public static string IDAPythonFormat() { string Python = ""; foreach (KeyValuePair <string, int> Entry in Dumper.Functions.OrderBy(Key => Key.Key)) { Python += string.Format("MakeName(0x{0:X8}, \"{1}\"); ", Entry.Value, Entry.Key); } Console2.Info("Formatter.IDAPythonFormat", "Constructed string."); return(Python); }
public static string BasicFormat() { string Basic = ""; foreach (KeyValuePair <string, int> Entry in Dumper.Functions.OrderBy(Key => Key.Key)) { Basic += string.Format("lua_{0} : 0x{1:X8} : {2}\n", Entry.Key, util.raslr(Entry.Value), Dumper.CallingConventions[Entry.Key]); } Console2.Info("Formatter.BasicFormat", "Constructed string."); return(Basic); }
public static string HeaderFormat() { string Namespace = @"typedef unsigned long ulong; namespace RLua { "; Namespace += @" // Offsets need manual updating. const ulong ThreadIdentityOffset1 = 1234; // Pseudocode sandboxthread look for "" * (_QWORD*)(v4 + OFFSET) = *(_OWORD*)a2; "" const ulong ThreadIdentityOffset2 = 5678; // Pseudocode sandboxthread look for ""v4 = *(_DWORD*)(a1 + OFFSET""); static ulong TNIL = 0; static ulong TBOOLEAN = 0; static ulong TLIGHTUSERDATA = 0; static ulong TNUMBER = 0; static ulong TSTRING = 0; static ulong TTABLE = 0; static ulong TFUNCTION = 0; static ulong TUSERDATA = 0; static ulong TTHREAD = 0; "; foreach (KeyValuePair <string, int> Entry in Dumper.Functions.OrderBy(Key => Key.Key)) { Assets.Args Arguments = Assets.FuncArguments[Entry.Key]; Namespace += ($" const ulong {Entry.Key}Addr = {string.Format("ASLR(0x{0:X8})", util.raslr(Entry.Value))};\n"); // Why didnt I use /t? Because formatting in the console is retarded. Namespace += ($" typedef {Arguments.Returned}({Dumper.CallingConventions[Entry.Key]}* {Entry.Key}Cast)({Arguments.Passed});\n"); Namespace += ($" static {Entry.Key}Cast {Entry.Key} = reinterpret_cast<{Entry.Key}Cast>(unprotect({Entry.Key}Addr));\n\n"); } Console2.Info("Formatter.HeaderFormat", "Added function definitions."); foreach (KeyValuePair <string, string> Entry in Assets.Macros.OrderBy(Key => Key.Key)) { Namespace += ($" static {Entry.Key}\n {'{'}\n {Entry.Value}\n {'}'}\n\n"); } Console2.Info("Formatter.HeaderFormat", "Added macro definitions."); Namespace = Namespace.Substring(0, Namespace.Length - 1) + "}\n"; Console2.Info("Formatter.HeaderFormat", "Constructed string."); return(Namespace); }
public static void DumpAddresses() { int TostringRefLocation = scanner.scan_xrefs("tostring")[0]; int GetTopAddr = util.prevCall(util.prevCall(TostringRefLocation, true)); Functions.Add("gettop", GetTopAddr); CallingConventions.Add("gettop", util.convs[util.getConvention(GetTopAddr)]); Console2.Info("Dumper.DumpAddresses", "Added gettop."); int GetFieldAddr = util.nextCall(TostringRefLocation); // This will get added when scanning lol int Index2AdrAddr = util.nextCall(GetFieldAddr); Functions.Add("index2adr", Index2AdrAddr); CallingConventions.Add("index2adr", util.convs[util.getConvention(Index2AdrAddr)]); Console2.Info("Dumper.DumpAddresses", "Added index2adr."); int RetcheckAddr = util.prevCall(util.getEpilogue(GetFieldAddr)); Functions.Add("retcheck", RetcheckAddr); CallingConventions.Add("retcheck", util.convs[util.getConvention(RetcheckAddr)]); Console2.Info("Dumper.DumpAddresses", "Added retcheck."); Console2.Info("Dumper.DumpAddresses", "Scanning index2adr cross references..."); List <int> Index2AdrAddrs = scanner.scan_xrefs(Index2AdrAddr); for (int Idx = 1; Idx < Assets.Index2AdrXRs.Count; Idx++) { string Name = Assets.Index2AdrXRs[Idx]; if (!Functions.ContainsKey(Name)) { int Prologue = util.getPrologue(Index2AdrAddrs[Idx - 1]); Functions.Add(Assets.Index2AdrXRs[Idx], Prologue); CallingConventions.Add(Assets.Index2AdrXRs[Idx], util.convs[util.getConvention(Prologue)]); Console2.Info("Dumper.DumpAddresses", $"Added {Name}."); } } Console2.Info("Dumper.DumpAddresses", "Scanning retcheck cross references..."); List <int> RetcheckAddrs = scanner.scan_xrefs(RetcheckAddr); for (int Idx = 1; Idx < Assets.RetcheckXRs.Count; Idx++) { string Name = Assets.RetcheckXRs[Idx]; //Console.WriteLine("rtc: " + Name); if (!Functions.ContainsKey(Name)) { int Prologue = util.getPrologue(RetcheckAddrs[Idx - 1]); Functions.Add(Assets.RetcheckXRs[Idx], Prologue); CallingConventions.Add(Assets.RetcheckXRs[Idx], util.convs[util.getConvention(Prologue)]); Console2.Info("Dumper.DumpAddresses", $"Added {Name}."); } } int DeserializeAddr = util.getPrologue(scanner.scan_xrefs(": bytecode version mismatch")[0]); Functions.Add("deserialize", DeserializeAddr); CallingConventions.Add("deserialize", util.convs[util.getConvention(DeserializeAddr)]); Console2.Info("Dumper.DumpAddresses", "Added deserialize."); int PrintAddr = util.nextCall(scanner.scan_xrefs("Video recording started")[0]); Functions.Add("print", PrintAddr); CallingConventions.Add("print", util.convs[util.getConvention(PrintAddr)]); Console2.Info("Dumper.DumpAddresses", "Added print."); int SandboxThreadAddr = util.getPrologue(scanner.scan_xrefs("__index")[2]); Functions.Add("sandboxthread", SandboxThreadAddr); CallingConventions.Add("sandboxthread", util.convs[util.getConvention(SandboxThreadAddr)]); Console2.Info("Dumper.DumpAddresses", "Added sandboxthread."); }