private static byte[] ProcessJmps(byte[] b, int rawAddr, int targetAddr) { IntPtr ptr3 = Marshal.AllocHGlobal(b.Length); Marshal.Copy(b, 0, ptr3, b.Length); unsafe { byte *p = (byte *)ptr3; byte *i = p; while (i - p < b.Length) { if (*i == 0xe9 || *i == 0xe8) //jmp or call { *((int *)(i + 1)) += rawAddr - targetAddr; //move the call } Ldasm.ldasm_data data = new Ldasm.ldasm_data(); uint t = Ldasm.ldasm(i, ref data, false); i += t; } } byte[] result = new byte[b.Length]; Marshal.Copy(ptr3, result, 0, b.Length); Marshal.FreeHGlobal(ptr3); return(result); }
public static byte[] GetHeadBytes(byte[] code) { IntPtr ptr3 = Marshal.AllocHGlobal(code.Length); Marshal.Copy(code, 0, ptr3, code.Length); UInt32 len = 0; unsafe { byte *p = (byte *)ptr3.ToPointer(); byte *i = p; while (i - p < 5) { Ldasm.ldasm_data data = new Ldasm.ldasm_data(); UInt32 t = Ldasm.ldasm(i, ref data, false); i += t; } len = (UInt32)(i - p); } Marshal.FreeHGlobal(ptr3); byte[] v = new byte[len]; for (int i = 0; i < len; i++) { v[i] = code[i]; } return(v); }
private unsafe static byte[] GetHeadBytes(byte[] code) { fixed(byte *p = code) { byte *i = p; while (i - p < 5) { i += Ldasm.GetInst(i, out _, false); } return(code[..(int)(i - p)]);