VOID NcConcat(PNATIVE_CODE_BLOCK Block1, PNATIVE_CODE_BLOCK Block2);

+VOID NcChangeLabelId(PNATIVE_CODE_BLOCK Block1, ULONG Original, ULONG New);
+
+ULONG NcGenUnusedLabelId(STDVECTOR<ULONG> CONST& LabelIds);
+
+VOID NcFixLabelsForBlocks(PNATIVE_CODE_BLOCK Block1, PNATIVE_CODE_BLOCK Block2);
+
 BOOL NcInsertBlockAfter(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block);

 BOOL NcInsertBlockBefore(PNATIVE_CODE_LINK Link, PNATIVE_CODE_BLOCK Block);
--- a/CodeVirtualizer/Obfuscator.cpp
+++ b/CodeVirtualizer/Obfuscator.cpp
@ -0,0 +1,7 @@
+#include "Obfuscator.h"
+
+
+
+
+
+
--- a/CodeVirtualizer/Obfuscator.h
+++ b/CodeVirtualizer/Obfuscator.h
@ -0,0 +1,7 @@
+#ifndef __OBFUSCATOR_H
+#define __OBFUSCATOR_H
+
+
+
+
+#endif
--- a/CodeVirtualizer/RipXorInst.h
+++ b/CodeVirtualizer/RipXorInst.h
@ -35,9 +35,7 @@ BOOL ObfEmitRipRelativeXorB(PNATIVE_CODE_BLOCK Block, INT32 RipDelta, ULONG Valu

 VOID ObfXorInstBytes(PNATIVE_CODE_LINK Link, PXOR_INST_DATA XorData);

-PNATIVE_CODE_BLOCK ObfEmitPreXorForInst(PNATIVE_CODE_LINK Link, PXOR_INST_DATA XorData, BOOL SaveFlags, INT32 DeltaToInst
-	
-	= 0);
+PNATIVE_CODE_BLOCK ObfEmitPreXorForInst(PNATIVE_CODE_LINK Link, PXOR_INST_DATA XorData, BOOL SaveFlags, INT32 DeltaToInst = 0);

 PNATIVE_CODE_BLOCK ObfEmitPostXorForInst(PNATIVE_CODE_LINK Link, PXOR_INST_DATA XorData, BOOL SaveFlags, INT32 DeltaToInst = 0);

--- a/CodeVirtualizer/Windas.h
+++ b/CodeVirtualizer/Windas.h
@ -10,6 +10,7 @@
 #define INLINE inline
 #define STDSTRING std::string
 #define STDVECTOR std::vector
+#define StdFind std::find


 #endif