private void RenderFile()
{
FFmpeg.AVFormatContext context = pFormatCtx.Handle;
for (int index = 0; index < context.nb_streams; index++)
{
NativeWrapper<FFmpeg.AVStream> stream = new NativeWrapper<FFmpeg.AVStream>(context.streams[index]);
NativeWrapper<FFmpeg.AVCodecContext> codec = new NativeWrapper<FFmpeg.AVCodecContext>(stream.Handle.codec);
FFmpeg.AVCodecContext codecContext = codec.Handle;
if (codecContext.codec_type == FFmpeg.CodecType.CODEC_TYPE_AUDIO)
{
audioDecoder = new AvDecoder(stream, codec, index);
}
else if (codecContext.codec_type == FFmpeg.CodecType.CODEC_TYPE_VIDEO)
{
videoDecoder = new AvDecoder(stream, codec, index);
}
}
fileReader = new FileReader(pFormatCtx);
demux = new Demux(pFormatCtx);
audioRender = new AudioRender();
videoRender = new VideoRender();
//connect pipe
fileReader.ConnectTo(demux);
demux.ConnectTo(audioDecoder);
demux.ConnectTo(videoDecoder);
audioDecoder.ConnectTo(audioRender);
videoDecoder.ConnectTo(videoRender);
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
IsGSOLoaded = true;
if (GSOLoaded != null)
{
GSOLoaded();
}
}
public FFmpegBase(string fileName)
{
IntPtr context = IntPtr.Zero;
int ret = FFmpeg.av_open_input_file(out context, fileName, IntPtr.Zero, 0, IntPtr.Zero);
if (ret < 0)
throw new InvalidOperationException("can not open input file");
ret = FFmpeg.av_find_stream_info(context);
if (ret < 0)
throw new InvalidOperationException("can not find stream info");
pFormatCtx = new NativeWrapper<FFmpeg.AVFormatContext>(context);
RenderFile();
}
private void DoThreadWork()
{
while(true)
{
if( !threadWorking )
return;
IntPtr pPacket = Marshal.AllocHGlobal(Marshal.SizeOf(new FFmpeg.AVPacket()));
NativeWrapper<FFmpeg.AVPacket> hPacket = new NativeWrapper<FFmpeg.AVPacket>(pPacket);
if (FFmpeg.av_read_frame(pFormatCtx.Ptr, hPacket.Ptr) < 0)
continue;
PushToNext(hPacket);
}
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
var pResult = env.GetParameterP(6);
var ret = _Original(
env.GetParameterP(0),
env.GetParameterI(1),
env.GetParameterI(2),
env.GetParameterP(3),
env.GetParameterI(4),
env.GetParameterP(5),
pResult);
env.SetReturnValue((IntPtr)ret);
Direct3DHelper.OnDeviceCreated(Marshal.ReadIntPtr(pResult));
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
var p0 = env.GetParameterP(0);
var p1 = env.GetParameterP(1);
var p2 = env.GetParameterI(2);
var p3 = env.GetParameterP(3);
var p4 = env.GetParameterP(4);
var ret = _Original(p0, p1, p2, p3, p4);
env.SetReturnValue(ret);
if (p2 == 0x17)
{
new InjectCreateDevice().InjectSelf(Marshal.ReadIntPtr(p4));
}
}
public string Compile(string rawSass)
{
var inputContext = new NativeWrapper<sass_context>();
try
{
inputContext.Value.input_string = rawSass.ToPointer();
SassLibNative.sass_compile(inputContext.Pointer);
inputContext.Refresh();
return inputContext.Value.output_string.ToManagedString();
}
finally
{
inputContext.Dispose();
}
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
System.Windows.Forms.MessageBox.Show("draw");
var p0 = env.GetParameterP(0);
var p1 = env.GetParameterI(1);
var p2 = env.GetParameterI(2);
var p3 = env.GetParameterP(3);
var p4 = env.GetParameterI(4);
Marshal.Copy(p3, _Buffer, 0, _Buffer.Length);
for (int i = 0; i < 4; ++i)
{
_Buffer[i * 7] += _OffsetX;
_Buffer[i * 7 + 1] += _OffsetY;
}
Marshal.Copy(_Buffer, 0, p3, _Buffer.Length);
env.SetReturnValue(_Original(p0, p1, p2, p3, p4));
}
public void Close()
{
if (fileReader != null)
fileReader.Close();
if (demux != null)
demux.Close();
if (audioDecoder != null)
audioDecoder.Close();
if (videoDecoder != null)
videoDecoder.Close();
if (audioRender != null)
audioRender.Close();
if (videoRender != null)
videoRender.Close();
if (pFormatCtx != null)
{
FFmpeg.av_close_input_file(pFormatCtx.Ptr);
pFormatCtx = null;
}
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
var p0 = env.GetParameterP(0);
var p1 = env.GetParameterP(1);
var p2 = env.GetParameterI(2);
var p3 = env.GetParameterI(3);
var p4 = env.GetParameterP(4);
var p5 = env.GetParameterP(5);
var ret = _Original(p0, p1, p2, p3, p4, p5);
env.SetReturnValue(ret);
if (ret >= 0)
{
StringBuilder sb = new StringBuilder();
for (int i = 0; i < ret; ++i)
{
sb.Append(Marshal.ReadByte(p1, i).ToString("X2"));
sb.Append(' ');
}
_Form.Append("Recv", sb.ToString());
}
}
public int GetHostInfo(NativeWrapper.DOCHOSTUIINFO info)
{
const int DOCHOSTUIFLAG_ENABLE_REDIRECT_NOTIFICATION = 0x4000000;
const int DOCHOSTUIFLAG_NO3DOUTERBORDER = 0x0020000;
const int DOCHOSTUIFLAG_DISABLE_SCRIPT_INACTIVE = 0x00000010;
const int DOCHOSTUIFLAG_NOTHEME = 0x00080000;
const int DOCHOSTUIFLAG_SCROLL_NO = 0x00000008;
const int DOCHOSTUIFLAG_FLAT_SCROLLBAR = 0x00000080;
const int DOCHOSTUIFLAG_THEME = 0x00040000;
const int DOCHOSTUIFLAG_DPI_AWARE = 0x40000000;
WebBrowser host = this.host;
info.dwDoubleClick = 0;
info.dwFlags = DOCHOSTUIFLAG_NO3DOUTERBORDER | DOCHOSTUIFLAG_DISABLE_SCRIPT_INACTIVE;
if (NativeWrapper.NativeMethods.IsProcessDPIAware())
{
info.dwFlags |= DOCHOSTUIFLAG_DPI_AWARE;
}
if (host.ScrollBarsEnabled)
{
info.dwFlags |= DOCHOSTUIFLAG_FLAT_SCROLLBAR;
}
else
{
info.dwFlags |= DOCHOSTUIFLAG_SCROLL_NO;
}
if (Application.RenderWithVisualStyles)
{
info.dwFlags |= DOCHOSTUIFLAG_THEME;
}
else
{
info.dwFlags |= DOCHOSTUIFLAG_NOTHEME;
}
info.dwFlags |= DOCHOSTUIFLAG_ENABLE_REDIRECT_NOTIFICATION;
return S_OK;
}
public AvDecoder(NativeWrapper<FFmpeg.AVStream> stream, NativeWrapper<FFmpeg.AVCodecContext> codecCtx, int index)
{
streamIndex = index;
pStream = stream;
pCodecCtx = codecCtx;
FFmpeg.AVCodecContext codecContext = codecCtx.Handle;
IntPtr decoder = FFmpeg.avcodec_find_decoder(codecContext.codec_id);
if (decoder != IntPtr.Zero)
{
pCodec = new NativeWrapper<FFmpeg.AVCodec>(decoder);
if ((pCodec.Handle.capabilities & FFmpeg.CODEC_FLAG_TRUNCATED) != 0)
{
codecContext.flags |= FFmpeg.CODEC_FLAG_TRUNCATED;
pCodecCtx.Handle = codecContext;
}
}
else
throw new InvalidOperationException("no such decoder");
int ret = FFmpeg.avcodec_open(pCodecCtx.Ptr, pCodec.Ptr);
if (ret < 0)
throw new InvalidOperationException("no such decoder");
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
var pVM = env.GetRegister(Register.EAX);
SquirrelVM = pVM;
SquirrelFunctions.pushroottable(pVM);
SquirrelFunctions.pushstring(pVM, "MY_TEST_NUMBER", -1);
SquirrelFunctions.pushinteger(pVM, 123);
SquirrelFunctions.newslot(pVM, -3, 0);
SquirrelFunctions.pop(pVM, 1);
//var list = new Dictionary<string, SquirrelFuncDelegate>(UnregisteredFunction);
//UnregisteredFunction.Clear();
//foreach (var entry in list)
//{
// SquirrelHelper.RegisterGlobalFunction(entry.Key, entry.Value);
//}
if (OnSquirrelCreated != null)
{
OnSquirrelCreated(pVM);
OnSquirrelCreated = null;
}
}
internal object GetProviderListProperty(EventLogHandle providerHandle, UnsafeNativeMethods.EvtPublisherMetadataPropertyId metadataProperty)
{
EventLogHandle elHandle = EventLogHandle.Zero;
try
{
UnsafeNativeMethods.EvtPublisherMetadataPropertyId propName;
UnsafeNativeMethods.EvtPublisherMetadataPropertyId propValue;
UnsafeNativeMethods.EvtPublisherMetadataPropertyId propMessageId;
ObjectTypeName objectTypeName;
List <EventLevel> levelList = null;
List <EventOpcode> opcodeList = null;
List <EventKeyword> keywordList = null;
List <EventTask> taskList = null;
elHandle = NativeWrapper.EvtGetPublisherMetadataPropertyHandle(providerHandle, metadataProperty);
int arraySize = NativeWrapper.EvtGetObjectArraySize(elHandle);
switch (metadataProperty)
{
case UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataLevels:
propName = UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataLevelName;
propValue = UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataLevelValue;
propMessageId = UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataLevelMessageID;
objectTypeName = ObjectTypeName.Level;
levelList = new List <EventLevel>(arraySize);
break;
case UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataOpcodes:
propName = UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataOpcodeName;
propValue = UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataOpcodeValue;
propMessageId = UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataOpcodeMessageID;
objectTypeName = ObjectTypeName.Opcode;
opcodeList = new List <EventOpcode>(arraySize);
break;
case UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataKeywords:
propName = UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataKeywordName;
propValue = UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataKeywordValue;
propMessageId = UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataKeywordMessageID;
objectTypeName = ObjectTypeName.Keyword;
keywordList = new List <EventKeyword>(arraySize);
break;
case UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataTasks:
propName = UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataTaskName;
propValue = UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataTaskValue;
propMessageId = UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataTaskMessageID;
objectTypeName = ObjectTypeName.Task;
taskList = new List <EventTask>(arraySize);
break;
default:
return(null);
}
for (int index = 0; index < arraySize; index++)
{
string generalName = (string)NativeWrapper.EvtGetObjectArrayProperty(elHandle, index, (int)propName);
uint generalValue = 0;
long generalValueKeyword = 0;
if (objectTypeName != ObjectTypeName.Keyword)
{
generalValue = (uint)NativeWrapper.EvtGetObjectArrayProperty(elHandle, index, (int)propValue);
}
else
{
