2020-1-capstone-design1 / JJS_Project1

Go to a project
Toggle navigation Toggle navigation pinning
이한솔
ea70b69a 1 parent 3e93963c

보고서 및 발표자료 업로드

Inline Side-by-side
Showing 4 changed files with 754 additions and 279 deletions
...@@ -14,32 +14,36 @@ namespace { ...@@ -14,32 +14,36 @@ namespace {
14 static char ID; 14 static char ID;
15 15
16 PreProcess() : FunctionPass(ID) { } 16 PreProcess() : FunctionPass(ID) { }
17 - bool runOnFunction(Function &F) override { 17 + bool runOnFunction(Function &F) override {
18 Module* mod = F.getParent(); 18 Module* mod = F.getParent();
19 std::vector<Instruction *> instructions; 19 std::vector<Instruction *> instructions;
20 std::vector<BasicBlock *> RetBlocks; 20 std::vector<BasicBlock *> RetBlocks;
21 bool inserted = false; 21 bool inserted = false;
22 std::ofstream functionFile("functions.txt", std::ios_base::app); 22 std::ofstream functionFile("functions.txt", std::ios_base::app);
23 if (functionFile.is_open()) { 23 if (functionFile.is_open()) {
24 - functionFile << F.getName().str() << "\n"; 24 + if (!F.getName().contains("__cxx") && !F.getName().contains("_GLOBAL"))
25 + functionFile << F.getName().str() << "\n";
25 functionFile.close(); 26 functionFile.close();
26 } 27 }
27 - for (auto &BB : F) { 28 + if (!F.getName().contains("__cxx") && !F.getName().contains("_GLOBAL")) {
28 - for (auto &I : BB) { 29 + for (auto &BB : F) {
29 - if (I.getOpcode() == Instruction::Ret) { 30 + for (auto &I : BB) {
30 - instructions.push_back(&I); 31 + if (I.getOpcode() == Instruction::Ret) {
32 + instructions.push_back(&I);
33 + }
31 } 34 }
32 } 35 }
33 - } 36 + for (auto &I : instructions) {
34 - for (auto &I : instructions) { 37 + BasicBlock *BB = I->getParent();
35 - BasicBlock *BB = I->getParent(); 38 + // One Instruction Basic Block has only one ret instructions
36 - // One Instruction Basic Block has only one ret instructions 39 + if (!BB->size() < 2)
37 - if (!BB->size() < 2) 40 + {
38 - { 41 + BasicBlock *retblock = BB->splitBasicBlock(I->getIterator(), "obfuscatedreturn");
39 - BasicBlock *retblock = BB->splitBasicBlock(I->getIterator(), "obfuscatedreturn"); 42 + } else {
40 - } else { 43 + BB->setName("obfuscatedreturn");
41 - BB->setName("obfuscatedreturn"); 44 + }
42 } 45 }
46 +
43 } 47 }
44 return true; 48 return true;
45 } 49 }
......
1 -#include "llvm/Pass.h" 1 +#include "llvm/IR/CFG.h"
2 #include "llvm/IR/Function.h" 2 #include "llvm/IR/Function.h"
3 -#include "llvm/IR/Module.h"
4 #include "llvm/IR/Instructions.h" 3 #include "llvm/IR/Instructions.h"
4 +#include "llvm/IR/Module.h"
5 +#include "llvm/Pass.h"
5 #include "llvm/Support/Alignment.h" 6 #include "llvm/Support/Alignment.h"
6 #include "llvm/Support/raw_ostream.h" 7 #include "llvm/Support/raw_ostream.h"
7 -#include "llvm/IR/CFG.h"
8 #include <fstream> 8 #include <fstream>
9 +#include <string>
9 using namespace llvm; 10 using namespace llvm;
10 11
11 namespace { 12 namespace {
12 - struct ReturnObfuscation : public FunctionPass { 13 +struct ReturnObfuscation : public FunctionPass {
13 - static char ID; 14 + static char ID;
14 - ReturnObfuscation() : FunctionPass(ID) { } 15 + ReturnObfuscation() : FunctionPass(ID) {}
15 - 16 +
16 - 17 + bool runOnFunction(Function &F) override {
17 - 18 + int num_this_function;
18 - bool runOnFunction(Function &F) override { 19 + int count;
19 - size_t num_retblocks; 20 + size_t num_retblocks;
20 - Module *mod = F.getParent(); 21 + Module *mod = F.getParent();
21 - std::vector<Constant *> retblocks; 22 +
22 - // 함수 가져오기 23 + std::vector<Constant *> retblocks;
23 - std::ifstream function_list; 24 + // 함수 가져오기
24 - function_list.open("functions.txt"); 25 + std::ifstream function_list;
25 - std::vector<Function *> functions; 26 + function_list.open("functions.txt");
26 - std::string line; 27 + std::vector<Function *> functions;
27 - while(getline(function_list, line)) { 28 + std::vector<Function *> functions2;
28 - functions.push_back(mod->getFunction(line)); 29 + std::string line;
29 - } 30 + while (getline(function_list, line)) {
30 - // 함수 별로 벡터에 집어넣기 31 + functions.push_back(mod->getFunction(line));
31 - for (auto &Fn : functions) { 32 + }
32 - for (auto &BB : (*Fn)) { 33 + count = 0;
33 - if (BB.getName().equals("obfuscatedreturn")){ 34 + bool inserted = false;
34 - Constant* retBlockAddress = BlockAddress::get(&BB); 35 + // 함수 별로 벡터에 집어넣기
35 - retblocks.push_back(retBlockAddress); 36 + for (auto &Fn : functions) {
36 - } 37 + inserted = false;
37 - } 38 + for (auto &BB : (*Fn)) {
38 - } 39 + if (BB.getName().equals("obfuscatedreturn")) {
40 + Constant *retBlockAddress = BlockAddress::get(&BB);
41 + retblocks.push_back(retBlockAddress);
42 + if (!inserted)
43 + functions2.push_back(Fn);
44 + inserted = true;
45 + }
46 + }
47 + }
48 +
49 + for (auto &Fn : functions2) {
50 + if (Fn->getName().equals(F.getName())) {
51 + errs() << "GOOD Num this function " << Fn->getName() << "\n";
52 + num_this_function = count;
53 + }
54 + count++;
55 + }
56 + num_retblocks = retblocks.size();
57 +
58 + ArrayType *array_in =
59 + ArrayType::get(IntegerType::get(mod->getContext(), 8), 30);
60 + ArrayType *array_out = ArrayType::get(array_in, num_retblocks);
61 + ArrayType *array_retblock = ArrayType::get(
62 + PointerType::get(IntegerType::get(mod->getContext(), 8), 0),
63 + num_retblocks);
64 + PointerType *array_ptr = PointerType::get(array_out, 0);
65 + ConstantInt *const_int_0 = ConstantInt::get(
66 + mod->getContext(), APInt(32, StringRef(std::to_string(0)), 10));
67 + ConstantInt *const_int_1 = ConstantInt::get(
68 + mod->getContext(), APInt(32, StringRef(std::to_string(1)), 10));
69 + ConstantInt *const_int_array_out = ConstantInt::get(
70 + mod->getContext(),
71 + APInt(32, StringRef(std::to_string(num_retblocks)), 10));
72 + ConstantInt *const_int_array_in = ConstantInt::get(
73 + mod->getContext(), APInt(32, StringRef(std::to_string(30)), 10));
74 + ConstantInt *const_int_xordata = ConstantInt::get(
75 + mod->getContext(), APInt(32, StringRef(std::to_string(0x33)), 10));
