admin/Ryujin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add custom pass support for Ryujin users via callback

Browse Source 
- Ryujin users can now register their own callbacks following the standard interface to create custom passes and extend Ryujin’s behavior.
- Updated configuration files to support safe usage.
- Adjusted README.md.
This commit is contained in:
keowu
2025-07-27 09:12:11 -03:00
parent ffe6cb9655
commit 64cdfe6e71
7 changed files with 82 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -20,7 +20,7 @@
- Anti-Dump - Anti-Dump
- Anti-Disassembly + Anti-Decompiler - Anti-Disassembly + Anti-Decompiler
- Memory Protection(CRC32) - Memory Protection(CRC32)
- Custom Passes(**TODO**) - Custom Passes
--- ---

4
RyujinConsole/Ryujin Protector.sln
View File

@@ -21,8 +21,8 @@ Global
{1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Debug|x64.Build.0 = Debug|x64 {1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Debug|x64.Build.0 = Debug|x64
{1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Debug|x86.ActiveCfg = Debug|Win32 {1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Debug|x86.ActiveCfg = Debug|Win32
{1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Debug|x86.Build.0 = Debug|Win32 {1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Debug|x86.Build.0 = Debug|Win32
{1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Release|x64.ActiveCfg = Release|x64 {1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Release|x64.ActiveCfg = Debug|x64
{1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Release|x64.Build.0 = Release|x64 {1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Release|x64.Build.0 = Debug|x64
{1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Release|x86.ActiveCfg = Release|Win32 {1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Release|x86.ActiveCfg = Release|Win32
{1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Release|x86.Build.0 = Release|Win32 {1DC1BB2C-6B3E-4084-8F26-76852C709BB4}.Release|x86.Build.0 = Release|Win32
{AEFF626B-1317-4C8F-94B3-B3D405AE65B2}.Debug|x64.ActiveCfg = Debug|x64 {AEFF626B-1317-4C8F-94B3-B3D405AE65B2}.Debug|x64.ActiveCfg = Debug|x64

10
RyujinConsole/RyujinConsole/RyujinConsole.cc
View File

@@ -7,6 +7,14 @@
#include <iomanip> #include <iomanip>
#include "RyujinCore.hh" #include "RyujinCore.hh"
void RyujinCustomPassDemo(RyujinProcedure* proc) {
std::printf("Ol<EFBFBD> mundinho!\n");
std::printf("Meu custom pass foi chamado para(teste) -> %s\n", proc->name.c_str());
}
auto print_help() -> void { auto print_help() -> void {
std::cout << R"(Ryujin Obfuscator CLI std::cout << R"(Ryujin Obfuscator CLI
@@ -93,6 +101,8 @@ auto main(int argc, char* argv[]) -> int {
config.m_isAntiDump = has_flag(args, "--AntiDump"); config.m_isAntiDump = has_flag(args, "--AntiDump");
config.m_isMemoryProtection = has_flag(args, "--MemoryProtection"); config.m_isMemoryProtection = has_flag(args, "--MemoryProtection");
config.RegisterCallback(RyujinCustomPassDemo);
if (has_flag(args, "--procs")) { if (has_flag(args, "--procs")) {
auto rawList = args["--procs"]; auto rawList = args["--procs"];
size_t start = 0; size_t start = 0;

27
RyujinConsole/RyujinConsole/RyujinCore.hh
View File

@@ -2,15 +2,26 @@
#include <vector> #include <vector>
#include <Windows.h> #include <Windows.h>
#include <string> #include <string>
#include <Zydis/Zydis.h>
#include <Zydis/SharedTypes.h>
#include "../../RyujinCore/Ryujin/Models/RyujinProcedure.hh"
#define MAX_PROCEDURES 128 #define MAX_PROCEDURES 128
#define MAX_PROCEDURE_NAME_LEN 128 #define MAX_PROCEDURE_NAME_LEN 128
#define MAX_CALLBACKS 10
struct RyujinObfuscatorProcs { struct RyujinObfuscatorProcs {
int procedureCount; int procedureCount;
char procedures[MAX_PROCEDURES][MAX_PROCEDURE_NAME_LEN]; char procedures[MAX_PROCEDURES][MAX_PROCEDURE_NAME_LEN];
}; };
using RyujinCallback = void (*)(RyujinProcedure*);
struct RyujinCallbacks {
int callbackCount;
RyujinCallback callbacks[MAX_CALLBACKS]; // Array de ponteiros de fun<75><6E>o
};
class RyujinObfuscatorConfig { class RyujinObfuscatorConfig {
public: public:
@@ -25,6 +36,7 @@ public:
bool m_isAntiDump; // Enable Anti Dump technic for Ryujin protected binary bool m_isAntiDump; // Enable Anti Dump technic for Ryujin protected binary
bool m_isMemoryProtection; // Memory CRC32 protection bool m_isMemoryProtection; // Memory CRC32 protection
RyujinObfuscatorProcs m_strProceduresToObfuscate; // Names of the procedures to obfuscate RyujinObfuscatorProcs m_strProceduresToObfuscate; // Names of the procedures to obfuscate
RyujinCallbacks m_callbacks; // Ryujin Custom Pass Callbacks
static bool RunRyujin(const std::string& strInputFilePath, const std::string& strPdbFilePath, const std::string& strOutputFilePath, RyujinObfuscatorConfig& config) { static bool RunRyujin(const std::string& strInputFilePath, const std::string& strPdbFilePath, const std::string& strOutputFilePath, RyujinObfuscatorConfig& config) {
@@ -41,4 +53,19 @@ public:
return RunRyujinCore(strInputFilePath.c_str(), strPdbFilePath.c_str(), strOutputFilePath.c_str(), config); return RunRyujinCore(strInputFilePath.c_str(), strPdbFilePath.c_str(), strOutputFilePath.c_str(), config);
} }
RyujinObfuscatorConfig() : m_callbacks{ 0 } {}
bool RegisterCallback(RyujinCallback callback) {
if (m_callbacks.callbackCount < MAX_CALLBACKS) {
m_callbacks.callbacks[m_callbacks.callbackCount] = callback;
m_callbacks.callbackCount++;
return true;
}
return false;
}
}; };

