public QName(ASConstants constants, FlashReader reader, ConstantType multinameType) { _constants = constants; MultinameType = multinameType; NamespaceIndex = reader.Read7BitEncodedInt(); NameIndex = reader.Read7BitEncodedInt(); }
public ASClass(ABCFile abc, FlashReader reader) { _abc = abc; ConstructorIndex = reader.Read7BitEncodedInt(); Traits = new List<ASTrait>(reader.Read7BitEncodedInt()); for (int i = 0; i < Traits.Capacity; i++) Traits.Add(new ASTrait(abc, reader)); }
public SlotConstantTrait(ABCFile abc, FlashReader reader, string objName, TraitType traitType) : this(abc, objName, traitType) { SlotId = reader.Read7BitEncodedInt(); TypeIndex = reader.Read7BitEncodedInt(); ValueIndex = reader.Read7BitEncodedInt(); if (ValueIndex != 0) ValueType = (ConstantType)reader.ReadByte(); }
public ASException(ABCFile abc, FlashReader reader) { _abc = abc; From = reader.Read7BitEncodedInt(); To = reader.Read7BitEncodedInt(); Target = reader.Read7BitEncodedInt(); ExceptionTypeIndex = reader.Read7BitEncodedInt(); VariableNameIndex = reader.Read7BitEncodedInt(); }
public Typename(ASConstants constants, FlashReader reader) { _constants = constants; TypeIndex = reader.Read7BitEncodedInt(); ParameterTypeIndices = new List<int>(reader.Read7BitEncodedInt()); for (int i = 0; i < ParameterTypeIndices.Capacity; i++) ParameterTypeIndices.Add(reader.Read7BitEncodedInt()); }
public ASNamespaceSet(ASConstants constants, FlashReader reader) { _constants = constants; NamespaceIndices = new List<int>(reader.Read7BitEncodedInt()); for (int i = 0; i < NamespaceIndices.Capacity; i++) NamespaceIndices.Add(reader.Read7BitEncodedInt()); }
public ASScript(ABCFile abc, FlashReader reader) { _abc = abc; FunctionIndex = reader.Read7BitEncodedInt(); Traits = new List<ASTrait>(reader.Read7BitEncodedInt()); for (int i = 0; i < Traits.Capacity; i++) Traits.Add(new ASTrait(abc, reader)); }
public ASMetadata(ABCFile abc, FlashReader reader) { _abc = abc; NameIndex = reader.Read7BitEncodedInt(); int itemInfoCount = reader.Read7BitEncodedInt(); Elements = new Dictionary<int, int>(itemInfoCount); for (int i = 0; i < itemInfoCount; i++) { Elements.Add(reader.Read7BitEncodedInt(), reader.Read7BitEncodedInt()); } }
public ASNamespace(ASConstants constants, FlashReader reader) { _constants = constants; NamespaceType = (ConstantType)reader.ReadByte(); NameIndex = reader.Read7BitEncodedInt(); }
public bool FindMessageInstances() { ABCFile abc = _abcFiles[2]; ASClass habboMessages = abc.FindClassByName("HabboMessages"); if (habboMessages == null || habboMessages.Traits.Count < 2) return false; ASTrait incomingMap = habboMessages.Traits[0]; ASTrait outgoingMap = habboMessages.Traits[1]; using (var mapReader = new FlashReader( habboMessages.Constructor.Body.Code.ToArray())) { while (mapReader.Position != mapReader.Length) { OPCode op = mapReader.ReadOP(); if (op != OPCode.GetLex) continue; int mapTypeIndex = mapReader.Read7BitEncodedInt(); bool isOutgoing = (mapTypeIndex == outgoingMap.NameIndex); bool isIncoming = (mapTypeIndex == incomingMap.NameIndex); if (!isOutgoing && !isIncoming) continue; op = mapReader.ReadOP(); if (op != OPCode.PushShort && op != OPCode.PushByte) continue; ushort header = 0; if (op == OPCode.PushByte) { header = mapReader.ReadByte(); } else header = (ushort)mapReader.Read7BitEncodedInt(); op = mapReader.ReadOP(); if (op != OPCode.GetLex) continue; int messageTypeIndex = mapReader.Read7BitEncodedInt(); ASMultiname messageType = abc.Constants.Multinames[messageTypeIndex]; ASInstance messageInstance = abc.FindInstanceByName(messageType.ObjName); if (isOutgoing) OutgoingTypes[header] = messageInstance; else if (isIncoming) IncomingTypes[header] = messageInstance; } } return (OutgoingTypes.Count > 0 && IncomingTypes.Count > 0); }
