#include"LunaSoft.h"
#include"embed_util.h"
/** jichi 12/27/2014 LunaSoft
 * Sample game: [141226] [LunaSoft] 悪堕ラビリンス -- /hsn8@46C5EF
 *
 * /hsn8@46C5EF
 * - addr: 0x46C5EF
 * - off: 8
 * - type: 1025 = 0x401
 *
 * - 0046c57e   cc               int3
 * - 0046c57f   cc               int3
 * - 0046c580   55               push ebp       ; jichi: text in arg1
 * - 0046c581   8bec             mov ebp,esp
 * - 0046c583   83ec 08          sub esp,0x8
 * - 0046c586   894d f8          mov dword ptr ss:[ebp-0x8],ecx
 * - 0046c589   8b4d f8          mov ecx,dword ptr ss:[ebp-0x8]
 * - 0046c58c   83c1 1c          add ecx,0x1c
 * - 0046c58f   e8 2cebf9ff      call .0040b0c0
 * - 0046c594   8b00             mov eax,dword ptr ds:[eax]
 * - 0046c596   8945 fc          mov dword ptr ss:[ebp-0x4],eax
 * - 0046c599   837d fc 00       cmp dword ptr ss:[ebp-0x4],0x0
 * - 0046c59d   75 21            jnz short .0046c5c0
 * - 0046c59f   8b4d f8          mov ecx,dword ptr ss:[ebp-0x8]
 * - 0046c5a2   83c1 28          add ecx,0x28
 * - 0046c5a5   e8 16ebf9ff      call .0040b0c0
 * - 0046c5aa   8b08             mov ecx,dword ptr ds:[eax]
 * - 0046c5ac   894d fc          mov dword ptr ss:[ebp-0x4],ecx
 * - 0046c5af   8b55 fc          mov edx,dword ptr ss:[ebp-0x4]
 * - 0046c5b2   52               push edx
 * - 0046c5b3   8b4d f8          mov ecx,dword ptr ss:[ebp-0x8]
 * - 0046c5b6   83c1 28          add ecx,0x28
 * - 0046c5b9   e8 82d9f9ff      call .00409f40
 * - 0046c5be   eb 0f            jmp short .0046c5cf
 * - 0046c5c0   8b45 fc          mov eax,dword ptr ss:[ebp-0x4]
 * - 0046c5c3   50               push eax
 * - 0046c5c4   8b4d f8          mov ecx,dword ptr ss:[ebp-0x8]
 * - 0046c5c7   83c1 1c          add ecx,0x1c
 * - 0046c5ca   e8 71d9f9ff      call .00409f40
 * - 0046c5cf   837d fc 00       cmp dword ptr ss:[ebp-0x4],0x0
 * - 0046c5d3   75 02            jnz short .0046c5d7
 * - 0046c5d5   eb 61            jmp short .0046c638
 * - 0046c5d7   8b4d fc          mov ecx,dword ptr ss:[ebp-0x4]
 * - 0046c5da   e8 b1cdf9ff      call .00409390
 * - 0046c5df   8b4d 08          mov ecx,dword ptr ss:[ebp+0x8]
 * - 0046c5e2   51               push ecx                   ; jichi: text in ecx
 * - 0046c5e3   68 38010000      push 0x138
 * - 0046c5e8   8b55 fc          mov edx,dword ptr ss:[ebp-0x4]
 * - 0046c5eb   83c2 08          add edx,0x8
 * - 0046c5ee   52               push edx
 * - 0046c5ef   ff15 88b24c00    call dword ptr ds:[0x4cb288]  ; msvcr90.strcpy_s, jichi: text accessed here in arg2
 * - 0046c5f5   83c4 0c          add esp,0xc
 * - 0046c5f8   8b45 0c          mov eax,dword ptr ss:[ebp+0xc]
 * - 0046c5fb   50               push eax
 * - 0046c5fc   6a 10            push 0x10
 */
// Remove: \n\s*
// This is dangerous since \n could appear within SJIS
//static bool LunaSoftFilter(LPVOID data, size_t *size, HookParam *)
//{
//  size_t len = *size;
//  char *str = reinterpret_cast<char *>(data),
//       *cur;
//
//  while (len &&
//         (cur = ::memchr(str, '\n', len)) &&
//         --len) {
//    ::memmove(cur, cur + 1, len - (cur - str));
//    while (cur < str + len)
//      if (::isspace(*cur) && --len)
//        ::memmove(cur, cur + 1, len - (cur - str));
//      else if (len >= 2 && ::iswspace(*(LPCWSTR)cur) && (len-=2))
//        ::memmove(cur, cur + 2, len - (cur - str));
//      else
//        break;
//  }
//
//  *size = len;
//  return true;
//}
bool InsertLunaSoftHook()
{
  const BYTE bytes[] = {
    0xcc,            // 0046c57e   cc               int3
    0xcc,            // 0046c57f   cc               int3
    0x55,            // 0046c580   55               push ebp       ; jichi: text in arg1
    0x8b,0xec,       // 0046c581   8bec             mov ebp,esp
    0x83,0xec, 0x08, // 0046c583   83ec 08          sub esp,0x8
    0x89,0x4d, 0xf8, // 0046c586   894d f8          mov dword ptr ss:[ebp-0x8],ecx
    0x8b,0x4d, 0xf8, // 0046c589   8b4d f8          mov ecx,dword ptr ss:[ebp-0x8]
    0x83,0xc1, 0x1c, // 0046c58c   83c1 1c          add ecx,0x1c
    0xe8             // 0046c58f   e8 2cebf9ff      call .0040b0c0
  };
  enum { addr_offset = 2 };
  ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), processStartAddress, processStopAddress);
  //GROWL(addr);
  if (!addr) {
    ConsoleOutput("LunaSoft: pattern not found");
    return false;
  }
  HookParam hp;
  hp.address = addr + addr_offset;
  hp.offset =get_stack(1);
  hp.type = USING_STRING;
  //hp.filter_fun = LunaSoftFilter; // remove \n
  ConsoleOutput("INSERT LunaSoft");
  return NewHook(hp, "LunaSoft");

