#include"Ohgetsu.h" namespace{ bool hook1() { //Silvery White ~君と出逢った理由~ const BYTE bytes[] = { 0x8b,XX,0x10, 0x8b,XX,0x0C, 0x8b,XX,0x08, 0x8b,XX, 0xc1,XX,02, 0xf3,0xa5, 0x8b,XX, 0x83,XX,0x03, 0xf3,0xa4, 0x8b,XX,0x08, 0x03,XX,0x10, 0xC6,XX,0x00 }; ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) return false; addr= MemDbg::findEnclosingAlignedFunction(addr); if (!addr) return false; HookParam hp; hp.address = addr ; hp.offset=get_stack(2); hp.type = USING_STRING; hp.text_fun = [](hook_stack* stack, HookParam *hp, uintptr_t *data, uintptr_t *split, size_t*len) { auto text = (LPCSTR)stack->stack[2]; auto size = stack->stack[3]; *data = (DWORD)text; *len = size; *split = stack->stack[0]; }; return NewHook(hp, "Ohgetsu"); } bool hook2() { //Palmyra ~熱砂の海と美なる戦姫~ const BYTE bytes[] = { 0x8b,XX,0x08, 0x0f,XX,0x08, 0xC1,XX,0x08, 0x8b,XX,0x08, 0x0f,0xb6,0x42,0x01, 0x0b,XX, }; ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) return false; addr= MemDbg::findEnclosingAlignedFunction(addr); if (!addr) return false; HookParam hp; hp.address = addr ; hp.offset=get_stack(1); hp.type = USING_STRING; hp.text_fun = [](hook_stack* stack, HookParam *hp, uintptr_t *data, uintptr_t *split, size_t*len) { auto text = (LPCSTR)stack->stack[1]; auto size = stack->stack[2]; *data = (DWORD)text; *len = size; *split = stack->stack[0]; }; return NewHook(hp, "Ohgetsu"); } bool _3(){ //それは舞い散る桜のように FullEffect auto addr = MemDbg::findCallerAddress((DWORD)GetGlyphOutlineA,0xec81, processStartAddress, processStopAddress); if (!addr) { return false; } //reladdr = 0x48ff0; //reladdr = 0x48ff3; HookParam hp; hp.address = addr ; hp.offset=get_stack(1); hp.type = CODEC_ANSI_BE; return NewHook(hp, "Basil"); } bool _4(){ //それは舞い散る桜のように FullEffect const BYTE bytes[] = { 0x3D,0x00,0x02,0xFF,0xFF, XX2, 0x3D,0x01,0x02,0xFF,0xFF, XX2, 0x3D,0x02,0x02,0xFF,0xFF, XX2, }; ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) return false; addr= MemDbg::findEnclosingAlignedFunction(addr); if (!addr) return false; HookParam hp; hp.address = addr ; hp.offset=get_stack(2); hp.type = USING_STRING|EMBED_ABLE|EMBED_AFTER_NEW|EMBED_BEFORE_SIMPLE|EMBED_DYNA_SJIS; hp.hook_font=F_GetGlyphOutlineA; return NewHook(hp, "Basil2"); } } namespace{ bool _5(){ //仰せのままに★ご主人様! const BYTE bytes[] = { //memset(&byte_562568, 0, 0x20u); //memset(byte_562588, 0, sizeof(byte_562588)); ->RS@562588 0x6a,0x20, 0x6a,0x00, 0x68,XX4, 0xe8,XX4, 0x83,0xc4,0x0c, 0x68,0x40,0x01,0x00,0x00, 0x6a,0x00, 0x68,XX4, 0xe8,XX4 }; ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) return false; addr=*(DWORD*)(addr+25); if(IsBadReadPtr((LPVOID)addr,10)!=0)return false; HookParam hp; hp.address=addr; hp.type=DIRECT_READ; hp.filter_fun=[](LPVOID data, size_t* size, HookParam*){ auto text = reinterpret_cast(data); auto len = reinterpret_cast(size); StringCharReplacer(text, len, "||", 2, '\n'); return true; }; return NewHook(hp,"Ohgetsu"); } bool _6(){ //仰せのままに★ご主人様! //这个有人名,上面那个只有文本 const BYTE bytes[] = { 0x6a,0x46, 0x8b,0x4d,0xf4, 0x6b,0xc9,0x46, 0x81,0xc1,XX4, 0x51, 0x8b,0x55,0xf4, 0x83,0xea,0x05, 0x6b,0xd2,0x46, 0x81,0xc2,XX4, 0x52, 0xe8 }; ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); if (!addr) return false; addr = findfuncstart(addr); if (!addr)return false; HookParam hp; hp.address=addr; hp.type=USING_STRING; hp.text_fun=[](hook_stack* stack, HookParam *hp, uintptr_t* data, uintptr_t* split, size_t* len){ *data = stack->stack[1]; *len = stack->stack[2]; }; hp.filter_fun=[](LPVOID data, size_t* size, HookParam*){ auto text = reinterpret_cast(data); auto len = reinterpret_cast(size); StringCharReplacer(text, len, "||", 2, '\n'); return true; }; return NewHook(hp,"Ohgetsu"); } bool _7(){ return _6()||_5(); } } bool Ohgetsu::attach_function() { bool ok=_4(); return hook1()||hook2()||_7()||_3()||ok; }