public CodePatternContext(MiniDumpMemoryReader dump, PEHeaderReader pe)
{
Dump = dump;
_pe = pe;
Text = new Range(Dump.ImageBase, _pe.ImageSectionHeaders.First(s => new string(s.Name).StartsWith(".text")));
Data = new Range(Dump.ImageBase, _pe.ImageSectionHeaders.First(s => new string(s.Name).StartsWith(".data")));
Resources = new Range(Dump.ImageBase, _pe.ImageSectionHeaders.First(s => new string(s.Name).StartsWith(".rdata")));
TextBuffer = Dump.ReadBytes(Text.Start, (int)Text.Size);
DataBuffer = Dump.ReadBytes(Data.Start, (int)Data.Size);
ResourcesBuffer = Dump.ReadBytes(Resources.Start, (int)Resources.Size);
}
private static byte[] AddSignatureToFile(byte[] signature, byte[] dataToSign)
{
PEHeaderReader reader = new PEHeaderReader("myDllFileLocation");
if (reader.Is32BitHeader)
{
PEHeaderReader.IMAGE_OPTIONAL_HEADER32 header32 = reader.OptionalHeader32;
header32.
}
else
{
PEHeaderReader.IMAGE_OPTIONAL_HEADER64 header64 = reader.OptionalHeader64;
}
}
private static uint GetStatic_LevelArea(byte[] data, SymbolMap symbols)
{
const string key = "LevelArea";
var match = symbols.BestMatch(key);
if (match != 0)
{
return(match);
}
if (Engine.Current == null)
{
return(0);
}
try
{
var pe = new PEHeaderReader(data);
var rdata = pe.ImageSectionHeaders.FirstOrDefault(h => h.Section.TrimEnd('\0') == ".rdata");
var text = pe.ImageSectionHeaders.FirstOrDefault(h => h.Section.TrimEnd('\0') == ".text");
uint offset = rdata.VirtualAddress - rdata.PointerToRawData + pe.OptionalHeader32.ImageBase;
var pName = (uint)(offset + new BinaryPattern(Encoding.ASCII.GetBytes("UIMinimapToggle")).NextMatch(data, (int)rdata.PointerToRawData, (int)rdata.SizeOfRawData));
var pMethod = BitConverter.ToUInt32(data, BinaryPattern.Parse(
$"68{pName.ToPattern()}" +
"A3........" +
"C705................" +
"C705................" +
"E8........" +
"68........" +
"A3........" +
"C705........|........|").NextMatch(data, (int)text.PointerToRawData, (int)text.SizeOfRawData) + 51);
if (Engine.Current.Memory.Reader.Read <byte>(pMethod + 0x00) == 0x8B &&
Engine.Current.Memory.Reader.Read <byte>(pMethod + 0x01) == 0x0D)
{
var address = Engine.Current.Memory.Reader.Read <uint>(pMethod + 0x02);
symbols.Override(key, address);
return(address);
}
}
catch { }
return(0);
}
public static void Run()
{
var path = Environment.ExpandEnvironmentVariables(@"%TEMP%\Diablo III.DMP");
var dump = new MiniDumpMemoryReader(path);
var pe = new PEHeaderReader(dump.ReadBytes(dump.ImageBase, 1024));
_ctx = new CodePatternContext(dump, pe);
_symbols = new SymbolTable();
_symbols.Version = dump.MainModuleVersion;
_symbols.DataSegment.Address = _ctx.Data.Start;
FindObjectManager();
FindActors();
FindACDs();
FindSNOs();
FindAttributeDescriptors();
FindApplicationCore();
FindLevelArea();
FindPreferences();
FindMapActId();
FindContainerManager();
FindMessageDescriptors();
FindPlayerData();
var dir = new DirectoryInfo("enigma-d3-memory-" + new Version(_symbols.Version.ToString()));
dir.Create();
WriteObjectPtrFile(dir);
WriteGlobalsFile(dir);
var project = new SharedProject("862a67ee-9ceb-42fe-9406-d7feafc55b00", "Enigma.D3.Memory");
project.AddCompileFile(Path.Combine(dir.FullName, "Globals.cs"));
//project.AddCompileFile(Path.Combine(dir.FullName, "MethodPtr.cs"));
project.AddCompileFile(Path.Combine(dir.FullName, "ObjectPtr.cs"));
project.Save(Path.Combine(dir.FullName, "Enigma.D3.Memory.Generated.*"));