  // There are no GDI functions anyway
  //ConsoleOutput("LunaSoft: disable GDI hooks");
  //
}
bool InsertXXkata(){
  //アイリスフィールド

  //素晴らしき国家の築き方
  //浮遊都市の作り方
  //正しい性奴隷の使い方		
  
  //HSNc@0:user32.dll:wsprintfA
  auto addr = GetProcAddress(GetModuleHandleW(L"user32.dll"),"wsprintfA");
  if (addr == 0)return false;
  HookParam hp;
  hp.address=(uint64_t)addr ; 
  hp.type=USING_STRING|NO_CONTEXT;
  hp.offset=get_stack(3); 
  hp.filter_fun = all_ascii_Filter;
  return NewHook(hp, "XXkata");
}



namespace { // unnamed
namespace ScenarioHook {
namespace Private {
  class DataCache // LRU policy, hashtable not used for simplicity
  {
    int capacity_;
    std::list<std::string> stack_; // priority stack
  public:
    explicit DataCache(int capacity = 100)
      : capacity_(capacity) {} //{ stack_.reserve(capacity); }

    bool contains(const std::string &data) const
    { return stack_.end() != std::find(stack_.begin(), stack_.end(), data); }

    std::string retain(const std::string &data)
    {
      auto p = std::find(stack_.begin(), stack_.end(), data);
      if (p == stack_.end()) {
        if (stack_.size() == capacity_)
          stack_.pop_back();
        stack_.push_front(data);
        return data;
      } else {
        if (p != stack_.begin())
          stack_.splice(stack_.begin(), stack_, p);
        return *p;
      }
    }
  };
  DataCache cache_; // this is used to make sure that same translation will have the same address