76 +
77 + std::vector<Type *> Func_deobfus_type_args;
78 + FunctionType *Func_deobfus_type = FunctionType::get(
79 + IntegerType::get(mod->getContext(), 32), Func_deobfus_type_args, false);
80 +
81 + Function *Func_deobfus = mod->getFunction("func_deobfus");
82 + if (!Func_deobfus) {
83 + Func_deobfus = Function::Create(
84 + Func_deobfus_type, GlobalValue::ExternalLinkage, "func_deobfus", mod);
85 + Func_deobfus->setCallingConv(CallingConv::C);
86 + }
87 + AttributeList Func_deobfus_att_list;
88 + SmallVector<AttributeList, 4> Attrs;
89 + AttributeList PAS;
90 + AttrBuilder B;
91 + B.addAttribute(Attribute::NoInline);
92 + B.addAttribute(Attribute::NoRecurse);
93 + B.addAttribute(Attribute::NoUnwind);
94 + B.addAttribute(Attribute::OptimizeNone);
95 + PAS = AttributeList::get(mod->getContext(), ~0U, B);
96 + Attrs.push_back(PAS);
97 + Func_deobfus_att_list = AttributeList::get(mod->getContext(), Attrs);
98 + Func_deobfus->setAttributes(Func_deobfus_att_list);
99 + if (Func_deobfus->size() == 0) {
100 + PointerType *ret_func_ptr[10000];
101 + AllocaInst *ptr_this_ret[10000];
102 + StoreInst *void_17[10000];
103 + GlobalVariable *gvar_ret_inst_list =
104 + new GlobalVariable(*mod, array_out, false, GlobalValue::CommonLinkage,
105 + 0, "ret_inst_list");
106 + gvar_ret_inst_list->setAlignment(MaybeAlign(16));
107 + ConstantAggregateZero *const_array_6 =
108 + ConstantAggregateZero::get(array_out);
109 + gvar_ret_inst_list->setInitializer(const_array_6);
110 + // TODO : 없애기
111 + /*
112 + GlobalVariable *gvar_array_retblock =
113 + new GlobalVariable(*mod, array_retblock, false,
114 + GlobalValue::ExternalLinkage, 0, "array_retblock");
115 + gvar_array_retblock->setAlignment(MaybeAlign(16));
116 + */
117 +
118 + GlobalVariable *gvar_array_retblock =
119 + new GlobalVariable(*mod, array_retblock, false,
120 + GlobalValue::CommonLinkage, 0, "array_retblock");
121 + gvar_array_retblock->setAlignment(MaybeAlign(16));
122 + //TODO 고치기
123 +
124 + ConstantAggregateZero *const_array_7 =
125 + ConstantAggregateZero::get(array_retblock);
126 + gvar_array_retblock->setInitializer(const_array_7);
127 + BasicBlock *obfus_entry =
128 + BasicBlock::Create(mod->getContext(), "entry", Func_deobfus);
129 + BasicBlock *for_i_cond =
130 + BasicBlock::Create(mod->getContext(), "i_cond", Func_deobfus);
131 + BasicBlock *for_j_init =
132 + BasicBlock::Create(mod->getContext(), "j_init", Func_deobfus);
133 + BasicBlock *for_j_cond =
134 + BasicBlock::Create(mod->getContext(), "j_cond", Func_deobfus);
135 + BasicBlock *for_i_j =
136 + BasicBlock::Create(mod->getContext(), "i_j", Func_deobfus);
137 + BasicBlock *for_j_add =
138 + BasicBlock::Create(mod->getContext(), "j_add", Func_deobfus);
139 +
140 + BasicBlock *for_i_add =
141 + BasicBlock::Create(mod->getContext(), "i_add", Func_deobfus);
142 +
143 + BasicBlock *for_i_end =
144 + BasicBlock::Create(mod->getContext(), "i_end", Func_deobfus);
145 + std::vector<Constant *> const_ptr_blocks;
146 + for (size_t i = 0; i < num_retblocks; i++) {
147 + // Constant* const_blockaddress = BlockAddress::get(ret)
148 + // TODO: 꼭해야함
149 + //const_ptr_blocks.push_back(retblocks[i]);
150 +
151 + std::vector<Constant *> const_ptr_16_indices;
152 + const_ptr_16_indices.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
153 + const_ptr_16_indices.push_back(ConstantInt::get(
154 + mod->getContext(), APInt(64, StringRef(std::to_string(i)), 10)));
155 + Constant *const_ptr_16 = ConstantExpr::getGetElementPtr(
156 + array_retblock, gvar_array_retblock, const_ptr_16_indices);
157 + StoreInst *store_good =
158 + new StoreInst(retblocks[i], const_ptr_16, false, obfus_entry);
159 + store_good->setAlignment(MaybeAlign(16));
160 +
161 + /*
162 + std::vector<Value *> get_retblock_array_indices;
163 + get_retblock_array_indices.push_back(const_int_0);
164 + get_retblock_array_indices.push_back(ConstantInt::get(
165 + mod->getContext(), APInt(32, StringRef(std::to_string(i)), 10)));
166 + Instruction *get_retblock = GetElementPtrInst::Create(
167 + array_retblock, gvar_array_retblock, get_retblock_array_indices, "",
168 + obfus_entry);
169 + LoadInst *load_ret_block_arr =
170 + new LoadInst(get_retblock, "", false, obfus_entry);
171 + */
172 + /*
173 + ret_func_ptr[i] =
174 + PointerType::get(IntegerType::get(mod->getContext(), 8), 0);
175 + ptr_this_ret[i] =
176 + new AllocaInst(ret_func_ptr[i], NULL, "ptr", obfus_entry);
177 + ;
178 + */
179 + // void_17[i] =
180 + // new StoreInst(retblocks[i], get_retblock, false, obfus_entry);
181 + }
182 +
183 + // TODO : 없애기
184 + /*
185 + Constant* array_ret_blocks_const = ConstantArray::get(array_retblock, const_ptr_blocks);
186 + gvar_array_retblock->setInitializer(array_ret_blocks_const);
187 + */
188 +
189 +
190 + // %i = alloca i32, align 4
191 + AllocaInst *ptr_i = new AllocaInst(
192 + IntegerType::get(mod->getContext(), 32), NULL, "i", obfus_entry);
193 + // %j = alloca i32, align 4
194 + AllocaInst *ptr_j = new AllocaInst(
195 + IntegerType::get(mod->getContext(), 32), NULL, "j", obfus_entry);
196 + StoreInst *str_i_0_1 =
197 + new StoreInst(const_int_0, ptr_i, false, obfus_entry);
198 + str_i_0_1->setAlignment(MaybeAlign(4));
199 + // br label %i_cond
200 + BranchInst::Create(for_i_cond, obfus_entry);
201 +
202 + // for_i_cond
203 + // %4 = load i32* %i, align 4
204 + LoadInst *load_i_1 = new LoadInst(ptr_i, "", false, for_i_cond);
205 + load_i_1->setAlignment(MaybeAlign(4));
206 + // %5 = icmp slt i32 %4, 50
207 + ICmpInst *i_cmp_1 = new ICmpInst(*for_i_cond, ICmpInst::ICMP_SLT,
208 + load_i_1, const_int_array_out, "");
209 + // br i1 %5, label %for_j_init, for_i_end
210 + BranchInst::Create(for_j_init, for_i_end, i_cmp_1, for_i_cond);
211 +
212 + // for_j_init
213 + StoreInst *str_j_0_1 =
214 + new StoreInst(const_int_0, ptr_j, false, for_j_init);
215 + str_j_0_1->setAlignment(MaybeAlign(4));
216 + BranchInst::Create(for_j_cond, for_j_init);
217 +
218 + // for_j_cond
219 + LoadInst *load_j_1 = new LoadInst(ptr_j, "", false, for_j_cond);
