void-stack
diff --git a/‎README.md‎
Lines changed: 52 additions & 34 deletions b/‎README.md‎
Lines changed: 52 additions & 34 deletions
diff --git a/‎VMUP/VMUP.sln‎
Lines changed: 6 additions & 0 deletions b/‎VMUP/VMUP.sln‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎VMUP/VMUnprotect.Core/Abstraction/EmptyLogger.cs‎
Lines changed: 21 additions & 0 deletions b/‎VMUP/VMUnprotect.Core/Abstraction/EmptyLogger.cs‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎VMUP/VMUnprotect.Core/Abstraction/ILogger.cs‎
Lines changed: 9 additions & 0 deletions b/‎VMUP/VMUnprotect.Core/Abstraction/ILogger.cs‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎VMUP/VMUnprotect/CommandLineOptions.cs‎ ‎…P/VMUnprotect.Core/CommandLineOptions.cs‎VMUP/VMUnprotect/CommandLineOptions.cs renamed to VMUP/VMUnprotect.Core/CommandLineOptions.cs
Lines changed: 5 additions & 4 deletions b/‎VMUP/VMUnprotect/CommandLineOptions.cs‎ ‎…P/VMUnprotect.Core/CommandLineOptions.cs‎VMUP/VMUnprotect/CommandLineOptions.cs renamed to VMUP/VMUnprotect.Core/CommandLineOptions.cs
Lines changed: 5 additions & 4 deletions
diff --git a/‎VMUP/VMUnprotect.Core/Context.cs‎
Lines changed: 29 additions & 0 deletions b/‎VMUP/VMUnprotect.Core/Context.cs‎
Lines changed: 29 additions & 0 deletions
diff --git a/‎VMUP/VMUnprotect.Core/Engine.cs‎
Lines changed: 64 additions & 0 deletions b/‎VMUP/VMUnprotect.Core/Engine.cs‎
Lines changed: 64 additions & 0 deletions
diff --git a/‎VMUP/VMUnprotect.Core/Helpers/Formatter.cs‎
Lines changed: 24 additions & 0 deletions b/‎VMUP/VMUnprotect.Core/Helpers/Formatter.cs‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎VMUP/VMUnprotect/Utils/StringCounts.cs‎ ‎…VMUnprotect.Core/Helpers/StringCounts.cs‎VMUP/VMUnprotect/Utils/StringCounts.cs renamed to VMUP/VMUnprotect.Core/Helpers/StringCounts.cs
Lines changed: 12 additions & 24 deletions b/‎VMUP/VMUnprotect/Utils/StringCounts.cs‎ ‎…VMUnprotect.Core/Helpers/StringCounts.cs‎VMUP/VMUnprotect/Utils/StringCounts.cs renamed to VMUP/VMUnprotect.Core/Helpers/StringCounts.cs
Lines changed: 12 additions & 24 deletions
@@ -1,5 +1,5 @@
 <p align="center">
-  <img width="256" heigth="256" src="Images/vmup.png">
+  <img width="256" heigth="256" src="Docs/vmup.png">
 <h1 align="center">VMUnprotect.NET</h1>
 <p align="center">
   <strong>VMUnprotect</strong> is a project engaged in hunting virtualized <a href="https://vmpsoft.com">VMProtect</a> methods. It makes use of <a href="https://github.com/pardeike/Harmony">Harmony</a> to dynamically read <strong>VMP</strong> behavior. Currently only supports method administration. Works on <a href="https://vmpsoft.com/20210919/vmprotect-3-5-1/">VMProtect 3.5.1</a> (Latest) and few versions back.
@@ -12,15 +12,16 @@
 </p>
 
 ## Showcase
-<img src="Images/show.gif">
+<img src="Docs/show.gif">
 
 # Usage
 ```sh
 VMUnprotect.exe 
-  -f, --file         Required. Path to file.
-  --usetranspiler    (Default: false) Use an older method that makes use of Transpiler (not recommended).
-  --help             Display this help screen.
-  --version          Display version information.
+  -f, --file             Required. Path to file.
+  --usetranspiler        (Default: false) Use an older method that makes use of Transpiler (not recommended).
+  --enableharmonylogs    (Default: true) Enable logs from Harmony.
+  --help                 Display this help screen.
+  --version              Display version information.
 ```
 