public ASTrait(ABCFile abc, FlashReader reader) { _abc = abc; NameIndex = reader.Read7BitEncodedInt(); byte trueKind = reader.ReadByte(); var traitType = (TraitType)(trueKind & 0xF); Attributes = (TraitAttributes)(trueKind >> 4); #region Trait Reading switch (traitType) { case TraitType.Slot: case TraitType.Constant: Data = new SlotConstantTrait(abc, reader, Name.ObjName, traitType); break; case TraitType.Method: case TraitType.Getter: case TraitType.Setter: { var mgsTrait = new MethodGetterSetterTrait(abc, reader, Name.ObjName, traitType); mgsTrait.Method.ObjName = Name.ObjName; Data = mgsTrait; break; } case TraitType.Class: { var classTrait = new ClassTrait(abc, reader, Name.ObjName); // TODO: Link trait information? Data = classTrait; break; } case TraitType.Function: { var functionTrait = new FunctionTrait(abc, reader, Name.ObjName); // TODO: Link trait information? Data = functionTrait; break; } default: throw new Exception("Invalid trait: " + TraitType); } #endregion MetadataIndices = new List<int>(); if ((Attributes & TraitAttributes.Metadata) != 0) MetadataIndices.Capacity = reader.Read7BitEncodedInt(); for (int i = 0; i < MetadataIndices.Capacity; i++) MetadataIndices.Add(reader.Read7BitEncodedInt()); }
public ASMethodBody(ABCFile abc, FlashReader reader) { _abc = abc; MethodIndex = reader.Read7BitEncodedInt(); MaxStack = reader.Read7BitEncodedInt(); LocalCount = reader.Read7BitEncodedInt(); InitialScopeDepth = reader.Read7BitEncodedInt(); MaxScopeDepth = reader.Read7BitEncodedInt(); Code = new ASCode(abc, this, reader.ReadBytes(reader.Read7BitEncodedInt())); Exceptions = new List<ASException>(reader.Read7BitEncodedInt()); for (int i = 0; i < Exceptions.Capacity; i++) Exceptions.Add(new ASException(abc, reader)); Traits = new List<ASTrait>(reader.Read7BitEncodedInt()); for (int i = 0; i < Traits.Capacity; i++) Traits.Add(new ASTrait(abc, reader)); Method.Body = this; }
public ASInstance(ABCFile abc, FlashReader reader) { _abc = abc; NameIndex = reader.Read7BitEncodedInt(); SuperNameIndex = reader.Read7BitEncodedInt(); ClassInfo = (ClassFlags)reader.ReadByte(); if ((ClassInfo & ClassFlags.ProtectedNamespace) != 0) ProtectedNamespaceIndex = reader.Read7BitEncodedInt(); InterfaceIndices = new List<int>(reader.Read7BitEncodedInt()); for (int i = 0; i < InterfaceIndices.Capacity; i++) InterfaceIndices.Add(reader.Read7BitEncodedInt()); ConstructorIndex = reader.Read7BitEncodedInt(); Traits = new List<ASTrait>(reader.Read7BitEncodedInt()); for (int i = 0; i < Traits.Capacity; i++) Traits.Add(new ASTrait(abc, reader)); }
public ASMethod(ABCFile abc, FlashReader reader) { _abc = abc; Parameters = new List<ASParameter>(reader.Read7BitEncodedInt()); ReturnTypeIndex = reader.Read7BitEncodedInt(); for (int i = 0; i < Parameters.Capacity; i++) { int parameterTypeIndex = reader.Read7BitEncodedInt(); Parameters.Add(new ASParameter(abc, parameterTypeIndex)); } NameIndex = reader.Read7BitEncodedInt(); MethodInfo = (MethodFlags)reader.ReadByte(); if ((MethodInfo & MethodFlags.HasOptional) != 0) { int optionalParamCount = reader.Read7BitEncodedInt(); while (optionalParamCount > 0) { int paramIndex = ((Parameters.Count - 1) - (--optionalParamCount)); ASParameter optionalParameter = Parameters[paramIndex]; optionalParameter.IsOptional = true; optionalParameter.ValueIndex = reader.Read7BitEncodedInt(); optionalParameter.ValueType = (ConstantType)reader.ReadByte(); } } if ((MethodInfo & MethodFlags.HasParamNames) != 0) { foreach (ASParameter parameter in Parameters) parameter.NameIndex = reader.Read7BitEncodedInt(); } }
