chenx221/Textractor_test
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

removed reliance on undocumented windows internals in vnrhook

Browse Source
This commit is contained in:
Akash Mozumdar 2018-06-30 05:55:10 -04:00
parent 3a001e66b2
commit 9bc95191ff
2 changed files with 24 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
vnr/vnrhook/src/engine/engine.cc
View File

@ -4366,15 +4366,16 @@ void SpecialHookRUGP1(DWORD esp_base, HookParam *hp, BYTE, DWORD *data, DWORD *s
// jichi 10/1/2013: Change return type to bool // jichi 10/1/2013: Change return type to bool
bool InsertRUGP1Hook() bool InsertRUGP1Hook()
{ {
DWORD low, high; DWORD low;
if (!Util::CheckFile(L"rvmm.dll") || !SafeFillRange(L"rvmm.dll", &low, &high)) { if (!Util::CheckFile(L"rvmm.dll")) {
ConsoleOutput("vnreng:rUGP: rvmm.dll does not exist"); ConsoleOutput("vnreng:rUGP: rvmm.dll does not exist");
return false; return false;
} }
//WCHAR str[0x40]; //WCHAR str[0x40];
LPVOID ch = (LPVOID)0x8140; LPVOID ch = (LPVOID)0x8140;
enum { range = 0x20000 }; enum { range = 0x20000 };
DWORD t = SearchPattern(low + range, high - low - range, &ch, 4) + range; low = (DWORD)GetModuleHandleW(L"rvmm.dll");
DWORD t = SearchPattern(low + range, process_limit, &ch, 4) + range;
BYTE *s = (BYTE *)(low + t); BYTE *s = (BYTE *)(low + t);
//if (t) { //if (t) {
if (t != range) { // jichi 10/1/2013: Changed to compare with 0x20000 if (t != range) { // jichi 10/1/2013: Changed to compare with 0x20000
@ -4510,7 +4511,7 @@ bool InsertRUGP1Hook()
bool InsertRUGP2Hook() bool InsertRUGP2Hook()
{ {
DWORD low, high; DWORD low, high;
if (!Util::CheckFile(L"vm60.dll") || !SafeFillRange(L"vm60.dll", &low, &high)) { if (!Util::CheckFile(L"vm60.dll") /*|| !SafeFillRange(L"vm60.dll", &low, &high)*/) {
ConsoleOutput("vnreng:rUGP2: vm60.dll does not exist"); ConsoleOutput("vnreng:rUGP2: vm60.dll does not exist");
return false; return false;
} }
@ -4524,7 +4525,7 @@ bool InsertRUGP2Hook()
0x89,0x75, 0x0c // 1001e527 8975 0c mov dword ptr ss:[ebp+0xc],esi 0x89,0x75, 0x0c // 1001e527 8975 0c mov dword ptr ss:[ebp+0xc],esi
}; };
enum { addr_offset = 0x1001e51d - 0x1001e515 }; enum { addr_offset = 0x1001e51d - 0x1001e515 };
ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), low, high); ULONG addr = MemDbg::findBytes(bytes, sizeof(bytes), process_base, process_limit);
//GROWL_DWORD(addr); //GROWL_DWORD(addr);
if (!addr) { if (!addr) {
ConsoleOutput("vnreng:rUGP2: pattern not found"); ConsoleOutput("vnreng:rUGP2: pattern not found");
@ -4596,7 +4597,7 @@ System40 hook:
data offset dynamically. data offset dynamically.
********************************************************************************************/ ********************************************************************************************/
static void InsertAliceHook1(DWORD addr, DWORD module, DWORD limit) static void InsertAliceHook1(DWORD addr)
{ {
if (!addr) { if (!addr) {
ConsoleOutput("vnreng:AliceHook1: failed"); ConsoleOutput("vnreng:AliceHook1: failed");
@ -4605,7 +4606,6 @@ static void InsertAliceHook1(DWORD addr, DWORD module, DWORD limit)
for (DWORD i = addr, s = addr; i < s + 0x100; i++) for (DWORD i = addr, s = addr; i < s + 0x100; i++)
if (*(BYTE *)i == 0xe8) { // Find the first relative call. if (*(BYTE *)i == 0xe8) { // Find the first relative call.
DWORD j = i + 5 + *(DWORD *)(i + 1); DWORD j = i + 5 + *(DWORD *)(i + 1);
if (j > module && j < limit) {
