bugfixes, and remove ntdll for good

This commit is contained in:
Akash Mozumdar 2018-09-11 13:23:10 -04:00
parent a455869837
commit 2ad278255d
5 changed files with 23 additions and 4434 deletions

View File

@ -46,7 +46,6 @@ target_compile_options(vnrhook PRIVATE
)
set(vnrhook_libs
ntdll.lib
Version.lib
minhook
)

View File

@ -8,7 +8,6 @@
#endif // _MSC_VER
#include "engine/engine.h"
#include "ntdll/ntdll.h"
#include "engine/match.h"
#include "util/util.h"
#include "main.h"
@ -5763,11 +5762,10 @@ int GetShinaRioVersion()
}
if (hFile != INVALID_HANDLE_VALUE) {
IO_STATUS_BLOCK ios;
//char *buffer,*version;//,*ptr;
enum { BufferSize = 0x40 };
char buffer[BufferSize];
ReadFile(hFile, buffer, BufferSize, nullptr, nullptr);
ReadFile(hFile, buffer, BufferSize, (DWORD*)buffer, nullptr);
CloseHandle(hFile);
if (buffer[0] == '[') {
buffer[0x3f] = 0; // jichi 8/24/2013: prevent strstr from overflow
@ -8842,33 +8840,7 @@ AkabeiSoft2Try hook:
********************************************************************************************/
namespace { // unnamed
MEMORY_WORKING_SET_LIST *GetWorkingSet()
{
DWORD len,retl;
NTSTATUS status;
LPVOID buffer = 0;
len = 0x4000;
status = NtAllocateVirtualMemory(GetCurrentProcess(), &buffer, 0, &len, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
if (!NT_SUCCESS(status)) return 0;
status = NtQueryVirtualMemory(GetCurrentProcess(), 0, MemoryWorkingSetList, buffer, len, &retl);
if (status == STATUS_INFO_LENGTH_MISMATCH) {
len = *(DWORD*)buffer;
len = ((len << 2) & 0xfffff000) + 0x4000;
retl = 0;
NtFreeVirtualMemory(GetCurrentProcess(), &buffer, &retl, MEM_RELEASE);
buffer = 0;
status = NtAllocateVirtualMemory(GetCurrentProcess(), &buffer, 0, &len, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
if (!NT_SUCCESS(status)) return 0;
status = NtQueryVirtualMemory(GetCurrentProcess(), 0, MemoryWorkingSetList, buffer, len, &retl);
if (!NT_SUCCESS(status)) return 0;
return (MEMORY_WORKING_SET_LIST*)buffer;
} else {
retl = 0;
NtFreeVirtualMemory(GetCurrentProcess(), &buffer, &retl, MEM_RELEASE);
return 0;
}
}
typedef struct _NSTRING
{
PVOID vfTable;
@ -8897,67 +8869,32 @@ void SpecialHookAB2Try(DWORD esp_base, HookParam *, BYTE, DWORD *data, DWORD *sp
}
}
BOOL FindCharacteristInstruction(MEMORY_WORKING_SET_LIST *list)
BOOL FindCharacteristInstruction()
{
DWORD base, size;
DWORD i, j, k, addr, retl;
NTSTATUS status;
::qsort(&list->WorkingSetList, list->NumberOfPages, 4, cmp);
base = list->WorkingSetList[0];
size = 0x1000;
for (i = 1; i < list->NumberOfPages; i++) {
if ((list->WorkingSetList[i] & 2) == 0)
continue;
if (list->WorkingSetList[i] >> 31)
break;
if (base + size == list->WorkingSetList[i])
size += 0x1000;
else {
if (size > 0x2000) {
addr = base & ~0xfff;
status = NtQueryVirtualMemory(GetCurrentProcess(),(PVOID)addr,
MemorySectionName,text_buffer_prev,0x1000,&retl);
if (!NT_SUCCESS(status)) {
k = addr + size - 4;
for (j = addr; j < k; j++) {
if (*(DWORD*)j == 0x5044b70f) {
if (*(WORD*)(j + 4) == 0x890c) { // movzx eax, word ptr [edx*2 + eax + 0xC]; wchar = string[i];
HookParam hp = {};
hp.address = j;
hp.text_fun = SpecialHookAB2Try;
hp.type = USING_STRING|NO_CONTEXT|USING_UNICODE;
ConsoleOutput("vnreng: INSERT AB2Try");
NewHook(hp, "AB2Try");
//ConsoleOutput("Please adjust text speed to fastest/immediate.");
//RegisterEngineType(ENGINE_AB2T);
return TRUE;
}
}
}
}
}
size = 0x1000;
base = list->WorkingSetList[i];
}
}
const BYTE bytes[] = { 0x0F, 0xB7, 0x44, 0x50, 0x0C, 0x89 };
if (DWORD addr = Util::SearchMemory(bytes, sizeof(bytes), PAGE_EXECUTE_READWRITE))
{
//GROWL_DWORD(addr);
HookParam hp = {};
hp.address = addr;
hp.text_fun = SpecialHookAB2Try;
hp.type = USING_STRING | NO_CONTEXT | USING_UNICODE;
ConsoleOutput("vnreng: INSERT AB2Try");
NewHook(hp, "AB2Try");
//ConsoleOutput("Please adjust text speed to fastest/immediate.");
//RegisterEngineType(ENGINE_AB2T);
return TRUE;
}
return FALSE;
}
} // unnamed namespace
bool InsertAB2TryHook()
{
MEMORY_WORKING_SET_LIST *list = GetWorkingSet();
if (!list) {
ConsoleOutput("vnreng:AB2Try: cannot find working list");
return false;
}
bool ret = FindCharacteristInstruction(list);
bool ret = FindCharacteristInstruction();
if (ret)
ConsoleOutput("vnreng:AB2Try: found characteristic sequence");
else
ConsoleOutput("vnreng:AB2Try: cannot find characteristic sequence");
//L"Make sure you have start the game and have seen some text on the screen.");
DWORD size = 0;
NtFreeVirtualMemory(GetCurrentProcess(), (PVOID *)&list, &size, MEM_RELEASE);
ConsoleOutput("vnreng:AB2Try: cannot find characteristic sequence. Make sure you have start the game and have seen some text on the screen.");
return ret;
}