  /**
   *  Sample game: 悪堕ラビリンス, scenario return address: 0x42f6dc
   *
   *  0042F6C8   E8 335F0000      CALL lus004.00435600
   *  0042F6CD   8945 10          MOV DWORD PTR SS:[EBP+0x10],EAX
   *  0042F6D0   8B55 10          MOV EDX,DWORD PTR SS:[EBP+0x10]
   *  0042F6D3   52               PUSH EDX
   *  0042F6D4   8B4D EC          MOV ECX,DWORD PTR SS:[EBP-0x14]
   *  0042F6D7   E8 34850500      CALL lus004.00487C10
   *  0042F6DC   8B45 10          MOV EAX,DWORD PTR SS:[EBP+0x10]   ; jichi: retaddr
   *  0042F6DF   50               PUSH EAX
   *  0042F6E0   8B4D 08          MOV ECX,DWORD PTR SS:[EBP+0x8]
   *  0042F6E3   E8 785E0000      CALL lus004.00435560
   *  0042F6E8   8945 10          MOV DWORD PTR SS:[EBP+0x10],EAX
   *  0042F6EB   E9 5E010000      JMP lus004.0042F84E
   *  0042F6F0   8B4D 10          MOV ECX,DWORD PTR SS:[EBP+0x10]
   */
  bool hookBefore(hook_stack*s,void* data1, size_t* len,uintptr_t*role)
  {
    auto text = (LPCSTR)s->stack[1]; // arg1
    if (!text || !*text) // || Util::allAscii(text))
      return 0;
    std::string oldData = text;
    if (cache_.contains(oldData))
      return 0;
     // 0042F6DC   8B45 10          MOV EAX,DWORD PTR SS:[EBP+0x10]   ; jichi: retaddr
     // 0042F6DF   50               PUSH EAX
    ULONG retaddr = s->stack[0];
    * role = Engine::OtherRole;
    if (*(DWORD *)retaddr == 0x5010458b)
      *role = Engine::ScenarioRole;
      
    write_string_overwrite(data1,len,oldData);
    return 1;
     
  }
  void hookafter1(hook_stack*s,void* data1, size_t len){
    static std::string newData;
    newData=std::string((char*)data1,len);
    newData = cache_.retain(newData);
    s->stack[1] = (ULONG)newData.c_str(); // arg1 
  }
} // namespace Private