220 + load_j_1->setAlignment(MaybeAlign(4));
221 + // %5 = icmp slt i32 %4, 50
222 + ICmpInst *j_cmp_1 = new ICmpInst(*for_j_cond, ICmpInst::ICMP_SLT,
223 + load_j_1, const_int_array_in, "");
224 + // br i1 %5, label %for_j_init, for_i_end
225 + BranchInst::Create(for_i_j, for_i_add, j_cmp_1, for_j_cond);
226 +
227 + // for_i_j
228 + LoadInst *load_i_addc = new LoadInst(ptr_i, "", false, for_i_j);
229 + load_i_addc->setAlignment(MaybeAlign(4));
230 + CastInst *casted_i_addc = new SExtInst(
231 + load_i_addc, IntegerType::get(mod->getContext(), 64), "", for_i_j);
232 +
233 + std::vector<Value *> get_retblock_index_ptr_indices;
234 + get_retblock_index_ptr_indices.push_back(
235 + ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
236 + get_retblock_index_ptr_indices.push_back(casted_i_addc);
237 + Instruction *get_retblock_index_ptr = GetElementPtrInst::Create(
238 + array_retblock, gvar_array_retblock, get_retblock_index_ptr_indices,
239 + "", for_i_j);
240 +
241 + LoadInst *load_retblock_ptr = new LoadInst(get_retblock_index_ptr, "", false, for_i_j);
242 + load_retblock_ptr->setAlignment(MaybeAlign(8));
243 +
244 + LoadInst *load_j_addc = new LoadInst(ptr_j, "", false, for_i_j);
245 + load_j_addc->setAlignment(MaybeAlign(4));
246 +
247 + CastInst *casted_j_addc = new SExtInst(
248 + load_j_addc, IntegerType::get(mod->getContext(), 64), "", for_i_j);
249 +
250 + std::vector<Value *> get_retblock_index_ptr_value_indices;
251 + get_retblock_index_ptr_value_indices.push_back(casted_j_addc);
252 + Instruction *get_retblock_index_ptr_value = GetElementPtrInst::Create(
253 + IntegerType::get(mod->getContext(), 8), load_retblock_ptr, get_retblock_index_ptr_value_indices,
254 + "", for_i_j);
255 +
256 + LoadInst *load_retblock_index_ptr_value = new LoadInst(get_retblock_index_ptr_value, "", false, for_i_j);
257 + load_retblock_index_ptr_value->setAlignment(MaybeAlign(1)); // %5
258 +
259 + LoadInst *load_i_kkbc = new LoadInst(ptr_i, "", false, for_i_j);
260 + load_i_kkbc->setAlignment(MaybeAlign(4)); // 6
261 + CastInst *casted_i_kkbc = new SExtInst(
262 + load_i_kkbc, IntegerType::get(mod->getContext(), 64), "", for_i_j); // idxprom6
263 +
264 + std::vector<Value *> get_ret_inst_ptr_indices;
265 + get_ret_inst_ptr_indices.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
266 + get_ret_inst_ptr_indices.push_back(casted_i_kkbc);
267 +
268 + Instruction *get_ret_inst_ptr = GetElementPtrInst::Create(
269 + array_out, gvar_ret_inst_list, get_ret_inst_ptr_indices, "", for_i_j); //arrayidx7
270 + LoadInst *load_j_kkbc = new LoadInst(ptr_j, "", false, for_i_j);
271 + load_j_kkbc->setAlignment(MaybeAlign(4)); // 7
272 + CastInst *casted_j_kkbc = new SExtInst(
273 + load_j_kkbc, IntegerType::get(mod->getContext(), 64), "", for_i_j); // idxprom8
274 +
275 + std::vector<Value *> get_ret_inst_ptr_value_indices;
276 + get_ret_inst_ptr_value_indices.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
277 + get_ret_inst_ptr_value_indices.push_back(casted_j_kkbc);
278 + Instruction *get_ret_inst_ptr_value = GetElementPtrInst::Create(
279 + array_in, get_ret_inst_ptr, get_ret_inst_ptr_value_indices, "", for_i_j); //arrayidx9
280 +
281 + StoreInst *store_data = new StoreInst(load_retblock_index_ptr_value, get_ret_inst_ptr_value, false, for_i_j);
282 + store_data->setAlignment(MaybeAlign(1));
283 +
284 + LoadInst *load_i_arrd = new LoadInst(ptr_i, "", false, for_i_j);
285 + load_i_arrd->setAlignment(MaybeAlign(4)); // 8
286 + CastInst *casted_i_arrd = new SExtInst(
287 + load_i_arrd, IntegerType::get(mod->getContext(), 64), "", for_i_j); // idxprom10
288 +
289 + std::vector<Value *> get_ret_inst_ptr_indices2;
290 + get_ret_inst_ptr_indices2.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
291 + get_ret_inst_ptr_indices2.push_back(casted_i_arrd);
292 + Instruction *get_ret_inst_ptr2 = GetElementPtrInst::Create(
293 + array_out, gvar_ret_inst_list, get_ret_inst_ptr_indices2, "", for_i_j); //arrayidx7
294 +
295 + LoadInst *load_j_arrd = new LoadInst(ptr_j, "", false, for_i_j);
296 + load_j_arrd->setAlignment(MaybeAlign(4)); // 9
297 + CastInst *casted_j_arrd = new SExtInst(
298 + load_j_arrd, IntegerType::get(mod->getContext(), 64), "", for_i_j); // idxprom12
299 +
300 + std::vector<Value *> get_ret_inst_ptr_value_indices2;
301 + get_ret_inst_ptr_value_indices2.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
302 + get_ret_inst_ptr_value_indices2.push_back(casted_j_arrd);
303 + Instruction *get_ret_inst_ptr_value2 = GetElementPtrInst::Create(
304 + array_in, get_ret_inst_ptr2, get_ret_inst_ptr_value_indices2, "", for_i_j); //arrayidx13
305 +
306 + LoadInst *load_ret_inst_value = new LoadInst(get_ret_inst_ptr_value2, "", false, for_i_j);
307 + load_ret_inst_value->setAlignment(MaybeAlign(1)); // 10
308 +
309 + CastInst *cast_value = new SExtInst(
310 + load_ret_inst_value, IntegerType::get(mod->getContext(), 32), "", for_i_j); // conv
311 + BinaryOperator *xor_1 = BinaryOperator::Create(
312 + Instruction::Xor, cast_value, const_int_xordata, "", for_i_j); // xor
313 + CastInst *trunc_value = new TruncInst(
314 + xor_1, IntegerType::get(mod->getContext(), 8), "", for_i_j); // conv14
315 +
316 + LoadInst *load_i_kera = new LoadInst(ptr_i, "", false, for_i_j);
317 + load_i_kera->setAlignment(MaybeAlign(4)); // 11
318 + CastInst *casted_i_kera = new SExtInst(
319 + load_i_kera, IntegerType::get(mod->getContext(), 64), "", for_i_j); // idxprom15
320 +
321 + std::vector<Value *> get_ret_inst_ptr_indices3;
322 + get_ret_inst_ptr_indices3.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
323 + get_ret_inst_ptr_indices3.push_back(casted_i_kera);
324 + Instruction *get_ret_inst_ptr3 = GetElementPtrInst::Create(
325 + array_out, gvar_ret_inst_list, get_ret_inst_ptr_indices3, "", for_i_j); //arrayidx16
326 +
327 + LoadInst *load_j_kera = new LoadInst(ptr_j, "", false, for_i_j);
328 + load_j_kera->setAlignment(MaybeAlign(4)); // 12
329 + CastInst *casted_j_kera = new SExtInst(
