File Format Deconstruction and LLOIFF Construction
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
_xeroxz b1447fe57a
Merge branch 'master' of https://githacks.org/llo/stage-one
3 years ago
dependencies added XED to the project, starting to use XED on executable sections... 3 years ago
include added XED to the project, starting to use XED on executable sections... 3 years ago
src added XED to the project, starting to use XED on executable sections... 3 years ago
.clang-format removed shitmake, added visual studios 3 years ago
.gitignore added gitignore, added some more code to show what im going for... 3 years ago
.gitmodules added XED to the project, starting to use XED on executable sections... 3 years ago
LICENSE Add LICENSE 3 years ago
README.md Update README.md 3 years ago
llo-s1.sln removed shitmake, added visual studios 3 years ago
llo-s1.vcxproj added XED to the project, starting to use XED on executable sections... 3 years ago
llo-s1.vcxproj.filters added XED to the project, starting to use XED on executable sections... 3 years ago
llo-s1.vcxproj.user added XED to the project, starting to use XED on executable sections... 3 years ago

README.md

S1 - Native File Format Deconstruction

Stage One, or "S1" for short is the first stage in LLO. This stage deconstructs native files and creates an IL version of them called "Low Level Obfuscation Intermediate File Format" or LLOIFF for short. This branch of the repository is mearly a proposal for the composition of S1 and is entirely subject to change.

File Format Deconstructors - dctors

The term "dctor" typically refered to class deconstructors, however the usage in this proposal refers to file format deconstruction. I went with the "strategy pattern" with my file format deconstruction as it seems like the best code pattern to use.

"In computer programming, the strategy pattern is a behavioral software design pattern that enables selecting an algorithm at runtime. Instead of implementing a single algorithm directly, code receives run-time instructions as to which in a family of algorithms to use."

This is ideal for deconstruction algorithms as there can be different files to deconstruct and thus different algorithms must run. For example, a COFF, PE, ELF, and LIB file all require different deconstruction algorithms. LIB in particular as it is composed of multiple COFF files. I have used "decorator pattern" for my LIB file dctor.

"In object-oriented programming, the decorator pattern is a design pattern that allows behavior to be added to an individual object, dynamically, without affecting the behavior of other objects from the same class."

Below is a UML diagram showing how dctor's are correlated to one another.