private bool HookProcess(ProcStatus procStatus)
{
if (procStatus.ProcessId == 0)
{
return(false);
}
Direct3DVersion direct3DVersion = Direct3DVersion.AutoDetect;
CaptureConfig cc = new CaptureConfig()
{
Direct3DVersion = direct3DVersion,
ShowOverlay = showFPSToolStripMenuItem.Checked
};
FileUnblocker.Unblock("EasyHook32Svc.exe");
FileUnblocker.Unblock("EasyHook64Svc.exe");
var captureInterface = new CaptureInterface();
captureInterface.RemoteMessage += CaptureInterface_RemoteMessage;
procStatus.CaptureProcess = new CaptureProcess(procStatus.Process, cc, captureInterface);
PrintStatus("* Hooked " + procStatus.Name);
hookedProcesses.Add(procStatus.ProcessId, procStatus);
AddExitHook(procStatus);
return(true);
}
private void AddExitHook(ProcStatus procStatus)
{
var handler = new EventHandler((sender, e) =>
{
this.hookedProcesses.Remove(procStatus.ProcessId);
});
procStatus.Process.Exited += handler;
}
/// <summary>
/// Process opening code. Generates a list of modules too.
/// </summary>
public void OpenTheProc()
{
ProcTypeBox.Invoke((MethodInvoker) delegate
{
if (String.Compare(ProcTypeBox.Text, "Name") == 0) // if combobox set to Name, use string
{
ProcOpen = m.OpenProcess(ProcTextBox.Text);
}
else // if combobox set to ID, use integer
{
ProcOpen = m.OpenProcess(Convert.ToInt32(ProcTextBox.Text));
}
});
if (ProcOpen) // if process opens successfully
{
OpenProcessBtn.Invoke((MethodInvoker) delegate
{
OpenProcessBtn.Text = "Close Process";
OpenProcessBtn.ForeColor = Color.Red;
});
ModuleList.Invoke((MethodInvoker) delegate
{
if (ModuleList.Items.Count <= 0)
{
GetModuleList();
}
});
}
else // on process open fail, show error message
{
//MessageBox.Show("ERROR: Process open failed!");
ProcStatus.Invoke((MethodInvoker) delegate
{
ProcStatus.Text = "Closed";
ProcStatus.ForeColor = Color.Red;
});
ModuleList.Invoke((MethodInvoker) delegate
{
if (ModuleList.Items.Count > 0)
{
ModuleList.Items.Clear();
}
});
StopWorker = true;
}
}
private static bool IsDotNetAssembly(ProcStatus procStatus)
{
bool isDotNet;
try
{
System.Reflection.AssemblyName.GetAssemblyName(procStatus.Process.MainModule.FileName);
isDotNet = true;
}
catch
{
isDotNet = false;
}
return(isDotNet);
}
public WorklistItem GetWorklistItem(string serialNo, ProcStatus status = ProcStatus.Open)
{
var items = GetWorklistItems(serialNo);
var wlItems = new List <WorklistItem>();
foreach (WorklistItem item in items)
{
bool match = false;
if (status == ProcStatus.Active)
{
if (item.Status == GetStatus(ProcStatus.Allocated) ||
item.Status == GetStatus(ProcStatus.Open) ||
item.Status == GetStatus(ProcStatus.Available)
)
{
match = true;
}
}
else
{
if (item.Status == GetStatus(status))
{
match = true;
}
}
if (match && item.ProcessInstanceStatus == ProcessInstanceStatus.Active)
{
wlItems.Add(item);
}
}
if (wlItems.Count > 1)
{
return(wlItems.SingleOrDefault(p => p.Destination == ManagedUser));
}
else
{
return(wlItems.SingleOrDefault());
}
}
public void GetModuleList()
{
ModuleList.Invoke((MethodInvoker) delegate
{
ModuleList.Items.Clear();
foreach (KeyValuePair <string, IntPtr> kvp in m.modules) // iterate through process module list
{
string[] arr = new string[4];
ListViewItem itm;
arr[0] = "0x" + kvp.Value.ToString("x8");
arr[1] = kvp.Key;
itm = new ListViewItem(arr);
ModuleList.Items.Add(itm);
}
});
ProcStatus.Invoke((MethodInvoker) delegate
{
ProcStatus.Text = "Open";
ProcStatus.ForeColor = Color.Green;
});
}
private WorklistItem.WorklistStatus GetStatus(ProcStatus status)
{
switch (status)
{
case ProcStatus.Available:
return(WorklistItem.WorklistStatus.Available);
case ProcStatus.Open:
return(WorklistItem.WorklistStatus.Open);
case ProcStatus.Allocated:
return(WorklistItem.WorklistStatus.Allocated);
case ProcStatus.Sleep:
return(WorklistItem.WorklistStatus.Sleep);
case ProcStatus.Completed:
return(WorklistItem.WorklistStatus.Completed);
default:
return(WorklistItem.WorklistStatus.Open);
}
}
public void SetReady()
{
Status = ProcStatus.Ready;
}
public void SetActive()
{
Status = ProcStatus.Active;
}
public frmWarning()
{
InitializeComponent();
// For Non-Blocking UI Application
new Thread(new ThreadStart(() =>
{
while (true)
{
if (!flag)
{
var Procs = Process.GetProcessesByName("th12");
if (Procs.Length > 0)
{
// Open TH12.exe with PROCESS_VM_READ (0x0010).
