mirror of
https://github.com/HIllya51/LunaHook.git
synced 2024-11-25 06:45:36 +08:00
80 lines
2.1 KiB
C++
80 lines
2.1 KiB
C++
|
#include"AGES7.h"
|
||
|
namespace{
|
||
|
//Muv-Luv Alternative - Total Eclipse
|
||
|
//https://vndb.org/v7052
|
||
|
bool _1(){
|
||
|
//HSN65001#-44@234699:te-win64vc14-release.exe
|
||
|
BYTE b1[]={
|
||
|
0x48,XX2,0xb0,0xfe,0xff,0xff,
|
||
|
0x4c,XX2,0xb8,0x01,0x00,0x00,
|
||
|
|
||
|
};
|
||
|
auto addr=MemDbg::findBytes(b1,sizeof(b1),processStartAddress,processStopAddress);
|
||
|
if(addr==0)return false;
|
||
|
HookParam hp;
|
||
|
hp.address=addr;
|
||
|
hp.type=USING_STRING|CODEC_UTF8|NO_CONTEXT;
|
||
|
hp.offset=get_reg(regs::rdi);
|
||
|
auto succ=NewHook(hp,"Ages7_1");
|
||
|
if(addr=MemDbg::findEnclosingAlignedFunction(addr)){
|
||
|
hp.address=addr;
|
||
|
hp.type=USING_STRING|CODEC_UTF8|NO_CONTEXT;
|
||
|
hp.offset=get_reg(regs::rbx);
|
||
|
succ|=NewHook(hp,"Ages7_3");
|
||
|
}
|
||
|
return succ;
|
||
|
}
|
||
|
bool _2(){
|
||
|
//HSN65001#-44@2346AC:te-win64vc14-release.exe
|
||
|
BYTE b1[]={
|
||
|
0x48,XX2,0x10,
|
||
|
0x48,XX2,0xb0,0x01,0x00,0x00,
|
||
|
XX2,0xc0,0x08,0x00,0x00
|
||
|
|
||
|
};
|
||
|
auto addr=MemDbg::findBytes(b1,sizeof(b1),processStartAddress,processStopAddress);
|
||
|
if(addr==0)return false;
|
||
|
HookParam hp;
|
||
|
hp.address=addr;
|
||
|
hp.type=USING_STRING|CODEC_UTF8|NO_CONTEXT;
|
||
|
hp.offset=get_reg(regs::rdi);
|
||
|
auto suc=NewHook(hp,"Ages7_2");
|
||
|
if(addr=MemDbg::findEnclosingAlignedFunction(addr)){
|
||
|
hp.address=addr;
|
||
|
hp.type=USING_STRING|CODEC_UTF8|NO_CONTEXT;
|
||
|
hp.offset=get_reg(regs::rbx);
|
||
|
suc|=NewHook(hp,"Ages7_3");
|
||
|
}
|
||
|
return suc;
|
||
|
}
|
||
|
bool _3(){
|
||
|
//HSN65001#-14@3D9814:te-win64vc14-release.exe
|
||
|
BYTE b1[]={
|
||
|
0x48,0x8b,0x1b,
|
||
|
0x48,0x8b,0x01,
|
||
|
0x48,0x8b,0xd3,
|
||
|
0xff,0x10,
|
||
|
0x48,0x8b,0x45,0xc8,
|
||
|
0x48,0x8b,0x4d,0xc0,
|
||
|
0x48,0x2b,0xc1,
|
||
|
0x48,0xc1,0xf8,0x03,
|
||
|
0x48,0x85,0xc0,
|
||
|
};
|
||
|
auto addr=MemDbg::findBytes(b1,sizeof(b1),processStartAddress,processStopAddress);
|
||
|
if(addr==0)return false;
|
||
|
HookParam hp;
|
||
|
hp.address=addr+3;
|
||
|
hp.type=USING_STRING|CODEC_UTF8|NO_CONTEXT;
|
||
|
hp.offset=get_reg(regs::rbx);
|
||
|
return NewHook(hp,"Ages7_4");
|
||
|
}
|
||
|
bool all(){
|
||
|
auto _=_1();
|
||
|
_=_2()||_;
|
||
|
_=_3()||_;
|
||
|
return _;
|
||
|
}
|
||
|
}
|
||
|
bool AGES7::attach_function(){
|
||
|
return all();
|
||
|
}
|