generalValueKeyword = unchecked ((long)((ulong)NativeWrapper.EvtGetObjectArrayProperty(elHandle, index, (int)propValue)));
}
int generalMessageId = unchecked ((int)((uint)NativeWrapper.EvtGetObjectArrayProperty(elHandle, index, (int)propMessageId)));
string generalDisplayName = null;
if (generalMessageId == -1)
{
if (providerHandle != _defaultProviderHandle)
{
if (_defaultProviderHandle.IsInvalid)
{
_defaultProviderHandle = NativeWrapper.EvtOpenProviderMetadata(_session.Handle, null, null, 0, 0);
}
switch (objectTypeName)
{
case ObjectTypeName.Level:
generalDisplayName = FindStandardLevelDisplayName(generalName, generalValue);
break;
case ObjectTypeName.Opcode:
generalDisplayName = FindStandardOpcodeDisplayName(generalName, generalValue >> 16);
break;
case ObjectTypeName.Keyword:
generalDisplayName = FindStandardKeywordDisplayName(generalName, generalValueKeyword);
break;
case ObjectTypeName.Task:
generalDisplayName = FindStandardTaskDisplayName(generalName, generalValue);
break;
default:
generalDisplayName = null;
break;
}
}
}
else
{
generalDisplayName = NativeWrapper.EvtFormatMessage(providerHandle, unchecked ((uint)generalMessageId));
}
switch (objectTypeName)
{
case ObjectTypeName.Level:
levelList.Add(new EventLevel(generalName, (int)generalValue, generalDisplayName));
break;
case ObjectTypeName.Opcode:
opcodeList.Add(new EventOpcode(generalName, (int)(generalValue >> 16), generalDisplayName));
break;
case ObjectTypeName.Keyword:
keywordList.Add(new EventKeyword(generalName, (long)generalValueKeyword, generalDisplayName));
break;
case ObjectTypeName.Task:
Guid taskGuid = (Guid)NativeWrapper.EvtGetObjectArrayProperty(elHandle, index, (int)UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataTaskEventGuid);
taskList.Add(new EventTask(generalName, (int)generalValue, generalDisplayName, taskGuid));
break;
default:
return(null);
}
}
switch (objectTypeName)
{
case ObjectTypeName.Level:
return(levelList);
case ObjectTypeName.Opcode:
return(opcodeList);
case ObjectTypeName.Keyword:
return(keywordList);
case ObjectTypeName.Task:
return(taskList);
}
return(null);
}
finally
{
elHandle.Dispose();
}
}
public int TranslateAccelerator(ref NativeWrapper.MSG msg, ref Guid group, int nCmdID)
{
if (msg.message != WM_CHAR)
{
if (ModifierKeys == Keys.Shift || ModifierKeys == Keys.Alt || ModifierKeys == Keys.Control)
{
int num = ((int) msg.wParam) | (int) ModifierKeys;
Shortcut s = (Shortcut) num;
if (shortcutBlacklist.Contains(s))
{
return S_OK;
}
}
}
return S_FALSE;
}
public int GetDropTarget(NativeWrapper.IOleDropTarget pDropTarget, out NativeWrapper.IOleDropTarget ppDropTarget)
{
ppDropTarget = null;
return S_OK;
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
var filename = Marshal.PtrToStringAnsi(env.GetParameterP(0));
CompileFileInjectionManager.BeforeCompileFile(filename);
}
private AccountDump GetDump()
{
var process = IsRaidRunning();
if (process == null)
{
return(null);
}
if (!CheckRaidVersion(process))
{
return(null);
}
var handle = NativeWrapper.OpenProcess(ProcessAccessFlags.Read, true, process.Id);
try
{
var gameAssembly = GetRaidAssembly(process);
var klass = IntPtr.Zero;
NativeWrapper.ReadProcessMemory(handle, gameAssembly.BaseAddress + MemoryLocation, ref klass);
var appModel = klass;
NativeWrapper.ReadProcessMemory(handle, appModel + 0x18, ref appModel);
NativeWrapper.ReadProcessMemory(handle, appModel + 0xC0, ref appModel);
NativeWrapper.ReadProcessMemory(handle, appModel + 0x0, ref appModel);
NativeWrapper.ReadProcessMemory(handle, appModel + 0xB8, ref appModel);
NativeWrapper.ReadProcessMemory(handle, appModel + 0x8, ref appModel);
var userWrapper = appModel;
NativeWrapper.ReadProcessMemory(handle, userWrapper + 0x148, ref userWrapper); // AppModel._userWrapper
var heroesWrapper = userWrapper;
NativeWrapper.ReadProcessMemory(handle, heroesWrapper + 0x28, ref heroesWrapper); // UserWrapper.Heroes
var artifactsPointer = heroesWrapper;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x40, ref artifactsPointer); // HeroesWrapperReadOnly.ArtifactData
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x28, ref artifactsPointer); // UserArtifactData.Artifacts
var artifactCount = 0;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x18, ref artifactCount); // List<Artifact>.Count
var pointers = new List <IntPtr>();
if (artifactCount > 0)
{
var arrayPointer = artifactsPointer;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x10, ref arrayPointer); // List<Artifact>._array
var ptrs = new IntPtr[artifactCount];
NativeWrapper.ReadProcessMemoryArray(handle, arrayPointer + 0x20, ptrs);
pointers.AddRange(ptrs);
}
if (artifactCount == 0)
{
// This means it's in external storage instead which is in a concurrent dictionary (teh sucks)
NativeWrapper.ReadProcessMemory(handle, gameAssembly.BaseAddress + ExternalStorageAddress, ref klass);
var artifactStorageResolver = klass;
NativeWrapper.ReadProcessMemory(handle, artifactStorageResolver + 0xB8, ref artifactStorageResolver); // ArtifactStorageResolver-StaticFields
NativeWrapper.ReadProcessMemory(handle, artifactStorageResolver, ref artifactStorageResolver); // ArtifactStorageResolver-StaticFields._implementation
var state = artifactStorageResolver;
NativeWrapper.ReadProcessMemory(handle, state + 0x10, ref state); // ExternalArtifactsStorage._state
artifactsPointer = state;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x18, ref artifactsPointer); // _state._artifacts
var buckets = artifactsPointer;
NativeWrapper.ReadProcessMemory(handle, buckets + 0x10, ref buckets); // ConcurrentDictionary._tables
NativeWrapper.ReadProcessMemory(handle, buckets + 0x10, ref buckets); // _tables._buckets
var bucketCount = 0;
NativeWrapper.ReadProcessMemory(handle, buckets + 0x18, ref bucketCount);
var nodes = new IntPtr[bucketCount];
if (bucketCount > 0)
{
NativeWrapper.ReadProcessMemoryArray(handle, buckets + 0x20, nodes);
}
for (var i = 0; i < nodes.Length; i++)
{
var node = nodes[i];
while (node != IntPtr.Zero)
{
var pointer = node;
NativeWrapper.ReadProcessMemory(handle, pointer + 0x18, ref pointer); // Node.m_value
if (pointer != IntPtr.Zero)
{
pointers.Add(pointer);
}
NativeWrapper.ReadProcessMemory(handle, node + 0x20, ref node); // Node.m_next
}
}
}
var artifacts = new List <Artifact>();
var artifactStruct = new ArtifactStruct();
var artifactBonusStruct = new ArtifactBonusStruct();
var bonusValueStruct = new BonusValueStruct();
foreach (var pointer in pointers)
{
NativeWrapper.ReadProcessMemory(handle, pointer, ref artifactStruct);
NativeWrapper.ReadProcessMemory(handle, artifactStruct.PrimaryBonus, ref artifactBonusStruct);
NativeWrapper.ReadProcessMemory(handle, artifactBonusStruct.Value, ref bonusValueStruct);
var artifact = new Artifact
{
Id = artifactStruct.Id,
SellPrice = artifactStruct.SellPrice,
Price = artifactStruct.Price,
Level = artifactStruct.Level,
IsActivated = artifactStruct.IsActivated,
Kind = artifactStruct.KindId.ToString(),
Rank = artifactStruct.RankId.ToString(),
Rarity = artifactStruct.RarityId.ToString(),
SetKind = artifactStruct.SetKindId.ToString(),
IsSeen = artifactStruct.IsSeen,
FailedUpgrades = artifactStruct.FailedUpgrades
};
if (artifactStruct.RequiredFraction != HeroFraction.Unknown)
{
artifact.RequiredFraction = artifactStruct.RequiredFraction.ToString();
}
artifact.PrimaryBonus = new ArtifactBonus
{
Kind = artifactBonusStruct.KindId.ToString(),
IsAbsolute = bonusValueStruct.IsAbsolute,
Value = (float)Math.Round(bonusValueStruct.Value / (double)uint.MaxValue, 2),
};
var bonusesPointer = artifactStruct.SecondaryBonuses;
var bonusCount = 0;
NativeWrapper.ReadProcessMemory(handle, bonusesPointer + 0x18, ref bonusCount);
NativeWrapper.ReadProcessMemory(handle, bonusesPointer + 0x10, ref bonusesPointer);
artifact.SecondaryBonuses = new List <ArtifactBonus>();
var bonuses = new IntPtr[bonusCount];
if (bonusCount > 0)
{
NativeWrapper.ReadProcessMemoryArray(handle, bonusesPointer + 0x20, bonuses, 0, bonuses.Length);
}
foreach (var bonusPointer in bonuses)
{
NativeWrapper.ReadProcessMemory(handle, bonusPointer, ref artifactBonusStruct);
NativeWrapper.ReadProcessMemory(handle, artifactBonusStruct.Value, ref bonusValueStruct);
var bonus = new ArtifactBonus
{
Kind = artifactBonusStruct.KindId.ToString(),
IsAbsolute = bonusValueStruct.IsAbsolute,
Value = (float)Math.Round(bonusValueStruct.Value / (double)uint.MaxValue, 2),
Enhancement = (float)Math.Round(artifactBonusStruct.PowerUpValue / (double)uint.MaxValue, 2),
Level = artifactBonusStruct.Level
};
artifact.SecondaryBonuses.Add(bonus);
}
artifacts.Add(artifact);
}
var heroesDataPointer = heroesWrapper;
NativeWrapper.ReadProcessMemory(handle, heroesDataPointer + 0x38, ref heroesDataPointer); // HeroesWrapperReadOnly.HeroData
NativeWrapper.ReadProcessMemory(handle, heroesDataPointer + 0x18, ref heroesDataPointer); // UserHeroData.HeroById
var count = 0;
NativeWrapper.ReadProcessMemory(handle, heroesDataPointer + 0x20, ref count); // Dictionary<int, Hero>.Count
NativeWrapper.ReadProcessMemory(handle, heroesDataPointer + 0x18, ref heroesDataPointer); // Dictionary<int, Hero>.entries
var heroStruct = new HeroStruct();
var heroMasteriesStruct = new HeroMasteryDataStruct();
var heroesById = new Dictionary <int, Hero>();
var heroes = new List <Hero>();
for (var i = 0; i < count; i++)
{
// Array of Dictionary-entry structs which are 0x18 in size (but we only need hero pointer)
var heroPointer = heroesDataPointer + 0x30 + 0x18 * i;
NativeWrapper.ReadProcessMemory(handle, heroPointer, ref heroPointer);
