byte[] eval_mem(UInt64 ptr, uint len)
{
// Prepare CMD_MEMORY
Puppet.PACKET_CMD_MEMORY pktMem = new Puppet.PACKET_CMD_MEMORY(0);
pktMem.len = len;
// Send packets
this.Send(Puppet.Util.Serialize(pktMem));
this.Send(Puppet.Util.Serialize(new Puppet.PACKET_INTEGER(ptr)));
// Expent ACK
Puppet.PACKET_ACK pktAck;
pktAck = Puppet.Util.Deserialize <Puppet.PACKET_ACK>(this.Expect(Puppet.PACKET_TYPE.ACK));
if (pktAck.status == 0)
{
throw new ArgumentException(Program.GetResourceString("Threads.Client.MemoryReadError"));
}
if (pktAck.status < len)
{
Logger.W(Program.GetResourceString("Threads.Client.MemoryReadWarning", len, pktAck.status));
}
// Expect blob
return(Puppet.Util.DeserializeBinary(this.Expect(Puppet.PACKET_TYPE.BINARY)));
}
byte[] eval_readString(UInt64 ptr, int charSize, int maxSize = 256)
{
List <byte> strBuffer = new List <byte>();
// Prepare CMD_MEMORY
Puppet.PACKET_CMD_MEMORY pktMem = new Puppet.PACKET_CMD_MEMORY(0);
pktMem.len = (UInt32)charSize;
UInt64 ptrCurrent = ptr;
while (true)
{
// Send packets
this.Send(Puppet.Util.Serialize(pktMem));
this.Send(Puppet.Util.Serialize(new Puppet.PACKET_INTEGER(ptrCurrent)));
// Expent ACK
Puppet.PACKET_ACK pktAck;
pktAck = Puppet.Util.Deserialize <Puppet.PACKET_ACK>(this.Expect(Puppet.PACKET_TYPE.ACK));
if (pktAck.status == 0 || pktAck.status < (UInt32)charSize)
{
// Do not allow MemoryReadWarning
if (pktAck.status != 0)
{
this.Expect(Puppet.PACKET_TYPE.BINARY); // Dispose BINARY packet
}
Logger.W(Program.GetResourceString("Threads.Client.StringReadWarning"));
break;
}
// Expect blob
byte[] blob = Puppet.Util.DeserializeBinary(this.Expect(Puppet.PACKET_TYPE.BINARY));
if (Array.TrueForAll(blob, x => x == 0))
{
// Discard & end reading if got zero terminator (C-style string)
break;
}
else if (strBuffer.Count / charSize >= maxSize)
{
Logger.W(Program.GetResourceString("Threads.Client.StringTooLongWarning"));
break;
}
strBuffer.AddRange(blob);
ptrCurrent += (UInt64)charSize;
}
return(strBuffer.ToArray());
}
UInt64 eval_poi(UInt64 ptr)
{
HookEntry entry = hooks.Where(x => x.oep == hookOep).First();
int wordsize = this.bits / 8;
// Prepare CMD_MEMORY
Puppet.PACKET_CMD_MEMORY pktMem = new Puppet.PACKET_CMD_MEMORY(0);
pktMem.len = (UInt32)wordsize;
// Send packets
this.Send(Puppet.Util.Serialize(pktMem));
this.Send(Puppet.Util.Serialize(new Puppet.PACKET_INTEGER(ptr)));
// Expent ACK
Puppet.PACKET_ACK pktAck;
pktAck = Puppet.Util.Deserialize <Puppet.PACKET_ACK>(this.Expect(Puppet.PACKET_TYPE.ACK));
if (pktAck.status == 0 || pktAck.status < (UInt32)wordsize)
{
// Do not allow MemoryReadWarning
if (pktAck.status != 0)
{
this.Expect(Puppet.PACKET_TYPE.BINARY); // Dispose BINARY packet
}
throw new ArgumentException(Program.GetResourceString("Threads.Client.MemoryReadError"));
}
// Expect blob
byte[] blob = Puppet.Util.DeserializeBinary(this.Expect(Puppet.PACKET_TYPE.BINARY));
if (this.bits == 64)
{
return(BitConverter.ToUInt64(blob, 0));
}
else
{
return(BitConverter.ToUInt32(blob, 0));
}
}