while (true) { // Find the first register push onto stack. while (true) { // Find the first register push onto stack.
DWORD c = ::disasm((BYTE *)s); DWORD c = ::disasm((BYTE *)s);
if (c == 1) if (c == 1)
@ -4624,7 +4624,6 @@ static void InsertAliceHook1(DWORD addr, DWORD module, DWORD limit)
//RegisterEngineType(ENGINE_SYS40); //RegisterEngineType(ENGINE_SYS40);
return; return;
} }
}
ConsoleOutput("vnreng:AliceHook1: failed"); ConsoleOutput("vnreng:AliceHook1: failed");
} }
static void InsertAliceHook2(DWORD addr) static void InsertAliceHook2(DWORD addr)
@ -4649,12 +4648,20 @@ static void InsertAliceHook2(DWORD addr)
// jichi 5/13/2015: Looking for function entries in StoatSpriteEngine.dll // jichi 5/13/2015: Looking for function entries in StoatSpriteEngine.dll
bool InsertAliceHook() bool InsertAliceHook()
{ {
DWORD low, high, addr; DWORD addr;
if (GetFunctionAddr("SP_TextDraw", &addr, &low, &high, 0) && addr) { if (addr = (DWORD)GetProcAddress(GetModuleHandleW(L"SACT2.dll"), "SP_TextDraw")) {
InsertAliceHook1(addr, low, low + high); InsertAliceHook1(addr);
return true; return true;
} }
if (GetFunctionAddr("SP_SetTextSprite", &addr, &low, &high, 0) && addr) { if (addr = (DWORD)GetProcAddress(GetModuleHandleW(L"SACTDX.dll"), "SP_TextDraw")) {
InsertAliceHook1(addr);
return true;
}
//if (GetFunctionAddr("SP_SetTextSprite", &addr, &low, &high, 0) && addr) {
// InsertAliceHook2(addr);
// return true;
//}
if (addr = (DWORD)GetProcAddress(GetModuleHandleW(L"StoatSpriteEngine.dll"), "SP_SetTextSprite")) { // Artikash 6/27/2018 not sure if this works
InsertAliceHook2(addr); InsertAliceHook2(addr);
return true; return true;
} }
@ -8216,12 +8223,7 @@ void SpecialHookDebonosuScenario(DWORD esp_base, HookParam *hp, BYTE, DWORD *dat
} }
bool InsertDebonosuScenarioHook() bool InsertDebonosuScenarioHook()
{ {
DWORD fun; DWORD addr = Util::FindImportEntry(process_base, (DWORD)lstrcatA);
if (!GetFunctionAddr("lstrcatA", &fun, 0, 0, 0)) {
ConsoleOutput("vnreng:Debonosu: failed to find lstrcatA");
return false;
}
DWORD addr = Util::FindImportEntry(process_base, fun);
if (!addr) { if (!addr) {
ConsoleOutput("vnreng:Debonosu: lstrcatA is not called"); ConsoleOutput("vnreng:Debonosu: lstrcatA is not called");
return false; return false;
@ -8796,11 +8798,11 @@ bool InsertIGSDynamicHook(LPVOID addr, DWORD frame, DWORD stack)
i = *(DWORD *)frame; i = *(DWORD *)frame;
i = *(DWORD *)(i+4); i = *(DWORD *)(i+4);
DWORD j, k; DWORD j, k;
if (SafeFillRange(L"mscorlib.ni.dll", &j, &k)) { //if (SafeFillRange(L"mscorlib.ni.dll", &j, &k)) { // Artikash 6/30/2018: Dunno why addresses are needed
while (*(BYTE *)i != 0xe8) while (*(BYTE *)i != 0xe8)
i++; i++;
DWORD t = *(DWORD *)(i + 1) + i + 5; DWORD t = *(DWORD *)(i + 1) + i + 5;
if (t>j && t<k) { //if (t>j && t<k) {
HookParam hp = {}; HookParam hp = {};
hp.address = t; hp.address = t;
hp.offset = -0x10; hp.offset = -0x10;
@ -8812,8 +8814,8 @@ bool InsertIGSDynamicHook(LPVOID addr, DWORD frame, DWORD stack)
//ConsoleOutput("IGS - Please set text(ヂ<><EFBFBD> display speed(表示速度) to fastest(瞬<>"); //ConsoleOutput("IGS - Please set text(ヂ<><EFBFBD> display speed(表示速度) to fastest(瞬<>");
//RegisterEngineType(ENGINE_IGS); //RegisterEngineType(ENGINE_IGS);
return true; return true;
} //}
} //}
ConsoleOutput("vnreng:IGS: failed"); ConsoleOutput("vnreng:IGS: failed");
return true; // jichi 12/25/2013: return true return true; // jichi 12/25/2013: return true
} }