/**
 *  Sample game: 悪堕ラビリンス
 *
 *  Debugging method: Hook to all function that accessing the text
 *  Until find ones that can get text modified.
 *
 *  This is the first function accessing the text.
 *  It is used for text size allocation.
 *
 *  00487C0E   CC               INT3
 *  00487C0F   CC               INT3
 *  00487C10   55               PUSH EBP
 *  00487C11   8BEC             MOV EBP,ESP
 *  00487C13   51               PUSH ECX
 *  00487C14   894D FC          MOV DWORD PTR SS:[EBP-0x4],ECX
 *  00487C17   8B45 FC          MOV EAX,DWORD PTR SS:[EBP-0x4]
 *  00487C1A   8B4D 08          MOV ECX,DWORD PTR SS:[EBP+0x8]
 *  00487C1D   8988 AC020000    MOV DWORD PTR DS:[EAX+0x2AC],ECX
 *  00487C23   8B55 FC          MOV EDX,DWORD PTR SS:[EBP-0x4]
 *  00487C26   D9EE             FLDZ
 *  00487C28   D99A B0020000    FSTP DWORD PTR DS:[EDX+0x2B0]
 *  00487C2E   8B45 FC          MOV EAX,DWORD PTR SS:[EBP-0x4]
 *  00487C31   8B88 84000000    MOV ECX,DWORD PTR DS:[EAX+0x84]
 *  00487C37   81E1 00000F00    AND ECX,0xF0000
 *  00487C3D   C1E9 10          SHR ECX,0x10
 *  00487C40   83F9 02          CMP ECX,0x2
 *  00487C43   75 21            JNZ SHORT .00487C66
 *  00487C45   8B55 FC          MOV EDX,DWORD PTR SS:[EBP-0x4]
 *  00487C48   8B82 AC020000    MOV EAX,DWORD PTR DS:[EDX+0x2AC]
 *  00487C4E   50               PUSH EAX
 *  00487C4F   8B4D FC          MOV ECX,DWORD PTR SS:[EBP-0x4]
 *  00487C52   8B89 88000000    MOV ECX,DWORD PTR DS:[ECX+0x88]
 *  00487C58   E8 0323FAFF      CALL .00429F60
 *  00487C5D   8B55 FC          MOV EDX,DWORD PTR SS:[EBP-0x4]
 *  00487C60   8982 B8020000    MOV DWORD PTR DS:[EDX+0x2B8],EAX
 *  00487C66   8BE5             MOV ESP,EBP
 *  00487C68   5D               POP EBP
 *  00487C69   C2 0400          RETN 0x4
 *  00487C6C   CC               INT3
 *  00487C6D   CC               INT3
 *  00487C6E   CC               INT3
 *
 *  This is the function where text is being painted.
 *
 *  0042B1EE   CC               INT3
 *  0042B1EF   CC               INT3
 *  0042B1F0   55               PUSH EBP
 *  0042B1F1   8BEC             MOV EBP,ESP
 *  0042B1F3   81EC 44010000    SUB ESP,0x144
 *  0042B1F9   898D E8FEFFFF    MOV DWORD PTR SS:[EBP-0x118],ECX
 *  0042B1FF   8B85 E8FEFFFF    MOV EAX,DWORD PTR SS:[EBP-0x118]
 *  0042B205   8378 24 00       CMP DWORD PTR DS:[EAX+0x24],0x0
 *  0042B209   75 05            JNZ SHORT lus004.0042B210
 *  0042B20B   E9 2E070000      JMP lus004.0042B93E
 *  0042B210   837D 08 00       CMP DWORD PTR SS:[EBP+0x8],0x0
 *  0042B214   75 05            JNZ SHORT lus004.0042B21B
 *  0042B216   E9 23070000      JMP lus004.0042B93E
 *  0042B21B   C785 FCFEFFFF 00>MOV DWORD PTR SS:[EBP-0x104],0x0
 *  0042B225   C745 D0 00000000 MOV DWORD PTR SS:[EBP-0x30],0x0
 *  0042B22C   C785 40FFFFFF 00>MOV DWORD PTR SS:[EBP-0xC0],0x0
 *  0042B236   8B4D 14          MOV ECX,DWORD PTR SS:[EBP+0x14]
 *  0042B239   83E1 03          AND ECX,0x3
 *  0042B23C   83F9 01          CMP ECX,0x1
 *  0042B23F   75 07            JNZ SHORT lus004.0042B248
 *  0042B241   D9EE             FLDZ
 *  0042B243   D95D 88          FSTP DWORD PTR SS:[EBP-0x78]
 *  0042B246   EB 1B            JMP SHORT lus004.0042B263
