├── .gitattributes
├── .vs
    └── MemeVM Devirt
    │   └── v16
    │       └── .suo
├── Dependencies
    └── dnlib.dll
├── LICENSE
├── MemeVM Devirt.sln
├── MemeVM Devirt
    ├── App.config
    ├── Context.cs
    ├── Logger.cs
    ├── MemeVM Devirt.csproj
    ├── MemeVM Devirt.csproj.user
    ├── Program.cs
    ├── Properties
    │   └── AssemblyInfo.cs
    ├── Protections
    │   ├── AnalyseMethod.cs
    │   ├── AnalyseResources.cs
    │   ├── InitialiseReplace.cs
    │   ├── InitiliseMethod.cs
    │   ├── Stores.cs
    │   ├── VM.cs
    │   └── VMInstructions
    │   │   ├── VMInstructions.cs
    │   │   └── VMOpCode.cs
    ├── bin
    │   └── Debug
    │   │   ├── MemeVM Devirt.exe
    │   │   ├── MemeVM Devirt.exe.config
    │   │   ├── MemeVM Devirt.pdb
    │   │   └── dnlib.dll
    ├── obj
    │   └── Debug
    │   │   ├── DesignTimeResolveAssemblyReferencesInput.cache
    │   │   ├── MemeVM Devirt.csproj.CopyComplete
    │   │   ├── MemeVM Devirt.csproj.CoreCompileInputs.cache
    │   │   ├── MemeVM Devirt.csproj.FileListAbsolute.txt
    │   │   ├── MemeVM Devirt.csprojAssemblyReference.cache
    │   │   ├── MemeVM Devirt.exe
    │   │   └── MemeVM Devirt.pdb
    └── virus.ico
└── README.md


/.gitattributes:
--------------------------------------------------------------------------------
1 | # Auto detect text files and perform LF normalization
2 | * text=auto
3 | 


--------------------------------------------------------------------------------
/.vs/MemeVM Devirt/v16/.suo:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/congviet/MemeVMDevirt/bbfe0483ab8b7dbbdf3fd3616bc33041a2f51879/.vs/MemeVM Devirt/v16/.suo


--------------------------------------------------------------------------------
/Dependencies/dnlib.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/congviet/MemeVMDevirt/bbfe0483ab8b7dbbdf3fd3616bc33041a2f51879/Dependencies/dnlib.dll


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2020 Sir-_-MaGeLanD
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/MemeVM Devirt.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 12.00
 3 | # Visual Studio Version 16
 4 | VisualStudioVersion = 16.0.30011.22
 5 | MinimumVisualStudioVersion = 10.0.40219.1
 6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MemeVM Devirt", "MemeVM Devirt\MemeVM Devirt.csproj", "{2AEFEAE1-4D36-472A-A995-3D1F1C1AEC8E}"
 7 | EndProject
 8 | Global
 9 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | 		Debug|Any CPU = Debug|Any CPU
11 | 		Release|Any CPU = Release|Any CPU
12 | 	EndGlobalSection
13 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | 		{2AEFEAE1-4D36-472A-A995-3D1F1C1AEC8E}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | 		{2AEFEAE1-4D36-472A-A995-3D1F1C1AEC8E}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | 		{2AEFEAE1-4D36-472A-A995-3D1F1C1AEC8E}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | 		{2AEFEAE1-4D36-472A-A995-3D1F1C1AEC8E}.Release|Any CPU.Build.0 = Release|Any CPU
18 | 	EndGlobalSection
19 | 	GlobalSection(SolutionProperties) = preSolution
20 | 		HideSolutionNode = FALSE
21 | 	EndGlobalSection
22 | 	GlobalSection(ExtensibilityGlobals) = postSolution
23 | 		SolutionGuid = {FE1EAE98-6276-45D8-8F56-CA21535FC458}
24 | 	EndGlobalSection
25 | EndGlobal
26 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/App.config:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8" ?>
2 | <configuration>
3 |     <startup> 
4 |         <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8" />
5 |     </startup>
6 | </configuration>


