Public-Mirror/LunaHook-mirror
1
0
Fork 0
mirror of https://github.com/HIllya51/LunaHook.git synced 2024-12-26 13:14:13 +08:00
Code Issues Projects Releases Wiki Activity

willow

Browse Source
This commit is contained in:
恍兮惚兮 2024-08-12 16:46:39 +08:00
parent 406438bb42
commit d31698c5d1
2 changed files with 277 additions and 217 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
LunaHook/engine32/Candy.cpp
View File

@ -17,7 +17,8 @@ CandySoft hook:
But the original <EFBFBD>is quite different. I handle this case separately. But the original <EFBFBD>is quite different. I handle this case separately.
********************************************************************************************/ ********************************************************************************************/
namespace{ namespace
{
// https://vndb.org/v23666 // https://vndb.org/v23666
//(18禁ゲーム) [180928] [INTERHEART glossy] はらかつ3 ~子作りビジネス廃業の危機!?~ (iso+mds+rr3) //(18禁ゲーム) [180928] [INTERHEART glossy] はらかつ3 ~子作りビジネス廃業の危機!?~ (iso+mds+rr3)
// https://vndb.org/v47957 // https://vndb.org/v47957
@ -79,21 +80,25 @@ namespace{
{ {
// void __usercall sub_425580(char *a1@<edx>, int a2@<ecx>, int a3) // void __usercall sub_425580(char *a1@<edx>, int a2@<ecx>, int a3)
BYTE bytes[] = { BYTE bytes[] = {
//clang-format off
0x3c, 0x24, 0x3c, 0x24,
0x75, XX, 0x75, XX,
0x80, 0x7e, 0x01, 0x00, 0x80, 0x7e, 0x01, 0x00,
0x74, XX, 0x74, XX,
0x83, XX, 0x02, 0x83, XX, 0x02,
0x83, XX, 0x02, 0x83, XX, 0x02,
//clang-format on
}; };
auto addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); auto addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress);
if (!addr) return 0; if (!addr)
return 0;
addr = findfuncstart(addr, 0x400); addr = findfuncstart(addr, 0x400);
return addr; return addr;
} }
} }
namespace { // unnamed Candy namespace
{ // unnamed Candy
// jichi 8/23/2013: split into two different engines // jichi 8/23/2013: split into two different engines
// if (_wcsicmp(processName, L"systemc.exe")==0) // if (_wcsicmp(processName, L"systemc.exe")==0)
@ -103,7 +108,8 @@ bool InsertCandyHook1()
for (DWORD i = processStartAddress + 0x1000; i < processStopAddress - 4; i++) for (DWORD i = processStartAddress + 0x1000; i < processStopAddress - 4; i++)
if ((*(DWORD *)i & 0xffffff) == 0x24f980) // cmp cl,24 if ((*(DWORD *)i & 0xffffff) == 0x24f980) // cmp cl,24
for (DWORD j = i, k = i - 0x100; j > k; j--) for (DWORD j = i, k = i - 0x100; j > k; j--)
if (*(DWORD *)j == 0xc0330a8a) { // mov cl,[edx]; xor eax,eax if (*(DWORD *)j == 0xc0330a8a)
{ // mov cl,[edx]; xor eax,eax
HookParam hp; HookParam hp;
hp.address = j; hp.address = j;
hp.offset = get_reg(regs::edx); hp.offset = get_reg(regs::edx);
@ -123,7 +129,8 @@ uintptr_t __InsertCandyHook2()
if (*(WORD *)i == 0x5b3c || // cmp al,0x5b if (*(WORD *)i == 0x5b3c || // cmp al,0x5b
(*(DWORD *)i & 0xfff8fc) == 0x5bf880) // cmp reg,0x5B (*(DWORD *)i & 0xfff8fc) == 0x5bf880) // cmp reg,0x5B