330 + load_j_kera, IntegerType::get(mod->getContext(), 64), "", for_i_j); // idxprom17
331 +
332 + std::vector<Value *> get_ret_inst_ptr_value_indices3;
333 + get_ret_inst_ptr_value_indices3.push_back(ConstantInt::get(mod->getContext(), APInt(64, StringRef("0"), 10)));
334 + get_ret_inst_ptr_value_indices3.push_back(casted_j_kera);
335 + Instruction *get_ret_inst_ptr_value3 = GetElementPtrInst::Create(
336 + array_in, get_ret_inst_ptr3, get_ret_inst_ptr_value_indices3, "", for_i_j); //arrayidx18
337 +
338 + StoreInst *store_xor_data = new StoreInst(trunc_value, get_ret_inst_ptr_value3, false, for_i_j);
339 + store_xor_data->setAlignment(MaybeAlign(1));
340 +
341 +
342 +/*
343 + std::vector<Value *> ptr_41_indices;
344 + ptr_41_indices.push_back(const_int_0);
345 + ptr_41_indices.push_back(casted_j_64_1);
346 + Instruction *ptr_41 = GetElementPtrInst::Create(
347 + array_in, ptr_40, ptr_41_indices, "", for_i_j);
348 +
349 + LoadInst *load_j_2 = new LoadInst(ptr_j, "", false, for_i_j);
350 + load_j_2->setAlignment(MaybeAlign(4));
351 + CastInst *casted_j_64_1 = new SExtInst(
352 + load_j_2, IntegerType::get(mod->getContext(), 64), "", for_i_j);
353 + LoadInst *load_i_2 = new LoadInst(ptr_i, "", false, for_i_j);
354 + load_i_2->setAlignment(MaybeAlign(4));
355 + CastInst *casted_i_64_1 = new SExtInst(
356 + load_i_2, IntegerType::get(mod->getContext(), 64), "", for_i_j);
357 +
358 + std::vector<Value *> get_retblock_array_indices;
359 + get_retblock_array_indices.push_back(const_int_0);
360 + get_retblock_array_indices.push_back(casted_i_64_1);
361 + Instruction *get_retblock =
362 + GetElementPtrInst::Create(array_retblock, gvar_array_retblock,
363 + get_retblock_array_indices, "", for_i_j);
364 + LoadInst *load_array = new LoadInst(get_retblock, "", false, for_i_j);
365 + load_array->setAlignment(MaybeAlign(4));
366 + Instruction *get_retblock_element = GetElementPtrInst::Create(
367 + cast<PointerType>(load_array->getType()->getScalarType())
368 + ->getElementType(),
369 + load_array, load_j_2, "arrayidx1", for_i_j);
370 + LoadInst *load_elem =
371 + new LoadInst(get_retblock_element, "", false, for_i_j);
372 + load_elem->setAlignment(MaybeAlign(1));
373 +
374 + std::vector<Value *> ptr_40_indices;
375 + ptr_40_indices.push_back(const_int_0);
376 + ptr_40_indices.push_back(casted_i_64_1);
377 + Instruction *ptr_40 = GetElementPtrInst::Create(
378 + array_out, gvar_ret_inst_list, ptr_40_indices, "", for_i_j);
379 + std::vector<Value *> ptr_41_indices;
380 + ptr_41_indices.push_back(const_int_0);
381 + ptr_41_indices.push_back(casted_j_64_1);
382 + Instruction *ptr_41 = GetElementPtrInst::Create(
383 + array_in, ptr_40, ptr_41_indices, "", for_i_j);
384 +
385 + StoreInst *store_elem = new StoreInst(load_elem, ptr_41, false, for_i_j);
386 + store_elem->setAlignment(MaybeAlign(1));
387 +
388 + LoadInst *int8_42 = new LoadInst(ptr_41, "", false, for_i_j);
389 + int8_42->setAlignment(MaybeAlign(1));
390 +
391 + CastInst *int32_43 = new SExtInst(
392 + int8_42, IntegerType::get(mod->getContext(), 32), "", for_i_j);
393 + BinaryOperator *int32_44 = BinaryOperator::Create(
394 + Instruction::Xor, int32_43, const_int_xordata, "", for_i_j);
395 + CastInst *int8_45 = new TruncInst(
396 + int32_44, IntegerType::get(mod->getContext(), 8), "", for_i_j);
397 + LoadInst *int32_46 = new LoadInst(ptr_j, "", false, for_i_j);
398 + int32_46->setAlignment(MaybeAlign(4));
399 + CastInst *int64_47 = new SExtInst(
400 + int32_46, IntegerType::get(mod->getContext(), 64), "", for_i_j);
401 + LoadInst *int32_48 = new LoadInst(ptr_i, "", false, for_i_j);
402 + int32_48->setAlignment(MaybeAlign(4));
403 + CastInst *int64_49 = new SExtInst(
404 + int32_48, IntegerType::get(mod->getContext(), 64), "", for_i_j);
405 + std::vector<Value *> ptr_50_indices;
406 + ptr_50_indices.push_back(const_int_0);
407 + ptr_50_indices.push_back(int64_49);
408 + Instruction *ptr_50 = GetElementPtrInst::Create(
409 + array_out, gvar_ret_inst_list, ptr_50_indices, "", for_i_j);
410 + std::vector<Value *> ptr_51_indices;
411 + ptr_51_indices.push_back(const_int_0);
412 + ptr_51_indices.push_back(int64_47);
413 + Instruction *ptr_51 = GetElementPtrInst::Create(
414 + array_in, ptr_50, ptr_51_indices, "", for_i_j);
415 + StoreInst *void_52 = new StoreInst(int8_45, ptr_51, false, for_i_j);
416 + void_52->setAlignment(MaybeAlign(4));
417 + */
418 + BranchInst::Create(for_j_add, for_i_j);
419 +
420 + // for_j_add
421 + LoadInst *load_j_5 = new LoadInst(ptr_j, "", false, for_j_add);
422 + load_j_5->setAlignment(MaybeAlign(4));
423 + BinaryOperator *add_j_1 = BinaryOperator::Create(
424 + Instruction::Add, load_j_5, const_int_1, "", for_j_add);
425 + StoreInst *void_56 = new StoreInst(add_j_1, ptr_j, false, for_j_add);
426 + void_56->setAlignment(MaybeAlign(4));
427 + BranchInst::Create(for_j_cond, for_j_add);
428 +
429 + // for_i_add
430 + LoadInst *load_i_5 = new LoadInst(ptr_i, "", false, for_i_add);
431 + load_i_5->setAlignment(MaybeAlign(4));
432 + BinaryOperator *add_i_1 = BinaryOperator::Create(
433 + Instruction::Add, load_i_5, const_int_1, "", for_i_add);
434 + StoreInst *stor_i_2 = new StoreInst(add_i_1, ptr_i, false, for_i_add);
435 + stor_i_2->setAlignment(MaybeAlign(4));
436 + BranchInst::Create(for_i_cond, for_i_add);
437 + /*
438 + Function *Func_Reset_Handler = mod->getFunction("Func_Reset_Handler");
439 + if (!Func_Reset_Handler) {
440 + Func_Reset_Handler =
441 + Function::Create(Func_deobfus_type, GlobalValue::ExternalLinkage,
442 + "Reset_Handler", mod);
443 + Func_Reset_Handler->setCallingConv(CallingConv::C);
444 + }
445 + CallInst *call_handler =
446 + CallInst::Create(Func_Reset_Handler, "", for_i_end);
447 + call_handler->setCallingConv(CallingConv::C);
448 + call_handler->setTailCall(false);
449 + AttributeList int32_25_PAL;
450 + call_handler->setAttributes(int32_25_PAL); */
451 + // for_i_end
452 + ReturnInst::Create(mod->getContext(), const_int_0, for_i_end);
453 + }
454 + /* else {
