public static IntPtr TraceToFuncEnd(this SigScanner scanner, IntPtr ptr, bool early = false)
{
if (ptr == IntPtr.Zero)
{
return(ptr);
}
var tmpScanner = new SigScanner(scanner.Process, ptr, scanner.End);
var sc = new SigCollection();
if (early)
{
sc.Add("C3");
sc.Add("C3");
sc.Add(new Signature("C2 ?? 00", 3));
return(tmpScanner.ScanMinimum(sc));
}
sc.Add(new Signature("CC CC CC CC", -1));
sc.Add(new Signature("C3 CC CC CC", 0));
sc.Add(new Signature("90 90 90 90", -1));
sc.Add(new Signature("C3 90 90 90", 0));
sc.Add(new Signature("C2 90 90 90", 0));
return(tmpScanner.ScanMinimum(sc));
}
void FIND_ISGFlag()
{
_context.Name = "ISGFlag";
_subContext1.Name = "ivp_mindist_recursive function";
IntPtr tmp = _scanner.FindStringPtr("IVP Failed at %s %d");
Signature sig = new Signature($"68 ?? ?? ?? ?? 68 {tmp.GetByteString()}", 1);
sig.EvaluateMatch = (f_ptr) =>
{
IntPtr ptr2 = Game.ReadPointer(f_ptr);
if (_scanner.IsWithin(ptr2))
{
return(Game.ReadString(ptr2, 256).Contains("ivp_collision\\ivp_mindist_recursive.cxx"));
}
return(false);
};
tmp = _scanner.Scan(sig);
tmp = _scanner.BackTraceToFuncStart(tmp, Intermediate.Modify(vftable: 1));
tmp.Report(_pr, level: BlueFG);
_subContext1.Name = "Recheck_ov_element";
SigScanner scanner = new SigScanner(Game, tmp, 0x700);
SigCollection sc1 = new SigCollection(
new Signature("E? ?? ?? ?? 00", 0),
new Signature("E? ?? ?? ?? FF", 0));
SigCollection sc2 = new SigCollection(
new Signature("E8 ?? ?? ?? ?? ?? ?? ?? ?? E8", 0),
new Signature("E8 ?? ?? ?? ?? ?? ?? ?? E8", 0));
sc1.EvaluateMatch = (f_ptr) =>
{
IntPtr ptr2 = Game.ReadRelativeReference(f_ptr);
if (_scanner.IsWithin(ptr2))
{
ptr2 = _scanner.FindVFTableEntries(ptr2, true).FirstOrDefault();
if (ptr2 != IntPtr.Zero)
{
ptr2.Report(_pr, "Candidate");
ptr2 = Game.ReadPointer(ptr2 - 4);
SigScanner tmpScanner = new SigScanner(Game, ptr2, 0x20);
if (tmpScanner.Scan(sc2) != IntPtr.Zero)
{
return(true);
}
}
}
return(false);
};
tmp = Game.ReadRelativeReference(scanner.Scan(sc1));
_subContext1.Name = "";
tmp.Report(_pr, level: BlueBG);
}
void FIND_DispatchSpawn()
{
_context.Name = "DispatchSpawn";
_pr.Print("Running method 1-- finding \"Entity %s not found, and couldn\'t create!\" string ref and retracing", BlueFG);
_subContext1.Name = "1";
IntPtr ptr = _scanner.FindStringPtr("Entity %s not found, and couldn\'t create!\n");
ptr.Report(_pr, "string");
if (ptr == IntPtr.Zero)
{
goto method2;
}
Signature sig = new Signature("68" + ptr.GetByteString());
ptr = _scanner.Scan(sig);
ptr.Report(_pr, "string ref");
var tmpScanner = new SigScanner(Game, ptr, 0x100);
sig = new Signature("B? 01 E8 ?? ?? ?? ??", 2);
ptr = Game.ReadRelativeReference(_scanner.Scan(sig));
ptr.Report(_pr, level: BlueBG);
return;
method2:
_subContext1.Name = "";
_pr.Print("Running method 2 -- finding \"ai_ally_speech_manager\" string ref and retracing", level: BlueFG);
_subContext1.Name = "2";
ptr = _scanner.FindStringPtr("ai_ally_speech_manager");
ptr.Report(_pr, "string");
if (ptr == IntPtr.Zero)
{
return;
}
SigCollection sc = new SigCollection();
sc.Add(new Signature("6A FF 68" + ptr.GetByteString()));
sc.Add(new Signature("68" + ptr.GetByteString() + "6A FF"));
ptr = _scanner.Scan(sc);
ptr.Report(_pr, "string ref");
sig = new Signature("74 ?? ?? E8", 3);
tmpScanner = new SigScanner(Game, ptr, 0x40);
ptr = Game.ReadRelativeReference(tmpScanner.Scan(sig));
ptr.Report(_pr, level: BlueBG);
}
void FIND_GetButtonBits()
{
_context.Name = "GetButtonBits";
SigCollection sig = new SigCollection(
"81 CE 00 00 20 00",
"0D 00 00 20 00");
IntPtr ptr = _scanner.Scan(sig);
ptr.Report(_pr, "middle of func");
