private static uint GetStatic_LevelArea(byte[] data, SymbolMap symbols)
{
const string key = "LevelArea";
var match = symbols.BestMatch(key);
if (match != 0)
{
return(match);
}
if (Engine.Current == null)
{
return(0);
}
try
{
var pe = new PEHeaderReader(data);
var rdata = pe.ImageSectionHeaders.FirstOrDefault(h => h.Section.TrimEnd('\0') == ".rdata");
var text = pe.ImageSectionHeaders.FirstOrDefault(h => h.Section.TrimEnd('\0') == ".text");
uint offset = rdata.VirtualAddress - rdata.PointerToRawData + pe.OptionalHeader32.ImageBase;
var pName = (uint)(offset + new BinaryPattern(Encoding.ASCII.GetBytes("UIMinimapToggle")).NextMatch(data, (int)rdata.PointerToRawData, (int)rdata.SizeOfRawData));
var pMethod = BitConverter.ToUInt32(data, BinaryPattern.Parse(
$"68{pName.ToPattern()}" +
"A3........" +
"C705................" +
"C705................" +
"E8........" +
"68........" +
"A3........" +
"C705........|........|").NextMatch(data, (int)text.PointerToRawData, (int)text.SizeOfRawData) + 51);
if (Engine.Current.Memory.Reader.Read <byte>(pMethod + 0x00) == 0x8B &&
Engine.Current.Memory.Reader.Read <byte>(pMethod + 0x01) == 0x0D)
{
var address = Engine.Current.Memory.Reader.Read <uint>(pMethod + 0x02);
symbols.Override(key, address);
return(address);
}
}
catch { }
return(0);
}
private static uint GetStatic_LevelArea(byte[] data, SymbolMap symbols)
{
const string key = "LevelArea";
var match = symbols.BestMatch(key);
if (match != 0)
{
return(match);
}
if (Engine.Current == null)
{
return(0);
}
try
{
// TODO: Calculate offset from PE info.
const uint offset = 0x801600;
// TODO: Search in .rdata segment only.
var pName = (uint)(offset + new BinaryPattern(Encoding.ASCII.GetBytes("UIMinimapToggle")).NextMatch(data, 0));
// TODO: Search in .text segment only
var pMethod = BitConverter.ToUInt32(data, BinaryPattern.Parse(
$"68{pName.ToPattern()}" +
"A3........" +
"C705................" +
"C705................" +
"E8........" +
"68........" +
"A3........" +
"C705........|........|").NextMatch(data, 0) + 51);
if (Engine.Current.Memory.Reader.Read <byte>(pMethod + 0x00) == 0x8B &&
Engine.Current.Memory.Reader.Read <byte>(pMethod + 0x01) == 0x0D)
{
var address = Engine.Current.Memory.Reader.Read <uint>(pMethod + 0x02);
symbols.Override(key, address);
return(address);
}
}
catch { }
return(0);
}