--------------------------------------------------------------------------------
/MemeVM Devirt/Context.cs:
--------------------------------------------------------------------------------
  1 | using dnlib.DotNet;
  2 | using dnlib.DotNet.Writer;
  3 | using System;
  4 | using System.IO;
  5 | using System.IO.Compression;
  6 | using static Logger;
  7 | 
  8 | public static class Context
  9 | {
 10 |     public static ModuleDefMD module = null;
 11 |     public static string FileName = null;
 12 |     public static void LoadModule(string filename)
 13 |     {
 14 |         try
 15 |         {
 16 |             FileName = filename;
 17 |             byte[] data = File.ReadAllBytes(filename);
 18 |             ModuleContext modCtx = ModuleDef.CreateModuleContext();
 19 |             module = ModuleDefMD.Load(data, modCtx);
 20 |             Write("Module Loaded : " + module.Name, TypeMessage.Info);
 21 |             foreach (AssemblyRef dependance in module.GetAssemblyRefs())
 22 |             {
 23 |                 Write($"Dependance : {dependance.Name}", TypeMessage.Info);
 24 |             }
 25 |         }
 26 |         catch
 27 |         {
 28 |             Write("Error for Loade Module", TypeMessage.Error);
 29 |         }
 30 |     }
 31 |     public static void SaveModule()
 32 |     {
 33 |         try
 34 |         {
 35 |             string filename = string.Concat(new string[] { Path.GetDirectoryName(FileName), "\\", Path.GetFileNameWithoutExtension(FileName), "_Devirt", Path.GetExtension(FileName) });
 36 |             if (module.IsILOnly)
 37 |             {
 38 |                 ModuleWriterOptions writer = new ModuleWriterOptions(module);
 39 |                 writer.MetaDataOptions.Flags = MetaDataFlags.PreserveAll;
 40 |                 writer.MetaDataLogger = DummyLogger.NoThrowInstance;
 41 |                 module.Write(filename, writer);
 42 |             }
 43 |             else
 44 |             {
 45 |                 NativeModuleWriterOptions writer = new NativeModuleWriterOptions(module);
 46 |                 writer.MetaDataOptions.Flags = MetaDataFlags.PreserveAll;
 47 |                 writer.MetaDataLogger = DummyLogger.NoThrowInstance;
 48 |                 module.NativeWrite(filename, writer);
 49 |             }
 50 |             Write("File Devirt and Saved : " + filename, TypeMessage.Done);
 51 |         }
 52 |         catch (ModuleWriterException ex)
 53 |         {
 54 |             Write("Fail to save current module\n" + ex.ToString(), TypeMessage.Error);
 55 |         }
 56 |         Console.ReadLine();
 57 |     }
 58 |     public static byte[] Compress(byte[] data)
 59 |     {
 60 |         MemoryStream output = new MemoryStream();
 61 |         using (DeflateStream dstream = new DeflateStream(output, CompressionLevel.Optimal))
 62 |         {
 63 |             dstream.Write(data, 0, data.Length);
 64 |         }
 65 |         return output.ToArray();
 66 |     }
 67 |     public static byte[] GetCurrentModule(ModuleDefMD module)
 68 |     {
 69 |         MemoryStream memorystream = new MemoryStream();
 70 |         if (module.IsILOnly)
 71 |         {
 72 |             ModuleWriterOptions writer = new ModuleWriterOptions(module);
 73 |             writer.MetaDataOptions.Flags = MetaDataFlags.PreserveAll;
 74 |             writer.MetaDataLogger = DummyLogger.NoThrowInstance;
 75 |             module.Write(memorystream, writer);
 76 |         }
 77 |         else
 78 |         {
 79 |             NativeModuleWriterOptions writer = new NativeModuleWriterOptions(module);
 80 |             writer.MetaDataOptions.Flags = MetaDataFlags.PreserveAll;
 81 |             writer.MetaDataLogger = DummyLogger.NoThrowInstance;
 82 |             module.NativeWrite(memorystream, writer);
 83 |         }
 84 |         byte[] ByteArray = new byte[memorystream.Length];
 85 |         memorystream.Position = 0;
 86 |         memorystream.Read(ByteArray, 0, (int)memorystream.Length);
 87 |         return ByteArray;
 88 |     }
 89 |     public static void Welcome()
 90 |     {
 91 |         Console.Title = "MemeVM Devirt Console 1.0";
 92 |         Console.ForegroundColor = ConsoleColor.Yellow;
 93 |         Console.WriteLine(@"Made By Sir-_-MaGeLanD#7358");
 94 |         Console.ForegroundColor = ConsoleColor.Red;
 95 |         Console.WriteLine(@"                         __          __  _                                  _______    ");
 96 |         Console.WriteLine(@"                         \ \        / / | |                                |__   __|   ");
 97 |         Console.WriteLine(@"                          \ \  /\  / /__| | ___ ___  _ __ ___   ___           | | ___  ");
 98 |         Console.WriteLine(@"                           \ \/  \/ / _ \ |/ __/ _ \| '_ ` _ \ / _ \          | |/ _ \ ");
 99 |         Console.WriteLine(@"                            \  /\  /  __/ | (_| (_) | | | | | |  __/          | | (_) |");
100 |         Console.WriteLine(@"                             \/  \/ \___|_|\___\___/|_| |_| |_|\___|          |_|\___/ ");
101 |         Console.WriteLine(@"███    ███ ███████ ███    ███ ███████ ██    ██ ███    ███ ");
102 |         Console.WriteLine(@"████  ████ ██      ████  ████ ██      ██    ██ ████  ████ ");