NativeWrapper.ReadProcessMemory(handle, heroPointer, ref heroStruct);
heroMasteriesStruct.Masteries = IntPtr.Zero;
NativeWrapper.ReadProcessMemory(handle, heroStruct.MasteryData, ref heroMasteriesStruct);
var hero = new Hero
{
Id = heroStruct.Id,
TypeId = heroStruct.TypeId,
Grade = heroStruct.Grade.ToString(),
Level = heroStruct.Level,
Experience = heroStruct.Experience,
FullExperience = heroStruct.FullExperience,
Locked = heroStruct.Locked,
InStorage = heroStruct.InStorage,
Masteries = new List <int>(),
};
var masteriesPtr = heroMasteriesStruct.Masteries;
var masteryCount = 0;
if (heroStruct.MasteryData != IntPtr.Zero && masteriesPtr != IntPtr.Zero)
{
NativeWrapper.ReadProcessMemory(handle, masteriesPtr + 0x18, ref masteryCount);
NativeWrapper.ReadProcessMemory(handle, masteriesPtr + 0x10, ref masteriesPtr);
}
var masteries = new int[masteryCount];
if (masteryCount > 0)
{
NativeWrapper.ReadProcessMemoryArray(handle, masteriesPtr + 0x20, masteries, 0, masteries.Length);
}
hero.Masteries.AddRange(masteries);
if (_heroTypeById.TryGetValue(hero.TypeId, out var heroType))
{
hero.Name = heroType.Name;
hero.Fraction = heroType.Fraction;
hero.Element = heroType.Element;
hero.Rarity = heroType.Rarity;
hero.Role = heroType.Role;
hero.AwakenLevel = heroType.AwakeLevel;
hero.Accuracy = heroType.Accuracy;
hero.Attack = heroType.Attack;
hero.Defense = heroType.Defense;
hero.Health = heroType.Health;
hero.Speed = heroType.Speed;
hero.Resistance = heroType.Resistance;
hero.CriticalChance = heroType.CriticalChance;
hero.CriticalDamage = heroType.CriticalDamage;
hero.CriticalHeal = heroType.CriticalHeal;
}
var multiplier = _multipliers.FirstOrDefault(m => m.Stars == hero.Grade && m.Level == hero.Level);
if (multiplier != null)
{
hero.Attack = (int)Math.Round(hero.Attack * multiplier.Multiplier);
hero.Defense = (int)Math.Round(hero.Defense * multiplier.Multiplier);
hero.Health = (int)Math.Round(hero.Health * multiplier.Multiplier) * 15;
}
heroes.Add(hero);
heroesById[heroStruct.Id] = hero;
}
var artifactsByHeroIdPtr = heroesWrapper;
NativeWrapper.ReadProcessMemory(handle, artifactsByHeroIdPtr + 0x40, ref artifactsByHeroIdPtr); // HeroesWrapperReadOnly.ArtifactData
NativeWrapper.ReadProcessMemory(handle, artifactsByHeroIdPtr + 0x30, ref artifactsByHeroIdPtr); // UserArtifactData.ArtifactDataByHeroId
NativeWrapper.ReadProcessMemory(handle, artifactsByHeroIdPtr + 0x20, ref count);
NativeWrapper.ReadProcessMemory(handle, artifactsByHeroIdPtr + 0x18, ref artifactsByHeroIdPtr);
for (var i = 0; i < count; i++)
{
artifactsPointer = artifactsByHeroIdPtr + 0x30 + 0x18 * i;
var heroId = 0;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer - 8, ref heroId);
NativeWrapper.ReadProcessMemory(handle, artifactsPointer, ref artifactsPointer);
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x10, ref artifactsPointer);
artifactCount = 0;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x20, ref artifactCount);
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x18, ref artifactsPointer);
var arts = new List <int>();
for (var a = 0; a < artifactCount; a++)
{
var artifactId = 0;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x2C + 0x10 * a, ref artifactId);
arts.Add(artifactId);
}
if (heroesById.TryGetValue(heroId, out var hero))
{
hero.Artifacts = arts;
}
}
return(new AccountDump
{
Artifacts = artifacts,
Heroes = heroes
});
}
finally
{
NativeWrapper.CloseHandle(handle);
}
}
public void ClearLog(string logName, string backupPath)
{
ArgumentNullException.ThrowIfNull(logName);
NativeWrapper.EvtClearLog(this.Handle, logName, backupPath, 0);
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
CompileFileCall c = new CompileFileCall();
if (SquirrelFunctions.getstackobj(SquirrelInjectorPlugin.SquirrelVM, -1, out c.Table) == 0)
{
c.FileName = Marshal.PtrToStringAnsi(env.GetParameterP(0));
_CallStack.Push(c);
}
}
void OnDestroy()
{
NativeWrapper.StopThread();
}
public void CancelReading()
{
NativeWrapper.EvtCancel(_handle);
}
protected override bool ReleaseHandle()
{
NativeWrapper.EvtClose(handle);
handle = IntPtr.Zero;
return(true);
}
// Use this for initialization
void Start()
{
_text = GetComponent <Text> ();
cntCallback = new Dispatcher.Callback(ShowCount);
NativeWrapper.StartThread(cntCallback);
}
private AccountDump GetDump()
{
var process = Process.GetProcessesByName("Raid").FirstOrDefault();
if (process == null)
{
MessageBox.Show("Raid needs to be running before running RaidExtractor", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
return(null);
}
if (!process.MainModule.FileName.Contains("\\224\\"))
{
MessageBox.Show("Raid has been updated and needs a newer version of RaidExtractor", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
return(null);
}
var handle = NativeWrapper.OpenProcess(ProcessAccessFlags.Read, true, process.Id);
try
{
var gameAssembly = process.Modules.OfType <ProcessModule>().FirstOrDefault(m => m.ModuleName == "GameAssembly.dll");
if (gameAssembly == null)
{
MessageBox.Show("Unable to locate GameAssembly.dll in memory", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
return(null);
}
//
var klass = IntPtr.Zero;
NativeWrapper.ReadProcessMemory(handle, gameAssembly.BaseAddress + 50069800, ref klass);
var appModel = klass;
NativeWrapper.ReadProcessMemory(handle, appModel + 0x18, ref appModel);
NativeWrapper.ReadProcessMemory(handle, appModel + 0xC0, ref appModel);
NativeWrapper.ReadProcessMemory(handle, appModel + 0x0, ref appModel);
NativeWrapper.ReadProcessMemory(handle, appModel + 0xB8, ref appModel);
NativeWrapper.ReadProcessMemory(handle, appModel + 0x8, ref appModel);
var userWrapper = appModel;
NativeWrapper.ReadProcessMemory(handle, userWrapper + 0x150, ref userWrapper); // AppModel._userWrapper
var heroesWrapper = userWrapper;
NativeWrapper.ReadProcessMemory(handle, heroesWrapper + 0x28, ref heroesWrapper); // UserWrapper.Heroes
var artifactsPointer = heroesWrapper;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x40, ref artifactsPointer); // HeroesWrapperReadOnly.ArtifactData
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x20, ref artifactsPointer); // UserArtifactData.Artifacts
var artifactCount = 0;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x18, ref artifactCount); // List<Artifact>.Count
var arrayPointer = artifactsPointer;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x10, ref arrayPointer); // List<Artifact>._array
var pointers = new IntPtr[artifactCount + 1];
NativeWrapper.ReadProcessMemoryArray(handle, arrayPointer + 0x20, pointers);
var artifacts = new List <Artifact>();
var artifactStruct = new ArtifactStruct();
var artifactBonusStruct = new ArtifactBonusStruct();
var bonusValueStruct = new BonusValueStruct();
foreach (var pointer in pointers)
{
NativeWrapper.ReadProcessMemory(handle, pointer, ref artifactStruct);
NativeWrapper.ReadProcessMemory(handle, artifactStruct.PrimaryBonus, ref artifactBonusStruct);
NativeWrapper.ReadProcessMemory(handle, artifactBonusStruct.Value, ref bonusValueStruct);
var artifact = new Artifact
{
Id = artifactStruct.Id,
SellPrice = artifactStruct.SellPrice,
Price = artifactStruct.Price,
Level = artifactStruct.Level,
IsActivated = artifactStruct.IsActivated,
Kind = artifactStruct.KindId.ToString(),
Rank = artifactStruct.RankId.ToString(),
Rarity = artifactStruct.RarityId.ToString(),
SetKind = artifactStruct.SetKindId.ToString(),
IsSeen = artifactStruct.IsSeen,
FailedUpgrades = artifactStruct.FailedUpgrades
};
if (artifactStruct.RequiredFraction != HeroFraction.Unknown)
{
artifact.RequiredFraction = artifactStruct.RequiredFraction.ToString();
}
artifact.PrimaryBonus = new ArtifactBonus
{
Kind = artifactBonusStruct.KindId.ToString(),
IsAbsolute = bonusValueStruct.IsAbsolute,
Value = (float)Math.Round(bonusValueStruct.Value / (double)uint.MaxValue, 2),
};
var bonusesPointer = artifactStruct.SecondaryBonuses;
var bonusCount = 0;
NativeWrapper.ReadProcessMemory(handle, bonusesPointer + 0x18, ref bonusCount);
NativeWrapper.ReadProcessMemory(handle, bonusesPointer + 0x10, ref bonusesPointer);
artifact.SecondaryBonuses = new List <ArtifactBonus>();
var bonuses = new IntPtr[bonusCount];
if (bonusCount > 0)
{
NativeWrapper.ReadProcessMemoryArray(handle, bonusesPointer + 0x20, bonuses, 0, bonuses.Length);
}
foreach (var bonusPointer in bonuses)
{
NativeWrapper.ReadProcessMemory(handle, bonusPointer, ref artifactBonusStruct);
NativeWrapper.ReadProcessMemory(handle, artifactBonusStruct.Value, ref bonusValueStruct);
var bonus = new ArtifactBonus
{
Kind = artifactBonusStruct.KindId.ToString(),
IsAbsolute = bonusValueStruct.IsAbsolute,
Value = (float)Math.Round(bonusValueStruct.Value / (double)uint.MaxValue, 2),
Enhancement = (float)Math.Round(artifactBonusStruct.PowerUpValue / (double)uint.MaxValue, 2),
Level = artifactBonusStruct.Level
};
artifact.SecondaryBonuses.Add(bonus);
}
artifacts.Add(artifact);
}
var heroesDataPointer = heroesWrapper;
NativeWrapper.ReadProcessMemory(handle, heroesDataPointer + 0x38, ref heroesDataPointer); // HeroesWrapperReadOnly.HeroData
NativeWrapper.ReadProcessMemory(handle, heroesDataPointer + 0x18, ref heroesDataPointer); // UserHeroData.HeroById
var count = 0;
NativeWrapper.ReadProcessMemory(handle, heroesDataPointer + 0x20, ref count); // Dictionary<int, Hero>.Count
NativeWrapper.ReadProcessMemory(handle, heroesDataPointer + 0x18, ref heroesDataPointer); // Dictionary<int, Hero>.entries
var heroStruct = new HeroStruct();
var heroesById = new Dictionary <int, Hero>();