public bool BypassRemoteHostCheck() { ABCFile abc = _abcFiles[2]; ASInstance commManager = abc.FindInstanceByName("HabboCommunicationManager"); if (commManager == null) return false; // The "host" value is always the first slot, for now. string hostValueSlotName = commManager.FindTraits<SlotConstantTrait>(TraitType.Slot) .Where(t => t.Type.ObjName == "String").ToArray()[0].ObjName; ASMethod initComponent = commManager.FindMethod("initComponent", "void").Method; if (initComponent == null) return false; ASCode initCode = initComponent.Body.Code; using (var inCode = new FlashReader(initCode.ToArray())) using (var outCode = new FlashWriter(inCode.Length)) { int hostSlotIndex = abc.Constants.FindMultinameIndex(hostValueSlotName); while (inCode.Position != inCode.Length) { OPCode op = inCode.ReadOP(); outCode.WriteOP(op); if (op != OPCode.GetLocal_0) continue; op = inCode.ReadOP(); outCode.WriteOP(op); if (op != OPCode.CallPropVoid) continue; int callPropVoidIndex = inCode.Read7BitEncodedInt(); outCode.Write7BitEncodedInt(callPropVoidIndex); int callPropVoidArgCount = inCode.Read7BitEncodedInt(); outCode.Write7BitEncodedInt(callPropVoidArgCount); if (callPropVoidArgCount != 0) continue; int getPropertyNameIndex = abc.Constants .FindMultinameIndex("getProperty"); outCode.WriteOP(OPCode.GetLocal_0); outCode.WriteOP(OPCode.FindPropStrict); outCode.Write7BitEncodedInt(getPropertyNameIndex); outCode.WriteOP(OPCode.PushString); outCode.Write7BitEncodedInt(abc.Constants.PushString("connection.info.host")); outCode.WriteOP(OPCode.CallProperty); outCode.Write7BitEncodedInt(getPropertyNameIndex); outCode.Write7BitEncodedInt(1); outCode.WriteOP(OPCode.InitProperty); outCode.Write7BitEncodedInt(hostSlotIndex); outCode.Write(inCode.ToArray(), inCode.Position, inCode.Length - inCode.Position); do op = inCode.ReadOP(); while (op != OPCode.CallPropVoid); callPropVoidIndex = inCode.Read7BitEncodedInt(); ASMultiname callPropVoidName = abc.Constants.Multinames[callPropVoidIndex]; ASMethod connectMethod = commManager.FindMethod(callPropVoidName.ObjName, "void").Method; RemoveHostSuffix(abc, connectMethod); initCode.Clear(); initCode.AddRange(outCode.ToArray()); return true; } } return false; }
protected void RemoveHostSuffix(ABCFile abc, ASMethod connectMethod) { ASCode connectCode = connectMethod.Body.Code; using (var inCode = new FlashReader(connectCode.ToArray())) using (var outCode = new FlashWriter(inCode.Length)) { int ifNeCount = 0; while (inCode.Position != inCode.Length) { OPCode op = inCode.ReadOP(); outCode.WriteOP(op); if (op == OPCode.IfNe && ++ifNeCount == 2) { var iFNeJumpCount = (int)inCode.ReadS24(); outCode.WriteS24(iFNeJumpCount + 6); continue; } else if (op != OPCode.PushInt) continue; int pushIntIndex = inCode.Read7BitEncodedInt(); int integerValue = abc.Constants.Integers[pushIntIndex]; switch (integerValue) { case 65244: case 65185: case 65191: case 65189: case 65188: case 65174: case 65238: case 65184: case 65171: case 65172: { pushIntIndex = abc.Constants.PushInteger(65290); break; } } outCode.Write7BitEncodedInt(pushIntIndex); } connectCode.Clear(); connectCode.AddRange(outCode.ToArray()); } RemoveDeadFalseConditions(connectCode); }
public MethodGetterSetterTrait(ABCFile abc, FlashReader reader, string objName, TraitType traitType) : this(abc, objName, traitType) { DispId = reader.Read7BitEncodedInt(); MethodIndex = reader.Read7BitEncodedInt(); }
