mirror of
https://github.com/Artikash/Textractor.git
synced 2025-01-11 01:59:14 +08:00
small refactors
This commit is contained in:
parent
6bc8143980
commit
dddbc00694
@ -209,7 +209,7 @@ namespace Host
|
||||
|
||||
void DetachProcess(DWORD processId)
|
||||
{
|
||||
int command = HOST_COMMAND_DETACH;
|
||||
auto command = HOST_COMMAND_DETACH;
|
||||
WriteFile(processRecordsByIds[processId].hostPipe, &command, sizeof(command), DUMMY, nullptr);
|
||||
}
|
||||
|
||||
@ -258,7 +258,7 @@ namespace Host
|
||||
ReadProcessMemory(pr.processHandle, hooks[i].hook_name, buffer.data(), hooks[i].name_length, nullptr);
|
||||
}
|
||||
ReleaseMutex(pr.sectionMutex);
|
||||
return StringToWideString(buffer.c_str(), CP_UTF8);
|
||||
return StringToWideString(buffer, CP_UTF8);
|
||||
}
|
||||
|
||||
TextThread* GetThread(ThreadParam tp)
|
||||
|
@ -2,6 +2,5 @@
|
||||
|
||||
#include "common.h"
|
||||
#include <QString>
|
||||
#include <QStringList>
|
||||
#include <QVector>
|
||||
#include <QRegularExpression>
|
||||
|
@ -25,10 +25,30 @@ DWORD SigMask(DWORD sig)
|
||||
return 0xffffffff >> (count << 3);
|
||||
}
|
||||
|
||||
uint64_t SafeSearchMemory(uint64_t startAddr, uint64_t endAddr, const BYTE* bytes, short length)
|
||||
{
|
||||
__try
|
||||
{
|
||||
for (int i = 0; i < endAddr - startAddr - length; ++i)
|
||||
for (int j = 0; j <= length; ++j)
|
||||
if (j == length) return startAddr + i; // not sure about this algorithm...
|
||||
else if (*((BYTE*)startAddr + i + j) != *(bytes + j) && *(bytes + j) != 0x11) break; // 0x11 = wildcard
|
||||
}
|
||||
__except (EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
ConsoleOutput("Textractor: SearchMemory ERROR (Textractor will likely still work fine, but please let Artikash know if this happens a lot!)");
|
||||
return 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
} // namespace unnamed
|
||||
|
||||
namespace Util
|
||||
{
|
||||
|
||||
// jichi 8/24/2013: binary search?
|
||||
DWORD Util::GetCodeRange(DWORD hModule,DWORD *low, DWORD *high)
|
||||
DWORD GetCodeRange(DWORD hModule,DWORD *low, DWORD *high)
|
||||
{
|
||||
IMAGE_DOS_HEADER *DosHdr;
|
||||
IMAGE_NT_HEADERS *NtHdr;
|
||||
@ -49,7 +69,7 @@ DWORD Util::GetCodeRange(DWORD hModule,DWORD *low, DWORD *high)
|
||||
return 0;
|
||||
}
|
||||
|
||||
DWORD Util::FindCallAndEntryBoth(DWORD fun, DWORD size, DWORD pt, DWORD sig)
|
||||
DWORD FindCallAndEntryBoth(DWORD fun, DWORD size, DWORD pt, DWORD sig)
|
||||
{
|
||||
//WCHAR str[0x40];
|
||||
enum { reverse_length = 0x800 };
|
||||
@ -91,7 +111,7 @@ DWORD Util::FindCallAndEntryBoth(DWORD fun, DWORD size, DWORD pt, DWORD sig)
|
||||
return 0;
|
||||
}
|
||||
|
||||
DWORD Util::FindCallOrJmpRel(DWORD fun, DWORD size, DWORD pt, bool jmp)
|
||||
DWORD FindCallOrJmpRel(DWORD fun, DWORD size, DWORD pt, bool jmp)
|
||||
{
|
||||
BYTE sig = (jmp) ? 0xe9 : 0xe8;
|
||||
for (DWORD i = 0x1000; i < size - 4; i++)
|
||||
@ -106,7 +126,7 @@ DWORD Util::FindCallOrJmpRel(DWORD fun, DWORD size, DWORD pt, bool jmp)
|
||||
return 0;
|
||||
}
|
||||
|
||||
DWORD Util::FindCallOrJmpAbs(DWORD fun, DWORD size, DWORD pt, bool jmp)
|
||||
DWORD FindCallOrJmpAbs(DWORD fun, DWORD size, DWORD pt, bool jmp)
|
||||
{
|
||||
WORD sig = jmp ? 0x25ff : 0x15ff;
|
||||
for (DWORD i = 0x1000; i < size - 4; i++)
|
||||
@ -122,7 +142,7 @@ DWORD Util::FindCallOrJmpAbs(DWORD fun, DWORD size, DWORD pt, bool jmp)
|
||||
return 0;
|
||||
}
|
||||
|
||||
DWORD Util::FindCallBoth(DWORD fun, DWORD size, DWORD pt)
|
||||
DWORD FindCallBoth(DWORD fun, DWORD size, DWORD pt)
|
||||
{
|
||||
