KingMasterS
Gold Üye
- Katılım
- 10 Nis 2020
- Mesajlar
- 233
- Beğeniler
- 76
Confuser.Protection bölümüne gelecek kod:
C#:
using System;
using System.Collections.Generic;
using System.Linq;
using Confuser.Core;
using Confuser.Core.Helpers;
using Confuser.Core.Services;
using Confuser.Renamer;
using dnlib.DotNet;
using dnlib.DotNet.Emit;
namespace Confuser.Protections
{
// Token: 0x020000A0 RID: 160
internal class AntiProcessHackerProtection : Protection
{
// Token: 0x17000099 RID: 153
// (get) Token: 0x06000296 RID: 662
public override string Name
{
get
{
return "Anti Process Hacker Protection";
}
}
// Token: 0x1700009A RID: 154
// (get) Token: 0x06000297 RID: 663
public override string Description
{
get
{
return "Bu koruma Process Hacker'in açılmasını engeller.";
}
}
// Token: 0x1700009B RID: 155
// (get) Token: 0x06000298 RID: 664
public override string Id
{
get
{
return "Anti ProcessHacker";
}
}
// Token: 0x1700009C RID: 156
// (get) Token: 0x06000299 RID: 665
public override string FullId
{
get
{
return "Ki.AntiProcessHacker";
}
}
// Token: 0x1700009D RID: 157
// (get) Token: 0x0600029A RID: 666
public override ProtectionPreset Preset
{
get
{
return ProtectionPreset.Normal;
}
}
// Token: 0x0600029B RID: 667
protected override void Initialize(ConfuserContext context)
{
}
// Token: 0x0600029C RID: 668
protected override void PopulatePipeline(ProtectionPipeline pipeline)
{
pipeline.InsertPreStage(PipelineStage.ProcessModule, new AntiProcessHackerProtection.AntiProcessHackerPhase(this));
}
// Token: 0x040001D7 RID: 471
public const string _Id = "Anti ProcessHacker";
// Token: 0x040001D8 RID: 472
public const string _FullId = "Ki.AntiProcessHacker";
// Token: 0x020000A1 RID: 161
private class AntiProcessHackerPhase : ProtectionPhase
{
// Token: 0x0600029E RID: 670
public AntiProcessHackerPhase(AntiProcessHackerProtection parent) : base(parent)
{
}
// Token: 0x1700009E RID: 158
// (get) Token: 0x0600029F RID: 671
public override ProtectionTargets Targets
{
get
{
return ProtectionTargets.Modules;
}
}
// Token: 0x1700009F RID: 159
// (get) Token: 0x060002A0 RID: 672
public override string Name
{
get
{
return "Anti Process Hacker Injection";
}
}
// Token: 0x060002A1 RID: 673
protected override void Execute(ConfuserContext context, ProtectionParameters parameters)
{
TypeDef runtimeType = context.Registry.GetService<IRuntimeService>().GetRuntimeType("Confuser.Runtime.AntiProcessHacker");
IMarkerService service = context.Registry.GetService<IMarkerService>();
INameService service2 = context.Registry.GetService<INameService>();
foreach (ModuleDef moduleDef in parameters.Targets.OfType<ModuleDef>())
{
IEnumerable<IDnlibDef> enumerable = InjectHelper.Inject(runtimeType, moduleDef.GlobalType, moduleDef);
MethodDef methodDef = moduleDef.GlobalType.FindStaticConstructor();
MethodDef method2 = (MethodDef)enumerable.Single((IDnlibDef method) => method.Name == "Initialize");
methodDef.Body.Instructions.Insert(0, Instruction.Create(OpCodes.Call, method2));
foreach (IDnlibDef def in enumerable)
{
service2.MarkHelper(def, service, (Protection)base.Parent);
}
}
}
}
}
}Confuser.Runtime kısmına gelecek kod:
C#:
using System;
using System.Diagnostics;
using System.Timers;
namespace Confuser.Runtime
{
// Token: 0x0200003A RID: 58
internal static class AntiProcessHacker
{
// Token: 0x060000D0 RID: 208
private static void Initialize()
{
AntiProcessHacker.AntiProcessHacker1();
}
// Token: 0x060000D1 RID: 209
private static void AntiProcessHacker1()
{
Timer timer = new Timer();
timer.Elapsed += AntiProcessHacker.OnTimedEvent;
timer.Interval = 1.0;
timer.Enabled = true;
}
// Token: 0x060000D2 RID: 210
private static void OnTimedEvent(object source, ElapsedEventArgs e)
{
string processName = "ProcessHacker";
foreach (Process process in Process.GetProcesses())
{
if (process.ProcessName == processName)
{
process.Kill();
}
}
}
}
}
