File Format Deconstruction and LLOIFF Construction
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
_xeroxz 4c8f8ff004
Update README.md
4 years ago
dependencies removed fcml, going to use xed, removed clutter... 4 years ago
include removed fcml, going to use xed, removed clutter... 4 years ago
src Merge branch 'master' of https://githacks.org/llo/stage-one 4 years ago
.clang-format removed shitmake, added visual studios 4 years ago
.gitignore added gitignore, added some more code to show what im going for... 4 years ago
.gitmodules beginning work on pe file dctor... 4 years ago
LICENSE Add LICENSE 4 years ago
README.md Update README.md 4 years ago
llo-s1.sln removed shitmake, added visual studios 4 years ago
llo-s1.vcxproj removed fcml, going to use xed, removed clutter... 4 years ago
llo-s1.vcxproj.filters removed fcml, going to use xed, removed clutter... 4 years ago
llo-s1.vcxproj.user added lib dctor... 4 years ago

README.md

S1 - Native File Format Deconstruction

Stage One, or "S1" for short is the first stage in LLO. This stage deconstructs native files and creates an IL version of them called "Low Level Obfuscation Intermediate File Format" or LLOIFF for short. This branch of the repository is mearly a proposal for the composition of S1 and is entirely subject to change.

File Format Deconstructors - dctors

The term "dctor" typically refered to class deconstructors, however the usage in this proposal refers to file format deconstruction. I went with the "strategy pattern" with my file format deconstruction as it seems like the best code pattern to use.

"In computer programming, the strategy pattern is a behavioral software design pattern that enables selecting an algorithm at runtime. Instead of implementing a single algorithm directly, code receives run-time instructions as to which in a family of algorithms to use."

This is ideal for deconstruction algorithms as there can be different files to deconstruct and thus different algorithms must run. For example, a COFF, PE, ELF, and LIB file all require different deconstruction algorithms. LIB in particular as it is composed of multiple COFF files. I have used "decorator pattern" for my LIB file dctor.

"In object-oriented programming, the decorator pattern is a design pattern that allows behavior to be added to an individual object, dynamically, without affecting the behavior of other objects from the same class."