103 |         Console.WriteLine(@"██ ████ ██ █████   ██ ████ ██ █████   ██    ██ ██ ████ ██ ");
104 |         Console.WriteLine(@"██  ██  ██ ██      ██  ██  ██ ██       ██  ██  ██  ██  ██ ");
105 |         Console.WriteLine(@"██      ██ ███████ ██      ██ ███████   ████   ██      ██ "); 
106 |         Console.WriteLine(Environment.NewLine);
107 |         Console.WriteLine(Environment.NewLine);
108 |         Console.WriteLine(Environment.NewLine);
109 |     }
110 | }
111 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/Logger.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Collections.Generic;
 3 | using System.Linq;
 4 | using System.Text;
 5 | using System.Threading.Tasks;
 6 | 
 7 | public static class Logger
 8 | {
 9 |     public static void Write(string message, TypeMessage type)
10 |     {
11 |         switch (type)
12 |         {
13 |             case TypeMessage.Debug:
14 |                 Console.ForegroundColor = ConsoleColor.Blue;
15 |                 Console.WriteLine($"{DateTime.Now} [Debug] {message}");
16 |                 Console.ForegroundColor = ConsoleColor.White;
17 |                 break;
18 |             case TypeMessage.Done:
19 |                 Console.ForegroundColor = ConsoleColor.Green;
20 |                 Console.WriteLine($"{DateTime.Now} [+] : {message}");
21 |                 Console.ForegroundColor = ConsoleColor.White;
22 |                 break;
23 |             case TypeMessage.Error:
24 |                 Console.ForegroundColor = ConsoleColor.Red;
25 |                 Console.WriteLine($"{DateTime.Now} [!] : {message}");
26 |                 Console.ForegroundColor = ConsoleColor.White;
27 |                 break;
28 |             case TypeMessage.Info:
29 |                 Console.ForegroundColor = ConsoleColor.Yellow;
30 |                 Console.WriteLine($"{DateTime.Now} [-] : {message}");
31 |                 Console.ForegroundColor = ConsoleColor.White;
32 |                 break;
33 |         }
34 |     }
35 | }
36 | public enum TypeMessage
37 | {
38 |     Error,
39 |     Done,
40 |     Debug,
41 |     Info,
42 | }
43 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/MemeVM Devirt.csproj:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
 4 |   <PropertyGroup>
 5 |     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
 6 |     <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
 7 |     <ProjectGuid>{2AEFEAE1-4D36-472A-A995-3D1F1C1AEC8E}</ProjectGuid>
 8 |     <OutputType>Exe</OutputType>
 9 |     <RootNamespace>MemeVMDevirt</RootNamespace>
10 |     <AssemblyName>MemeVM Devirt</AssemblyName>
11 |     <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
12 |     <FileAlignment>512</FileAlignment>
13 |     <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
14 |     <Deterministic>true</Deterministic>
15 |   </PropertyGroup>
16 |   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
17 |     <PlatformTarget>AnyCPU</PlatformTarget>
18 |     <DebugSymbols>true</DebugSymbols>
19 |     <DebugType>full</DebugType>
20 |     <Optimize>false</Optimize>
21 |     <OutputPath>bin\Debug\</OutputPath>
22 |     <DefineConstants>DEBUG;TRACE</DefineConstants>
23 |     <ErrorReport>prompt</ErrorReport>
24 |     <WarningLevel>4</WarningLevel>
25 |   </PropertyGroup>
26 |   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
27 |     <PlatformTarget>AnyCPU</PlatformTarget>
28 |     <DebugType>pdbonly</DebugType>
29 |     <Optimize>true</Optimize>
30 |     <OutputPath>bin\Release\</OutputPath>
31 |     <DefineConstants>TRACE</DefineConstants>
32 |     <ErrorReport>prompt</ErrorReport>
33 |     <WarningLevel>4</WarningLevel>
34 |   </PropertyGroup>
35 |   <PropertyGroup>
36 |     <ApplicationIcon>virus.ico</ApplicationIcon>
37 |   </PropertyGroup>
38 |   <ItemGroup>
39 |     <Reference Include="dnlib">
40 |       <HintPath>..\Dependencies\dnlib.dll</HintPath>
41 |     </Reference>
42 |     <Reference Include="System" />
43 |     <Reference Include="System.Core" />
44 |     <Reference Include="System.Xml.Linq" />
45 |     <Reference Include="System.Data.DataSetExtensions" />
46 |     <Reference Include="Microsoft.CSharp" />
47 |     <Reference Include="System.Data" />
48 |     <Reference Include="System.Net.Http" />
49 |     <Reference Include="System.Xml" />
50 |   </ItemGroup>
51 |   <ItemGroup>
52 |     <Compile Include="Context.cs" />
53 |     <Compile Include="Logger.cs" />
54 |     <Compile Include="Program.cs" />
55 |     <Compile Include="Properties\AssemblyInfo.cs" />
56 |     <Compile Include="Protections\AnalyseResources.cs" />
57 |     <Compile Include="Protections\InitialiseReplace.cs" />
58 |     <Compile Include="Protections\InitiliseMethod.cs" />
59 |     <Compile Include="Protections\AnalyseMethod.cs" />
60 |     <Compile Include="Protections\Stores.cs" />
61 |     <Compile Include="Protections\VM.cs" />
62 |     <Compile Include="Protections\VMInstructions\VMInstructions.cs" />
63 |     <Compile Include="Protections\VMInstructions\VMOpCode.cs" />
64 |   </ItemGroup>
65 |   <ItemGroup>
66 |     <None Include="App.config" />
67 |   </ItemGroup>
68 |   <ItemGroup>
69 |     <Content Include="virus.ico" />
70 |   </ItemGroup>
71 |   <ItemGroup />
72 |   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
73 | </Project>