 # Supported Protections
@@ -36,36 +37,53 @@ Virtualization Tools | Yes
 Strip Debug Information | Yes 
 Pack the Output File | No
 
-# Usage can be found in ```Methods\MiddleMan.cs```
+# Usage can be found in ```MiddleMan```
 ```csharp
-internal static class MiddleMan
-{
-    public static void Prefix(ref object __instance, ref object obj, ref object[] parameters, ref object[] arguments)
-    {
-        var virtualizedMethodName = new StackTrace().GetFrame(7).GetMethod();
-        var method = (MethodBase) __instance;
-
-        ConsoleLogger.Warn("\tVMP MethodName: {0} (MDToken {1:X4})", virtualizedMethodName.FullDescription(), virtualizedMethodName.MetadataToken.ToString());
-
-        ConsoleLogger.Warn("\tMethodName: {0}", method.Name);
-        ConsoleLogger.Warn("\tFullDescription: {0}", method.FullDescription());
-        ConsoleLogger.Warn("\tMethodType: {0}", method.GetType());
-        if (obj != null) ConsoleLogger.Warn("\nObj: {0}", obj.GetType());
-        
-        // Loop through parameters and log them
-        for (var i = 0; i < parameters.Length; i++)
-        {
-            var parameter = parameters[i] ?? "null";
-            ConsoleLogger.Warn("\tParameter ({1}) [{0}]: ({2})", i, parameter.GetType(), parameter);
+using HarmonyLib;
+using System.Diagnostics;
+using System.Reflection;
+using VMUnprotect.Core.Abstraction;
+using VMUnprotect.Core.Helpers;
+
+namespace VMUnprotect.Core.MiddleMan {
+    /// <summary>
+    ///     Works as Middle Man to make life easier
+    /// </summary>
+    public static class UnsafeInvokeMiddleMan {
+        private static readonly ILogger ConsoleLogger = Engine.Logger;
+
+        /// <summary>
+        ///     A prefix is a method that is executed before the original method
+        /// </summary>
+        public static void Prefix(ref object __instance, ref object obj, ref object[] parameters, ref object[] arguments) {
+            var virtualizedMethodName = new StackTrace().GetFrame(7).GetMethod();
+            var method = (MethodBase) __instance;
+
+            ConsoleLogger.Print("VMP MethodName: {0} (MDToken {1:X4})", virtualizedMethodName.FullDescription(), virtualizedMethodName.MetadataToken.ToString());
+            ConsoleLogger.Print("MethodName: {0}", method.Name);
+            ConsoleLogger.Print("FullDescription: {0}", method.FullDescription());
+            ConsoleLogger.Print("MethodType: {0}", method.GetType());
+            
+            if (obj is not null)
+                ConsoleLogger.Print("Obj: {0}", obj.GetType());
+
+            // Loop through parameters and log them
+            for (var i = 0; i < parameters.Length; i++) {
+                var parameter = parameters[i];
+                ConsoleLogger.Print("Parameter ({1}) [{0}]: ({2})", i, parameter.GetType(), Formatter.FormatObject(parameter));
+            }
+
+            var returnType = method is MethodInfo info ? info.ReturnType.FullName : "System.Object";
+            ConsoleLogger.Print("MDToken: 0x{0:X4}", method.MetadataToken);
+            ConsoleLogger.Print("Return Type: {0}", returnType ?? "null");
+        }
+
+        /// <summary>
+        ///     A postfix is a method that is executed after the original method
+        /// </summary>
+        public static void Postfix(ref object __instance, ref object __result, ref object obj, ref object[] parameters, ref object[] arguments) {
+            ConsoleLogger.Print("Returns: {0}", __result);
         }
-        var returnType = method is MethodInfo info ? info.ReturnType.FullName : "System.Object";
-        ConsoleLogger.Warn("\tMDToken: 0x{0:X4}", method.MetadataToken);
-        ConsoleLogger.Warn("\tReturn Type: {0}", returnType);
-    }
-    
-    public static void Postfix(ref object __instance, ref object __result, ref object obj, ref object[] parameters, ref object[] arguments)
-    {
-        ConsoleLogger.Warn("\tReturns: {0}", __result);
     }
 }
 ```
 