var heroes = new List <Hero>();
for (var i = 0; i < count; i++)
{
// Array of Dictionary-entry structs which are 0x18 in size (but we only need hero pointer)
var heroPointer = heroesDataPointer + 0x30 + 0x18 * i;
NativeWrapper.ReadProcessMemory(handle, heroPointer, ref heroPointer);
NativeWrapper.ReadProcessMemory(handle, heroPointer, ref heroStruct);
var hero = new Hero
{
Id = heroStruct.Id,
TypeId = heroStruct.TypeId,
Grade = heroStruct.Grade.ToString(),
Level = heroStruct.Level,
Experience = heroStruct.Experience,
FullExperience = heroStruct.FullExperience,
Locked = heroStruct.Locked,
InStorage = heroStruct.InStorage
};
if (_heroTypeById.TryGetValue(hero.TypeId, out var heroType))
{
hero.Name = heroType.Name;
hero.Fraction = heroType.Fraction;
hero.Element = heroType.Element;
hero.Rarity = heroType.Rarity;
hero.Role = heroType.Role;
hero.AwakenLevel = heroType.AwakeLevel;
hero.Accuracy = heroType.Accuracy;
hero.Attack = heroType.Attack;
hero.Defense = heroType.Defense;
hero.Health = heroType.Health;
hero.Speed = heroType.Speed;
hero.Resistance = heroType.Resistance;
hero.CriticalChance = heroType.CriticalChance;
hero.CriticalDamage = heroType.CriticalDamage;
hero.CriticalHeal = heroType.CriticalHeal;
}
var multiplier = _multipliers.FirstOrDefault(m => m.Stars == hero.Grade && m.Level == hero.Level);
if (multiplier != null)
{
hero.Attack = (int)(hero.Attack * multiplier.Multiplier);
hero.Defense = (int)(hero.Defense * multiplier.Multiplier);
hero.Health = (int)(hero.Health * multiplier.Multiplier) * 15;
}
heroes.Add(hero);
heroesById[heroStruct.Id] = hero;
}
var artifactsByHeroIdPtr = heroesWrapper;
NativeWrapper.ReadProcessMemory(handle, artifactsByHeroIdPtr + 0x40, ref artifactsByHeroIdPtr); // HeroesWrapperReadOnly.ArtifactData
NativeWrapper.ReadProcessMemory(handle, artifactsByHeroIdPtr + 0x28, ref artifactsByHeroIdPtr); // UserArtifactData.ArtifactDataByHeroId
NativeWrapper.ReadProcessMemory(handle, artifactsByHeroIdPtr + 0x20, ref count);
NativeWrapper.ReadProcessMemory(handle, artifactsByHeroIdPtr + 0x18, ref artifactsByHeroIdPtr);
for (var i = 0; i < count; i++)
{
artifactsPointer = artifactsByHeroIdPtr + 0x30 + 0x18 * i;
var heroId = 0;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer - 8, ref heroId);
NativeWrapper.ReadProcessMemory(handle, artifactsPointer, ref artifactsPointer);
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x10, ref artifactsPointer);
artifactCount = 0;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x20, ref artifactCount);
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x18, ref artifactsPointer);
var arts = new List <int>();
for (var a = 0; a < artifactCount; a++)
{
var artifactId = 0;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x2C + 0x10 * a, ref artifactId);
arts.Add(artifactId);
}
if (heroesById.TryGetValue(heroId, out var hero))
{
hero.Artifacts = arts;
}
}
return(new AccountDump
{
Artifacts = artifacts,
Heroes = heroes
});
}
finally
{
NativeWrapper.CloseHandle(handle);
}
}
internal object GetProviderListProperty(EventLogHandle providerHandle, Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId metadataProperty)
{
object obj2;
EventLogHandle zero = EventLogHandle.Zero;
EventLogPermissionHolder.GetEventLogPermission().Demand();
try
{
Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId evtPublisherMetadataOpcodeName;
Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId evtPublisherMetadataOpcodeValue;
Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId evtPublisherMetadataOpcodeMessageID;
ObjectTypeName opcode;
List <EventLevel> list = null;
List <EventOpcode> list2 = null;
List <EventKeyword> list3 = null;
List <EventTask> list4 = null;
zero = NativeWrapper.EvtGetPublisherMetadataPropertyHandle(providerHandle, metadataProperty);
int capacity = NativeWrapper.EvtGetObjectArraySize(zero);
switch (metadataProperty)
{
case Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataOpcodes:
evtPublisherMetadataOpcodeName = Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataOpcodeName;
evtPublisherMetadataOpcodeValue = Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataOpcodeValue;
evtPublisherMetadataOpcodeMessageID = Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataOpcodeMessageID;
opcode = ObjectTypeName.Opcode;
list2 = new List <EventOpcode>(capacity);
break;
case Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataKeywords:
evtPublisherMetadataOpcodeName = Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataKeywordName;
evtPublisherMetadataOpcodeValue = Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataKeywordValue;
evtPublisherMetadataOpcodeMessageID = Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataKeywordMessageID;
opcode = ObjectTypeName.Keyword;
list3 = new List <EventKeyword>(capacity);
break;
case Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataLevels:
evtPublisherMetadataOpcodeName = Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataLevelName;
evtPublisherMetadataOpcodeValue = Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataLevelValue;
evtPublisherMetadataOpcodeMessageID = Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataLevelMessageID;
opcode = ObjectTypeName.Level;
list = new List <EventLevel>(capacity);
break;
case Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataTasks:
evtPublisherMetadataOpcodeName = Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataTaskName;
evtPublisherMetadataOpcodeValue = Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataTaskValue;
evtPublisherMetadataOpcodeMessageID = Microsoft.Win32.UnsafeNativeMethods.EvtPublisherMetadataPropertyId.EvtPublisherMetadataTaskMessageID;
opcode = ObjectTypeName.Task;
list4 = new List <EventTask>(capacity);
break;
default:
return(null);
}
for (int i = 0; i < capacity; i++)
{
string name = (string)NativeWrapper.EvtGetObjectArrayProperty(zero, i, (int)evtPublisherMetadataOpcodeName);
uint num3 = 0;
long num4 = 0L;
if (opcode != ObjectTypeName.Keyword)
{
num3 = (uint)NativeWrapper.EvtGetObjectArrayProperty(zero, i, (int)evtPublisherMetadataOpcodeValue);
}
else
{
num4 = (long)((ulong)NativeWrapper.EvtGetObjectArrayProperty(zero, i, (int)evtPublisherMetadataOpcodeValue));
}
int num5 = (int)((uint)NativeWrapper.EvtGetObjectArrayProperty(zero, i, (int)evtPublisherMetadataOpcodeMessageID));
string displayName = null;
if (num5 == -1)
{
if (providerHandle != this.defaultProviderHandle)
{
if (this.defaultProviderHandle.IsInvalid)
{
this.defaultProviderHandle = NativeWrapper.EvtOpenProviderMetadata(this.session.Handle, null, null, this.cultureInfo.LCID, 0);
}
switch (opcode)
{
case ObjectTypeName.Level:
displayName = this.FindStandardLevelDisplayName(name, num3);
goto Label_01BA;
case ObjectTypeName.Opcode:
displayName = this.FindStandardOpcodeDisplayName(name, num3 >> 0x10);
goto Label_01BA;
case ObjectTypeName.Task:
displayName = this.FindStandardTaskDisplayName(name, num3);
goto Label_01BA;
case ObjectTypeName.Keyword:
displayName = this.FindStandardKeywordDisplayName(name, num4);
goto Label_01BA;
}
displayName = null;
}
}
else
{
displayName = NativeWrapper.EvtFormatMessage(providerHandle, (uint)num5);
}
Label_01BA:
switch (opcode)
{
case ObjectTypeName.Level:
list.Add(new EventLevel(name, (int)num3, displayName));
break;
case ObjectTypeName.Opcode:
list2.Add(new EventOpcode(name, (int)(num3 >> 0x10), displayName));
break;
case ObjectTypeName.Task:
{
Guid guid = (Guid)NativeWrapper.EvtGetObjectArrayProperty(zero, i, 0x12);
list4.Add(new EventTask(name, (int)num3, displayName, guid));
break;
}
case ObjectTypeName.Keyword:
list3.Add(new EventKeyword(name, num4, displayName));
break;
default:
return(null);
}
}
switch (opcode)
{
case ObjectTypeName.Level:
return(list);
case ObjectTypeName.Opcode:
return(list2);
case ObjectTypeName.Task:
return(list4);
case ObjectTypeName.Keyword:
return(list3);
}
obj2 = null;
}
finally
{
zero.Close();
}
return(obj2);
}
public override string ToXml()
{
char[] renderBuffer = GC.AllocateUninitializedArray <char>(2000);
return(NativeWrapper.EvtRenderXml(EventLogHandle.Zero, Handle, renderBuffer));
}
public void CancelCurrentOperations()
{
NativeWrapper.EvtCancel(Handle);
}
public IList <object> GetPropertyValues(EventLogPropertySelector propertySelector)
{
ArgumentNullException.ThrowIfNull(propertySelector);
return(NativeWrapper.EvtRenderBufferWithContextUserOrValues(propertySelector.Handle, Handle));
}
public void ExportLogAndMessages(string path, PathType pathType, string query, string targetFilePath, bool tolerateQueryErrors, CultureInfo targetCultureInfo)
{
ExportLog(path, pathType, query, targetFilePath, tolerateQueryErrors);
// Ignore the CultureInfo, pass 0 to use the calling thread's locale
NativeWrapper.EvtArchiveExportedLog(this.Handle, targetFilePath, 0, 0);
}
public SoulsMemoryHandler(Process gameProcess)
{
this.gameProcess = gameProcess;
this.memoryHandle = NativeWrapper.OpenProcess(ProcessAccessFlags.ReadWrite, gameProcess.Id);
}
public void Seek(SeekOrigin origin, long offset)
{
EventLogPermissionHolder.GetEventLogPermission().Demand();
switch (origin)
{
case SeekOrigin.Begin:
SeekReset();
NativeWrapper.EvtSeek(this.handle, offset, EventLogHandle.Zero, 0, UnsafeNativeMethods.EvtSeekFlags.EvtSeekRelativeToFirst);
return;
case SeekOrigin.End:
SeekReset();
NativeWrapper.EvtSeek(this.handle, offset, EventLogHandle.Zero, 0, UnsafeNativeMethods.EvtSeekFlags.EvtSeekRelativeToLast);
return;
case SeekOrigin.Current:
if (offset >= 0)
{
//we can reuse elements in the batch.
