TextXtra

LunaHook/engine32/Reallive.cpp

@@ -229,7 +229,7 @@ bool avg3216dattach_function2()
   auto addr = MemDbg::findBytes(pattern2, sizeof(pattern2), processStartAddress, processStopAddress);
   if (addr == 0)
     return false;
-  addr = findfuncstart(addr, 0x200);
+  addr = findfuncstart(addr, 0x200,true);
   if (addr == 0)
     return false;
   HookParam hp;

LunaHook/engine32/Sprite.cpp

@@ -1,90 +1,145 @@
-#include"Sprite.h"
+#include "Sprite.h"
- 
+
-bool Sprite_attach_function() {
+bool Sprite_attach_function()
-  //恋と選挙とチョコレート
+{
-  auto m=GetModuleHandle(L"dirapi.dll");
+  // 恋と選挙とチョコレート
+  auto m = GetModuleHandle(L"dirapi.dll");
   auto [minAddress, maxAddress] = Util::QueryModuleLimits(m);
   const BYTE bytes[] = {
-    0x83,0xF8,0x40,
+      0x83, 0xF8, 0x40,
-    0x74,XX,
+      0x74, XX,
-    0x83,0xF8,0x43,
+      0x83, 0xF8, 0x43,
-    0x74,XX,
+      0x74, XX,
-    0x83,XX,0xFF,
+      0x83, XX, 0xFF,
-    0xEB,XX,
+      0xEB, XX,
-    0x8D,0x45,0xF8,
+      0x8D, 0x45, 0xF8,
-    XX,
+      XX,
-    XX,
+      XX,
-    XX,
+      XX,
-    //+20
+      //+20
-    0xE8,XX4,
+      0xE8, XX4,
-    0x89,0x45,0xF0,
+      0x89, 0x45, 0xF0,
-    0x8D,0x45,0xF4,
+      0x8D, 0x45, 0xF4,
-    0x50,
+      0x50,
-    XX,
+      XX,
-    0xE8,XX4
+      0xE8, XX4};
-	};
   auto addr = MemDbg::findBytes(bytes, sizeof(bytes), minAddress, maxAddress);
-  if(addr==0)return false; 
+  if (addr == 0)
-  if(((*(int*)(addr+22))+addr+22)!=((*(int*)(addr+35))+addr+35))return false;
+    return false;
+  if (((*(int *)(addr + 22)) + addr + 22) != ((*(int *)(addr + 35)) + addr + 35))
+    return false;
   HookParam hp;
-  hp.address = addr+sizeof(bytes);
+  hp.address = addr + sizeof(bytes);
-  hp.offset=get_reg(regs::eax);
+  hp.offset = get_reg(regs::eax);
-  hp.type = USING_STRING;  
+  hp.type = USING_STRING;
   return NewHook(hp, "Sprite");
-} 
+}
-namespace{
+namespace
-  bool _h1(){
+{
-    //https://vndb.org/v1714
+  bool _h1()
+  {
+    // https://vndb.org/v1714
     //[Selen]はらみこ
-    auto FlashAssetx32=GetModuleHandleW(L"Flash Asset.x32");
+    auto FlashAssetx32 = GetModuleHandleW(L"Flash Asset.x32");
-    if(FlashAssetx32==0)return false;
+    if (FlashAssetx32 == 0)
-    auto [s,e]=Util::QueryModuleLimits(FlashAssetx32);
+      return false;
+    auto [s, e] = Util::QueryModuleLimits(FlashAssetx32);
     const BYTE bytes[] = {
-      0x56,0x57,0x6a,0xff,
+        0x56, 0x57, 0x6a, 0xff,
-      0xff,0x75,0x08,//ebp+8
+        0xff, 0x75, 0x08, // ebp+8
-      0x53,
+        0x53,
-      0x68,0xe4,0x04,0x00,0x00,
+        0x68, 0xe4, 0x04, 0x00, 0x00,
-      0xff,0x15,XX4//MultiByteToWideChar
+        0xff, 0x15, XX4 // MultiByteToWideChar
-	  };
+    };
     auto addr = MemDbg::findBytes(bytes, sizeof(bytes), s, e);
-    if(addr==0)return false;
+    if (addr == 0)
+      return false;
     HookParam hp;
-    hp.address = addr+sizeof(bytes);//不知道从哪jump到call MultiByteToWideChar的
+    hp.address = addr + sizeof(bytes); // 不知道从哪jump到call MultiByteToWideChar的
-    hp.offset=get_stack(5);
+    hp.offset = get_stack(5);
     hp.type = USING_STRING;
-    hp.filter_fun=[](LPVOID data, size_t *size, HookParam *)->bool
+    hp.filter_fun = [](LPVOID data, size_t *size, HookParam *) -> bool
     {
-      static int idx=0;
+      static int idx = 0;
-      return (idx++)%2;
+      return (idx++) % 2;
     };
     return NewHook(hp, "Flash Asset");
   }
 
