mirror of
https://github.com/HIllya51/LunaHook.git
synced 2024-12-24 04:04:14 +08:00
avg3217d
This commit is contained in:
parent
4f431b2e68
commit
100ed89542
@ -177,7 +177,7 @@ bool Reallive::attach_function()
|
||||
return true;
|
||||
}
|
||||
|
||||
bool avg3216d::attach_function()
|
||||
bool avg3216dattach_function()
|
||||
{
|
||||
BYTE pattern1[] = {
|
||||
//clang-format off
|
||||
@ -208,4 +208,38 @@ bool avg3216d::attach_function()
|
||||
hp.type = NO_CONTEXT | DATA_INDIRECT;
|
||||
// GROWL_DWORD(hp.address);
|
||||
return NewHook(hp, "avg3216d");
|
||||
}
|
||||
|
||||
bool avg3216dattach_function2()
|
||||
{
|
||||
// https://vndb.org/v12860
|
||||
// effect~悪魔の仔~
|
||||
BYTE pattern2[] = {
|
||||
//clang-format off
|
||||
0x80, 0xf9, 0x81,
|
||||
0x72, 0x05,
|
||||
0x80, 0xf9, 0x9f,
|
||||
0x76, XX, // 76 17
|
||||
0x80, 0xf9, 0xe0,
|
||||
0x72, 0x05,
|
||||
0x80, 0xf9, 0xfc,
|
||||
0x76, 0x0d,
|
||||
//clang-format on
|
||||
};
|
||||
auto addr = MemDbg::findBytes(pattern2, sizeof(pattern2), processStartAddress, processStopAddress);
|
||||
if (addr == 0)
|
||||
return false;
|
||||
addr = findfuncstart(addr, 0x200);
|
||||
if (addr == 0)
|
||||
return false;
|
||||
HookParam hp;
|
||||
hp.address = addr;
|
||||
hp.offset = get_stack(1);
|
||||
hp.type = USING_STRING;
|
||||
// GROWL_DWORD(hp.address);
|
||||
return NewHook(hp, "avg3217d");
|
||||
}
|
||||
bool avg3216d::attach_function()
|
||||
{
|
||||
return avg3216dattach_function() || avg3216dattach_function2();
|
||||
}
|
@ -428,12 +428,15 @@ uintptr_t finddllfunctioncall(uintptr_t funcptr,uintptr_t start, uintptr_t end,W
|
||||
else
|
||||
return MemDbg::findBytes(bytes,sizeof(bytes),start,end);
|
||||
}
|
||||
uintptr_t findfuncstart(uintptr_t addr,uintptr_t range){
|
||||
uintptr_t findfuncstart(uintptr_t start,uintptr_t range){
|
||||
const BYTE funcstart[] = {
|
||||
0x55,0x8b,0xec
|
||||
};
|
||||
addr = reverseFindBytes(funcstart, sizeof(funcstart), addr-range, addr);
|
||||
return addr;
|
||||
start &= ~0xf;
|
||||
for (uintptr_t i = start, j = start - range; i >= j; i-=0x10) {
|
||||
if(memcmp((void*)i,funcstart,3)==0)return i;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
#define buildbytes(ret) auto entry=Util::FindImportEntry(hmodule,addr); \
|
||||
if(entry==0)return ret;\
|
||||
|
Loading…
x
Reference in New Issue
Block a user