diff --git a/LunaHook/engine32/Reallive.cpp b/LunaHook/engine32/Reallive.cpp index 32b5565..1891cb4 100644 --- a/LunaHook/engine32/Reallive.cpp +++ b/LunaHook/engine32/Reallive.cpp @@ -229,7 +229,7 @@ bool avg3216dattach_function2() auto addr = MemDbg::findBytes(pattern2, sizeof(pattern2), processStartAddress, processStopAddress); if (addr == 0) return false; - addr = findfuncstart(addr, 0x200); + addr = findfuncstart(addr, 0x200,true); if (addr == 0) return false; HookParam hp; diff --git a/LunaHook/engine32/Sprite.cpp b/LunaHook/engine32/Sprite.cpp index df81f32..ca43cdb 100644 --- a/LunaHook/engine32/Sprite.cpp +++ b/LunaHook/engine32/Sprite.cpp @@ -1,90 +1,145 @@ -#include"Sprite.h" - -bool Sprite_attach_function() { - //恋と選挙とチョコレート - auto m=GetModuleHandle(L"dirapi.dll"); +#include "Sprite.h" + +bool Sprite_attach_function() +{ + // 恋と選挙とチョコレート + auto m = GetModuleHandle(L"dirapi.dll"); auto [minAddress, maxAddress] = Util::QueryModuleLimits(m); const BYTE bytes[] = { - 0x83,0xF8,0x40, - 0x74,XX, - 0x83,0xF8,0x43, - 0x74,XX, - 0x83,XX,0xFF, - 0xEB,XX, - 0x8D,0x45,0xF8, - XX, - XX, - XX, - //+20 - 0xE8,XX4, - 0x89,0x45,0xF0, - 0x8D,0x45,0xF4, - 0x50, - XX, - 0xE8,XX4 - }; + 0x83, 0xF8, 0x40, + 0x74, XX, + 0x83, 0xF8, 0x43, + 0x74, XX, + 0x83, XX, 0xFF, + 0xEB, XX, + 0x8D, 0x45, 0xF8, + XX, + XX, + XX, + //+20 + 0xE8, XX4, + 0x89, 0x45, 0xF0, + 0x8D, 0x45, 0xF4, + 0x50, + XX, + 0xE8, XX4}; auto addr = MemDbg::findBytes(bytes, sizeof(bytes), minAddress, maxAddress); - if(addr==0)return false; - if(((*(int*)(addr+22))+addr+22)!=((*(int*)(addr+35))+addr+35))return false; + if (addr == 0) + return false; + if (((*(int *)(addr + 22)) + addr + 22) != ((*(int *)(addr + 35)) + addr + 35)) + return false; HookParam hp; - hp.address = addr+sizeof(bytes); - hp.offset=get_reg(regs::eax); - hp.type = USING_STRING; + hp.address = addr + sizeof(bytes); + hp.offset = get_reg(regs::eax); + hp.type = USING_STRING; return NewHook(hp, "Sprite"); -} -namespace{ - bool _h1(){ - //https://vndb.org/v1714 +} +namespace +{ + bool _h1() + { + // https://vndb.org/v1714 //[Selen]はらみこ - auto FlashAssetx32=GetModuleHandleW(L"Flash Asset.x32"); - if(FlashAssetx32==0)return false; - auto [s,e]=Util::QueryModuleLimits(FlashAssetx32); + auto FlashAssetx32 = GetModuleHandleW(L"Flash Asset.x32"); + if (FlashAssetx32 == 0) + return false; + auto [s, e] = Util::QueryModuleLimits(FlashAssetx32); const BYTE bytes[] = { - 0x56,0x57,0x6a,0xff, - 0xff,0x75,0x08,//ebp+8 - 0x53, - 0x68,0xe4,0x04,0x00,0x00, - 0xff,0x15,XX4//MultiByteToWideChar - }; + 0x56, 0x57, 0x6a, 0xff, + 0xff, 0x75, 0x08, // ebp+8 + 0x53, + 0x68, 0xe4, 0x04, 0x00, 0x00, + 0xff, 0x15, XX4 // MultiByteToWideChar + }; auto addr = MemDbg::findBytes(bytes, sizeof(bytes), s, e); - if(addr==0)return false; + if (addr == 0) + return false; HookParam hp; - hp.address = addr+sizeof(bytes);//不知道从哪jump到call MultiByteToWideChar的 - hp.offset=get_stack(5); + hp.address = addr + sizeof(bytes); // 不知道从哪jump到call MultiByteToWideChar的 + hp.offset = get_stack(5); hp.type = USING_STRING; - hp.filter_fun=[](LPVOID data, size_t *size, HookParam *)->bool + hp.filter_fun = [](LPVOID data, size_t *size, HookParam *) -> bool { - static int idx=0; - return (idx++)%2; + static int idx = 0; + return (idx++) % 2; }; return NewHook(hp, "Flash Asset"); } - bool _h2(){ - auto TextXtra=GetModuleHandleW(L"TextXtra.x32"); - if(TextXtra==0)return