for (DWORD i = 0x1000; i < size - 4; i++) {
|
||||
if (*(BYTE *)(pt + i) == 0xe8) {
|
||||
@ -143,7 +163,7 @@ DWORD Util::FindCallBoth(DWORD fun, DWORD size, DWORD pt)
|
||||
return 0;
|
||||
}
|
||||
|
||||
DWORD Util::FindCallAndEntryAbs(DWORD fun, DWORD size, DWORD pt, DWORD sig)
|
||||
DWORD FindCallAndEntryAbs(DWORD fun, DWORD size, DWORD pt, DWORD sig)
|
||||
{
|
||||
//WCHAR str[0x40];
|
||||
enum { reverse_length = 0x800 };
|
||||
@ -168,7 +188,7 @@ DWORD Util::FindCallAndEntryAbs(DWORD fun, DWORD size, DWORD pt, DWORD sig)
|
||||
return 0;
|
||||
}
|
||||
|
||||
DWORD Util::FindCallAndEntryRel(DWORD fun, DWORD size, DWORD pt, DWORD sig)
|
||||
DWORD FindCallAndEntryRel(DWORD fun, DWORD size, DWORD pt, DWORD sig)
|
||||
{
|
||||
//WCHAR str[0x40];
|
||||
enum { reverse_length = 0x800 };
|
||||
@ -184,7 +204,7 @@ DWORD Util::FindCallAndEntryRel(DWORD fun, DWORD size, DWORD pt, DWORD sig)
|
||||
return 0;
|
||||
}
|
||||
|
||||
bool Util::CheckFile(LPCWSTR name)
|
||||
bool CheckFile(LPCWSTR name)
|
||||
{
|
||||
WIN32_FIND_DATAW unused;
|
||||
HANDLE file = FindFirstFileW(name, &unused);
|
||||
@ -206,7 +226,7 @@ bool Util::CheckFile(LPCWSTR name)
|
||||
return false;
|
||||
}
|
||||
|
||||
DWORD Util::FindEntryAligned(DWORD start, DWORD back_range)
|
||||
DWORD FindEntryAligned(DWORD start, DWORD back_range)
|
||||
{
|
||||
start &= ~0xf;
|
||||
for (DWORD i = start, j = start - back_range; i > j; i-=0x10) {
|
||||
@ -236,7 +256,7 @@ DWORD Util::FindEntryAligned(DWORD start, DWORD back_range)
|
||||
return 0;
|
||||
}
|
||||
|
||||
DWORD Util::FindImportEntry(DWORD hModule, DWORD fun)
|
||||
DWORD FindImportEntry(DWORD hModule, DWORD fun)
|
||||
{
|
||||
IMAGE_DOS_HEADER *DosHdr;
|
||||
IMAGE_NT_HEADERS *NtHdr;
|
||||
@ -260,7 +280,7 @@ DWORD Util::FindImportEntry(DWORD hModule, DWORD fun)
|
||||
}
|
||||
|
||||
// Search string in rsrc section. This section usually contains version and copyright info.
|
||||
bool Util::SearchResourceString(LPCWSTR str)
|
||||
bool SearchResourceString(LPCWSTR str)
|
||||
{
|
||||
DWORD hModule = (DWORD)GetModuleHandleW(nullptr);
|
||||
IMAGE_DOS_HEADER *DosHdr;
|
||||
@ -283,27 +303,7 @@ bool Util::SearchResourceString(LPCWSTR str)
|
||||
return false;
|
||||
}
|
||||
|
||||
namespace
|
||||
{
|
||||
uint64_t SafeSearchMemory(uint64_t startAddr, uint64_t endAddr, const BYTE* bytes, short length)
|
||||
{
|
||||
__try
|
||||
{
|
||||
for (int i = 0; i < endAddr - startAddr - length; ++i)
|
||||
for (int j = 0; j <= length; ++j)
|
||||
if (j == length) return startAddr + i; // not sure about this algorithm...
|
||||
else if (*((BYTE*)startAddr + i + j) != *(bytes + j) && *(bytes + j) != 0x11) break; // 0x11 = wildcard
|
||||
}
|
||||
__except (EXCEPTION_EXECUTE_HANDLER)
|
||||
{
|
||||
ConsoleOutput("Textractor: SearchMemory ERROR (Textractor will likely still work fine, but please let Artikash know if this happens a lot!)");
|
||||
return 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
std::vector<uint64_t> Util::SearchMemory(const BYTE* bytes, short length, DWORD protect)
|
||||
std::vector<uint64_t> SearchMemory(const BYTE* bytes, short length, DWORD protect)
|
||||
{
|
||||
std::vector<std::pair<uint64_t, uint64_t>> validMemory;
|
||||
for (BYTE* probe = NULL; (uint64_t)probe < 0x80000000;) // end of user memory space
|
||||
@ -330,5 +330,6 @@ std::vector<uint64_t> Util::SearchMemory(const BYTE* bytes, short length, DWORD
|
||||
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
|
||||
// EOF
|
||||
|
Loading…
x
Reference in New Issue
Block a user