-  bool _h2(){
+  bool _h2()
-    auto TextXtra=GetModuleHandleW(L"TextXtra.x32");
+  {
-    if(TextXtra==0)return false;
+    auto TextXtra = GetModuleHandleW(L"TextXtra.x32");
-    auto [s,e]=Util::QueryModuleLimits(TextXtra);
+    if (TextXtra == 0)
+      return false;
+    auto [s, e] = Util::QueryModuleLimits(TextXtra);
     const BYTE bytes[] = {
-      0xff,0x75,0x18,
+        0xff, 0x75, 0x18,
-      0x8d,0x88,0xb8,0x00,0x00,0x00,
+        0x8d, 0x88, 0xb8, 0x00, 0x00, 0x00,
-      0xff,0x75,0x14,
+        0xff, 0x75, 0x14,
-      0xff,0x75,0x10,
+        0xff, 0x75, 0x10,
-      0xff,0x75,0x0c,
+        0xff, 0x75, 0x0c,
-      0xe8,XX4,
+        0xe8, XX4,
-      0x66,0x85,0xc0,
+        0x66, 0x85, 0xc0,
-      0x74
+        0x74};
-	  };
     auto addr = MemDbg::findBytes(bytes, sizeof(bytes), s, e);
-    if(addr==0)return false;
+    if (addr == 0)
-    addr=findfuncstart(addr,0x100);
+      return false;
-    if(addr==0)return false;
+    addr = findfuncstart(addr, 0x100);
+    if (addr == 0)
+      return false;
     HookParam hp;
     hp.address = addr;
-    hp.offset=get_stack(2);
+    hp.offset = get_stack(2);
-    hp.type = USING_STRING|CODEC_UTF8|EMBED_ABLE|EMBED_AFTER_NEW|EMBED_BEFORE_SIMPLE;
+    hp.type = USING_STRING | CODEC_UTF8 | EMBED_ABLE | EMBED_AFTER_NEW | EMBED_BEFORE_SIMPLE;
     return NewHook(hp, "TextXtra");
   }
 }
-bool Sprite::attach_function() {
+bool Sprite::attach_function()
-  return Sprite_attach_function()|_h1()|_h2();
+{
+  return Sprite_attach_function() | _h1() | _h2();
+}
+namespace
+{
+  bool h3()
+  {
+    // https://vndb.org/v5864
+    // in white
+
+    auto TextXtra = GetModuleHandleW(L"TextXtra.x32");
+    if (TextXtra == 0)
+      return false;
+    auto [s, e] = Util::QueryModuleLimits(TextXtra);
+    // Text Asset.x32->this function
+    const BYTE bytes[] = {
+        //clang-format off
+        0x55, 0x8b, 0xec,
+        0x56,
+        0x8b, 0x75, 0x08,
+        0x8b, 0x46, 0x04,
+        0x66, 0x8b, 0x48, 0x32,
+        0x51,
+        0x6a, 0x00,
+        0xff, 0x75, 0x18,
+        0xff, 0x75, 0x14,
+        0xff, 0x75, 0x10,
+        0xff, 0x75, 0x0c,
+        0xff, 0x70, 0x24,
+        0xe8, XX4,
+        0x66, 0x85, 0xc0,
+        0x74, XX,
+        //clang-format on
+    };
+    auto addr = MemDbg::findBytes(bytes, sizeof(bytes), s, e);
+    if (addr == 0)
+      return false;
+    HookParam hp;
+    hp.address = addr;
+    hp.offset = get_stack(2);
+    hp.type = USING_STRING;
+    return NewHook(hp, "TextXtra2");
+  }
+}
+bool TextXtra_x32::attach_function()
+{
+  return _h2() || h3();
 }

LunaHook/engine32/Sprite.h

@@ -1,12 +1,28 @@
 
 
-class Sprite:public ENGINE{public:
+class Sprite : public ENGINE
-    Sprite(){
+{
-        is_engine_certain=false;
+public:
-        check_by=CHECK_BY::CUSTOM;
+    Sprite()
-        check_by_target=[](){
+    {
-            return Util::CheckFile(L"*.cct");
+        is_engine_certain = false;
+        check_by = CHECK_BY::FILE;
+        check_by_target = L"*.cct";
+    };
+    bool attach_function();
+};
+class TextXtra_x32 : public ENGINE
+{
+
+public:
+    TextXtra_x32()
+    {
+        is_engine_certain = false;
+        check_by = CHECK_BY::CUSTOM;
+        check_by_target = []()
+        {
+            return GetModuleHandle(L"TextXtra.x32");
         };
     };
-     bool attach_function();
+    bool attach_function();
 };