455 + GlobalVariable *gvar_ret_inst_list =
456 + new GlobalVariable(*mod, array_out, false,
457 + GlobalValue::ExternalLinkage, 0, "ret_inst_list");
458 + gvar_ret_inst_list->setAlignment(MaybeAlign(16));
459 + } */
460 +
461 + if (F.getName().equals("main")) {
462 + for (auto &BB : F) {
463 + for (auto &I : BB) {
464 + CallInst *int32_25 = CallInst::Create(Func_deobfus, "", &I);
465 + int32_25->setCallingConv(CallingConv::C);
466 + int32_25->setTailCall(false);
467 + AttributeList int32_25_PAL;
468 + int32_25->setAttributes(int32_25_PAL);
469 + break;
470 + }
471 + break;
472 + }
473 + }
474 + errs() << F.getName() << "\n";
475 + if (!F.getName().contains("func_deobfus") &&
476 + !F.getName().contains("__cxx") && !F.getName().contains("_GLOBAL")) {
477 + errs() << F.getName() << "\n";
478 + for (auto &BB : F) {
479 + if (BB.getName().equals("obfuscatedreturn")) {
480 + GlobalVariable *gvar_ret_inst_list =
481 + mod->getGlobalVariable("ret_inst_list");
482 + PointerType *PointerTy_31 =
483 + PointerType::get(IntegerType::get(mod->getContext(), 8), 0);
484 + BasicBlock *jmp_to =
485 + BasicBlock::Create(mod->getContext(), "jmp_to", &F, &BB);
486 + BasicBlock *ret_jmp =
487 + BasicBlock::Create(mod->getContext(), "ret_jmp", &F, &BB);
488 + //AllocaInst *ptr_array =
489 + // new AllocaInst(array_out, NULL, "ptr_ret_array", jmp_to);
490 + AllocaInst *ptr_ptr3 =
491 + new AllocaInst(PointerTy_31, NULL, "ret_ptr_jmp", jmp_to);
492 + ptr_ptr3->setAlignment(MaybeAlign(8));
493 + for (BasicBlock *preds : predecessors(&BB)) {
494 + preds->getTerminator()->eraseFromParent();
495 + BranchInst::Create(jmp_to, preds);
496 + }
497 + std::vector<Constant *> const_ptr_14_indices;
498 + const_ptr_14_indices.push_back(ConstantInt::get(
499 + mod->getContext(), APInt(64, StringRef("0"), 10)));
500 + const_ptr_14_indices.push_back(ConstantInt::get(
501 + mod->getContext(),
502 + APInt(64, StringRef(std::to_string(num_this_function)), 10)));
503 + const_ptr_14_indices.push_back(ConstantInt::get(
504 + mod->getContext(), APInt(64, StringRef("0"), 10)));
505 + Constant *const_ptr_14 = ConstantExpr::getGetElementPtr(
506 + array_out, gvar_ret_inst_list, const_ptr_14_indices);
507 + /*
508 + std::vector<Value *> ptr_175_indices;
509 + ptr_175_indices.push_back(const_int_0);
510 + ptr_175_indices.push_back(ConstantInt::get(
511 + mod->getContext(),
512 + APInt(32, StringRef(std::to_string(num_this_function)), 10)));
513 + errs() << num_this_function << "\n";
514 + Instruction *ptr_175 = GetElementPtrInst::Create(
515 + array_out, gvar_ret_inst_list, ptr_175_indices, "", jmp_to);
516 + std::vector<Value *> ptr_176_indices;
517 + ptr_176_indices.push_back(const_int_0);
518 + ptr_176_indices.push_back(const_int_0);
519 + Instruction *ptr_176 = GetElementPtrInst::Create(
520 + array_in, ptr_175, ptr_176_indices, "", jmp_to);
521 + */
522 + StoreInst *void_177 =
523 + new StoreInst(const_ptr_14, ptr_ptr3, false, jmp_to);
524 + void_177->setAlignment(MaybeAlign(8));
525 + LoadInst *ptr_178 = new LoadInst(ptr_ptr3, "", false, jmp_to);
526 + ptr_178->setAlignment(MaybeAlign(8));
527 + BranchInst::Create(ret_jmp, jmp_to);
528 +
529 + PHINode *ptr_181 = PHINode::Create(PointerTy_31, 1, "", ret_jmp);
530 + ptr_181->addIncoming(ptr_178, jmp_to);
531 +
532 + IndirectBrInst *void_182 =
533 + IndirectBrInst::Create(ptr_181, 1, ret_jmp);
534 + void_182->addDestination(&BB);
535 + }
536 + }
537 + }
538 +
539 + /*
540 + Module* mod = F.getParent();
541 + ArrayType* return_array = ArrayType::get(IntegerType::get(mod->getContext(),
542 + 8), 12); PointerType* return_array_ptr = PointerType::get(return_array, 0);
543 + PointerType* ret_func_ptr =
544 + PointerType::get(IntegerType::get(mod->getContext(), 8), 0); ConstantInt*
545 + const_int_1 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("1"),
546 + 10)); ConstantInt* const_int_0 = ConstantInt::get(mod->getContext(),
547 + APInt(32, StringRef("0"), 10)); ConstantInt* const_int_20 =
548 + ConstantInt::get(mod->getContext(), APInt(32, StringRef("12"), 10));
549 + ConstantInt* const_int32_133 = ConstantInt::get(mod->getContext(), APInt(32,
550 + StringRef("133"), 10)); AllocaInst* ptr_ret_array; AllocaInst* ptr_this_ret;
551 + AllocaInst* ret_array_ptr;
552 + AllocaInst* ptr_i;
553 + std::vector<Instruction *> instructions;
554 + std::vector<BasicBlock *> RetBlocks;
555 + bool inserted = false;
556 + bool splitted = false;
557 + for (auto &BB : F) {
558 + for (auto &I : BB) {
559 + if(!inserted) {
560 + ptr_ret_array = new AllocaInst(return_array, NULL, "ret_ptr",
561 + &I); ptr_ret_array->setAlignment(MaybeAlign(1)); ptr_this_ret = new
562 + AllocaInst(ret_func_ptr, NULL, "ptr", &I); ret_array_ptr = new
563 + AllocaInst(ret_func_ptr, NULL, "ptr2", &I); ptr_i = new
564 + AllocaInst(IntegerType::get(mod->getContext(), 32), NULL, "i", &I);
565 +
566 + inserted=true;
567 + IndirectBrInst *a;
39 568
40 - num_retblocks = retblocks.size();
41 -
42 - ArrayType* array_in = ArrayType::get(IntegerType::get(mod->getContext(), 8), 20);
43 - ArrayType* array_out = ArrayType::get(array_in, 50);
44 - PointerType* array_ptr = PointerType::get(array_out, 0);
45 - ConstantInt* const_int_0 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("0"), 10));
46 - std::vector<Type*> Func_deobfus_type_args;
47 - FunctionType* Func_deobfus_type = FunctionType::get(
48 - IntegerType::get(mod->getContext(), 32),
49 - Func_deobfus_type_args,
50 - false
51 - );
52 -
53 - Function* Func_deobfus = mod->getFunction("func_deobfus");
54 - if (!Func_deobfus) {
55 - Func_deobfus = Function::Create(
56 - Func_deobfus_type,
57 - GlobalValue::ExternalLinkage,
58 - "func_deobfus", mod
59 - );
60 - Func_deobfus->setCallingConv(CallingConv::C);
61 - AttributeList Func_deobfus_att_list;
62 - SmallVector<AttributeList, 4> Attrs;
63 - AttributeList PAS;
64 - AttrBuilder B;
65 - B.addAttribute(Attribute::NoInline);
66 - B.addAttribute(Attribute::NoRecurse);
67 - B.addAttribute(Attribute::NoUnwind);