_scanner.BackTraceToFuncStart(ptr, Slow).Report(_pr, "estimated", BlueBG);
}
public static List <IntPtr> FindRelativeCalls(this SigScanner scanner, IntPtr ptr, IntPtr start, IntPtr end, int delta = 0)
{
_context.Update($"Relative Calls : 0x{ptr.ToString("X")}", ConsoleColor.Green);
StationaryPrint sp = new StationaryPrint(_pr);
char[] posArr = new char[8];
int boundary = 0;
int deltaEnd = end.SubtractI(ptr).Abs();
int deltaStart = start.SubtractI(ptr).Abs();
boundary = deltaEnd > deltaStart ? deltaEnd : deltaStart;
for (int i = 0x10000000, j = 0; i >= 1; i /= 0x10, j++)
{
posArr[_endianMapping[j]] = boundary > i ? '?' : '0';
}
string pos = new string(posArr);
string neg = pos.Replace('0', 'F');
SigCollection s = new SigCollection();
s.Add("E8 " + neg);
s.Add("E8 " + pos);
s.Add("E9 " + neg);
s.Add("E9 " + pos);
SigScanner newScanner = new SigScanner(
scanner.Process,
start,
(int)end.Subtract(start));
s.EvaluateMatch = (a) =>
{
if ((int)(Math.Abs(a.SubtractI(ptr))) < boundary &&
Math.Abs(scanner.Process.ReadRelativeReference(a).SubtractI(ptr)) <= delta)
{
sp.Print($"Match at 0x{a.ToString("X")}");
return(true);
}
return(false);
};
try { return(newScanner.ScanAll(s)); }
finally { sp.Return(); }
}
public static List <IntPtr> FindMOVReferences(this SigScanner scanner, IntPtr ptr)
{
List <IntPtr> output = new List <IntPtr>();
if (ptr == IntPtr.Zero)
{
return(output);
}
string byteStr = ptr.GetByteString();
var sc = new SigCollection();
sc.Add($"8B ?? {byteStr}");
sc.Add($"8A ?? {byteStr}");
sc.Add($"A1 {byteStr}");
sc.Add($"A2 {byteStr}");
sc.Add($"A3 {byteStr}");
sc.Add($"B8 ?? {byteStr}");
sc.Add($"B9 ?? {byteStr}");
return(scanner.ScanAll(sc));
}
void FIND_SleepUntilInput()
{
_context.Name = "SleepUntilInput";
_subContext1.Name = "CEngine::Frame";
IntPtr ptr = _scanner.FindStringPtr("fs_report_sync_opens");
ptr.Report(_pr, "string");
if (ptr == IntPtr.Zero)
{
return;
}
ptr = _scanner.Scan(new Signature("68" + ptr.GetByteString()));
ptr = _scanner.BackTraceToFuncStart(ptr, Intermediate.Modify(vftable: 1));
ptr.Report(_pr, level: BlueFG);
if (ptr == IntPtr.Zero)
{
return;
}
SigScanner tmpScanner = new SigScanner(Game, ptr, _scanner.TraceToFuncEnd(ptr));
SigCollection sc = new SigCollection(
new Signature("75 ?? ?? ?? ?? ?? ?? ?? 75", 9),
new Signature("0F 85 ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? 0F 85", 0xE));
ptr = tmpScanner.Scan(sc);
ptr.Report(_pr, "Target instructions");
if (ptr == IntPtr.Zero)
{
return;
}
tmpScanner = new SigScanner(Game, ptr, Game.ReadValue <byte>(ptr) + 1);
Signature sig = new Signature("8B 0D", 2);
ptr = tmpScanner.Scan(sig);
IntPtr inputDLLBase = Game.ReadPointer(ptr);
inputDLLBase.Report(_pr, "Input DLL base", BlueFG);
tmpScanner.Limit(ptr + 4);
sig = new Signature("FF");
sig.EvaluateMatch = (a) =>
{
for (int i = 0; i < 4; i++)
{
if (_scanner.IsWithin(Game.ReadRelativeReference(a - i)))
{
return(false);
}
}
return(true);
};
ptr = tmpScanner.Scan(sig);
ptr.Report(_pr, "Scan region end");
if (ptr == IntPtr.Zero)
{
return;
}
_subContext1.Name = "";
int[] possibleOffsets = new int[2];
possibleOffsets[0] = Game.ReadValue <byte>(ptr + 0x2);
byte[] bytes = Game.ReadBytes(tmpScanner.Start, ptr.SubtractI(tmpScanner.Start) + 2);
for (int i = bytes.Count() - 1; i >= 0; i--)
{
if (bytes[i] == 0x8B)
{
possibleOffsets[1] = bytes[i + 2];
break;
}
}
_pr.Print($"Possible offsets include 0x{possibleOffsets[0]:X} and 0x{possibleOffsets[1]:X}, testing both...", BlueFG);
ProcessModuleWow64Safe inputDLL = Game.GetModuleWow64Safe("inputsystem.dll");
SigScanner inputDLLScanner = inputDLL == null ? null : new SigScanner(Game, inputDLL.BaseAddress, inputDLL.ModuleMemorySize);
