Get-ILDisassembly now displays metadata tokens.

* Having metadata tokens displayed in output helps with reverse
engineering because you can pass metadata tokens to
System.Reflection.Module.ResolveMember and then easily interact with the
member in question.
* I also fixed a bug when displaying integer constants. I wasn't doing
an endian swap.

1 files changed, 3 insertions, 1 deletions

diff --git a/ReverseEngineering/Get-ILDisassembly.ps1 b/ReverseEngineering/Get-ILDisassembly.ps1
index 645dc39..b7293e0 100644
--- a/ReverseEngineering/Get-ILDisassembly.ps1
+++ b/ReverseEngineering/Get-ILDisassembly.ps1
@@ -131,6 +131,7 @@ http://www.ecma-international.org/publications/files/ECMA-ST/Ecma-335.pdf
         

         $Type = $Op.OperandType

         $Operand = $null

+        $OpInt = $null

         

         if ($Type -eq 'InlineNone') {

             $OperandLength = 0

@@ -191,13 +192,14 @@ http://www.ecma-international.org/publications/files/ECMA-ST/Ecma-335.pdf
         

         if (($OperandLength -gt 0) -and ($OperandLength -ne 4) -and ($Type -ne 'InlineSwitch') -and ($Type -ne 'ShortInlineBrTarget')) {

             # Simply print the hex for all operands with immediate values

-            $Operand = "0x{0}" -f (($IL[$Position..($Position+$OperandLength-1)] | ForEach-Object { $_.ToString('X2') }) -join '')

+            $Operand = "0x{0}" -f (($IL[($Position+$OperandLength-1)..$Position] | ForEach-Object { $_.ToString('X2') }) -join '')

         }

         

         $Instruction = @{

             Position = $InstructionPostion

             Instruction = $Op.Name

             Operand = $Operand

+            MetadataToken = $OpInt

         }

         

         # Return a custom object containing a position, instruction, and fully-qualified operand