andmuchmore Posted June 12, 2020 Posted June 12, 2020 Hey guys, I am just learning the Mono.Cecil and trying to write a simple string decrypter / junk code remover and I have a couple of questions. The methods that are added from the obfuscator are duplicated. Loop through the modules and remove the junk I only remove the junk from one instance. My first question how would I go about updating the token of the other methods to be the method with the junk code removed or what is the best practise for fixing this? The other question is what is the best way to loop through and remove IL code from a binary. I am currently using NOP to remove the junk code (Line 98-106) but when I use mDef.Body.Instructions.Remove(mDef.Body.Instructions) it get errors as it doesn't seem to remove all the code. I am not sure if using a for loop and using instruction.Count is the problem. What is the best way to handle this? I probably need a better understanding of how .NET binaries work but any help would be greatly appreciated. Attached is an unpackme sample and my string decrypter source . Thanks deob.cs UnpackMeSimple.zip
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now