for (DWORD j = i, k = i - 0x100; j > k; j--) for (DWORD j = i, k = i - 0x100; j > k; j--)
if ((*(DWORD *)j & 0xffff) == 0x8b55) { // push ebp, mov ebp,esp, sub esp,* if ((*(DWORD *)j & 0xffff) == 0x8b55)
{ // push ebp, mov ebp,esp, sub esp,*
return j; return j;
} }
return 0; return 0;
@ -136,19 +143,24 @@ bool InsertCandyHook2()
HookParam hp; HookParam hp;
hp.type = USING_STRING; hp.type = USING_STRING;
hp.filter_fun = filter; hp.filter_fun = filter;
if(addr2==0&&addr1==0)return false; if (addr2 == 0 && addr1 == 0)
else if(addr2==0&&addr1!=0){ return false;
else if (addr2 == 0 && addr1 != 0)
{
hp.address = addr1; hp.address = addr1;
hp.offset = get_reg(regs::edx); hp.offset = get_reg(regs::edx);
return NewHook(hp, "SystemC"); return NewHook(hp, "SystemC");
} }
else if(addr2!=0&&addr1==0){ else if (addr2 != 0 && addr1 == 0)
{
hp.address = addr2; hp.address = addr2;
hp.offset = get_stack(1); // jichi: text in arg1 hp.offset = get_stack(1); // jichi: text in arg1
return NewHook(hp, "SystemC"); return NewHook(hp, "SystemC");
} }
else{ else
if(addr1==addr2){ {
if (addr1 == addr2)
{
addr1 += 5; addr1 += 5;
} }
hp.address = addr1; hp.address = addr1;
@ -200,19 +212,23 @@ bool InsertCandyHook2()
} // unnamed Candy } // unnamed Candy
namespace{ namespace
bool candy3(){ {
bool candy3()
{
// お母さんは俺専用!~あなたの初めてを…母さんが貰ってア・ゲ・ル~ // お母さんは俺専用!~あなたの初めてを…母さんが貰ってア・ゲ・ル~
// 茉莉子さん家の性事情 ~伯母さんは僕のモノ~ // 茉莉子さん家の性事情 ~伯母さんは僕のモノ~
const BYTE bytes[] = { const BYTE bytes[] = {
0x24, // XX||XX2 0x24, // XX||XX2
0x75 0x75};
}; for (auto addr : Util::SearchMemory(bytes, sizeof(bytes), PAGE_EXECUTE))
for (auto addr : Util::SearchMemory(bytes, sizeof(bytes), PAGE_EXECUTE)){ {
ConsoleOutput("%x", addr); ConsoleOutput("%x", addr);
if((*(BYTE*)(addr-1) ==0x3c)||((*(BYTE*)(addr-2) ==0x83)&&(*(BYTE*)(addr-1) ==0xf9))){ if ((*(BYTE *)(addr - 1) == 0x3c) || ((*(BYTE *)(addr - 2) == 0x83) && (*(BYTE *)(addr - 1) == 0xf9)))
{
addr = MemDbg::findEnclosingAlignedFunction(addr); addr = MemDbg::findEnclosingAlignedFunction(addr);
if(addr==0)continue; if (addr == 0)
continue;
ConsoleOutput("!%x", addr); ConsoleOutput("!%x", addr);
HookParam hp; HookParam hp;
hp.type = USING_STRING; hp.type = USING_STRING;
@ -252,7 +268,8 @@ bool InsertCandyHook3()
ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR); ULONG range = min(processStopAddress - processStartAddress, MAX_REL_ADDR);
ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range); ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStartAddress + range);
if (!addr) return false; if (!addr)
return false;
HookParam hp; HookParam hp;
hp.address = addr + 1; hp.address = addr + 1;
hp.offset = get_stack(4); hp.offset = get_stack(4);
@ -265,36 +282,77 @@ bool InsertCandyHook3()
// jichi 10/2/2013: Add new candy hook // jichi 10/2/2013: Add new candy hook
bool InsertCandyHook() bool InsertCandyHook()
{ {