if (this.currentIndex + offset < this.eventCount)
{
//
// We don't call Seek here, we can reposition within the batch.
//
// close all event handles between [currentIndex, currentIndex + offset)
int index = this.currentIndex;
while (index < this.currentIndex + offset)
{
NativeWrapper.EvtClose(eventsBuffer[index]);
index++;
}
this.currentIndex = (int)(this.currentIndex + offset);
//leave the eventCount unchanged
//leave the same Eof
}
else
{
SeekCommon(offset);
}
}
else
{
//if inside the current buffer, we still cannot read the events, as the handles.
//may have already been closed.
if (currentIndex + offset >= 0)
{
SeekCommon(offset);
}
else //outside the current buffer
{
SeekCommon(offset);
}
}
return;
}
}
public bool WriteProcessMemoryArray <T>(IntPtr baseAddress, T[] buffer) where T : unmanaged
{
return(NativeWrapper.WriteProcessMemoryArray(memoryHandle, baseAddress, buffer));
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
var c = _CallStack.Pop();
CompileFileInjectionManager.AfterCompileFile(c.FileName, ref c.Table);
}
public static void Main(string[] args)
{
// process start object
ProcessStart ps = null;
try
{
// if no parameters or help was provided
if (args.Length == 0 ||
Array.Exists <string>(args, delegate(string s)
{
return(s.ToLowerInvariant() == CommandSwitches.HELP);
}))
{
ShowUsageInfo();
Environment.Exit(args.Length == 1 ? ExitCodes.OK : ExitCodes.NO_PARAMETERS);
}
// get prepared startup parameters
ProgramStartupParameters param = new ProgramStartupParameters(args);
// ensure correct logging targets as given per arguments
// do this before all other stuff, so we can ensure that these loggings are
// activated if errors occur.
LogFactory.InitConfiguration(param);
// without knowledge of the current user, we exit here
WindowsIdentity currentUser = WindowsIdentity.GetCurrent();
if (currentUser == null)
{
log.Fatal("Could not retrieve current user information.");
Program.Exit(ExitCodes.ERROR_RETRIEVING_CURRENT_USER);
}
log.Info("RunAsUser started execution by [{0}] on {1} with arguments [{2}]", currentUser.Name, DateTime.Now.ToString("G"), string.Join(" ", args));
// if terminal server detected
// TODO: check if impersonation influences this behavior
if (RunningOnTerminalServer)
{
log.Fatal("This tool cannot be run under Terminal Server environment!");
Program.Exit(ExitCodes.TERMINAL_SERVER_DETECTED);
}
// create and initialize processstart object
// check if user credential informations are given per username and password
if (param.CredentialMode == ProcessCredentialMode.Username)
{
log.Info("Username and Password have been provided for creating primary access token. Username:[{0}]", string.IsNullOrEmpty(param.Userdomain) ? param.Username : string.Format("{0}\\{1}", param.Userdomain, param.Username));
ps = new ProcessStart(param.Username, param.UserPassword, param.Userdomain);
}
else if (param.CredentialMode == ProcessCredentialMode.LoggedOnUser)
{
string usedProcessName = param.AccessTokenProcessName.Trim();
if (usedProcessName[usedProcessName.Length - 4] == '.')
{
usedProcessName = usedProcessName.Substring(0, usedProcessName.Length - 4);
}
log.Info("Process will be started using primary access token of first process found called [{0}].", usedProcessName);
// find all processes
Process[] accessTokenProcesses = Process.GetProcessesByName(usedProcessName);
// if nothing found..error
if (accessTokenProcesses.Length == 0)
{
log.Fatal("No process called [{0}] could be found resulting that no primary access token can be used.", param.AccessTokenProcessName);
if (param.IgnoreNoUser)
{
log.Info("Conigured to exit OK although no user could be retrieved to execute process.");
Program.Exit(ExitCodes.OK);
}
else
{
Program.Exit(ExitCodes.OPEN_ACCESS_TOKEN_ACCESS_DENIED);
}
}
// With logged on user is meant, a user that has been logged on using winlogon.exe.
// Per default a process called "explorer"
// is used to retrieve the primary access token for the user that is to be used.
// Therefor the process that is running this code must have priviledges granted to PROCESS_QUERY_INFORMATION
// TODO: The current processes' privileges must be enusred to have SE_DEBUG_NAME and SE_TCB_NAME enabled.