63
vnr/vnrhook/src/main.cc
View File

@ -54,68 +54,6 @@ HMODULE currentModule;
extern DWORD enter_count; extern DWORD enter_count;
//extern LPWSTR current_dir; //extern LPWSTR current_dir;
extern DWORD engine_type; extern DWORD engine_type;
std::unordered_map<std::string, FunctionInfo> functionInfoByName;
namespace { // unnamed
void AddModule(DWORD hModule, DWORD size, LPWSTR name)
{
FunctionInfo info = {0, hModule, size, name};
IMAGE_DOS_HEADER *DosHdr = (IMAGE_DOS_HEADER *)hModule;
if (IMAGE_DOS_SIGNATURE == DosHdr->e_magic) {
DWORD dwReadAddr = hModule + DosHdr->e_lfanew;
IMAGE_NT_HEADERS *NtHdr = (IMAGE_NT_HEADERS *)dwReadAddr;
if (IMAGE_NT_SIGNATURE == NtHdr->Signature) {
DWORD dwExportAddr = NtHdr->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress;
if (dwExportAddr == 0)
return;
dwExportAddr += hModule;
IMAGE_EXPORT_DIRECTORY *ExtDir = (IMAGE_EXPORT_DIRECTORY*)dwExportAddr;
dwExportAddr = hModule+ExtDir->AddressOfNames;
for (UINT uj = 0; uj < ExtDir->NumberOfNames; uj++) {
DWORD dwFuncName = *(DWORD *)dwExportAddr;
char *pcBuffer = (char *)(hModule + dwFuncName);
char *pcFuncPtr = (char *)(hModule + (DWORD)ExtDir->AddressOfNameOrdinals+(uj * sizeof(WORD)));
WORD word = *(WORD *)pcFuncPtr;
pcFuncPtr = (char *)(hModule + (DWORD)ExtDir->AddressOfFunctions+(word * sizeof(DWORD)));
info.addr = hModule + *(DWORD *)pcFuncPtr;
::functionInfoByName[std::string(pcBuffer)] = info;
dwExportAddr += sizeof(DWORD);
}
}
}
}
void AddAllModules()
{
// jichi 9/26/2013: AVLTree is already zero
PPEB ppeb;
__asm {
mov eax, fs:[0x30]
mov ppeb, eax
}
DWORD temp = *(DWORD *)(&ppeb->Ldr->InLoadOrderModuleList);
PLDR_DATA_TABLE_ENTRY it = (PLDR_DATA_TABLE_ENTRY)temp;
while (it->SizeOfImage) {
AddModule((DWORD)it->DllBase, it->SizeOfImage, it->BaseDllName.Buffer);
it = (PLDR_DATA_TABLE_ENTRY)it->InLoadOrderModuleList.Flink;
if (*(DWORD *)it == temp)
break;
}
}
} // unnamed namespace
DWORD GetFunctionAddr(const char *name, DWORD *addr, DWORD *base, DWORD *size, LPWSTR *base_name)
{
if (::functionInfoByName.find(std::string(name)) == ::functionInfoByName.end())
return FALSE;
FunctionInfo functionInfo = ::functionInfoByName[std::string(name)];
if (addr) *addr = functionInfo.addr;
if (base) *base = functionInfo.module;
if (size) *size = functionInfo.size;
return TRUE;
}
BOOL WINAPI DllMain(HINSTANCE hModule, DWORD fdwReason, LPVOID unused) BOOL WINAPI DllMain(HINSTANCE hModule, DWORD fdwReason, LPVOID unused)
{ {
@ -163,7 +101,6 @@ BOOL WINAPI DllMain(HINSTANCE hModule, DWORD fdwReason, LPVOID unused)
::running = true; ::running = true;
::current_available = ::hookman; ::current_available = ::hookman;
AddAllModules();
::currentModule = hModule; ::currentModule = hModule;
pipeThread = CreateThread(nullptr, 0, PipeManager, 0, 0, nullptr); pipeThread = CreateThread(nullptr, 0, PipeManager, 0, 0, nullptr);