@@ -2,6 +2,8 @@
 Microsoft Visual Studio Solution File, Format Version 12.00
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "VMUnprotect", "VMUnprotect\VMUnprotect.csproj", "{42C88429-9A67-4087-91BD-7D76383BC86D}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "VMUnprotect.Core", "VMUnprotect.Core\VMUnprotect.Core.csproj", "{D57B9692-671D-450B-B21C-24BA0129B888}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -12,5 +14,9 @@ Global
 		{42C88429-9A67-4087-91BD-7D76383BC86D}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{42C88429-9A67-4087-91BD-7D76383BC86D}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{42C88429-9A67-4087-91BD-7D76383BC86D}.Release|Any CPU.Build.0 = Release|Any CPU
+		{D57B9692-671D-450B-B21C-24BA0129B888}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{D57B9692-671D-450B-B21C-24BA0129B888}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{D57B9692-671D-450B-B21C-24BA0129B888}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{D57B9692-671D-450B-B21C-24BA0129B888}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 EndGlobal
@@ -0,0 +1,21 @@
+using System;
+
+namespace VMUnprotect.Core.Abstraction {
+    public class EmptyLogger : ILogger {
+        public void Debug(string m, params object[] f) {
+            throw new NotImplementedException();
+        }
+        public void Error(string m, params object[] f) {
+            throw new NotImplementedException();
+        }
+        public void Info(string m, params object[] f) {
+            throw new NotImplementedException();
+        }
+        public void Warn(string m, params object[] f) {
+            throw new NotImplementedException();
+        }
+        public void Print(string m, params object[] f) {
+            throw new NotImplementedException();
+        }
+    }
+}
@@ -0,0 +1,9 @@
+namespace VMUnprotect.Core.Abstraction {
+    public interface ILogger {
+        public void Debug(string m, params object[] f);
+        public void Error(string m, params object[] f);
+        public void Info(string m, params object[] f);
+        public void Warn(string m, params object[] f);
+        public void Print(string m, params object[] f);
+    }
+}
@@ -1,13 +1,14 @@
 using CommandLine;
 
-namespace VMUnprotect
-{
-    public class CommandLineOptions
-    {
+namespace VMUnprotect.Core {
+    public class CommandLineOptions {
         [Option('f', "file", HelpText = "Path to file.", Required = true)]
         public string FilePath { get; set; }
 
         [Option(Default = false, HelpText = "Use an older method that makes use of Transpiler (not recommended).", Required = false)]
         public bool UseTranspiler { get; set; }
+
+        [Option(Default = true, HelpText = "Enable logs from Harmony.", Required = false)]
+        public bool EnableHarmonyLogs { get; set; }
     }
 }
@@ -0,0 +1,29 @@
+using dnlib.DotNet;
+using HarmonyLib;
+using System;
+using System.Reflection;
+using VMUnprotect.Core.Structure;
+using ILogger = VMUnprotect.Core.Abstraction.ILogger;
+
+namespace VMUnprotect.Core {
+    public class Context {
+        public Context(ILogger logger, string vmpAssembly, CommandLineOptions options) {
+            Harmony.DEBUG = options.EnableHarmonyLogs;
+            
+            Logger = logger ?? throw new ArgumentNullException(nameof(logger));
+            Options = options ?? throw new ArgumentNullException(nameof(options));
+
+            VmpAssembly = Assembly.LoadFile(vmpAssembly);
+            VmpModuleDefMd = ModuleDefMD.Load(vmpAssembly);
+
+            Harmony = new Harmony("com.hussaryyn.vmup");
+        }
+
+        public ILogger Logger { get; }
+        public Assembly VmpAssembly { get; }
+        public ModuleDefMD VmpModuleDefMd { get; }
+        public VmRuntimeStructure? RuntimeStructure { get; set; } = new();
+        public Harmony Harmony { get; }
+        public CommandLineOptions Options { get; }
+    }
+}
@@ -0,0 +1,64 @@
+using HarmonyLib;
+using System;
+using System.Runtime.CompilerServices;
+using VMUnprotect.Core.Abstraction;
+using VMUnprotect.Core.Hooks;
+using VMUnprotect.Core.Structure;
+
+namespace VMUnprotect.Core {
+    public class Engine {
+        public Engine(Context context) {
+            Ctx = context;
+            Logger = context.Logger;
+        }
+        internal static Context Ctx
+            {
+                get;
+                private set;
+            } = null!;
+
+        public static ILogger Logger
+            {
+                get;
+                private set;
+            } = new EmptyLogger();
+
+        public void Start() {
+            var fileEntryPoint = Ctx.VmpAssembly.EntryPoint;
+            var moduleHandle = Ctx.VmpAssembly.ManifestModule.ModuleHandle;
+            var parameters = fileEntryPoint.GetParameters();
+
+            Logger.Debug("Entrypoint method: {0}", fileEntryPoint.FullDescription());
+            Logger.Debug("ModuleHandle: {0:X4}", moduleHandle);
+
+            Logger.Debug("--- Analyzing VMP Structure...");
+            AnalyzeStructure();
+
+            Logger.Info("--- Applying hooks.");
+            ApplyHooks();
+
+            Logger.Info("--- Invoking Constructor.");
+            RuntimeHelpers.RunModuleConstructor(moduleHandle);
+
+            Logger.Info("--- Invoking assembly.\n");
+            fileEntryPoint.Invoke(null, parameters.Length == 0 ? null : new object[] {null!});
+        }
+        private static void ApplyHooks() {
+            try {
+                HooksManager.HooksApply(Ctx);
+            }
+            catch (Exception ex) {
+                Logger.Error("Failed to apply Harmony patches: {0}", ex.StackTrace);
+            }
+        }
+
+        private void AnalyzeStructure() {
+            try {
+                VmAnalyzer.Run(Ctx);
+            }
+            catch (Exception ex) {
+                Logger.Error("Failed to analyze VMProtect Structure: {0}", ex.StackTrace);
+            }
+        }
+    }
+}
@@ -0,0 +1,24 @@
+using System;
+using System.Collections;
+using System.Linq;
+
+namespace VMUnprotect.Core.Helpers {
+    public static class Formatter {
+        /// <summary>
+        ///     Formats code to more reliable format
+        /// </summary>
+        public static string FormatObject(object obj) {
+            try {
+                return obj switch {
+                    null                   => "null",
+                    string x               => $"\"{x}\"",
+                    IEnumerable enumerable => $"{obj.GetType().Name} {{{string.Join(", ", enumerable.Cast<object>().Select(FormatObject))}}}",
+                    _                      => obj.ToString()
+                };
+            }
+            catch (Exception) {
+                return "???";
+            }
+        }
+    }
+}
@@ -4,63 +4,51 @@
 using System.Collections.Generic;
 using System.Linq;
 