// To do so following steps must be done:
// OpenProcessToken(Process.GetCurrentProcess().Handle, TOKEN_ADJUST_PRIVILEGES)
// LookupPrivilegeValue("SeDebugPrivilege")
// AdjustTokenPrivilege()
EnsureCurrentProcessDebugPrivilegeEnabled();
IntPtr tokenHandle = IntPtr.Zero;
Process p = null;
if (!string.IsNullOrEmpty(param.AccessTokenAccountName))
{
foreach (Process t in accessTokenProcesses)
{
bool result = NativeWrapper.OpenProcessToken(
t.Handle,
NativeWrapper.TOKEN_QUERY | NativeWrapper.TOKEN_DUPLICATE | NativeWrapper.TOKEN_ASSIGN_PRIMARY,
out tokenHandle);
if (!result)
{
log.Fatal("Error opening process token for process [PID:{0} Name:{1}]. Win32 error: {2}", p.Id, p.ProcessName, new Win32Exception(Marshal.GetLastWin32Error()).Message);
if (param.IgnoreNoUser)
{
log.Info("Configured to exit OK although no user could be retrieved to execute process.");
Program.Exit(ExitCodes.OK);
}
else
{
Program.Exit(ExitCodes.OPEN_ACCESS_TOKEN_ACCESS_DENIED);
}
}
else
{
WindowsIdentity id = new WindowsIdentity(tokenHandle);
if (string.Equals(id.Name, param.AccessTokenAccountName, StringComparison.InvariantCultureIgnoreCase))
{
p = t;
break;
}
}
}
if (p == null)
{
log.Fatal("No process called [{0}] could be found under account name [{1}].", param.AccessTokenProcessName, param.AccessTokenAccountName);
Program.Exit(ExitCodes.NO_ACCESS_TOKEN_PROCESS_RUNNING);
}
}
else
{
p = accessTokenProcesses[0];
bool result = NativeWrapper.OpenProcessToken(
p.Handle,
NativeWrapper.TOKEN_QUERY | NativeWrapper.TOKEN_DUPLICATE | NativeWrapper.TOKEN_ASSIGN_PRIMARY,
out tokenHandle);
if (!result)
{
log.Fatal("Error opening process token for process [PID:{0} Name:{1}]. Win32 error: {2}", p.Id, p.ProcessName, new Win32Exception(Marshal.GetLastWin32Error()).Message);
if (param.IgnoreNoUser)
{
log.Info("Configured to exit OK although no user could be retrieved to execute process.");
Program.Exit(ExitCodes.OK);
}
else
{
Program.Exit(ExitCodes.OPEN_ACCESS_TOKEN_ACCESS_DENIED);
}
}
}
ps = new ProcessStart(tokenHandle, true);
}
ps.CreateNoWindow = true;
ps.ProcessTimeout = param.ProcessTimeout;
ps.ProcessTimeoutAction = param.ProcessTimeoutAction;
ps.Interactive = !param.NoInteractiveLogon;
ps.LoadUserProfile = param.LoadUserProfile;
ps.WorkingDirectory = param.WorkingDirectory;
// start
int processStartResult = ps.Start(param.Commandline);
Program.Exit(processStartResult);
}
catch (Exception ex)
{
log.Fatal("Error while execution. Message: {0}", ex.Message);
Program.Exit(ExitCodes.ERROR_WHILE_EXECUTION);
}
finally
{
if (ps != null)
{
ps.Dispose();
}
}
}
public FileReader(NativeWrapper<FFmpeg.AVFormatContext> pFormatCtx)
{
this.pFormatCtx = pFormatCtx;
}
public void SaveChanges()
{
NativeWrapper.EvtSaveChannelConfig(_handle, 0);
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
//exit now
Environment.Exit(0);
}
public bool ReadProcessMemory <T>(IntPtr baseAddress, ref T buffer) where T : unmanaged
{
return(NativeWrapper.ReadProcessMemory(memoryHandle, baseAddress, ref buffer));
}
public int ShowUI(int dwID, NativeWrapper.IOleInPlaceActiveObject activeObject, NativeWrapper.IOleCommandTarget commandTarget, NativeWrapper.IOleInPlaceFrame frame, NativeWrapper.IOleInPlaceUIWindow doc)
{
return S_FALSE;
}
private static void EnsureCurrentProcessDebugPrivilegeEnabled()
{
IntPtr hToken = IntPtr.Zero;
NativeWrapper.LUID newLuid = new NativeWrapper.LUID();
NativeWrapper.TOKEN_PRIVILEGES newPrivilege = new NativeWrapper.TOKEN_PRIVILEGES();
try
{
bool result = NativeWrapper.OpenProcessToken(Process.GetCurrentProcess().Handle, NativeWrapper.TOKEN_ADJUST_PRIVILEGES, out hToken);
if (!result)
{
log.Fatal("Error ensuring currents' process access rights");
Program.Exit(ExitCodes.ERROR_WHILE_EXECUTION);
}
result = NativeWrapper.LookupPrivilegeValue(null, NativeWrapper.SE_DEBUG_NAME, out newLuid);
if (!result)
{
log.Fatal("Unable to determine LUID");
Program.Exit(ExitCodes.ERROR_WHILE_EXECUTION);
}
newPrivilege.PrivilegeCount = 1;
newPrivilege.Luid = newLuid;
newPrivilege.Attributes = NativeWrapper.SE_PRIVILEGE_ENABLED;
result = NativeWrapper.AdjustTokenPrivileges(
hToken,
false,
ref newPrivilege,
0,
IntPtr.Zero,
0);
if (!result)
{
log.Fatal("Error adjusting process privileges");
Program.Exit(ExitCodes.ERROR_WHILE_EXECUTION);
}
result = NativeWrapper.LookupPrivilegeValue(null, NativeWrapper.SE_TCB_NAME, out newLuid);
if (!result)
{
log.Fatal("Unable to determine LUID");
Program.Exit(ExitCodes.ERROR_WHILE_EXECUTION);
}
newPrivilege.PrivilegeCount = 1;
newPrivilege.Luid = newLuid;
newPrivilege.Attributes = NativeWrapper.SE_PRIVILEGE_ENABLED;
result = NativeWrapper.AdjustTokenPrivileges(
hToken,
false,
ref newPrivilege,
0,
IntPtr.Zero,
0);
if (!result)
{
log.Fatal("Error adjusting process privileges");
Program.Exit(ExitCodes.ERROR_WHILE_EXECUTION);
}
}
catch (Exception ex)
{
}
finally
{
if (hToken != IntPtr.Zero)
{
NativeWrapper.CloseHandle(hToken);
}
}
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
var p0 = env.GetParameterP(0);
var p1 = env.GetParameterP(1);
var p2 = env.GetParameterP(2);
var p3 = env.GetParameterP(3);
var ret = _Original(p0, p1, p2, p3);
env.SetReturnValue(ret);
if (!_Injected)
{
_Injected = true;
new InjectGetDeviceState().InjectSelf(Marshal.ReadIntPtr(p2));
}
}
public void Terminate()
{
NativeWrapper.CloseHandle(memoryHandle);
memoryHandle = (IntPtr)0;
}
public EventLogReader(EventLogQuery eventQuery, EventBookmark bookmark)
{
if (eventQuery == null)
{
throw new ArgumentNullException("eventQuery");
}
string logfile = null;
if (eventQuery.ThePathType == PathType.FilePath)
{
logfile = eventQuery.Path;
}
_cachedMetadataInformation = new ProviderMetadataCachedInformation(eventQuery.Session, logfile, 50);
//explicit data
_eventQuery = eventQuery;
//implicit
_batchSize = 64;
_eventsBuffer = new IntPtr[_batchSize];
//
// compute the flag.
//
int flag = 0;
if (_eventQuery.ThePathType == PathType.LogName)
{
flag |= (int)UnsafeNativeMethods.EvtQueryFlags.EvtQueryChannelPath;
}
else
{
flag |= (int)UnsafeNativeMethods.EvtQueryFlags.EvtQueryFilePath;
}
if (_eventQuery.ReverseDirection)
{
flag |= (int)UnsafeNativeMethods.EvtQueryFlags.EvtQueryReverseDirection;
}
if (_eventQuery.TolerateQueryErrors)
{
flag |= (int)UnsafeNativeMethods.EvtQueryFlags.EvtQueryTolerateQueryErrors;
}
_handle = NativeWrapper.EvtQuery(_eventQuery.Session.Handle,
_eventQuery.Path, _eventQuery.Query,
flag);
EventLogHandle bookmarkHandle = EventLogRecord.GetBookmarkHandleFromBookmark(bookmark);
if (!bookmarkHandle.IsInvalid)
{
using (bookmarkHandle)
{
NativeWrapper.EvtSeek(_handle, 1, bookmarkHandle, 0, UnsafeNativeMethods.EvtSeekFlags.EvtSeekRelativeToBookmark);
}
}
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
var p0 = env.GetParameterP(0);
var p1 = env.GetParameterI(1);
var p2 = env.GetParameterP(2);
InputManager.ZeroInputData(p2, p1);
var ret = _Original(p0, p1, p2);
if (p0 == _InjectedInstance && InputManager.HandleAll(p2))
{
env.SetReturnValue(ret);
}
else
{
env.SetReturnValue(ret);
}
}
protected override void Triggered(NativeWrapper.NativeEnvironment env)
{
var obj = _Original(env.GetParameterI(0));
new InjectD3DCreateDevice().InjectSelf(obj);
env.SetReturnValue(obj);
}
public int ResizeBorder(NativeWrapper.COMRECT rect, NativeWrapper.IOleInPlaceUIWindow doc, bool fFrameWindow)
{
return NotImplemented;
}
public int ShowContextMenu(int dwID, NativeWrapper.POINT pt, object pcmdtReserved, object pdispReserved)
{
switch (dwID)
{
// http://msdn.microsoft.com/en-us/library/aa753264(v=vs.85).aspx
case 0x2: // this is edit CONTEXT_MENU_CONTROL
case 0x4: // selected text CONTEXT_MENU_TEXTSELECT
case 0x9: // CONTEXT_MENU_VSCROLL
case 0x10: //CONTEXT_MENU_HSCROLL
return S_FALSE; // allow to show menu; Host did not display its UI. MSHTML will display its UI.
}
return S_OK;
}
public AccountDump GetDump()
{
var process = IsRaidRunning();
if (process == null)
{
return(null);
}
if (!CheckRaidVersion(process))
{
return(null);
}
var handle = NativeWrapper.OpenProcess(ProcessAccessFlags.Read, true, process.Id);
try
{
var gameAssembly = GetRaidAssembly(process);
var klass = IntPtr.Zero;
NativeWrapper.ReadProcessMemory(handle, gameAssembly.BaseAddress + RaidStaticInformation.MemoryLocation, ref klass);
var appModel = klass;
// These Reposition the AppModel to be in the right place. TODO: Figure out where these magic numbers come from?