 *  0042B248   8B55 14          MOV EDX,DWORD PTR SS:[EBP+0x14]
 *  0042B24B   83E2 03          AND EDX,0x3
 *  0042B24E   83FA 02          CMP EDX,0x2
 *  0042B251   75 07            JNZ SHORT lus004.0042B25A
 *  0042B253   D9E8             FLD1
 *  0042B255   D95D 88          FSTP DWORD PTR SS:[EBP-0x78]
 *  0042B258   EB 09            JMP SHORT lus004.0042B263
 *  0042B25A   D905 986A4E00    FLD DWORD PTR DS:[0x4E6A98]
 *  0042B260   D95D 88          FSTP DWORD PTR SS:[EBP-0x78]
 *  0042B263   8B45 14          MOV EAX,DWORD PTR SS:[EBP+0x14]
 *  0042B266   83E0 0C          AND EAX,0xC
 *  0042B269   83F8 04          CMP EAX,0x4
 *  0042B26C   75 07            JNZ SHORT lus004.0042B275
 *  0042B26E   D9EE             FLDZ
 *  0042B270   D95D AC          FSTP DWORD PTR SS:[EBP-0x54]
 *  0042B273   EB 1B            JMP SHORT lus004.0042B290
 *  0042B275   8B4D 14          MOV ECX,DWORD PTR SS:[EBP+0x14]
 *  0042B278   83E1 0C          AND ECX,0xC
 *  0042B27B   83F9 08          CMP ECX,0x8
 *  0042B27E   75 07            JNZ SHORT lus004.0042B287
 *  0042B280   D9E8             FLD1
 *  0042B282   D95D AC          FSTP DWORD PTR SS:[EBP-0x54]
 *  0042B285   EB 09            JMP SHORT lus004.0042B290
 *  0042B287   D905 986A4E00    FLD DWORD PTR DS:[0x4E6A98]
 *  0042B28D   D95D AC          FSTP DWORD PTR SS:[EBP-0x54]
 *  0042B290   8B55 0C          MOV EDX,DWORD PTR SS:[EBP+0xC]
 *  0042B293   D942 30          FLD DWORD PTR DS:[EDX+0x30]
 *  0042B296   D99D 74FFFFFF    FSTP DWORD PTR SS:[EBP-0x8C]
 *  0042B29C   8B45 0C          MOV EAX,DWORD PTR SS:[EBP+0xC]
 *  0042B29F   D940 34          FLD DWORD PTR DS:[EAX+0x34]
 *  0042B2A2   D99D 78FFFFFF    FSTP DWORD PTR SS:[EBP-0x88]
 *  0042B2A8   8B8D E8FEFFFF    MOV ECX,DWORD PTR SS:[EBP-0x118]
 *  0042B2AE   8B51 2C          MOV EDX,DWORD PTR DS:[ECX+0x2C]
 *  0042B2B1   8995 E0FEFFFF    MOV DWORD PTR SS:[EBP-0x120],EDX
 *  0042B2B7   C785 E4FEFFFF 00>MOV DWORD PTR SS:[EBP-0x11C],0x0
 *  0042B2C1   DFAD E0FEFFFF    FILD QWORD PTR SS:[EBP-0x120]
 *  0042B2C7   DC0D 186A4E00    FMUL QWORD PTR DS:[0x4E6A18]
 *  0042B2CD   D99D 68FFFFFF    FSTP DWORD PTR SS:[EBP-0x98]
 *  0042B2D3   D9EE             FLDZ
 *  0042B2D5   D99D 6CFFFFFF    FSTP DWORD PTR SS:[EBP-0x94]
 *  0042B2DB   D9EE             FLDZ
 *  0042B2DD   D95D D4          FSTP DWORD PTR SS:[EBP-0x2C]
 *  0042B2E0   8B85 E8FEFFFF    MOV EAX,DWORD PTR SS:[EBP-0x118]
 *  0042B2E6   8B48 2C          MOV ECX,DWORD PTR DS:[EAX+0x2C]
 *  0042B2E9   898D D8FEFFFF    MOV DWORD PTR SS:[EBP-0x128],ECX
 *  0042B2EF   C785 DCFEFFFF 00>MOV DWORD PTR SS:[EBP-0x124],0x0
 *  0042B2F9   DFAD D8FEFFFF    FILD QWORD PTR SS:[EBP-0x128]
 *  0042B2FF   D95D D8          FSTP DWORD PTR SS:[EBP-0x28]
 *  0042B302   8B55 0C          MOV EDX,DWORD PTR SS:[EBP+0xC]
 *  0042B305   52               PUSH EDX
 *  0042B306   8D85 00FFFFFF    LEA EAX,DWORD PTR SS:[EBP-0x100]
 *  0042B30C   50               PUSH EAX
 *  0042B30D   E8 3E6FFEFF      CALL lus004.00412250
 *  0042B312   83C4 04          ADD ESP,0x4
 *  0042B315   D9E8             FLD1
 *  0042B317   D91C24           FSTP DWORD PTR SS:[ESP]
 *  0042B31A   51               PUSH ECX