--------------------------------------------------------------------------------
/MemeVM Devirt/MemeVM Devirt.csproj.user:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
3 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|AnyCPU'">
4 |     <StartArguments>"D:\Partage\Nouveau dossier %2839%29\Target.exe"</StartArguments>
5 |   </PropertyGroup>
6 | </Project>


--------------------------------------------------------------------------------
/MemeVM Devirt/Program.cs:
--------------------------------------------------------------------------------
 1 | using MemeVMDevirt.Protections;
 2 | using System;
 3 | using static Context;
 4 | using static Logger;
 5 | 
 6 | namespace NETPacker
 7 | {
 8 |     class Program
 9 |     {
10 |         static void Main(string[] args)
11 |         {
12 |             if (args.Length == 0)
13 |             {
14 |                 Welcome();
15 |                 Write($"Please drag and drop your file\n\n", TypeMessage.Debug);
16 |                 LoadModule(Console.ReadLine());
17 |                 VM.Execute();
18 |                 SaveModule();
19 |             }
20 |             else if (args.Length == 1)
21 |             {
22 |                 Welcome();
23 |                 LoadModule(args[0]);
24 |                 VM.Execute();
25 |                 SaveModule();
26 |             }
27 |         }
28 |     }
29 | }
30 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
 1 | using System.Reflection;
 2 | using System.Runtime.CompilerServices;
 3 | using System.Runtime.InteropServices;
 4 | 
 5 | // Les informations générales relatives à un assembly dépendent de
 6 | // l'ensemble d'attributs suivant. Changez les valeurs de ces attributs pour modifier les informations
 7 | // associées à un assembly.
 8 | [assembly: AssemblyTitle("MemeVM Devirt")]
 9 | [assembly: AssemblyDescription("MemeVM Devirt Made By Sir-_-MaGeLanD")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("Sir-_-MaGeLanD")]
12 | [assembly: AssemblyProduct("MemeVM Devirt")]
13 | [assembly: AssemblyCopyright("Copyright  Sir-_-MaGeLanD ©  2020")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 | 
17 | // L'affectation de la valeur false à ComVisible rend les types invisibles dans cet assembly
18 | // aux composants COM. Si vous devez accéder à un type dans cet assembly à partir de
19 | // COM, affectez la valeur true à l'attribut ComVisible sur ce type.
20 | [assembly: ComVisible(false)]
21 | 
22 | // Le GUID suivant est pour l'ID de la typelib si ce projet est exposé à COM
23 | [assembly: Guid("2aefeae1-4d36-472a-a995-3d1f1c1aec8e")]
24 | 
25 | // Les informations de version pour un assembly se composent des quatre valeurs suivantes :
26 | //
27 | //      Version principale
28 | //      Version secondaire
29 | //      Numéro de build
30 | //      Révision
31 | //
32 | // Vous pouvez spécifier toutes les valeurs ou indiquer les numéros de build et de révision par défaut
33 | // en utilisant '*', comme indiqué ci-dessous :
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/Protections/AnalyseMethod.cs:
--------------------------------------------------------------------------------
 1 | using dnlib.DotNet;
 2 | using dnlib.DotNet.Emit;
 3 | using System.Collections.Generic;
 4 | using System.Linq;
 5 | using static Context;
 6 | 
 7 | namespace MemeVMDevirt.Protections
 8 | {
 9 |     public static class AnalyseMethod
10 |     {
11 |         public static void AnalysePhase()
12 |         {
13 | 			foreach (TypeDef type in (from x in module.Types where x.HasMethods select x).ToArray())
14 | 			{
15 | 				foreach (MethodDef method in (from x in type.Methods where x.HasBody && x.Body.HasInstructions select x).ToArray())
16 | 				{
17 | 					IList<Instruction> Instr = method.Body.Instructions;
18 | 					if (Instr[0].OpCode == OpCodes.Ldtoken && Instr[1].IsLdcI4() && Instr[Instr.Count - 3].OpCode == OpCodes.Call && Instr[Instr.Count - 3].Operand.ToString().Contains("Run"))
19 | 					{
20 | 						Stores.MethodVirt.Add(method, Instr[1].GetLdcI4Value());
21 | 					}
22 | 				}
23 | 			}
24 | 		}
25 |     }
26 | }
27 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/Protections/AnalyseResources.cs:
--------------------------------------------------------------------------------
 1 | using dnlib.DotNet;
 2 | using dnlib.IO;
 3 | using System.Linq;
 4 | using static Context;
 5 | 
 6 | 
 7 | namespace MemeVMDevirt.Protections
 8 | {
 9 |     public static class AnalyseResources
10 |     {
11 |         public static void InitialiseResources()
12 |         {
13 |             EmbeddedResource resource = (from x in module.Resources where x.IsPrivate && x.ResourceType == ResourceType.Embedded select x).First() as EmbeddedResource;
14 |             Stores.Resources_Virt = resource.Data.CreateStream();
15 |         }
16 |     }
17 | }
18 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/Protections/InitialiseReplace.cs:
--------------------------------------------------------------------------------
  1 | using dnlib.DotNet;
  2 | using dnlib.DotNet.Emit;
  3 | using MemeVMDevirt.Protections.VMInstructions;
  4 | using System;
  5 | using System.Collections.Generic;
  6 | using System.Data;
  7 | using System.IO;
  8 | using System.Linq;
  9 | using System.Reflection;
 10 | using System.Text;
 11 | using System.Threading.Tasks;
 12 | using static Context;
 13 | 
 14 | namespace MemeVMDevirt.Protections
 15 | {
 16 |     public static class InitialiseReplace
 17 |     {
 18 | 		public static List<Instruction> _method;
 19 | 		public static MethodDef _current;
 20 | 		public static void ReplacePhase()
 21 |         {
 22 |             foreach (var methodvirt in Stores.MethodVirt)
 23 |             {
 24 | 				_current = methodvirt.Key;
 25 | 				_method = new List<Instruction>();
 26 | 				methodvirt.Key.Body.Instructions.Clear();
 27 | 				foreach(VMInstruction instruction in Stores._methods[methodvirt.Value])
 28 | 				{
