Public-Mirror/LunaHook-mirror
1
0
Fork 0
mirror of https://github.com/HIllya51/LunaHook.git synced 2024-10-22 23:18:16 +08:00
Code Issues Projects Releases Wiki Activity
main
LunaHook-mirror/LunaHook/engine32/RUNE.cpp
恍兮惚兮 e84af745ca issues/20
2024-04-25 18:09:46 +08:00

76 lines
2.1 KiB
C++
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#include"RUNE.h"
bool RUNE1() {
const BYTE bytes[] = {
//Ricotteアルペンブルの歌姫
//初恋
//思春期
//Fifth
//unsigned __int8 *__cdecl _mbsinc(const unsigned __int8 *Ptr)
0x8B,0x44,0x24,0x04,
0x0F,0xB6,0x08,
0x8A,0x89,XX4,
0x80,0xE1,0x04,
0x40,
0x84,0xC9,
0x74,XX
};
ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress);
if (addr == 0)return false;
HookParam hp;
hp.address = addr;
hp.offset=get_reg(regs::eax);
hp.type = CODEC_ANSI_BE;
return NewHook(hp, "RUNE");
}
bool RUNE2(){
//ANGEL CORE
auto addr = findiatcallormov((DWORD)GetGlyphOutlineA,processStartAddress,processStartAddress, processStopAddress);
if (addr == 0)return false;
BYTE sig1[]={ 0x81,0xe1,0x01,0x00,0x00,0x80,XX2,0x49,0x83,0xc9,0xfe,0x41 };
auto _=MemDbg::findBytes(sig1, sizeof(sig1), addr, addr+0x100);
if (_ == 0)return false;
addr = MemDbg::findEnclosingAlignedFunction(addr);
if (addr == 0)return false;
HookParam hp;
hp.address = addr;
hp.offset=get_stack(1);
hp.type = CODEC_ANSI_BE ;
return NewHook(hp, "RUNE");
}
bool RUNE3(){
//雪のち、ふるるっ!~ところにより、恋もよう~
const BYTE bytes[] = {
0x6a,0x05,0x6a,0x01
};
for (auto addr : Util::SearchMemory(bytes, sizeof(bytes), PAGE_EXECUTE_READWRITE))
{
auto start= MemDbg::findEnclosingAlignedFunction(addr);
if(start==0)continue;
BYTE sig1[]={ 0x6a,0x00,0x6a,0x01,0x50 };
BYTE sig2[]={ 0x6a,0x34,0xe8 };
BYTE sig3[]={ 0xc1,0xe2,0x10,0x0b,0xc2 };
bool ok=true;
for(auto p:std::vector<std::pair<BYTE*,int>>{{sig1,sizeof(sig1)},{sig2,sizeof(sig2)},{sig3,sizeof(sig3)}}){
auto _=MemDbg::findBytes(p.first, p.second, start, addr);
if(_==0)ok=ok&false;
}
if(ok) {
HookParam hp;
hp.address = start;
hp.offset=get_stack(1);
hp.type = CODEC_ANSI_BE;
return NewHook(hp, "RUNE");
}
}
return false;
}
bool RUNE::attach_function(){
return RUNE1()||RUNE2()||RUNE3();
}
Reference in New Issue View Git Blame Copy Permalink