LunaHook/enginecollection32.cpp

@@ -400,5 +400,6 @@ std::vector<ENGINE *> check_engines()
         new Onscripter,
         new TACTICS,
         new RealliveX,
+        new TextXtra_x32,
     };
 }

LunaHook/main.cc

@@ -101,7 +101,23 @@ void ConsoleOutput(LPCSTR text, ...)
 	vsnprintf(buffer.message, MESSAGE_SIZE, text, args);
 	WriteFile(hookPipe, &buffer, sizeof(buffer), DUMMY, nullptr);
 }
-
+Synchronized<std::unordered_map<uintptr_t, std::wstring>> modulecache;
+std::wstring &querymodule(uintptr_t addr)
+{
+	auto &re = modulecache.Acquire().contents;
+	if (re.find(addr) != re.end())
+		return re.at(addr);
+	WCHAR fn[MAX_PATH];
+	if (GetModuleFileNameW((HMODULE)addr, fn, MAX_PATH))
+	{
+		re[addr] = wcsrchr(fn, L'\\') + 1;
+	}
+	else
+	{
+		re[addr] = L"";
+	}
+	return re[addr];
+}
 void NotifyHookFound(HookParam hp, wchar_t *text)
 {
 	if (hp.jittype == JITTYPE::PC)
@@ -109,10 +125,13 @@ void NotifyHookFound(HookParam hp, wchar_t *text)
 			if (AutoHandle<> process = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, FALSE, GetCurrentProcessId()))
 				if (MEMORY_BASIC_INFORMATION info = {}; VirtualQueryEx(process, (LPCVOID)hp.address, &info, sizeof(info)))
 				{
-
+					auto mm = querymodule((uintptr_t)info.AllocationBase);
-					hp.type |= MODULE_OFFSET;
+					if (mm.size())
-					hp.address -= (uint64_t)info.AllocationBase;
+					{
-					wcsncpy_s(hp.module, processName, ARRAYSIZE(hp.module));
+						hp.type |= MODULE_OFFSET;
+						hp.address -= (uint64_t)info.AllocationBase;
+						wcsncpy_s(hp.module, mm.c_str(), MAX_MODULE_SIZE - 1);
+					}
 				}
 	HookFoundNotif buffer(hp, text);
 	WriteFile(hookPipe, &buffer, sizeof(buffer), DUMMY, nullptr);

LunaHook/util/util.cc

@@ -428,15 +428,20 @@ uintptr_t finddllfunctioncall(uintptr_t funcptr,uintptr_t start, uintptr_t end,W
   else
     return MemDbg::findBytes(bytes,sizeof(bytes),start,end);
 }
-uintptr_t findfuncstart(uintptr_t start,uintptr_t range){
+uintptr_t findfuncstart(uintptr_t start,uintptr_t range,bool checkalign){
   const BYTE funcstart[] = {
     0x55,0x8b,0xec
   };
-  start &= ~0xf;
+  if(checkalign){
-  for (uintptr_t i = start, j = start - range; i >= j; i-=0x10) {
+    start &= ~0xf;
-    if(memcmp((void*)i,funcstart,3)==0)return i;
+    for (uintptr_t i = start, j = start - range; i >= j; i-=0x10) {
+      if(memcmp((void*)i,funcstart,3)==0)return i;
+    }
+    return 0;
+  }
+  else{
+    return reverseFindBytes(funcstart, sizeof(funcstart), start-range, start);
   }
-  return 0;
 }
 #define buildbytes(ret) auto entry=Util::FindImportEntry(hmodule,addr); \
   if(entry==0)return ret;\

LunaHook/util/util.h

@@ -56,7 +56,7 @@ ULONG SafeMatchBytesInGCMemory(LPCVOID pattern, DWORD patternSize);
 std::vector<DWORD> findrelativecall(const BYTE* pattern ,int length,DWORD calladdress,DWORD start, DWORD end);
 std::vector<DWORD> findxref_reverse_checkcallop(DWORD addr, DWORD from, DWORD to,BYTE op) ;
 uintptr_t finddllfunctioncall(uintptr_t funcptr,uintptr_t start, uintptr_t end,WORD sig=0x15ff,bool reverse=false);
-uintptr_t findfuncstart(uintptr_t addr,uintptr_t range=0x100);
+uintptr_t findfuncstart(uintptr_t addr,uintptr_t range=0x100, bool checkalign=false);
 uintptr_t findiatcallormov(uintptr_t addr, DWORD hmodule,uintptr_t start, uintptr_t end,bool reverse=false,BYTE movreg=0);
 std::vector<uintptr_t> findiatcallormov_all(uintptr_t addr, DWORD hmodule,uintptr_t start, uintptr_t end,DWORD protect,BYTE movreg=0);