 29 | 					_method.Add(Reconvert(instruction, instruction.Code));
 30 | 				}
 31 | 				foreach (Instruction instruction in _method)
 32 | 				{
 33 | 					methodvirt.Key.Body.Instructions.Add(instruction);
 34 | 				}
 35 | 			}
 36 |         }
 37 | 		public static Instruction Reconvert(VMInstruction _instruction, VMOpCode vMOpCode)
 38 | 		{
 39 | 			switch (vMOpCode)
 40 | 			{
 41 | 				case VMOpCode.Add: return Add(_instruction);
 42 | 				case VMOpCode.Call: return Call(_instruction);
 43 | 				case VMOpCode.Cgt: return Cgt(_instruction);
 44 | 				case VMOpCode.Clt: return Clt(_instruction);
 45 | 				case VMOpCode.Cmp: return Cmp(_instruction);
 46 | 				case VMOpCode.Dup: return Dup(_instruction);
 47 | 				case VMOpCode.Int32: return Ldc_I4(_instruction);
 48 | 				case VMOpCode.Jf: return Brfalse(_instruction);
 49 | 				case VMOpCode.Jmp: return Br(_instruction);
 50 | 				case VMOpCode.Jt: return Brtrue(_instruction);
 51 | 				case VMOpCode.Ldarg: return Ldarg(_instruction);
 52 | 				case VMOpCode.Ldfld: return Ldfld(_instruction);
 53 | 				case VMOpCode.Ldloc: return Ldloc(_instruction);
 54 | 				case VMOpCode.Int64: return Ldc_I8(_instruction);
 55 | 				case VMOpCode.Newarr: return NewArray(_instruction);
 56 | 				case VMOpCode.Null: return Null(_instruction);
 57 | 				case VMOpCode.Pop: return Pop(_instruction);
 58 | 				case VMOpCode.Ret: return Ret(_instruction);
 59 | 				case VMOpCode.Stfld: return Stfld(_instruction);
 60 | 				case VMOpCode.Stloc: return Stloc(_instruction);
 61 | 				case VMOpCode.String: return Ldstr(_instruction);
 62 | 
 63 | 
 64 | 				default:
 65 | 					throw new Exception($"OpCode : {vMOpCode} Not Supported");
 66 | 			}
 67 | 		}
 68 | 		public static Assembly GetReference(short index)
 69 | 		{
 70 | 			KeyValuePair<string, Assembly> keyValuePair = Stores._references.ElementAt((int)index);
 71 | 			bool flag = keyValuePair.Value == null;
 72 | 			if (flag)
 73 | 			{
 74 | 				Stores._references[keyValuePair.Key] = AppDomain.CurrentDomain.Load(new AssemblyName(keyValuePair.Key));
 75 | 			}
 76 | 			return Stores._references[keyValuePair.Key];
 77 | 		}
 78 | 		public static Instruction Brfalse(VMInstruction instruction)
 79 | 		{
 80 | 			return Instruction.Create(OpCodes.Brfalse, _method[(int)instruction.Operand]);
 81 | 		}
 82 | 		public static Instruction Brtrue(VMInstruction instruction)
 83 | 		{
 84 | 			return Instruction.Create(OpCodes.Brtrue, _method[(int)instruction.Operand]);
 85 | 		}
 86 | 		public static Instruction Br(VMInstruction instruction)
 87 | 		{
 88 | 			return Instruction.Create(OpCodes.Br, _method[(int)instruction.Operand]);
 89 | 		}
 90 | 		public static Instruction Dup(VMInstruction instruction)
 91 | 		{
 92 | 			return Instruction.Create(OpCodes.Dup);
 93 | 		}
 94 | 		public static Instruction Rem(VMInstruction instruction)
 95 | 		{
 96 | 			return Instruction.Create(OpCodes.Rem);
 97 | 		}
 98 | 		public static Instruction Pop(VMInstruction instruction)
 99 | 		{
100 | 			return Instruction.Create(OpCodes.Pop);
101 | 		}
102 | 		public static Instruction Ret(VMInstruction instruction)
103 | 		{
104 | 			return Instruction.Create(OpCodes.Ret);
105 | 		}
106 | 		public static Instruction Starg(VMInstruction instruction)
107 | 		{
108 | 			return Instruction.Create(OpCodes.Starg, (byte)instruction.Operand);
109 | 		}
110 | 		public static Instruction Cgt(VMInstruction instruction)
111 | 		{
112 | 			return Instruction.Create(OpCodes.Cgt);
113 | 		}
114 | 		public static Instruction Cmp(VMInstruction instruction)
115 | 		{
116 | 			return Instruction.Create(OpCodes.Ceq);
117 | 		}
118 | 		public static Instruction Clt(VMInstruction instruction)
119 | 		{
120 | 			return Instruction.Create(OpCodes.Clt);
121 | 		}
122 | 		public static Instruction Add(VMInstruction instruction)
123 | 		{
124 | 			return Instruction.Create(OpCodes.Add);
125 | 		}
126 | 		public static Instruction Div(VMInstruction instruction)
127 | 		{
128 | 			return Instruction.Create(OpCodes.Div);
129 | 		}
130 | 		public static Instruction Sub(VMInstruction instruction)
131 | 		{
132 | 			return Instruction.Create(OpCodes.Sub);
133 | 		}
134 | 		public static Instruction Mul(VMInstruction instruction)
135 | 		{
136 | 			return Instruction.Create(OpCodes.Mul);
137 | 		}
138 | 		public static Instruction Null(VMInstruction instruction)
139 | 		{
140 | 			return Instruction.Create(OpCodes.Ldnull);
141 | 		}
142 | 		public static Instruction Ldc_R8(VMInstruction instruction)
143 | 		{
144 | 			return Instruction.Create(OpCodes.Ldc_R8, (double)instruction.Operand);
145 | 		}
146 | 		public static Instruction Ldstr(VMInstruction instruction)
147 | 		{
148 | 			return Instruction.Create(OpCodes.Ldstr, (string)instruction.Operand);
149 | 		}
150 | 		public static Instruction Ldc_R4(VMInstruction instruction)
151 | 		{
152 | 			return Instruction.Create(OpCodes.Ldc_R4, (float)instruction.Operand);
153 | 		}
154 | 		public static Instruction Ldc_I8(VMInstruction instruction)
155 | 		{
156 | 			return Instruction.Create(OpCodes.Ldc_I8, (long)instruction.Operand);
157 | 		}
158 | 		public static Instruction Ldc_I4(VMInstruction instruction)
159 | 		{
160 | 			return Instruction.Create(OpCodes.Ldc_I4, (int)instruction.Operand);
161 | 		}
162 | 		public static Instruction Call(VMInstruction instruction)
163 | 		{
164 | 			Tuple<short, int, bool> tuple_Call = (Tuple<short, int, bool>)instruction.Operand;
165 | 			Assembly reference_Call = GetReference(tuple_Call.Item1);
166 | 			MethodInfo method_call = reference_Call.ManifestModule.ResolveMethod(tuple_Call.Item2) as MethodInfo;
167 | 			return Instruction.Create(OpCodes.Call, module.Import(method_call));
168 | 		}
169 | 		public static Instruction NewArray(VMInstruction instruction)
170 | 		{
171 | 			Tuple<short, int, bool> tuple_Newarr = (Tuple<short, int, bool>)instruction.Operand;
172 | 			Assembly reference_Newarr = GetReference(tuple_Newarr.Item1);