-namespace VMUnprotect.Utils
-{
+namespace VMUnprotect.Core.Helpers {
     /// <summary>
     ///     This code belongs to
     ///     https://github.com/de4dot/de4dot/blob/b7d5728fc0c82fb0ad758e3a4c0fbb70368a4853/de4dot.code/deobfuscators/StringCounts.cs
     /// </summary>
-    public class StringCounts
-    {
+    public class StringCounts {
         private readonly Dictionary<string, int> _strings = new(StringComparer.Ordinal);
 
         public IEnumerable<string> Strings => _strings.Keys;
         public int NumStrings => _strings.Count;
 
-        protected void Add(string s)
-        {
+        protected void Add(string s) {
             _strings.TryGetValue(s, out var count);
             _strings[s] = count + 1;
         }
 
-        private bool Exists(string s)
-        {
-            return s != null && _strings.ContainsKey(s);
+        private bool Exists(string s) {
+            return _strings.ContainsKey(s);
         }
 
-        public bool All(IEnumerable<string> list)
-        {
+        public bool All(IEnumerable<string> list) {
             return list.All(Exists);
         }
 
-        public bool Exactly(ICollection<string> list)
-        {
+        public bool Exactly(ICollection<string> list) {
             return list.Count == _strings.Count && All(list);
         }
 
-        public int Count(string s)
-        {
+        public int Count(string s) {
             _strings.TryGetValue(s, out var count);
             return count;
         }
     }
 
 
-    public class LocalTypes : StringCounts
-    {
-        public LocalTypes(MethodDef method)
-        {
+    public class LocalTypes : StringCounts {
+        public LocalTypes(MethodDef method) {
             if (method is {Body: { }}) Initialize(method.Body.Variables);
         }
 
-        public LocalTypes(IEnumerable<Local> locals)
-        {
+        public LocalTypes(IEnumerable<Local> locals) {
             Initialize(locals);
         }
 
-        private void Initialize(IEnumerable<Local> locals)
-        {
-            if (locals == null) return;
+        private void Initialize(IEnumerable<Local> locals) {
             foreach (var local in locals) Add(local.Type.FullName);
         }
     }