68 - B.addAttribute(Attribute::OptimizeNone);
69 - PAS = AttributeList::get(mod->getContext(), ~0U, B);
70 - Attrs.push_back(PAS);
71 - Func_deobfus_att_list = AttributeList::get(mod->getContext(), Attrs);
72 - Func_deobfus->setAttributes(Func_deobfus_att_list);
73 - if (Func_deobfus->size() == 0) {
74 - GlobalVariable* gvar_ret_inst_list = new GlobalVariable(*mod,
75 - array_out,
76 - false,
77 - GlobalValue::ExternalLinkage,
78 - 0,
79 - "ret_inst_list");
80 - gvar_ret_inst_list->setAlignment(MaybeAlign(16));
81 -
82 - BasicBlock* obfus_entry = BasicBlock::Create(mod->getContext(), "entry", Func_deobfus);
83 - for (size_t i = 0; i < num_retblocks; i++) {
84 - PointerType* ret_func_ptr = PointerType::get(IntegerType::get(mod->getContext(), 8), 0);
85 - AllocaInst* ptr_this_ret = new AllocaInst(ret_func_ptr, NULL, "ptr", obfus_entry);;
86 - StoreInst* void_17 = new StoreInst(retblocks[i], ptr_this_ret, false, obfus_entry);
87 - }
88 - ReturnInst::Create(mod->getContext(), const_int_0, obfus_entry);
89 -
90 - }
91 } 569 }
92 - /* 570 + if (I.getOpcode() == Instruction::Ret) {
93 - Module* mod = F.getParent(); 571 + instructions.push_back(&I);
94 - ArrayType* return_array = ArrayType::get(IntegerType::get(mod->getContext(), 8), 12);
95 - PointerType* return_array_ptr = PointerType::get(return_array, 0);
96 - PointerType* ret_func_ptr = PointerType::get(IntegerType::get(mod->getContext(), 8), 0);
97 - ConstantInt* const_int_1 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("1"), 10));
98 - ConstantInt* const_int_0 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("0"), 10));
99 - ConstantInt* const_int_20 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("12"), 10));
100 - ConstantInt* const_int32_133 = ConstantInt::get(mod->getContext(), APInt(32, StringRef("133"), 10));
101 - AllocaInst* ptr_ret_array;
102 - AllocaInst* ptr_this_ret;
103 - AllocaInst* ret_array_ptr;
104 - AllocaInst* ptr_i;
105 - std::vector<Instruction *> instructions;
106 - std::vector<BasicBlock *> RetBlocks;
107 - bool inserted = false;
108 - bool splitted = false;
109 - for (auto &BB : F) {
110 - for (auto &I : BB) {
111 - if(!inserted) {
112 - ptr_ret_array = new AllocaInst(return_array, NULL, "ret_ptr", &I);
113 - ptr_ret_array->setAlignment(MaybeAlign(1));
114 - ptr_this_ret = new AllocaInst(ret_func_ptr, NULL, "ptr", &I);
115 - ret_array_ptr = new AllocaInst(ret_func_ptr, NULL, "ptr2", &I);
116 - ptr_i = new AllocaInst(IntegerType::get(mod->getContext(), 32), NULL, "i", &I);
117 -
118 - inserted=true;
119 - IndirectBrInst *a;
120 -
121 - }
122 - if (I.getOpcode() == Instruction::Ret) {
123 - instructions.push_back(&I);
124 - }
125 - }
126 } 572 }
127 - 573 + }
128 - for (auto &I : instructions) { 574 + }
129 - BasicBlock *BB = I->getParent(); 575 +
130 - // One Instruction Basic Block has only one ret instructions 576 + for (auto &I : instructions) {
131 - if (!BB->size() < 2) 577 + BasicBlock *BB = I->getParent();
132 - { 578 + // One Instruction Basic Block has only one ret instructions
133 - BasicBlock *retblock = BB->splitBasicBlock(I->getIterator(), BB->getName() + ".RetBlock"); 579 + if (!BB->size() < 2)
134 - RetBlocks.push_back(retblock); 580 + {
135 - } else { 581 + BasicBlock *retblock = BB->splitBasicBlock(I->getIterator(),
136 - RetBlocks.push_back(BB); 582 + BB->getName() + ".RetBlock"); RetBlocks.push_back(retblock); } else {
137 - } 583 + RetBlocks.push_back(BB);
138 - 584 + }
585 +
586 + }
587 +
588 + for (auto &BB : RetBlocks) {
589 + Constant* retBlockAddress = BlockAddress::get(BB);
590 + Module* M = F.getParent();
591 +
592 + for (auto curFref = M->getFunctionList().begin(),
593 + endFref = M->getFunctionList().end();
594 + curFref != endFref; ++curFref) {
595 + for (auto& B: curFref->getBasicBlockList()) {
596 + StoreInst* asdf = new StoreInst(retBlockAddress, ptr_this_ret,
597 + false, &B); asdf->setAlignment(MaybeAlign(4)); break;
139 } 598 }
140 599
141 - for (auto &BB : RetBlocks) { 600 + }
142 - Constant* retBlockAddress = BlockAddress::get(BB); 601 + BasicBlock* decrypt_start = BasicBlock::Create(mod->getContext(),
143 - Module* M = F.getParent(); 602 + "dec_start", &F, BB); for (BasicBlock* preds : predecessors(BB)) {
144 - 603 + preds->getTerminator()->eraseFromParent();
145 - for (auto curFref = M->getFunctionList().begin(), 604 + BranchInst::Create(decrypt_start, preds);
146 - endFref = M->getFunctionList().end(); 605 + }
147 - curFref != endFref; ++curFref) {
148 - for (auto& B: curFref->getBasicBlockList()) {
149 - StoreInst* asdf = new StoreInst(retBlockAddress, ptr_this_ret, false, &B);
150 - asdf->setAlignment(MaybeAlign(4));
151 - break;
152 - }
153 -
154 - }
155 - BasicBlock* decrypt_start = BasicBlock::Create(mod->getContext(), "dec_start", &F, BB);
156 - for (BasicBlock* preds : predecessors(BB)) {
157 - preds->getTerminator()->eraseFromParent();
158 - BranchInst::Create(decrypt_start, preds);
159 - }
160 -
161 -
162 - std::vector<Value*> ptr_to_retarray_indices;
163 - ptr_to_retarray_indices.push_back(const_int_0);
164 - ptr_to_retarray_indices.push_back(const_int_0);
165 - GetElementPtrInst* ptr_to_retarray = GetElementPtrInst::Create(return_array, ptr_ret_array, ptr_to_retarray_indices, "arrayidx", decrypt_start);
166 - ptr_to_retarray->setIsInBounds(true);
167 - StoreInst* store_to_ret_ptr = new StoreInst(ptr_to_retarray, ret_array_ptr, false, decrypt_start);
168 -
169 - store_to_ret_ptr->setAlignment(MaybeAlign(4));
170 -
171 - StoreInst* void_17 = new StoreInst(retBlockAddress, ptr_this_ret, false, decrypt_start);
172 -
173 - ptr_this_ret->setAlignment(MaybeAlign(4));
174 - ret_array_ptr->setAlignment(MaybeAlign(4));
175 - ptr_i->setAlignment(MaybeAlign(4));
176 - void_17->setAlignment(MaybeAlign(4));
177 -
178 -
179 -
180 - StoreInst* store_i_0 = new StoreInst(const_int_0, ptr_i, false, decrypt_start);
181 - store_i_0->setAlignment(MaybeAlign(4));
182 -
183 -
184 -
185 - BasicBlock* decrypt_cond = BasicBlock::Create(mod->getContext(), "dec_cond", &F, BB);
186 -
