public static List <ct_class> extract_ct(string path)
{
List <ct_class> _cts = new List <ct_class>();
if (path != null)
{
try
{
XmlDocument doc_xml = new XmlDocument();
doc_xml.Load(path);
XmlNodeList cheats = doc_xml.SelectNodes("CheatTable/CheatEntries/CheatEntry");
foreach (XmlNode item in cheats)
{
int id;
if (int.TryParse(item.SelectSingleNode("ID").InnerText, out id))
{
string desc = item.SelectSingleNode("Description").InnerText ?? $"No description - ID {id.ToString()} ";
//string color = item.SelectSingleNode("Color").InnerText ?? "FFFFFF";
string asm = item.SelectSingleNode("AssemblerScript").InnerText;
if (asm != null)
{
asm_class _asm = ExtractAsm(asm);
if (_asm != null)
{
_cts.Add(new ct_class(id, desc, _asm));
}
}
}
}
return(_cts);
}
catch (Exception)
{
MessageBox.Show("[-] Please Open A Correct CT file. \n[Must have scripts only] !");
return(null);
}
}
return(null);
}
// this func n9edr n7tajha after [VIP users]
// so better nkhaliha static + public
public static asm_class ExtractAsm(string asm)
{
try
{
asm_class tempAsm = null;
// ASM CLASS ATTRS
int AllocSize = 0;
string ModuleName = null;
IntPtr Offset = IntPtr.Zero;
IntPtr FullAddress = IntPtr.Zero;
List <byte> OriginalBytes = new List <byte>();
List <byte> FakeBytes = new List <byte>();
////////////////////////
bool isAOB = asm.Contains("aobscanmodule");
string[] asmLines = asm./*Substring(asm.IndexOf("[ENABLE]") + 1, asm.LastIndexOf("[DISABLE]") - asm.IndexOf("[ENABLE]") - 1)
* .*/Split('\n').Where(line => !line.Trim().StartsWith("//") && !string.IsNullOrEmpty(line.Trim()))
.ToArray();
// we will have to remove amy // coments from the script
// AllocSize
// either aob or normal injec
asmLines.First(line => line.Contains("alloc"))
.Replace("$", "").Replace(")", "").Split(',')
.Where(allocSize => int.TryParse(allocSize, out AllocSize));
if (isAOB)
{
byte bb;
string[] Mod_AOB = asmLines.First(line => line.Contains("aobscanmodule")).
Replace(")", "").Split(',').ToArray();
// module name ex : saad.dll
ModuleName = Mod_AOB[1];
// Getting them bytes
foreach (string b in Mod_AOB[2].Split(' '))
{
if (byte.TryParse(b, out bb))
{
OriginalBytes.Add(bb);
}
}
// either get FullAddrss or offset
foreach (string line in asm.Split('\n').
Where(l => l.Contains(ModuleName) && l.Contains("+") ||
l.Contains("ORIGINAL CODE - INJECTION POINT")).ToArray()
)
{
//Try and get offset of our module (inj pt)
if (line.Contains('+'))
{
Offset = new IntPtr(Convert.ToInt32(line.Split('+')[1].Trim().Replace("\n", ""), 16));
}
// if fail try to get the fullAddress yla kant
else
{
FullAddress = new IntPtr(Convert.ToInt32(line.Split(':')[1].Trim().Replace("\n", ""), 16));
}
// ba9i getting Fake butes
}
}
else
{
}
return(tempAsm);
}
catch (Exception)
{
return(null);
}
}
public ct_class(int iD, string description, asm_class assemblyScript)
{
ID = iD;
Description = description;
AssemblyScript = assemblyScript;
}