10
RyujinCore/Ryujin/Models/RyujinObfuscatorConfig.hh
View File

@@ -3,12 +3,20 @@
#define MAX_PROCEDURES 128 #define MAX_PROCEDURES 128
#define MAX_PROCEDURE_NAME_LEN 128 #define MAX_PROCEDURE_NAME_LEN 128
#define MAX_CALLBACKS 10
struct RyujinObfuscatorProcs { struct RyujinObfuscatorProcs {
int procedureCount; int procedureCount;
char procedures[MAX_PROCEDURES][MAX_PROCEDURE_NAME_LEN]; char procedures[MAX_PROCEDURES][MAX_PROCEDURE_NAME_LEN];
}; };
using RyujinCallback = void (*)(RyujinProcedure*);
struct RyujinCallbacks {
int callbackCount;
RyujinCallback callbacks[MAX_CALLBACKS]; // Array de ponteiros de fun<75><6E>o
};
class RyuJinConfigInternal { class RyuJinConfigInternal {
public: public:
@@ -30,6 +38,6 @@ public:
bool m_isAntiDump; // Enable Anti Dump technic for Ryujin protected binary bool m_isAntiDump; // Enable Anti Dump technic for Ryujin protected binary
bool m_isMemoryProtection; // Memory CRC32 protection bool m_isMemoryProtection; // Memory CRC32 protection
RyujinObfuscatorProcs m_strProceduresToObfuscate; // Names of the procedures to obfuscate RyujinObfuscatorProcs m_strProceduresToObfuscate; // Names of the procedures to obfuscate
// todo: passes RyujinCallbacks m_callbacks; // Ryujin Custom Pass Callbacks
}; };

6
RyujinCore/Ryujin/RyujinCore/RyujinObfuscationCore.cc
View File

@@ -2455,6 +2455,12 @@ BOOL RyujinObfuscationCore::Run(bool& RyujinRunOncePass) {
} }
if (m_config.m_callbacks.callbackCount > 0)
for (int i = 0; i < m_config.m_callbacks.callbackCount; i++)
if (m_config.m_callbacks.callbacks[i])
m_config.m_callbacks.callbacks[i](&m_proc);
return TRUE; return TRUE;
} }

27
RyujinGUI/RyujinCore.hh
View File

@@ -2,15 +2,26 @@
#include <vector> #include <vector>
#include <Windows.h> #include <Windows.h>
#include <string> #include <string>
#include <Zydis/Zydis.h>
#include <Zydis/SharedTypes.h>
#include "../RyujinCore/Ryujin/Models/RyujinProcedure.hh"
#define MAX_PROCEDURES 128 #define MAX_PROCEDURES 128
#define MAX_PROCEDURE_NAME_LEN 128 #define MAX_PROCEDURE_NAME_LEN 128
#define MAX_CALLBACKS 10
struct RyujinObfuscatorProcs { struct RyujinObfuscatorProcs {
int procedureCount; int procedureCount;
char procedures[MAX_PROCEDURES][MAX_PROCEDURE_NAME_LEN]; char procedures[MAX_PROCEDURES][MAX_PROCEDURE_NAME_LEN];
}; };
using RyujinCallback = void (*)(RyujinProcedure*);
struct RyujinCallbacks {
int callbackCount;
RyujinCallback callbacks[MAX_CALLBACKS]; // Array de ponteiros de fun<75><6E>o
};
class RyujinObfuscatorConfig { class RyujinObfuscatorConfig {
public: public:
@@ -25,6 +36,7 @@ public:
bool m_isAntiDump; // Enable Anti Dump technic for Ryujin protected binary bool m_isAntiDump; // Enable Anti Dump technic for Ryujin protected binary
bool m_isMemoryProtection; // Memory CRC32 protection bool m_isMemoryProtection; // Memory CRC32 protection
RyujinObfuscatorProcs m_strProceduresToObfuscate; // Names of the procedures to obfuscate RyujinObfuscatorProcs m_strProceduresToObfuscate; // Names of the procedures to obfuscate
RyujinCallbacks m_callbacks; // Ryujin Custom Pass Callbacks
static bool RunRyujin(const std::string& strInputFilePath, const std::string& strPdbFilePath, const std::string& strOutputFilePath, RyujinObfuscatorConfig& config) { static bool RunRyujin(const std::string& strInputFilePath, const std::string& strPdbFilePath, const std::string& strOutputFilePath, RyujinObfuscatorConfig& config) {
@@ -41,4 +53,19 @@ public:
return RunRyujinCore(strInputFilePath.c_str(), strPdbFilePath.c_str(), strOutputFilePath.c_str(), config); return RunRyujinCore(strInputFilePath.c_str(), strPdbFilePath.c_str(), strOutputFilePath.c_str(), config);
} }
RyujinObfuscatorConfig() : m_callbacks{ 0 } {}
bool RegisterCallback(RyujinCallback callback) {
if (m_callbacks.callbackCount < MAX_CALLBACKS) {
m_callbacks.callbacks[m_callbacks.callbackCount] = callback;
m_callbacks.callbackCount++;
return true;
}
return false;
}
}; };