PcHooks::hookOtherPcFunctions();
// if (0 == _wcsicmp(processName, L"systemc.exe")) // if (0 == _wcsicmp(processName, L"systemc.exe"))
if (Util::CheckFile(L"SystemC.exe")) if (Util::CheckFile(L"SystemC.exe"))
return InsertCandyHook1() || candy3(); return InsertCandyHook1() || candy3();
else{ else
{
// return InsertCandyHook2(); // return InsertCandyHook2();
bool b2 = InsertCandyHook2(); bool b2 = InsertCandyHook2();
b2 |= InsertCandyHook3(); b2 |= InsertCandyHook3();
return b2; return b2;
} }
} }
namespace
{
bool willowsoft()
{
const BYTE bytes[] = {
// https://vndb.org/v5761
// まません
bool Candy::attach_function() { 0xA1, XX4,
0x89, 0x45, 0xF8,
0x83, 0x7D, 0xF8, 0x10,
0x74, XX,
0x83, 0x7D, 0xF8, 0x18,
0x74, XX,
0x83, 0x7D, 0xF8, 0x20,
0x74, XX};
auto addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress);
if (addr == 0)
return false;
addr = MemDbg::findEnclosingAlignedFunction(addr, 0x20);
if (addr == 0)
return false;
HookParam hp;
hp.type = USING_STRING;
hp.offset = get_stack(2);
hp.type = USING_STRING;
hp.address = addr;
return NewHook(hp, "WillowSoft");
}
}
bool Candy::attach_function()
{
return InsertCandyHook(); auto b1 = InsertCandyHook();
if (b1)
PcHooks::hookOtherPcFunctions();
else
{
b1 = b1 || willowsoft();
if (!b1)
PcHooks::hookOtherPcFunctions();
}
return b1;
} }
bool WillowSoft::attach_function()
bool WillowSoft::attach_function(){ {
// お母さんがいっぱい!!限定ママBOX // お母さんがいっぱい!!限定ママBOX
const BYTE bytes[] = { const BYTE bytes[] = {
0xF7, 0xC2, 0x00, 0x00, 0xFF, 0x00, 0xF7, 0xC2, 0x00, 0x00, 0xFF, 0x00,
XX2, XX2,
0xF7, 0xC2, 0x00, 0x00, 0x00, 0xFF, 0xF7, 0xC2, 0x00, 0x00, 0x00, 0xFF,
XX2 XX2};
};
auto addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress); auto addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress);
if(addr==0)return false; if (addr == 0)
return false;
addr = MemDbg::findEnclosingAlignedFunction(addr); addr = MemDbg::findEnclosingAlignedFunction(addr);
if(addr==0)return false; if (addr == 0)
return false;
HookParam hp; HookParam hp;
hp.type = USING_STRING; hp.type = USING_STRING;
@ -303,6 +361,5 @@ bool WillowSoft::attach_function(){
hp.index = 0; hp.index = 0;
hp.address = addr; hp.address = addr;
return NewHook(hp, "WillowSoft"); return NewHook(hp, "WillowSoft");
} }

13
LunaHook/engine32/Candy.h
View File

@ -1,8 +1,10 @@
class Candy:public ENGINE{ class Candy : public ENGINE
{
public: public:
Candy(){ Candy()
{
check_by = CHECK_BY::FILE_ANY; check_by = CHECK_BY::FILE_ANY;
check_by_target = check_by_list{L"*.fpk", L"data\\*.fpk"}; check_by_target = check_by_list{L"*.fpk", L"data\\*.fpk"};
@ -11,10 +13,11 @@ class Candy:public ENGINE{
bool attach_function(); bool attach_function();
}; };
class WillowSoft : public ENGINE
class WillowSoft:public ENGINE{ {
public: public:
WillowSoft(){ WillowSoft()
{
check_by = CHECK_BY::FILE; check_by = CHECK_BY::FILE;
check_by_target = L"Selene.dll"; check_by_target = L"Selene.dll";