static void Main(string[] args)
{
config = File.Exists("config.json") ? new JavaScriptSerializer().Deserialize <Config>(File.ReadAllText("config.json")) : new Config();
var ofd = new OpenFileDialog();
ofd.Filter = "ELF file or Mach-O file|*.*";
if (ofd.ShowDialog() == DialogResult.OK)
{
var il2cppfile = File.ReadAllBytes(ofd.FileName);
ofd.Filter = "global-metadata|global-metadata.dat";
if (ofd.ShowDialog() == DialogResult.OK)
{
try
{
Console.WriteLine("Initializing metadata...");
metadata = new Metadata(new MemoryStream(File.ReadAllBytes(ofd.FileName)));
Console.Clear();
//判断il2cpp的magic
var il2cppMagic = BitConverter.ToUInt32(il2cppfile, 0);
var isElf = false;
var is64bit = false;
switch (il2cppMagic)
{
default:
throw new Exception("ERROR: il2cpp file not supported.");
case 0x464c457f: //ELF
isElf = true;
if (il2cppfile[4] == 2)
{
goto case 0xFEEDFACF; //ELF64
}
goto case 0xFEEDFACE;
case 0xCAFEBABE: //FAT header
case 0xBEBAFECA:
var machofat = new MachoFat(new MemoryStream(il2cppfile));
Console.Write("Select Platform: ");
for (var i = 0; i < machofat.fats.Length; i++)
{
var fat = machofat.fats[i];
Console.Write(fat.magic == 0xFEEDFACF ? $"{i + 1}.64bit " : $"{i + 1}.32bit ");
}
Console.WriteLine();
var key = Console.ReadKey(true);
var index = int.Parse(key.KeyChar.ToString()) - 1;
var magic = machofat.fats[index % 2].magic;
il2cppfile = machofat.GetMacho(index);
if (magic == 0xFEEDFACF) // 64-bit mach object file
{
goto case 0xFEEDFACF;
}
else
{
goto case 0xFEEDFACE;
}
case 0xFEEDFACF: // 64-bit mach object file
is64bit = true;
goto case 0xFEEDFACE;
case 0xFEEDFACE: // 32-bit mach object file
Console.Write("Select Mode: 1.Manual 2.Auto 3.Auto(Advanced) 4.Auto(Plus)");
if (isElf)
{
Console.Write(" 5.Auto(Symbol)");
}
Console.WriteLine();
key = Console.ReadKey(true);
var version = config.ForceIl2CppVersion ? config.ForceVersion : metadata.version;
Console.WriteLine("Initializing il2cpp file...");
if (isElf)
{
if (is64bit)
{
il2cpp = new Elf64(new MemoryStream(il2cppfile), version, metadata.maxMetadataUsages);
}
else
{
il2cpp = new Elf(new MemoryStream(il2cppfile), version, metadata.maxMetadataUsages);
}
}
else if (is64bit)
{
il2cpp = new Macho64(new MemoryStream(il2cppfile), version, metadata.maxMetadataUsages);
}
else
{
il2cpp = new Macho(new MemoryStream(il2cppfile), version, metadata.maxMetadataUsages);
}
switch (key.KeyChar)
{
case '2':
case '3':
case '4':
case '5':
try
{
if (key.KeyChar == '5')
{
dynamic elf = il2cpp;
if (!elf.DetectedSymbol())
{
throw new Exception();
}
break;
}
Console.WriteLine("Searching...");
if (key.KeyChar == '2' ?
!il2cpp.Search() :
key.KeyChar == '3' ?
!il2cpp.AdvancedSearch(metadata.methodDefs.Count(x => x.methodIndex >= 0)) :
!il2cpp.PlusSearch(metadata.methodDefs.Count(x => x.methodIndex >= 0), metadata.typeDefs.Length))
{
throw new Exception();
}
}
catch (Exception e)
{
Console.WriteLine($"{e.Message}\r\n{e.StackTrace}\r\n");
throw new Exception("ERROR: Can't use this mode to process file, try another mode.");
}
break;
case '1':
{
Console.Write("Input CodeRegistration: ");
var codeRegistration = Convert.ToUInt64(Console.ReadLine(), 16);
Console.Write("Input MetadataRegistration: ");
var metadataRegistration = Convert.ToUInt64(Console.ReadLine(), 16);
if (is64bit)
{
il2cpp.Init64(codeRegistration, metadataRegistration);
}
else
{
il2cpp.Init(codeRegistration, metadataRegistration);
}
break;
}
default:
return;
}
var writer = new StreamWriter(new FileStream("dump.cs", FileMode.Create), new UTF8Encoding(false));
Console.WriteLine("Dumping...");
//Script
var scriptwriter = new StreamWriter(new FileStream("script.py", FileMode.Create), new UTF8Encoding(false));
scriptwriter.WriteLine(Resource1.ida);
//dump image;
for (var imageIndex = 0; imageIndex < metadata.uiImageCount; imageIndex++)
{
var imageDef = metadata.imageDefs[imageIndex];
writer.Write($"// Image {imageIndex}: {metadata.GetStringFromIndex(imageDef.nameIndex)} - {imageDef.typeStart}\n");
}
//dump type;
for (var idx = 0; idx < metadata.uiNumTypes; ++idx)
{
try
{
var typeDef = metadata.typeDefs[idx];
var isStruct = false;
var isEnum = false;
var extends = new List <string>();
if (typeDef.parentIndex >= 0)
{
var parent = il2cpp.types[typeDef.parentIndex];
var parentName = GetTypeName(parent);
if (parentName == "ValueType")
{
isStruct = true;
}
else if (parentName == "Enum")
