Exemplo n.º 1
0
        public void Process(IHackContext context, PatternFinding finding, Stack <Pointer> operands, ScanResult result)
        {
            var top    = operands.Pop();
            var bottom = operands.Pop();

            operands.Push(top);
            operands.Push(bottom);
        }
Exemplo n.º 2
0
        public void Process(IHackContext context, PatternFinding finding, Stack <Pointer> operands, ScanResult result)
        {
            var a   = operands.Pop();
            var b   = operands.Pop();
            var res = Calculate(a, b);

            operands.Push(res);
        }
Exemplo n.º 3
0
        public ScanResult Process(IHackContext ctx, IPatternProcessor[] processors)
        {
            var result       = new ScanResult();
            var operandStack = new Stack <Pointer>();

            foreach (var processor in processors)
            {
                processor.Process(ctx, this, operandStack, result);
            }

            if (operandStack.Count == 1)
            {
                result.Value = operandStack.Pop();
            }

            return(result);
        }
Exemplo n.º 4
0
        public void Process(IHackContext context, PatternFinding finding, Stack <Pointer> operands, ScanResult result)
        {
            Pointer operand = Pointer.Zero;
            var     Offset  = (int)operands.Pop().Address32;

            switch (Type)
            {
            case OperandType.i8:
                operand = (int)finding.Data[Offset];
                break;

            case OperandType.i16:
                operand = new Pointer(BitConverter.ToInt16(finding.Data, Offset));
                break;

            case OperandType.i32:
                operand = new Pointer(BitConverter.ToInt32(finding.Data, Offset));
                break;

            case OperandType.i64:
                operand = new Pointer(BitConverter.ToInt64(finding.Data, Offset));
                break;

            case OperandType.u16:
                operand = new Pointer(BitConverter.ToUInt16(finding.Data, Offset));
                break;

            case OperandType.u32:
                operand = new Pointer(BitConverter.ToUInt32(finding.Data, Offset));
                break;

            case OperandType.u64:
                operand = new Pointer(BitConverter.ToUInt64(finding.Data, Offset));
                break;
            }
            operands.Push(operand);
        }
Exemplo n.º 5
0
        public void Process(IHackContext context, PatternFinding finding, Stack <Pointer> operands, ScanResult result)
        {
            Pointer address = operands.Pop();
            Pointer value   = Pointer.Zero;

            switch (Type)
            {
            case OperandType.i8:
                value = (long)context.Memory.Read <byte>(address);
                break;

            case OperandType.i16:
                value = (long)context.Memory.Read <short>(address);
                break;

            case OperandType.i32:
                value = (long)context.Memory.Read <int>(address);
                break;

            case OperandType.i64:
                value = (long)context.Memory.Read <long>(address);
                break;

            case OperandType.u16:
                value = (long)context.Memory.Read <ushort>(address);
                break;

            case OperandType.u32:
                value = (long)context.Memory.Read <uint>(address);
                break;

            case OperandType.u64:
                value = (long)context.Memory.Read <ulong>(address);
                break;
            }
            operands.Push(value);
        }
Exemplo n.º 6
0
 protected HackModule(IHackContext context)
 {
     this.Context = context;
     tick         = new TickInfo(DateTime.Now, DateTime.Now, 0);
     Runner       = new ModuleRunner(this);
 }
Exemplo n.º 7
0
 public void Process(IHackContext context, PatternFinding finding, Stack <Pointer> operands, ScanResult result)
 {
     result.Values[Name] = operands.Pop();
 }
Exemplo n.º 8
0
 public Hack(IHackContext context, HackModule[] modules)
 {
     Context = context;
     Modules = modules;
     Runners = modules.Select(x => x.Runner).ToArray();
 }
Exemplo n.º 9
0
        public ScanResult[] Find(IHackContext context)
        {
            var results = new List <ScanResult>();

            var     from   = Pointer.Zero;
            var     to     = Pointer.Zero;
            IModule module = null;

            if (!string.IsNullOrEmpty(Module))
            {
                module = context.Process.FindModule(Module);
                if (module == null)
                {
                    throw new Exception($"Module \"{Module}\" not found");
                }

                from = module.BaseAddress;
                to   = module.BaseAddress + module.Size;
            }
            else
            {
                from   = ScanStart;
                to     = ScanEnd;
                module = context.Process.Modules.FirstOrDefault(x => x.BaseAddress >= from && x.BaseAddress + x.Size <= to);
            }
            var length = to - from;

            var reader = new CachedStreamMemory(context.Memory, context.Process);

            reader.Position = (long)from.Address64;
            var buffer = new byte[4096];

            for (var i = 0; i < length; i += buffer.Length)
            {
                reader.Read(buffer, 0, buffer.Length);
                for (int b = 0; b < buffer.Length - Bytes.Length; b++)
                {
                    bool found = true;
                    for (int m = 0; m < Mask.Length; m++)
                    {
                        if (Mask[m] != '?' && Bytes[m] != buffer[b + m])
                        {
                            found = false;
                            break;
                        }
                    }
                    if (found)
                    {
                        var data = new byte[Bytes.Length];
                        Array.Copy(buffer, b, data, 0, data.Length);
                        var finding = new PatternFinding(data, from + b);
                        var result  = finding.Process(context, Processors);
                        if (!FindMultiple)
                        {
                            return new ScanResult[] { result }
                        }
                        ;

                        results.Add(result);
                    }
                }
            }
            return(results.ToArray());
        }
    }
Exemplo n.º 10
0
 public void Process(IHackContext context, PatternFinding finding, Stack <Pointer> operands, ScanResult result)
 {
     operands.Push(context.Process.Modules.FirstOrDefault(x => x.Name == ModuleName).BaseAddress);
 }
Exemplo n.º 11
0
 public void Process(IHackContext context, PatternFinding finding, Stack <Pointer> operands, ScanResult result)
 {
     operands.Push(Value);
 }