diff --git a/NetShield Protector/App.config b/NetShield Protector/App.config
index 5754728..f7fb6b0 100644
--- a/NetShield Protector/App.config
+++ b/NetShield Protector/App.config
@@ -3,4 +3,8 @@
+
+
+
+
\ No newline at end of file
diff --git a/NetShield Protector/Classes.cs b/NetShield Protector/Classes.cs
new file mode 100644
index 0000000..d9241ca
--- /dev/null
+++ b/NetShield Protector/Classes.cs
@@ -0,0 +1,105 @@
+using System;
+using System.Collections.Generic;
+using System.Diagnostics;
+using System.Linq;
+using System.Management;
+using System.Runtime.InteropServices;
+using System.Text;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace NetShield_Protector
+{
+ internal class Classes
+ {
+ internal class AntiDebug
+ {
+ [DllImport("kernel32.dll", SetLastError = true)]
+ private static extern bool IsDebuggerPresent();
+
+ [DllImport("kernel32.dll", SetLastError = true)]
+ private static extern bool CloseHandle(IntPtr Handle);
+
+ [DllImport("kernel32.dll", SetLastError = true)]
+ private static extern bool CheckRemoteDebuggerPresent(IntPtr Handle, ref bool IsPresent);
+ public static void AntiDebugCheck()
+ {
+ bool IsPresent = false;
+ CheckRemoteDebuggerPresent(Process.GetCurrentProcess().Handle, ref IsPresent);
+ if (IsDebuggerPresent() || Debugger.IsAttached || IsPresent)
+ {
+ Environment.Exit(0);
+ }
+ try
+ {
+ CloseHandle((IntPtr)0x1231);
+ }
+ catch (Exception ex)
+ {
+ Environment.Exit(0);
+ }
+ }
+ }
+
+ internal class AntiVM
+ {
+ [DllImport("kernel32.dll", SetLastError = true)]
+ private static extern IntPtr GetModuleHandle(string lib);
+
+ public static bool IsEmulated()
+ {
+ long Tick = Environment.TickCount;
+ Thread.Sleep(500);
+ long Tick2 = Environment.TickCount;
+ if (((Tick2 - Tick) < 500L))
+ {
+ return true;
+ }
+ return false;
+ }
+
+ public static bool IsModulePresent(string lib)
+ {
+ if (GetModuleHandle(lib) != IntPtr.Zero )
+ return true;
+ return false;
+ }
+
+ public static bool CheckForVMwareAndVirtualBox()
+ {
+ using (ManagementObjectSearcher ObjectSearcher = new ManagementObjectSearcher("Select * from Win32_ComputerSystem"))
+ {
+ using (ManagementObjectCollection ObjectItems = ObjectSearcher.Get())
+ {
+ foreach (ManagementBaseObject Item in ObjectItems)
+ {
+ string ManufacturerString = Item["Manufacturer"].ToString().ToLower();
+ string ModelName = Item["Model"].ToString();
+ if ((ManufacturerString == "microsoft corporation" && ModelName.ToUpperInvariant().Contains("VIRTUAL") || ManufacturerString.Contains("vmware")))
+ {
+ return true;
+ }
+ }
+ }
+ }
+ return false;
+ }
+
+ public static void AntiVMCheck()
+ {
+ string[] BlacklistModules = { "SbieDll.dll", "cmdvrt32.dll", "SxIn.dll", "cuckoomon.dll" };
+ for (int i = 0; i < BlacklistModules.Length; i++)
+ {
+ if (IsModulePresent(BlacklistModules[i]))
+ {
+ Environment.Exit(0);
+ }
+ }
+ if (CheckForVMwareAndVirtualBox() || IsEmulated())
+ {
+ Environment.Exit(0);
+ }
+ }
+ }
+ }
+}
diff --git a/NetShield Protector/Helper.cs b/NetShield Protector/Helper.cs
new file mode 100644
index 0000000..6e98636
--- /dev/null
+++ b/NetShield Protector/Helper.cs
@@ -0,0 +1,241 @@
+using dnlib.DotNet;
+using dnlib.DotNet.Emit;
+using System.Collections.Generic;
+using System.Linq;
+
+namespace NetShield_Protector
+{