false; - auto [s,e]=Util::QueryModuleLimits(TextXtra); + bool _h2() + { + auto TextXtra = GetModuleHandleW(L"TextXtra.x32"); + if (TextXtra == 0) + return false; + auto [s, e] = Util::QueryModuleLimits(TextXtra); const BYTE bytes[] = { - 0xff,0x75,0x18, - 0x8d,0x88,0xb8,0x00,0x00,0x00, - 0xff,0x75,0x14, - 0xff,0x75,0x10, - 0xff,0x75,0x0c, - 0xe8,XX4, - 0x66,0x85,0xc0, - 0x74 - }; + 0xff, 0x75, 0x18, + 0x8d, 0x88, 0xb8, 0x00, 0x00, 0x00, + 0xff, 0x75, 0x14, + 0xff, 0x75, 0x10, + 0xff, 0x75, 0x0c, + 0xe8, XX4, + 0x66, 0x85, 0xc0, + 0x74}; auto addr = MemDbg::findBytes(bytes, sizeof(bytes), s, e); - if(addr==0)return false; - addr=findfuncstart(addr,0x100); - if(addr==0)return false; + if (addr == 0) + return false; + addr = findfuncstart(addr, 0x100); + if (addr == 0) + return false; HookParam hp; hp.address = addr; - hp.offset=get_stack(2); - hp.type = USING_STRING|CODEC_UTF8|EMBED_ABLE|EMBED_AFTER_NEW|EMBED_BEFORE_SIMPLE; + hp.offset = get_stack(2); + hp.type = USING_STRING | CODEC_UTF8 | EMBED_ABLE | EMBED_AFTER_NEW | EMBED_BEFORE_SIMPLE; return NewHook(hp, "TextXtra"); } } -bool Sprite::attach_function() { - return Sprite_attach_function()|_h1()|_h2(); +bool Sprite::attach_function() +{ + return Sprite_attach_function() | _h1() | _h2(); +} +namespace +{ + bool h3() + { + // https://vndb.org/v5864 + // in white + + auto TextXtra = GetModuleHandleW(L"TextXtra.x32"); + if (TextXtra == 0) + return false; + auto [s, e] = Util::QueryModuleLimits(TextXtra); + // Text Asset.x32->this function + const BYTE bytes[] = { + //clang-format off + 0x55, 0x8b, 0xec, + 0x56, + 0x8b, 0x75, 0x08, + 0x8b, 0x46, 0x04, + 0x66, 0x8b, 0x48, 0x32, + 0x51, + 0x6a, 0x00, + 0xff, 0x75, 0x18, + 0xff, 0x75, 0x14, + 0xff, 0x75, 0x10, + 0xff, 0x75, 0x0c, + 0xff, 0x70, 0x24, + 0xe8, XX4, + 0x66, 0x85, 0xc0, + 0x74, XX, + //clang-format on + }; + auto addr = MemDbg::findBytes(bytes, sizeof(bytes), s, e); + if (addr == 0) + return false; + HookParam hp; + hp.address = addr; + hp.offset = get_stack(2); + hp.type = USING_STRING; + return NewHook(hp, "TextXtra2"); + } +} +bool TextXtra_x32::attach_function() +{ + return _h2() || h3(); } \ No newline at end of file diff --git a/LunaHook/engine32/Sprite.h b/LunaHook/engine32/Sprite.h index b372319..cee8408 100644 --- a/LunaHook/engine32/Sprite.h +++ b/LunaHook/engine32/Sprite.h @@ -1,12 +1,28 @@ -class Sprite:public ENGINE{public: - Sprite(){ - is_engine_certain=false; - check_by=CHECK_BY::CUSTOM; - check_by_target=[](){ - return Util::CheckFile(L"*.cct"); +class Sprite : public ENGINE +{ +public: + Sprite() + { + is_engine_certain = false; + check_by = CHECK_BY::FILE; + check_by_target = L"*.cct"; + }; + bool attach_function(); +}; +class TextXtra_x32 : public ENGINE +{ + +public: + TextXtra_x32() + { + is_engine_certain = false; + check_by = CHECK_BY::CUSTOM; + check_by_target = []() + { + return GetModuleHandle(L"TextXtra.x32"); }; }; - bool attach_function(); + bool attach_function(); }; \ No newline at end of file diff --git a/LunaHook/enginecollection32.cpp b/LunaHook/enginecollection32.cpp index 596da52..c1e119a 100644 --- a/LunaHook/enginecollection32.cpp +++ b/LunaHook/enginecollection32.cpp @@ -400,5 +400,6 @@ std::vector check_engines() new Onscripter, new TACTICS, new RealliveX, + new TextXtra_x32, }; } \ No newline at end of file diff --git a/LunaHook/main.cc