diff --git a/CMakeLists.txt b/CMakeLists.txt index 1a4b385..87eabc5 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -39,14 +39,14 @@ endif() add_subdirectory(dependencies) set(CMAKE_FOLDER ${CMKR_CMAKE_FOLDER}) -# tests +# examples set(CMKR_CMAKE_FOLDER ${CMAKE_FOLDER}) if(CMAKE_FOLDER) - set(CMAKE_FOLDER "${CMAKE_FOLDER}/tests") + set(CMAKE_FOLDER "${CMAKE_FOLDER}/examples") else() - set(CMAKE_FOLDER tests) + set(CMAKE_FOLDER examples) endif() -add_subdirectory(tests) +add_subdirectory(examples) set(CMAKE_FOLDER ${CMKR_CMAKE_FOLDER}) # Target Theodosius diff --git a/Doxyfile b/Doxyfile index 14236c3..a00888f 100644 --- a/Doxyfile +++ b/Doxyfile @@ -866,7 +866,9 @@ WARN_LOGFILE = INPUT = include \ src \ - README.md + README.md \ + examples/demo/ \ + "examples/demo/Demo Example Using Theo.md" # This tag can be used to specify the character encoding of the source files # that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses @@ -1063,7 +1065,7 @@ FILTER_SOURCE_PATTERNS = # (index.html). This can be useful if you have a project on for instance GitHub # and want to reuse the introduction page also for the doxygen output. -USE_MDFILE_AS_MAINPAGE = E:\Theodosius\README.md +USE_MDFILE_AS_MAINPAGE = README.md #--------------------------------------------------------------------------- # Configuration options related to source browsing @@ -1082,7 +1084,7 @@ SOURCE_BROWSER = YES # classes and enums directly into the documentation. # The default value is: NO. -INLINE_SOURCES = NO +INLINE_SOURCES = YES # Setting the STRIP_CODE_COMMENTS tag to YES will instruct doxygen to hide any # special comment blocks from generated source code fragments. Normal C, C++ and diff --git a/cmake.toml b/cmake.toml index 705d7d9..6c9ad37 100644 --- a/cmake.toml +++ b/cmake.toml @@ -2,7 +2,7 @@ name = "Theodosius" [subdir.dependencies] -[subdir.tests] +[subdir.examples] [target.Theodosius] type = "static" diff --git a/doxygen/html/add__op_8hpp.html b/doxygen/html/add__op_8hpp.html deleted file mode 100644 index 178be93..0000000 --- a/doxygen/html/add__op_8hpp.html +++ /dev/null @@ -1,114 +0,0 @@ - - - - - - - -Theodosius: include/obf/transform/add_op.hpp File Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Classes | -Namespaces
-
-
add_op.hpp File Reference
-
-
-
#include <obf/transform/operation.hpp>
-
-Include dependency graph for add_op.hpp:
-
-
-
-
-This graph shows which files directly or indirectly include this file:
-
-
-
-
-

Go to the source code of this file.

- - - - -

-Classes

class  theo::obf::transform::add_op_t
 
- - - - - - - - - - -

-Namespaces

 theo
 The outer most encompassing namespace of this project.
 
 theo::obf
 this is the main namespace for obfuscation related things.
 
 theo::obf::transform
 this namespace encompasses the code for transforming relocations.
 
-
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/add__op_8hpp__dep__incl.dot b/doxygen/html/add__op_8hpp__dep__incl.dot deleted file mode 100644 index b730ae9..0000000 --- a/doxygen/html/add__op_8hpp__dep__incl.dot +++ /dev/null @@ -1,47 +0,0 @@ -digraph "include/obf/transform/add_op.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/transform\l/add_op.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="include/obf/transform\l/transform.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$transform_8hpp.html",tooltip=" "]; - Node2 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="include/obf/passes\l/reloc_transform_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$reloc__transform__pass_8hpp.html",tooltip=" "]; - Node3 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="include/theo.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$theo_8hpp.html",tooltip=" "]; - Node2 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="include/obf/transform\l/gen.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$gen_8hpp.html",tooltip=" "]; - Node5 -> Node6 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="include/obf/pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$pass_8hpp.html",tooltip=" "]; - Node6 -> Node7 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="include/obf/engine.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$engine_8hpp.html",tooltip=" "]; - Node7 -> Node8 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="include/recomp/recomp.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$recomp_8hpp.html",tooltip=" "]; - Node8 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 -> Node9 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="include/obf/passes\l/jcc_rewrite_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$jcc__rewrite__pass_8hpp.html",tooltip=" "]; - Node9 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 -> Node10 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="include/obf/passes\l/next_inst_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$next__inst__pass_8hpp.html",tooltip=" "]; - Node10 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 -> Node11 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 [label="include/recomp/reloc.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$reloc_8hpp.html",tooltip=" "]; - Node11 -> Node12 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 [label="include/decomp/symbol.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$symbol_8hpp.html",tooltip=" "]; - Node12 -> Node13 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 [label="include/decomp/routine.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$routine_8hpp.html",tooltip=" "]; - Node13 -> Node14 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 [label="include/decomp/decomp.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$decomp_8hpp.html",tooltip=" "]; - Node14 -> Node8 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 -> Node6 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 -> Node15 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 [label="include/recomp/symbol\l_table.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$symbol__table_8hpp.html",tooltip=" "]; - Node15 -> Node14 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 -> Node8 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; -} diff --git a/doxygen/html/add__op_8hpp__incl.dot b/doxygen/html/add__op_8hpp__incl.dot deleted file mode 100644 index 2b50ae8..0000000 --- a/doxygen/html/add__op_8hpp__incl.dot +++ /dev/null @@ -1,25 +0,0 @@ -digraph "include/obf/transform/add_op.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/transform\l/add_op.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="obf/transform/operation.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$operation_8hpp.html",tooltip=" "]; - Node2 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="spdlog/spdlog.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node4 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="bit",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node5 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="bitset",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="functional",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node7 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="map",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node8 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="random",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="xed-decode.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node10 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="xed-interface.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; -} diff --git a/doxygen/html/add__op_8hpp_source.html b/doxygen/html/add__op_8hpp_source.html deleted file mode 100644 index 37ac4b0..0000000 --- a/doxygen/html/add__op_8hpp_source.html +++ /dev/null @@ -1,133 +0,0 @@ - - - - - - - -Theodosius: include/obf/transform/add_op.hpp Source File - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
add_op.hpp
-
-
-Go to the documentation of this file.
1 // Copyright (c) 2022, _xeroxz
-
2 // All rights reserved.
-
3 //
-
4 // Redistribution and use in source and binary forms, with or without
-
5 // modification, are permitted provided that the following conditions are met:
-
6 //
-
7 // 1. Redistributions of source code must retain the above copyright notice,
-
8 // this list of conditions and the following disclaimer.
-
9 //
-
10 // 2. Redistributions in binary form must reproduce the above copyright notice,
-
11 // this list of conditions and the following disclaimer in the documentation
-
12 // and/or other materials provided with the distribution.
-
13 //
-
14 // 3. Neither the name of the copyright holder nor the names of its
-
15 // contributors may be used to endorse or promote products derived from
-
16 // this software without specific prior written permission.
-
17 //
-
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-
19 // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-
20 // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-
21 // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-
22 // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-
23 // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-
24 // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-
25 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-
26 // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-
27 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-
28 // POSSIBILITY OF SUCH DAMAGE.
-
29 //
-
30 
-
31 #pragma once
-
32 #include <obf/transform/operation.hpp>
-
33 
-
34 namespace theo::obf::transform {
-
35 class add_op_t : public operation_t {
-
36  explicit add_op_t()
-
37  : operation_t([&](std::size_t val,
-
38  std::uint32_t imm) -> std::size_t { return val + imm; },
-
39  XED_ICLASS_ADD) {}
-
40 
-
41  public:
-
42  static add_op_t* get() {
-
43  static add_op_t obj;
-
44  return &obj;
-
45  }
-
46 };
-
47 } // namespace theo::obf::transform
-
theo::obf::transform::add_op_t
Definition: add_op.hpp:35
-
theo::obf::transform::add_op_t::get
static add_op_t * get()
Definition: add_op.hpp:42
-
theo::obf::transform::operation_t
operation_t is the base class for all types of transformations. classes that inherit this class are s...
Definition: operation.hpp:61
-
theo::obf::transform::operation_t::operation_t
operation_t(transform_t op, xed_iclass_enum_t type)
explicit constructor for operation_t
Definition: operation.hpp:69
-
theo::obf::transform
this namespace encompasses the code for transforming relocations.
Definition: add_op.hpp:34
- -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/annotated.html b/doxygen/html/annotated.html index 192d458..62e5f0b 100644 --- a/doxygen/html/annotated.html +++ b/doxygen/html/annotated.html @@ -87,11 +87,12 @@ $(function() {  Cjcc_rewrite_pass_tjcc rewrite pass which rewrites rip relative jcc's so that they are position independent  Cnext_inst_pass_tThis pass is used to generate transformations and jmp code to change RIP to the next instruction  Creloc_transform_pass_tthis pass is like the next_inst_pass, however, relocations are encrypted with transformations instead of the address of the next instruction. this pass only runs at the instruction level and appends transformations into the reloc_t object of the instruction symbol - Nrecompthis namespace encompasses all recomposition related code - Crecomp_tthe main class responsible for recomposition - Creloc_tmeta data about a relocation for a symbol - Csymbol_table_tthis class is a high level wrapper for a hashmap that contains decomp::symbol_t values. the symbol values are references by a hashcode - Ctheo_tthe main class which encapsulates a symbol table, decomp, and recomp objects. This class is a bridge that connects all three: decomp, obf, recomp + Chello_world_pass_thello world pass example of how to inherit pass_t + Nrecompthis namespace encompasses all recomposition related code + Crecomp_tthe main class responsible for recomposition + Creloc_tmeta data about a relocation for a symbol + Csymbol_table_tthis class is a high level wrapper for a hashmap that contains decomp::symbol_t values. the symbol values are references by a hashcode + Ctheo_tthe main class which encapsulates a symbol table, decomp, and recomp objects. This class is a bridge that connects all three: decomp, obf, recomp diff --git a/doxygen/html/classes.html b/doxygen/html/classes.html index b486ba1..daae3ae 100644 --- a/doxygen/html/classes.html +++ b/doxygen/html/classes.html @@ -67,7 +67,7 @@ $(function() {
Class Index
-
A | D | E | J | N | O | P | R | S | T | X
+
A | D | E | H | J | N | O | P | R | S | T | X
A
@@ -79,27 +79,30 @@ $(function() {
E
engine_t (theo::obf)
+
H
+
hello_world_pass_t (theo::obf)
+
J
jcc_rewrite_pass_t (theo::obf)
-
+
N
next_inst_pass_t (theo::obf)
-
+
O
operation_t (theo::obf::transform)
-
+
P
pass_t (theo::obf)
-
+
R
recomp_t (theo::recomp)
reloc_t (theo::recomp)
reloc_transform_pass_t (theo::obf)
rol_op_t (theo::obf::transform)
ror_op_t (theo::obf::transform)
routine_t (theo::decomp)
-
+
S
sub_op_t (theo::obf::transform)
symbol_t (theo::decomp)
symbol_table_t (theo::recomp)
-
+
T
theo_t (theo)
-
+
X
xor_op_t (theo::obf::transform)
diff --git a/doxygen/html/classtheo_1_1decomp_1_1decomp__t-members.html b/doxygen/html/classtheo_1_1decomp_1_1decomp__t-members.html deleted file mode 100644 index f15e32f..0000000 --- a/doxygen/html/classtheo_1_1decomp_1_1decomp__t-members.html +++ /dev/null @@ -1,90 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::decomp::decomp_t Member List
-
-
- -

This is the complete list of members for theo::decomp::decomp_t, including all inherited members.

- - - - - - - - -
decomp_t(std::vector< std::uint8_t > &lib, recomp::symbol_table_t *syms)theo::decomp::decomp_texplicit
decompose(std::string &entry_sym)theo::decomp::decomp_t
lib()theo::decomp::decomp_t
objs()theo::decomp::decomp_t
rtns()theo::decomp::decomp_t
scn_hash_tbl()theo::decomp::decomp_t
syms()theo::decomp::decomp_t
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1decomp_1_1decomp__t.html b/doxygen/html/classtheo_1_1decomp_1_1decomp__t.html deleted file mode 100644 index 69d590d..0000000 --- a/doxygen/html/classtheo_1_1decomp_1_1decomp__t.html +++ /dev/null @@ -1,294 +0,0 @@ - - - - - - - -Theodosius: theo::decomp::decomp_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -List of all members
-
-
theo::decomp::decomp_t Class Reference
-
-
- -

the main decomposition class which is responsible for breaking down lib file into coff files, and extracted used symbols from the coff files. - More...

- -

#include <decomp.hpp>

- - - - - - - - - - - - - - - - - - - - - - - -

-Public Member Functions

 decomp_t (std::vector< std::uint8_t > &lib, recomp::symbol_table_t *syms)
 the explicit constructor for decomp_t More...
 
std::vector< routine_trtns ()
 gets all of the routine objects. More...
 
std::vector< std::uint8_t > lib ()
 gets a vector of bytes consisting of the lib file. More...
 
std::vector< std::vector< std::uint8_t > > objs ()
 gets all the obj files as a vector of a vector of bytes. More...
 
recomp::symbol_table_tsyms ()
 gets the symbol table. More...
 
std::map< coff::section_header_t *, std::size_t > & scn_hash_tbl ()
 gets the section hash table section header --> hash of the section header ptr. More...
 
std::optional< recomp::symbol_table_t * > decompose (std::string &entry_sym)
 decomposes (extracts) the symbols used. this function determines all used symbols given the entry point. More...
 
-

Detailed Description

-

the main decomposition class which is responsible for breaking down lib file into coff files, and extracted used symbols from the coff files.

- -

Definition at line 61 of file decomp.hpp.

-

Constructor & Destructor Documentation

- -

◆ decomp_t()

- -
-
- - - - - -
- - - - - - - - - - - - - - - - - - -
theo::decomp::decomp_t::decomp_t (std::vector< std::uint8_t > & lib,
recomp::symbol_table_tsyms 
)
- 		-explicit
-
- -

the explicit constructor for decomp_t

-
Parameters
- - - -
libvector of bytes containing the lib file.
symssymbol table that gets populated and managed by this class.
-
-
- -
-
-

Member Function Documentation

- -

◆ decompose()

- -
-
- - - - - - - - -
std::optional<recomp::symbol_table_t*> theo::decomp::decomp_t::decompose (std::string & entry_sym)
-
- -

decomposes (extracts) the symbols used. this function determines all used symbols given the entry point.

-
Parameters
- - -
entry_symthe entry point symbol name.
-
-
-
Returns
returns an optional pointer to the symbol table. no value in the optional object on failure.
- -
-
- -

◆ lib()

- -
-
- - - - - - - -
std::vector<std::uint8_t> theo::decomp::decomp_t::lib ()
-
- -

gets a vector of bytes consisting of the lib file.

-
Returns
a vector of bytes consisting of the lib file.
- -
-
- -

◆ objs()

- -
-
- - - - - - - -
std::vector<std::vector<std::uint8_t> > theo::decomp::decomp_t::objs ()
-
- -

gets all the obj files as a vector of a vector of bytes.

-
Returns
all the obj files as a vector of a vector of bytes.
- -
-
- -

◆ rtns()

- -
-
- - - - - - - -
std::vector<routine_t> theo::decomp::decomp_t::rtns ()
-
- -

gets all of the routine objects.

-
Returns
vector of routine objects.
- -
-
- -

◆ scn_hash_tbl()

- -
-
- - - - - - - -
std::map<coff::section_header_t*, std::size_t>& theo::decomp::decomp_t::scn_hash_tbl ()
-
- -

gets the section hash table section header --> hash of the section header ptr.

-
Returns
the section hash table section header --> hash of the section header ptr.
- -
-
- -

◆ syms()

- -
-
- - - - - - - -
recomp::symbol_table_t* theo::decomp::decomp_t::syms ()
-
- -

gets the symbol table.

-
Returns
the symbol table.
- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1decomp_1_1routine__t-members.html b/doxygen/html/classtheo_1_1decomp_1_1routine__t-members.html deleted file mode 100644 index 32397d5..0000000 --- a/doxygen/html/classtheo_1_1decomp_1_1routine__t-members.html +++ /dev/null @@ -1,87 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::decomp::routine_t Member List
-
-
- -

This is the complete list of members for theo::decomp::routine_t, including all inherited members.

- - - - - -
data()theo::decomp::routine_t
decompose()theo::decomp::routine_t
routine_t(coff::symbol_t *sym, coff::image_t *img, coff::section_header_t *scn, std::vector< std::uint8_t > &fn, sym_type_t dcmp_type)theo::decomp::routine_texplicit
scn()theo::decomp::routine_t
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1decomp_1_1routine__t.html b/doxygen/html/classtheo_1_1decomp_1_1routine__t.html deleted file mode 100644 index ff3cf26..0000000 --- a/doxygen/html/classtheo_1_1decomp_1_1routine__t.html +++ /dev/null @@ -1,239 +0,0 @@ - - - - - - - -Theodosius: theo::decomp::routine_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -List of all members
-
-
theo::decomp::routine_t Class Reference
-
-
- -

the routine class which is responsible for creating symbols for routines. if the routine is located inside a section with the name ".split" it will break functions into instruction symbols. - More...

- -

#include <routine.hpp>

- - - - - - - - - - - - - - -

-Public Member Functions

 routine_t (coff::symbol_t *sym, coff::image_t *img, coff::section_header_t *scn, std::vector< std::uint8_t > &fn, sym_type_t dcmp_type)
 the explicit constructor for routine_t. More...
 
std::vector< decomp::symbol_tdecompose ()
 decompose the function into symbol(s). More...
 
coff::section_header_t * scn ()
 gets the section header of the section in which the symbol is located in. More...
 
std::vector< std::uint8_t > data ()
 gets the function bytes. More...
 
-

Detailed Description

-

the routine class which is responsible for creating symbols for routines. if the routine is located inside a section with the name ".split" it will break functions into instruction symbols.

- -

Definition at line 53 of file routine.hpp.

-

Constructor & Destructor Documentation

- -

◆ routine_t()

- -
-
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
theo::decomp::routine_t::routine_t (coff::symbol_t * sym,
coff::image_t * img,
coff::section_header_t * scn,
std::vector< std::uint8_t > & fn,
sym_type_t dcmp_type 
)
- 		-explicit
-
- -

the explicit constructor for routine_t.

-
Parameters
- - - - - - -
symthe coff symbol for the routine.
imgthe coff image which contains the symbol.
scnthe section header of the section that contains the symbol.
fnthe data (bytes) of the function.
dcmp_typethe type of decomp to do. if this is sym_type_t::function then this class wont split the function up into individual instructions.
-
-
- -
-
-

Member Function Documentation

- -

◆ data()

- -
-
- - - - - - - -
std::vector<std::uint8_t> theo::decomp::routine_t::data ()
-
- -

gets the function bytes.

-
Returns
the function bytes.
- -
-
- -

◆ decompose()

- -
-
- - - - - - - -
std::vector<decomp::symbol_t> theo::decomp::routine_t::decompose ()
-
- -

decompose the function into symbol(s).

-
Returns
symbol(s) of the function.
- -
-
- -

◆ scn()

- -
-
- - - - - - - -
coff::section_header_t* theo::decomp::routine_t::scn ()
-
- -

gets the section header of the section in which the symbol is located in.

-
Returns
the section header of the section in which the symbol is located in.
- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1decomp_1_1symbol__t-members.html b/doxygen/html/classtheo_1_1decomp_1_1symbol__t-members.html deleted file mode 100644 index c878b0b..0000000 --- a/doxygen/html/classtheo_1_1decomp_1_1symbol__t-members.html +++ /dev/null @@ -1,98 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::decomp::symbol_t Member List
-
-
- -

This is the complete list of members for theo::decomp::symbol_t, including all inherited members.

- - - - - - - - - - - - - - - - -
allocated_at() consttheo::decomp::symbol_t
allocated_at(std::uintptr_t allocated_at)theo::decomp::symbol_t
data()theo::decomp::symbol_t
hash()theo::decomp::symbol_t
hash(const std::string &sym)theo::decomp::symbol_tstatic
img() consttheo::decomp::symbol_t
name() consttheo::decomp::symbol_t
name(const coff::image_t *img, coff::symbol_t *sym)theo::decomp::symbol_tstatic
offset() consttheo::decomp::symbol_t
relocs()theo::decomp::symbol_t
scn() consttheo::decomp::symbol_t
size() consttheo::decomp::symbol_t
sym() consttheo::decomp::symbol_t
symbol_t(coff::image_t *img, std::string name, std::uintptr_t offset, std::vector< std::uint8_t > data, coff::section_header_t *scn={}, coff::symbol_t *sym={}, std::vector< recomp::reloc_t > relocs={}, sym_type_t dcmp_type={})theo::decomp::symbol_texplicit
type() consttheo::decomp::symbol_t
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1decomp_1_1symbol__t.html b/doxygen/html/classtheo_1_1decomp_1_1symbol__t.html deleted file mode 100644 index cbf195a..0000000 --- a/doxygen/html/classtheo_1_1decomp_1_1symbol__t.html +++ /dev/null @@ -1,569 +0,0 @@ - - - - - - - -Theodosius: theo::decomp::symbol_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -Static Public Member Functions | -List of all members
-
-
theo::decomp::symbol_t Class Reference
-
-
- -

symbol_t is an abstraction upon the coff symbol. this allows for easier manipulation of the symbol. symbols can be different things, sections, functions, and even instructions (when functions are broken down). - More...

- -

#include <symbol.hpp>

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

-Public Member Functions

 symbol_t (coff::image_t *img, std::string name, std::uintptr_t offset, std::vector< std::uint8_t > data, coff::section_header_t *scn={}, coff::symbol_t *sym={}, std::vector< recomp::reloc_t > relocs={}, sym_type_t dcmp_type={})
 the explicit constructor of this symbol. More...
 
std::string name () const
 gets the name of the symbol. More...
 
std::uintptr_t offset () const
 gets the offset into the section where the symbol is located. More...
 
std::uintptr_t allocated_at () const
 returns the address where the symbol is allocated. More...
 
std::uint32_t size () const
 returns the size of the symbol. More...
 
coff::section_header_t * scn () const
 gets the section header of the section in which the symbol is contained. More...
 
coff::image_t * img () const
 gets the imagine in which the symbol is located inside of. More...
 
std::vector< std::uint8_t > & data ()
 returns a vector by reference of bytes containing the data of the symbol. More...
 
coff::symbol_t * sym () const
 returns a pointer to the coff symbol object. More...
 
sym_type_t type () const
 returns the type of the symbol. More...
 
std::vector< recomp::reloc_t > & relocs ()
 returns a vector of relocations. More...
 
void allocated_at (std::uintptr_t allocated_at)
 set the address where the symbol is allocated at. More...
 
std::size_t hash ()
 gets the hash of the symbol name. More...
 