173 | 			TypeInfo elementType = reference_Newarr.ManifestModule.ResolveType(tuple_Newarr.Item2) as TypeInfo;
174 | 			return Instruction.Create(OpCodes.Newarr, module.Import(elementType));
175 | 		}
176 | 		public static Instruction Ldloc(VMInstruction instruction)
177 | 		{
178 | 			short num = (short)instruction.Operand;
179 | 			Local locals = _current.Body.Variables[num];
180 | 			return new Instruction(OpCodes.Ldloc, locals);
181 | 		}
182 | 		public static Instruction Stloc(VMInstruction instruction)
183 | 		{
184 | 			object num = instruction.Operand;//i know than is not that but i'm lazy
185 | 			Local locals = _current.Body.Variables.Add(new Local(module.Import(num.GetType()).ToTypeSig()));
186 | 			return new Instruction(OpCodes.Stloc, locals);
187 | 		}
188 | 		public static Instruction Ldarg(VMInstruction instruction)
189 | 		{
190 | 			short num = (short)instruction.Operand;
191 | 			switch (num)
192 | 			{
193 | 				case 0:
194 | 					return new Instruction(OpCodes.Ldarg_0);
195 | 				case 1:
196 | 					return new Instruction(OpCodes.Ldarg_1);
197 | 				case 2:
198 | 					return new Instruction(OpCodes.Ldarg_2);
199 | 				case 3:
200 | 					return new Instruction(OpCodes.Ldarg_3);
201 | 				default:
202 | 					return new Instruction(OpCodes.Ldarg_S, num);
203 | 			}
204 | 		}
205 | 		public static Instruction Ldfld(VMInstruction instruction)
206 | 		{
207 | 			Tuple<short, int, bool> tuple_Stfld = (Tuple<short, int, bool>)instruction.Operand;
208 | 			Assembly reference_Stfld = GetReference(tuple_Stfld.Item1);
209 | 			FieldInfo field_Stfld = reference_Stfld.ManifestModule.ResolveField(tuple_Stfld.Item2);
210 | 			return Instruction.Create(OpCodes.Ldfld, module.Import(field_Stfld));
211 | 		}
212 | 		public static Instruction Stfld(VMInstruction instruction)
213 | 		{
214 | 			Tuple<short, int, bool> tuple_Stfld = (Tuple<short, int, bool>)instruction.Operand;
215 | 			Assembly reference_Stfld = GetReference(tuple_Stfld.Item1);
216 | 			FieldInfo field_Stfld = reference_Stfld.ManifestModule.ResolveField(tuple_Stfld.Item2);
217 | 			return Instruction.Create(OpCodes.Stfld, module.Import(field_Stfld));
218 | 		}
219 | 	}
220 | }
221 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/Protections/InitiliseMethod.cs:
--------------------------------------------------------------------------------
  1 | using MemeVMDevirt.Protections.VMInstructions;
  2 | using System;
  3 | using System.Collections.Generic;
  4 | using System.IO;
  5 | using System.IO.Compression;
  6 | using System.Text;
  7 | 
  8 | namespace MemeVMDevirt.Protections
  9 | {
 10 | 	public static class InitiliseMethod
 11 | 	{
 12 | 		public static void InitiliaseMethodage()
 13 | 		{
 14 | 			using (DeflateStream deflateStream = new DeflateStream(Stores.Resources_Virt, CompressionMode.Decompress))
 15 | 			{
 16 | 				using (BinaryReader binaryReader = new BinaryReader(deflateStream))
 17 | 				{
 18 | 					int num = binaryReader.ReadInt32();
 19 | 					for (int i = 0; i < num; i++)
 20 | 					{
 21 | 						int count = binaryReader.ReadInt32();
 22 | 						Stores._references.Add(Encoding.UTF8.GetString(binaryReader.ReadBytes(count)), null);
 23 | 					}
 24 | 					int num2 = binaryReader.ReadInt32();
 25 | 					for (int j = 0; j < num2; j++)
 26 | 					{
 27 | 						int num3 = binaryReader.ReadInt32();
 28 | 						List<VMInstruction> list = new List<VMInstruction>();
 29 | 						for (int k = 0; k < num3; k++)
 30 | 						{
 31 | 							VMOpCode code = (VMOpCode)binaryReader.ReadByte();
 32 | 							list.Add(Map(code, binaryReader));
 33 | 						}
 34 | 						Stores._methods.Add(list);
 35 | 					}
 36 | 				}
 37 | 			}
 38 | 		}
 39 | 		public static VMInstruction Map(VMOpCode vMOpCode, BinaryReader binaryReader)
 40 | 		{
 41 | 			switch (vMOpCode)
 42 | 			{
 43 | 				case VMOpCode.Add: return Add(binaryReader);
 44 | 				case VMOpCode.Call: return Call(binaryReader);
 45 | 				case VMOpCode.Cgt: return Cgt(binaryReader);
 46 | 				case VMOpCode.Clt: return Clt(binaryReader);
 47 | 				case VMOpCode.Cmp: return Cmp(binaryReader);
 48 | 				case VMOpCode.Dup: return Dup(binaryReader);
 49 | 				case VMOpCode.Int32: return Int32(binaryReader);
 50 | 				case VMOpCode.Jf: return Jf(binaryReader);
 51 | 				case VMOpCode.Jmp: return Jmp(binaryReader);
 52 | 				case VMOpCode.Jt: return Jt(binaryReader);
 53 | 				case VMOpCode.Ldarg: return Ldarg(binaryReader);
 54 | 				case VMOpCode.Ldfld: return Ldfld(binaryReader);
 55 | 				case VMOpCode.Ldloc: return Ldloc(binaryReader);
 56 | 				case VMOpCode.Int64: return Int64(binaryReader);
 57 | 				case VMOpCode.Newarr: return NewArray(binaryReader);
 58 | 				case VMOpCode.Null: return Null(binaryReader);
 59 | 				case VMOpCode.Pop: return Pop(binaryReader);
 60 | 				case VMOpCode.Ret: return Ret(binaryReader);
 61 | 				case VMOpCode.Stfld: return Stfld(binaryReader);
 62 | 				case VMOpCode.Stloc: return Stloc(binaryReader);
 63 | 				case VMOpCode.String: return Ldstr(binaryReader);
 64 | 
 65 | 
 66 | 				default:
 67 | 					throw new Exception($"OpCode : {vMOpCode} Not Supported");
 68 | 			}
 69 | 		}
 70 | 		public static VMInstruction Add(BinaryReader binaryReader)
 71 | 		{
 72 | 			return new VMInstruction(VMOpCode.Add);
 73 | 		}
 74 | 		public static VMInstruction Call(BinaryReader binaryReader)
 75 | 		{
 76 | 			return new VMInstruction(VMOpCode.Call, new Tuple<short, int, bool>(binaryReader.ReadInt16(), binaryReader.ReadInt32(), binaryReader.ReadBoolean()));
 77 | 		}
 78 | 		public static VMInstruction Cgt(BinaryReader binaryReader)
 79 | 		{
 80 | 			return new VMInstruction(VMOpCode.Cgt, null);
 81 | 		}
 82 | 		public static VMInstruction Clt(BinaryReader binaryReader)
 83 | 		{
 84 | 			return new VMInstruction(VMOpCode.Clt, null);
 85 | 		}
 86 | 		public static VMInstruction Cmp(BinaryReader binaryReader)
 87 | 		{
 88 | 			return new VMInstruction(VMOpCode.Cmp, null);
 89 | 		}
 90 | 		public static VMInstruction Dup(BinaryReader binaryReader)