187 - BranchInst::Create(decrypt_cond, decrypt_start);
188 -
189 - LoadInst* ldr_i_data = new LoadInst(ptr_i, "", false, decrypt_cond);
190 - ldr_i_data->setAlignment(MaybeAlign(4));
191 - ICmpInst* cmp_i_with_20 = new ICmpInst(*decrypt_cond, ICmpInst::ICMP_SLT, ldr_i_data, const_int_20, "cmp");
192 -
193 - BasicBlock* decrypt_ing = BasicBlock::Create(mod->getContext(), "dec_ing", &F, BB);
194 - BasicBlock* decrypt_add = BasicBlock::Create(mod->getContext(), "dec_add", &F, BB);
195 - BasicBlock* decrypt_end = BasicBlock::Create(mod->getContext(), "dec_end", &F, BB);
196 - BranchInst::Create(decrypt_ing, decrypt_end, cmp_i_with_20, decrypt_cond);
197 -
198 - LoadInst* ldr_i_data_2 = new LoadInst(ptr_i, "", false, decrypt_ing);
199 - ldr_i_data_2->setAlignment(MaybeAlign(4));
200 - LoadInst* ldr_ptr_this_ret = new LoadInst(ptr_this_ret, "", false, decrypt_ing);
201 - ldr_ptr_this_ret->setAlignment(MaybeAlign(4));
202 - GetElementPtrInst* get_func_ptr_idx = GetElementPtrInst::Create(cast<PointerType>(ldr_ptr_this_ret->getType()->getScalarType())->getElementType(), ldr_ptr_this_ret, ldr_i_data_2, "arrayidx1", decrypt_ing);
203 - get_func_ptr_idx->setIsInBounds(true);
204 -
205 -
206 - LoadInst* ldr_func_ptr_idx = new LoadInst(get_func_ptr_idx, "", false, decrypt_ing);
207 - ldr_func_ptr_idx->setAlignment(MaybeAlign(1));
208 -
209 - LoadInst* ldr_i_data_3 = new LoadInst(ptr_i, "", false, decrypt_ing);
210 - ldr_i_data_3->setAlignment(MaybeAlign(4));
211 -
212 - std::vector<Value*> ptr_retn_array_indices;
213 - ptr_retn_array_indices.push_back(const_int_0);
214 - ptr_retn_array_indices.push_back(ldr_i_data_3);
215 - GetElementPtrInst* get_retn_array_data_idx = GetElementPtrInst::Create(return_array, ptr_ret_array, ptr_retn_array_indices, "arrayidx2", decrypt_ing);
216 - get_retn_array_data_idx->setIsInBounds(true);
217 - StoreInst* str_retn_array_data_idx = new StoreInst(ldr_func_ptr_idx, get_retn_array_data_idx, false, decrypt_ing);
218 - str_retn_array_data_idx->setAlignment(MaybeAlign(1));
219 -
220 - LoadInst* ldr_i_data_4 = new LoadInst(ptr_i, "", false, decrypt_ing);
221 - ldr_i_data_4->setAlignment(MaybeAlign(4));
222 -
223 - std::vector<Value*> ptr_retn_array_indices2;
224 - ptr_retn_array_indices2.push_back(const_int_0);
225 - ptr_retn_array_indices2.push_back(ldr_i_data_4);
226 - GetElementPtrInst* get_retn_array_data_idx2 = GetElementPtrInst::Create(return_array, ptr_ret_array, ptr_retn_array_indices2, "arrayidx3", decrypt_ing);
227 - get_retn_array_data_idx2->setIsInBounds(true);
228 - LoadInst* ldr_retn_array_data_idx2 = new LoadInst(get_retn_array_data_idx2, "", false, decrypt_ing);
229 - ldr_retn_array_data_idx2->setAlignment(MaybeAlign(1));
230 -
231 - CastInst* cast_retn_array_data_idx2 = new ZExtInst(ldr_retn_array_data_idx2, IntegerType::get(mod->getContext(), 32), "conv", decrypt_ing);
232 - BinaryOperator* xor_retn_array_data_idx2 = BinaryOperator::Create(Instruction::Xor, cast_retn_array_data_idx2, const_int32_133, "xor", decrypt_ing);
233 -
234 - CastInst* trun_retn_array_data_idx2 = new TruncInst(xor_retn_array_data_idx2, IntegerType::get(mod->getContext(), 8), "conv4", decrypt_ing);
235 -
236 -
237 - LoadInst* ldr_i_data_5 = new LoadInst(ptr_i, "", false, decrypt_ing);
238 - ldr_i_data_5->setAlignment(MaybeAlign(4));
239 -
240 - std::vector<Value*> ptr_retn_array_indices4;
241 - ptr_retn_array_indices4.push_back(const_int_0);
242 - ptr_retn_array_indices4.push_back(ldr_i_data_5);
243 - GetElementPtrInst* get_retn_array_data_idx4 = GetElementPtrInst::Create(return_array, ptr_ret_array, ptr_retn_array_indices4, "arrayidx5", decrypt_ing);
244 - get_retn_array_data_idx4->setIsInBounds(true);
245 - StoreInst* str_retn_array_data_idx4 = new StoreInst(trun_retn_array_data_idx2, get_retn_array_data_idx4, false, decrypt_ing);
246 - str_retn_array_data_idx4->setAlignment(MaybeAlign(1));
247 -
248 -
249 - BranchInst::Create(decrypt_add, decrypt_ing);
250 -
251 - LoadInst* ldr_i_data_6 = new LoadInst(ptr_i, "", false, decrypt_add);
252 - ldr_i_data_6->setAlignment(MaybeAlign(4));
253 - BinaryOperator* add_i_data_4 = BinaryOperator::Create(Instruction::Add, ldr_i_data_6, const_int_1, "", decrypt_add);
254 - StoreInst* str_i_data_4 = new StoreInst(add_i_data_4, ptr_i, false, decrypt_add);
255 - str_i_data_4->setAlignment(MaybeAlign(4));
256 - BranchInst::Create(decrypt_cond, decrypt_add);
257 -
258 -
259 -
260 - LoadInst* ldr_ret_array = new LoadInst(ret_array_ptr, "", false, decrypt_end);
261 - ldr_ret_array->setAlignment(MaybeAlign(4));
262 -
263 - BasicBlock* dec_jmp = BasicBlock::Create(mod->getContext(), "dec_jmp", &F, BB);
264 - BranchInst::Create(dec_jmp, decrypt_end);
265 606
266 - PHINode* ptr_40 = PHINode::Create(ret_func_ptr, 1, "", dec_jmp);
267 - ptr_40->addIncoming(ldr_ret_array, decrypt_end);
268 - IndirectBrInst *void_41 = IndirectBrInst::Create(ldr_ret_array, 1, dec_jmp);
269 - void_41->addDestination(BB);
270 - errs().write_escaped(F.getName()) << " " << F.getParent()->getName() << '\n';
271 - }
272 - */
273 - return true;
274 - }
275 607
276 - }; // end of struct Hello 608 + std::vector<Value*> ptr_to_retarray_indices;
277 -} // end of anonymous namespace 609 + ptr_to_retarray_indices.push_back(const_int_0);
610 + ptr_to_retarray_indices.push_back(const_int_0);
611 + GetElementPtrInst* ptr_to_retarray =
612 + GetElementPtrInst::Create(return_array, ptr_ret_array,
613 + ptr_to_retarray_indices, "arrayidx", decrypt_start);
614 + ptr_to_retarray->setIsInBounds(true);
615 + StoreInst* store_to_ret_ptr = new StoreInst(ptr_to_retarray,
616 + ret_array_ptr, false, decrypt_start);
617 +
618 + store_to_ret_ptr->setAlignment(MaybeAlign(4));
619 +
620 + StoreInst* void_17 = new StoreInst(retBlockAddress, ptr_this_ret, false,
621 + decrypt_start);
622 +
623 + ptr_this_ret->setAlignment(MaybeAlign(4));
624 + ret_array_ptr->setAlignment(MaybeAlign(4));
625 + ptr_i->setAlignment(MaybeAlign(4));
626 + void_17->setAlignment(MaybeAlign(4));
627 +
628 +
629 +