- - - - - - - -

-Static Public Member Functions

static std::size_t hash (const std::string &sym)
 generate a hash given the name of the symbol. More...
 
static std::string name (const coff::image_t *img, coff::symbol_t *sym)
 get the name of a symbol. this function will create a symbol name if the symbol is opaquely named. More...
 
-

Detailed Description

-

symbol_t is an abstraction upon the coff symbol. this allows for easier manipulation of the symbol. symbols can be different things, sections, functions, and even instructions (when functions are broken down).

-

this class is used throughout theodosius and is a keystone of the project. ensure you understand how this class works and what it contains.

- -

Definition at line 53 of file symbol.hpp.

-

Constructor & Destructor Documentation

- -

◆ symbol_t()

- -
-
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
theo::decomp::symbol_t::symbol_t (coff::image_t * img,
std::string name,
std::uintptr_t offset,
std::vector< std::uint8_t > data,
coff::section_header_t * scn = {},
coff::symbol_t * sym = {},
std::vector< recomp::reloc_trelocs = {},
sym_type_t dcmp_type = {} 
)
- 		-explicit
-
- -

the explicit constructor of this symbol.

-
Parameters
- - - - - - - - - -
imgthe image in which the symbol is located in.
namethe name of the symbol.
offsetoffset into the section where this symbol is located.
datathe data of the symbol. there can be no data.
scnthe section header describing the section which contains the symbol.
symthe coff symbol itself.
relocsa vector of relocations this symbol has (if any).
dcmp_typethe type of symbol
-
-
- -
-
-

Member Function Documentation

- -

◆ allocated_at() [1/2]

- -
-
- - - - - - - -
std::uintptr_t theo::decomp::symbol_t::allocated_at () const
-
- -

returns the address where the symbol is allocated.

-
Returns
the address where the symbol is allocated.
- -
-
- -

◆ allocated_at() [2/2]

- -
-
- - - - - - - - -
void theo::decomp::symbol_t::allocated_at (std::uintptr_t allocated_at)
-
- -

set the address where the symbol is allocated at.

-
Parameters
- - -
allocated_atwhere the symbol is allocated at.
-
-
- -
-
- -

◆ data()

- -
-
- - - - - - - -
std::vector<std::uint8_t>& theo::decomp::symbol_t::data ()
-
- -

returns a vector by reference of bytes containing the data of the symbol.

-
Returns
a vector by reference of bytes containing the data of the symbol.
- -
-
- -

◆ hash() [1/2]

- -
-
- - - - - - - -
std::size_t theo::decomp::symbol_t::hash ()
-
- -

gets the hash of the symbol name.

-
Returns
the hash of the symbol name.
- -
-
- -

◆ hash() [2/2]

- -
-
- - - - - -
- - - - - - - - -
static std::size_t theo::decomp::symbol_t::hash (const std::string & sym)
- 		-static
-
- -

generate a hash given the name of the symbol.

-
Parameters
- - -
symthe symbol name to create a hash from.
-
-
-
Returns
the symbol name hash
- -
-
- -

◆ img()

- -
-
- - - - - - - -
coff::image_t* theo::decomp::symbol_t::img () const
-
- -

gets the imagine in which the symbol is located inside of.

-
Returns
the imagine in which the symbol is located inside of.
- -
-
- -

◆ name() [1/2]

- -
-
- - - - - - - -
std::string theo::decomp::symbol_t::name () const
-
- -

gets the name of the symbol.

-
Returns
the name of the symbol.
- -
-
- -

◆ name() [2/2]

- -
-
- - - - - -
- - - - - - - - - - - - - - - - - - -
static std::string theo::decomp::symbol_t::name (const coff::image_t * img,
coff::symbol_t * sym 
)
- 		-static
-
- -

get the name of a symbol. this function will create a symbol name if the symbol is opaquely named.

-

for example in c++ if you define something like this:

-

some_struct_t val = { value_one, value_two };

-

"val" will be stored in the .data section of the coff file. however the symbol name will be opaque (the name of the symbol will be ".data"). this causes issues with theo since each symbol needs its own unqiue name to generate a unique symbol name hash. for symbols like this, theo will create a name for it with the following format:

-

.data::section_index!coff_file_timestamp+offset_into_section

-
Parameters
- - - -
imgthe coff file containing the symbol.
symthe coff symbol itself.
-
-
-
Returns
the name of the symbol, or a created one.
- -
-
- -

◆ offset()

- -
-
- - - - - - - -
std::uintptr_t theo::decomp::symbol_t::offset () const
-
- -

gets the offset into the section where the symbol is located.

-
Returns
the offset into the section where the symbol is located.
- -
-
- -

◆ relocs()

- -
-
- - - - - - - -
std::vector<recomp::reloc_t>& theo::decomp::symbol_t::relocs ()
-
- -

returns a vector of relocations.

-
Returns
a vector of relocations.
- -
-
- -

◆ scn()

- -
-
- - - - - - - -
coff::section_header_t* theo::decomp::symbol_t::scn () const
-
- -

gets the section header of the section in which the symbol is contained.

-
Returns
the section header of the section in which the symbol is contained.
- -
-
- -

◆ size()

- -
-
- - - - - - - -
std::uint32_t theo::decomp::symbol_t::size () const
-
- -

returns the size of the symbol.

-
Returns
the size of the symbol.
- -
-
- -

◆ sym()

- -
-
- - - - - - - -
coff::symbol_t* theo::decomp::symbol_t::sym () const
-
- -

returns a pointer to the coff symbol object.

-
Returns
a pointer to the coff symbol object.
- -
-
- -

◆ type()

- -
-
- - - - - - - -
sym_type_t theo::decomp::symbol_t::type () const
-
- -

returns the type of the symbol.

-
Returns
the type of the symbol.
- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1engine__t-members.html b/doxygen/html/classtheo_1_1obf_1_1engine__t-members.html deleted file mode 100644 index 6023514..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1engine__t-members.html +++ /dev/null @@ -1,86 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::obf::engine_t Member List
-
-
- -

This is the complete list of members for theo::obf::engine_t, including all inherited members.

- - - - -
add_pass(pass_t *pass)theo::obf::engine_t
get()theo::obf::engine_tstatic
run(decomp::symbol_t *sym)theo::obf::engine_t
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1engine__t.html b/doxygen/html/classtheo_1_1obf_1_1engine__t.html deleted file mode 100644 index d8bef8c..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1engine__t.html +++ /dev/null @@ -1,193 +0,0 @@ - - - - - - - -Theodosius: theo::obf::engine_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -Static Public Member Functions | -List of all members
-
-
theo::obf::engine_t Class Reference
-
-
- -

singleton obfuscation engine class. this class is responsible for keeping track of the registered passes and the order in which to execute them. - More...

- -

#include <engine.hpp>

- - - - - - - - -

-Public Member Functions

void add_pass (pass_t *pass)
 add a pass to the engine. the order in which you call this function matters as the underlying data structure that contains the passes is a vector. More...
 
void run (decomp::symbol_t *sym)
 run all the passes on the symbol. this function will only run a pass if the symbol is the same type as the pass requires. More...
 
- - - - -

-Static Public Member Functions

static engine_tget ()
 get the singleton object of this class. More...
 
-

Detailed Description

-

singleton obfuscation engine class. this class is responsible for keeping track of the registered passes and the order in which to execute them.

- -

Definition at line 42 of file engine.hpp.

-

Member Function Documentation

- -

◆ add_pass()

- -
-
- - - - - - - - -
void theo::obf::engine_t::add_pass (pass_tpass)
-
- -

add a pass to the engine. the order in which you call this function matters as the underlying data structure that contains the passes is a vector.

-
Parameters
- - -
passa pointer to the pass in which to add to the engine.
-
-
- -
-
- -

◆ get()

- -
-
- - - - - -
- - - - - - - -
static engine_t* theo::obf::engine_t::get ()
- 		-static
-
- -

get the singleton object of this class.

-
Returns
the singleton object of this class.
- -
-
- -

◆ run()

- -
-
- - - - - - - - -
void theo::obf::engine_t::run (decomp::symbol_tsym)
-
- -

run all the passes on the symbol. this function will only run a pass if the symbol is the same type as the pass requires.

-
Parameters
- - -
symsymbol to run all passes on.
-
-
- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1jcc__rewrite__pass__t-members.html b/doxygen/html/classtheo_1_1obf_1_1jcc__rewrite__pass__t-members.html deleted file mode 100644 index 91d277e..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1jcc__rewrite__pass__t-members.html +++ /dev/null @@ -1,87 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::obf::jcc_rewrite_pass_t Member List
-
-
- -

This is the complete list of members for theo::obf::jcc_rewrite_pass_t, including all inherited members.

- - - - - -
get()theo::obf::jcc_rewrite_pass_tstatic
pass_t(decomp::sym_type_t sym_type)theo::obf::pass_tinlineexplicit
run(decomp::symbol_t *sym)theo::obf::jcc_rewrite_pass_tvirtual
sym_type()theo::obf::pass_tinline
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html b/doxygen/html/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html deleted file mode 100644 index 69a38a3..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html +++ /dev/null @@ -1,193 +0,0 @@ - - - - - - - -Theodosius: theo::obf::jcc_rewrite_pass_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -Static Public Member Functions | -List of all members
-
-
theo::obf::jcc_rewrite_pass_t Class Reference
-
-
- -

jcc rewrite pass which rewrites rip relative jcc's so that they are position independent. - More...

- -

#include <jcc_rewrite_pass.hpp>

-
-Inheritance diagram for theo::obf::jcc_rewrite_pass_t:
-
-
Inheritance graph
-
[legend]
-
-Collaboration diagram for theo::obf::jcc_rewrite_pass_t:
-
-
Collaboration graph
-
[legend]
- - - - - - - - - - - - -

-Public Member Functions

void run (decomp::symbol_t *sym)
 virtual method which must be implimented by the pass that inherits this class. More...
 
- Public Member Functions inherited from theo::obf::pass_t
 pass_t (decomp::sym_type_t sym_type)
 the explicit constructor of the pass_t base class. More...
 
decomp::sym_type_t sym_type ()
 gets the passes symbol type. More...
 
- - - -

-Static Public Member Functions

static jcc_rewrite_pass_tget ()
 
-

Detailed Description

-

jcc rewrite pass which rewrites rip relative jcc's so that they are position independent.

-

given the following code: 

jnz label1
-; other code goes here
-

label1: ; more code here

-

the jnz instruction will be rewritten so that the following code is generated: 

jnz br2
-

br1: jmp [rip] ; address after this instruction contains the address ; of the instruction after the jcc. br2: jmp [rip] ; address after this instruction contains the address of where ; branch 2 is located.

-

its important to note that other passes will encrypt (transform) the address of the next instruction. There is actually no jmp [rip] either, push/ret is used.

- -

Definition at line 61 of file jcc_rewrite_pass.hpp.

-

Member Function Documentation

- -

◆ get()

- -
-
- - - - - -
- - - - - - - -
static jcc_rewrite_pass_t* theo::obf::jcc_rewrite_pass_t::get ()
- 		-static
-
- -
-
- -

◆ run()

- -
-
- - - - - -
- - - - - - - - -
void theo::obf::jcc_rewrite_pass_t::run (decomp::symbol_tsym)
- 		-virtual
-
- -

virtual method which must be implimented by the pass that inherits this class.

-
Parameters
- - -
syma symbol of the same type of m_sym_type.
-
-
- -

Implements theo::obf::pass_t.

- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1jcc__rewrite__pass__t__coll__graph.dot b/doxygen/html/classtheo_1_1obf_1_1jcc__rewrite__pass__t__coll__graph.dot deleted file mode 100644 index 04aae8a..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1jcc__rewrite__pass__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::jcc_rewrite_pass_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::jcc_rewrite\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="jcc rewrite pass which rewrites rip relative jcc's so that they are position independent."]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1pass__t.html",tooltip="the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1jcc__rewrite__pass__t__inherit__graph.dot b/doxygen/html/classtheo_1_1obf_1_1jcc__rewrite__pass__t__inherit__graph.dot deleted file mode 100644 index 04aae8a..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1jcc__rewrite__pass__t__inherit__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::jcc_rewrite_pass_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::jcc_rewrite\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="jcc rewrite pass which rewrites rip relative jcc's so that they are position independent."]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1pass__t.html",tooltip="the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1next__inst__pass__t-members.html b/doxygen/html/classtheo_1_1obf_1_1next__inst__pass__t-members.html deleted file mode 100644 index bb9c730..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1next__inst__pass__t-members.html +++ /dev/null @@ -1,87 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::obf::next_inst_pass_t Member List
-
-
- -

This is the complete list of members for theo::obf::next_inst_pass_t, including all inherited members.

- - - - - -
get()theo::obf::next_inst_pass_tstatic
pass_t(decomp::sym_type_t sym_type)theo::obf::pass_tinlineexplicit
run(decomp::symbol_t *sym)theo::obf::next_inst_pass_tvirtual
sym_type()theo::obf::pass_tinline
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1next__inst__pass__t.html b/doxygen/html/classtheo_1_1obf_1_1next__inst__pass__t.html deleted file mode 100644 index 1301e08..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1next__inst__pass__t.html +++ /dev/null @@ -1,194 +0,0 @@ - - - - - - - -Theodosius: theo::obf::next_inst_pass_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -Static Public Member Functions | -List of all members
-
-
theo::obf::next_inst_pass_t Class Reference
-
-
- -

This pass is used to generate transformations and jmp code to change RIP to the next instruction. - More...

- -

#include <next_inst_pass.hpp>

-
-Inheritance diagram for theo::obf::next_inst_pass_t:
-
-
Inheritance graph
-
[legend]
-
-Collaboration diagram for theo::obf::next_inst_pass_t:
-
-
Collaboration graph
-
[legend]
- - - - - - - - - - - - -

-Public Member Functions

void run (decomp::symbol_t *sym)
 virtual method which must be implimented by the pass that inherits this class. More...
 
- Public Member Functions inherited from theo::obf::pass_t
 pass_t (decomp::sym_type_t sym_type)
 the explicit constructor of the pass_t base class. More...
 
decomp::sym_type_t sym_type ()
 gets the passes symbol type. More...
 
- - - -

-Static Public Member Functions

static next_inst_pass_tget ()
 
-

Detailed Description

-

This pass is used to generate transformations and jmp code to change RIP to the next instruction.

-

given the following code (get pml4 address from cr3):

-

get_pml4: 0: 48 c7 c0 ff 0f 00 00 mov rax,0xfff 7: 48 f7 d0 not rax a: 0f 20 da mov rdx,cr3 d: 48 21 c2 and rdx,rax 10: b1 00 mov cl,0x0 12: 48 d3 e2 shl rdx,cl 15: 48 89 d0 mov rax,rdx 18: c3 ret

-

this pass will break up each instruction so that it can be anywhere in a linear virtual address space. this pass will not work on rip relative code, however clang will not generate such code when compiled with "-mcmodel=large"

-

get_pml4@0: mov rax, 0xFFF push [next_inst_addr_enc] xor [rsp], 0x3243342 ; a random number of transformations here... ret next_inst_addr_enc: ; encrypted address of the next instruction goes here.

-

get_pml4@7: not rax push [next_inst_addr_enc] xor [rsp], 0x93983498 ; a random number of transformations here... ret next_inst_addr_enc: ; encrypted address of the next instruction goes here.

-

this process is continued for each instruction in the function. the last instruction "ret" will have no code generated for it as there is no next instruction.

-

this pass also only runs at the instruction level, theodosius internally breaks up functions inside of the ".split" section into individual instruction symbols. this process also creates a psuedo relocation which simply tells this pass that there needs to be a relocation to the next symbol. the offset for these psuedo relocations is zero.

- -

Definition at line 85 of file next_inst_pass.hpp.

-

Member Function Documentation

- -

◆ get()

- -
-
- - - - - -
- - - - - - - -
static next_inst_pass_t* theo::obf::next_inst_pass_t::get ()
- 		-static
-
- -
-
- -

◆ run()

- -
-
- - - - - -
- - - - - - - - -
void theo::obf::next_inst_pass_t::run (decomp::symbol_tsym)
- 		-virtual
-
- -

virtual method which must be implimented by the pass that inherits this class.

-
Parameters
- - -
syma symbol of the same type of m_sym_type.
-
-
- -

Implements theo::obf::pass_t.

- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1next__inst__pass__t__coll__graph.dot b/doxygen/html/classtheo_1_1obf_1_1next__inst__pass__t__coll__graph.dot deleted file mode 100644 index 5c0036d..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1next__inst__pass__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::next_inst_pass_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::next_inst\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="This pass is used to generate transformations and jmp code to change RIP to the next instruction."]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1pass__t.html",tooltip="the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1next__inst__pass__t__inherit__graph.dot b/doxygen/html/classtheo_1_1obf_1_1next__inst__pass__t__inherit__graph.dot deleted file mode 100644 index 5c0036d..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1next__inst__pass__t__inherit__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::next_inst_pass_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::next_inst\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="This pass is used to generate transformations and jmp code to change RIP to the next instruction."]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1pass__t.html",tooltip="the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1pass__t-members.html b/doxygen/html/classtheo_1_1obf_1_1pass__t-members.html deleted file mode 100644 index a8426e8..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1pass__t-members.html +++ /dev/null @@ -1,86 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::obf::pass_t Member List
-
-
- -

This is the complete list of members for theo::obf::pass_t, including all inherited members.

- - - - -
pass_t(decomp::sym_type_t sym_type)theo::obf::pass_tinlineexplicit
run(decomp::symbol_t *sym)=0theo::obf::pass_tpure virtual
sym_type()theo::obf::pass_tinline
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1pass__t.html b/doxygen/html/classtheo_1_1obf_1_1pass__t.html deleted file mode 100644 index e1a8f3c..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1pass__t.html +++ /dev/null @@ -1,218 +0,0 @@ - - - - - - - -Theodosius: theo::obf::pass_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -List of all members
-
-
theo::obf::pass_t Class Referenceabstract
-
-
- -

the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual function and declare the logic of your pass there. - More...

- -

#include <pass.hpp>

-
-Inheritance diagram for theo::obf::pass_t:
-
-
Inheritance graph
-
[legend]
- - - - - - - - - - - -

-Public Member Functions

 pass_t (decomp::sym_type_t sym_type)
 the explicit constructor of the pass_t base class. More...
 
virtual void run (decomp::symbol_t *sym)=0
 virtual method which must be implimented by the pass that inherits this class. More...
 
decomp::sym_type_t sym_type ()
 gets the passes symbol type. More...
 
-

Detailed Description

-

the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual function and declare the logic of your pass there.

-

in the constructor of your pass you must call the super constructor (the pass_t constructor) and pass it the type of symbol which you are interesting in receiving.

- -

Definition at line 55 of file pass.hpp.

-

Constructor & Destructor Documentation

- -

◆ pass_t()

- -
-
- - - - - -
- - - - - - - - -
theo::obf::pass_t::pass_t (decomp::sym_type_t sym_type)
- 		-inlineexplicit
-
- -

the explicit constructor of the pass_t base class.

-
Parameters
- - -
sym_typethe type of symbol in which the pass will run on. every symbol passed to the virtual "run" instruction will be of this type.
-
-
- -

Definition at line 63 of file pass.hpp.

- -
-
-

Member Function Documentation

- -

◆ run()

- -
-
- - - - - -
- - - - - - - - -
virtual void theo::obf::pass_t::run (decomp::symbol_tsym)
- 		-pure virtual
-
- -

virtual method which must be implimented by the pass that inherits this class.

-
Parameters
- - -
syma symbol of the same type of m_sym_type.
-
-
- -

Implemented in theo::obf::reloc_transform_pass_t, theo::obf::next_inst_pass_t, and theo::obf::jcc_rewrite_pass_t.

- -
-
- -

◆ sym_type()

- -
-
- - - - - -
- - - - - - - -
decomp::sym_type_t theo::obf::pass_t::sym_type ()
- 		-inline
-
- -

gets the passes symbol type.

-
Returns
the passes symbol type.
- -

Definition at line 76 of file pass.hpp.

- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1pass__t__inherit__graph.dot b/doxygen/html/classtheo_1_1obf_1_1pass__t__inherit__graph.dot deleted file mode 100644 index 15283c9..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1pass__t__inherit__graph.dot +++ /dev/null @@ -1,14 +0,0 @@ -digraph "theo::obf::pass_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - rankdir="LR"; - Node1 [label="theo::obf::pass_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct..."]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::jcc_rewrite\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1jcc__rewrite__pass__t.html",tooltip="jcc rewrite pass which rewrites rip relative jcc's so that they are position independent."]; - Node1 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="theo::obf::next_inst\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1next__inst__pass__t.html",tooltip="This pass is used to generate transformations and jmp code to change RIP to the next instruction."]; - Node1 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="theo::obf::reloc_transform\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1reloc__transform__pass__t.html",tooltip="this pass is like the next_inst_pass, however, relocations are encrypted with transformations instead..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1reloc__transform__pass__t-members.html b/doxygen/html/classtheo_1_1obf_1_1reloc__transform__pass__t-members.html deleted file mode 100644 index f199d7e..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1reloc__transform__pass__t-members.html +++ /dev/null @@ -1,87 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::obf::reloc_transform_pass_t Member List
-
-
- -

This is the complete list of members for theo::obf::reloc_transform_pass_t, including all inherited members.

- - - - - -
get()theo::obf::reloc_transform_pass_tstatic
pass_t(decomp::sym_type_t sym_type)theo::obf::pass_tinlineexplicit
run(decomp::symbol_t *sym)theo::obf::reloc_transform_pass_tvirtual
sym_type()theo::obf::pass_tinline
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1reloc__transform__pass__t.html b/doxygen/html/classtheo_1_1obf_1_1reloc__transform__pass__t.html deleted file mode 100644 index aeb1c9c..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1reloc__transform__pass__t.html +++ /dev/null @@ -1,192 +0,0 @@ - - - - - - - -Theodosius: theo::obf::reloc_transform_pass_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -Static Public Member Functions | -List of all members
-
-
theo::obf::reloc_transform_pass_t Class Reference
-
-
- -

this pass is like the next_inst_pass, however, relocations are encrypted with transformations instead of the address of the next instruction. this pass only runs at the instruction level and appends transformations into the reloc_t object of the instruction symbol. - More...

- -

#include <reloc_transform_pass.hpp>

-
-Inheritance diagram for theo::obf::reloc_transform_pass_t:
-
-
Inheritance graph
-
[legend]
-
-Collaboration diagram for theo::obf::reloc_transform_pass_t:
-
-
Collaboration graph
-
[legend]
- - - - - - - - - - - - -

-Public Member Functions

void run (decomp::symbol_t *sym)
 virtual method which must be implimented by the pass that inherits this class. More...
 
- Public Member Functions inherited from theo::obf::pass_t
 pass_t (decomp::sym_type_t sym_type)
 the explicit constructor of the pass_t base class. More...
 
decomp::sym_type_t sym_type ()
 gets the passes symbol type. More...
 
