GITHUB location:
LJP-TW/JITHook
Documentation in PDF format:
PowerPoint Presentation
ALT D/L location attached.
JITHOOK
The goal of this repository is to show you techniques for packing/unpacking .NET assemblies (programs) by abusing .NET's JIT mechanism.
Build
You can try to reverse-engineer it
JITPacker
OPTION:
JITUnpacker
OPTION:
testprogA test program with different functions:
LJP-TW/JITHook
Documentation in PDF format:
PowerPoint Presentation
ALT D/L location attached.
JITHOOK
The goal of this repository is to show you techniques for packing/unpacking .NET assemblies (programs) by abusing .NET's JIT mechanism.
Build
- Clone this project
git clone --recursive https://github.com/LJP-TW/JITHook.git - Install lief-project/LIEF.
- Download LIEF-0.12.1-win64.zip
- Decompress it to
. The following is the expected directory structure:JITHook/Lib
JITHook/ |- JITDemo |- JITPacker |- JITUnpacker |- ... |- Lib |- dnlib |- LIEF-0.12.1-win64 |- include |- lib- (You can remove folders
andbin
in the LIEF folder)share
- (See LIEF Documentation for troubleshooting)
- (You can remove folders
- Download LIEF-0.12.1-win64.zip
- Open
with Visual Studio Community 2022, configure project with release x64, press ctrl+shift+b to build the whole solution.JIT_Hook.sln
- Check
to see resultJITHook/Release
JITDemo.exe
You can try to reverse-engineer it
JITPacker
JITPacker.exe [OPTION] <program path>
JITPacker.exe
OPTION:
: Set output file path. Default path is-o <PATH>
.testprog_packed.exe
testprog.exe
JITUnpacker
JITUnpacker.exe [OPTION] <packed program path>
JITUnpacker.exe
JITUnpacker.exe
OPTION:
: Set verbose level, LEVEL can be 0 ~ 3. Default value is 2. Set LEVEL to a higher value to see more information.-v <LEVEL>
: Set output file path. Default path is-o <PATH>
.output.exe_
JIThook.exe
testprogA test program with different functions:
- Tiny format function
- Tiny format function that throw exception
- Fat format function with large size of IL code
- Fat format function with local variables
- Fat format function with exception handler