630 + StoreInst* store_i_0 = new StoreInst(const_int_0, ptr_i, false,
631 + decrypt_start); store_i_0->setAlignment(MaybeAlign(4));
632 +
633 +
634 +
635 + BasicBlock* decrypt_cond = BasicBlock::Create(mod->getContext(),
636 + "dec_cond", &F, BB);
637 +
638 + BranchInst::Create(decrypt_cond, decrypt_start);
639 +
640 + LoadInst* ldr_i_data = new LoadInst(ptr_i, "", false, decrypt_cond);
641 + ldr_i_data->setAlignment(MaybeAlign(4));
642 + ICmpInst* cmp_i_with_20 = new ICmpInst(*decrypt_cond,
643 + ICmpInst::ICMP_SLT, ldr_i_data, const_int_20, "cmp");
644 +
645 + BasicBlock* decrypt_ing = BasicBlock::Create(mod->getContext(),
646 + "dec_ing", &F, BB); BasicBlock* decrypt_add =
647 + BasicBlock::Create(mod->getContext(), "dec_add", &F, BB); BasicBlock*
648 + decrypt_end = BasicBlock::Create(mod->getContext(), "dec_end", &F, BB);
649 + BranchInst::Create(decrypt_ing, decrypt_end, cmp_i_with_20,
650 + decrypt_cond);
651 +
652 + LoadInst* ldr_i_data_2 = new LoadInst(ptr_i, "", false, decrypt_ing);
653 + ldr_i_data_2->setAlignment(MaybeAlign(4));
654 + LoadInst* ldr_ptr_this_ret = new LoadInst(ptr_this_ret, "", false,
655 + decrypt_ing); ldr_ptr_this_ret->setAlignment(MaybeAlign(4));
656 + GetElementPtrInst* get_func_ptr_idx =
657 + GetElementPtrInst::Create(cast<PointerType>(ldr_ptr_this_ret->getType()->getScalarType())->getElementType(),
658 + ldr_ptr_this_ret, ldr_i_data_2, "arrayidx1", decrypt_ing);
659 + get_func_ptr_idx->setIsInBounds(true);
660 +
661 +
662 + LoadInst* ldr_func_ptr_idx = new LoadInst(get_func_ptr_idx, "", false,
663 + decrypt_ing); ldr_func_ptr_idx->setAlignment(MaybeAlign(1));
664 +
665 + LoadInst* ldr_i_data_3 = new LoadInst(ptr_i, "", false, decrypt_ing);
666 + ldr_i_data_3->setAlignment(MaybeAlign(4));
667 +
668 + std::vector<Value*> ptr_retn_array_indices;
669 + ptr_retn_array_indices.push_back(const_int_0);
670 + ptr_retn_array_indices.push_back(ldr_i_data_3);
671 + GetElementPtrInst* get_retn_array_data_idx =
672 + GetElementPtrInst::Create(return_array, ptr_ret_array,
673 + ptr_retn_array_indices, "arrayidx2", decrypt_ing);
674 + get_retn_array_data_idx->setIsInBounds(true);
675 + StoreInst* str_retn_array_data_idx = new StoreInst(ldr_func_ptr_idx,
676 + get_retn_array_data_idx, false, decrypt_ing);
677 + str_retn_array_data_idx->setAlignment(MaybeAlign(1));
678 +
679 + LoadInst* ldr_i_data_4 = new LoadInst(ptr_i, "", false, decrypt_ing);
680 + ldr_i_data_4->setAlignment(MaybeAlign(4));
681 +
682 + std::vector<Value*> ptr_retn_array_indices2;
683 + ptr_retn_array_indices2.push_back(const_int_0);
684 + ptr_retn_array_indices2.push_back(ldr_i_data_4);
685 + GetElementPtrInst* get_retn_array_data_idx2 =
686 + GetElementPtrInst::Create(return_array, ptr_ret_array,
687 + ptr_retn_array_indices2, "arrayidx3", decrypt_ing);
688 + get_retn_array_data_idx2->setIsInBounds(true);
689 + LoadInst* ldr_retn_array_data_idx2 = new
690 + LoadInst(get_retn_array_data_idx2, "", false, decrypt_ing);
691 + ldr_retn_array_data_idx2->setAlignment(MaybeAlign(1));
692 +
693 + CastInst* cast_retn_array_data_idx2 = new
694 + ZExtInst(ldr_retn_array_data_idx2, IntegerType::get(mod->getContext(), 32),
695 + "conv", decrypt_ing); BinaryOperator* xor_retn_array_data_idx2 =
696 + BinaryOperator::Create(Instruction::Xor, cast_retn_array_data_idx2,
697 + const_int32_133, "xor", decrypt_ing);
698 +
699 + CastInst* trun_retn_array_data_idx2 = new
700 + TruncInst(xor_retn_array_data_idx2, IntegerType::get(mod->getContext(), 8),
701 + "conv4", decrypt_ing);
702 +
703 +
704 + LoadInst* ldr_i_data_5 = new LoadInst(ptr_i, "", false, decrypt_ing);
705 + ldr_i_data_5->setAlignment(MaybeAlign(4));
706 +
707 + std::vector<Value*> ptr_retn_array_indices4;
708 + ptr_retn_array_indices4.push_back(const_int_0);
709 + ptr_retn_array_indices4.push_back(ldr_i_data_5);
710 + GetElementPtrInst* get_retn_array_data_idx4 =
711 + GetElementPtrInst::Create(return_array, ptr_ret_array,
712 + ptr_retn_array_indices4, "arrayidx5", decrypt_ing);
713 + get_retn_array_data_idx4->setIsInBounds(true);
714 + StoreInst* str_retn_array_data_idx4 = new
715 + StoreInst(trun_retn_array_data_idx2, get_retn_array_data_idx4, false,
716 + decrypt_ing); str_retn_array_data_idx4->setAlignment(MaybeAlign(1));
717 +
718 +
719 + BranchInst::Create(decrypt_add, decrypt_ing);
720 +
721 + LoadInst* ldr_i_data_6 = new LoadInst(ptr_i, "", false, decrypt_add);
722 + ldr_i_data_6->setAlignment(MaybeAlign(4));
723 + BinaryOperator* add_i_data_4 = BinaryOperator::Create(Instruction::Add,
724 + ldr_i_data_6, const_int_1, "", decrypt_add); StoreInst* str_i_data_4 = new
725 + StoreInst(add_i_data_4, ptr_i, false, decrypt_add);
726 + str_i_data_4->setAlignment(MaybeAlign(4));
727 + BranchInst::Create(decrypt_cond, decrypt_add);
728 +
729 +
730 +
731 + LoadInst* ldr_ret_array = new LoadInst(ret_array_ptr, "", false,
732 + decrypt_end); ldr_ret_array->setAlignment(MaybeAlign(4));
733 +
734 + BasicBlock* dec_jmp = BasicBlock::Create(mod->getContext(), "dec_jmp",
735 + &F, BB); BranchInst::Create(dec_jmp, decrypt_end);
736 +
737 + PHINode* ptr_40 = PHINode::Create(ret_func_ptr, 1, "", dec_jmp);
738 + ptr_40->addIncoming(ldr_ret_array, decrypt_end);
739 + IndirectBrInst *void_41 = IndirectBrInst::Create(ldr_ret_array, 1,
740 + dec_jmp); void_41->addDestination(BB); errs().write_escaped(F.getName()) <<
741 + " " << F.getParent()->getName() << '\n';
742 + }
743 + */
744 + return true;
745 + }
746 +
747 +}; // end of struct Hello
748 +} // end of anonymous namespace
278 749
279 char ReturnObfuscation::ID = 0; 750 char ReturnObfuscation::ID = 0;
280 751
281 static RegisterPass<ReturnObfuscation> X("rof", "Hello World Pass", 752 static RegisterPass<ReturnObfuscation> X("rof", "Hello World Pass",
282 - false /* Only looks at CFG */,
283 - false /* Analysis Pass */);
...\ No newline at end of file ...\ No newline at end of file
753 + false /* Only looks at CFG */,
754 + false /* Analysis Pass */);
...\ No newline at end of file ...\ No newline at end of file
......