- - - -

-Static Public Member Functions

static reloc_transform_pass_tget ()
 
-

Detailed Description

-

this pass is like the next_inst_pass, however, relocations are encrypted with transformations instead of the address of the next instruction. this pass only runs at the instruction level and appends transformations into the reloc_t object of the instruction symbol.

-

given the following code: 

mov rax, &MessageBoxA
-

this pass will generate a random number of transformations to encrypt the address of "MessageBoxA". These transformations will then be applied by theodosius internally when resolving relocations. 

mov rax, enc_MessageBoxA
-xor rax, 0x389284324
-add rax, 0x345332567
-ror rax, 0x5353
-
-

Definition at line 56 of file reloc_transform_pass.hpp.

-

Member Function Documentation

- -

◆ get()

- -
-
- - - - - -
- - - - - - - -
static reloc_transform_pass_t* theo::obf::reloc_transform_pass_t::get ()
- 		-static
-
- -
-
- -

◆ run()

- -
-
- - - - - -
- - - - - - - - -
void theo::obf::reloc_transform_pass_t::run (decomp::symbol_tsym)
- 		-virtual
-
- -

virtual method which must be implimented by the pass that inherits this class.

-
Parameters
- - -
syma symbol of the same type of m_sym_type.
-
-
- -

Implements theo::obf::pass_t.

- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1reloc__transform__pass__t__coll__graph.dot b/doxygen/html/classtheo_1_1obf_1_1reloc__transform__pass__t__coll__graph.dot deleted file mode 100644 index 901ef24..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1reloc__transform__pass__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::reloc_transform_pass_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::reloc_transform\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="this pass is like the next_inst_pass, however, relocations are encrypted with transformations instead..."]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1pass__t.html",tooltip="the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1reloc__transform__pass__t__inherit__graph.dot b/doxygen/html/classtheo_1_1obf_1_1reloc__transform__pass__t__inherit__graph.dot deleted file mode 100644 index 901ef24..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1reloc__transform__pass__t__inherit__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::reloc_transform_pass_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::reloc_transform\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="this pass is like the next_inst_pass, however, relocations are encrypted with transformations instead..."]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1pass__t.html",tooltip="the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1add__op__t-members.html b/doxygen/html/classtheo_1_1obf_1_1transform_1_1add__op__t-members.html deleted file mode 100644 index 8d5f649..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1add__op__t-members.html +++ /dev/null @@ -1,90 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::obf::transform::add_op_t Member List
-
-
- -

This is the complete list of members for theo::obf::transform::add_op_t, including all inherited members.

- - - - - - - - -
get()theo::obf::transform::add_op_tinlinestatic
get_transform()theo::obf::transform::operation_tinline
inverse()theo::obf::transform::operation_tinline
native(const xed_decoded_inst_t *inst, std::uint32_t imm)theo::obf::transform::operation_tinline
operation_t(transform_t op, xed_iclass_enum_t type)theo::obf::transform::operation_tinlineexplicit
random(std::size_t lowest, std::size_t largest)theo::obf::transform::operation_tinlinestatic
type()theo::obf::transform::operation_tinline
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1add__op__t.html b/doxygen/html/classtheo_1_1obf_1_1transform_1_1add__op__t.html deleted file mode 100644 index 0f9a754..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1add__op__t.html +++ /dev/null @@ -1,158 +0,0 @@ - - - - - - - -Theodosius: theo::obf::transform::add_op_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Static Public Member Functions | -List of all members
-
-
theo::obf::transform::add_op_t Class Reference
-
-
- -

#include <add_op.hpp>

-
-Inheritance diagram for theo::obf::transform::add_op_t:
-
-
Inheritance graph
-
[legend]
-
-Collaboration diagram for theo::obf::transform::add_op_t:
-
-
Collaboration graph
-
[legend]
- - - - - - - - -

-Static Public Member Functions

static add_op_tget ()
 
- Static Public Member Functions inherited from theo::obf::transform::operation_t
static std::size_t random (std::size_t lowest, std::size_t largest)
 generate a random number in a range. More...
 
- - - - - - - - - - - - - - - - - -

-Additional Inherited Members

- Public Member Functions inherited from theo::obf::transform::operation_t
 operation_t (transform_t op, xed_iclass_enum_t type)
 explicit constructor for operation_t More...
 
std::vector< std::uint8_t > native (const xed_decoded_inst_t *inst, std::uint32_t imm)
 generates a native transform instruction given an existing instruction. it works like so: More...
 
xed_iclass_enum_t inverse ()
 gets the inverse operation of the current operation. More...
 
transform_tget_transform ()
 gets a pointer to the lambda function which contains the transform logic. More...
 
xed_iclass_enum_t type ()
 gets the operation type. such as XED_ICLASS_ADD, XED_ICLASS_SUB, etc... More...
 
-

Detailed Description

-
-

Definition at line 35 of file add_op.hpp.

-

Member Function Documentation

- -

◆ get()

- -
-
- - - - - -
- - - - - - - -
static add_op_t* theo::obf::transform::add_op_t::get ()
- 		-inlinestatic
-
- -

Definition at line 42 of file add_op.hpp.

- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1add__op__t__coll__graph.dot b/doxygen/html/classtheo_1_1obf_1_1transform_1_1add__op__t__coll__graph.dot deleted file mode 100644 index f2a5b47..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1add__op__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::add_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::add_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1add__op__t__inherit__graph.dot b/doxygen/html/classtheo_1_1obf_1_1transform_1_1add__op__t__inherit__graph.dot deleted file mode 100644 index f2a5b47..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1add__op__t__inherit__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::add_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::add_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1operation__t-members.html b/doxygen/html/classtheo_1_1obf_1_1transform_1_1operation__t-members.html deleted file mode 100644 index f47fe79..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1operation__t-members.html +++ /dev/null @@ -1,89 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::obf::transform::operation_t Member List
-
-
- -

This is the complete list of members for theo::obf::transform::operation_t, including all inherited members.

- - - - - - - -
get_transform()theo::obf::transform::operation_tinline
inverse()theo::obf::transform::operation_tinline
native(const xed_decoded_inst_t *inst, std::uint32_t imm)theo::obf::transform::operation_tinline
operation_t(transform_t op, xed_iclass_enum_t type)theo::obf::transform::operation_tinlineexplicit
random(std::size_t lowest, std::size_t largest)theo::obf::transform::operation_tinlinestatic
type()theo::obf::transform::operation_tinline
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1operation__t.html b/doxygen/html/classtheo_1_1obf_1_1transform_1_1operation__t.html deleted file mode 100644 index ff74a4e..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1operation__t.html +++ /dev/null @@ -1,369 +0,0 @@ - - - - - - - -Theodosius: theo::obf::transform::operation_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -Static Public Member Functions | -List of all members
-
-
theo::obf::transform::operation_t Class Reference
-
-
- -

operation_t is the base class for all types of transformations. classes that inherit this class are singleton and simply call the super constructor (operation_t::operation_t). - More...

- -

#include <operation.hpp>

-
-Inheritance diagram for theo::obf::transform::operation_t:
-
-
Inheritance graph
-
[legend]
- - - - - - - - - - - - - - - - - -

-Public Member Functions

 operation_t (transform_t op, xed_iclass_enum_t type)
 explicit constructor for operation_t More...
 
std::vector< std::uint8_t > native (const xed_decoded_inst_t *inst, std::uint32_t imm)
 generates a native transform instruction given an existing instruction. it works like so: More...
 
xed_iclass_enum_t inverse ()
 gets the inverse operation of the current operation. More...
 
transform_tget_transform ()
 gets a pointer to the lambda function which contains the transform logic. More...
 
xed_iclass_enum_t type ()
 gets the operation type. such as XED_ICLASS_ADD, XED_ICLASS_SUB, etc... More...
 
- - - - -

-Static Public Member Functions

static std::size_t random (std::size_t lowest, std::size_t largest)
 generate a random number in a range. More...
 
-

Detailed Description

-

operation_t is the base class for all types of transformations. classes that inherit this class are singleton and simply call the super constructor (operation_t::operation_t).

- -

Definition at line 61 of file operation.hpp.

-

Constructor & Destructor Documentation

- -

◆ operation_t()

- -
-
- - - - - -
- - - - - - - - - - - - - - - - - - -
theo::obf::transform::operation_t::operation_t (transform_t op,
xed_iclass_enum_t type 
)
- 		-inlineexplicit
-
- -

explicit constructor for operation_t

-
Parameters
- - - -
oplambda function when executed applies transformations.
typetype of transformation, such as XOR, ADD, SUB, etc...
-
-
- -

Definition at line 69 of file operation.hpp.

- -
-
-

Member Function Documentation

- -

◆ get_transform()

- -
-
- - - - - -
- - - - - - - -
transform_t* theo::obf::transform::operation_t::get_transform ()
- 		-inline
-
- -

gets a pointer to the lambda function which contains the transform logic.

-
Returns
a pointer to the lambda function which contains the transform logic.
- -

Definition at line 133 of file operation.hpp.

- -
-
- -

◆ inverse()

- -
-
- - - - - -
- - - - - - - -
xed_iclass_enum_t theo::obf::transform::operation_t::inverse ()
- 		-inline
-
- -

gets the inverse operation of the current operation.

-
Returns
the inverse operation of the current operation.
- -

Definition at line 126 of file operation.hpp.

- -
-
- -

◆ native()

- -
-
- - - - - -
- - - - - - - - - - - - - - - - - - -
std::vector<std::uint8_t> theo::obf::transform::operation_t::native (const xed_decoded_inst_t * inst,
std::uint32_t imm 
)
- 		-inline
-
- -

generates a native transform instruction given an existing instruction. it works like so:

-

mov rax, &MessageBoxA ; original instruction with relocation

-

; this function takes the first operand and out of the original ; instruction and uses it to generate a transformation.

-

xor rax, 0x39280928 ; this would be an example output for the xor ;operation.

-
Parameters
- - - -
instinstruction with a relocation to generate a transformation for.
immrandom 32bit number used in the generate transform.
-
-
-
Returns
returns the bytes of the native instruction that was encoded.
- -

Definition at line 89 of file operation.hpp.

- -
-
- -

◆ random()

- -
-
- - - - - -
- - - - - - - - - - - - - - - - - - -
static std::size_t theo::obf::transform::operation_t::random (std::size_t lowest,
std::size_t largest 
)
- 		-inlinestatic
-
- -

generate a random number in a range.

-
Parameters
- - - -
lowestlowest value of the range.
largesthighest value of the range.
-
-
-
Returns
a random value in a range.
- -

Definition at line 148 of file operation.hpp.

-
-Here is the caller graph for this function:
-
-
-
- -
-
- -

◆ type()

- -
-
- - - - - -
- - - - - - - -
xed_iclass_enum_t theo::obf::transform::operation_t::type ()
- 		-inline
-
- -

gets the operation type. such as XED_ICLASS_ADD, XED_ICLASS_SUB, etc...

-
Returns
the operation type. such as XED_ICLASS_ADD, XED_ICLASS_SUB, etc...
- -

Definition at line 140 of file operation.hpp.

- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1operation__t__inherit__graph.dot b/doxygen/html/classtheo_1_1obf_1_1transform_1_1operation__t__inherit__graph.dot deleted file mode 100644 index e9684ef..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1operation__t__inherit__graph.dot +++ /dev/null @@ -1,18 +0,0 @@ -digraph "theo::obf::transform::operation_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - rankdir="LR"; - Node1 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::add_op_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1add__op__t.html",tooltip=" "]; - Node1 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="theo::obf::transform\l::rol_op_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1rol__op__t.html",tooltip=" "]; - Node1 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="theo::obf::transform\l::ror_op_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1ror__op__t.html",tooltip=" "]; - Node1 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="theo::obf::transform\l::sub_op_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1sub__op__t.html",tooltip=" "]; - Node1 -> Node6 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="theo::obf::transform\l::xor_op_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1xor__op__t.html",tooltip=" "]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1operation__t_aaa5859bc3c7f95d99d4d726289593488_icgraph.dot b/doxygen/html/classtheo_1_1obf_1_1transform_1_1operation__t_aaa5859bc3c7f95d99d4d726289593488_icgraph.dot deleted file mode 100644 index d47dddf..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1operation__t_aaa5859bc3c7f95d99d4d726289593488_icgraph.dot +++ /dev/null @@ -1,10 +0,0 @@ -digraph "theo::obf::transform::operation_t::random" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - rankdir="RL"; - Node1 [label="theo::obf::transform\l::operation_t::random",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="generate a random number in a range."]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::generate",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$namespacetheo_1_1obf_1_1transform.html#a416c6c93ce55a4ab9f70592951d15704",tooltip="generate a sequence of transformations given an instruction that has a relocation in it."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1rol__op__t-members.html b/doxygen/html/classtheo_1_1obf_1_1transform_1_1rol__op__t-members.html deleted file mode 100644 index 246f40d..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1rol__op__t-members.html +++ /dev/null @@ -1,90 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::obf::transform::rol_op_t Member List
-
-
- -

This is the complete list of members for theo::obf::transform::rol_op_t, including all inherited members.

- - - - - - - - -
get()theo::obf::transform::rol_op_tinlinestatic
get_transform()theo::obf::transform::operation_tinline
inverse()theo::obf::transform::operation_tinline
native(const xed_decoded_inst_t *inst, std::uint32_t imm)theo::obf::transform::operation_tinline
operation_t(transform_t op, xed_iclass_enum_t type)theo::obf::transform::operation_tinlineexplicit
random(std::size_t lowest, std::size_t largest)theo::obf::transform::operation_tinlinestatic
type()theo::obf::transform::operation_tinline
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1rol__op__t.html b/doxygen/html/classtheo_1_1obf_1_1transform_1_1rol__op__t.html deleted file mode 100644 index 2b1d351..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1rol__op__t.html +++ /dev/null @@ -1,158 +0,0 @@ - - - - - - - -Theodosius: theo::obf::transform::rol_op_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Static Public Member Functions | -List of all members
-
-
theo::obf::transform::rol_op_t Class Reference
-
-
- -

#include <rol_op.hpp>

-
-Inheritance diagram for theo::obf::transform::rol_op_t:
-
-
Inheritance graph
-
[legend]
-
-Collaboration diagram for theo::obf::transform::rol_op_t:
-
-
Collaboration graph
-
[legend]
- - - - - - - - -

-Static Public Member Functions

static rol_op_tget ()
 
- Static Public Member Functions inherited from theo::obf::transform::operation_t
static std::size_t random (std::size_t lowest, std::size_t largest)
 generate a random number in a range. More...
 
- - - - - - - - - - - - - - - - - -

-Additional Inherited Members

- Public Member Functions inherited from theo::obf::transform::operation_t
 operation_t (transform_t op, xed_iclass_enum_t type)
 explicit constructor for operation_t More...
 
std::vector< std::uint8_t > native (const xed_decoded_inst_t *inst, std::uint32_t imm)
 generates a native transform instruction given an existing instruction. it works like so: More...
 
xed_iclass_enum_t inverse ()
 gets the inverse operation of the current operation. More...
 
transform_tget_transform ()
 gets a pointer to the lambda function which contains the transform logic. More...
 
xed_iclass_enum_t type ()
 gets the operation type. such as XED_ICLASS_ADD, XED_ICLASS_SUB, etc... More...
 
-

Detailed Description

-
-

Definition at line 35 of file rol_op.hpp.

-

Member Function Documentation

- -

◆ get()

- -
-
- - - - - -
- - - - - - - -
static rol_op_t* theo::obf::transform::rol_op_t::get ()
- 		-inlinestatic
-
- -

Definition at line 44 of file rol_op.hpp.

- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1rol__op__t__coll__graph.dot b/doxygen/html/classtheo_1_1obf_1_1transform_1_1rol__op__t__coll__graph.dot deleted file mode 100644 index 46c06a3..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1rol__op__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::rol_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::rol_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1rol__op__t__inherit__graph.dot b/doxygen/html/classtheo_1_1obf_1_1transform_1_1rol__op__t__inherit__graph.dot deleted file mode 100644 index 46c06a3..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1rol__op__t__inherit__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::rol_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::rol_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1ror__op__t-members.html b/doxygen/html/classtheo_1_1obf_1_1transform_1_1ror__op__t-members.html deleted file mode 100644 index c35f0d8..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1ror__op__t-members.html +++ /dev/null @@ -1,90 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::obf::transform::ror_op_t Member List
-
-
- -

This is the complete list of members for theo::obf::transform::ror_op_t, including all inherited members.

- - - - - - - - -
get()theo::obf::transform::ror_op_tinlinestatic
get_transform()theo::obf::transform::operation_tinline
inverse()theo::obf::transform::operation_tinline
native(const xed_decoded_inst_t *inst, std::uint32_t imm)theo::obf::transform::operation_tinline
operation_t(transform_t op, xed_iclass_enum_t type)theo::obf::transform::operation_tinlineexplicit
random(std::size_t lowest, std::size_t largest)theo::obf::transform::operation_tinlinestatic
type()theo::obf::transform::operation_tinline
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1ror__op__t.html b/doxygen/html/classtheo_1_1obf_1_1transform_1_1ror__op__t.html deleted file mode 100644 index d659c36..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1ror__op__t.html +++ /dev/null @@ -1,158 +0,0 @@ - - - - - - - -Theodosius: theo::obf::transform::ror_op_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Static Public Member Functions | -List of all members
-
-
theo::obf::transform::ror_op_t Class Reference
-
-
- -

#include <ror_op.hpp>

-
-Inheritance diagram for theo::obf::transform::ror_op_t:
-
-
Inheritance graph
-
[legend]
-
-Collaboration diagram for theo::obf::transform::ror_op_t:
-
-
Collaboration graph
-
[legend]
- - - - - - - - -

-Static Public Member Functions

static ror_op_tget ()
 
- Static Public Member Functions inherited from theo::obf::transform::operation_t
static std::size_t random (std::size_t lowest, std::size_t largest)
 generate a random number in a range. More...
 
- - - - - - - - - - - - - - - - - -

-Additional Inherited Members

- Public Member Functions inherited from theo::obf::transform::operation_t
 operation_t (transform_t op, xed_iclass_enum_t type)
 explicit constructor for operation_t More...
 
std::vector< std::uint8_t > native (const xed_decoded_inst_t *inst, std::uint32_t imm)
 generates a native transform instruction given an existing instruction. it works like so: More...
 
xed_iclass_enum_t inverse ()
 gets the inverse operation of the current operation. More...
 
transform_tget_transform ()
 gets a pointer to the lambda function which contains the transform logic. More...
 
xed_iclass_enum_t type ()
 gets the operation type. such as XED_ICLASS_ADD, XED_ICLASS_SUB, etc... More...
 
-

Detailed Description

-
-

Definition at line 35 of file ror_op.hpp.

-

Member Function Documentation

- -

◆ get()

- -
-
- - - - - -
- - - - - - - -
static ror_op_t* theo::obf::transform::ror_op_t::get ()
- 		-inlinestatic
-
- -

Definition at line 44 of file ror_op.hpp.

- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1ror__op__t__coll__graph.dot b/doxygen/html/classtheo_1_1obf_1_1transform_1_1ror__op__t__coll__graph.dot deleted file mode 100644 index a8bbda4..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1ror__op__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::ror_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::ror_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1ror__op__t__inherit__graph.dot b/doxygen/html/classtheo_1_1obf_1_1transform_1_1ror__op__t__inherit__graph.dot deleted file mode 100644 index a8bbda4..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1ror__op__t__inherit__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::ror_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::ror_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1sub__op__t-members.html b/doxygen/html/classtheo_1_1obf_1_1transform_1_1sub__op__t-members.html deleted file mode 100644 index ff16842..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1sub__op__t-members.html +++ /dev/null @@ -1,90 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::obf::transform::sub_op_t Member List
-
-
- -

This is the complete list of members for theo::obf::transform::sub_op_t, including all inherited members.

- - - - - - - - -
get()theo::obf::transform::sub_op_tinlinestatic
get_transform()theo::obf::transform::operation_tinline
inverse()theo::obf::transform::operation_tinline
native(const xed_decoded_inst_t *inst, std::uint32_t imm)theo::obf::transform::operation_tinline
operation_t(transform_t op, xed_iclass_enum_t type)theo::obf::transform::operation_tinlineexplicit
random(std::size_t lowest, std::size_t largest)theo::obf::transform::operation_tinlinestatic
type()theo::obf::transform::operation_tinline
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1sub__op__t.html b/doxygen/html/classtheo_1_1obf_1_1transform_1_1sub__op__t.html deleted file mode 100644 index be562a9..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1sub__op__t.html +++ /dev/null @@ -1,158 +0,0 @@ - - - - - - - -Theodosius: theo::obf::transform::sub_op_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Static Public Member Functions | -List of all members
-
-
theo::obf::transform::sub_op_t Class Reference
-
-
- -

#include <sub_op.hpp>

-
-Inheritance diagram for theo::obf::transform::sub_op_t:
-
-
Inheritance graph
-
[legend]
-
-Collaboration diagram for theo::obf::transform::sub_op_t:
-
-
Collaboration graph
-
[legend]
- - - - - - - - -

-Static Public Member Functions

static sub_op_tget ()
 
- Static Public Member Functions inherited from theo::obf::transform::operation_t
static std::size_t random (std::size_t lowest, std::size_t largest)
 generate a random number in a range. More...
 
- - - - - - - - - - - - - - - - - -

-Additional Inherited Members

- Public Member Functions inherited from theo::obf::transform::operation_t
 operation_t (transform_t op, xed_iclass_enum_t type)
 explicit constructor for operation_t More...
 
std::vector< std::uint8_t > native (const xed_decoded_inst_t *inst, std::uint32_t imm)
 generates a native transform instruction given an existing instruction. it works like so: More...
 
xed_iclass_enum_t inverse ()
 gets the inverse operation of the current operation. More...
 
transform_tget_transform ()
 gets a pointer to the lambda function which contains the transform logic. More...
 
xed_iclass_enum_t type ()
 gets the operation type. such as XED_ICLASS_ADD, XED_ICLASS_SUB, etc... More...
 
-

Detailed Description

-
-

Definition at line 35 of file sub_op.hpp.

-

Member Function Documentation

- -

◆ get()

- -
-
- - - - - -
- - - - - - - -
static sub_op_t* theo::obf::transform::sub_op_t::get ()
- 		-inlinestatic
-
- -

Definition at line 42 of file sub_op.hpp.

- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1sub__op__t__coll__graph.dot b/doxygen/html/classtheo_1_1obf_1_1transform_1_1sub__op__t__coll__graph.dot deleted file mode 100644 index 2ff24b0..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1sub__op__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::sub_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::sub_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1sub__op__t__inherit__graph.dot b/doxygen/html/classtheo_1_1obf_1_1transform_1_1sub__op__t__inherit__graph.dot deleted file mode 100644 index 2ff24b0..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1sub__op__t__inherit__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::sub_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::sub_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1xor__op__t-members.html b/doxygen/html/classtheo_1_1obf_1_1transform_1_1xor__op__t-members.html deleted file mode 100644 index 3139c27..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1xor__op__t-members.html +++ /dev/null @@ -1,90 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::obf::transform::xor_op_t Member List
-
-
- -

This is the complete list of members for theo::obf::transform::xor_op_t, including all inherited members.

