From d307b7af2ea147f36c6a37a7a4f603cdd6644c76 Mon Sep 17 00:00:00 2001 From: Akash Mozumdar Date: Sun, 14 Oct 2018 10:29:23 -0400 Subject: [PATCH] searchmemory returns all matches now --- vnrhook/engine/engine.cc | 38 ++++++++++++++++++++------------------ vnrhook/util/util.cc | 24 +++++++++++++----------- vnrhook/util/util.h | 4 ++-- 3 files changed, 35 insertions(+), 31 deletions(-) diff --git a/vnrhook/engine/engine.cc b/vnrhook/engine/engine.cc index acc8123..ee02b7b 100644 --- a/vnrhook/engine/engine.cc +++ b/vnrhook/engine/engine.cc @@ -2123,20 +2123,20 @@ bool InsertBGIHook() bool InsertBaldrHook() { const BYTE ins[] = { 0x90,0xff,0x50,0x3c,0x83,0xc4,0x20,0x8b,0x45,0xec }; - DWORD addr = Util::SearchMemory(ins, sizeof(ins)); - if (!addr) { - ConsoleOutput("Textractor: BALDR failed: could not find instructions"); - return false; + for (auto addr : Util::SearchMemory(ins, sizeof(ins))) + { + HookParam hp = {}; + hp.address = addr; + hp.offset = 4; + hp.type = NO_CONTEXT | USING_STRING | USING_UNICODE; // 0x403 + ConsoleOutput("Textractor: INSERT BALDR"); + NewHook(hp, "BALDR"); + + return true; } - HookParam hp = {}; - hp.address = addr; - hp.offset = 4; - hp.type = NO_CONTEXT | USING_STRING | USING_UNICODE; // 0x403 - ConsoleOutput("Textractor: INSERT BALDR"); - NewHook(hp, "BALDR"); - - return true; + ConsoleOutput("Textractor: BALDR failed: could not find instructions"); + return false; } /******************************************************************************************** @@ -8871,7 +8871,7 @@ void SpecialHookAB2Try(DWORD esp_base, HookParam *, BYTE, DWORD *data, DWORD *sp BOOL FindCharacteristInstruction() { const BYTE bytes[] = { 0x0F, 0xB7, 0x44, 0x50, 0x0C, 0x89 }; - if (DWORD addr = Util::SearchMemory(bytes, sizeof(bytes), PAGE_EXECUTE_READWRITE)) + for (auto addr : Util::SearchMemory(bytes, sizeof(bytes), PAGE_EXECUTE_READWRITE)) { //GROWL_DWORD(addr); HookParam hp = {}; @@ -9321,6 +9321,7 @@ bool InsertWillPlusWHook() */ static bool InsertNewWillPlusHook() { + bool found = false; const BYTE characteristicInstructions[] = { 0xc2, 0x08, 0, // ret 0008; Seems to always be ret 8 before the hookable function. not sure why, not sure if stable. @@ -9333,10 +9334,11 @@ static bool InsertNewWillPlusHook() 0x81, 0xec, XX4, // sub esp,? 0xa1, XX4, // mov eax,[?] 0x33, 0xc5, // xor eax,ebp - 0x89, 0x45, 0xec // mov [ebp-14],eax; not sure if 0x14 is stable + //0x89, 0x45, 0xec // mov [ebp-14],eax; not sure if 0x14 is stable }; - if (DWORD addr = Util::SearchMemory(characteristicInstructions, sizeof(characteristicInstructions))) + for (auto addr : Util::SearchMemory(characteristicInstructions, sizeof(characteristicInstructions))) { + //GROWL_DWORD(addr); HookParam hp = {}; hp.address = addr + 3; hp.type = USING_STRING | USING_UNICODE | DATA_INDIRECT; @@ -9344,10 +9346,10 @@ static bool InsertNewWillPlusHook() hp.index = 0; ConsoleOutput("Textractor: INSERT New WillPlus (ADVHD) hook"); NewHook(hp, "WillPlus2"); - return true; + found = true; } - ConsoleOutput("New WillPlus: failed to find instructions"); - return false; + if (!found) ConsoleOutput("New WillPlus: failed to find instructions"); + return found; } } // unnamed namespace diff --git a/vnrhook/util/util.cc b/vnrhook/util/util.cc index 7782a16..10d5f41 100644 --- a/vnrhook/util/util.cc +++ b/vnrhook/util/util.cc @@ -3,7 +3,6 @@ // Branch: ITH_Engine/engine.cpp, revision 133 // See: http://ja.wikipedia.org/wiki/プロジェクト:美少女ゲーム系/ゲームエンジン -#include "common.h" #include "util/util.h" #include "ithsys/ithsys.h" #include "main.h" @@ -286,7 +285,7 @@ bool Util::SearchResourceString(LPCWSTR str) namespace { - DWORD SafeSearchMemory(DWORD startAddr, DWORD endAddr, const BYTE* bytes, unsigned short length) + uint64_t SafeSearchMemory(uint64_t startAddr, uint64_t endAddr, const BYTE* bytes, short length) { __try { @@ -295,7 +294,7 @@ namespace if (j == length) return startAddr + i; // not sure about this algorithm... else if (*((BYTE*)startAddr + i + j) != *(bytes + j) && *(bytes + j) != 0x11) break; // 0x11 = wildcard } - __except (1) + __except (EXCEPTION_EXECUTE_HANDLER) { ConsoleOutput("Textractor: SearchMemory ERROR (Textractor will likely still work fine, but please let Artikash know if this happens a lot!)"); return 0; @@ -304,29 +303,32 @@ namespace } } -DWORD Util::SearchMemory(const BYTE* bytes, unsigned short length, DWORD protect) +std::vector Util::SearchMemory(const BYTE* bytes, short length, DWORD protect) { - std::vector> validMemory; - for (BYTE* probe = NULL; (DWORD)probe < 0x80000000;) // end of user memory space + std::vector> validMemory; + for (BYTE* probe = NULL; (uint64_t)probe < 0x80000000;) // end of user memory space { MEMORY_BASIC_INFORMATION info = {}; if (!VirtualQuery(probe, &info, sizeof(info))) { - probe += 0x1000; + probe += 0x1000; // page size continue; } else { - if (info.Protect >= protect && !(info.Protect & PAGE_GUARD)) validMemory.push_back({ (DWORD)info.BaseAddress, info.RegionSize }); + if (info.Protect >= protect && !(info.Protect & PAGE_GUARD)) validMemory.push_back({ (uint64_t)info.BaseAddress, info.RegionSize }); probe += info.RegionSize; } } + std::vector ret; for (auto memory : validMemory) - if (DWORD ret = SafeSearchMemory(memory.first, memory.first + memory.second, bytes, length)) - return ret; + for (uint64_t addr = memory.first; true;) + if (addr = SafeSearchMemory(addr, memory.first + memory.second, bytes, length)) + ret.push_back(addr++); + else break; - return 0; + return ret; } // EOF diff --git a/vnrhook/util/util.h b/vnrhook/util/util.h index 1586c69..a009944 100644 --- a/vnrhook/util/util.h +++ b/vnrhook/util/util.h @@ -3,7 +3,7 @@ // util.h // 8/23/2013 jichi -#include +#include "common.h" namespace Util { @@ -22,7 +22,7 @@ bool CheckFile(LPCWSTR name); bool SearchResourceString(LPCWSTR str); -DWORD SearchMemory(const BYTE* bytes, unsigned short length, DWORD protect = PAGE_EXECUTE); +std::vector SearchMemory(const BYTE* bytes, short length, DWORD protect = PAGE_EXECUTE); } // namespace Util