mirror of
https://github.com/HIllya51/LunaHook.git
synced 2024-12-26 13:14:13 +08:00
78 lines
2.0 KiB
C++
78 lines
2.0 KiB
C++
#include "Cage.h"
|
|
|
|
bool Cage::attach_function()
|
|
{
|
|
// https://vndb.org/v8381
|
|
// 夢姿 ~ゆめのすがた~
|
|
/*
|
|
size_t __cdecl _mbslen(const unsigned __int8 *String)
|
|
{
|
|
const unsigned __int8 *v2; // eax
|
|
size_t i; // esi
|
|
|
|
if ( !dword_476AFC )
|
|
return strlen((const char *)String);
|
|
_lock(25);
|
|
v2 = String;
|
|
for ( i = 0; *v2; ++i )
|
|
{
|
|
if ( (byte_476C01[*v2] & 4) != 0 && !*++v2 )
|
|
break;
|
|
++v2;
|
|
}
|
|
_unlock(25);
|
|
return i;
|
|
}
|
|
*/
|
|
/*
|
|
.text:00451B0C mov eax, [esp+8+String]
|
|
.text:00451B10 pop ecx
|
|
.text:00451B11 xor esi, esi
|
|
.text:00451B13
|
|
.text:00451B13 loc_451B13: ; CODE XREF: __mbslen+3D↓j
|
|
.text:00451B13 mov cl, [eax]
|
|
.text:00451B15 test cl, cl
|
|
.text:00451B17 jz short loc_451B2F
|
|
.text:00451B19 movzx ecx, cl
|
|
.text:00451B1C test byte_476C01[ecx], 4
|
|
.text:00451B23 jz short loc_451B2B
|
|
.text:00451B25 inc eax
|
|
.text:00451B26 cmp byte ptr [eax], 0
|
|
.text:00451B29 jz short loc_451B2F
|
|
.text:00451B2B
|
|
.text:00451B2B loc_451B2B: ; CODE XREF: __mbslen+33↑j
|
|
.text:00451B2B inc esi
|
|
.text:00451B2C inc eax
|
|
.text:00451B2D jmp short loc_451B13
|
|
*/
|
|
BYTE check[] = {
|
|
//clang-format off
|
|
0x8B, 0x44, 0x24, 0x0C,
|
|
0x59,
|
|
0x33, 0xF6,
|
|
0x8A, 0x08,
|
|
0x84, 0xC9,
|
|
0x74, 0x16,
|
|
0x0F, 0xB6, 0xC9,
|
|
0xF6, 0x81, XX4, 0x04,
|
|
0x74, 0x06,
|
|
0x40,
|
|
0x80, 0x38, 0x00,
|
|
0x74, 0x04,
|
|
0x46,
|
|
0x40,
|
|
0xEB, 0xE4
|
|
//clang-format on
|
|
};
|
|
auto addrx = MemDbg::findBytes(check, sizeof(check), processStartAddress, processStopAddress);
|
|
if (!addrx)
|
|
return false;
|
|
addrx = MemDbg::findEnclosingAlignedFunction(addrx);
|
|
if (!addrx)
|
|
return 0;
|
|
HookParam hp;
|
|
hp.address = addrx;
|
|
hp.type = USING_STRING;
|
|
hp.offset = get_stack(1);
|
|
return NewHook(hp, "Cage");
|
|
} |