- - - - - - - - -
get()theo::obf::transform::xor_op_tinlinestatic
get_transform()theo::obf::transform::operation_tinline
inverse()theo::obf::transform::operation_tinline
native(const xed_decoded_inst_t *inst, std::uint32_t imm)theo::obf::transform::operation_tinline
operation_t(transform_t op, xed_iclass_enum_t type)theo::obf::transform::operation_tinlineexplicit
random(std::size_t lowest, std::size_t largest)theo::obf::transform::operation_tinlinestatic
type()theo::obf::transform::operation_tinline
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1xor__op__t.html b/doxygen/html/classtheo_1_1obf_1_1transform_1_1xor__op__t.html deleted file mode 100644 index 628108e..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1xor__op__t.html +++ /dev/null @@ -1,158 +0,0 @@ - - - - - - - -Theodosius: theo::obf::transform::xor_op_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Static Public Member Functions | -List of all members
-
-
theo::obf::transform::xor_op_t Class Reference
-
-
- -

#include <xor_op.hpp>

-
-Inheritance diagram for theo::obf::transform::xor_op_t:
-
-
Inheritance graph
-
[legend]
-
-Collaboration diagram for theo::obf::transform::xor_op_t:
-
-
Collaboration graph
-
[legend]
- - - - - - - - -

-Static Public Member Functions

static xor_op_tget ()
 
- Static Public Member Functions inherited from theo::obf::transform::operation_t
static std::size_t random (std::size_t lowest, std::size_t largest)
 generate a random number in a range. More...
 
- - - - - - - - - - - - - - - - - -

-Additional Inherited Members

- Public Member Functions inherited from theo::obf::transform::operation_t
 operation_t (transform_t op, xed_iclass_enum_t type)
 explicit constructor for operation_t More...
 
std::vector< std::uint8_t > native (const xed_decoded_inst_t *inst, std::uint32_t imm)
 generates a native transform instruction given an existing instruction. it works like so: More...
 
xed_iclass_enum_t inverse ()
 gets the inverse operation of the current operation. More...
 
transform_tget_transform ()
 gets a pointer to the lambda function which contains the transform logic. More...
 
xed_iclass_enum_t type ()
 gets the operation type. such as XED_ICLASS_ADD, XED_ICLASS_SUB, etc... More...
 
-

Detailed Description

-
-

Definition at line 35 of file xor_op.hpp.

-

Member Function Documentation

- -

◆ get()

- -
-
- - - - - -
- - - - - - - -
static xor_op_t* theo::obf::transform::xor_op_t::get ()
- 		-inlinestatic
-
- -

Definition at line 42 of file xor_op.hpp.

- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1xor__op__t__coll__graph.dot b/doxygen/html/classtheo_1_1obf_1_1transform_1_1xor__op__t__coll__graph.dot deleted file mode 100644 index b9babe8..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1xor__op__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::xor_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::xor_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/classtheo_1_1obf_1_1transform_1_1xor__op__t__inherit__graph.dot b/doxygen/html/classtheo_1_1obf_1_1transform_1_1xor__op__t__inherit__graph.dot deleted file mode 100644 index b9babe8..0000000 --- a/doxygen/html/classtheo_1_1obf_1_1transform_1_1xor__op__t__inherit__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::xor_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::xor_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/classtheo_1_1recomp_1_1recomp__t-members.html b/doxygen/html/classtheo_1_1recomp_1_1recomp__t-members.html deleted file mode 100644 index 3fbc103..0000000 --- a/doxygen/html/classtheo_1_1recomp_1_1recomp__t-members.html +++ /dev/null @@ -1,91 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::recomp::recomp_t Member List
-
-
- -

This is the complete list of members for theo::recomp::recomp_t, including all inherited members.

- - - - - - - - - -
allocate()theo::recomp::recomp_t
allocator(allocator_t alloc)theo::recomp::recomp_t
copier(copier_t copy)theo::recomp::recomp_t
copy_syms()theo::recomp::recomp_t
recomp_t(decomp::decomp_t *dcmp, allocator_t alloc, copier_t copy, resolver_t resolve)theo::recomp::recomp_texplicit
resolve()theo::recomp::recomp_t
resolve(const std::string &&sym)theo::recomp::recomp_t
resolver(resolver_t resolve)theo::recomp::recomp_t
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1recomp_1_1recomp__t.html b/doxygen/html/classtheo_1_1recomp_1_1recomp__t.html deleted file mode 100644 index 6174b4e..0000000 --- a/doxygen/html/classtheo_1_1recomp_1_1recomp__t.html +++ /dev/null @@ -1,346 +0,0 @@ - - - - - - - -Theodosius: theo::recomp::recomp_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -List of all members
-
-
theo::recomp::recomp_t Class Reference
-
-
- -

the main class responsible for recomposition - More...

- -

#include <recomp.hpp>

- - - - - - - - - - - - - - - - - - - - - - - - - - -

-Public Member Functions

 recomp_t (decomp::decomp_t *dcmp, allocator_t alloc, copier_t copy, resolver_t resolve)
 the explicit constructor for the recomp_t class. More...
 
void allocate ()
 when called, this function allocates space for every symbol. More...
 
void resolve ()
 when called, this function resolves all relocations in every symbol. More...
 
void copy_syms ()
 when called, this function copies symbols into allocations. More...
 
void allocator (allocator_t alloc)
 setter for the allocater lambda function. More...
 
void copier (copier_t copy)
 setter for the copier lambda function. More...
 
void resolver (resolver_t resolve)
 setter for the resolve lambda function. More...
 
std::uintptr_t resolve (const std::string &&sym)
 resolves the address of a function given its name. More...
 
-

Detailed Description

-

the main class responsible for recomposition

- -

Definition at line 64 of file recomp.hpp.

-

Constructor & Destructor Documentation

- -

◆ recomp_t()

- -
-
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
theo::recomp::recomp_t::recomp_t (decomp::decomp_tdcmp,
allocator_t alloc,
copier_t copy,
resolver_t resolve 
)
- 		-explicit
-
- -

the explicit constructor for the recomp_t class.

-
Parameters
- - - - - -
dcmppointer to a decomp_t class.
alloclambda function which is used to allocate memory for symbols.
copylambda function used to copy bytes into allocations.
resolvelambda function used to resolve external symbols.
-
-
- -
-
-

Member Function Documentation

- -

◆ allocate()

- -
-
- - - - - - - -
void theo::recomp::recomp_t::allocate ()
-
- -

when called, this function allocates space for every symbol.

- -
-
- -

◆ allocator()

- -
-
- - - - - - - - -
void theo::recomp::recomp_t::allocator (allocator_t alloc)
-
- -

setter for the allocater lambda function.

-
Parameters
- - -
alloclambda function which allocates memory for symbols.
-
-
- -
-
- -

◆ copier()

- -
-
- - - - - - - - -
void theo::recomp::recomp_t::copier (copier_t copy)
-
- -

setter for the copier lambda function.

-
Parameters
- - -
copycopier lambda function used to copy bytes into allocations made by the allocator.
-
-
- -
-
- -

◆ copy_syms()

- -
-
- - - - - - - -
void theo::recomp::recomp_t::copy_syms ()
-
- -

when called, this function copies symbols into allocations.

- -
-
- -

◆ resolve() [1/2]

- -
-
- - - - - - - -
void theo::recomp::recomp_t::resolve ()
-
- -

when called, this function resolves all relocations in every symbol.

- -
-
- -

◆ resolve() [2/2]

- -
-
- - - - - - - - -
std::uintptr_t theo::recomp::recomp_t::resolve (const std::string && sym)
-
- -

resolves the address of a function given its name.

-
Parameters
- - -
symthe name of the symbol to resolve the location of.
-
-
-
Returns
the address of the symbol.
- -
-
- -

◆ resolver()

- -
-
- - - - - - - - -
void theo::recomp::recomp_t::resolver (resolver_t resolve)
-
- -

setter for the resolve lambda function.

-
Parameters
- - -
resolvelambda function to resolve external symbols.
-
-
- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1recomp_1_1reloc__t-members.html b/doxygen/html/classtheo_1_1recomp_1_1reloc__t-members.html deleted file mode 100644 index 80b0549..0000000 --- a/doxygen/html/classtheo_1_1recomp_1_1reloc__t-members.html +++ /dev/null @@ -1,90 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::recomp::reloc_t Member List
-
-
- -

This is the complete list of members for theo::recomp::reloc_t, including all inherited members.

- - - - - - - - -
add_transform(std::pair< obf::transform::transform_t *, std::uint32_t > entry)theo::recomp::reloc_tinline
get_transforms()theo::recomp::reloc_tinline
hash()theo::recomp::reloc_tinline
name()theo::recomp::reloc_tinline
offset()theo::recomp::reloc_tinline
offset(std::uint32_t offset)theo::recomp::reloc_tinline
reloc_t(std::uint32_t offset, std::size_t hash, const std::string &&sym_name)theo::recomp::reloc_tinlineexplicit
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1recomp_1_1reloc__t.html b/doxygen/html/classtheo_1_1recomp_1_1reloc__t.html deleted file mode 100644 index 25d49c4..0000000 --- a/doxygen/html/classtheo_1_1recomp_1_1reloc__t.html +++ /dev/null @@ -1,388 +0,0 @@ - - - - - - - -Theodosius: theo::recomp::reloc_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -List of all members
-
-
theo::recomp::reloc_t Class Reference
-
-
- -

meta data about a relocation for a symbol - More...

- -

#include <reloc.hpp>

- - - - - - - - - - - - - - - - - - - - - - - -

-Public Member Functions

 reloc_t (std::uint32_t offset, std::size_t hash, const std::string &&sym_name)
 explicit constructor for this class. More...
 
std::size_t hash ()
 returns the hash of the relocation symbol. More...
 
std::string name ()
 returns the name of the relocation symbol. More...
 
std::uint32_t offset ()
 returns the offset into the symbol to which the relocation will be applied. the offset is in bytes. zero based. More...
 
void offset (std::uint32_t offset)
 sets the offset to which the relocation gets applied too. More...
 
void add_transform (std::pair< obf::transform::transform_t *, std::uint32_t > entry)
 adds a transformation to be applied to the relocation prior to writing it into the symbol. More...
 
std::vector< std::pair< obf::transform::transform_t *, std::uint32_t > > & get_transforms ()
 gets the vector of transformation. More...
 
-

Detailed Description

-

meta data about a relocation for a symbol

- -

Definition at line 41 of file reloc.hpp.

-

Constructor & Destructor Documentation

- -

◆ reloc_t()

- -
-
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - -
theo::recomp::reloc_t::reloc_t (std::uint32_t offset,
std::size_t hash,
const std::string && sym_name 
)
- 		-inlineexplicit
-
- -

explicit constructor for this class.

-
Parameters
- - - - -
offsetoffset into the symbol data where the relocation is at. all relocations are assumed to be linear virtual addresses of the symbol.
hashhash of the symbol to which the relocation is of.
sym_namethe name of the symbol to which the relocation is of.
-
-
- -

Definition at line 52 of file reloc.hpp.

- -
-
-

Member Function Documentation

- -

◆ add_transform()

- -
-
- - - - - -
- - - - - - - - -
void theo::recomp::reloc_t::add_transform (std::pair< obf::transform::transform_t *, std::uint32_t > entry)
- 		-inline
-
- -

adds a transformation to be applied to the relocation prior to writing it into the symbol.

-
Parameters
- - -
entrya pair containing a lambda function that when executed transforms a relocation. the second value in the pair is a random value which is passed to the lambda.
-
-
- -

Definition at line 91 of file reloc.hpp.

-
-Here is the caller graph for this function:
-
-
-
- -
-
- -

◆ get_transforms()

- -
-
- - - - - -
- - - - - - - -
std::vector<std::pair<obf::transform::transform_t*, std::uint32_t> >& theo::recomp::reloc_t::get_transforms ()
- 		-inline
-
- -

gets the vector of transformation.

-
Returns
returns the vector of transformations.
- -

Definition at line 101 of file reloc.hpp.

-
-Here is the caller graph for this function:
-
-
-
- -
-
- -

◆ hash()

- -
-
- - - - - -
- - - - - - - -
std::size_t theo::recomp::reloc_t::hash ()
- 		-inline
-
- -

returns the hash of the relocation symbol.

-
Returns
hash of the relocation symbol
- -

Definition at line 61 of file reloc.hpp.

- -
-
- -

◆ name()

- -
-
- - - - - -
- - - - - - - -
std::string theo::recomp::reloc_t::name ()
- 		-inline
-
- -

returns the name of the relocation symbol.

-
Returns
returns the name of the relocation symbol.
- -

Definition at line 67 of file reloc.hpp.

- -
-
- -

◆ offset() [1/2]

- -
-
- - - - - -
- - - - - - - -
std::uint32_t theo::recomp::reloc_t::offset ()
- 		-inline
-
- -

returns the offset into the symbol to which the relocation will be applied. the offset is in bytes. zero based.

-
Returns
returns the offset into the symbol to which the relocation will be applied. the offset is in bytes. zero based.
- -

Definition at line 75 of file reloc.hpp.

- -
-
- -

◆ offset() [2/2]

- -
-
- - - - - -
- - - - - - - - -
void theo::recomp::reloc_t::offset (std::uint32_t offset)
- 		-inline
-
- -

sets the offset to which the relocation gets applied too.

-
Parameters
- - -
offsetoffset to which the relocation gets applied too.
-
-
- -

Definition at line 82 of file reloc.hpp.

-
-Here is the call graph for this function:
-
-
-
-
-Here is the caller graph for this function:
-
-
-
- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1recomp_1_1reloc__t_a99e65270ace1ff4f080bd4040c8a43dd_cgraph.dot b/doxygen/html/classtheo_1_1recomp_1_1reloc__t_a99e65270ace1ff4f080bd4040c8a43dd_cgraph.dot deleted file mode 100644 index 73f9ac5..0000000 --- a/doxygen/html/classtheo_1_1recomp_1_1reloc__t_a99e65270ace1ff4f080bd4040c8a43dd_cgraph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::recomp::reloc_t::offset" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - rankdir="LR"; - Node1 [label="theo::recomp::reloc\l_t::offset",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="sets the offset to which the relocation gets applied too."]; - Node1 -> Node1 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; -} diff --git a/doxygen/html/classtheo_1_1recomp_1_1reloc__t_a99e65270ace1ff4f080bd4040c8a43dd_icgraph.dot b/doxygen/html/classtheo_1_1recomp_1_1reloc__t_a99e65270ace1ff4f080bd4040c8a43dd_icgraph.dot deleted file mode 100644 index 3d9d627..0000000 --- a/doxygen/html/classtheo_1_1recomp_1_1reloc__t_a99e65270ace1ff4f080bd4040c8a43dd_icgraph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::recomp::reloc_t::offset" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - rankdir="RL"; - Node1 [label="theo::recomp::reloc\l_t::offset",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="sets the offset to which the relocation gets applied too."]; - Node1 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; -} diff --git a/doxygen/html/classtheo_1_1recomp_1_1reloc__t_ab5214a9ff9135672e25f40406c37fb10_icgraph.dot b/doxygen/html/classtheo_1_1recomp_1_1reloc__t_ab5214a9ff9135672e25f40406c37fb10_icgraph.dot deleted file mode 100644 index 1249a97..0000000 --- a/doxygen/html/classtheo_1_1recomp_1_1reloc__t_ab5214a9ff9135672e25f40406c37fb10_icgraph.dot +++ /dev/null @@ -1,10 +0,0 @@ -digraph "theo::recomp::reloc_t::add_transform" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - rankdir="RL"; - Node1 [label="theo::recomp::reloc\l_t::add_transform",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="adds a transformation to be applied to the relocation prior to writing it into the symbol."]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::generate",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$namespacetheo_1_1obf_1_1transform.html#a416c6c93ce55a4ab9f70592951d15704",tooltip="generate a sequence of transformations given an instruction that has a relocation in it."]; -} diff --git a/doxygen/html/classtheo_1_1recomp_1_1reloc__t_ad49901bf8b6b0e3963e64d17d4b51aec_icgraph.dot b/doxygen/html/classtheo_1_1recomp_1_1reloc__t_ad49901bf8b6b0e3963e64d17d4b51aec_icgraph.dot deleted file mode 100644 index 1e1d09b..0000000 --- a/doxygen/html/classtheo_1_1recomp_1_1reloc__t_ad49901bf8b6b0e3963e64d17d4b51aec_icgraph.dot +++ /dev/null @@ -1,10 +0,0 @@ -digraph "theo::recomp::reloc_t::get_transforms" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - rankdir="RL"; - Node1 [label="theo::recomp::reloc\l_t::get_transforms",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="gets the vector of transformation."]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::generate",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$namespacetheo_1_1obf_1_1transform.html#a416c6c93ce55a4ab9f70592951d15704",tooltip="generate a sequence of transformations given an instruction that has a relocation in it."]; -} diff --git a/doxygen/html/classtheo_1_1recomp_1_1symbol__table__t-members.html b/doxygen/html/classtheo_1_1recomp_1_1symbol__table__t-members.html deleted file mode 100644 index c60d6f7..0000000 --- a/doxygen/html/classtheo_1_1recomp_1_1symbol__table__t-members.html +++ /dev/null @@ -1,91 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::recomp::symbol_table_t Member List
-
-
- -

This is the complete list of members for theo::recomp::symbol_table_t, including all inherited members.

- - - - - - - - - -
for_each(std::function< void(decomp::symbol_t &sym)> fn)theo::recomp::symbol_table_t
put_symbol(decomp::symbol_t &sym)theo::recomp::symbol_table_t
put_symbols(std::vector< decomp::symbol_t > &syms)theo::recomp::symbol_table_t
size()theo::recomp::symbol_table_t
sym_from_alloc(std::uintptr_t allocated_at)theo::recomp::symbol_table_t
sym_from_hash(std::size_t hash)theo::recomp::symbol_table_t
symbol_table_t()theo::recomp::symbol_table_tinline
symbol_table_t(const std::vector< decomp::symbol_t > &&syms)theo::recomp::symbol_table_t
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1recomp_1_1symbol__table__t.html b/doxygen/html/classtheo_1_1recomp_1_1symbol__table__t.html deleted file mode 100644 index ea04287..0000000 --- a/doxygen/html/classtheo_1_1recomp_1_1symbol__table__t.html +++ /dev/null @@ -1,332 +0,0 @@ - - - - - - - -Theodosius: theo::recomp::symbol_table_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -List of all members
-
-
theo::recomp::symbol_table_t Class Reference
-
-
- -

this class is a high level wrapper for a hashmap that contains decomp::symbol_t values. the symbol values are references by a hashcode. - More...

- -

#include <symbol_table.hpp>

- - - - - - - - - - - - - - - - - - - - - - - - - - -

-Public Member Functions

 symbol_table_t ()
 default constructor. does nothing. More...
 
 symbol_table_t (const std::vector< decomp::symbol_t > &&syms)
 this constructor will populate the m_table private field with symbols. More...
 
void put_symbol (decomp::symbol_t &sym)
 add symbol to m_table More...
 
void put_symbols (std::vector< decomp::symbol_t > &syms)
 add a vector of symbol to m_table More...
 
std::optional< decomp::symbol_t * > sym_from_hash (std::size_t hash)
 returns an optional pointer to a symbol from the symbol table given the symbols hash (hash of its name) the hash is produced by theo::decomp::symbol_t::hash More...
 
std::optional< decomp::symbol_t * > sym_from_alloc (std::uintptr_t allocated_at)
 returns an optional pointer to a symbol given its allocation location. More...
 
void for_each (std::function< void(decomp::symbol_t &sym)> fn)
 this function is a wrapper function that allows you to get at each entry in the symbol table by reference. More...
 
std::uint32_t size ()
 returns the size of the symbol table. More...
 
-

Detailed Description

-

this class is a high level wrapper for a hashmap that contains decomp::symbol_t values. the symbol values are references by a hashcode.

- -

Definition at line 45 of file symbol_table.hpp.

-

Constructor & Destructor Documentation

- -

◆ symbol_table_t() [1/2]

- -
-
- - - - - -
- - - - - - - -
theo::recomp::symbol_table_t::symbol_table_t ()
- 		-inline
-
- -

default constructor. does nothing.

- -

Definition at line 50 of file symbol_table.hpp.

- -
-
- -

◆ symbol_table_t() [2/2]

- -
-
- - - - - - - - -
theo::recomp::symbol_table_t::symbol_table_t (const std::vector< decomp::symbol_t > && syms)
-
- -

this constructor will populate the m_table private field with symbols.

-
Parameters
- - -
symsvector of decomp::symbol_t
-
-
- -
-
-

Member Function Documentation

- -

◆ for_each()

- -
-
- - - - - - - - -
void theo::recomp::symbol_table_t::for_each (std::function< void(decomp::symbol_t &sym)> fn)
-
- -

this function is a wrapper function that allows you to get at each entry in the symbol table by reference.

-
Parameters
- - -
fna callback function that will be called for each symbol
-
-
- -
-
- -

◆ put_symbol()

- -
-
- - - - - - - - -
void theo::recomp::symbol_table_t::put_symbol (decomp::symbol_tsym)
-
- -

add symbol to m_table

-
Parameters
- - -
symsymbol to be added.
-
-
- -
-
- -

◆ put_symbols()

- -
-
- - - - - - - - -
void theo::recomp::symbol_table_t::put_symbols (std::vector< decomp::symbol_t > & syms)
-
- -

add a vector of symbol to m_table

-
Parameters
- - -
syms
-
-
- -
-
- -

◆ size()

- -
-
- - - - - - - -
std::uint32_t theo::recomp::symbol_table_t::size ()
-
- -

returns the size of the symbol table.

-
Returns
returns the size of the symbol table.
- -
-
- -

◆ sym_from_alloc()

- -
-
- - - - - - - - -
std::optional<decomp::symbol_t*> theo::recomp::symbol_table_t::sym_from_alloc (std::uintptr_t allocated_at)
-
- -

returns an optional pointer to a symbol given its allocation location.

-
Parameters
- - -
allocated_atthe address where the symbol is allocated at.
-
-
-
Returns
returns an optional pointer to a theo::decomp::symbol_t
- -
-
- -

◆ sym_from_hash()

- -
-
- - - - - - - - -
std::optional<decomp::symbol_t*> theo::recomp::symbol_table_t::sym_from_hash (std::size_t hash)
-
- -

returns an optional pointer to a symbol from the symbol table given the symbols hash (hash of its name) the hash is produced by theo::decomp::symbol_t::hash

-
Parameters
- - -
hashhashcode of the symbol to get from the symbol table...
-
-
-
Returns
returns an optional pointer to a theo::decomp::symbol_t
- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1theo__t-members.html b/doxygen/html/classtheo_1_1theo__t-members.html deleted file mode 100644 index 15ec0eb..0000000 --- a/doxygen/html/classtheo_1_1theo__t-members.html +++ /dev/null @@ -1,87 +0,0 @@ - - - - - - - -Theodosius: Member List - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo::theo_t Member List
-
-
- -

This is the complete list of members for theo::theo_t, including all inherited members.