 *  0042B31B   D9EE             FLDZ
 *  0042B31D   D91C24           FSTP DWORD PTR SS:[ESP]
 *  0042B320   51               PUSH ECX
 *  0042B321   D9EE             FLDZ
 *  0042B323   D91C24           FSTP DWORD PTR SS:[ESP]
 *  0042B326   51               PUSH ECX
 *  0042B327   D9EE             FLDZ
 *  ...
 *
 *
 *  0012FC68   089E0060
 *  0012FC6C   08AD9D00
 *  0012FC70   01D66B60
 *  0012FC74   00000000
 *  0012FC78   0012FDD0
 *  0012FC7C   00000000
 *  0012FC80  /0012FDD0
 *  0012FC84  |0042B43B  RETURN to lus004.0042B43B from lus004.00429E50
 *  0012FC88  |02C2AB18 ; jichi: text is here
 *  0012FC8C  |0012FCAC
 *  0012FC90  |00000000
 *  0012FC94  |0012FCC4
 *  0012FC98  |6186B837  RETURN to d3d9.6186B837
 *  0012FC9C  |0029DFA0
 *  0012FCA0  |0012FCAC
 *  0012FCA4  |00000000
 *  0012FCA8  |00000018
 *  0012FCAC  |00000000
 *  0012FCB0  |00000018
 *  0012FCB4  |00000000
 *  0012FCB8  |01D66B60
 *  0012FCBC  |00000000
 *  0012FCC0  |00000002
 *  0012FCC4  |0012FD24
 *  0012FCC8  |6186B774  RETURN to d3d9.6186B774
 *  0012FCCC  |00000000
 *  0012FCD0  |3FA00000
 *  0012FCD4  |00000000
 *  0012FCD8  |00000000
 *  0012FCDC  |00000000
 *  0012FCE0  |00000000
 *  0012FCE4  |3FA00000
 *  0012FCE8  |00000000
 *  0012FCEC  |00000000
 *  0012FCF0  |00000000
 *  0012FCF4  |00000000
 *  0012FCF8  |3F800000
 *  0012FCFC  |00000000
 *  0012FD00  |00000000
 *  0012FD04  |00000000
 *  0012FD08  |00000000
 *  0012FD0C  |3F800000
 *  0012FD10  |00000000
 *  0012FD14  |FF000000
 *  0012FD18  |FF000000
 *  0012FD1C  |FF000000
 *  0012FD20  |FF000000
 *  0012FD24  |00000000
 *  0012FD28  |0043E66F  RETURN to lus004.0043E66F
 *  0012FD2C  |089E0060
 *  0012FD30  |00000005
 *  0012FD34  |01D670E0
 *  0012FD38  |41700000
 *  0012FD3C  |00000000
 *  0012FD40  |00000000
 *  0012FD44  |42EC0000
 *  0012FD48  |4413C000
 *  0012FD4C  |089E0060
 *  0012FD50  |01CC7504
 *  0012FD54  |00000000
 *  0012FD58  |00000000
 *  0012FD5C  |08A3B600
 *  0012FD60  |0012FD78
 *  0012FD64  |6F5980B8  RETURN to prl_umdd.6F5980B8 from prl_umdd.6F597B05
 *  0012FD68  |0029DFA0
 *  0012FD6C  |00000019
 *  0012FD70  |00000008
 *  0012FD74  |00000000
 *  0012FD78  |089E0060
 *  0012FD7C  |00000000
 *  0012FD80  |00000001
 *  0012FD84  |01D1E670
 *  0012FD88  |61845418  d3d9.61845418
 *  0012FD8C  |00000005
 *  0012FD90  |00000000
 *  0012FD94  |00000000
 *  0012FD98  |00000010
 *  0012FD9C  |00000002
 *  0012FDA0  |00000000
 *  0012FDA4  |00000000
 *  0012FDA8  |41F00000
 *  0012FDAC  |0012FDC8
 *  0012FDB0  |00406E55  RETURN to lus004.00406E55 from lus004.0043EC70
 *  0012FDB4  |00000000
 *  0012FDB8  |00000001
 *  0012FDBC  |00000004
 *  0012FDC0  |01D66BF0
 *  0012FDC4  |01D1E670
 *  0012FDC8  |0012FDE0
 *  0012FDCC  |00486701  RETURN to lus004.00486701 from lus004.00406E20
 *  0012FDD0  ]0012FE4C
 *  0012FDD4  |004871D7  RETURN to lus004.004871D7 from lus004.0042B1F0
 *  0012FDD8  |02C2AB18 ; jichi: text is here
 *  0012FDDC  |0012FDFC
 *  0012FDE0  |FF000000
 *  0012FDE4  |00000005
 *  0012FDE8  |3FC00000
 *  0012FDEC  |005039A8  lus004.005039A8
 *  0012FDF0  |00252FDD
 *  0012FDF4  |00000002
 *  0012FDF8  |00000002
 *  0012FDFC  |3FA00000