{
isEnum = true;
}
else if (parentName != "object")
{
extends.Add(parentName);
}
}
//implementedInterfaces
if (typeDef.interfaces_count > 0)
{
for (int i = 0; i < typeDef.interfaces_count; i++)
{
var @interface = il2cpp.types[metadata.interfaceIndices[typeDef.interfacesStart + i]];
extends.Add(GetTypeName(@interface));
}
}
writer.Write($"\n// Namespace: {metadata.GetStringFromIndex(typeDef.namespaceIndex)}\n");
writer.Write(GetCustomAttribute(typeDef.customAttributeIndex));
if (config.DumpAttribute && (typeDef.flags & TYPE_ATTRIBUTE_SERIALIZABLE) != 0)
{
writer.Write("[Serializable]\n");
}
var visibility = typeDef.flags & TYPE_ATTRIBUTE_VISIBILITY_MASK;
switch (visibility)
{
case TYPE_ATTRIBUTE_PUBLIC:
case TYPE_ATTRIBUTE_NESTED_PUBLIC:
writer.Write("public ");
break;
case TYPE_ATTRIBUTE_NOT_PUBLIC:
case TYPE_ATTRIBUTE_NESTED_FAM_AND_ASSEM:
case TYPE_ATTRIBUTE_NESTED_ASSEMBLY:
writer.Write("internal ");
break;
case TYPE_ATTRIBUTE_NESTED_PRIVATE:
writer.Write("private ");
break;
case TYPE_ATTRIBUTE_NESTED_FAMILY:
writer.Write("protected ");
break;
case TYPE_ATTRIBUTE_NESTED_FAM_OR_ASSEM:
writer.Write("protected internal ");
break;
}
if ((typeDef.flags & TYPE_ATTRIBUTE_ABSTRACT) != 0 && (typeDef.flags & TYPE_ATTRIBUTE_SEALED) != 0)
{
writer.Write("static ");
}
else if ((typeDef.flags & TYPE_ATTRIBUTE_INTERFACE) == 0 && (typeDef.flags & TYPE_ATTRIBUTE_ABSTRACT) != 0)
{
writer.Write("abstract ");
}
else if (!isStruct && !isEnum && (typeDef.flags & TYPE_ATTRIBUTE_SEALED) != 0)
{
writer.Write("sealed ");
}
if ((typeDef.flags & TYPE_ATTRIBUTE_INTERFACE) != 0)
{
writer.Write("interface ");
}
else if (isStruct)
{
writer.Write("struct ");
}
else if (isEnum)
{
writer.Write("enum ");
}
else
{
writer.Write("class ");
}
writer.Write($"{metadata.GetStringFromIndex(typeDef.nameIndex)}");
if (extends.Count > 0)
{
writer.Write($" : {string.Join(", ", extends)}");
}
writer.Write($" // TypeDefIndex: {idx}\n{{\n");
//dump field
if (config.DumpField && typeDef.field_count > 0)
{
writer.Write("\t// Fields\n");
var fieldEnd = typeDef.fieldStart + typeDef.field_count;
for (var i = typeDef.fieldStart; i < fieldEnd; ++i)
{
//dump_field(i, idx, i - typeDef.fieldStart);
var fieldDef = metadata.fieldDefs[i];
var fieldType = il2cpp.types[fieldDef.typeIndex];
var fieldDefault = metadata.GetFieldDefaultValueFromIndex(i);
writer.Write(GetCustomAttribute(fieldDef.customAttributeIndex, "\t"));
writer.Write("\t");
var access = fieldType.attrs & FIELD_ATTRIBUTE_FIELD_ACCESS_MASK;
switch (access)
{
case FIELD_ATTRIBUTE_PRIVATE:
writer.Write("private ");
break;
case FIELD_ATTRIBUTE_PUBLIC:
writer.Write("public ");
break;
case FIELD_ATTRIBUTE_FAMILY:
writer.Write("protected ");
break;
case FIELD_ATTRIBUTE_ASSEMBLY:
case FIELD_ATTRIBUTE_FAM_AND_ASSEM:
writer.Write("internal ");
break;
case FIELD_ATTRIBUTE_FAM_OR_ASSEM:
writer.Write("protected internal ");
break;
}
if ((fieldType.attrs & FIELD_ATTRIBUTE_LITERAL) != 0)
{
writer.Write("const ");
}
else
{
if ((fieldType.attrs & FIELD_ATTRIBUTE_STATIC) != 0)
{
writer.Write("static ");
}
if ((fieldType.attrs & FIELD_ATTRIBUTE_INIT_ONLY) != 0)
{
writer.Write("readonly ");
}
}
writer.Write($"{GetTypeName(fieldType)} {metadata.GetStringFromIndex(fieldDef.nameIndex)}");
if (fieldDefault != null && fieldDefault.dataIndex != -1)
{
var pointer = metadata.GetDefaultValueFromIndex(fieldDefault.dataIndex);
if (pointer > 0)
{
var pTypeToUse = il2cpp.types[fieldDefault.typeIndex];
metadata.Position = pointer;
object multi = null;
switch (pTypeToUse.type)
{
case Il2CppTypeEnum.IL2CPP_TYPE_BOOLEAN:
multi = metadata.ReadBoolean();
break;
case Il2CppTypeEnum.IL2CPP_TYPE_U1:
multi = metadata.ReadByte();
break;
case Il2CppTypeEnum.IL2CPP_TYPE_I1:
multi = metadata.ReadSByte();
break;
case Il2CppTypeEnum.IL2CPP_TYPE_CHAR:
multi = BitConverter.ToChar(metadata.ReadBytes(2), 0);
break;
case Il2CppTypeEnum.IL2CPP_TYPE_U2:
multi = metadata.ReadUInt16();
break;
case Il2CppTypeEnum.IL2CPP_TYPE_I2:
multi = metadata.ReadInt16();
break;
case Il2CppTypeEnum.IL2CPP_TYPE_U4:
multi = metadata.ReadUInt32();
break;
case Il2CppTypeEnum.IL2CPP_TYPE_I4:
multi = metadata.ReadInt32();
break;
case Il2CppTypeEnum.IL2CPP_TYPE_U8:
multi = metadata.ReadUInt64();
break;
case Il2CppTypeEnum.IL2CPP_TYPE_I8:
multi = metadata.ReadInt64();
break;
case Il2CppTypeEnum.IL2CPP_TYPE_R4:
multi = metadata.ReadSingle();
break;
case Il2CppTypeEnum.IL2CPP_TYPE_R8:
multi = metadata.ReadDouble();
break;
case Il2CppTypeEnum.IL2CPP_TYPE_STRING:
var uiLen = metadata.ReadInt32();
multi = Encoding.UTF8.GetString(metadata.ReadBytes(uiLen));
break;
}
if (multi is string str)
{
writer.Write($" = \"{ToEscapedString(str)}\"");
}
else if (multi is char c)
{
var v = (int)c;
writer.Write($" = '\\x{v:x}'");
}
else if (multi != null)
{
writer.Write($" = {multi}");
}
}
}
if (config.DumpFieldOffset)
{
writer.Write("; // 0x{0:X}\n", il2cpp.GetFieldOffsetFromIndex(idx, i - typeDef.fieldStart, i));
}
else
{
writer.Write(";\n");
}
}
writer.Write("\n");
}
//dump property
if (config.DumpProperty && typeDef.property_count > 0)
{
writer.Write("\t// Properties\n");
var propertyEnd = typeDef.propertyStart + typeDef.property_count;
for (var i = typeDef.propertyStart; i < propertyEnd; ++i)
{
var propertyDef = metadata.propertyDefs[i];
writer.Write(GetCustomAttribute(propertyDef.customAttributeIndex, "\t"));
writer.Write("\t");
if (propertyDef.get >= 0)
{
var methodDef = metadata.methodDefs[typeDef.methodStart + propertyDef.get];
writer.Write(GetModifiers(methodDef));
var propertyType = il2cpp.types[methodDef.returnType];
writer.Write($"{GetTypeName(propertyType)} {metadata.GetStringFromIndex(propertyDef.nameIndex)} {{ ");
}
else if (propertyDef.set > 0)
{
var methodDef = metadata.methodDefs[typeDef.methodStart + propertyDef.set];
writer.Write(GetModifiers(methodDef));
var parameterDef = metadata.parameterDefs[methodDef.parameterStart];
var propertyType = il2cpp.types[parameterDef.typeIndex];
writer.Write($"{GetTypeName(propertyType)} {metadata.GetStringFromIndex(propertyDef.nameIndex)} {{ ");
}
if (propertyDef.get >= 0)
{
writer.Write("get; ");
}
if (propertyDef.set >= 0)
{
writer.Write("set; ");
}
writer.Write("}");
writer.Write("\n");
}
writer.Write("\n");
}
//dump method
if (config.DumpMethod && typeDef.method_count > 0)
{
writer.Write("\t// Methods\n");
var methodEnd = typeDef.methodStart + typeDef.method_count;
for (var i = typeDef.methodStart; i < methodEnd; ++i)
{
var methodDef = metadata.methodDefs[i];
writer.Write(GetCustomAttribute(methodDef.customAttributeIndex, "\t"));
writer.Write("\t");
writer.Write(GetModifiers(methodDef));
var methodReturnType = il2cpp.types[methodDef.returnType];
writer.Write($"{GetTypeName(methodReturnType)} {metadata.GetStringFromIndex(methodDef.nameIndex)}(");
var parameterStrs = new List <string>();
for (var j = 0; j < methodDef.parameterCount; ++j)
{
var parameterStr = "";
var parameterDef = metadata.parameterDefs[methodDef.parameterStart + j];
var parameterName = metadata.GetStringFromIndex(parameterDef.nameIndex);
var parameterType = il2cpp.types[parameterDef.typeIndex];
var parameterTypeName = GetTypeName(parameterType);
if ((parameterType.attrs & PARAM_ATTRIBUTE_OPTIONAL) != 0)
{
parameterStr += "optional ";
}
if ((parameterType.attrs & PARAM_ATTRIBUTE_OUT) != 0)
{
parameterStr += "out ";
}
parameterStr += $"{parameterTypeName} {parameterName}";
parameterStrs.Add(parameterStr);
}
writer.Write(string.Join(", ", parameterStrs));
if (methodDef.methodIndex >= 0)
{
writer.Write("); // 0x{0:X}\n", il2cpp.methodPointers[methodDef.methodIndex]);
//Script - method
var name = ToEscapedString(metadata.GetStringFromIndex(typeDef.nameIndex) + "$$" + metadata.GetStringFromIndex(methodDef.nameIndex));
scriptwriter.WriteLine($"SetMethod(0x{il2cpp.methodPointers[methodDef.methodIndex]:X}, '{name}')");
//
}
else
{
writer.Write("); // 0\n");
}
}
}
writer.Write("}\n");
}
catch (Exception e)
{
Console.WriteLine("ERROR: Some errors in dumping");
writer.Write("/*");
writer.Write($"{e.Message}\n{e.StackTrace}\n");
writer.Write("*/\n}\n");
}
}
//Script - stringLiteral
scriptwriter.WriteLine("print('Make method name done')");
scriptwriter.WriteLine("print('Setting String...')");
if (il2cpp.version > 16)
{
foreach (var i in metadata.stringLiteralsdic)
{
scriptwriter.WriteLine($"SetString(0x{il2cpp.metadataUsages[i.Key]:X}, r'{ToEscapedString(i.Value)}')");
}
}
scriptwriter.WriteLine("print('Set string done')");
//Script - MakeFunction
var orderedPointers = il2cpp.methodPointers.ToList();
orderedPointers.AddRange(il2cpp.genericMethodPointers.Where(x => x > 0));
orderedPointers.AddRange(il2cpp.invokerPointers);
orderedPointers.AddRange(il2cpp.customAttributeGenerators);