- - - - - -
compose()theo::theo_t
decompose()theo::theo_t
resolve(const std::string &&sym)theo::theo_t
theo_t(std::vector< std::uint8_t > &lib, lnk_fns_t lnkr_fns, const std::string &&entry_sym)theo::theo_texplicit
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/classtheo_1_1theo__t.html b/doxygen/html/classtheo_1_1theo__t.html deleted file mode 100644 index 337ca71..0000000 --- a/doxygen/html/classtheo_1_1theo__t.html +++ /dev/null @@ -1,233 +0,0 @@ - - - - - - - -Theodosius: theo::theo_t Class Reference - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-Public Member Functions | -List of all members
-
-
theo::theo_t Class Reference
-
-
- -

the main class which encapsulates a symbol table, decomp, and recomp objects. This class is a bridge that connects all three: decomp, obf, recomp. - More...

- -

#include <theo.hpp>

- - - - - - - - - - - - - - -

-Public Member Functions

 theo_t (std::vector< std::uint8_t > &lib, lnk_fns_t lnkr_fns, const std::string &&entry_sym)
 explicit constructor for theo class. More...
 
std::optional< std::uint32_t > decompose ()
 decomposes the lib file and return the number of symbols that are used. More...
 
std::uintptr_t compose ()
 compose the decomposed module. This will run obfuscation passes, the map and resolve symbols to each other. More...
 
std::uintptr_t resolve (const std::string &&sym)
 given the name of a symbol, it returns the address of where its mapped. More...
 
-

Detailed Description

-

the main class which encapsulates a symbol table, decomp, and recomp objects. This class is a bridge that connects all three: decomp, obf, recomp.

-

You will create an object of this type when using theo.

- -

Definition at line 70 of file theo.hpp.

-

Constructor & Destructor Documentation

- -

◆ theo_t()

- -
-
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - -
theo::theo_t::theo_t (std::vector< std::uint8_t > & lib,
lnk_fns_t lnkr_fns,
const std::string && entry_sym 
)
- 		-explicit
-
- -

explicit constructor for theo class.

-
Parameters
- - - - -
liba vector of bytes consisting of a lib
lnkr_fns
entry_symthe name of the function which will be used as the entry point
-
-
- -
-
-

Member Function Documentation

- -

◆ compose()

- -
-
- - - - - - - -
std::uintptr_t theo::theo_t::compose ()
-
- -

compose the decomposed module. This will run obfuscation passes, the map and resolve symbols to each other.

-
Returns
returns the address of the entry point symbol
- -
-
- -

◆ decompose()

- -
-
- - - - - - - -
std::optional<std::uint32_t> theo::theo_t::decompose ()
-
- -

decomposes the lib file and return the number of symbols that are used.

-
Returns
optional amount of symbols that are used. no value if decomposition fails.
- -
-
- -

◆ resolve()

- -
-
- - - - - - - - -
std::uintptr_t theo::theo_t::resolve (const std::string && sym)
-
- -

given the name of a symbol, it returns the address of where its mapped.

-
Parameters
- - -
symthe name of the symbol
-
-
-
Returns
the address of the symbol
- -
-
-
The documentation for this class was generated from the following file: -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/dir_000004_000005.html b/doxygen/html/d0/d18/_demo_01_example_01_using_01_theo_8md.html similarity index 56% rename from doxygen/html/dir_000004_000005.html rename to doxygen/html/d0/d18/_demo_01_example_01_using_01_theo_8md.html index d3c6b86..9d82b73 100644 --- a/doxygen/html/dir_000004_000005.html +++ b/doxygen/html/d0/d18/_demo_01_example_01_using_01_theo_8md.html @@ -5,14 +5,14 @@ -Theodosius: include/obf/transform -> recomp Relation - - - - - - - +Theodosius: examples/demo/Demo Example Using Theo.md File Reference + + + + + + +
@@ -34,15 +34,15 @@ - - + + @@ -61,16 +61,16 @@ $(function() {
-
+
+
+
examples/demo/Demo Example Using Theo.md File Reference
+
-