b/LunaHook/main.cc index 4dca0b2..2ccb052 100644 --- a/LunaHook/main.cc +++ b/LunaHook/main.cc @@ -101,7 +101,23 @@ void ConsoleOutput(LPCSTR text, ...) vsnprintf(buffer.message, MESSAGE_SIZE, text, args); WriteFile(hookPipe, &buffer, sizeof(buffer), DUMMY, nullptr); } - +Synchronized> modulecache; +std::wstring &querymodule(uintptr_t addr) +{ + auto &re = modulecache.Acquire().contents; + if (re.find(addr) != re.end()) + return re.at(addr); + WCHAR fn[MAX_PATH]; + if (GetModuleFileNameW((HMODULE)addr, fn, MAX_PATH)) + { + re[addr] = wcsrchr(fn, L'\\') + 1; + } + else + { + re[addr] = L""; + } + return re[addr]; +} void NotifyHookFound(HookParam hp, wchar_t *text) { if (hp.jittype == JITTYPE::PC) @@ -109,10 +125,13 @@ void NotifyHookFound(HookParam hp, wchar_t *text) if (AutoHandle<> process = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, FALSE, GetCurrentProcessId())) if (MEMORY_BASIC_INFORMATION info = {}; VirtualQueryEx(process, (LPCVOID)hp.address, &info, sizeof(info))) { - - hp.type |= MODULE_OFFSET; - hp.address -= (uint64_t)info.AllocationBase; - wcsncpy_s(hp.module, processName, ARRAYSIZE(hp.module)); + auto mm = querymodule((uintptr_t)info.AllocationBase); + if (mm.size()) + { + hp.type |= MODULE_OFFSET; + hp.address -= (uint64_t)info.AllocationBase; + wcsncpy_s(hp.module, mm.c_str(), MAX_MODULE_SIZE - 1); + } } HookFoundNotif buffer(hp, text); WriteFile(hookPipe, &buffer, sizeof(buffer), DUMMY, nullptr); diff --git a/LunaHook/util/util.cc b/LunaHook/util/util.cc index be2f28a..d280b51 100644 --- a/LunaHook/util/util.cc +++ b/LunaHook/util/util.cc @@ -428,15 +428,20 @@ uintptr_t finddllfunctioncall(uintptr_t funcptr,uintptr_t start, uintptr_t end,W else return MemDbg::findBytes(bytes,sizeof(bytes),start,end); } -uintptr_t findfuncstart(uintptr_t start,uintptr_t range){ +uintptr_t findfuncstart(uintptr_t start,uintptr_t range,bool checkalign){ const BYTE funcstart[] = { 0x55,0x8b,0xec }; - start &= ~0xf; - for (uintptr_t i = start, j = start - range; i >= j; i-=0x10) { - if(memcmp((void*)i,funcstart,3)==0)return i; + if(checkalign){ + start &= ~0xf; + for (uintptr_t i = start, j = start - range; i >= j; i-=0x10) { + if(memcmp((void*)i,funcstart,3)==0)return i; + } + return 0; + } + else{ + return reverseFindBytes(funcstart, sizeof(funcstart), start-range, start); } - return 0; } #define buildbytes(ret) auto entry=Util::FindImportEntry(hmodule,addr); \ if(entry==0)return ret;\ diff --git a/LunaHook/util/util.h b/LunaHook/util/util.h index 990727e..ce3d642 100644 --- a/LunaHook/util/util.h +++ b/LunaHook/util/util.h @@ -56,7 +56,7 @@ ULONG SafeMatchBytesInGCMemory(LPCVOID pattern, DWORD patternSize); std::vector findrelativecall(const BYTE* pattern ,int length,DWORD calladdress,DWORD start, DWORD end); std::vector findxref_reverse_checkcallop(DWORD addr, DWORD from, DWORD to,BYTE op) ; uintptr_t finddllfunctioncall(uintptr_t funcptr,uintptr_t start, uintptr_t end,WORD sig=0x15ff,bool reverse=false); -uintptr_t findfuncstart(uintptr_t addr,uintptr_t range=0x100); +uintptr_t findfuncstart(uintptr_t addr,uintptr_t range=0x100, bool checkalign=false); uintptr_t findiatcallormov(uintptr_t addr, DWORD hmodule,uintptr_t start, uintptr_t end,bool reverse=false,BYTE movreg=0); std::vector findiatcallormov_all(uintptr_t addr, DWORD hmodule,uintptr_t start, uintptr_t end,DWORD protect,BYTE movreg=0);