bugfixes, and remove ntdll for good

This commit is contained in:
Akash Mozumdar 2018-09-11 13:23:10 -04:00
parent a455869837
commit 2ad278255d
5 changed files with 23 additions and 4434 deletions

View File

@ -46,7 +46,6 @@ target_compile_options(vnrhook PRIVATE
) )
set(vnrhook_libs set(vnrhook_libs
ntdll.lib
Version.lib Version.lib
minhook minhook
) )

View File

@ -8,7 +8,6 @@
#endif // _MSC_VER #endif // _MSC_VER
#include "engine/engine.h" #include "engine/engine.h"
#include "ntdll/ntdll.h"
#include "engine/match.h" #include "engine/match.h"
#include "util/util.h" #include "util/util.h"
#include "main.h" #include "main.h"
@ -5763,11 +5762,10 @@ int GetShinaRioVersion()
} }
if (hFile != INVALID_HANDLE_VALUE) { if (hFile != INVALID_HANDLE_VALUE) {
IO_STATUS_BLOCK ios;
//char *buffer,*version;//,*ptr; //char *buffer,*version;//,*ptr;
enum { BufferSize = 0x40 }; enum { BufferSize = 0x40 };
char buffer[BufferSize]; char buffer[BufferSize];
ReadFile(hFile, buffer, BufferSize, nullptr, nullptr); ReadFile(hFile, buffer, BufferSize, (DWORD*)buffer, nullptr);
CloseHandle(hFile); CloseHandle(hFile);
if (buffer[0] == '[') { if (buffer[0] == '[') {
buffer[0x3f] = 0; // jichi 8/24/2013: prevent strstr from overflow buffer[0x3f] = 0; // jichi 8/24/2013: prevent strstr from overflow
@ -8842,33 +8840,7 @@ AkabeiSoft2Try hook:
********************************************************************************************/ ********************************************************************************************/
namespace { // unnamed namespace { // unnamed
MEMORY_WORKING_SET_LIST *GetWorkingSet()
{
DWORD len,retl;
NTSTATUS status;
LPVOID buffer = 0;
len = 0x4000;
status = NtAllocateVirtualMemory(GetCurrentProcess(), &buffer, 0, &len, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
if (!NT_SUCCESS(status)) return 0;
status = NtQueryVirtualMemory(GetCurrentProcess(), 0, MemoryWorkingSetList, buffer, len, &retl);
if (status == STATUS_INFO_LENGTH_MISMATCH) {
len = *(DWORD*)buffer;
len = ((len << 2) & 0xfffff000) + 0x4000;
retl = 0;
NtFreeVirtualMemory(GetCurrentProcess(), &buffer, &retl, MEM_RELEASE);
buffer = 0;
status = NtAllocateVirtualMemory(GetCurrentProcess(), &buffer, 0, &len, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
if (!NT_SUCCESS(status)) return 0;
status = NtQueryVirtualMemory(GetCurrentProcess(), 0, MemoryWorkingSetList, buffer, len, &retl);
if (!NT_SUCCESS(status)) return 0;
return (MEMORY_WORKING_SET_LIST*)buffer;
} else {
retl = 0;
NtFreeVirtualMemory(GetCurrentProcess(), &buffer, &retl, MEM_RELEASE);
return 0;
}
}
typedef struct _NSTRING typedef struct _NSTRING
{ {
PVOID vfTable; PVOID vfTable;
@ -8897,33 +8869,14 @@ void SpecialHookAB2Try(DWORD esp_base, HookParam *, BYTE, DWORD *data, DWORD *sp
} }
} }
BOOL FindCharacteristInstruction(MEMORY_WORKING_SET_LIST *list) BOOL FindCharacteristInstruction()
{ {
DWORD base, size; const BYTE bytes[] = { 0x0F, 0xB7, 0x44, 0x50, 0x0C, 0x89 };
DWORD i, j, k, addr, retl; if (DWORD addr = Util::SearchMemory(bytes, sizeof(bytes), PAGE_EXECUTE_READWRITE))
NTSTATUS status; {
::qsort(&list->WorkingSetList, list->NumberOfPages, 4, cmp); //GROWL_DWORD(addr);
base = list->WorkingSetList[0];
size = 0x1000;
for (i = 1; i < list->NumberOfPages; i++) {
if ((list->WorkingSetList[i] & 2) == 0)
continue;
if (list->WorkingSetList[i] >> 31)
break;
if (base + size == list->WorkingSetList[i])
size += 0x1000;
else {
if (size > 0x2000) {
addr = base & ~0xfff;
status = NtQueryVirtualMemory(GetCurrentProcess(),(PVOID)addr,
MemorySectionName,text_buffer_prev,0x1000,&retl);
if (!NT_SUCCESS(status)) {
k = addr + size - 4;
for (j = addr; j < k; j++) {
if (*(DWORD*)j == 0x5044b70f) {
if (*(WORD*)(j + 4) == 0x890c) { // movzx eax, word ptr [edx*2 + eax + 0xC]; wchar = string[i];
HookParam hp = {}; HookParam hp = {};
hp.address = j; hp.address = addr;
hp.text_fun = SpecialHookAB2Try; hp.text_fun = SpecialHookAB2Try;
hp.type = USING_STRING | NO_CONTEXT | USING_UNICODE; hp.type = USING_STRING | NO_CONTEXT | USING_UNICODE;
ConsoleOutput("vnreng: INSERT AB2Try"); ConsoleOutput("vnreng: INSERT AB2Try");
@ -8932,32 +8885,16 @@ BOOL FindCharacteristInstruction(MEMORY_WORKING_SET_LIST *list)
//RegisterEngineType(ENGINE_AB2T); //RegisterEngineType(ENGINE_AB2T);
return TRUE; return TRUE;
} }
}
}
}
}
size = 0x1000;
base = list->WorkingSetList[i];
}
}
return FALSE; return FALSE;
} }
} // unnamed namespace } // unnamed namespace
bool InsertAB2TryHook() bool InsertAB2TryHook()
{ {
MEMORY_WORKING_SET_LIST *list = GetWorkingSet(); bool ret = FindCharacteristInstruction();
if (!list) {
ConsoleOutput("vnreng:AB2Try: cannot find working list");
return false;
}
bool ret = FindCharacteristInstruction(list);
if (ret) if (ret)
ConsoleOutput("vnreng:AB2Try: found characteristic sequence"); ConsoleOutput("vnreng:AB2Try: found characteristic sequence");
else else
ConsoleOutput("vnreng:AB2Try: cannot find characteristic sequence"); ConsoleOutput("vnreng:AB2Try: cannot find characteristic sequence. Make sure you have start the game and have seen some text on the screen.");
//L"Make sure you have start the game and have seen some text on the screen.");
DWORD size = 0;
NtFreeVirtualMemory(GetCurrentProcess(), (PVOID *)&list, &size, MEM_RELEASE);
return ret; return ret;
} }