transform → recomp Relation

File in include/obf/transformIncludes file in include/recomp
gen.hppreloc.hpp
+
-Generated by doxygen 1.9.1 +Generated by doxygen 1.9.1
diff --git a/doxygen/html/d0/d45/classtheo_1_1obf_1_1jcc__rewrite__pass__t__inherit__graph.dot b/doxygen/html/d0/d45/classtheo_1_1obf_1_1jcc__rewrite__pass__t__inherit__graph.dot deleted file mode 100644 index cf55d0d..0000000 --- a/doxygen/html/d0/d45/classtheo_1_1obf_1_1jcc__rewrite__pass__t__inherit__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::jcc_rewrite_pass_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::jcc_rewrite\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="jcc rewrite pass which rewrites rip relative jcc's so that they are position independent."]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d4/dad/classtheo_1_1obf_1_1pass__t.html",tooltip="the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct..."]; -} diff --git a/doxygen/html/d0/d59/reloc__transform__pass_8hpp__incl.dot b/doxygen/html/d0/d59/reloc__transform__pass_8hpp__incl.dot deleted file mode 100644 index bdaf1be..0000000 --- a/doxygen/html/d0/d59/reloc__transform__pass_8hpp__incl.dot +++ /dev/null @@ -1,67 +0,0 @@ -digraph "include/obf/passes/reloc_transform_pass.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/passes\l/reloc_transform_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="obf/pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/d5a/pass_8hpp.html",tooltip=" "]; - Node2 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="spdlog/spdlog.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node4 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="decomp/symbol.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/d62/symbol_8hpp.html",tooltip=" "]; - Node4 -> Node5 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="coff/image.hpp",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node4 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="cstdint",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node4 -> Node7 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="recomp/reloc.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d1/d82/reloc_8hpp.html",tooltip=" "]; - Node7 -> Node8 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="cstddef",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node7 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="obf/transform/transform.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/deb/transform_8hpp.html",tooltip=" "]; - Node9 -> Node10 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="obf/transform/add_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d1/def/add__op_8hpp.html",tooltip=" "]; - Node10 -> Node11 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 [label="obf/transform/operation.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/da4/operation_8hpp.html",tooltip=" "]; - Node11 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 -> Node12 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 [label="bit",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node11 -> Node13 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 [label="bitset",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node11 -> Node14 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 [label="functional",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node11 -> Node15 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 [label="map",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node11 -> Node16 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node16 [label="random",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node11 -> Node17 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node17 [label="xed-decode.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node11 -> Node18 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node18 [label="xed-interface.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node9 -> Node19 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node19 [label="obf/transform/rol_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/d8a/rol__op_8hpp.html",tooltip=" "]; - Node19 -> Node11 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 -> Node20 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node20 [label="obf/transform/ror_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d34/ror__op_8hpp.html",tooltip=" "]; - Node20 -> Node11 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 -> Node21 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node21 [label="obf/transform/sub_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/da9/sub__op_8hpp.html",tooltip=" "]; - Node21 -> Node11 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 -> Node22 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node22 [label="obf/transform/xor_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d0/da4/xor__op_8hpp.html",tooltip=" "]; - Node22 -> Node11 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 -> Node23 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node23 [label="string",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node4 -> Node24 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node24 [label="vector",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node25 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node25 [label="obf/transform/gen.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/d18/gen_8hpp.html",tooltip=" "]; - Node25 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node25 -> Node7 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 -> Node17 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 -> Node18 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node1 -> Node11 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node1 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; -} diff --git a/doxygen/html/d0/d5e/symbol__table_8hpp_source.html b/doxygen/html/d0/d5e/symbol__table_8hpp_source.html deleted file mode 100644 index 2be8ba4..0000000 --- a/doxygen/html/d0/d5e/symbol__table_8hpp_source.html +++ /dev/null @@ -1,154 +0,0 @@ - - - - - - - -Theodosius: include/recomp/symbol_table.hpp Source File - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
symbol_table.hpp
-
-
-Go to the documentation of this file.
1 // Copyright (c) 2022, _xeroxz
-
2 // All rights reserved.
-
3 //
-
4 // Redistribution and use in source and binary forms, with or without
-
5 // modification, are permitted provided that the following conditions are met:
-
6 //
-
7 // 1. Redistributions of source code must retain the above copyright notice,
-
8 // this list of conditions and the following disclaimer.
-
9 //
-
10 // 2. Redistributions in binary form must reproduce the above copyright notice,
-
11 // this list of conditions and the following disclaimer in the documentation
-
12 // and/or other materials provided with the distribution.
-
13 //
-
14 // 3. Neither the name of the copyright holder nor the names of its
-
15 // contributors may be used to endorse or promote products derived from
-
16 // this software without specific prior written permission.
-
17 //
-
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-
19 // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-
20 // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-
21 // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-
22 // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-
23 // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-
24 // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-
25 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-
26 // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-
27 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-
28 // POSSIBILITY OF SUCH DAMAGE.
-
29 //
-
30 
-
31 #pragma once
-
32 #include <algorithm>
-
33 #include <functional>
-
34 #include <map>
-
35 #include <optional>
-
36 #include <vector>
-
37 
-
38 #include <decomp/symbol.hpp>
-
39 
-
40 namespace theo::recomp {
-
45 class symbol_table_t {
-
46  public:
-
50  symbol_table_t() {}
-
51 
-
56  symbol_table_t(const std::vector<decomp::symbol_t>&& syms);
-
57 
-
62  void put_symbol(decomp::symbol_t& sym);
-
63 
-
68  void put_symbols(std::vector<decomp::symbol_t>& syms);
-
69 
-
78  std::optional<decomp::symbol_t*> sym_from_hash(std::size_t hash);
-
79 
-
86  std::optional<decomp::symbol_t*> sym_from_alloc(std::uintptr_t allocated_at);
-
87 
-
94  void for_each(std::function<void(decomp::symbol_t& sym)> fn);
-
95 
-
100  std::uint32_t size();
-
101 
-
102  private:
-
103  std::map<std::size_t, decomp::symbol_t> m_table;
-
104 };
-
105 } // namespace theo::recomp
-
theo::decomp::symbol_t
symbol_t is an abstraction upon the coff symbol. this allows for easier manipulation of the symbol....
Definition: symbol.hpp:53
-
theo::recomp::symbol_table_t
this class is a high level wrapper for a hashmap that contains decomp::symbol_t values....
Definition: symbol_table.hpp:45
-
theo::recomp::symbol_table_t::sym_from_hash
std::optional< decomp::symbol_t * > sym_from_hash(std::size_t hash)
returns an optional pointer to a symbol from the symbol table given the symbols hash (hash of its nam...
Definition: symbol_table.cpp:54
-
theo::recomp::symbol_table_t::for_each
void for_each(std::function< void(decomp::symbol_t &sym)> fn)
this function is a wrapper function that allows you to get at each entry in the symbol table by refer...
Definition: symbol_table.cpp:49
-
theo::recomp::symbol_table_t::sym_from_alloc
std::optional< decomp::symbol_t * > sym_from_alloc(std::uintptr_t allocated_at)
returns an optional pointer to a symbol given its allocation location.
Definition: symbol_table.cpp:60
-
theo::recomp::symbol_table_t::symbol_table_t
symbol_table_t()
default constructor. does nothing.
Definition: symbol_table.hpp:50
-
theo::recomp::symbol_table_t::put_symbols
void put_symbols(std::vector< decomp::symbol_t > &syms)
add a vector of symbol to m_table
Definition: symbol_table.cpp:44
-
theo::recomp::symbol_table_t::size
std::uint32_t size()
returns the size of the symbol table.
Definition: symbol_table.cpp:72
-
theo::recomp::symbol_table_t::put_symbol
void put_symbol(decomp::symbol_t &sym)
add symbol to m_table
Definition: symbol_table.cpp:40
- -
theo::recomp
this namespace encompasses all recomposition related code.
Definition: recomp.hpp:39
- -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/d0/d72/transform_8hpp__incl.dot b/doxygen/html/d0/d72/transform_8hpp__incl.dot deleted file mode 100644 index 956a08d..0000000 --- a/doxygen/html/d0/d72/transform_8hpp__incl.dot +++ /dev/null @@ -1,39 +0,0 @@ -digraph "include/obf/transform/transform.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/transform\l/transform.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="obf/transform/add_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d1/def/add__op_8hpp.html",tooltip=" "]; - Node2 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="obf/transform/operation.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/da4/operation_8hpp.html",tooltip=" "]; - Node3 -> Node4 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="spdlog/spdlog.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node3 -> Node5 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="bit",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node3 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="bitset",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node3 -> Node7 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="functional",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node3 -> Node8 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="map",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node3 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="random",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node3 -> Node10 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="xed-decode.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node3 -> Node11 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 [label="xed-interface.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node1 -> Node12 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 [label="obf/transform/rol_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/d8a/rol__op_8hpp.html",tooltip=" "]; - Node12 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node1 -> Node13 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 [label="obf/transform/ror_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d34/ror__op_8hpp.html",tooltip=" "]; - Node13 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node1 -> Node14 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 [label="obf/transform/sub_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/da9/sub__op_8hpp.html",tooltip=" "]; - Node14 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node1 -> Node15 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 [label="obf/transform/xor_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d0/da4/xor__op_8hpp.html",tooltip=" "]; - Node15 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; -} diff --git a/doxygen/html/d0/da4/xor__op_8hpp_source.html b/doxygen/html/d0/da4/xor__op_8hpp_source.html deleted file mode 100644 index dd2aa2f..0000000 --- a/doxygen/html/d0/da4/xor__op_8hpp_source.html +++ /dev/null @@ -1,133 +0,0 @@ - - - - - - - -Theodosius: include/obf/transform/xor_op.hpp Source File - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
xor_op.hpp
-
-
-Go to the documentation of this file.
1 // Copyright (c) 2022, _xeroxz
-
2 // All rights reserved.
-
3 //
-
4 // Redistribution and use in source and binary forms, with or without
-
5 // modification, are permitted provided that the following conditions are met:
-
6 //
-
7 // 1. Redistributions of source code must retain the above copyright notice,
-
8 // this list of conditions and the following disclaimer.
-
9 //
-
10 // 2. Redistributions in binary form must reproduce the above copyright notice,
-
11 // this list of conditions and the following disclaimer in the documentation
-
12 // and/or other materials provided with the distribution.
-
13 //
-
14 // 3. Neither the name of the copyright holder nor the names of its
-
15 // contributors may be used to endorse or promote products derived from
-
16 // this software without specific prior written permission.
-
17 //
-
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-
19 // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-
20 // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-
21 // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-
22 // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-
23 // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-
24 // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-
25 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-
26 // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-
27 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-
28 // POSSIBILITY OF SUCH DAMAGE.
-
29 //
-
30 
-
31 #pragma once
-
32 #include <obf/transform/operation.hpp>
-
33 
-
34 namespace theo::obf::transform {
-
35 class xor_op_t : public operation_t {
-
36  explicit xor_op_t()
-
37  : operation_t([&](std::size_t val,
-
38  std::uint32_t imm) -> std::size_t { return val ^ imm; },
-
39  XED_ICLASS_XOR) {}
-
40 
-
41  public:
-
42  static xor_op_t* get() {
-
43  static xor_op_t obj;
-
44  return &obj;
-
45  }
-
46 };
-
47 } // namespace theo::obf::transform
-
theo::obf::transform::operation_t
operation_t is the base class for all types of transformations. classes that inherit this class are s...
Definition: operation.hpp:61
-
theo::obf::transform::operation_t::operation_t
operation_t(transform_t op, xed_iclass_enum_t type)
explicit constructor for operation_t
Definition: operation.hpp:69
-
theo::obf::transform::xor_op_t
Definition: xor_op.hpp:35
-
theo::obf::transform::xor_op_t::get
static xor_op_t * get()
Definition: xor_op.hpp:42
-
theo::obf::transform
this namespace encompasses the code for transforming relocations.
Definition: add_op.hpp:34
- -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/d0/df2/classtheo_1_1obf_1_1transform_1_1xor__op__t__coll__graph.dot b/doxygen/html/d0/df2/classtheo_1_1obf_1_1transform_1_1xor__op__t__coll__graph.dot deleted file mode 100644 index 488add8..0000000 --- a/doxygen/html/d0/df2/classtheo_1_1obf_1_1transform_1_1xor__op__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::xor_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::xor_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d7/de2/classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/d0/dfc/xor__op_8hpp__incl.dot b/doxygen/html/d0/dfc/xor__op_8hpp__incl.dot deleted file mode 100644 index 410c2b3..0000000 --- a/doxygen/html/d0/dfc/xor__op_8hpp__incl.dot +++ /dev/null @@ -1,25 +0,0 @@ -digraph "include/obf/transform/xor_op.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/transform\l/xor_op.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="obf/transform/operation.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/da4/operation_8hpp.html",tooltip=" "]; - Node2 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="spdlog/spdlog.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node4 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="bit",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node5 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="bitset",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="functional",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node7 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="map",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node8 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="random",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="xed-decode.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node10 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="xed-interface.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; -} diff --git a/doxygen/html/d1/d0a/theo_8hpp__dep__incl.dot b/doxygen/html/d1/d0a/theo_8hpp__dep__incl.dot deleted file mode 100644 index ce06be3..0000000 --- a/doxygen/html/d1/d0a/theo_8hpp__dep__incl.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "include/theo.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/theo.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="src/theo.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d26/theo_8cpp.html",tooltip=" "]; -} diff --git a/doxygen/html/d1/d82/reloc_8hpp_source.html b/doxygen/html/d1/d82/reloc_8hpp_source.html deleted file mode 100644 index 072e1a7..0000000 --- a/doxygen/html/d1/d82/reloc_8hpp_source.html +++ /dev/null @@ -1,160 +0,0 @@ - - - - - - - -Theodosius: include/recomp/reloc.hpp Source File - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
reloc.hpp
-
-
-Go to the documentation of this file.
1 // Copyright (c) 2022, _xeroxz
-
2 // All rights reserved.
-
3 //
-
4 // Redistribution and use in source and binary forms, with or without
-
5 // modification, are permitted provided that the following conditions are met:
-
6 //
-
7 // 1. Redistributions of source code must retain the above copyright notice,
-
8 // this list of conditions and the following disclaimer.
-
9 //
-
10 // 2. Redistributions in binary form must reproduce the above copyright notice,
-
11 // this list of conditions and the following disclaimer in the documentation
-
12 // and/or other materials provided with the distribution.
-
13 //
-
14 // 3. Neither the name of the copyright holder nor the names of its
-
15 // contributors may be used to endorse or promote products derived from
-
16 // this software without specific prior written permission.
-
17 //
-
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-
19 // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-
20 // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-
21 // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-
22 // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-
23 // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-
24 // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-
25 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-
26 // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-
27 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-
28 // POSSIBILITY OF SUCH DAMAGE.
-
29 //
-
30 
-
31 #pragma once
-
32 #include <cstddef>
-
33 #include <cstdint>
-
34 #include <obf/transform/transform.hpp>
-
35 
-
36 namespace theo::recomp {
-
37 
-
41 class reloc_t {
-
42  public:
-
52  explicit reloc_t(std::uint32_t offset,
-
53  std::size_t hash,
-
54  const std::string&& sym_name)
-
55  : m_offset(offset), m_hash(hash), m_sym_name(sym_name) {}
-
56 
-
61  std::size_t hash() { return m_hash; }
-
62 
-
67  std::string name() { return m_sym_name; }
-
68 
-
75  std::uint32_t offset() { return m_offset; }
-
76 
-
82  void offset(std::uint32_t offset) { m_offset = offset; }
-
83 
-
91  void add_transform(
-
92  std::pair<obf::transform::transform_t*, std::uint32_t> entry) {
-
93  m_transforms.push_back(entry);
-
94  }
-
95 
-
100  std::vector<std::pair<obf::transform::transform_t*, std::uint32_t>>&
-
101  get_transforms() {
-
102  return m_transforms;
-
103  }
-
104 
-
105  private:
-
106  std::vector<std::pair<obf::transform::transform_t*, std::uint32_t>>
-
107  m_transforms;
-
108  std::string m_sym_name;
-
109  std::size_t m_hash;
-
110  std::uint32_t m_offset;
-
111 };
-
112 } // namespace theo::recomp
-
theo::recomp::reloc_t
meta data about a relocation for a symbol
Definition: reloc.hpp:41
-
theo::recomp::reloc_t::offset
std::uint32_t offset()
returns the offset into the symbol to which the relocation will be applied. the offset is in bytes....
Definition: reloc.hpp:75
-
theo::recomp::reloc_t::reloc_t
reloc_t(std::uint32_t offset, std::size_t hash, const std::string &&sym_name)
explicit constructor for this class.
Definition: reloc.hpp:52
-
theo::recomp::reloc_t::offset
void offset(std::uint32_t offset)
sets the offset to which the relocation gets applied too.
Definition: reloc.hpp:82
-
theo::recomp::reloc_t::name
std::string name()
returns the name of the relocation symbol.
Definition: reloc.hpp:67
-
theo::recomp::reloc_t::hash
std::size_t hash()
returns the hash of the relocation symbol.
Definition: reloc.hpp:61
-
theo::recomp::reloc_t::add_transform
void add_transform(std::pair< obf::transform::transform_t *, std::uint32_t > entry)
adds a transformation to be applied to the relocation prior to writing it into the symbol.
Definition: reloc.hpp:91
-
theo::recomp::reloc_t::get_transforms
std::vector< std::pair< obf::transform::transform_t *, std::uint32_t > > & get_transforms()
gets the vector of transformation.
Definition: reloc.hpp:101
-
theo::recomp
this namespace encompasses all recomposition related code.
Definition: recomp.hpp:39
- -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/d1/d8d/classtheo_1_1obf_1_1transform_1_1rol__op__t__coll__graph.dot b/doxygen/html/d1/d8d/classtheo_1_1obf_1_1transform_1_1rol__op__t__coll__graph.dot deleted file mode 100644 index 7ccfc41..0000000 --- a/doxygen/html/d1/d8d/classtheo_1_1obf_1_1transform_1_1rol__op__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::rol_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::rol_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d7/de2/classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/d1/d90/rol__op_8hpp__incl.dot b/doxygen/html/d1/d90/rol__op_8hpp__incl.dot deleted file mode 100644 index b6b899d..0000000 --- a/doxygen/html/d1/d90/rol__op_8hpp__incl.dot +++ /dev/null @@ -1,25 +0,0 @@ -digraph "include/obf/transform/rol_op.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/transform\l/rol_op.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="obf/transform/operation.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/da4/operation_8hpp.html",tooltip=" "]; - Node2 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="spdlog/spdlog.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node4 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="bit",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node5 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="bitset",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="functional",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node7 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="map",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node8 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="random",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="xed-decode.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node10 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="xed-interface.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; -} diff --git a/doxygen/html/d1/d91/ror__op_8hpp__incl.dot b/doxygen/html/d1/d91/ror__op_8hpp__incl.dot deleted file mode 100644 index d377c19..0000000 --- a/doxygen/html/d1/d91/ror__op_8hpp__incl.dot +++ /dev/null @@ -1,25 +0,0 @@ -digraph "include/obf/transform/ror_op.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/transform\l/ror_op.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="obf/transform/operation.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/da4/operation_8hpp.html",tooltip=" "]; - Node2 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="spdlog/spdlog.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node4 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="bit",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node5 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="bitset",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="functional",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node7 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="map",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node8 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="random",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="xed-decode.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node10 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="xed-interface.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; -} diff --git a/doxygen/html/d1/d94/engine_8hpp__incl.dot b/doxygen/html/d1/d94/engine_8hpp__incl.dot deleted file mode 100644 index 6309d35..0000000 --- a/doxygen/html/d1/d94/engine_8hpp__incl.dot +++ /dev/null @@ -1,68 +0,0 @@ -digraph "include/obf/engine.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/engine.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="algorithm",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node1 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="obf/pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/d5a/pass_8hpp.html",tooltip=" "]; - Node3 -> Node4 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="spdlog/spdlog.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node3 -> Node5 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="decomp/symbol.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/d62/symbol_8hpp.html",tooltip=" "]; - Node5 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="coff/image.hpp",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node5 -> Node7 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="cstdint",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node5 -> Node8 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="recomp/reloc.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d1/d82/reloc_8hpp.html",tooltip=" "]; - Node8 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="cstddef",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node8 -> Node7 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 -> Node10 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="obf/transform/transform.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/deb/transform_8hpp.html",tooltip=" "]; - Node10 -> Node11 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 [label="obf/transform/add_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d1/def/add__op_8hpp.html",tooltip=" "]; - Node11 -> Node12 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 [label="obf/transform/operation.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/da4/operation_8hpp.html",tooltip=" "]; - Node12 -> Node4 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 -> Node13 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 [label="bit",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node12 -> Node14 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 [label="bitset",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node12 -> Node15 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 [label="functional",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node12 -> Node16 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node16 [label="map",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node12 -> Node17 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node17 [label="random",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node12 -> Node18 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node18 [label="xed-decode.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node12 -> Node19 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node19 [label="xed-interface.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node10 -> Node20 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node20 [label="obf/transform/rol_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/d8a/rol__op_8hpp.html",tooltip=" "]; - Node20 -> Node12 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 -> Node21 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node21 [label="obf/transform/ror_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d34/ror__op_8hpp.html",tooltip=" "]; - Node21 -> Node12 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 -> Node22 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node22 [label="obf/transform/sub_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/da9/sub__op_8hpp.html",tooltip=" "]; - Node22 -> Node12 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 -> Node23 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node23 [label="obf/transform/xor_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d0/da4/xor__op_8hpp.html",tooltip=" "]; - Node23 -> Node12 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 -> Node24 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node24 [label="string",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node5 -> Node25 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node25 [label="vector",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node3 -> Node26 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node26 [label="obf/transform/gen.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/d18/gen_8hpp.html",tooltip=" "]; - Node26 -> Node10 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node26 -> Node8 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 -> Node18 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 -> Node19 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node1 -> Node25 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; -} diff --git a/doxygen/html/d1/da4/operation_8hpp__dep__incl.dot b/doxygen/html/d1/da4/operation_8hpp__dep__incl.dot deleted file mode 100644 index 94ff3fc..0000000 --- a/doxygen/html/d1/da4/operation_8hpp__dep__incl.dot +++ /dev/null @@ -1,83 +0,0 @@ -digraph "include/obf/transform/operation.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/transform\l/operation.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="include/obf/passes\l/reloc_transform_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/d64/reloc__transform__pass_8hpp.html",tooltip=" "]; - Node2 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="include/theo.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d24/theo_8hpp.html",tooltip=" "]; - Node3 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="src/theo.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d26/theo_8cpp.html",tooltip=" "]; - Node2 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="src/obf/passes/reloc\l_transform_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/da4/reloc__transform__pass_8cpp.html",tooltip=" "]; - Node1 -> Node6 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="include/obf/transform\l/add_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d1/def/add__op_8hpp.html",tooltip=" "]; - Node6 -> Node7 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="include/obf/transform\l/transform.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/deb/transform_8hpp.html",tooltip=" "]; - Node7 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 -> Node8 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="include/obf/transform\l/gen.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/d18/gen_8hpp.html",tooltip=" "]; - Node8 -> Node9 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="include/obf/pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/d5a/pass_8hpp.html",tooltip=" "]; - Node9 -> Node10 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="include/obf/engine.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/d46/engine_8hpp.html",tooltip=" "]; - Node10 -> Node11 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 [label="include/recomp/recomp.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d4/d4a/recomp_8hpp.html",tooltip=" "]; - Node11 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 -> Node12 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 [label="src/recomp/recomp.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$db/d55/recomp_8cpp.html",tooltip=" "]; - Node10 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 -> Node13 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 [label="src/obf/engine.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d5c/engine_8cpp.html",tooltip=" "]; - Node9 -> Node14 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 [label="include/obf/passes\l/jcc_rewrite_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/df9/jcc__rewrite__pass_8hpp.html",tooltip=" "]; - Node14 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 -> Node15 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 [label="src/obf/passes/jcc\l_rewrite_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d9/db4/jcc__rewrite__pass_8cpp.html",tooltip=" "]; - Node9 -> Node16 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node16 [label="include/obf/passes\l/next_inst_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/d54/next__inst__pass_8hpp.html",tooltip=" "]; - Node16 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node16 -> Node15 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node16 -> Node17 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node17 [label="src/obf/passes/next\l_inst_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$df/d7d/next__inst__pass_8cpp.html",tooltip=" "]; - Node9 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 -> Node18 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node18 [label="include/recomp/reloc.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d1/d82/reloc_8hpp.html",tooltip=" "]; - Node18 -> Node19 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node19 [label="include/decomp/symbol.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/d62/symbol_8hpp.html",tooltip=" "]; - Node19 -> Node20 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node20 [label="include/decomp/routine.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/df5/routine_8hpp.html",tooltip=" "]; - Node20 -> Node21 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node21 [label="include/decomp/decomp.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d96/decomp_8hpp.html",tooltip=" "]; - Node21 -> Node11 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node21 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node21 -> Node22 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node22 [label="src/decomp/decomp.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$dc/d83/decomp_8cpp.html",tooltip=" "]; - Node20 -> Node23 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node23 [label="src/decomp/routine.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/dbb/routine_8cpp.html",tooltip=" "]; - Node19 -> Node9 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node19 -> Node24 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node24 [label="include/recomp/symbol\l_table.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d0/d5e/symbol__table_8hpp.html",tooltip=" "]; - Node24 -> Node21 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node24 -> Node11 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node24 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node24 -> Node25 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node25 [label="src/recomp/symbol_table.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d0c/symbol__table_8cpp.html",tooltip=" "]; - Node19 -> Node26 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node26 [label="src/decomp/symbol.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/d67/symbol_8cpp.html",tooltip=" "]; - Node18 -> Node8 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node1 -> Node27 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node27 [label="include/obf/transform\l/rol_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/d8a/rol__op_8hpp.html",tooltip=" "]; - Node27 -> Node7 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node1 -> Node28 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node28 [label="include/obf/transform\l/ror_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d34/ror__op_8hpp.html",tooltip=" "]; - Node28 -> Node7 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node1 -> Node29 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node29 [label="include/obf/transform\l/sub_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/da9/sub__op_8hpp.html",tooltip=" "]; - Node29 -> Node7 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node1 -> Node30 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node30 [label="include/obf/transform\l/xor_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d0/da4/xor__op_8hpp.html",tooltip=" "]; - Node30 -> Node7 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; -} diff --git a/doxygen/html/d1/def/add__op_8hpp_source.html b/doxygen/html/d1/def/add__op_8hpp_source.html deleted file mode 100644 index 13b7405..0000000 --- a/doxygen/html/d1/def/add__op_8hpp_source.html +++ /dev/null @@ -1,133 +0,0 @@ - - - - - - - -Theodosius: include/obf/transform/add_op.hpp Source File - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