if (Program.DeployGeneratedCode)
{
project.Deploy(
dir,
Program.SolutionDirectory.CreateSubdirectory(project.RootNamespace + ".Generated"));
}
}
public PEFile Read(Stream stream)
{
var dosHeader = DosHeaderReader.Read(stream);
uint fillingByteCount = dosHeader.lfanew - DosHeaderReader.DosHeaderSize;
byte[] fillingBytes = fillingByteCount > 0 ? new byte[fillingByteCount] : null;
stream.CheckedReadBytes(fillingBytes, "seeking to PE header");
stream.CheckedExpect(
(byte)'P', (byte)'E',
0, 0,
"reading PE singature");
var peHeader = PEHeaderReader.Read(stream);
var optionalHeader = OptionalHeaderReader.Read(
stream,
peHeader.SizeOfOptionalHeader);
Section[] sections;
if (peHeader.NumberOfSections > 0)
{
sections = new Section[peHeader.NumberOfSections];
for (int i = 0; i < sections.Length; i++)
{
sections[i] = SectionHeaderReader.Read(stream);
}
}
else
{
sections = null;
}
return(new PEFile
{
DosHeader = dosHeader,
Header = peHeader,
OptionalHeader = optionalHeader,
Sections = sections
});
}
internal static void Run()
{
var exe = Program.GetExeFile();
var data = File.ReadAllBytes(exe.FullName);
var mem = new BufferMemoryReader(data);
var version = FileVersionInfo.GetVersionInfo(exe.FullName).FileVersion;
PE = new PEHeaderReader(data);
var symbols = SymbolLocator.FindAll(data, mem);
uint containerManager;
var dir = new DirectoryInfo("enigma-d3-memory-" + new Version(version.Replace(", ", ".")));
dir.Create();
var objPtrs = new Dictionary <string, uint>();
objPtrs.Add("SNOGroups", symbols.BestMatch("SnoGroups"));
objPtrs.Add("SNOGroupsByCode", symbols.BestMatch("SnoGroupsByCode"));
objPtrs.Add("AttributeDescriptors", symbols.BestMatch("AttributeDescriptors"));
objPtrs.Add("MessageDescriptor", symbols.BestMatch("MessageDescriptor"));
objPtrs.Add("LocalData", symbols.BestMatch("LocalData"));
objPtrs.Add("ContainerManager", containerManager = symbols.BestMatch("ContainerManager"));
objPtrs.Add("ApplicationLoopCount", symbols.BestMatch("ApplicationLoopCount"));
objPtrs.Add("ObjectManager", symbols.BestMatch("ObjectManager"));
objPtrs.Add("ObjectManagerPristine", symbols.BestMatch("ObjectManagerPristine"));
objPtrs.Add("MapActId", symbols.BestMatch("MapActId"));
objPtrs.Add("VideoPreferences", symbols.BestMatch("VideoPreferences"));
objPtrs.Add("SoundPreferences", symbols.BestMatch("SoundPreferences"));
objPtrs.Add("GameplayPreferences", symbols.BestMatch("GameplayPreferences"));
objPtrs.Add("SocialPreferences", symbols.BestMatch("SocialPreferences"));
objPtrs.Add("ChatPreferences", symbols.BestMatch("ChatPreferences"));
objPtrs.Add("HotkeyPreferences", objPtrs["SoundPreferences"] == 0 ? 0 : objPtrs["SoundPreferences"] + 0x50);
objPtrs.Add("LevelArea", GetStatic_LevelArea(data, symbols));
objPtrs.Add("LevelAreaName", GetStatic_LevelAreaName(data, symbols));
WriteObjectPtrFile(Path.Combine(dir.FullName, "ObjectPtr.cs"), objPtrs);
var methodPtrs = new Dictionary <string, uint>();
methodPtrs.Add("SNOGroups_Initialize", TranslateToVA(symbols.BestMatch("CSnoGroups::Initialize")));
methodPtrs.Add("GameMessage_GetHandlerInfo", TranslateToVA(symbols.BestMatch("CGameMessage::GetHandlerInfo")));
WriteMethodPtrFile(Path.Combine(dir.FullName, "MethodPtr.cs"), methodPtrs);
var globals = new Dictionary <string, string>();
globals.Add("static readonly Version SupportedVersion", $"new Version({version})");
globals.Add("const int SNOGroupsCount", "60"); // TODO: Don't hardcode.
