yck1509 / ConfuserEx

An open-source, free protector for .NET applications
http://yck1509.github.io/ConfuserEx/
Other
3.57k stars 1.64k forks source link

Exception When Using Compressor Packer #576

Open jwbats opened 7 years ago

jwbats commented 7 years ago

I get the following log + exception when I am using the compressor packer in conjuction with the normal, aggressive, maximum presets. Minimum preset works fine.

For some reason it wants to make use of my user dir. This happens even when I run it with admin rights.

 [INFO] ConfuserEx v1.0.0 Copyright (C) Ki 2014
 [INFO] Running on Microsoft Windows NT 6.2.9200.0, .NET Framework v4.0.30319.42000, 64 bits
[DEBUG] Discovering plugins...
 [INFO] Discovered 10 protections, 1 packers.
[DEBUG] Resolving component dependency...
 [INFO] Loading input modules...
 [INFO] Loading 'MyTestProject.exe'...
 [INFO] Initializing...
[DEBUG] Building pipeline...
 [INFO] Resolving dependencies...
[DEBUG] Checking Strong Name...
[DEBUG] Creating global .cctors...
[DEBUG] Watermarking...
[DEBUG] Executing 'Name analysis' phase...
[DEBUG] Building VTables & identifier list...
[DEBUG] Analyzing...
 [INFO] Processing module 'MyTestProject.exe'...
[DEBUG] Executing 'Invalid metadata addition' phase...
[DEBUG] Executing 'Renaming' phase...
[DEBUG] Renaming...
[DEBUG] Executing 'Anti-debug injection' phase...
[DEBUG] Executing 'Anti-dump injection' phase...
[DEBUG] Executing 'Anti-ILDasm marking' phase...
[DEBUG] Executing 'Encoding reference proxies' phase...
[DEBUG] Executing 'Constant encryption helpers injection' phase...
[DEBUG] Executing 'Resource encryption helpers injection' phase...
[DEBUG] Executing 'Constants encoding' phase...
[DEBUG] Executing 'Anti-tamper helpers injection' phase...
[DEBUG] Executing 'Control flow mangling' phase...
[DEBUG] Executing 'Post-renaming' phase...
[DEBUG] Executing 'Anti-tamper metadata preparation' phase...
[DEBUG] Executing 'Packer info extraction' phase...
 [INFO] Writing module 'koi'...
[DEBUG] Encrypting resources...
 [INFO] Finalizing...
 [INFO] Packing...
[DEBUG] Encrypting modules...
 [INFO] Protecting packer stub...
[DEBUG] Discovering plugins...
 [INFO] Discovered 11 protections, 1 packers.
[DEBUG] Resolving component dependency...
 [INFO] Loading input modules...
 [INFO] Loading 'MyTestProject.exe'...
 [INFO] Initializing...
[DEBUG] Building pipeline...
[DEBUG] Executing 'Module injection' phase...
 [INFO] Resolving dependencies...
[DEBUG] Checking Strong Name...
[DEBUG] Creating global .cctors...
[DEBUG] Watermarking...
[DEBUG] Executing 'Name analysis' phase...
[DEBUG] Building VTables & identifier list...
[DEBUG] Analyzing...
 [INFO] Processing module 'MyTestProject.exe'...
[DEBUG] Executing 'Packer info encoding' phase...
[DEBUG] Executing 'Invalid metadata addition' phase...
[DEBUG] Executing 'Renaming' phase...
[DEBUG] Renaming...
[DEBUG] Executing 'Anti-debug injection' phase...
[DEBUG] Executing 'Anti-dump injection' phase...
[DEBUG] Executing 'Anti-ILDasm marking' phase...
[DEBUG] Executing 'Encoding reference proxies' phase...
[DEBUG] Executing 'Constant encryption helpers injection' phase...
[DEBUG] Executing 'Resource encryption helpers injection' phase...
[DEBUG] Executing 'Constants encoding' phase...
[DEBUG] Executing 'Anti-tamper helpers injection' phase...
[DEBUG] Executing 'Control flow mangling' phase...
[DEBUG] Executing 'Post-renaming' phase...
[DEBUG] Executing 'Anti-tamper metadata preparation' phase...
[DEBUG] Executing 'Packer info extraction' phase...
 [INFO] Writing module 'MyTestProject.exe'...
[DEBUG] Encrypting resources...
 [INFO] Finalizing...
[DEBUG] Saving to 'C:\Users\[myusername]\AppData\Local\Temp\htfrt1pb.0n0\5s0gvizq.y3t\MyTestProject.exe'...
[DEBUG] Executing 'Export symbol map' phase...
 [INFO] Finish protecting packer stub.
[ERROR] Unknown error occurred.
Exception: System.UnauthorizedAccessException: Access to the path 'C:\Users\[myusername]\AppData\Local\Temp\htfrt1pb.0n0\5s0gvizq.y3t\MyTestProject.exe' is denied.
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
   at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
   at System.IO.File.InternalReadAllBytes(String path, Boolean checkHost)
   at Confuser.Core.Packer.ProtectStub(ConfuserContext context, String fileName, Byte[] module, StrongNameKey snKey, Protection prot) in e:\Source\Public\Confuser2\Confuser.Core\Packer.cs:line 86
   at Confuser.Protections.Compressor.Pack(ConfuserContext context, ProtectionParameters parameters) in e:\Source\Public\Confuser2\Confuser.Protections\Compress\Compressor.cs:line 91
   at Confuser.Core.ConfuserEngine.Pack(ConfuserContext context) in e:\Source\Public\Confuser2\Confuser.Core\ConfuserEngine.cs:line 427
   at Confuser.Core.ProtectionPipeline.ExecuteStage(PipelineStage stage, Action`1 func, Func`1 targets, ConfuserContext context) in e:\Source\Public\Confuser2\Confuser.Core\ProtectionPipeline.cs:line 135
   at Confuser.Core.ConfuserEngine.RunPipeline(ProtectionPipeline pipeline, ConfuserContext context) in e:\Source\Public\Confuser2\Confuser.Core\ConfuserEngine.cs:line 256
   at Confuser.Core.ConfuserEngine.RunInternal(ConfuserParameters parameters, CancellationToken token) in e:\Source\Public\Confuser2\Confuser.Core\ConfuserEngine.cs:line 175
Failed at 11:32 PM, 0:00 elapsed.
Timocop commented 7 years ago

Your AntiVirus might deny the access to the file. Dont use Packer and Tamper, they will just trigger AntiViruses.

jwbats commented 7 years ago

Tamper is included in the maximum preset. It doesn't trigger anything.

I don't see why this program would need access to my user dir. Seems to me it could do all its processing in the 'Confused' directory.

Timocop commented 7 years ago

Thats because its still working on the file you want to protect (In the temporary folder), thats whats the temporary folder is for. The majority of AntiVirus vendors dont like the ConfuserEx Packer (or any packer). Try without the Packer. If you want to merge DLLs try ILMerge. What AntiVirus do you have?

jwbats commented 7 years ago

BitDefender Total Security 2016. I have not yet tried to exclude ConfuserEx in it.

I will give that a shot and keep you posted.