add_op.hpp
-
-
-Go to the documentation of this file.
1 // Copyright (c) 2022, _xeroxz
-
2 // All rights reserved.
-
3 //
-
4 // Redistribution and use in source and binary forms, with or without
-
5 // modification, are permitted provided that the following conditions are met:
-
6 //
-
7 // 1. Redistributions of source code must retain the above copyright notice,
-
8 // this list of conditions and the following disclaimer.
-
9 //
-
10 // 2. Redistributions in binary form must reproduce the above copyright notice,
-
11 // this list of conditions and the following disclaimer in the documentation
-
12 // and/or other materials provided with the distribution.
-
13 //
-
14 // 3. Neither the name of the copyright holder nor the names of its
-
15 // contributors may be used to endorse or promote products derived from
-
16 // this software without specific prior written permission.
-
17 //
-
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-
19 // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-
20 // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-
21 // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-
22 // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-
23 // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-
24 // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-
25 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-
26 // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-
27 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-
28 // POSSIBILITY OF SUCH DAMAGE.
-
29 //
-
30 
-
31 #pragma once
-
32 #include <obf/transform/operation.hpp>
-
33 
-
34 namespace theo::obf::transform {
-
35 class add_op_t : public operation_t {
-
36  explicit add_op_t()
-
37  : operation_t([&](std::size_t val,
-
38  std::uint32_t imm) -> std::size_t { return val + imm; },
-
39  XED_ICLASS_ADD) {}
-
40 
-
41  public:
-
42  static add_op_t* get() {
-
43  static add_op_t obj;
-
44  return &obj;
-
45  }
-
46 };
-
47 } // namespace theo::obf::transform
-
theo::obf::transform::add_op_t
Definition: add_op.hpp:35
-
theo::obf::transform::add_op_t::get
static add_op_t * get()
Definition: add_op.hpp:42
-
theo::obf::transform::operation_t
operation_t is the base class for all types of transformations. classes that inherit this class are s...
Definition: operation.hpp:61
-
theo::obf::transform::operation_t::operation_t
operation_t(transform_t op, xed_iclass_enum_t type)
explicit constructor for operation_t
Definition: operation.hpp:69
-
theo::obf::transform
this namespace encompasses the code for transforming relocations.
Definition: add_op.hpp:34
- -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/d2/d0a/classtheo_1_1obf_1_1transform_1_1rol__op__t__inherit__graph.dot b/doxygen/html/d2/d0a/classtheo_1_1obf_1_1transform_1_1rol__op__t__inherit__graph.dot deleted file mode 100644 index 7ccfc41..0000000 --- a/doxygen/html/d2/d0a/classtheo_1_1obf_1_1transform_1_1rol__op__t__inherit__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::rol_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::rol_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d7/de2/classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/d2/d24/theo_8hpp_source.html b/doxygen/html/d2/d24/theo_8hpp_source.html deleted file mode 100644 index 9d77903..0000000 --- a/doxygen/html/d2/d24/theo_8hpp_source.html +++ /dev/null @@ -1,172 +0,0 @@ - - - - - - - -Theodosius: include/theo.hpp Source File - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo.hpp
-
-
-Go to the documentation of this file.
1 // Copyright (c) 2022, _xeroxz
-
2 // All rights reserved.
-
3 //
-
4 // Redistribution and use in source and binary forms, with or without
-
5 // modification, are permitted provided that the following conditions are met:
-
6 //
-
7 // 1. Redistributions of source code must retain the above copyright notice,
-
8 // this list of conditions and the following disclaimer.
-
9 //
-
10 // 2. Redistributions in binary form must reproduce the above copyright notice,
-
11 // this list of conditions and the following disclaimer in the documentation
-
12 // and/or other materials provided with the distribution.
-
13 //
-
14 // 3. Neither the name of the copyright holder nor the names of its
-
15 // contributors may be used to endorse or promote products derived from
-
16 // this software without specific prior written permission.
-
17 //
-
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-
19 // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-
20 // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-
21 // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-
22 // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-
23 // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-
24 // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-
25 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-
26 // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-
27 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-
28 // POSSIBILITY OF SUCH DAMAGE.
-
29 //
-
30 
-
31 #pragma once
-
32 #include <spdlog/spdlog.h>
-
33 #include <decomp/decomp.hpp>
-
34 #include <obf/engine.hpp>
-
35 #include <recomp/recomp.hpp>
-
36 #include <recomp/symbol_table.hpp>
-
37 
-
38 #include <obf/passes/jcc_rewrite_pass.hpp>
-
39 #include <obf/passes/next_inst_pass.hpp>
-
40 #include <obf/passes/reloc_transform_pass.hpp>
-
41 
-
42 #include <optional>
-
43 #include <tuple>
-
44 #include <vector>
-
45 
-
46 #define XED_ENCODER
-
47 extern "C" {
-
48 #include <xed-decode.h>
-
49 #include <xed-interface.h>
-
50 }
-
51 
-
55 namespace theo {
-
56 
-
60 using lnk_fns_t =
-
61  std::tuple<recomp::allocator_t, recomp::copier_t, recomp::resolver_t>;
-
62 
-
70 class theo_t {
-
71  public:
-
79  explicit theo_t(std::vector<std::uint8_t>& lib,
-
80  lnk_fns_t lnkr_fns,
-
81  const std::string&& entry_sym);
-
82 
-
88  std::optional<std::uint32_t> decompose();
-
89 
-
95  std::uintptr_t compose();
-
96 
-
102  std::uintptr_t resolve(const std::string&& sym);
-
103 
-
104  private:
-
105  std::string m_entry_sym;
-
106  decomp::decomp_t m_dcmp;
-
107  recomp::recomp_t m_recmp;
-
108  recomp::symbol_table_t m_sym_tbl;
-
109 };
-
110 } // namespace theo
-
theo::decomp::decomp_t
the main decomposition class which is responsible for breaking down lib file into coff files,...
Definition: decomp.hpp:61
-
theo::recomp::recomp_t
the main class responsible for recomposition
Definition: recomp.hpp:64
-
theo::recomp::symbol_table_t
this class is a high level wrapper for a hashmap that contains decomp::symbol_t values....
Definition: symbol_table.hpp:45
-
theo::theo_t
the main class which encapsulates a symbol table, decomp, and recomp objects. This class is a bridge ...
Definition: theo.hpp:70
-
theo::theo_t::theo_t
theo_t(std::vector< std::uint8_t > &lib, lnk_fns_t lnkr_fns, const std::string &&entry_sym)
explicit constructor for theo class.
Definition: theo.cpp:34
-
theo::theo_t::compose
std::uintptr_t compose()
compose the decomposed module. This will run obfuscation passes, the map and resolve symbols to each ...
Definition: theo.cpp:56
-
theo::theo_t::decompose
std::optional< std::uint32_t > decompose()
decomposes the lib file and return the number of symbols that are used.
Definition: theo.cpp:45
-
theo::theo_t::resolve
std::uintptr_t resolve(const std::string &&sym)
given the name of a symbol, it returns the address of where its mapped.
Definition: theo.cpp:68
- - -
jcc_rewrite_pass.hpp
-
theo
The outer most encompassing namespace of this project.
Definition: decomp.hpp:49
-
theo::lnk_fns_t
std::tuple< recomp::allocator_t, recomp::copier_t, recomp::resolver_t > lnk_fns_t
tuple of functions used by theo to allocate, copy, and resolve symbols.
Definition: theo.hpp:61
-
next_inst_pass.hpp
- -
reloc_transform_pass.hpp
-
symbol_table.hpp
-
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/d2/d26/theo_8cpp_source.html b/doxygen/html/d2/d26/theo_8cpp_source.html deleted file mode 100644 index 5c07d26..0000000 --- a/doxygen/html/d2/d26/theo_8cpp_source.html +++ /dev/null @@ -1,174 +0,0 @@ - - - - - - - -Theodosius: src/theo.cpp Source File - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
theo.cpp
-
-
-Go to the documentation of this file.
1 // Copyright (c) 2022, _xeroxz
-
2 // All rights reserved.
-
3 //
-
4 // Redistribution and use in source and binary forms, with or without
-
5 // modification, are permitted provided that the following conditions are met:
-
6 //
-
7 // 1. Redistributions of source code must retain the above copyright notice,
-
8 // this list of conditions and the following disclaimer.
-
9 //
-
10 // 2. Redistributions in binary form must reproduce the above copyright notice,
-
11 // this list of conditions and the following disclaimer in the documentation
-
12 // and/or other materials provided with the distribution.
-
13 //
-
14 // 3. Neither the name of the copyright holder nor the names of its
-
15 // contributors may be used to endorse or promote products derived from
-
16 // this software without specific prior written permission.
-
17 //
-
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-
19 // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-
20 // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-
21 // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-
22 // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-
23 // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-
24 // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-
25 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-
26 // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-
27 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-
28 // POSSIBILITY OF SUCH DAMAGE.
-
29 //
-
30 
-
31 #include <theo.hpp>
-
32 
-
33 namespace theo {
-
34 theo_t::theo_t(std::vector<std::uint8_t>& lib,
-
35  lnk_fns_t lnkr_fns,
-
36  const std::string&& entry_sym)
-
37  : m_dcmp(lib, &m_sym_tbl),
-
38  m_recmp(&m_dcmp, {}, {}, {}),
-
39  m_entry_sym(entry_sym) {
-
40  m_recmp.allocator(std::get<0>(lnkr_fns));
-
41  m_recmp.copier(std::get<1>(lnkr_fns));
-
42  m_recmp.resolver(std::get<2>(lnkr_fns));
-
43 }
-
44 
-
45 std::optional<std::uint32_t> theo_t::decompose() {
-
46  auto res = m_dcmp.decompose(m_entry_sym);
-
47  if (!res.has_value()) {
-
48  spdlog::error("failed to decompose...\n");
-
49  return {};
-
50  }
-
51 
-
52  spdlog::info("decompose successful... {} symbols", res.value()->size());
-
53  return res.value()->size();
-
54 }
-
55 
-
56 std::uintptr_t theo_t::compose() {
-
57  // run obfuscation engine on all symbols...
-
58  //
-
59  auto engine = obf::engine_t::get();
-
60  m_sym_tbl.for_each([&](decomp::symbol_t& sym) { engine->run(&sym); });
-
61 
-
62  m_recmp.allocate();
-
63  m_recmp.resolve();
-
64  m_recmp.copy_syms();
-
65  return m_recmp.resolve(m_entry_sym.data());
-
66 }
-
67 
-
68 std::uintptr_t theo_t::resolve(const std::string&& sym) {
-
69  auto val = m_sym_tbl.sym_from_hash(decomp::symbol_t::hash(sym));
-
70  if (!val.has_value())
-
71  return {};
-
72 
-
73  return val.value()->allocated_at();
-
74 }
-
75 } // namespace theo
-
theo::decomp::decomp_t::decompose
std::optional< recomp::symbol_table_t * > decompose(std::string &entry_sym)
decomposes (extracts) the symbols used. this function determines all used symbols given the entry poi...
Definition: decomp.cpp:37
-
theo::decomp::symbol_t
symbol_t is an abstraction upon the coff symbol. this allows for easier manipulation of the symbol....
Definition: symbol.hpp:53
-
theo::decomp::symbol_t::hash
std::size_t hash()
gets the hash of the symbol name.
Definition: symbol.cpp:88
-
theo::obf::engine_t::get
static engine_t * get()
get the singleton object of this class.
Definition: engine.cpp:34
-
theo::recomp::recomp_t::copy_syms
void copy_syms()
when called, this function copies symbols into allocations.
Definition: recomp.cpp:155
-
theo::recomp::recomp_t::allocator
void allocator(allocator_t alloc)
setter for the allocater lambda function.
Definition: recomp.cpp:163
-
theo::recomp::recomp_t::resolver
void resolver(resolver_t resolve)
setter for the resolve lambda function.
Definition: recomp.cpp:171
-
theo::recomp::recomp_t::resolve
void resolve()
when called, this function resolves all relocations in every symbol.
Definition: recomp.cpp:92
-
theo::recomp::recomp_t::allocate
void allocate()
when called, this function allocates space for every symbol.
Definition: recomp.cpp:40
-
theo::recomp::recomp_t::copier
void copier(copier_t copy)
setter for the copier lambda function.
Definition: recomp.cpp:167
-
theo::recomp::symbol_table_t::sym_from_hash
std::optional< decomp::symbol_t * > sym_from_hash(std::size_t hash)
returns an optional pointer to a symbol from the symbol table given the symbols hash (hash of its nam...
Definition: symbol_table.cpp:54
-
theo::recomp::symbol_table_t::for_each
void for_each(std::function< void(decomp::symbol_t &sym)> fn)
this function is a wrapper function that allows you to get at each entry in the symbol table by refer...
Definition: symbol_table.cpp:49
-
theo::theo_t::theo_t
theo_t(std::vector< std::uint8_t > &lib, lnk_fns_t lnkr_fns, const std::string &&entry_sym)
explicit constructor for theo class.
Definition: theo.cpp:34
-
theo::theo_t::compose
std::uintptr_t compose()
compose the decomposed module. This will run obfuscation passes, the map and resolve symbols to each ...
Definition: theo.cpp:56
-
theo::theo_t::decompose
std::optional< std::uint32_t > decompose()
decomposes the lib file and return the number of symbols that are used.
Definition: theo.cpp:45
-
theo::theo_t::resolve
std::uintptr_t resolve(const std::string &&sym)
given the name of a symbol, it returns the address of where its mapped.
Definition: theo.cpp:68
-
theo
The outer most encompassing namespace of this project.
Definition: decomp.hpp:49
-
theo::lnk_fns_t
std::tuple< recomp::allocator_t, recomp::copier_t, recomp::resolver_t > lnk_fns_t
tuple of functions used by theo to allocate, copy, and resolve symbols.
Definition: theo.hpp:61
- -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/d2/d4d/reloc_8hpp__incl.dot b/doxygen/html/d2/d4d/reloc_8hpp__incl.dot deleted file mode 100644 index 93b48bb..0000000 --- a/doxygen/html/d2/d4d/reloc_8hpp__incl.dot +++ /dev/null @@ -1,45 +0,0 @@ -digraph "include/recomp/reloc.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/recomp/reloc.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="cstddef",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node1 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="cstdint",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node1 -> Node4 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="obf/transform/transform.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/deb/transform_8hpp.html",tooltip=" "]; - Node4 -> Node5 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="obf/transform/add_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d1/def/add__op_8hpp.html",tooltip=" "]; - Node5 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="obf/transform/operation.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/da4/operation_8hpp.html",tooltip=" "]; - Node6 -> Node7 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="spdlog/spdlog.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node6 -> Node8 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="bit",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node6 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="bitset",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node6 -> Node10 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="functional",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node6 -> Node11 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 [label="map",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node6 -> Node12 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 [label="random",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node6 -> Node13 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 [label="xed-decode.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node6 -> Node14 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 [label="xed-interface.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node4 -> Node15 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 [label="obf/transform/rol_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/d8a/rol__op_8hpp.html",tooltip=" "]; - Node15 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 -> Node16 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node16 [label="obf/transform/ror_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d34/ror__op_8hpp.html",tooltip=" "]; - Node16 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 -> Node17 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node17 [label="obf/transform/sub_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/da9/sub__op_8hpp.html",tooltip=" "]; - Node17 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 -> Node18 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node18 [label="obf/transform/xor_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d0/da4/xor__op_8hpp.html",tooltip=" "]; - Node18 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; -} diff --git a/doxygen/html/d2/d8e/routine_8cpp__incl.dot b/doxygen/html/d2/d8e/routine_8cpp__incl.dot deleted file mode 100644 index 5a3448d..0000000 --- a/doxygen/html/d2/d8e/routine_8cpp__incl.dot +++ /dev/null @@ -1,64 +0,0 @@ -digraph "src/decomp/routine.cpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="src/decomp/routine.cpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="decomp/routine.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/df5/routine_8hpp.html",tooltip=" "]; - Node2 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="map",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node4 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="string",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node5 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="vector",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="spdlog/spdlog.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node2 -> Node7 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="decomp/symbol.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/d62/symbol_8hpp.html",tooltip=" "]; - Node7 -> Node8 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="coff/image.hpp",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node7 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="cstdint",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node7 -> Node10 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="recomp/reloc.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d1/d82/reloc_8hpp.html",tooltip=" "]; - Node10 -> Node11 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 [label="cstddef",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node10 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 -> Node12 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 [label="obf/transform/transform.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/deb/transform_8hpp.html",tooltip=" "]; - Node12 -> Node13 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 [label="obf/transform/add_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d1/def/add__op_8hpp.html",tooltip=" "]; - Node13 -> Node14 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 [label="obf/transform/operation.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/da4/operation_8hpp.html",tooltip=" "]; - Node14 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 -> Node15 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 [label="bit",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node14 -> Node16 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node16 [label="bitset",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node14 -> Node17 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node17 [label="functional",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node14 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 -> Node18 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node18 [label="random",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node14 -> Node19 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node19 [label="xed-decode.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node14 -> Node20 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node20 [label="xed-interface.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node12 -> Node21 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node21 [label="obf/transform/rol_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/d8a/rol__op_8hpp.html",tooltip=" "]; - Node21 -> Node14 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 -> Node22 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node22 [label="obf/transform/ror_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d34/ror__op_8hpp.html",tooltip=" "]; - Node22 -> Node14 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 -> Node23 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node23 [label="obf/transform/sub_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/da9/sub__op_8hpp.html",tooltip=" "]; - Node23 -> Node14 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 -> Node24 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node24 [label="obf/transform/xor_op.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d0/da4/xor__op_8hpp.html",tooltip=" "]; - Node24 -> Node14 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 -> Node4 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 -> Node5 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 -> Node19 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 -> Node20 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; -} diff --git a/doxygen/html/d2/d96/decomp_8hpp_source.html b/doxygen/html/d2/d96/decomp_8hpp_source.html deleted file mode 100644 index 138ec06..0000000 --- a/doxygen/html/d2/d96/decomp_8hpp_source.html +++ /dev/null @@ -1,178 +0,0 @@ - - - - - - - -Theodosius: include/decomp/decomp.hpp Source File - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
decomp.hpp
-
-
-Go to the documentation of this file.
1 // Copyright (c) 2022, _xeroxz
-
2 // All rights reserved.
-
3 //
-
4 // Redistribution and use in source and binary forms, with or without
-
5 // modification, are permitted provided that the following conditions are met:
-
6 //
-
7 // 1. Redistributions of source code must retain the above copyright notice,
-
8 // this list of conditions and the following disclaimer.
-
9 //
-
10 // 2. Redistributions in binary form must reproduce the above copyright notice,
-
11 // this list of conditions and the following disclaimer in the documentation
-
12 // and/or other materials provided with the distribution.
-
13 //
-
14 // 3. Neither the name of the copyright holder nor the names of its
-
15 // contributors may be used to endorse or promote products derived from
-
16 // this software without specific prior written permission.
-
17 //
-
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-
19 // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-
20 // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-
21 // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-
22 // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-
23 // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-
24 // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-
25 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-
26 // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-
27 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-
28 // POSSIBILITY OF SUCH DAMAGE.
-
29 //
-
30 
-
31 #pragma once
-
32 #include <spdlog/spdlog.h>
-
33 #include <cstdint>
-
34 #include <linuxpe>
-
35 #include <optional>
-
36 #include <set>
-
37 #include <tuple>
-
38 #include <vector>
-
39 
-
40 #include <decomp/routine.hpp>
-
41 #include <recomp/symbol_table.hpp>
-
42 
-
43 #include <coff/archive.hpp>
-
44 #include <coff/image.hpp>
-
45 
-
49 namespace theo::decomp {
-
50 
-
55 using sym_data_t = std::tuple<coff::image_t*, coff::symbol_t*, std::uint32_t>;
-
56 
-
61 class decomp_t {
-
62  public:
-
69  explicit decomp_t(std::vector<std::uint8_t>& lib,
-
70  recomp::symbol_table_t* syms);
-
71 
-
76  std::vector<routine_t> rtns();
-
77 
-
82  std::vector<std::uint8_t> lib();
-
83 
-
88  std::vector<std::vector<std::uint8_t>> objs();
-
89 
-
94  recomp::symbol_table_t* syms();
-
95 
-
102  std::map<coff::section_header_t*, std::size_t>& scn_hash_tbl();
-
103 
-
111  std::optional<recomp::symbol_table_t*> decompose(std::string& entry_sym);
-
112 
-
113  private:
-
119  std::uint32_t ext_used_syms(const std::string&& entry_sym);
-
120 
-
126  std::optional<sym_data_t> get_symbol(const std::string_view& name);
-
127 
-
136  std::uint32_t next_sym(coff::image_t* img,
-
137  coff::section_header_t* hdr,
-
138  coff::symbol_t* s);
-
139 
-
140  const std::vector<std::uint8_t> m_lib;
-
141  std::vector<std::vector<std::uint8_t>> m_objs;
-
142  std::vector<routine_t> m_rtns;
-
143  std::set<sym_data_t> m_used_syms;
-
144  std::set<coff::image_t*> m_processed_objs;
-
145  std::map<coff::section_header_t*, std::size_t> m_scn_hash_tbl;
-
146  std::map<std::size_t, std::vector<sym_data_t>> m_lookup_tbl;
-
147  recomp::symbol_table_t* m_syms;
-
148 };
-
149 } // namespace theo::decomp
-
theo::decomp::decomp_t
the main decomposition class which is responsible for breaking down lib file into coff files,...
Definition: decomp.hpp:61
-
theo::decomp::decomp_t::decomp_t
decomp_t(std::vector< std::uint8_t > &lib, recomp::symbol_table_t *syms)
the explicit constructor for decomp_t
Definition: decomp.cpp:34
-
theo::decomp::decomp_t::rtns
std::vector< routine_t > rtns()
gets all of the routine objects.
Definition: decomp.cpp:281
-
theo::decomp::decomp_t::objs
std::vector< std::vector< std::uint8_t > > objs()
gets all the obj files as a vector of a vector of bytes.
Definition: decomp.cpp:289
-
theo::decomp::decomp_t::scn_hash_tbl
std::map< coff::section_header_t *, std::size_t > & scn_hash_tbl()
gets the section hash table section header --> hash of the section header ptr.
Definition: decomp.cpp:297
-
theo::decomp::decomp_t::syms
recomp::symbol_table_t * syms()
gets the symbol table.
Definition: decomp.cpp:293
-
theo::decomp::decomp_t::lib
std::vector< std::uint8_t > lib()
gets a vector of bytes consisting of the lib file.
Definition: decomp.cpp:285
-
theo::decomp::decomp_t::decompose
std::optional< recomp::symbol_table_t * > decompose(std::string &entry_sym)
decomposes (extracts) the symbols used. this function determines all used symbols given the entry poi...
Definition: decomp.cpp:37
-
theo::recomp::symbol_table_t
this class is a high level wrapper for a hashmap that contains decomp::symbol_t values....
Definition: symbol_table.hpp:45
-
theo::decomp
the namespace that contains all of the decomposition related code.
Definition: decomp.hpp:49
-
theo::decomp::sym_data_t
std::tuple< coff::image_t *, coff::symbol_t *, std::uint32_t > sym_data_t
meta symbol data. consists of the coff image which contains the coff symbol, the coff symbol itself,...
Definition: decomp.hpp:55
- -
symbol_table.hpp
-
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/d2/dbb/routine_8cpp_source.html b/doxygen/html/d2/dbb/routine_8cpp_source.html deleted file mode 100644 index 368021b..0000000 --- a/doxygen/html/d2/dbb/routine_8cpp_source.html +++ /dev/null @@ -1,268 +0,0 @@ - - - - - - - -Theodosius: src/decomp/routine.cpp Source File - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
routine.cpp
-
-
-Go to the documentation of this file.
1 // Copyright (c) 2022, _xeroxz
-
2 // All rights reserved.
-
3 //
-
4 // Redistribution and use in source and binary forms, with or without
-
5 // modification, are permitted provided that the following conditions are met:
-
6 //
-
7 // 1. Redistributions of source code must retain the above copyright notice,
-
8 // this list of conditions and the following disclaimer.
-
9 //
-
10 // 2. Redistributions in binary form must reproduce the above copyright notice,
-
11 // this list of conditions and the following disclaimer in the documentation
-
12 // and/or other materials provided with the distribution.
-
13 //
-
14 // 3. Neither the name of the copyright holder nor the names of its
-
15 // contributors may be used to endorse or promote products derived from
-
16 // this software without specific prior written permission.
-
17 //
-
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-
19 // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-
20 // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-
21 // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-
22 // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-
23 // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-
24 // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-
25 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-
26 // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-
27 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-
28 // POSSIBILITY OF SUCH DAMAGE.
-
29 //
-
30 
-
31 #include <decomp/routine.hpp>
-
32 
-
33 namespace theo::decomp {
-
34 routine_t::routine_t(coff::symbol_t* sym,
-
35  coff::image_t* img,
-
36  coff::section_header_t* scn,
-
37  std::vector<std::uint8_t>& fn,
-
38  sym_type_t dcmp_type)
-
39  : m_img(img), m_scn(scn), m_data(fn), m_dcmp_type(dcmp_type), m_sym(sym) {}
-
40 
-
41 std::vector<decomp::symbol_t> routine_t::decompose() {
-
42  std::vector<decomp::symbol_t> result;
-
43 
-
44  switch (m_dcmp_type) {
-
45  case function: {
-
46  std::vector<recomp::reloc_t> relocs;
-
47  auto scn_relocs = reinterpret_cast<coff::reloc_t*>(
-
48  m_scn->ptr_relocs + reinterpret_cast<std::uint8_t*>(m_img));
-
49 
-
50  for (auto idx = 0u; idx < m_scn->num_relocs; ++idx) {
-
51  auto scn_reloc = &scn_relocs[idx];
-
52  // if the reloc is in the current function...
-
53  if (scn_reloc->virtual_address >= m_sym->value &&
-
54  scn_reloc->virtual_address < m_sym->value + m_data.size()) {
-
55  auto sym_reloc = m_img->get_symbol(scn_relocs[idx].symbol_index);
-
56  auto sym_name = symbol_t::name(m_img, sym_reloc);
-
57  auto sym_hash = decomp::symbol_t::hash(sym_name.data());
-
58  relocs.push_back(
-
59  recomp::reloc_t(scn_reloc->virtual_address - m_sym->value,
-
60  sym_hash, sym_name.data()));
-
61  }
-
62  }
-
63 
-
64  result.push_back(decomp::symbol_t(
-
65  m_img, symbol_t::name(m_img, m_sym).data(), m_sym->value, m_data,
-
66  m_scn, m_sym, relocs, sym_type_t::function));
-
67  break;
-
68  }
-
69  case instruction: {
-
70  std::uint32_t offset = {};
-
71  xed_error_enum_t err;
-
72 
-
73  xed_decoded_inst_t instr;
-
74  xed_state_t istate{XED_MACHINE_MODE_LONG_64, XED_ADDRESS_WIDTH_64b};
-
75  xed_decoded_inst_zero_set_mode(&instr, &istate);
-
76 
-
77  // keep looping over the section, lower the number of bytes each time...
-
78  //
-
79  while ((err = xed_decode(&instr, m_data.data() + offset,
-
80  m_data.size() - offset)) == XED_ERROR_NONE) {
-
81  // symbol name is of the format: symbol@instroffset, I.E: main@11...
-
82  //
-
83  auto new_sym_name = symbol_t::name(m_img, m_sym);
-
84 
-
85  // first instruction doesnt need the @offset...
-
86  //
-
87  if (offset)
-
88  new_sym_name.append("@").append(std::to_string(offset));
-
89 
-
90  std::vector<recomp::reloc_t> relocs;
-
91  auto scn_relocs = reinterpret_cast<coff::reloc_t*>(
-
92  m_scn->ptr_relocs + reinterpret_cast<std::uint8_t*>(m_img));
-
93 
-
94  // find if this instruction has a relocation or not...
-
95  // if so, return the reloc_t...
-
96  //
-
97  auto reloc = std::find_if(
-
98  scn_relocs, scn_relocs + m_scn->num_relocs,
-
99  [&](coff::reloc_t reloc) {
-
100  return reloc.virtual_address >= m_sym->value + offset &&
-
101  reloc.virtual_address <
-
102  m_sym->value + offset +
-
103  xed_decoded_inst_get_length(&instr);
-
104  });
-
105 
-
106  // if there is indeed a reloc for this instruction...
-
107  //
-
108  if (reloc != scn_relocs + m_scn->num_relocs) {
-
109  auto sym_reloc = m_img->get_symbol(reloc->symbol_index);
-
110  auto sym_name = symbol_t::name(m_img, sym_reloc);
-
111  auto sym_hash = decomp::symbol_t::hash(sym_name.data());
-
112  auto reloc_offset = reloc->virtual_address - m_sym->value - offset;
-
113 
-
114  relocs.push_back(
-
115  recomp::reloc_t(reloc_offset, sym_hash, sym_name.data()));
-
116  }
-
117 
-
118  // add a reloc to the next instruction...
-
119  // note that the offset is ZERO... comp_t will understand that
-
120  // relocs with offset ZERO means the next instructions...
-
121  //
-
122  auto next_inst_sym =
-
123  symbol_t::name(m_img, m_sym)
-
124  .append("@")
-
125  .append(std::to_string(offset +
-
126  xed_decoded_inst_get_length(&instr)));
-
127 
-
128  relocs.push_back(recomp::reloc_t(
-
129  0, decomp::symbol_t::hash(next_inst_sym), next_inst_sym.data()));
-
130 
-
131  // get the instructions bytes
-
132  //
-
133  std::vector<std::uint8_t> inst_bytes(
-
134  m_data.data() + offset,
-
135  m_data.data() + offset + xed_decoded_inst_get_length(&instr));
-
136 
-
137  result.push_back(decomp::symbol_t(m_img, new_sym_name, offset,
-
138  inst_bytes, m_scn, m_sym, relocs,
-
139  sym_type_t::instruction));
-
140 
-
141  // after creating the symbol and dealing with relocs then print the
-
142  // information we have concluded...
-
143  //
-
144  char buff[255];
-
145  offset += xed_decoded_inst_get_length(&instr);
-
146  xed_format_context(XED_SYNTAX_INTEL, &instr, buff, sizeof buff, NULL,
-
147  NULL, NULL);
-
148 
-
149  spdlog::info("{}: {}", new_sym_name, buff);
-
150  // need to set this so that instr can be used to decode again...
-
151  xed_decoded_inst_zero_set_mode(&instr, &istate);
-
152  }
-
153 
-
154  // remove the relocation to the next symbol from the last instruction
-
155  //
-
156  auto& last_inst = result.back();
-
157  auto& last_inst_relocs = last_inst.relocs();
-
158  last_inst_relocs.erase(last_inst_relocs.end() - 1);
-
159  break;
-
160  }
-
161  default:
-
162  break;
-
163  }
-
164 
-
165  return result;
-
166 }
-
167 
-
168 coff::section_header_t* routine_t::scn() {
-
169  return m_scn;
-
170 }
-
171 
-
172 std::vector<std::uint8_t> routine_t::data() {
-
173  return m_data;
-
174 }
-
175 } // namespace theo::decomp
-
theo::decomp::routine_t::decompose
std::vector< decomp::symbol_t > decompose()
decompose the function into symbol(s).
Definition: routine.cpp:41
-
theo::decomp::routine_t::data
std::vector< std::uint8_t > data()
gets the function bytes.
Definition: routine.cpp:172
-
theo::decomp::routine_t::routine_t
routine_t(coff::symbol_t *sym, coff::image_t *img, coff::section_header_t *scn, std::vector< std::uint8_t > &fn, sym_type_t dcmp_type)