 *  0012FE00  |00000000
 *  0012FE04  |00000000
 *  0012FE08  |00000000
 *  0012FE0C  |00000000
 *  0012FE10  |3FA00000
 *  0012FE14  |00000000
 *  0012FE18  |00000000
 *  0012FE1C  |00000000
 *  0012FE20  |00000000
 *  0012FE24  |3F800000
 *  0012FE28  |00000000
 *  0012FE2C  |42EC0000
 *  0012FE30  |4413C000
 *  0012FE34  |00000000
 *  0012FE38  |3F800000
 *  0012FE3C  |00000005
 *  0012FE40  |00000004
 *  0012FE44  |029101F0
 *  0012FE48  |00000001
 *  0012FE4C  ]0012FE8C
 *  0012FE50  |004851B8  RETURN to lus004.004851B8
 *  0012FE54  |029101F0
 *  0012FE58  |000000EF
 *  0012FE5C  |00000000
 *  0012FE60  |000000EF
 *  0012FE64  |000000EF
 *  0012FE68  |000000EF
 *  0012FE6C  |01CB0B70
 *  0012FE70  |FFFFFFFF
 *  0012FE74  |00000000
 *  0012FE78  |01D70270
 *  0012FE7C  |00000000
 *  0012FE80  |000000EF
 *  0012FE84  |000000C1
 *  0012FE88  |029101F0
 *  0012FE8C  ]0012FEA0
 *  0012FE90  |004B55FB  RETURN to lus004.004B55FB from lus004.00485070
 *  0012FE94  |00000000
 *  0012FE98  |000000EF
 *  0012FE9C  |01DB7770  ASCII "XZN"
 *  0012FEA0  ]0012FEAC
 *  0012FEA4  |004AAD57  RETURN to lus004.004AAD57
 *  0012FEA8  |01C70288
 *  0012FEAC  ]0012FEBC
 *  0012FEB0  |004AB09C  RETURN to lus004.004AB09C from lus004.004AACD0
 *  0012FEB4  |01C70288
 *  0012FEB8  |01000000
 *  0012FEBC  ]0012FEE0
 *  0012FEC0  |004AC8F5  RETURN to lus004.004AC8F5 from lus004.004AB080
 *  0012FEC4  |00BF0752
 *  0012FEC8  |00000113
 */
bool attach(ULONG startAddress, ULONG stopAddress) // attach scenario
{
  ULONG addr1, addr2;
  {
    const uint8_t bytes1[] = {
      0x89,0x88, 0xac,0x02,0x00,0x00, // 00487c1d   8988 ac020000    mov dword ptr ds:[eax+0x2ac],ecx
      0x8b,0x55, 0xfc,                // 00487c23   8b55 fc          mov edx,dword ptr ss:[ebp-0x4]
      0xd9,0xee                       // 00487c26   d9ee             fldz
    };
    addr1 = MemDbg::findBytes(bytes1, sizeof(bytes1), startAddress, stopAddress);
    if (!addr1)
      return false;
    addr1 = MemDbg::findEnclosingAlignedFunction(addr1);
    if (!addr1)
      return false;
    //addr1 = 0x00487c10;
  }
  {
    const uint8_t bytes2[] = {
      0x83,0xe0, 0x0c,  // 0042b266   83e0 0c          and eax,0xc
      0x83,0xf8, 0x04,  // 0042b269   83f8 04          cmp eax,0x4
      0x75, 0x07,       // 0042b26c   75 07            jnz short lus004.0042b275
      0xd9,0xee         // 0042b26e   d9ee             fldz
    };
    addr2 = MemDbg::findBytes(bytes2, sizeof(bytes2), startAddress, stopAddress);
    if (!addr2)
      return false;
    addr2 = MemDbg::findEnclosingAlignedFunction(addr2);
    if (!addr2)
      return false;
    //addr2 = 0x0042b1f0;
  }
  HookParam hp;
  hp.address=addr1;
  hp.hook_before=Private::hookBefore;
  hp.hook_after=Private::hookafter1;
  hp.type=EMBED_ABLE|EMBED_DYNA_SJIS;
  auto succ=NewHook(hp,"EMBEDLUNA");
  hp.address=addr2;
  succ|=NewHook(hp,"EMBEDLUNA");


  return succ;
}
} // namespace ScenarioHook
} // unnamed namespace



bool LunaSoft::attach_function() { 
    
    bool b1=  InsertLunaSoftHook();
    bool b2=InsertXXkata();
    bool embed=ScenarioHook::attach(processStartAddress, processStopAddress);   
    return b1||b2||embed;
}