dnSpy

https://github.com/0xd4d/dnSpy

下载压缩包之后，解压，发现目录里面有3个exe文件

需要用管理员运行dnSpy.exe，然后打开exe文件，设置好断点，然后start

使用技巧

edit method

在左侧的导航栏，找到某个类里面的某个方法，右键，会有2个edit method

1. 白色的是重命名方法，会同步修改reference处的引用

2. 绿色的是修改方法体，也就是方法里面的内容

analyze

找到某一个方法，右键analyze

 show compiler generated code

这个可以用来查看async关键字生成的state machine的代码

 

右键菜单的Merge with Assembly

假如你打开了HearthBuddy的exe，现在想要引用另外一个dll文件，那就可以直接merge with assembly。另外一个dll文件里面的类，会被直接导入到HearthBuddy.exe里面

Reference another assembly

https://github.com/0xd4d/dnSpy/issues/357

应该用第一个图标，浏览

不支持async和await

关于async的反编译

https://github.com/0xd4d/dnSpy/issues/687#issuecomment-354990427

await is just synthetic sugar for what you see in the decompiled code. Usually ILSpy converts this back to what a programmer would normally write, but the version that dnSpy uses didn't have that implemented yet. You can find all implemented language features for the latest version of ILSpy here, but keep in mind that dnSpy still uses ILSpy 2.x, not 3.x.

 取消反编译async methods

// Triton.Bot.Logic.Bots.DefaultBot.DefaultBot
// Token: 0x060013A3 RID: 5027 RVA: 0x000BD93C File Offset: 0x000BBB3C
private Task method_49(TournamentScene tournamentScene_0)
{
    DefaultBot.Struct88 @struct;
    @struct.defaultBot_0 = this;
    @struct.tournamentScene_0 = tournamentScene_0;
    @struct.asyncTaskMethodBuilder_0 = AsyncTaskMethodBuilder.Create();
    @struct.int_0 = -1;
    AsyncTaskMethodBuilder asyncTaskMethodBuilder_ = @struct.asyncTaskMethodBuilder_0;
    asyncTaskMethodBuilder_.Start<DefaultBot.Struct88>(ref @struct);
    return @struct.asyncTaskMethodBuilder_0.Task;
}

找到Struct88的定义，然后找到里面的MoveNext方法，右键edit method body

然后找到https://www.cnblogs.com/chucklu/p/11184577.html 263行以及672行，进行替换。

Search in framework assemblies