NativeWrapper.ReadProcessMemory(handle, appModel + 0x18, ref appModel);
NativeWrapper.ReadProcessMemory(handle, appModel + 0xC0, ref appModel);
NativeWrapper.ReadProcessMemory(handle, appModel + 0x0, ref appModel);
NativeWrapper.ReadProcessMemory(handle, appModel + 0xB8, ref appModel);
NativeWrapper.ReadProcessMemory(handle, appModel + 0x8, ref appModel);
var userWrapper = appModel;
NativeWrapper.ReadProcessMemory(handle, userWrapper + RaidStaticInformation.AppModelUserWrapper, ref userWrapper); // AppModel._userWrapper
var heroesWrapper = userWrapper;
NativeWrapper.ReadProcessMemory(handle, heroesWrapper + RaidStaticInformation.UserWrapperHeroes, ref heroesWrapper); // UserWrapper.Heroes
#region Artifact Extraction
var artifactsPointer = heroesWrapper;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + RaidStaticInformation.HeroesWrapperArtifactData, ref artifactsPointer); // HeroesWrapperReadOnly.ArtifactData
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + RaidStaticInformation.UserArtifactDataArtifacts, ref artifactsPointer); // UserArtifactData.Artifacts
var artifactCount = 0;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + RaidStaticInformation.ListCount, ref artifactCount); // List<Artifact>.Count
var pointers = new List <IntPtr>();
if (artifactCount > 0)
{
var arrayPointer = artifactsPointer;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + RaidStaticInformation.ListIndexArray, ref arrayPointer); // List<Artifact>._array
var ptrs = new IntPtr[artifactCount];
NativeWrapper.ReadProcessMemoryArray(handle, arrayPointer + RaidStaticInformation.ListElementPointerArray, ptrs);
pointers.AddRange(ptrs);
}
if (artifactCount == 0)
{
// This means it's in external storage instead which is in a concurrent dictionary (teh sucks)
NativeWrapper.ReadProcessMemory(handle, gameAssembly.BaseAddress + RaidStaticInformation.ExternalStorageAddress, ref klass);
var artifactStorageResolver = klass;
NativeWrapper.ReadProcessMemory(handle, artifactStorageResolver + 0xB8, ref artifactStorageResolver); // ArtifactStorageResolver-StaticFields
NativeWrapper.ReadProcessMemory(handle, artifactStorageResolver, ref artifactStorageResolver); // ArtifactStorageResolver-StaticFields._implementation
var state = artifactStorageResolver;
NativeWrapper.ReadProcessMemory(handle, state + 0x10, ref state); // ExternalArtifactsStorage._state
artifactsPointer = state;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x18, ref artifactsPointer); // _state._artifacts
var buckets = artifactsPointer;
NativeWrapper.ReadProcessMemory(handle, buckets + 0x10, ref buckets); // ConcurrentDictionary._tables
NativeWrapper.ReadProcessMemory(handle, buckets + 0x10, ref buckets); // _tables._buckets
var bucketCount = 0;
NativeWrapper.ReadProcessMemory(handle, buckets + 0x18, ref bucketCount);
var nodes = new IntPtr[bucketCount];
if (bucketCount > 0)
{
NativeWrapper.ReadProcessMemoryArray(handle, buckets + RaidStaticInformation.ListElementPointerArray, nodes);
}
for (var i = 0; i < nodes.Length; i++)
{
var node = nodes[i];
while (node != IntPtr.Zero)
{
var pointer = node;
NativeWrapper.ReadProcessMemory(handle, pointer + 0x18, ref pointer); // Node.m_value
if (pointer != IntPtr.Zero)
{
pointers.Add(pointer);
}
NativeWrapper.ReadProcessMemory(handle, node + 0x20, ref node); // Node.m_next
}
}
}
var artifacts = new List <Artifact>();
var artifactStruct = new ArtifactStruct();
var artifactBonusStruct = new ArtifactBonusStruct();
var bonusValueStruct = new BonusValueStruct();
foreach (var pointer in pointers)
{
NativeWrapper.ReadProcessMemory(handle, pointer, ref artifactStruct);
NativeWrapper.ReadProcessMemory(handle, artifactStruct.PrimaryBonus, ref artifactBonusStruct);
NativeWrapper.ReadProcessMemory(handle, artifactBonusStruct.Value, ref bonusValueStruct);
var artifact = new Artifact
{
Id = artifactStruct.Id,
SellPrice = artifactStruct.SellPrice,
Price = artifactStruct.Price,
Level = artifactStruct.Level,
IsActivated = artifactStruct.IsActivated,
Kind = artifactStruct.KindId.ToString(),
Rank = artifactStruct.RankId.ToString(),
Rarity = artifactStruct.RarityId.ToString(),
SetKind = artifactStruct.SetKindId.ToString(),
IsSeen = artifactStruct.IsSeen,
FailedUpgrades = artifactStruct.FailedUpgrades
};
if (artifactStruct.RequiredFraction != HeroFraction.Unknown)
{
artifact.RequiredFraction = artifactStruct.RequiredFraction.ToString();
}
artifact.PrimaryBonus = new ArtifactBonus
{
Kind = artifactBonusStruct.KindId.ToString(),
IsAbsolute = bonusValueStruct.IsAbsolute,
Value = (float)Math.Round(bonusValueStruct.Value / (double)uint.MaxValue, 2),
};
var bonusesPointer = artifactStruct.SecondaryBonuses;
var bonusCount = 0;
NativeWrapper.ReadProcessMemory(handle, bonusesPointer + RaidStaticInformation.ListCount, ref bonusCount);
NativeWrapper.ReadProcessMemory(handle, bonusesPointer + RaidStaticInformation.ListIndexArray, ref bonusesPointer);
artifact.SecondaryBonuses = new List <ArtifactBonus>();
var bonuses = new IntPtr[bonusCount];
if (bonusCount > 0)
{
NativeWrapper.ReadProcessMemoryArray(handle, bonusesPointer + RaidStaticInformation.ListElementPointerArray, bonuses, 0, bonuses.Length);
}
foreach (var bonusPointer in bonuses)
{
NativeWrapper.ReadProcessMemory(handle, bonusPointer, ref artifactBonusStruct);
NativeWrapper.ReadProcessMemory(handle, artifactBonusStruct.Value, ref bonusValueStruct);
var bonus = new ArtifactBonus
{
Kind = artifactBonusStruct.KindId.ToString(),
IsAbsolute = bonusValueStruct.IsAbsolute,
Value = (float)Math.Round(bonusValueStruct.Value / (double)uint.MaxValue, 2),
Enhancement = (float)Math.Round(artifactBonusStruct.PowerUpValue / (double)uint.MaxValue, 2),
Level = artifactBonusStruct.Level
};
artifact.SecondaryBonuses.Add(bonus);
}
artifacts.Add(artifact);
}
artifacts = artifacts.OrderBy(o => o.Id).ToList();
#endregion
#region Hero Extraction
var heroesDataPointer = heroesWrapper;
NativeWrapper.ReadProcessMemory(handle, heroesDataPointer + RaidStaticInformation.HeroesWrapperHeroData, ref heroesDataPointer); // HeroesWrapperReadOnly.HeroData
NativeWrapper.ReadProcessMemory(handle, heroesDataPointer + RaidStaticInformation.UserHeroDataHeroById, ref heroesDataPointer); // UserHeroData.HeroById
var count = 0;
NativeWrapper.ReadProcessMemory(handle, heroesDataPointer + RaidStaticInformation.DictionaryCount, ref count); // Dictionary<int, Hero>.Count
NativeWrapper.ReadProcessMemory(handle, heroesDataPointer + RaidStaticInformation.DictionaryEntries, ref heroesDataPointer); // Dictionary<int, Hero>.entries
var heroStruct = new HeroStruct();
var heroMasteriesStruct = new HeroMasteryDataStruct();
var skillStruct = new SkillStruct();
var heroesById = new Dictionary <int, Hero>();
var heroes = new List <Hero>();
for (var i = 0; i < count; i++)
{
// Array of Dictionary-entry structs which are 0x18 in size (but we only need hero pointer)
var heroPointer = heroesDataPointer + 0x30 + 0x18 * i;
NativeWrapper.ReadProcessMemory(handle, heroPointer, ref heroPointer);
NativeWrapper.ReadProcessMemory(handle, heroPointer, ref heroStruct);
heroMasteriesStruct.Masteries = IntPtr.Zero;
NativeWrapper.ReadProcessMemory(handle, heroStruct.MasteryData, ref heroMasteriesStruct);
var hero = new Hero
{
Id = heroStruct.Id,
TypeId = heroStruct.TypeId,
Grade = heroStruct.Grade.ToString(),
Level = heroStruct.Level,
Experience = heroStruct.Experience,
FullExperience = heroStruct.FullExperience,
Locked = heroStruct.Locked,
InStorage = heroStruct.InStorage,
Marker = heroStruct.Marker.ToString(),
Masteries = new List <int>(),
};
var masteriesPtr = heroMasteriesStruct.Masteries;
var masteryCount = 0;
if (heroStruct.MasteryData != IntPtr.Zero && masteriesPtr != IntPtr.Zero)
{
NativeWrapper.ReadProcessMemory(handle, masteriesPtr + RaidStaticInformation.ListCount, ref masteryCount);
NativeWrapper.ReadProcessMemory(handle, masteriesPtr + RaidStaticInformation.ListIndexArray, ref masteriesPtr);
}
var masteries = new int[masteryCount];
if (masteryCount > 0)
{
NativeWrapper.ReadProcessMemoryArray(handle, masteriesPtr + RaidStaticInformation.ListElementPointerArray, masteries, 0, masteries.Length);
}
hero.Masteries.AddRange(masteries);
var skillsPtr = heroStruct.Skills;
var skillsCount = 0;
if (skillsPtr != IntPtr.Zero)
{
NativeWrapper.ReadProcessMemory(handle, heroStruct.Skills + RaidStaticInformation.ListCount, ref skillsCount);
NativeWrapper.ReadProcessMemory(handle, heroStruct.Skills + RaidStaticInformation.ListIndexArray, ref skillsPtr);
}
hero.Skills = new List <Skill>();
var skills = new IntPtr[skillsCount];
if (skillsCount > 0)
{
NativeWrapper.ReadProcessMemoryArray(handle, skillsPtr + RaidStaticInformation.ListElementPointerArray, skills, 0, skills.Length);
}
foreach (var skillPointer in skills)
{
NativeWrapper.ReadProcessMemory(handle, skillPointer, ref skillStruct);
var skill = new Skill
{
Id = skillStruct.Id,
TypeId = skillStruct.TypeId,
Level = skillStruct.Level,
};
hero.Skills.Add(skill);
}
if (heroTypeById.TryGetValue(hero.TypeId, out var heroType))
{
hero.Name = heroType.Name;
hero.Fraction = heroType.Fraction;
hero.Element = heroType.Element;
hero.Rarity = heroType.Rarity;
hero.Role = heroType.Role;
hero.AwakenLevel = heroType.AwakeLevel;
hero.Accuracy = heroType.Accuracy;
hero.Attack = heroType.Attack;
hero.Defense = heroType.Defense;
hero.Health = heroType.Health;
hero.Speed = heroType.Speed;
hero.Resistance = heroType.Resistance;
hero.CriticalChance = heroType.CriticalChance;
hero.CriticalDamage = heroType.CriticalDamage;
hero.CriticalHeal = heroType.CriticalHeal;
}
var multiplier = multipliers.FirstOrDefault(m => m.Stars == hero.Grade && m.Level == hero.Level);
if (multiplier != null)
{