+ public static class InjectHelper
+ {
+ private static TypeDefUser Clone(TypeDef origin)
+ {
+ var ret = new TypeDefUser(origin.Namespace, origin.Name)
+ {
+ Attributes = origin.Attributes
+ };
+
+ if (origin.ClassLayout != null)
+ ret.ClassLayout = new ClassLayoutUser(origin.ClassLayout.PackingSize, origin.ClassSize);
+
+ foreach (var genericParam in origin.GenericParameters)
+ ret.GenericParameters.Add(new GenericParamUser(genericParam.Number, genericParam.Flags, "-"));
+
+ return ret;
+ }
+
+ private static MethodDefUser Clone(MethodDef origin)
+ {
+ var ret = new MethodDefUser(origin.Name, null, origin.ImplAttributes, origin.Attributes);
+
+ foreach (var genericParam in origin.GenericParameters)
+ ret.GenericParameters.Add(new GenericParamUser(genericParam.Number, genericParam.Flags, "-"));
+
+ return ret;
+ }
+
+ private static FieldDefUser Clone(FieldDef origin)
+ {
+ var ret = new FieldDefUser(origin.Name, null, origin.Attributes);
+ return ret;
+ }
+
+ private static TypeDef PopulateContext(TypeDef typeDef, InjectContext ctx)
+ {
+ TypeDef ret;
+ if (!ctx.Mep.TryGetValue(typeDef, out var existing))
+ {
+ ret = Clone(typeDef);
+ ctx.Mep[typeDef] = ret;
+ }
+ else
+ ret = (TypeDef)existing;
+
+ foreach (var nestedType in typeDef.NestedTypes)
+ ret.NestedTypes.Add(PopulateContext(nestedType, ctx));
+
+ foreach (var method in typeDef.Methods)
+ ret.Methods.Add((MethodDef)(ctx.Mep[method] = Clone(method)));
+
+ foreach (var field in typeDef.Fields)
+ ret.Fields.Add((FieldDef)(ctx.Mep[field] = Clone(field)));
+
+ return ret;
+ }
+
+ private static void CopyTypeDef(TypeDef typeDef, InjectContext ctx)
+ {
+ var newTypeDef = (TypeDef)ctx.Mep[typeDef];
+
+ newTypeDef.BaseType = ctx.Importer.Import(typeDef.BaseType);
+
+ foreach (var iface in typeDef.Interfaces)
+ newTypeDef.Interfaces.Add(new InterfaceImplUser(ctx.Importer.Import(iface.Interface)));
+ }
+
+ private static void CopyMethodDef(MethodDef methodDef, InjectContext ctx)
+ {
+ var newMethodDef = (MethodDef)ctx.Mep[methodDef];
+
+ newMethodDef.Signature = ctx.Importer.Import(methodDef.Signature);
+ newMethodDef.Parameters.UpdateParameterTypes();
+
+ if (methodDef.ImplMap != null)
+ newMethodDef.ImplMap = new ImplMapUser(new ModuleRefUser(ctx.TargetModule, methodDef.ImplMap.Module.Name), methodDef.ImplMap.Name, methodDef.ImplMap.Attributes);
+
+ foreach (var ca in methodDef.CustomAttributes)
+ newMethodDef.CustomAttributes.Add(new CustomAttribute((ICustomAttributeType)ctx.Importer.Import(ca.Constructor)));
+
+ if (!methodDef.HasBody)
+ return;
+ newMethodDef.Body = new CilBody(methodDef.Body.InitLocals, new List(),
+ new List(), new List())
+ { MaxStack = methodDef.Body.MaxStack };
+
+ var bodyMap = new Dictionary();
+
+ foreach (var local in methodDef.Body.Variables)
+ {
+ var newLocal = new Local(ctx.Importer.Import(local.Type));
+ newMethodDef.Body.Variables.Add(newLocal);
+ newLocal.Name = local.Name;
+ newLocal.Attributes = local.Attributes;
+
+ bodyMap[local] = newLocal;
+ }
+
+ foreach (var instr in methodDef.Body.Instructions)
+ {
+ var newInstr = new Instruction(instr.OpCode, instr.Operand)
+ {
+ SequencePoint = instr.SequencePoint
+ };
+
+ switch (newInstr.Operand)
+ {
+ case IType type:
+ newInstr.Operand = ctx.Importer.Import(type);
+ break;
+
+ case IMethod method:
