private bool VerifyAllMatchedKeys(CryptoPatchContainer patches)
{
var samplePatch = CryptoPatches.Find(p => !p.Inlined);
var inlinedPatches = CryptoPatches.Where(p => p.Inlined);
foreach (var inlinedPatch in inlinedPatches)
{
if (inlinedPatch.Keys[0].Key != samplePatch.Keys[0].Key)
{
return(false);
}
if (inlinedPatch.Keys[2].Key != samplePatch.Keys[2].Key)
{
return(false);
}
}
var regularPatches = CryptoPatches.Where(p => !p.Inlined);
foreach (var patch in regularPatches)
{
for (int i = 0; i < CryptoPatch.KEYS_COUNT; i++)
{
if (patch.Keys[i].Key != samplePatch.Keys[i].Key)
{
return(false);
}
}
}
return(true);
}
public TargetPE(string filePath)
{
FileInfo fi = new FileInfo(filePath);
if (fi.Exists)
{
_data = GetFileBytes(fi.FullName);
if (_data == null)
{
throw new FileLoadException("The target file seem to be locked.");
}
PE = PortableExecutableImage.FromBytes(_data);
if (PE != null && PE.Is32Bit)
{
Calculator = PE.GetCalculator();
FilePath = fi.FullName;
FileInfo = fi;
BaseAddress = (long)PE.NTHeaders.OptionalHeader.ImageBase;
MajorLinkerVersion = PE.NTHeaders.OptionalHeader.MajorLinkerVersion;
CryptoPatches = new CryptoPatchContainer();
ClientVersion = -1;
IsValid = true;
CanUpdateKey2 = true;
}
}
}
private bool VerifyAllMatchedKeys(CryptoPatchContainer patches)
{
var samplePatch = CryptoPatches.Find(p => !p.Inlined);
var inlinedPatches = CryptoPatches.Where(p => p.Inlined);
foreach (var inlinedPatch in inlinedPatches)
{
if (inlinedPatch.Keys[0].Key != samplePatch.Keys[0].Key)
{
var keyVA = Calculator.OffsetToVA((ulong)inlinedPatch.Keys[0].Offset);
Log.Error($"Unmatched results. Inlined patch key1 (0x{keyVA:X8}) not equals to sample patch key1.");
return(false);
}
if (inlinedPatch.Keys[2].Key != samplePatch.Keys[2].Key)
{
var keyVA = Calculator.OffsetToVA((ulong)inlinedPatch.Keys[2].Offset);
Log.Error($"Unmatched results. Inlined patch key3 (0x{keyVA:X8}) not equals to sample patch key3.");
return(false);
}
}
var regularPatches = CryptoPatches.Where(p => !p.Inlined);
foreach (var patch in regularPatches)
{
for (int i = 0; i < CryptoPatch.KEYS_COUNT; i++)
{
if (patch.Keys[i].Key != samplePatch.Keys[i].Key)
{
var keyVA = Calculator.OffsetToVA((ulong)patch.Keys[i].Offset);
Log.Error($"Unmatched results. Regular patch key (0x{keyVA:X8}) not equals to sample patch key.");
return(false);
}
}
}
return(true);
}