public bool DisableExpirationDateCheck() { ABCFile abc = _abcFiles[2]; ASInstance windowContext = abc.FindInstanceByName("WindowContext"); if (windowContext == null) return false; ASCode methodCode = windowContext.Constructor.Body.Code; using (var inCode = new FlashReader(methodCode.ToArray())) using (var outCode = new FlashWriter(methodCode.Count)) { int setLocal11Itterations = 0; while (inCode.Position != inCode.Length) { OPCode op = inCode.ReadOP(); outCode.WriteOP(op); if (op != OPCode.SetLocal) continue; int setLocalIndex = inCode.Read7BitEncodedInt(); outCode.Write7BitEncodedInt(setLocalIndex); if (setLocalIndex != 11 || (++setLocal11Itterations != 2)) continue; outCode.WriteOP(OPCode.ReturnVoid); outCode.Write(inCode.ToArray(), inCode.Position, inCode.Length - inCode.Position); methodCode.Clear(); methodCode.AddRange(outCode.ToArray()); return true; } } return false; }
public bool ReplaceRSA(int exponent, string modulus) { ABCFile abc = _abcFiles[_abcFiles.Count - 1]; int modulusIndex = abc.Constants.Strings.IndexOf(modulus); if (modulusIndex == -1) { abc.Constants.Strings.Add(modulus); modulusIndex = (abc.Constants.Strings.Count - 1); } string e = exponent.ToString("x"); int exponentIndex = abc.Constants.Strings.IndexOf(e); if (exponentIndex == -1) { abc.Constants.Strings.Add(e); exponentIndex = (abc.Constants.Strings.Count - 1); } int rsaStart = 0; ASInstance commClass = abc.FindInstanceByName("HabboCommunicationDemo"); ASMethod verifier = FindVerifyMethod(commClass, abc, out rsaStart); ASCode verifierCode = verifier.Body.Code; using (var inCode = new FlashReader(verifierCode.ToArray())) using (var outCode = new FlashWriter(inCode.Length)) { bool searchingKeys = true; inCode.Position = rsaStart; outCode.Write(inCode.ToArray(), 0, rsaStart); while (inCode.Position != inCode.Length) { byte codeByte = inCode.ReadByte(); outCode.Write(codeByte); if (!searchingKeys) { outCode.Write(inCode.ToArray(), inCode.Position, inCode.Length - inCode.Position); break; } switch ((OPCode)codeByte) { case OPCode.GetLex: { outCode.Position--; outCode.WriteOP(OPCode.PushString); int typeIndex = inCode.Read7BitEncodedInt(); ASMultiname type = abc.Constants.Multinames[typeIndex]; inCode.ReadOP(); inCode.Read7BitEncodedInt(); inCode.Read7BitEncodedInt(); if (modulusIndex > 0) { outCode.Write7BitEncodedInt(modulusIndex); modulusIndex = -1; } else if (searchingKeys) { outCode.Write7BitEncodedInt(exponentIndex); searchingKeys = false; } break; } case OPCode.PushString: { int stringIndex = inCode.Read7BitEncodedInt(); string value = abc.Constants.Strings[stringIndex]; if (string.IsNullOrWhiteSpace(Modulus)) { Modulus = value; outCode.Write7BitEncodedInt(modulusIndex); } else if (string.IsNullOrWhiteSpace(Exponent)) { Exponent = value; outCode.Write7BitEncodedInt(exponentIndex); searchingKeys = false; } break; } default: continue; } } verifierCode.Clear(); verifierCode.AddRange(outCode.ToArray()); if (!searchingKeys) return true; } return false; }
protected ASMethod FindVerifyMethod(ASInstance instance, ABCFile abc, out int rsaStart) { List<MethodGetterSetterTrait> methodTraits = instance.FindTraits<MethodGetterSetterTrait>(TraitType.Method); rsaStart = -1; foreach (MethodGetterSetterTrait mgsTrait in methodTraits) { ASMethod method = mgsTrait.Method; if (method.ReturnType.ObjName != "void") continue; if (method.Parameters.Count != 1) continue; ASCode methodCode = method.Body.Code; using (var code = new FlashReader(methodCode.ToArray())) { while (code.Position != code.Length) { OPCode op = code.ReadOP(); if (op != OPCode.GetLex) continue; int typeIndex = code.Read7BitEncodedInt(); ASMultiname type = abc.Constants.Multinames[typeIndex]; if (type?.ObjName == "RSAKey") { rsaStart = code.Position; return method; } } } } return null; }
public ClassTrait(ABCFile abc, FlashReader reader, string objName) : this(abc, objName) { SlotId = reader.Read7BitEncodedInt(); ClassIndex = reader.Read7BitEncodedInt(); }
public FunctionTrait(ABCFile abc, FlashReader reader, string objName) : this(abc, objName) { SlotId = reader.Read7BitEncodedInt(); FunctionIndex = reader.Read7BitEncodedInt(); }