foreach (int off in possibleOffsets)
{
new DeepPointer(inputDLLBase, 0x0, off, 0x0).DerefOffsets(Game, out ptr);
_pr.Print($"Offset 0x{off:X} leads to 0x{ptr.ToString("X8")}");
if (ptr != IntPtr.Zero)
{
if (!_scanner.IsWithin(ptr))
{
if (inputDLLScanner != null)
{
if (!inputDLLScanner.IsWithin(ptr))
{
continue;
}
}
else
{
continue;
}
}
ptr.Report(_pr, "candidate", BlueBG);
break;
}
}
}
void FIND_CheckJumpButton()
{
_context.Name = "CheckJumpButton";
_pr.Print("Running method 1 -- finding \"xc_uncrouch_on_jump\" string ref and retracing", BlueFG);
_subContext1.Name = "1";
IntPtr ptr = _scanner.FindCVarBase("xc_uncrouch_on_jump");
IntPtr ptr2 = ptr;
ptr.Report(_pr, "cvar base");
if (ptr == IntPtr.Zero)
{
goto method2;
}
Signature sig = new Signature((ptr + GetIntOffset).GetByteString());
ptr = _scanner.Scan(sig);
if (ptr == IntPtr.Zero)
{
ptr = _scanner.FindMOVReferences(ptr2).FirstOrDefault();
}
ptr.Report(_pr, "string ref");
ptr = _scanner.BackTraceToFuncStart(ptr, Extreme);
ptr.Report(_pr, "estimated hl2 base", BlueBG);
_listCheckJumpButtonMatches.Add(ptr);
//-------------------
method2:
_subContext1.Name = "";
_pr.Print("Running method 2 -- finding float ref and retracing", BlueFG);
_subContext1.Name = "2";
_pr.Print("There may be more than than one match", YellowFG);
int i = 0;
StationaryPrint sp = new StationaryPrint(_pr);
Action <IntPtr, List <IntPtr> > commonCallback = (f, rl) =>
{
float d = Game.ReadValue <float>(f);
foreach (IntPtr r in rl)
{
_pr.Print($"Float {d} at 0x{f.ToString("X")} referenced at 0x{r.ToString("X")}");
IntPtr r2 = _scanner.BackTraceToFuncStart(r, Extreme);
r2.Report(_pr, $"Estimate #{++i}", BlueBG);
_listCheckJumpButtonMatches.Add(r2);
sp.Update();
}
};
SigCollection sc = new SigCollection(
"00 00 20 43",
"01 2A 86 43");
sc.EvaluateMatch = (a) =>
{
sp.Print($"Float found at 0x{a.ToString("X")}");
Signature f_sig = new Signature(a.GetByteString() + "EB");
var f_tmp = _scanner.ScanAll(f_sig);
if (f_tmp.Count != 0)
{
commonCallback(a, f_tmp);
}
return(true);
};
var tmpSig = new Signature("00 00 34 42");
tmpSig.EvaluateMatch = (a) =>
{
sp.Print($"Float found at 0x{a.ToString("X")}");
Signature f_sig = new Signature("8B ?? ?? F3 0F ?? ??" + a.GetByteString() + "8B");
var f_tmp = _scanner.ScanAll(f_sig);
if (f_tmp.Count != 0)
{
commonCallback(a, f_tmp);
}
return(true);
};
_scanner.ScanAll(sc);
_scanner.Scan(tmpSig);
sp.Return();
_listCheckJumpButtonMatches = _listCheckJumpButtonMatches.Where(x => x != IntPtr.Zero).ToList();
//-------------------
_subContext1.Name = "";
_pr.Print("Final step -- coercing remaning matches through TryPlayerMove VFTable entries", BlueFG);
_subContext1.Name = "final";
_listCheckJumpButtonMatches = _listCheckJumpButtonMatches.Distinct().ToList();
List <IntPtr> listTryPlayerMoveMatches = new List <IntPtr>();
i = 0;
foreach (IntPtr cjbPtr in _listCheckJumpButtonMatches)
{
ptr = _scanner.FindVFTableEntries(cjbPtr).FirstOrDefault();
if (ptr == IntPtr.Zero || !_scanner.IsWithin(ptr = Game.ReadPointer(ptr + 0xc)))
{
continue;
}
ptr.Report(_pr, $"TryPlayerMove ptr candidate " + ++i);
listTryPlayerMoveMatches.Add(ptr);
}
foreach (IntPtr tpmPtr in listTryPlayerMoveMatches)
{
sig = new Signature(tpmPtr.GetByteString());
var tpmMatches = _scanner.FindVFTableEntries(tpmPtr);
foreach (IntPtr tpmVFT in tpmMatches)
{
ptr = Game.ReadPointer(tpmVFT - 0xC);
if (_scanner.IsWithin(ptr) && !_listCheckJumpButtonMatches.Contains(ptr))
{
_listCheckJumpButtonMatches.Add(ptr);
ptr.Report(_pr, $"New potential CheckJumpButton match", BlueBG);
}
}
}
}