globals.Add("const int AttributeDescriptorsCount", GetAttributeDescriptorsCount(symbols).ToString());
var sizeof_playerdata = symbols.BestMatch("sizeof(PlayerData)"); // ((symbols.BestMatch("sizeof(PlayerDataManager)") - 0x038) / 8);
globals.Add("const int SizeOf_PlayerData", sizeof_playerdata.ToHex());
if (Engine.Current?.ProcessVersion == Engine.SupportedVersion)
{
globals.Add("const int Offset_PlayerData_HeroName", GetOffset_PlayerData_HeroName(sizeof_playerdata).ToHex());
globals.Add("const int Offset_PlayerData_LifePercentage", GetOffset_PlayerData_LifePercentage(sizeof_playerdata).ToHex());
}
else
{
globals.Add("const int Offset_PlayerData_HeroName", "0; // Run [CodeGen -memory -deploy] again");
globals.Add("const int Offset_PlayerData_LifePercentage", "0; // Run [CodeGen -memory -deploy] again");
}
// TODO: globals.Add("const int SizeOf_LevelArea", symbols.BestMatch("sizeof(LevelArea)").ToHex());
WriteGlobalsFile(Path.Combine(dir.FullName, "Globals.cs"), globals);
var project = new SharedProject("862a67ee-9ceb-42fe-9406-d7feafc55b00", "Enigma.D3.Memory");
project.AddCompileFile(Path.Combine(dir.FullName, "Globals.cs"));
project.AddCompileFile(Path.Combine(dir.FullName, "MethodPtr.cs"));
project.AddCompileFile(Path.Combine(dir.FullName, "ObjectPtr.cs"));
project.Save(Path.Combine(dir.FullName, "Enigma.D3.Memory.Generated.*"));
if (Program.DeployGeneratedCode)
{
project.Deploy(
dir,
Program.SolutionDirectory.CreateSubdirectory(project.RootNamespace + ".Generated"));
}
}
public MiniDumpMemoryReader(string path)
{
if (string.IsNullOrWhiteSpace(path))
{
throw new ArgumentNullException("path");
}
_fileStream = File.Open(path, FileMode.Open, FileAccess.Read, FileShare.Read);
var mem = new FileMemoryReader(path);
var header = mem.Read <MiniDump.Header>(0x00);
var dirs = mem.Read <MiniDump.Directory>(header.StreamDirectoryRva, (int)header.NumberOfStreams);
var moduleList = dirs.SingleOrDefault(a => a.StreamType == MiniDump.StreamType.ModuleListStream);
if (moduleList.StreamType != MiniDump.StreamType.ModuleListStream)
{
throw new InvalidOperationException("The minidump file does not contain a module list.");
}
var modules = mem.Read <MiniDump.List <MiniDump.Module> >(moduleList.Location.Rva).Items;
var threadList = dirs.SingleOrDefault(x => x.StreamType == MiniDump.StreamType.ThreadListStream);
if (threadList.StreamType == MiniDump.StreamType.ThreadListStream)
{
_threads = mem.Read <MiniDump.List <MiniDump.Thread> >(threadList.Location.Rva).Items;
}
var mainModule = modules.FirstOrDefault(a => a.VersionInfo.FileType == 1);
MainModuleVersion = mainModule.VersionInfo.FileVersion;
ImageBase = mainModule.BaseOfImage;
var memory64ListDir = dirs.SingleOrDefault(a => a.StreamType == MiniDump.StreamType.Memory64ListStream);
if (memory64ListDir.StreamType != MiniDump.StreamType.Memory64ListStream)
{
throw new InvalidOperationException("The minidump file does not contain a full memory dump.");
}
var memory64List = mem.Read <MiniDump.Memory64List>(memory64ListDir.Location.Rva);
var rva = memory64List.BaseRva;
var ranges = memory64List.MemoryRanges;
var pages = new List <Page>();
for (int i = 0; i < ranges.Length; i++)
{
pages.Add(new Page
{
StartOfMemoryRange = ranges[i].StartOfMemoryRange,
DataSize = ranges[i].DataSize,
Rva = rva
});
rva += ranges[i].DataSize;
}
_pages = pages;
_pageStarts = _pages.Select(a => a.StartOfMemoryRange).ToList();
_minValidAddress = _pages[0].StartOfMemoryRange;
_maxValidAddress = _pages[_pages.Count - 1].StartOfMemoryRange + _pages[_pages.Count - 1].DataSize;
var pe = new PEHeaderReader(ReadBytes(ImageBase, 2048));
_pointerSize = pe.Is32BitHeader ? 4 : 8;
}