 91 | 		{
 92 | 			return new VMInstruction(VMOpCode.Dup, null);
 93 | 		}
 94 | 		public static VMInstruction Pop(BinaryReader binaryReader)
 95 | 		{
 96 | 			return new VMInstruction(VMOpCode.Pop, null);
 97 | 		}
 98 | 		public static VMInstruction Ret(BinaryReader binaryReader)
 99 | 		{
100 | 			return new VMInstruction(VMOpCode.Ret, null);
101 | 		}
102 | 		public static VMInstruction Null(BinaryReader binaryReader)
103 | 		{
104 | 			return new VMInstruction(VMOpCode.Null, null);
105 | 		}
106 | 		public static VMInstruction Int32(BinaryReader binaryReader)
107 | 		{
108 | 			return new VMInstruction(VMOpCode.Int32, binaryReader.ReadInt32());
109 | 		}
110 | 		public static VMInstruction Jf(BinaryReader binaryReader)
111 | 		{
112 | 			return new VMInstruction(VMOpCode.Jf, binaryReader.ReadInt32());
113 | 		}
114 | 		public static VMInstruction Jmp(BinaryReader binaryReader)
115 | 		{
116 | 			return new VMInstruction(VMOpCode.Jmp, binaryReader.ReadInt32());
117 | 		}
118 | 		public static VMInstruction Jt(BinaryReader binaryReader)
119 | 		{
120 | 			return new VMInstruction(VMOpCode.Jt, binaryReader.ReadInt32());
121 | 		}
122 | 		public static VMInstruction Ldarg(BinaryReader binaryReader)
123 | 		{
124 | 			return new VMInstruction(VMOpCode.Ldarg, binaryReader.ReadInt16());
125 | 		}
126 | 		public static VMInstruction Ldfld(BinaryReader binaryReader)
127 | 		{
128 | 			return new VMInstruction(VMOpCode.Ldfld, new Tuple<short, int>(binaryReader.ReadInt16(), binaryReader.ReadInt32()));
129 | 		}
130 | 		public static VMInstruction Stfld(BinaryReader binaryReader)
131 | 		{
132 | 			return new VMInstruction(VMOpCode.Stfld, new Tuple<short, int>(binaryReader.ReadInt16(), binaryReader.ReadInt32()));
133 | 		}
134 | 		public static VMInstruction Ldloc(BinaryReader binaryReader)
135 | 		{
136 | 			return new VMInstruction(VMOpCode.Ldloc, binaryReader.ReadInt16());
137 | 		}
138 | 		public static VMInstruction Stloc(BinaryReader binaryReader)
139 | 		{
140 | 			return new VMInstruction(VMOpCode.Stloc, binaryReader.ReadInt16());
141 | 		}
142 | 		public static VMInstruction Int64(BinaryReader binaryReader)
143 | 		{
144 | 			return new VMInstruction(VMOpCode.Int64, binaryReader.ReadInt64());
145 | 		}
146 | 		public static VMInstruction Ldstr(BinaryReader binaryReader)
147 | 		{
148 | 			int count = binaryReader.ReadInt32();
149 | 			return new VMInstruction(VMOpCode.String, Encoding.UTF8.GetString(binaryReader.ReadBytes(count)));
150 | 		}
151 | 		public static VMInstruction NewArray(BinaryReader binaryReader)
152 | 		{
153 | 			return new VMInstruction(VMOpCode.Newarr, new Tuple<short, int>(binaryReader.ReadInt16(), binaryReader.ReadInt32()));
154 | 		}
155 | 	}
156 | }
157 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/Protections/Stores.cs:
--------------------------------------------------------------------------------
 1 | using dnlib.DotNet;
 2 | using dnlib.DotNet.Emit;
 3 | using MemeVMDevirt.Protections.VMInstructions;
 4 | using System;
 5 | using System.Collections.Generic;
 6 | using System.IO;
 7 | using System.Linq;
 8 | using System.Reflection;
 9 | using System.Text;
10 | using System.Threading.Tasks;
11 | 
12 | namespace MemeVMDevirt.Protections
13 | {
14 |     public static class Stores
15 |     {
16 |         public static Stream Resources_Virt;
17 |         public static Dictionary<MethodDef, int> MethodVirt = new Dictionary<MethodDef, int>();
18 |         public static Dictionary<string, Assembly> _references = new Dictionary<string, Assembly>();
19 |         public static List<List<VMInstruction>> _methods = new List<List<VMInstruction>>();
20 |     }
21 | }
22 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/Protections/VM.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Collections.Generic;
 3 | using System.Linq;
 4 | using System.Text;
 5 | using System.Threading.Tasks;
 6 | 
 7 | namespace MemeVMDevirt.Protections
 8 | {
 9 |     public static class VM
10 |     {
11 |         public static void Execute()
12 |         {
13 |             AnalyseMethod.AnalysePhase();
14 |             AnalyseResources.InitialiseResources();
15 |             InitiliseMethod.InitiliaseMethodage();
16 |             InitialiseReplace.ReplacePhase();
17 |         }
18 |     }
19 | }
20 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/Protections/VMInstructions/VMInstructions.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Collections.Generic;
 3 | using System.Linq;
 4 | using System.Text;
 5 | using System.Threading.Tasks;
 6 | 
 7 | namespace MemeVMDevirt.Protections.VMInstructions
 8 | {
 9 | 	public struct VMInstruction
10 | 	{
11 | 		internal VMInstruction(VMOpCode code, object op = null)
12 | 		{
13 | 			this.Code = code;
14 | 			this.Operand = op;
15 | 		}
16 | 		internal VMOpCode Code;
17 | 		internal object Operand;
18 | 	}
19 | }
20 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/Protections/VMInstructions/VMOpCode.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Collections.Generic;
 3 | using System.Linq;
 4 | using System.Text;
 5 | using System.Threading.Tasks;
 6 | 
 7 | namespace MemeVMDevirt.Protections.VMInstructions
 8 | {
 9 | 	public enum VMOpCode : byte
10 | 	{
11 | 		Int32,
12 | 		Int64,
13 | 		Float,
14 | 		Double,
15 | 		String,
16 | 		Null,
17 | 		Add,
18 | 		Sub,
19 | 		Mul,
20 | 		Div,
21 | 		Rem,
22 | 		Dup,
23 | 		Pop,
24 | 		Jmp,
25 | 		Jt,
26 | 		Jf,
27 | 		Je,
28 | 		Jne,
29 | 		Jge,
30 | 		Jgt,
31 | 		Jle,
32 | 		Jlt,
33 | 		Cmp,
34 | 		Cgt,
35 | 		Clt,
36 | 		Newarr,
37 | 		Ldarg,
38 | 		Ldloc,
39 | 		Ldfld,
40 | 		Ldelem,
41 | 		Starg,
42 | 		Stloc,
43 | 		Stfld,
44 | 		Stelem,
45 | 		Call,
46 | 		Ret,
47 | 	}
48 | }
49 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/bin/Debug/MemeVM Devirt.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/congviet/MemeVMDevirt/bbfe0483ab8b7dbbdf3fd3616bc33041a2f51879/MemeVM Devirt/bin/Debug/MemeVM Devirt.exe


