public IntPtr Execute(IOperation operation, RemoteProcess process)
{
Contract.Requires(operation != null);
Contract.Requires(process != null);
if (operation is OffsetOperation offsetOperation)
{
return(offsetOperation.Value);
}
if (operation is ModuleOffsetOperation moduleOffsetOperation)
{
var module = process.GetModuleByName(moduleOffsetOperation.Name);
if (module != null)
{
return(module.Start);
}
return(IntPtr.Zero);
}
if (operation is AdditionOperation additionOperation)
{
var addition = additionOperation;
return(Execute(addition.Argument1, process).Add(Execute(addition.Argument2, process)));
}
if (operation is SubtractionOperation subtractionOperation)
{
var addition = subtractionOperation;
return(Execute(addition.Argument1, process).Sub(Execute(addition.Argument2, process)));
}
if (operation is MultiplicationOperation multiplicationOperation)
{
var multiplication = multiplicationOperation;
return(Execute(multiplication.Argument1, process).Mul(Execute(multiplication.Argument2, process)));
}
if (operation is DivisionOperation divisionOperation)
{
var division = divisionOperation;
return(Execute(division.Dividend, process).Div(Execute(division.Divisor, process)));
}
if (operation is ReadPointerOperation pointerOperation)
{
return(process.ReadRemoteIntPtr(Execute(pointerOperation.Argument, process)));
}
throw new ArgumentException($"Unsupported operation '{operation.GetType().FullName}'.");
}
/// <summary>Creates a new default class.</summary>
public void CreateNewDefaultClass()
{
var node = ClassNode.Create();
node.AddBytes(64);
var mainModule = remoteProcess.GetModuleByName(remoteProcess.UnderlayingProcess?.Name);
if (mainModule != null)
{
node.Address = mainModule.Start;
}
classesView.SelectedClass = node;
}
private void OnProcessAttached(RemoteProcess process)
{
process.UpdateProcessInformations();
resolver = null;
var processName = Path.GetFileName(process.UnderlayingProcess.Path).ToLower();
var settings = Applications.FirstOrDefault(s => s.ProcessName == processName);
if (settings != null)
{
var moduleName = string.IsNullOrEmpty(settings.PatternModule) ? settings.ProcessName : settings.PatternModule;
var namesArrayPtr = PatternScanner.FindPattern(
BytePattern.Parse(settings.Pattern),
process,
process.GetModuleByName(moduleName)
);
if (!namesArrayPtr.IsNull())
{
switch (settings.PatternMethod)
{
case PatternMethod.Direct:
namesArrayPtr = process.ReadRemoteIntPtr(namesArrayPtr + settings.PatternOffset);
break;
case PatternMethod.Derefence:
var temp = process.ReadRemoteIntPtr(namesArrayPtr + settings.PatternOffset);
namesArrayPtr = process.ReadRemoteIntPtr(temp);
break;
}
if (namesArrayPtr.MayBeValid())
{
switch (settings.Version)
{
case UnrealEngineVersion.UE1:
resolver = new UnrealEngine1NameResolver(process, new UnrealEngine1Config(settings)
{
GlobalArrayPtr = namesArrayPtr
});
break;
case UnrealEngineVersion.UE2:
resolver = new UnrealEngine2NameResolver(process, new UnrealEngine2Config(settings)
{
GlobalArrayPtr = namesArrayPtr
});
break;
case UnrealEngineVersion.UE3:
resolver = new UnrealEngine3NameResolver(process, new UnrealEngine3Config(settings)
{
GlobalArrayPtr = namesArrayPtr
});
break;
case UnrealEngineVersion.UE4:
resolver = new UnrealEngine4NameResolver(process, new UnrealEngine4Config(settings)
{
GlobalArrayPtr = namesArrayPtr
});
break;
default:
throw new ArgumentOutOfRangeException();
}
}
}
}
}
/// <summary>
/// Called when [process attached].
/// </summary>
/// <param name="sender">The process instance.</param>
void OnProcessAttached(RemoteProcess sender)
{
sender.UpdateProcessInformations();
var mainModule = sender.GetModuleByName(sender.UnderlayingProcess.Name);
if (mainModule is null)
{
return;
}
dynamic gnames = null;
switch (sender.UnderlayingProcess.Name)
{
case "RocketLeague.exe":
{
Game = GameType.RocketLeague;
var namesPtr = PatternScanner.Search(sender, mainModule, "E8 [....] 48 83 CF FF 45 85 FF", (bytes, address) =>
{
address += BitConverter.ToInt32(bytes, address) + 0x4 + 0x2c;
address += BitConverter.ToInt32(bytes, address + 0x3) + 0x7;
return(address);
});
if (namesPtr.IsNull())
{
return;
}
gnames = sender.ReadRemoteObject <RocketLeague.GNames>(namesPtr);
break;
}
case "KFGame.exe":
{
Game = GameType.KillingFloor2;
var namesPtr = PatternScanner.Search(sender, mainModule, "E8 [....] 48 83 CB FF 45 85 F6", (bytes, address) =>
{
address += BitConverter.ToInt32(bytes, address) + 0x4 + 0x7a;
address += BitConverter.ToInt32(bytes, address + 0x3) + 0x7;
return(address);
});
if (namesPtr.IsNull())
{
return;
}
gnames = sender.ReadRemoteObject <KillingFloor2.GNames>(namesPtr);
break;
}
default:
Terminate();
return;
}
if (gnames.Names.Num is 0)
{
return;
}
NameDump.Clear();
for (var i = 0; i < gnames.Names.Num; i++)
{
var nameEntry = gnames.Names.Read(sender, i, true);
if (nameEntry.Name is null)
{
continue;
}
NameDump.Add(i, nameEntry.Name);
}
}