+ newInstr.Operand = ctx.Importer.Import(method);
+ break;
+
+ case IField field:
+ newInstr.Operand = ctx.Importer.Import(field);
+ break;
+ }
+
+ newMethodDef.Body.Instructions.Add(newInstr);
+ bodyMap[instr] = newInstr;
+ }
+
+ foreach (var instr in newMethodDef.Body.Instructions)
+ {
+ if (instr.Operand != null && bodyMap.ContainsKey(instr.Operand))
+ instr.Operand = bodyMap[instr.Operand];
+ else if (instr.Operand is Instruction[] v)
+ instr.Operand = v.Select(target => (Instruction)bodyMap[target]).ToArray();
+ }
+
+ foreach (var eh in methodDef.Body.ExceptionHandlers)
+ newMethodDef.Body.ExceptionHandlers.Add(new ExceptionHandler(eh.HandlerType)
+ {
+ CatchType = eh.CatchType == null ? null : ctx.Importer.Import(eh.CatchType),
+ TryStart = (Instruction)bodyMap[eh.TryStart],
+ TryEnd = (Instruction)bodyMap[eh.TryEnd],
+ HandlerStart = (Instruction)bodyMap[eh.HandlerStart],
+ HandlerEnd = (Instruction)bodyMap[eh.HandlerEnd],
+ FilterStart = eh.FilterStart == null ? null : (Instruction)bodyMap[eh.FilterStart]
+ });
+
+ newMethodDef.Body.SimplifyMacros(newMethodDef.Parameters);
+ }
+
+ private static void CopyFieldDef(FieldDef fieldDef, InjectContext ctx)
+ {
+ var newFieldDef = (FieldDef)ctx.Mep[fieldDef];
+
+ newFieldDef.Signature = ctx.Importer.Import(fieldDef.Signature);
+ }
+
+ private static void Copy(TypeDef typeDef, InjectContext ctx, bool copySelf)
+ {
+ if (copySelf)
+ CopyTypeDef(typeDef, ctx);
+
+ foreach (var nestedType in typeDef.NestedTypes)
+ Copy(nestedType, ctx, true);
+
+ foreach (var method in typeDef.Methods)
+ CopyMethodDef(method, ctx);
+
+ foreach (var field in typeDef.Fields)
+ CopyFieldDef(field, ctx);
+ }
+
+ public static TypeDef Inject(TypeDef typeDef, ModuleDef target)
+ {
+ var ctx = new InjectContext(target);
+ PopulateContext(typeDef, ctx);
+ Copy(typeDef, ctx, true);
+ return (TypeDef)ctx.Mep[typeDef];
+ }
+
+ public static MethodDef Inject(MethodDef methodDef, ModuleDef target)
+ {
+ var ctx = new InjectContext(target)
+ {
+ Mep =
+ {
+ [methodDef] = Clone(methodDef)
+ }
+ };
+ CopyMethodDef(methodDef, ctx);
+ return (MethodDef)ctx.Mep[methodDef];
+ }
+
+ public static IEnumerable Inject(TypeDef typeDef, TypeDef newType, ModuleDef target)
+ {
+ var ctx = new InjectContext(target)
+ {
+ Mep =
+ {
+ [typeDef] = newType
+ }
+ };
+ PopulateContext(typeDef, ctx);
+ Copy(typeDef, ctx, false);
+ return ctx.Mep.Values.Except(new[] { newType });
+ }
+
+ private class InjectContext : ImportMapper
+ {
+ public readonly Dictionary Mep = new Dictionary();
+
+ public readonly ModuleDef TargetModule;
+
+ public InjectContext(ModuleDef target)
+ {
+ TargetModule = target;
+ Importer = new Importer(target, ImporterOptions.TryToUseTypeDefs, new GenericParamContext(), this);
+ }
+
+ public Importer Importer { get; }
+
+ public override ITypeDefOrRef Map(ITypeDefOrRef typeDefOrRef)
+ {
+ return typeDefOrRef is TypeDef typeDef && Mep.ContainsKey(typeDef) ? Mep[typeDef] as TypeDef : null;
+ }
+
+ public override IMethod Map(MethodDef methodDef)
+ {
+ return Mep.ContainsKey(methodDef) ? Mep[methodDef] as MethodDef : null;
+ }
+
+ public override IField Map(FieldDef fieldDef)
+ {
+ return Mep.ContainsKey(fieldDef) ? Mep[fieldDef] as FieldDef : null;
+ }
+ }
+ }
+}
\ No newline at end of file