public static bool GetGameAssembly(IntPtr handle, out IntPtr unityModule)
{
if (Memory.IsDriver)
{
unityModule = (IntPtr)MemoryDriver.GetModule("UserAssembly.dll");
if (unityModule == IntPtr.Zero)
{
unityModule = (IntPtr)MemoryDriver.GetModule("GameAssembly.dll");
}
return(unityModule != IntPtr.Zero);
}
int size = Is64BitProcess(handle) ? 8 : 4;
IntPtr[] ptrs = new IntPtr[0];
if (!Native.EnumProcessModulesEx(
handle, ptrs, 0, out int bytesNeeded, ModuleFilter.LIST_MODULES_ALL))
{
throw new InjectorException("Failed to enumerate process modules", new Win32Exception(Marshal.GetLastWin32Error()));
}
int count = bytesNeeded / size;
ptrs = new IntPtr[count];
if (!Native.EnumProcessModulesEx(
handle, ptrs, bytesNeeded, out bytesNeeded, ModuleFilter.LIST_MODULES_ALL))
{
throw new InjectorException("Failed to enumerate process modules", new Win32Exception(Marshal.GetLastWin32Error()));
}
for (int i = 0; i < count; i++)
{
StringBuilder path = new StringBuilder(260);
Native.GetModuleFileNameEx(handle, ptrs[i], path, 260);
if (path.ToString().IndexOf("GameAssembly", StringComparison.OrdinalIgnoreCase) > -1 || path.ToString().IndexOf("UserAssembly", StringComparison.OrdinalIgnoreCase) > -1)
{
if (!Native.GetModuleInformation(handle, ptrs[i], out MODULEINFO info, (uint)(size * ptrs.Length)))
{
throw new InjectorException("Failed to get module information", new Win32Exception(Marshal.GetLastWin32Error()));
}
var funcs = GetExportedFunctions(handle, info.lpBaseOfDll);
if (funcs.Any(f => f.Name == "il2cpp_thread_attach"))
{
unityModule = info.lpBaseOfDll;
return(true);
}
}
}
unityModule = IntPtr.Zero;
return(false);
}
public static bool GetMonoModule(IntPtr handle, out IntPtr monoModule)
{
int size = Is64BitProcess(handle) ? 8 : 4;
IntPtr[] ptrs = new IntPtr[0];
if (!Native.EnumProcessModulesEx(handle, ptrs, 0, out int bytesNeeded, ModuleFilter.LIST_MODULES_ALL))
{
throw new InjectorException("Failed to enumerate process modules", new Win32Exception(Marshal.GetLastWin32Error()));
}
int count = bytesNeeded / size;
ptrs = new IntPtr[count];
if (!Native.EnumProcessModulesEx(handle, ptrs, bytesNeeded, out bytesNeeded, ModuleFilter.LIST_MODULES_ALL))
{
throw new InjectorException("Failed to enumerate process modules", new Win32Exception(Marshal.GetLastWin32Error()));
}
for (int i = 0; i < count; i++)
{
try
{
StringBuilder path = new StringBuilder(260);
Native.GetModuleFileNameEx(handle, ptrs[i], path, 260);
if (path.ToString().IndexOf("mono", StringComparison.OrdinalIgnoreCase) > -1)
{
if (!Native.GetModuleInformation(handle, ptrs[i], out MODULEINFO info, (uint)(size * ptrs.Length)))
{
throw new InjectorException("Failed to get module information", new Win32Exception(Marshal.GetLastWin32Error()));
}
var funcs = GetExportedFunctions(handle, info.lpBaseOfDll);
if (funcs.Any(f => f.Name == "mono_get_root_domain"))
{
monoModule = info.lpBaseOfDll;
return(true);
}
}
}
catch (Exception ex) { File.AppendAllText(AppDomain.CurrentDomain.BaseDirectory + "\\DebugLog.txt", "[ProcessUtils] GetMono - ERROR: " + ex.Message + "\r\n"); }
}
monoModule = IntPtr.Zero;
return(false);
}
public static IntPtr GetMonoModule(Process process)
{
int size = process.Is64Bit() ? 8 : 4;
IntPtr[] modulePointers = new IntPtr[0];
if (!Native.EnumProcessModulesEx(
process.Handle, modulePointers, 0, out int bytesNeeded, ModuleFilter.LIST_MODULES_ALL))
{
return(IntPtr.Zero);
}
int count = bytesNeeded / size;
modulePointers = new IntPtr[count];
if (Native.EnumProcessModulesEx(
process.Handle, modulePointers, bytesNeeded, out bytesNeeded, ModuleFilter.LIST_MODULES_ALL))
{
for (int i = 0; i < count; i++)
{
StringBuilder path = new StringBuilder(260);
Native.GetModuleFileNameEx(
process.Handle, modulePointers[i], path, 260);
if (path.ToString().EndsWith("mono.dll", StringComparison.OrdinalIgnoreCase))
{
Native.GetModuleInformation(process.Handle, modulePointers[i], out MODULEINFO info, (uint)(size * modulePointers.Length));
return(info.lpBaseOfDll);
}
}
}
return(IntPtr.Zero);
}