_handle = OpenProcess(0x10, false, Procs.FirstOrDefault().Id);
if (_handle != null)
{
flag = true;
}
}
}
else
{
if (!_flag_billion)
{
int bytesRead = 0;
byte[] _buffer = new byte[4]; // Will read 4 bytes of memory
/*
* Read Level
*
* In TH12 ~ Undefined Fantastic Object, Level is stored in
* [base address] + 0xAEBD0, as 4bytes int value.
*
*/
var readLevel = ReadProcessMemory((int)_handle, 0x004AEBD0, _buffer, 2, ref bytesRead);
if (!readLevel)
{
flag = false;
continue;
}
/*
* Level Codes
* 0 - Easy; 1 - Normal; 2 - Hard; 3 - Lunatic; ? - Extra
*
*/
if (BitConverter.ToInt16(_buffer, 0) != 3)
{
ProcStatus.Invoke(new MethodInvoker(() =>
{
ProcStatus.Text = "NOT LUNATIC LEVEL!";
}));
Thread.Sleep(100);
continue;
}
else
{
ProcStatus.Invoke(new MethodInvoker(() =>
{
ProcStatus.Text = "Process Working";
}));
}
/*
* Read Score
*
* Once level is detected as LUNATIC,
* rensenWare reads score from process.
*
* Score is stored in
* [base address] + 0xAEBD0, as 4bytes int value.
*
*/
var readScore = ReadProcessMemory((int)_handle, 0x004B0C44, _buffer, 4, ref bytesRead);
if (!readScore)
{
flag = false;
Thread.Sleep(100);
continue;
}
ScoreStatus.Invoke(new MethodInvoker(() =>
{
ScoreStatus.Text = (BitConverter.ToInt32(_buffer, 0) * 10).ToString();
}));
/*
* One interesting thing,
* internally, touhou project process prints score as 10 times of original value.
* I don't know why it is.
*/
if (BitConverter.ToInt32(_buffer, 0) > 20000000) // It is 20,000,000
{
_flag_billion = true;
}
else
{
_buffer = null;
}
// Let CPU rest
Thread.Sleep(100);
}
else // When scores 0.2 billion...
{
// Create Random Key/IV File in Desktop of Current User.
File.WriteAllBytes(Program.KeyFilePath, Program.randomKey);
File.WriteAllBytes(Program.IVFilePath, Program.randomIV);
decryptProgress.Maximum = Program.encryptedFiles.Count;
// There's no encrypted Files....
foreach (var path in Program.encryptedFiles)
{
try
{
DecryptStatus.Invoke(new MethodInvoker(() =>
{
DecryptStatus.Text = Path.GetFileName(path);
}));
// Do Nothing!
Program.Crypt(path, true);
decryptProgress.Value++;
// Let CPU rest (?)
// Thread.Sleep(100);
}
catch
{
continue;
}
}
this.Invoke(new MethodInvoker(() =>
{
MessageBox.Show("Decryption Complete!\nIf there are encrypted files exists, use manual decrypter with key/IV files saved in desktop!");
ButtonManualDecrypt.Visible = true;
ButtonExit.Visible = true;
}));
break;
}
}
Thread.Sleep(100);
}
})).Start();
}