--------------------------------------------------------------------------------
/MemeVM Devirt/bin/Debug/MemeVM Devirt.exe.config:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8" ?>
2 | <configuration>
3 |     <startup> 
4 |         <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8" />
5 |     </startup>
6 | </configuration>


--------------------------------------------------------------------------------
/MemeVM Devirt/bin/Debug/MemeVM Devirt.pdb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/congviet/MemeVMDevirt/bbfe0483ab8b7dbbdf3fd3616bc33041a2f51879/MemeVM Devirt/bin/Debug/MemeVM Devirt.pdb


--------------------------------------------------------------------------------
/MemeVM Devirt/bin/Debug/dnlib.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/congviet/MemeVMDevirt/bbfe0483ab8b7dbbdf3fd3616bc33041a2f51879/MemeVM Devirt/bin/Debug/dnlib.dll


--------------------------------------------------------------------------------
/MemeVM Devirt/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/congviet/MemeVMDevirt/bbfe0483ab8b7dbbdf3fd3616bc33041a2f51879/MemeVM Devirt/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache


--------------------------------------------------------------------------------
/MemeVM Devirt/obj/Debug/MemeVM Devirt.csproj.CopyComplete:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/congviet/MemeVMDevirt/bbfe0483ab8b7dbbdf3fd3616bc33041a2f51879/MemeVM Devirt/obj/Debug/MemeVM Devirt.csproj.CopyComplete


--------------------------------------------------------------------------------
/MemeVM Devirt/obj/Debug/MemeVM Devirt.csproj.CoreCompileInputs.cache:
--------------------------------------------------------------------------------
1 | eeb4ae1ad2d0bfbbf2c6e73eb352184d2f55285b
2 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/obj/Debug/MemeVM Devirt.csproj.FileListAbsolute.txt:
--------------------------------------------------------------------------------
 1 | C:\Users\VirtualMachine\Documents\GitHub\MemeVMDevirt\MemeVM Devirt\obj\Debug\MemeVM Devirt.csprojAssemblyReference.cache
 2 | C:\Users\VirtualMachine\Documents\GitHub\MemeVMDevirt\MemeVM Devirt\obj\Debug\MemeVM Devirt.csproj.CoreCompileInputs.cache
 3 | C:\Users\VirtualMachine\Documents\GitHub\MemeVMDevirt\MemeVM Devirt\bin\Debug\MemeVM Devirt.exe.config
 4 | C:\Users\VirtualMachine\Documents\GitHub\MemeVMDevirt\MemeVM Devirt\bin\Debug\MemeVM Devirt.exe
 5 | C:\Users\VirtualMachine\Documents\GitHub\MemeVMDevirt\MemeVM Devirt\bin\Debug\MemeVM Devirt.pdb
 6 | C:\Users\VirtualMachine\Documents\GitHub\MemeVMDevirt\MemeVM Devirt\bin\Debug\dnlib.dll
 7 | C:\Users\VirtualMachine\Documents\GitHub\MemeVMDevirt\MemeVM Devirt\obj\Debug\MemeVM Devirt.csproj.CopyComplete
 8 | C:\Users\VirtualMachine\Documents\GitHub\MemeVMDevirt\MemeVM Devirt\obj\Debug\MemeVM Devirt.exe
 9 | C:\Users\VirtualMachine\Documents\GitHub\MemeVMDevirt\MemeVM Devirt\obj\Debug\MemeVM Devirt.pdb
10 | 


--------------------------------------------------------------------------------
/MemeVM Devirt/obj/Debug/MemeVM Devirt.csprojAssemblyReference.cache:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/congviet/MemeVMDevirt/bbfe0483ab8b7dbbdf3fd3616bc33041a2f51879/MemeVM Devirt/obj/Debug/MemeVM Devirt.csprojAssemblyReference.cache


--------------------------------------------------------------------------------
/MemeVM Devirt/obj/Debug/MemeVM Devirt.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/congviet/MemeVMDevirt/bbfe0483ab8b7dbbdf3fd3616bc33041a2f51879/MemeVM Devirt/obj/Debug/MemeVM Devirt.exe


--------------------------------------------------------------------------------
/MemeVM Devirt/obj/Debug/MemeVM Devirt.pdb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/congviet/MemeVMDevirt/bbfe0483ab8b7dbbdf3fd3616bc33041a2f51879/MemeVM Devirt/obj/Debug/MemeVM Devirt.pdb


--------------------------------------------------------------------------------
/MemeVM Devirt/virus.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/congviet/MemeVMDevirt/bbfe0483ab8b7dbbdf3fd3616bc33041a2f51879/MemeVM Devirt/virus.ico


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | <h1 class="code-line" data-line-start=0 data-line-end=1 ><a id="MemeVM_0"></a>MemeVM</h1>
 2 | <p class="has-line-data" data-line-start="2" data-line-end="3">Hello today I offer you a small project on which I worked on recently and which consists of devitualizing MemeVM which this vm has been done by xsilence, of course this is in no way for the purpose of veangeance or anything, but for educational purposes.</p>
 3 | <h1 class="code-line" data-line-start=5 data-line-end=6 ><a id="How_To_Use_5"></a>How To Use</h1>
 4 | <ul>
 5 | <li class="has-line-data" data-line-start="7" data-line-end="8">Add dnlib dll to the dependance</li>
 6 | <li class="has-line-data" data-line-start="8" data-line-end="9">Build the exe</li>
 7 | <li class="has-line-data" data-line-start="10" data-line-end="12">Drag and drop exe directly on the console or use cmd</li>
 8 | </ul>
 9 | <pre><code class="has-line-data" data-line-start="13" data-line-end="15">Sample in CMD :  Exe_Patch_Of_MemeDevirt Exe_Patch_To_EXE
10 | </code></pre>
11 | <p class="has-line-data" data-line-start="15" data-line-end="17"><img src="https://zupimages.net/up/20/22/ukuy.jpg" alt="Picture Sample"><br>
12 | <img src="https://sendeyo.com/up/d/d85708e43d" alt="Giff Sample"></p>
13 | <h1 class="code-line" data-line-start=0 data-line-end=1 ><a id="Working_example_0"></a>Working example</h1>
14 | <p class="has-line-data" data-line-start="2" data-line-end="4"><img src="https://zupimages.net/up/20/22/xq2n.jpg" alt="Image description"><br>
15 | -I’m going to debug this method manually to get Instructions</p>
16 | <p class="has-line-data" data-line-start="6" data-line-end="8"><img src="https://zupimages.net/up/20/22/1we8.jpg" alt="Image description"><br>
17 | -Here are the store instructions for this method</p>
18 | <p class="has-line-data" data-line-start="10" data-line-end="13"><img src="https://zupimages.net/up/20/22/41bm.jpg" alt="Image description"><br>
19 | -And here are the instructions to compare with the original virtualised method,<br>
20 | and which are replaced, it displays that the method is fucked because the virtualization doesn’t take into account the instructions, but they are translated correctly with respect to the image above, which is the original list of instructions.</p>
21 | <h2 class="code-line" data-line-start=18 data-line-end=20 ><a id="License_18"></a>License</h2>
22 | <p class="has-line-data" data-line-start="21" data-line-end="22">MIT</p>
23 | 


--------------------------------------------------------------------------------