orderedPointers = orderedPointers.OrderBy(x => x).ToList();
scriptwriter.WriteLine("print('Making function...')");
for (int i = 0; i < orderedPointers.Count - 1; i++)
{
scriptwriter.WriteLine($"MakeFunction(0x{orderedPointers[i]:X}, 0x{orderedPointers[i + 1]:X})");
}
scriptwriter.WriteLine("print('Make function done, please wait for IDA to complete the analysis')");
scriptwriter.WriteLine("print('Script finish !')");
//writer close
writer.Close();
scriptwriter.Close();
Console.WriteLine("Done !");
//DummyDll
if (config.DummyDll)
{
Console.WriteLine("Create DummyDll...");
if (Directory.Exists("DummyDll"))
{
Directory.Delete("DummyDll", true);
}
Directory.CreateDirectory("DummyDll");
Directory.SetCurrentDirectory("DummyDll");
File.WriteAllBytes("Il2CppDummyDll.dll", Resource1.Il2CppDummyDll);
var dummy = new DummyAssemblyCreator(metadata, il2cpp);
foreach (var assembly in dummy.Assemblies)
{
var stream = new MemoryStream();
assembly.Write(stream);
File.WriteAllBytes(assembly.MainModule.Name, stream.ToArray());
}
Console.WriteLine("Done !");
}
break;
}
}
catch (Exception e)
{
Console.WriteLine($"{e.Message}\r\n{e.StackTrace}");
}
Console.WriteLine("Press any key to exit...");
Console.ReadKey(true);
}
}
}
private static bool Init(byte[] il2cppBytes, byte[] metadataBytes, string stringVersion, int mode, out Metadata metadata, out Il2Cpp il2Cpp, string[] args)
{
var sanity = BitConverter.ToUInt32(metadataBytes, 0);
if (sanity != 0xFAB11BAF)
{
throw new Exception("ERROR: Metadata file supplied is not valid metadata file.");
}
float fixedMetadataVersion;
var metadataVersion = BitConverter.ToInt32(metadataBytes, 4);
if (metadataVersion == 24)
{
if (stringVersion == null)
{
Console.WriteLine("Input Unity version: ");
stringVersion = Console.ReadLine();
}
try
{
var versionSplit = Array.ConvertAll(Regex.Replace(stringVersion, @"\D", ".").Split(new[] { "." }, StringSplitOptions.RemoveEmptyEntries), int.Parse);
var unityVersion = new Version(versionSplit[0], versionSplit[1]);
if (unityVersion >= Unity20191)
{
fixedMetadataVersion = 24.2f;
}
else if (unityVersion >= Unity20183)
{
fixedMetadataVersion = 24.1f;
}
else
{
fixedMetadataVersion = metadataVersion;
}
}
catch
{
throw new Exception("You must enter the correct Unity version number");
}
}
else
{
fixedMetadataVersion = metadataVersion;
}
Console.WriteLine("Initializing metadata...");
#if DEBUG_0
int sw = 0;
#elif DEBUG_1
int sw = 1;
#elif DEBUG_2
int sw = 2;
#elif DEBUG_3
int sw = 3;
#endif
switch (sw)
{
case 1:
metadata = new Metadata(new MemoryStream(metadataBytes), fixedMetadataVersion, "lobbylist.php?format=json-signed-unix&version=2&minimal=1", "serverlist/lobbylist.php?format=json-signed-unix&version=2&minimal=1" /*"serverlist?format=json-signed-unix&version=2&minimal=1"/*"serverlist/lobbylist.php"/*"serverlist?format=json-signed-unix&version=2&minimal=1"*/, "global-metadata2.dat");
break;
case 2:
metadata = new Metadata(new MemoryStream(metadataBytes), fixedMetadataVersion,
"https://api.scpslgame.com/",
"https://api.southwoodstudios.com/",
"global-metadata3.dat");
break;
case 3:
metadata = new Metadata(new MemoryStream(metadataBytes), fixedMetadataVersion,
"-----BEGIN PUBLIC KEY-----\r\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAmxZRMP03JfPEP/qt7n34Ryi74CDe\r\nRZy4er5dQynKaQ3vl1F4VRsSGN+jBrZPcX3GB2u0OTXNUA8hcIDRhVb+GgYAcDmY\r\n+7utHYAZBK3APSxGn46p1+IAChsgl9r93bQz7AJVxxWHYKEA78jMVz6qKHlqKc6a\r\nkUswVSYosQGvw/Agzb0=\r\n-----END PUBLIC KEY-----",
"-----BEGIN PUBLIC KEY-----\r\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEqCycYK8K5jJlNoQPqIpADxUrWwTR\r\nudWDIbw/VSJzKb7NMeeQfKsvq1Wd8A+7bzx21pVGS3UYrgJfC3bS5rtsMA==\r\n-----END PUBLIC KEY-----",
"global-metadata4.dat");
break;
default:
metadata = new Metadata(new MemoryStream(metadataBytes), fixedMetadataVersion, ".scpslgame.com/", ".southwoodstudios.com/", "global-metadata.dat");
//metadata = new Metadata(new MemoryStream(metadataBytes), fixedMetadataVersion, "https://test.scpslgame.com/", "https://test.scpslgame.com/", "global-metadata.dat");
break;
}
//判断il2cpp的magic
var il2cppMagic = BitConverter.ToUInt32(il2cppBytes, 0);
var isElf = false;
var isPE = false;
var is64bit = false;
var isNSO = false;
switch (il2cppMagic)
{
default:
throw new Exception("ERROR: il2cpp file not supported.");
case 0x304F534E:
isNSO = true;
