mirror of
https://github.com/HIllya51/LunaHook.git
synced 2024-11-25 06:45:36 +08:00
68 lines
2.4 KiB
C++
68 lines
2.4 KiB
C++
|
#include"KiriKiri.h"
|
||
|
bool InsertKiriKiriZHook()
|
||
|
{
|
||
|
|
||
|
/*
|
||
|
* Sample games:
|
||
|
* RJ351843
|
||
|
*/
|
||
|
const BYTE bytes[] = {
|
||
|
0xCC, // int 3
|
||
|
0x4C, 0x89, 0x44, 0x24, 0x18, // mov [rsp+18],r8 <- hook here
|
||
|
0x48, 0x89, 0x54, 0x24, 0x10, // mov [rsp+10],rdx
|
||
|
0x53, // push rbx
|
||
|
0x56, // push rsi
|
||
|
0x57, // push rdi
|
||
|
0x41, 0x54, // push r12
|
||
|
0x41, 0x55, // push r13
|
||
|
0x41, 0x56, // push r14
|
||
|
0x41, 0x57, // push r15
|
||
|
0x48, 0x83, 0xEC, 0x40, // sub rsp,40
|
||
|
0x48, 0xC7, 0x44, 0x24, 0x30, 0xFE, 0xFF, 0xFF, 0xFF // mov qword ptr [rsp+30],FFFFFFFFFFFFFFFE
|
||
|
};
|
||
|
|
||
|
ULONG64 range = min(processStopAddress - processStartAddress, X64_MAX_REL_ADDR);
|
||
|
for (auto addr : Util::SearchMemory(bytes, sizeof(bytes), PAGE_EXECUTE, processStartAddress, processStartAddress + range)) {
|
||
|
HookParam hp;
|
||
|
hp.address = addr + 1;
|
||
|
hp.offset=get_reg(regs::rcx);
|
||
|
hp.index = 0x18;
|
||
|
hp.type = CODEC_UTF16 | DATA_INDIRECT;
|
||
|
return NewHook(hp, "KiriKiriZ");
|
||
|
}
|
||
|
return false;
|
||
|
}
|
||
|
bool Insertkrkrz64Hook()
|
||
|
{
|
||
|
const BYTE BYTES[] = {
|
||
|
0x41,0x0F,0xB7,0x44,0x24,0x04,
|
||
|
0x89,0x43,0x20,
|
||
|
0x41,0x0F,0xB7,0x44,0x24,0x06,
|
||
|
0x89,0x43,0x24,
|
||
|
0x41,0x0F,0xBF,0x44,0x24,0x0C,
|
||
|
0x89,0x43,0x14
|
||
|
};
|
||
|
auto addrs = Util::SearchMemory(BYTES, sizeof(BYTES), PAGE_EXECUTE_READ, processStartAddress, processStopAddress);
|
||
|
ConsoleOutput("%p %p", processStartAddress, processStopAddress);
|
||
|
for (auto addr : addrs) {
|
||
|
ConsoleOutput("krkrz64 %p", addr);
|
||
|
const BYTE funcstart[] = { 0xcc,0xcc,0xcc,0xcc };
|
||
|
addr = reverseFindBytes(funcstart, sizeof(funcstart), addr - 0x1000, addr);
|
||
|
if (addr == 0)continue;
|
||
|
addr += 4;
|
||
|
HookParam hp;
|
||
|
hp.address = addr;
|
||
|
hp.type = CODEC_UTF16| DATA_INDIRECT;
|
||
|
hp.offset=get_reg(regs::rcx);
|
||
|
hp.index = 0x18;
|
||
|
ConsoleOutput("krkrz64 %p %x", addr);
|
||
|
return NewHook(hp, "krkrz64");
|
||
|
}
|
||
|
|
||
|
ConsoleOutput("krkrz64 failed");
|
||
|
return false;
|
||
|
}
|
||
|
bool KiriKiri::attach_function() {
|
||
|
return Insertkrkrz64Hook()||InsertKiriKiriZHook();
|
||
|
}
|
||
|
|