View File

@ -87,7 +87,7 @@ bool DeterminePCEngine()
PcHooks::hookGDIPlusFunctions(); PcHooks::hookGDIPlusFunctions();
const char check[] = "sdffffffkjldfjlhjweiumxnvq1204tergdmnxcq1111111111111111111111408t03kxjb40"; const char check[] = "sdffffffkjldfjlhjweiumxnvq1204tergdmnxcq1111111111111111111111408t03kxjb40";
__try { Util::SearchMemory((const BYTE*)check, sizeof(check)); } // Not too sure about the stability of this guy __try { Util::SearchMemory((const BYTE*)check, sizeof(check)); } // Not too sure about the stability of this guy
__except (1) { ConsoleOutput("NextHooker threw while searching memory (NextHooker will likely still work fine, but please let Artikash know this happened!)"); } __except (1) { ConsoleOutput("NextHooker: SearchMemory ERROR (NextHooker will likely still work fine, but please let Artikash know if this happens a lot!)"); }
return false; return false;
} }
@ -489,13 +489,6 @@ bool DetermineEngineByProcessName()
return true; return true;
} }
// jichi 10/3/2013: FIXME: Does not work
// Raise C0000005 even with admin priv
//if (wcsstr(str, L"bsz")) { // BALDRSKY ZERO
// InsertBaldrHook();
// return true;
//}
if (wcsstr(processName, L"SAISYS") || Util::CheckFile(L"SaiSys.exe")) { // jichi 4/19/2014: Marine Heart if (wcsstr(processName, L"SAISYS") || Util::CheckFile(L"SaiSys.exe")) { // jichi 4/19/2014: Marine Heart
InsertMarineHeartHook(); InsertMarineHeartHook();
return true; return true;
@ -558,8 +551,8 @@ bool DetermineEngineOther()
return true; return true;
} }
// Artikash 7/16/2018: Uses libuv: likely Tyranobuilder - sample game https://vndb.org/v22975 // Artikash 7/16/2018: Uses node/libuv: likely Tyranobuilder - sample game https://vndb.org/v22975
if (GetProcAddress(GetModuleHandleW(nullptr), "uv_uptime")) if (GetProcAddress(GetModuleHandleW(nullptr), "uv_uptime") || GetModuleHandleW(L"node.dll"))
{ {
InsertTyranobuilderHook(); InsertTyranobuilderHook();
return true; return true;
@ -850,7 +843,7 @@ bool UnsafeDetermineEngineType()
|| DetermineEngineByProcessName() || DetermineEngineByProcessName()
|| DetermineEngineOther() || DetermineEngineOther()
|| DetermineEngineAtLast() || DetermineEngineAtLast()
//|| DetermineEngineGeneric() || DetermineEngineGeneric()
|| DetermineNoEngine() || DetermineNoEngine()
; ;
} }

File diff suppressed because it is too large Load Diff

View File

@ -297,7 +297,7 @@ DWORD Util::SearchMemory(const BYTE* bytes, unsigned short length, DWORD protect
} }
else else
{ {
if (info.Protect > protect && !(info.Protect & PAGE_GUARD)) validMemory.push_back({ (DWORD)info.BaseAddress, info.RegionSize }); if (info.Protect >= protect && !(info.Protect & PAGE_GUARD)) validMemory.push_back({ (DWORD)info.BaseAddress, info.RegionSize });
probe += info.RegionSize; probe += info.RegionSize;
} }
} }