is64bit = true;
break;
case 0x905A4D: //PE
isPE = true;
break;
case 0x464c457f: //ELF
isElf = true;
if (il2cppBytes[4] == 2) //ELF64
{
is64bit = true;
}
break;
case 0xCAFEBABE: //FAT Mach-O
case 0xBEBAFECA:
var machofat = new MachoFat(new MemoryStream(il2cppBytes));
Console.Write("Select Platform: ");
for (var i = 0; i < machofat.fats.Length; i++)
{
var fat = machofat.fats[i];
Console.Write(fat.magic == 0xFEEDFACF ? $"{i + 1}.64bit " : $"{i + 1}.32bit ");
}
Console.WriteLine();
var key = Console.ReadKey(true);
var index = int.Parse(key.KeyChar.ToString()) - 1;
var magic = machofat.fats[index % 2].magic;
il2cppBytes = machofat.GetMacho(index % 2);
if (magic == 0xFEEDFACF)
{
goto case 0xFEEDFACF;
}
else
{
goto case 0xFEEDFACE;
}
case 0xFEEDFACF: // 64bit Mach-O
is64bit = true;
break;
case 0xFEEDFACE: // 32bit Mach-O
break;
}
var version = config.ForceIl2CppVersion ? config.ForceVersion : metadata.version;
Console.WriteLine("Initializing il2cpp file...");
if (isNSO)
{
var nso = new NSO(new MemoryStream(il2cppBytes), version, metadata.maxMetadataUsages);
il2Cpp = nso.UnCompress();
}
else if (isPE)
{
il2Cpp = new PE(new MemoryStream(il2cppBytes), version, metadata.maxMetadataUsages);
}
else if (isElf)
{
if (is64bit)
{
il2Cpp = new Elf64(new MemoryStream(il2cppBytes), version, metadata.maxMetadataUsages);
}
else
{
il2Cpp = new Elf(new MemoryStream(il2cppBytes), version, metadata.maxMetadataUsages);
}
}
else if (is64bit)
{
il2Cpp = new Macho64(new MemoryStream(il2cppBytes), version, metadata.maxMetadataUsages);
}
else
{
il2Cpp = new Macho(new MemoryStream(il2cppBytes), version, metadata.maxMetadataUsages);
}
if (mode == 0)
{
Console.WriteLine("Select Mode: 1.Manual 2.Auto 3.Auto(Plus) 4.Auto(Symbol)");
var modeKey = Console.ReadKey(true);
mode = int.Parse(modeKey.KeyChar.ToString());
}
if (mode != 1)
{
Console.WriteLine("Searching...");
}
try
{
bool flag;
switch (mode)
{
case 1: //Manual
Console.Write("Input CodeRegistration: ");
var codeRegistration = Convert.ToUInt64(Console.ReadLine(), 16);
Console.Write("Input MetadataRegistration: ");
var metadataRegistration = Convert.ToUInt64(Console.ReadLine(), 16);
il2Cpp.Init(codeRegistration, metadataRegistration);
flag = true;
break;
case 2: //Auto
flag = il2Cpp.Search();
break;
case 3: //Auto(Plus)
flag = il2Cpp.PlusSearch(metadata.methodDefs.Count(x => x.methodIndex >= 0), metadata.typeDefs.Length);
break;
case 4: //Auto(Symbol)
flag = il2Cpp.SymbolSearch();
break;
default:
Console.WriteLine("ERROR: You have to choose a mode.");
return(false);
}
if (!flag)
{
throw new Exception();
}
}
catch
{
throw new Exception("ERROR: Can't use this mode to process file, try another mode.");
}
return(true);
}
public Il2CppDecompiler(Il2CppExecutor il2CppExecutor)
{
executor = il2CppExecutor;
metadata = il2CppExecutor.metadata;
il2Cpp = il2CppExecutor.il2Cpp;
}
public DummyAssemblyCreator(Metadata metadata, Il2Cpp il2cpp)
{
this.metadata = metadata;
this.il2cpp = il2cpp;
//Il2CppDummyDll
var il2CppDummyDll = AssemblyDefinition.ReadAssembly(new MemoryStream(Resource1.Il2CppDummyDll));
var addressAttribute = il2CppDummyDll.MainModule.Types.First(x => x.Name == "AddressAttribute").Methods.First();
var fieldOffsetAttribute = il2CppDummyDll.MainModule.Types.First(x => x.Name == "FieldOffsetAttribute").Methods.First();
var stringType = il2CppDummyDll.MainModule.TypeSystem.String;
var resolver = new MyAssemblyResolver();
var moduleParameters = new ModuleParameters
{
Kind = ModuleKind.Dll,
AssemblyResolver = resolver
};
//创建程序集,同时创建所有类
foreach (var imageDef in metadata.imageDefs)
{
var assemblyName = new AssemblyNameDefinition(metadata.GetStringFromIndex(imageDef.nameIndex).Replace(".dll", ""), new Version("3.7.1.6"));
var assemblyDefinition = AssemblyDefinition.CreateAssembly(assemblyName, metadata.GetStringFromIndex(imageDef.nameIndex), moduleParameters);
resolver.Register(assemblyDefinition);
Assemblies.Add(assemblyDefinition);
var moduleDefinition = assemblyDefinition.MainModule;
moduleDefinition.Types.Clear();//清除自动创建的<Module>类
var typeEnd = imageDef.typeStart + imageDef.typeCount;
for (var index = imageDef.typeStart; index < typeEnd; ++index)
{
var typeDef = metadata.typeDefs[index];
var namespaceName = metadata.GetStringFromIndex(typeDef.namespaceIndex);
var typeName = metadata.GetStringFromIndex(typeDef.nameIndex);
TypeDefinition typeDefinition;
if (typeDef.declaringTypeIndex != -1)//nested types
{
typeDefinition = typeDefinitionDic[index];
}
else
{
typeDefinition = new TypeDefinition(namespaceName, typeName, (TypeAttributes)typeDef.flags);
moduleDefinition.Types.Add(typeDefinition);
typeDefinitionDic.Add(index, typeDefinition);
}
//nestedtype
for (int i = 0; i < typeDef.nested_type_count; i++)
{
var nestedIndex = metadata.nestedTypeIndices[typeDef.nestedTypesStart + i];
var nestedTypeDef = metadata.typeDefs[nestedIndex];
var nestedTypeDefinition = new TypeDefinition(metadata.GetStringFromIndex(nestedTypeDef.namespaceIndex), metadata.GetStringFromIndex(nestedTypeDef.nameIndex), (TypeAttributes)nestedTypeDef.flags);
typeDefinition.NestedTypes.Add(nestedTypeDefinition);
typeDefinitionDic.Add(nestedIndex, nestedTypeDefinition);
}
}
}
//先单独处理,因为不知道会不会有问题
for (var index = 0; index < metadata.uiNumTypes; ++index)
{
var typeDef = metadata.typeDefs[index];
var typeDefinition = typeDefinitionDic[index];
//parent
if (typeDef.parentIndex >= 0)
{
var parentType = il2cpp.types[typeDef.parentIndex];
var parentTypeRef = GetTypeReference(typeDefinition, parentType);
typeDefinition.BaseType = parentTypeRef;
}
//interfaces
for (int i = 0; i < typeDef.interfaces_count; i++)
{
var interfaceType = il2cpp.types[metadata.interfaceIndices[typeDef.interfacesStart + i]];
var interfaceTypeRef = GetTypeReference(typeDefinition, interfaceType);
typeDefinition.Interfaces.Add(interfaceTypeRef);
}
}
//处理field, method, property等等
for (var index = 0; index < metadata.uiNumTypes; ++index)
{
var typeDef = metadata.typeDefs[index];
var typeDefinition = typeDefinitionDic[index];
//field
var fieldEnd = typeDef.fieldStart + typeDef.field_count;
for (var i = typeDef.fieldStart; i < fieldEnd; ++i)
{
var fieldDef = metadata.fieldDefs[i];
var fieldType = il2cpp.types[fieldDef.typeIndex];
var fieldName = metadata.GetStringFromIndex(fieldDef.nameIndex);
var fieldTypeRef = GetTypeReference(typeDefinition, fieldType);
var fieldDefinition = new FieldDefinition(fieldName, (FieldAttributes)fieldType.attrs, fieldTypeRef);
typeDefinition.Fields.Add(fieldDefinition);
//fieldDefault
if (fieldDefinition.HasDefault)
{
var fieldDefault = metadata.GetFieldDefaultValueFromIndex(i);
if (fieldDefault != null && fieldDefault.dataIndex != -1)
{
fieldDefinition.Constant = GetDefaultValue(fieldDefault.dataIndex, fieldDefault.typeIndex);
}
}
//fieldOffset
var fieldOffset = il2cpp.GetFieldOffsetFromIndex(index, i - typeDef.fieldStart, i);
if (fieldOffset > 0)
{
var customAttribute = new CustomAttribute(typeDefinition.Module.Import(fieldOffsetAttribute));
var offset = new CustomAttributeNamedArgument("Offset", new CustomAttributeArgument(stringType, $"0x{fieldOffset:X}"));
customAttribute.Fields.Add(offset);
fieldDefinition.CustomAttributes.Add(customAttribute);
}
}
//method
var methodEnd = typeDef.methodStart + typeDef.method_count;
for (var i = typeDef.methodStart; i < methodEnd; ++i)
{
var methodDef = metadata.methodDefs[i];
var methodReturnType = il2cpp.types[methodDef.returnType];
var methodName = metadata.GetStringFromIndex(methodDef.nameIndex);
var methodDefinition = new MethodDefinition(methodName, (MethodAttributes)methodDef.flags, typeDefinition.Module.Import(typeof(void)));
typeDefinition.Methods.Add(methodDefinition);
methodDefinition.ReturnType = GetTypeReference(methodDefinition, methodReturnType);
if (methodDefinition.HasBody && typeDefinition.BaseType?.FullName != "System.MulticastDelegate")
{
var ilprocessor = methodDefinition.Body.GetILProcessor();
ilprocessor.Append(ilprocessor.Create(OpCodes.Nop));
}
methodDefinitionDic.Add(i, methodDefinition);
//method parameter
for (var j = 0; j < methodDef.parameterCount; ++j)
{
var parameterDef = metadata.parameterDefs[methodDef.parameterStart + j];
var parameterName = metadata.GetStringFromIndex(parameterDef.nameIndex);
var parameterType = il2cpp.types[parameterDef.typeIndex];
var parameterTypeRef = GetTypeReference(methodDefinition, parameterType);
var parameterDefinition = new ParameterDefinition(parameterName, (ParameterAttributes)parameterType.attrs, parameterTypeRef);
methodDefinition.Parameters.Add(parameterDefinition);
//ParameterDefault
if (parameterDefinition.HasDefault)
{
var parameterDefault = metadata.GetParameterDefaultValueFromIndex(methodDef.parameterStart + j);
if (parameterDefault != null && parameterDefault.dataIndex != -1)
{
parameterDefinition.Constant = GetDefaultValue(parameterDefault.dataIndex, parameterDefault.typeIndex);
}
}
}
//补充泛型参数
if (methodDef.genericContainerIndex >= 0)
{
var genericContainer = metadata.genericContainers[methodDef.genericContainerIndex];
if (genericContainer.type_argc > methodDefinition.GenericParameters.Count)
{
for (int j = methodDefinition.GenericParameters.Count + 1; j <= genericContainer.type_argc; j++)
{
var genericParameter = new GenericParameter("T" + j, methodDefinition);
methodDefinition.GenericParameters.Add(genericParameter);
}
}
}
//address
ulong methodPointer;
if (methodDef.methodIndex >= 0)
{
methodPointer = il2cpp.methodPointers[methodDef.methodIndex];
}
else
{
il2cpp.genericMethoddDictionary.TryGetValue(i, out methodPointer);
}
if (methodPointer > 0)
{
var customAttribute = new CustomAttribute(typeDefinition.Module.Import(addressAttribute));
var rva = new CustomAttributeNamedArgument("RVA", new CustomAttributeArgument(stringType, $"0x{methodPointer:X}"));
var offset = new CustomAttributeNamedArgument("Offset", new CustomAttributeArgument(stringType, $"0x{il2cpp.MapVATR(methodPointer):X}"));
customAttribute.Fields.Add(rva);
customAttribute.Fields.Add(offset);
methodDefinition.CustomAttributes.Add(customAttribute);
}
}
//property
var propertyEnd = typeDef.propertyStart + typeDef.property_count;
for (var i = typeDef.propertyStart; i < propertyEnd; ++i)
{
var propertyDef = metadata.propertyDefs[i];
var propertyName = metadata.GetStringFromIndex(propertyDef.nameIndex);
TypeReference propertyType = null;
MethodDefinition GetMethod = null;
MethodDefinition SetMethod = null;
if (propertyDef.get >= 0)
{
GetMethod = methodDefinitionDic[typeDef.methodStart + propertyDef.get];
propertyType = GetMethod.ReturnType;
}
if (propertyDef.set >= 0)
{
SetMethod = methodDefinitionDic[typeDef.methodStart + propertyDef.set];
if (propertyType == null)
{
propertyType = SetMethod.Parameters[0].ParameterType;
}
}
var propertyDefinition = new PropertyDefinition(propertyName, (PropertyAttributes)propertyDef.attrs, propertyType)
{
GetMethod = GetMethod,
SetMethod = SetMethod
};
typeDefinition.Properties.Add(propertyDefinition);
}
//event
var eventEnd = typeDef.eventStart + typeDef.event_count;
for (var i = typeDef.eventStart; i < eventEnd; ++i)
{
var eventDef = metadata.eventDefs[i];
var eventName = metadata.GetStringFromIndex(eventDef.nameIndex);
var eventType = il2cpp.types[eventDef.typeIndex];
var eventTypeRef = GetTypeReference(typeDefinition, eventType);
var eventDefinition = new EventDefinition(eventName, (EventAttributes)eventType.attrs, eventTypeRef);
if (eventDef.add >= 0)
{
eventDefinition.AddMethod = methodDefinitionDic[typeDef.methodStart + eventDef.add];
}
if (eventDef.remove >= 0)
{
eventDefinition.RemoveMethod = methodDefinitionDic[typeDef.methodStart + eventDef.remove];
}
if (eventDef.raise >= 0)
{
eventDefinition.InvokeMethod = methodDefinitionDic[typeDef.methodStart + eventDef.raise];
}
typeDefinition.Events.Add(eventDefinition);
}
//补充泛型参数
if (typeDef.genericContainerIndex >= 0)
{
var genericContainer = metadata.genericContainers[typeDef.genericContainerIndex];
if (genericContainer.type_argc > typeDefinition.GenericParameters.Count)
{
for (int j = typeDefinition.GenericParameters.Count + 1; j <= genericContainer.type_argc; j++)
{
var genericParameter = new GenericParameter("T" + j, typeDefinition);
typeDefinition.GenericParameters.Add(genericParameter);
}
}
}
}
//第三遍,添加CustomAttribute。只添加SerializeField用于MonoBehaviour的反序列化
if (il2cpp.version > 20)
{
var engine = Assemblies.Find(x => x.MainModule.Types.Any(t => t.Namespace == "UnityEngine" && t.Name == "SerializeField"));
var serializeField = engine.MainModule.Types.First(x => x.Name == "SerializeField").Methods.First();
for (var index = 0; index < metadata.uiNumTypes; ++index)
{
var typeDef = metadata.typeDefs[index];
var typeDefinition = typeDefinitionDic[index];
//field
var fieldEnd = typeDef.fieldStart + typeDef.field_count;
for (var i = typeDef.fieldStart; i < fieldEnd; ++i)
{
var fieldDef = metadata.fieldDefs[i];
var fieldName = metadata.GetStringFromIndex(fieldDef.nameIndex);
var fieldDefinition = typeDefinition.Fields.First(x => x.Name == fieldName);
//fieldAttribute