the explicit constructor for routine_t.
Definition: routine.cpp:34
-
theo::decomp::routine_t::scn
coff::section_header_t * scn()
gets the section header of the section in which the symbol is located in.
Definition: routine.cpp:168
-
theo::decomp::symbol_t
symbol_t is an abstraction upon the coff symbol. this allows for easier manipulation of the symbol....
Definition: symbol.hpp:53
-
theo::decomp::symbol_t::name
std::string name() const
gets the name of the symbol.
Definition: symbol.cpp:52
-
theo::decomp::symbol_t::hash
std::size_t hash()
gets the hash of the symbol name.
Definition: symbol.cpp:88
-
theo::recomp::reloc_t
meta data about a relocation for a symbol
Definition: reloc.hpp:41
-
theo::decomp
the namespace that contains all of the decomposition related code.
Definition: decomp.hpp:49
-
theo::decomp::sym_type_t
sym_type_t
meta symbol type. this is an abstraction upon the coff symbol storage/class type.
Definition: symbol.hpp:43
- - - -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/d2/dee/rol__op_8hpp__dep__incl.dot b/doxygen/html/d2/dee/rol__op_8hpp__dep__incl.dot deleted file mode 100644 index 5f45c17..0000000 --- a/doxygen/html/d2/dee/rol__op_8hpp__dep__incl.dot +++ /dev/null @@ -1,68 +0,0 @@ -digraph "include/obf/transform/rol_op.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/transform\l/rol_op.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="include/obf/transform\l/transform.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/deb/transform_8hpp.html",tooltip=" "]; - Node2 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="include/obf/passes\l/reloc_transform_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/d64/reloc__transform__pass_8hpp.html",tooltip=" "]; - Node3 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="include/theo.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d24/theo_8hpp.html",tooltip=" "]; - Node4 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="src/theo.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d26/theo_8cpp.html",tooltip=" "]; - Node3 -> Node6 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="src/obf/passes/reloc\l_transform_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/da4/reloc__transform__pass_8cpp.html",tooltip=" "]; - Node2 -> Node7 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="include/obf/transform\l/gen.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/d18/gen_8hpp.html",tooltip=" "]; - Node7 -> Node8 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="include/obf/pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/d5a/pass_8hpp.html",tooltip=" "]; - Node8 -> Node9 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="include/obf/engine.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/d46/engine_8hpp.html",tooltip=" "]; - Node9 -> Node10 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="include/recomp/recomp.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d4/d4a/recomp_8hpp.html",tooltip=" "]; - Node10 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 -> Node11 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 [label="src/recomp/recomp.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$db/d55/recomp_8cpp.html",tooltip=" "]; - Node9 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 -> Node12 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 [label="src/obf/engine.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d5c/engine_8cpp.html",tooltip=" "]; - Node8 -> Node13 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 [label="include/obf/passes\l/jcc_rewrite_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/df9/jcc__rewrite__pass_8hpp.html",tooltip=" "]; - Node13 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 -> Node14 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 [label="src/obf/passes/jcc\l_rewrite_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d9/db4/jcc__rewrite__pass_8cpp.html",tooltip=" "]; - Node8 -> Node15 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 [label="include/obf/passes\l/next_inst_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/d54/next__inst__pass_8hpp.html",tooltip=" "]; - Node15 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 -> Node14 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 -> Node16 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node16 [label="src/obf/passes/next\l_inst_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$df/d7d/next__inst__pass_8cpp.html",tooltip=" "]; - Node8 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 -> Node17 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node17 [label="include/recomp/reloc.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d1/d82/reloc_8hpp.html",tooltip=" "]; - Node17 -> Node18 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node18 [label="include/decomp/symbol.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/d62/symbol_8hpp.html",tooltip=" "]; - Node18 -> Node19 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node19 [label="include/decomp/routine.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/df5/routine_8hpp.html",tooltip=" "]; - Node19 -> Node20 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node20 [label="include/decomp/decomp.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d96/decomp_8hpp.html",tooltip=" "]; - Node20 -> Node10 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node20 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node20 -> Node21 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node21 [label="src/decomp/decomp.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$dc/d83/decomp_8cpp.html",tooltip=" "]; - Node19 -> Node22 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node22 [label="src/decomp/routine.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/dbb/routine_8cpp.html",tooltip=" "]; - Node18 -> Node8 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node18 -> Node23 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node23 [label="include/recomp/symbol\l_table.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d0/d5e/symbol__table_8hpp.html",tooltip=" "]; - Node23 -> Node20 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node23 -> Node10 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node23 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node23 -> Node24 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node24 [label="src/recomp/symbol_table.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d0c/symbol__table_8cpp.html",tooltip=" "]; - Node18 -> Node25 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node25 [label="src/decomp/symbol.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/d67/symbol_8cpp.html",tooltip=" "]; - Node17 -> Node7 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; -} diff --git a/doxygen/html/d2/df9/jcc__rewrite__pass_8hpp_source.html b/doxygen/html/d2/df9/jcc__rewrite__pass_8hpp_source.html deleted file mode 100644 index d23b96e..0000000 --- a/doxygen/html/d2/df9/jcc__rewrite__pass_8hpp_source.html +++ /dev/null @@ -1,131 +0,0 @@ - - - - - - - -Theodosius: include/obf/passes/jcc_rewrite_pass.hpp Source File - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
jcc_rewrite_pass.hpp
-
-
-Go to the documentation of this file.
1 // Copyright (c) 2022, _xeroxz
-
2 // All rights reserved.
-
3 //
-
4 // Redistribution and use in source and binary forms, with or without
-
5 // modification, are permitted provided that the following conditions are met:
-
6 //
-
7 // 1. Redistributions of source code must retain the above copyright notice,
-
8 // this list of conditions and the following disclaimer.
-
9 //
-
10 // 2. Redistributions in binary form must reproduce the above copyright notice,
-
11 // this list of conditions and the following disclaimer in the documentation
-
12 // and/or other materials provided with the distribution.
-
13 //
-
14 // 3. Neither the name of the copyright holder nor the names of its
-
15 // contributors may be used to endorse or promote products derived from
-
16 // this software without specific prior written permission.
-
17 //
-
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-
19 // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-
20 // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-
21 // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-
22 // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-
23 // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-
24 // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-
25 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-
26 // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-
27 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-
28 // POSSIBILITY OF SUCH DAMAGE.
-
29 //
-
30 
-
31 #pragma once
-
32 #include <obf/pass.hpp>
-
33 
-
34 namespace theo::obf {
-
61 class jcc_rewrite_pass_t : public pass_t {
-
62  explicit jcc_rewrite_pass_t() : pass_t(decomp::sym_type_t::instruction){};
-
63 
-
64  public:
-
65  static jcc_rewrite_pass_t* get();
-
66  void run(decomp::symbol_t* sym);
-
67 };
-
68 } // namespace theo::obf
-
theo::decomp::symbol_t
symbol_t is an abstraction upon the coff symbol. this allows for easier manipulation of the symbol....
Definition: symbol.hpp:53
-
theo::obf::jcc_rewrite_pass_t
jcc rewrite pass which rewrites rip relative jcc's so that they are position independent.
Definition: jcc_rewrite_pass.hpp:61
-
theo::obf::jcc_rewrite_pass_t::run
void run(decomp::symbol_t *sym)
virtual method which must be implimented by the pass that inherits this class.
Definition: jcc_rewrite_pass.cpp:40
-
theo::obf::jcc_rewrite_pass_t::get
static jcc_rewrite_pass_t * get()
Definition: jcc_rewrite_pass.cpp:35
-
theo::obf::pass_t
the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct...
Definition: pass.hpp:55
-
theo::obf::pass_t::pass_t
pass_t(decomp::sym_type_t sym_type)
the explicit constructor of the pass_t base class.
Definition: pass.hpp:63
- -
theo::obf
this is the main namespace for obfuscation related things.
Definition: engine.hpp:36
- -
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/d3/d0b/classtheo_1_1obf_1_1transform_1_1sub__op__t__coll__graph.dot b/doxygen/html/d3/d0b/classtheo_1_1obf_1_1transform_1_1sub__op__t__coll__graph.dot deleted file mode 100644 index 32583ef..0000000 --- a/doxygen/html/d3/d0b/classtheo_1_1obf_1_1transform_1_1sub__op__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::sub_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::sub_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d7/de2/classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/d3/d53/classtheo_1_1obf_1_1pass__t__inherit__graph.dot b/doxygen/html/d3/d53/classtheo_1_1obf_1_1pass__t__inherit__graph.dot deleted file mode 100644 index f657a26..0000000 --- a/doxygen/html/d3/d53/classtheo_1_1obf_1_1pass__t__inherit__graph.dot +++ /dev/null @@ -1,14 +0,0 @@ -digraph "theo::obf::pass_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - rankdir="LR"; - Node1 [label="theo::obf::pass_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct..."]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::jcc_rewrite\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/dc1/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html",tooltip="jcc rewrite pass which rewrites rip relative jcc's so that they are position independent."]; - Node1 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="theo::obf::next_inst\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/d08/classtheo_1_1obf_1_1next__inst__pass__t.html",tooltip="This pass is used to generate transformations and jmp code to change RIP to the next instruction."]; - Node1 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="theo::obf::reloc_transform\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$dc/d39/classtheo_1_1obf_1_1reloc__transform__pass__t.html",tooltip="this pass is like the next_inst_pass, however, relocations are encrypted with transformations instead..."]; -} diff --git a/doxygen/html/d3/dc7/gen_8hpp__dep__incl.dot b/doxygen/html/d3/dc7/gen_8hpp__dep__incl.dot deleted file mode 100644 index 3a89e8e..0000000 --- a/doxygen/html/d3/dc7/gen_8hpp__dep__incl.dot +++ /dev/null @@ -1,38 +0,0 @@ -digraph "include/obf/transform/gen.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/transform\l/gen.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="include/obf/pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/d5a/pass_8hpp.html",tooltip=" "]; - Node2 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="include/obf/engine.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/d46/engine_8hpp.html",tooltip=" "]; - Node3 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="include/recomp/recomp.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d4/d4a/recomp_8hpp.html",tooltip=" "]; - Node4 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="include/theo.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d24/theo_8hpp.html",tooltip=" "]; - Node5 -> Node6 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="src/theo.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d26/theo_8cpp.html",tooltip=" "]; - Node4 -> Node7 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="src/recomp/recomp.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$db/d55/recomp_8cpp.html",tooltip=" "]; - Node3 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 -> Node8 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="src/obf/engine.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d5c/engine_8cpp.html",tooltip=" "]; - Node2 -> Node9 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="include/obf/passes\l/jcc_rewrite_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/df9/jcc__rewrite__pass_8hpp.html",tooltip=" "]; - Node9 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 -> Node10 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="src/obf/passes/jcc\l_rewrite_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d9/db4/jcc__rewrite__pass_8cpp.html",tooltip=" "]; - Node2 -> Node11 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 [label="include/obf/passes\l/next_inst_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/d54/next__inst__pass_8hpp.html",tooltip=" "]; - Node11 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 -> Node10 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 -> Node12 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 [label="src/obf/passes/next\l_inst_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$df/d7d/next__inst__pass_8cpp.html",tooltip=" "]; - Node2 -> Node13 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 [label="include/obf/passes\l/reloc_transform_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/d64/reloc__transform__pass_8hpp.html",tooltip=" "]; - Node13 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 -> Node14 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 [label="src/obf/passes/reloc\l_transform_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/da4/reloc__transform__pass_8cpp.html",tooltip=" "]; -} diff --git a/doxygen/html/d3/de4/operation_8hpp__incl.dot b/doxygen/html/d3/de4/operation_8hpp__incl.dot deleted file mode 100644 index 7d932ed..0000000 --- a/doxygen/html/d3/de4/operation_8hpp__incl.dot +++ /dev/null @@ -1,23 +0,0 @@ -digraph "include/obf/transform/operation.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/transform\l/operation.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="spdlog/spdlog.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node1 -> Node3 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="bit",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node1 -> Node4 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="bitset",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node1 -> Node5 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="functional",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node1 -> Node6 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="map",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node1 -> Node7 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="random",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node1 -> Node8 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="xed-decode.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; - Node1 -> Node9 [color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="xed-interface.h",height=0.2,width=0.4,color="grey75", fillcolor="white", style="filled",tooltip=" "]; -} diff --git a/doxygen/html/d3/df8/classtheo_1_1obf_1_1next__inst__pass__t__coll__graph.dot b/doxygen/html/d3/df8/classtheo_1_1obf_1_1next__inst__pass__t__coll__graph.dot deleted file mode 100644 index b7d9bf4..0000000 --- a/doxygen/html/d3/df8/classtheo_1_1obf_1_1next__inst__pass__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::next_inst_pass_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::next_inst\l_pass_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip="This pass is used to generate transformations and jmp code to change RIP to the next instruction."]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::pass_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d4/dad/classtheo_1_1obf_1_1pass__t.html",tooltip="the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct..."]; -} diff --git a/doxygen/html/d4/d19/classtheo_1_1obf_1_1transform_1_1add__op__t__inherit__graph.dot b/doxygen/html/d4/d19/classtheo_1_1obf_1_1transform_1_1add__op__t__inherit__graph.dot deleted file mode 100644 index cf73add..0000000 --- a/doxygen/html/d4/d19/classtheo_1_1obf_1_1transform_1_1add__op__t__inherit__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::add_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::add_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d7/de2/classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/d4/d1f/classtheo_1_1obf_1_1transform_1_1ror__op__t__coll__graph.dot b/doxygen/html/d4/d1f/classtheo_1_1obf_1_1transform_1_1ror__op__t__coll__graph.dot deleted file mode 100644 index ffcd72c..0000000 --- a/doxygen/html/d4/d1f/classtheo_1_1obf_1_1transform_1_1ror__op__t__coll__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::ror_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::ror_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d7/de2/classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/d4/d2a/symbol_8hpp__dep__incl.dot b/doxygen/html/d4/d2a/symbol_8hpp__dep__incl.dot deleted file mode 100644 index d4c7fad..0000000 --- a/doxygen/html/d4/d2a/symbol_8hpp__dep__incl.dot +++ /dev/null @@ -1,57 +0,0 @@ -digraph "include/decomp/symbol.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/decomp/symbol.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="include/decomp/routine.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/df5/routine_8hpp.html",tooltip=" "]; - Node2 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="include/decomp/decomp.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d96/decomp_8hpp.html",tooltip=" "]; - Node3 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="include/recomp/recomp.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d4/d4a/recomp_8hpp.html",tooltip=" "]; - Node4 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="include/theo.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d24/theo_8hpp.html",tooltip=" "]; - Node5 -> Node6 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="src/theo.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d26/theo_8cpp.html",tooltip=" "]; - Node4 -> Node7 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="src/recomp/recomp.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$db/d55/recomp_8cpp.html",tooltip=" "]; - Node3 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 -> Node8 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="src/decomp/decomp.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$dc/d83/decomp_8cpp.html",tooltip=" "]; - Node2 -> Node9 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="src/decomp/routine.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/dbb/routine_8cpp.html",tooltip=" "]; - Node1 -> Node10 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="include/obf/pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/d5a/pass_8hpp.html",tooltip=" "]; - Node10 -> Node11 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 [label="include/obf/engine.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/d46/engine_8hpp.html",tooltip=" "]; - Node11 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 -> Node12 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 [label="src/obf/engine.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d5c/engine_8cpp.html",tooltip=" "]; - Node10 -> Node13 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 [label="include/obf/passes\l/jcc_rewrite_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/df9/jcc__rewrite__pass_8hpp.html",tooltip=" "]; - Node13 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 -> Node14 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 [label="src/obf/passes/jcc\l_rewrite_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d9/db4/jcc__rewrite__pass_8cpp.html",tooltip=" "]; - Node10 -> Node15 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 [label="include/obf/passes\l/next_inst_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/d54/next__inst__pass_8hpp.html",tooltip=" "]; - Node15 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 -> Node14 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 -> Node16 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node16 [label="src/obf/passes/next\l_inst_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$df/d7d/next__inst__pass_8cpp.html",tooltip=" "]; - Node10 -> Node17 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node17 [label="include/obf/passes\l/reloc_transform_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/d64/reloc__transform__pass_8hpp.html",tooltip=" "]; - Node17 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node17 -> Node18 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node18 [label="src/obf/passes/reloc\l_transform_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/da4/reloc__transform__pass_8cpp.html",tooltip=" "]; - Node1 -> Node19 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node19 [label="include/recomp/symbol\l_table.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d0/d5e/symbol__table_8hpp.html",tooltip=" "]; - Node19 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node19 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node19 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node19 -> Node20 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node20 [label="src/recomp/symbol_table.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d0c/symbol__table_8cpp.html",tooltip=" "]; - Node1 -> Node21 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node21 [label="src/decomp/symbol.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/d67/symbol_8cpp.html",tooltip=" "]; -} diff --git a/doxygen/html/d4/d3f/classtheo_1_1obf_1_1transform_1_1xor__op__t__inherit__graph.dot b/doxygen/html/d4/d3f/classtheo_1_1obf_1_1transform_1_1xor__op__t__inherit__graph.dot deleted file mode 100644 index 488add8..0000000 --- a/doxygen/html/d4/d3f/classtheo_1_1obf_1_1transform_1_1xor__op__t__inherit__graph.dot +++ /dev/null @@ -1,9 +0,0 @@ -digraph "theo::obf::transform::xor_op_t" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="theo::obf::transform\l::xor_op_t",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node2 -> Node1 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="theo::obf::transform\l::operation_t",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d7/de2/classtheo_1_1obf_1_1transform_1_1operation__t.html",tooltip="operation_t is the base class for all types of transformations. classes that inherit this class are s..."]; -} diff --git a/doxygen/html/d4/d4a/recomp_8hpp_source.html b/doxygen/html/d4/d4a/recomp_8hpp_source.html deleted file mode 100644 index 1f33159..0000000 --- a/doxygen/html/d4/d4a/recomp_8hpp_source.html +++ /dev/null @@ -1,170 +0,0 @@ - - - - - - - -Theodosius: include/recomp/recomp.hpp Source File - - - - - - - - - -
-
- - - - - - -
-
Theodosius -  v3.0 -
-
Jit linker, mapper, obfuscator, and mutator
-
-
- - - - - - - - -
-
- - -
- -
- - -
-
-
-
recomp.hpp
-
-
-Go to the documentation of this file.
1 // Copyright (c) 2022, _xeroxz
-
2 // All rights reserved.
-
3 //
-
4 // Redistribution and use in source and binary forms, with or without
-
5 // modification, are permitted provided that the following conditions are met:
-
6 //
-
7 // 1. Redistributions of source code must retain the above copyright notice,
-
8 // this list of conditions and the following disclaimer.
-
9 //
-
10 // 2. Redistributions in binary form must reproduce the above copyright notice,
-
11 // this list of conditions and the following disclaimer in the documentation
-
12 // and/or other materials provided with the distribution.
-
13 //
-
14 // 3. Neither the name of the copyright holder nor the names of its
-
15 // contributors may be used to endorse or promote products derived from
-
16 // this software without specific prior written permission.
-
17 //
-
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-
19 // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-
20 // IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-
21 // ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-
22 // LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-
23 // CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-
24 // SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-
25 // INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-
26 // CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-
27 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-
28 // POSSIBILITY OF SUCH DAMAGE.
-
29 //
-
30 
-
31 #pragma once
-
32 #include <decomp/decomp.hpp>
-
33 #include <obf/engine.hpp>
-
34 #include <recomp/symbol_table.hpp>
-
35 
-
39 namespace theo::recomp {
-
40 
-
44 using resolver_t = std::function<std::uintptr_t(std::string)>;
-
45 
-
49 using copier_t = std::function<void(std::uintptr_t, void*, std::uint32_t)>;
-
50 
-
57 using allocator_t =
-
58  std::function<std::uintptr_t(std::uint32_t,
-
59  coff::section_characteristics_t)>;
-
60 
-
64 class recomp_t {
-
65  public:
-
74  explicit recomp_t(decomp::decomp_t* dcmp,
-
75  allocator_t alloc,
-
76  copier_t copy,
-
77  resolver_t resolve);
-
78 
-
82  void allocate();
-
83 
-
87  void resolve();
-
88 
-
92  void copy_syms();
-
93 
-
99  void allocator(allocator_t alloc);
-
100 
-
106  void copier(copier_t copy);
-
107 
-
112  void resolver(resolver_t resolve);
-
113 
-
119  std::uintptr_t resolve(const std::string&& sym);
-
120 
-
121  private:
-
122  decomp::decomp_t* m_dcmp;
-
123  resolver_t m_resolver;
-
124  copier_t m_copier;
-
125  allocator_t m_allocator;
-
126 };
-
127 } // namespace theo::recomp
-
theo::decomp::decomp_t
the main decomposition class which is responsible for breaking down lib file into coff files,...
Definition: decomp.hpp:61
-
theo::recomp::recomp_t
the main class responsible for recomposition
Definition: recomp.hpp:64
-
theo::recomp::recomp_t::copy_syms
void copy_syms()
when called, this function copies symbols into allocations.
Definition: recomp.cpp:155
-
theo::recomp::recomp_t::allocator
void allocator(allocator_t alloc)
setter for the allocater lambda function.
Definition: recomp.cpp:163
-
theo::recomp::recomp_t::resolver
void resolver(resolver_t resolve)
setter for the resolve lambda function.
Definition: recomp.cpp:171
-
theo::recomp::recomp_t::resolve
void resolve()
when called, this function resolves all relocations in every symbol.
Definition: recomp.cpp:92
-
theo::recomp::recomp_t::allocate
void allocate()
when called, this function allocates space for every symbol.
Definition: recomp.cpp:40
-
theo::recomp::recomp_t::copier
void copier(copier_t copy)
setter for the copier lambda function.
Definition: recomp.cpp:167
-
theo::recomp::recomp_t::recomp_t
recomp_t(decomp::decomp_t *dcmp, allocator_t alloc, copier_t copy, resolver_t resolve)
the explicit constructor for the recomp_t class.
Definition: recomp.cpp:34
- - - -
theo::recomp
this namespace encompasses all recomposition related code.
Definition: recomp.hpp:39
-
theo::recomp::copier_t
std::function< void(std::uintptr_t, void *, std::uint32_t)> copier_t
a function which is called by recomp_t to copy symbols into memory.
Definition: recomp.hpp:49
-
theo::recomp::resolver_t
std::function< std::uintptr_t(std::string)> resolver_t
a function which is called by recomp_t to resolve external symbols
Definition: recomp.hpp:44
-
theo::recomp::allocator_t
std::function< std::uintptr_t(std::uint32_t, coff::section_characteristics_t)> allocator_t
a function which is called to allocate space for a symbol.
Definition: recomp.hpp:59
-
symbol_table.hpp
-
- -
-Generated by doxygen 1.9.1 -
- - diff --git a/doxygen/html/d4/d52/sub__op_8hpp__dep__incl.dot b/doxygen/html/d4/d52/sub__op_8hpp__dep__incl.dot deleted file mode 100644 index 897c1b4..0000000 --- a/doxygen/html/d4/d52/sub__op_8hpp__dep__incl.dot +++ /dev/null @@ -1,68 +0,0 @@ -digraph "include/obf/transform/sub_op.hpp" -{ - // LATEX_PDF_SIZE - edge [fontname="Helvetica",fontsize="10",labelfontname="Helvetica",labelfontsize="10"]; - node [fontname="Helvetica",fontsize="10",shape=record]; - Node1 [label="include/obf/transform\l/sub_op.hpp",height=0.2,width=0.4,color="black", fillcolor="grey75", style="filled", fontcolor="black",tooltip=" "]; - Node1 -> Node2 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 [label="include/obf/transform\l/transform.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/deb/transform_8hpp.html",tooltip=" "]; - Node2 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node3 [label="include/obf/passes\l/reloc_transform_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/d64/reloc__transform__pass_8hpp.html",tooltip=" "]; - Node3 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node4 [label="include/theo.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d24/theo_8hpp.html",tooltip=" "]; - Node4 -> Node5 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node5 [label="src/theo.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d26/theo_8cpp.html",tooltip=" "]; - Node3 -> Node6 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node6 [label="src/obf/passes/reloc\l_transform_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/da4/reloc__transform__pass_8cpp.html",tooltip=" "]; - Node2 -> Node7 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node7 [label="include/obf/transform\l/gen.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/d18/gen_8hpp.html",tooltip=" "]; - Node7 -> Node8 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node8 [label="include/obf/pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/d5a/pass_8hpp.html",tooltip=" "]; - Node8 -> Node9 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 [label="include/obf/engine.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/d46/engine_8hpp.html",tooltip=" "]; - Node9 -> Node10 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 [label="include/recomp/recomp.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d4/d4a/recomp_8hpp.html",tooltip=" "]; - Node10 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node10 -> Node11 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node11 [label="src/recomp/recomp.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$db/d55/recomp_8cpp.html",tooltip=" "]; - Node9 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node9 -> Node12 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node12 [label="src/obf/engine.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d5c/engine_8cpp.html",tooltip=" "]; - Node8 -> Node13 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 [label="include/obf/passes\l/jcc_rewrite_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/df9/jcc__rewrite__pass_8hpp.html",tooltip=" "]; - Node13 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node13 -> Node14 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node14 [label="src/obf/passes/jcc\l_rewrite_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d9/db4/jcc__rewrite__pass_8cpp.html",tooltip=" "]; - Node8 -> Node15 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 [label="include/obf/passes\l/next_inst_pass.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d5/d54/next__inst__pass_8hpp.html",tooltip=" "]; - Node15 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 -> Node14 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node15 -> Node16 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node16 [label="src/obf/passes/next\l_inst_pass.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$df/d7d/next__inst__pass_8cpp.html",tooltip=" "]; - Node8 -> Node3 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node2 -> Node17 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node17 [label="include/recomp/reloc.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d1/d82/reloc_8hpp.html",tooltip=" "]; - Node17 -> Node18 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node18 [label="include/decomp/symbol.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d6/d62/symbol_8hpp.html",tooltip=" "]; - Node18 -> Node19 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node19 [label="include/decomp/routine.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$de/df5/routine_8hpp.html",tooltip=" "]; - Node19 -> Node20 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node20 [label="include/decomp/decomp.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/d96/decomp_8hpp.html",tooltip=" "]; - Node20 -> Node10 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node20 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node20 -> Node21 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node21 [label="src/decomp/decomp.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$dc/d83/decomp_8cpp.html",tooltip=" "]; - Node19 -> Node22 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node22 [label="src/decomp/routine.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d2/dbb/routine_8cpp.html",tooltip=" "]; - Node18 -> Node8 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node18 -> Node23 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node23 [label="include/recomp/symbol\l_table.hpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d0/d5e/symbol__table_8hpp.html",tooltip=" "]; - Node23 -> Node20 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node23 -> Node10 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node23 -> Node4 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node23 -> Node24 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node24 [label="src/recomp/symbol_table.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$da/d0c/symbol__table_8cpp.html",tooltip=" "]; - Node18 -> Node25 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; - Node25 [label="src/decomp/symbol.cpp",height=0.2,width=0.4,color="black", fillcolor="white", style="filled",URL="$d8/d67/symbol_8cpp.html",tooltip=" "]; - Node17 -> Node7 [dir="back",color="midnightblue",fontsize="10",style="solid",fontname="Helvetica"]; -} diff --git a/doxygen/html/d4/dad/classtheo_1_1obf_1_1pass__t.html b/doxygen/html/d4/dad/classtheo_1_1obf_1_1pass__t.html index d991a04..aa2e33a 100644 --- a/doxygen/html/d4/dad/classtheo_1_1obf_1_1pass__t.html +++ b/doxygen/html/d4/dad/classtheo_1_1obf_1_1pass__t.html @@ -85,9 +85,10 @@ Inheritance diagram for theo::obf::pass_t:
-theo::obf::jcc_rewrite_pass_t -theo::obf::next_inst_pass_t -theo::obf::reloc_transform_pass_t +theo::obf::hello_world_pass_t +theo::obf::jcc_rewrite_pass_t +theo::obf::next_inst_pass_t +theo::obf::reloc_transform_pass_t
@@ -138,7 +139,9 @@ Public Member Functions
- +
63 : m_sym_type(sym_type){};
+
theo::obf::pass_t::sym_type
decomp::sym_type_t sym_type()
gets the passes symbol type.
Definition: pass.hpp:76
+

Member Function Documentation

@@ -174,7 +177,7 @@ Public Member Functions -

Implemented in theo::obf::reloc_transform_pass_t, theo::obf::next_inst_pass_t, and theo::obf::jcc_rewrite_pass_t.

+

Implemented in theo::obf::reloc_transform_pass_t, theo::obf::next_inst_pass_t, theo::obf::jcc_rewrite_pass_t, and theo::obf::hello_world_pass_t.

@@ -203,7 +206,8 @@ Public Member Functions

gets the passes symbol type.

Returns
the passes symbol type.
- +
76 { return m_sym_type; }
+
The documentation for this class was generated from the following file: