feat(obfuscator): injected warnings for token logging + unit testing for encryption

Author: terminalsin

dev.skidfuscator.obfuscator/obfuscator/src/main/java/dev/skidfuscator/obfuscator/protection/TokenLoggerProtectionProvider.java

@@ -3,18 +3,20 @@
 import dev.skidfuscator.obfuscator.event.annotation.Listen;
 import dev.skidfuscator.obfuscator.event.impl.transform.method.InitMethodTransformEvent;
 import dev.skidfuscator.obfuscator.skidasm.SkidMethodNode;
+import dev.skidfuscator.obfuscator.skidasm.expr.SkidConstantExpr;
 import dev.skidfuscator.obfuscator.util.ConsoleColors;
 import dev.skidfuscator.obfuscator.util.TypeUtil;
+import org.mapleir.ir.cfg.BasicBlock;
 import org.mapleir.ir.code.expr.ConstantExpr;
+import org.mapleir.ir.code.stmt.PopStmt;
 
+import javax.swing.text.html.Option;
 import java.lang.reflect.Array;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.Set;
+import java.util.*;
 import java.util.stream.Collectors;
 
 public class TokenLoggerProtectionProvider implements ProtectionProvider {
-    private static final Set<String> bannedStrings = new HashSet<>(Arrays.asList(
+    private static final List<String> bannedStrings = Arrays.asList(
             "https://discordapp.com/api/v6/users/@me",
             "https://discord.com/api/v8/users/@me",
             "\\Discord\\Local Storage\\leveldb",
@@ -33,7 +35,7 @@ public class TokenLoggerProtectionProvider implements ProtectionProvider {
             ".config/discordcanary/Local Storage/leveldb",
             ".config/discordptb/Local Storage/leveldb",
             "/Library/Application Support/discord/Local Storage/leveldb"
-    ));
+    );
 
     private final Set<String> findings = new HashSet<>();
 
@@ -43,17 +45,28 @@ void handle(final InitMethodTransformEvent event) {
 
         methodNode.getCfg()
                 .allExprStream()
-                .filter(ConstantExpr.class::isInstance)
-                .map(ConstantExpr.class::cast)
+                .filter(SkidConstantExpr.class::isInstance)
+                .map(SkidConstantExpr.class::cast)
                 .filter(e -> e.getType().equals(TypeUtil.STRING_TYPE))
                 .forEach(e -> {
                     final String cst = (String) e.getConstant();
-                    final boolean match = bannedStrings
+                    final Optional<String> match = bannedStrings
                             .stream()
-                            .anyMatch(cst::contains);
+                            .filter(cst::contains)
+                            .findFirst();
 
-                    if (match) {
+                    if (match.isPresent()) {
                         findings.add(cst);
+
+                        e.setExempt(true);
+
+                        final BasicBlock basicBlock = e.getBlock();
+                        final ConstantExpr warner = new ConstantExpr(
+                                "[Skidfuscator Anti-Abuse] TokenLogger Type "
+                                        + Integer.toHexString(bannedStrings.indexOf(match.get())),
+                                TypeUtil.STRING_TYPE
+                        );
+                        basicBlock.add(0, new PopStmt(warner));
                     }
                 });
     }
@@ -84,10 +97,10 @@ public String getWarning() {
                 + ConsoleColors.YELLOW_BRIGHT
                 + "If you believe this is an error, please submit a bug report.\n"
                 + "You are reminded that illicit access to remote hardware is illegal\n"
-                + "and punishable under International Computer Law. Obfuscation will\n"
-                + "proceed, but all liability is voided.\n"
+                + "and punishable under International Computer Law. Discord Token Logging\n"
+                + "and other forms of ratting, hacking, or abuse of power is a CRIME.\n"
+                + "Obfuscation will proceed, but all liability is voided.\n"
                 + ConsoleColors.RESET
                 ;
-
     }
 }

dev.skidfuscator.obfuscator/obfuscator/src/main/java/dev/skidfuscator/obfuscator/skidasm/expr/SkidConstantExpr.java

@@ -4,6 +4,8 @@
 import org.objectweb.asm.Type;
 
 public class SkidConstantExpr extends ConstantExpr {
+    private boolean exempt;
+
     public SkidConstantExpr(Object cst) {
         super(cst);
     }
@@ -16,6 +18,14 @@ public SkidConstantExpr(Object cst, Type type) {
         super(cst, type);
     }
 
+    public boolean isExempt() {
+        return exempt;
+    }
+
+    public void setExempt(boolean exempt) {
+        this.exempt = exempt;
+    }
+
     @Override
     public ConstantExpr copy() {
         return new SkidConstantExpr(this.getConstant(), this.getType(), false);

dev.skidfuscator.obfuscator/obfuscator/src/main/java/dev/skidfuscator/obfuscator/transform/impl/string/BasicEncryptionGenerator.java

@@ -31,12 +31,11 @@ public static String encrypt(String input, int key, Integer[] keys) {
         return Base64.getEncoder().encodeToString(encrypted);
     }
 
-    public static String decrypt(String input, int key) {
+    public static String decrypt(String input, int key, Integer[] keys) {
         final byte[] decrypted = Base64.getDecoder().decode(input.getBytes());
 
         // Super simple converting our integer to string, and getting bytes.
         final byte[] keyBytes = Integer.toString(key).getBytes();
-        final byte[] keys = new byte[]{6, 8, 9, 11}; // placeholder
 
         // Super simple XOR
         for (int i = 0; i < decrypted.length; i++) {

dev.skidfuscator.obfuscator/obfuscator/src/main/java/dev/skidfuscator/obfuscator/transform/impl/string/StringTransformer.java

@@ -73,7 +73,8 @@ void handle(final RunMethodTransformEvent event) {
                  *
                  */
                 .filter(SkidConstantExpr.class::isInstance)
-                .map(ConstantExpr.class::cast)
+                .map(SkidConstantExpr.class::cast)
+                .filter(e -> !e.isExempt())
                 .filter(constantExpr -> constantExpr.getConstant() instanceof String)
                 /*
                  * We collect since we're modifying the expression stream

dev.skidfuscator.obfuscator/obfuscator/src/test/java/dev/skidfuscator/test/EncryptionTest.java

@@ -0,0 +1,50 @@
+package dev.skidfuscator.test;
+
+import dev.skidfuscator.obfuscator.transform.impl.string.BasicEncryptionGenerator;
+import dev.skidfuscator.obfuscator.util.RandomUtil;
+import org.junit.Test;
+
+public class EncryptionTest {
+
+    @Test
+    public void simpleStringEncryptTest() {
+        final String string = RandomUtil.randomAlphabeticalString(10);
+
+        final Integer[] keysT = this._genKeys();
+        final int seed = this._genSeed();
+
+        final String encrypted = BasicEncryptionGenerator.encrypt(string, seed, keysT);
+        final String decrypted = BasicEncryptionGenerator.decrypt(encrypted, seed, keysT);
+
+        assert string.equals(decrypted) : "Encrypted string failed: " + string + " became " + decrypted;
+        System.out.println("Passed Encryption Test #1");
+    }
+
+    @Test
+    public void simpleStringEncryptTestUTF8() {
+        final String string = "Œüèé€ìàò";
+
+        final Integer[] keysT = this._genKeys();
+        final int seed = this._genSeed();
+
+        final String encrypted = BasicEncryptionGenerator.encrypt(string, seed, keysT);
+        final String decrypted = BasicEncryptionGenerator.decrypt(encrypted, seed, keysT);
+
+        assert string.equals(decrypted) : "Encrypted string failed: " + string + " became " + decrypted;
+        System.out.println("Passed Encryption Test #2");
+    }
+
+    private int _genSeed() {
+        return RandomUtil.nextInt();
+    }
+
+    private Integer[] _genKeys() {
+        final int size = RandomUtil.nextInt(128) + 1;
+        final Integer[] keysT = new Integer[size];
+        for (int i = 0; i < size; i++) {
+            keysT[i] = RandomUtil.nextInt(128);
+        }
+
+        return keysT;
+    }
+}