public static void SendChat(GameContext Context, string Text) { byte[] bs = Encoding.Unicode.GetBytes(Text); int strEnd = 0; int strMem = NativeFunctions.VirtualAllocEx(Context.HContext.Handle, 0, Text.Length + 10, NativeFunctions.AllocationType.Commit, NativeFunctions.MemoryProtection.ExecuteReadWrite); NativeFunctions.WriteProcessMemory(Context.HContext.Handle, strMem, bs, bs.Length, 0); NativeFunctions.WriteProcessMemory(Context.HContext.Handle, strMem + bs.Length, ref strEnd, 4, 0); var mscorlib_AddrHelper = Context.HContext.GetAddressHelper("mscorlib.dll"); int ctor = mscorlib_AddrHelper.GetFunctionAddress("System.String", "CtorCharPtr"); AssemblySnippet asm = AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)"push ecx", (Instruction)"push edx", AssemblySnippet.ConstructString(Context.HContext, strMem, Context.HContext.MainAddressHelper.GetStaticFieldAddress("Terraria.Main", "chatText")), (Instruction)$"mov byte ptr [{Context.HContext.MainAddressHelper.GetStaticFieldAddress("Terraria.Main", "drawingPlayerChat")}],1", (Instruction)$"mov byte ptr [{Context.HContext.MainAddressHelper.GetStaticFieldAddress("Terraria.Main", "inputTextEnter")}],1", (Instruction)$"mov byte ptr [{Context.HContext.MainAddressHelper.GetStaticFieldAddress("Terraria.Main", "chatRelease")}],1", (Instruction)"pop edx", (Instruction)"pop ecx" }); InlineHook.InjectAndWait(Context.HContext, asm, Context.HContext.MainAddressHelper.GetFunctionAddress("Terraria.Main", "DoUpdate"), true); NativeFunctions.VirtualFreeEx(Context.HContext.Handle, strMem, 0); }
public static void Call(GameContext Context, int targetAddr, int hookAddress, params object[] args) { Dictionary <int, int> strAddrs = new Dictionary <int, int>(); object[] trueArgs = args.Select(t => { if (!(t is string) || !(t as string).TrimStart().StartsWith("@")) { return(t); } string str = t as string; string trueStr = str.Substring(str.IndexOf("@") + 1); int strEnd = 0; byte[] bs = Encoding.Unicode.GetBytes(trueStr); int maddr = NativeFunctions.VirtualAllocEx(Context.HContext.Handle, 0, bs.Length + 4, NativeFunctions.AllocationType.Commit, NativeFunctions.MemoryProtection.ExecuteReadWrite); int taddr = NativeFunctions.VirtualAllocEx(Context.HContext.Handle, 0, 4, NativeFunctions.AllocationType.Commit, NativeFunctions.MemoryProtection.ExecuteReadWrite); NativeFunctions.WriteProcessMemory(Context.HContext.Handle, maddr, bs, bs.Length, 0); NativeFunctions.WriteProcessMemory(Context.HContext.Handle, maddr + bs.Length, ref strEnd, 4, 0); strAddrs[taddr] = maddr; return(taddr); }).ToArray(); for (int i = 0; i < args.Length; i++) { var t = args[i]; if (!(t is string) || !(t as string).TrimStart().StartsWith("@")) { trueArgs[i] = args[i]; continue; } string str = t as string; string trueStr = str.Substring(str.IndexOf("@") + 1); int strEnd = 0; byte[] bs = Encoding.Unicode.GetBytes(trueStr); int maddr = NativeFunctions.VirtualAllocEx(Context.HContext.Handle, 0, bs.Length + 4, NativeFunctions.AllocationType.Commit, NativeFunctions.MemoryProtection.ExecuteReadWrite); int taddr = NativeFunctions.VirtualAllocEx(Context.HContext.Handle, 0, 4, NativeFunctions.AllocationType.Commit, NativeFunctions.MemoryProtection.ExecuteReadWrite); NativeFunctions.WriteProcessMemory(Context.HContext.Handle, maddr, bs, bs.Length, 0); NativeFunctions.WriteProcessMemory(Context.HContext.Handle, maddr + bs.Length, ref strEnd, 4, 0); strAddrs[taddr] = maddr; trueArgs[i] = $"dword ptr [{taddr}]"; } AssemblySnippet snippet = AssemblySnippet.FromCode( new AssemblyCode[] { (Instruction)"pushad", AssemblySnippet.FromCode( strAddrs.Select(t => AssemblySnippet.ConstructString( Context.HContext, t.Value, t.Key ))), AssemblySnippet.FromClrCall( targetAddr, null, false, trueArgs), (Instruction)"popad" }); InlineHook.InjectAndWait(Context.HContext, snippet, hookAddress, true); //Console.WriteLine(snippet.GetCode()); foreach (var addrs in strAddrs) { NativeFunctions.VirtualFreeEx(Context.HContext.Handle, addrs.Key, 0); NativeFunctions.VirtualFreeEx(Context.HContext.Handle, addrs.Value, 0); } }