var attributeTypeRange = metadata.attributeTypeRanges[fieldDef.customAttributeIndex];
for (int j = 0; j < attributeTypeRange.count; j++)
{
var attributeTypeIndex = metadata.attributeTypes[attributeTypeRange.start + j];
var attributeType = il2cpp.types[attributeTypeIndex];
if (attributeType.type == Il2CppTypeEnum.IL2CPP_TYPE_CLASS)
{
var klass = metadata.typeDefs[attributeType.data.klassIndex];
var attributeName = metadata.GetStringFromIndex(klass.nameIndex);
if (attributeName == "SerializeField")
{
var customAttribute = new CustomAttribute(typeDefinition.Module.Import(serializeField));
fieldDefinition.CustomAttributes.Add(customAttribute);
}
}
}
}
}
}
}
public Il2CppExecutor(Metadata metadata, Il2Cpp il2Cpp)
{
this.metadata = metadata;
this.il2Cpp = il2Cpp;
}
private static bool Init(string il2cppPath, string metadataPath, out Metadata metadata, out Il2Cpp il2Cpp)
{
Console.WriteLine("Initializing metadata...");
var metadataBytes = File.ReadAllBytes(metadataPath);
metadata = new Metadata(new MemoryStream(metadataBytes));
Console.WriteLine($"Metadata Version: {metadata.Version}");
Console.WriteLine("Initializing il2cpp file...");
var il2cppBytes = File.ReadAllBytes(il2cppPath);
var il2cppMagic = BitConverter.ToUInt32(il2cppBytes, 0);
var il2CppMemory = new MemoryStream(il2cppBytes);
switch (il2cppMagic)
{
default:
throw new NotSupportedException("ERROR: il2cpp file not supported.");
case 0x6D736100:
var web = new WebAssembly(il2CppMemory);
il2Cpp = web.CreateMemory();
break;
case 0x304F534E:
var nso = new NSO(il2CppMemory);
il2Cpp = nso.UnCompress();
break;
case 0x905A4D: //PE
il2Cpp = new PE(il2CppMemory);
break;
case 0x464c457f: //ELF
if (il2cppBytes[4] == 2) //ELF64
{
il2Cpp = new Elf64(il2CppMemory);
}
else
{
il2Cpp = new Elf(il2CppMemory);
}
break;
case 0xCAFEBABE: //FAT Mach-O
case 0xBEBAFECA:
var machofat = new MachoFat(new MemoryStream(il2cppBytes));
Console.Write("Select Platform: ");
for (var i = 0; i < machofat.fats.Length; i++)
{
var fat = machofat.fats[i];
Console.Write(fat.magic == 0xFEEDFACF ? $"{i + 1}.64bit " : $"{i + 1}.32bit ");
}
Console.WriteLine();
var key = Console.ReadKey(true);
var index = int.Parse(key.KeyChar.ToString()) - 1;
var magic = machofat.fats[index % 2].magic;
il2cppBytes = machofat.GetMacho(index % 2);
il2CppMemory = new MemoryStream(il2cppBytes);
if (magic == 0xFEEDFACF)
{
goto case 0xFEEDFACF;
}
else
{
goto case 0xFEEDFACE;
}
case 0xFEEDFACF: // 64bit Mach-O
il2Cpp = new Macho64(il2CppMemory);
break;
case 0xFEEDFACE: // 32bit Mach-O
il2Cpp = new Macho(il2CppMemory);
break;
}
var version = config.ForceIl2CppVersion ? config.ForceVersion : metadata.Version;
il2Cpp.SetProperties(version, metadata.maxMetadataUsages);
Console.WriteLine($"Il2Cpp Version: {il2Cpp.Version}");
if (il2Cpp.Version >= 27 && il2Cpp is ElfBase elf && elf.IsDumped)
{
Console.WriteLine("Input global-metadata.dat dump address:");
metadata.Address = Convert.ToUInt64(Console.ReadLine(), 16);
}
Console.WriteLine("Searching...");
//try
{
//var flag = il2Cpp.PlusSearch(metadata.methodDefs.Count(x => x.methodIndex >= 0), metadata.typeDefs.Length);
var flag = false;
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
if (!flag && il2Cpp is PE)
{
Console.WriteLine("Use custom PE loader");
il2Cpp = PELoader.Load(il2cppPath);
il2Cpp.SetProperties(version, metadata.maxMetadataUsages);
flag = il2Cpp.PlusSearch(metadata.methodDefs.Count(x => x.methodIndex >= 0), metadata.typeDefs.Length);
}
}
if (!flag)
{
flag = il2Cpp.Search();
}
if (!flag)
{
flag = il2Cpp.SymbolSearch();
}
if (!flag)
{
Console.WriteLine("ERROR: Can't use auto mode to process file, try manual mode.");
Console.Write("Input CodeRegistration: ");
ulong codeRegistration = 0x581BD90; //Convert.ToUInt64(Console.ReadLine(), 16);
Console.Write("Input MetadataRegistration: ");
ulong metadataRegistration = 0x581C170; //Convert.ToUInt64(Console.ReadLine(), 16);
ProcessModuleCollection pms = Process.GetCurrentProcess().Modules;
ulong baseaddr = 0;
foreach (ProcessModule pm in pms)
{
if (pm.ModuleName == "UserAssembly.dll")
{
baseaddr = (ulong)pm.BaseAddress;
break;
}
}
Console.WriteLine("baseadr: 0x" + baseaddr.ToString("x2"));
//var codeRegistration = baseaddr + 0x581BD90;
//var metadataRegistration = baseaddr + 0x581C170;
il2Cpp.Init(baseaddr + codeRegistration, baseaddr + metadataRegistration);
return(true);
}
}
return(true);
}