View File

@ -87,7 +87,7 @@ bool DeterminePCEngine()
PcHooks::hookGDIPlusFunctions();
const char check[] = "sdffffffkjldfjlhjweiumxnvq1204tergdmnxcq1111111111111111111111408t03kxjb40";
__try { Util::SearchMemory((const BYTE*)check, sizeof(check)); } // Not too sure about the stability of this guy
__except (1) { ConsoleOutput("NextHooker threw while searching memory (NextHooker will likely still work fine, but please let Artikash know this happened!)"); }
__except (1) { ConsoleOutput("NextHooker: SearchMemory ERROR (NextHooker will likely still work fine, but please let Artikash know if this happens a lot!)"); }
return false;
}
@ -489,13 +489,6 @@ bool DetermineEngineByProcessName()
return true;
}
// jichi 10/3/2013: FIXME: Does not work
// Raise C0000005 even with admin priv
//if (wcsstr(str, L"bsz")) { // BALDRSKY ZERO
// InsertBaldrHook();
// return true;
//}
if (wcsstr(processName, L"SAISYS") || Util::CheckFile(L"SaiSys.exe")) { // jichi 4/19/2014: Marine Heart
InsertMarineHeartHook();
return true;
@ -558,8 +551,8 @@ bool DetermineEngineOther()
return true;
}
// Artikash 7/16/2018: Uses libuv: likely Tyranobuilder - sample game https://vndb.org/v22975
if (GetProcAddress(GetModuleHandleW(nullptr), "uv_uptime"))
// Artikash 7/16/2018: Uses node/libuv: likely Tyranobuilder - sample game https://vndb.org/v22975
if (GetProcAddress(GetModuleHandleW(nullptr), "uv_uptime") || GetModuleHandleW(L"node.dll"))
{
InsertTyranobuilderHook();
return true;
@ -850,7 +843,7 @@ bool UnsafeDetermineEngineType()
|| DetermineEngineByProcessName()
|| DetermineEngineOther()
|| DetermineEngineAtLast()
//|| DetermineEngineGeneric()
|| DetermineEngineGeneric()
|| DetermineNoEngine()
;
}

File diff suppressed because it is too large Load Diff

View File

@ -297,7 +297,7 @@ DWORD Util::SearchMemory(const BYTE* bytes, unsigned short length, DWORD protect
}
else
{
if (info.Protect > protect && !(info.Protect & PAGE_GUARD)) validMemory.push_back({ (DWORD)info.BaseAddress, info.RegionSize });
if (info.Protect >= protect && !(info.Protect & PAGE_GUARD)) validMemory.push_back({ (DWORD)info.BaseAddress, info.RegionSize });
probe += info.RegionSize;
}
}