hero.Attack = (int)Math.Round(hero.Attack * multiplier.Multiplier);
hero.Defense = (int)Math.Round(hero.Defense * multiplier.Multiplier);
hero.Health = (int)Math.Round(hero.Health * multiplier.Multiplier) * 15;
}
heroes.Add(hero);
heroesById[heroStruct.Id] = hero;
}
heroes = heroes.OrderBy(o => o.Id).ToList();
#endregion
#region Hero Artifact Extraction
var artifactsByHeroIdPtr = heroesWrapper;
NativeWrapper.ReadProcessMemory(handle, artifactsByHeroIdPtr + RaidStaticInformation.HeroesWrapperArtifactData, ref artifactsByHeroIdPtr); // HeroesWrapperReadOnly.ArtifactData
NativeWrapper.ReadProcessMemory(handle, artifactsByHeroIdPtr + RaidStaticInformation.UserArtifactArtifactDataByHeroId, ref artifactsByHeroIdPtr); // UserArtifactData.ArtifactDataByHeroId
NativeWrapper.ReadProcessMemory(handle, artifactsByHeroIdPtr + RaidStaticInformation.DictionaryCount, ref count);
NativeWrapper.ReadProcessMemory(handle, artifactsByHeroIdPtr + 0x18, ref artifactsByHeroIdPtr);
for (var i = 0; i < count; i++)
{
artifactsPointer = artifactsByHeroIdPtr + 0x30 + 0x18 * i;
var heroId = 0;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer - 8, ref heroId);
NativeWrapper.ReadProcessMemory(handle, artifactsPointer, ref artifactsPointer);
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x10, ref artifactsPointer);
artifactCount = 0;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + RaidStaticInformation.DictionaryCount, ref artifactCount);
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x18, ref artifactsPointer);
var arts = new List <int>();
for (var a = 0; a < artifactCount; a++)
{
var artifactId = 0;
NativeWrapper.ReadProcessMemory(handle, artifactsPointer + 0x2C + 0x10 * a, ref artifactId);
arts.Add(artifactId);
}
if (heroesById.TryGetValue(heroId, out var hero))
{
hero.Artifacts = arts;
}
}
#endregion
#region Arena League Extraction
var arenaPtr = userWrapper;
NativeWrapper.ReadProcessMemory(handle, userWrapper + RaidStaticInformation.UserWrapperArena, ref arenaPtr);
ArenaLeagueId arenaLeague = 0;
NativeWrapper.ReadProcessMemory(handle, arenaPtr + RaidStaticInformation.ArenaWrapperLeagueId, ref arenaLeague);
#endregion
#region Great Hall Extraction
var villageDataPointer = IntPtr.Zero;
NativeWrapper.ReadProcessMemory(handle, userWrapper + RaidStaticInformation.UserWrapperCapitol, ref villageDataPointer); // UserWrapper.Capitol
NativeWrapper.ReadProcessMemory(handle, villageDataPointer + RaidStaticInformation.CapitolWrapperVillageData, ref villageDataPointer); // Capitol.VillageData
var bonusLevelPointer = IntPtr.Zero;
NativeWrapper.ReadProcessMemory(handle, villageDataPointer + RaidStaticInformation.UserVillageDataCapitolBonusLevelByStatByElement, ref bonusLevelPointer); // UserVillageData.UserVillageDataCapitolBonusLevelByStatByElement
count = 0;
NativeWrapper.ReadProcessMemory(handle, bonusLevelPointer + RaidStaticInformation.DictionaryCount, ref count); // Dictionary<Element, Dictionary<StatKindId, int>>.Count
NativeWrapper.ReadProcessMemory(handle, bonusLevelPointer + RaidStaticInformation.DictionaryEntries, ref bonusLevelPointer); // Dictionary<Element, Dictionary<StatKindId, int>>.Entries
var greatHall = new Dictionary <Element, Dictionary <StatKindId, int> >();
for (var i = 0; i < count; i++)
{
var elementPointer = bonusLevelPointer + 0x28 + 0x18 * i; // Dictionary<Element, Dictionary<StatKindId, int>>.Key;
var statDictionaryPointer = bonusLevelPointer + 0x30 + 0x18 * i; // Dictionary<Element, Dictionary<StatKindId, int>>.Value
Element currentElement = 0; // Initial value
NativeWrapper.ReadProcessMemory(handle, elementPointer, ref currentElement);
NativeWrapper.ReadProcessMemory(handle, statDictionaryPointer, ref statDictionaryPointer);
var statsCount = 0;
var statsPointer = IntPtr.Zero;
var statsDictionary = new Dictionary <StatKindId, int>();
NativeWrapper.ReadProcessMemory(handle, statDictionaryPointer + RaidStaticInformation.DictionaryCount, ref statsCount); // Dictionary<StatKindId, int>().Count
NativeWrapper.ReadProcessMemory(handle, statDictionaryPointer + RaidStaticInformation.DictionaryEntries, ref statsPointer); // Dictionary<StatKindId, int>().Entries
for (var j = 0; j < statsCount; j++)
{
var statKindPointer = statsPointer + 0x28 + 0x10 * j;
var statValuePointer = statsPointer + 0x2C + 0x10 * j;
StatKindId statKindId = 0;
int statLevel = 0;
NativeWrapper.ReadProcessMemory(handle, statKindPointer, ref statKindId);
NativeWrapper.ReadProcessMemory(handle, statValuePointer, ref statLevel);
statsDictionary.Add(statKindId, statLevel);
}
greatHall.Add(currentElement, statsDictionary);
}
#endregion
#region Shard extraction
var shards = new Dictionary <string, ShardInfo>();
var shardsDataPointer = userWrapper;
NativeWrapper.ReadProcessMemory(handle, shardsDataPointer + RaidStaticInformation.UserWrapperShards, ref shardsDataPointer); // UserWrapper.ShardWrapperReadOnly
NativeWrapper.ReadProcessMemory(handle, shardsDataPointer + RaidStaticInformation.ShardWrapperData, ref shardsDataPointer); // ShardWrapperReadOnly.UserShardData
var shardSummonDataPointer = shardsDataPointer;
NativeWrapper.ReadProcessMemory(handle, shardSummonDataPointer + RaidStaticInformation.ShardSummonData, ref shardSummonDataPointer); // UserShardData.SummonResults
// Read the shard count data
NativeWrapper.ReadProcessMemory(handle, shardsDataPointer + RaidStaticInformation.ShardData, ref shardsDataPointer);
var shardCount = 0;
NativeWrapper.ReadProcessMemory(handle, shardsDataPointer + RaidStaticInformation.ListCount, ref shardCount);
List <IntPtr> shardPointers = new List <IntPtr>();
if (shardCount > 0)
{
var arrayPointer = shardsDataPointer;
NativeWrapper.ReadProcessMemory(handle, shardsDataPointer + RaidStaticInformation.ListIndexArray, ref arrayPointer);
var ptrs = new IntPtr[shardCount];
NativeWrapper.ReadProcessMemoryArray(handle, arrayPointer + RaidStaticInformation.ListElementPointerArray, ptrs);
shardPointers.AddRange(ptrs);
}
List <ShardStruct> shardCounts = new List <ShardStruct>();
foreach (var pointer in shardPointers)
{
ShardStruct countData = new ShardStruct();
NativeWrapper.ReadProcessMemory(handle, pointer, ref countData);
string key = countData.ShardTypeId.ToString();
if (!shards.ContainsKey(key))
{
shards.Add(key, new ShardInfo());
shards[key].SummonData = new List <ShardSummonInfo>();
}
shards[key].Count = countData.Count;
}
// Now read the summon data (pity system)
var shardSummonCount = 0;
NativeWrapper.ReadProcessMemory(handle, shardSummonDataPointer + RaidStaticInformation.ListCount, ref shardSummonCount);
shardPointers = new List <IntPtr>();
if (shardSummonCount > 0)
{
var arrayPointer = shardSummonDataPointer;
NativeWrapper.ReadProcessMemory(handle, shardSummonDataPointer + RaidStaticInformation.ListIndexArray, ref arrayPointer);
var ptrs = new IntPtr[shardSummonCount];
NativeWrapper.ReadProcessMemoryArray(handle, arrayPointer + RaidStaticInformation.ListElementPointerArray, ptrs);
shardPointers.AddRange(ptrs);
}
List <ShardSummonData> shardSummons = new List <ShardSummonData>();
foreach (var pointer in shardPointers)
{
ShardSummonData summonData = new ShardSummonData();
NativeWrapper.ReadProcessMemory(handle, pointer, ref summonData);
string key = summonData.ShardTypeId.ToString();
if (!shards.ContainsKey(key))
{
// We might have to add an entry if the user has no shards of that type.
shards.Add(key, new ShardInfo());
shards[key].SummonData = new List <ShardSummonInfo>();
shards[key].Count = 0;
}
ShardSummonInfo info = new ShardSummonInfo();
info.Rarity = summonData.rarity.ToString();
info.LastHeroId = summonData.lastHeroId;
info.PullCount = summonData.pullCount;
shards[key].SummonData.Add(info);
}
#endregion
#region BattlePresets extraction
var presetsPointer = heroesWrapper;
NativeWrapper.ReadProcessMemory(handle, presetsPointer + RaidStaticInformation.HeroesWrapperHeroData, ref presetsPointer); // HeroesWrapperReadOnly.HeroData
NativeWrapper.ReadProcessMemory(handle, presetsPointer + RaidStaticInformation.UserHeroDataBattlePresets, ref presetsPointer); // UserHeroData.BattlePresets
var battlePresetsCount = 0;
var presetsDataPointer = IntPtr.Zero;
NativeWrapper.ReadProcessMemory(handle, presetsPointer + RaidStaticInformation.DictionaryCount, ref battlePresetsCount); // Dictionary<int, int[]>.Count
NativeWrapper.ReadProcessMemory(handle, presetsPointer + RaidStaticInformation.DictionaryEntries, ref presetsDataPointer); // Dictionary<int, int[]>.Entries
var stagePresets = new Dictionary <int, int[]>();
for (var i = 0; i < battlePresetsCount; i++)
{
var stageIdPointer = presetsDataPointer + 0x28 + 0x18 * i; // Dictionary<int, int[]>.Key;
var heroIdArrayPointer = presetsDataPointer + 0x30 + 0x18 * i; // Dictionary<int, int[]>.Value
int currentStage = 0;
NativeWrapper.ReadProcessMemory(handle, stageIdPointer, ref currentStage);
NativeWrapper.ReadProcessMemory(handle, heroIdArrayPointer, ref heroIdArrayPointer);
var heroArrayCount = 0;
NativeWrapper.ReadProcessMemory(handle, heroIdArrayPointer + RaidStaticInformation.ListCount, ref heroArrayCount); // Assuming Array.Count has identical offset as List.Count
// Making use of ReadProcessMemoryArray instead of iterating the array ourselves
if (heroArrayCount > 0)
{
var heroIdArray = new int[heroArrayCount];
var heroIdPointer = heroIdArrayPointer + 0x20; // Location of the first entry
NativeWrapper.ReadProcessMemoryArray(handle, heroIdPointer, heroIdArray);
stagePresets[currentStage] = heroIdArray;
}
}
#endregion
return(new AccountDump
{
Artifacts = artifacts,
Heroes = heroes,
ArenaLeague = arenaLeague.ToString(),
GreatHall = greatHall,
Shards = shards,
StagePresets = stagePresets,
});
}
finally
{
NativeWrapper.CloseHandle(handle);
}
}