public static UnmanagedObject Create(Type unmanagedinterface, IntPtr address) { UnmanagedObject toreturn; WeakReference wr; if (KnownObjects.ContainsKey((uint)address)) { wr = KnownObjects[(uint)address]; if (wr.IsAlive) { return((UnmanagedObject)wr.Target); } else { toreturn = new UnmanagedObject(unmanagedinterface, address); KnownObjects.Remove((uint)address); KnownObjects.Add((uint)address, new WeakReference(toreturn)); } } else { toreturn = new UnmanagedObject(unmanagedinterface, address); KnownObjects.Add((uint)address, new WeakReference(toreturn)); } //early marshal, we need the URI ObjRef test = RemotingServices.Marshal(toreturn); //marshal local proxy with related URI, so we can always find it from a reference to this object RemotingServices.SetObjectUriForMarshal(toreturn.LocalProxy, test.URI + "_LOCALPROXY"); RemotingServices.Marshal(toreturn.LocalProxy); return(toreturn); }
internal static object MarshalFromUnmanaged(uint tomarshal, UnmanagedType type, uint sizeconst, Type knowntype) { if (type == UnmanagedType.Interface) { if (knowntype == typeof(UnmanagedBuffer)) { return((object)new UnmanagedBuffer((IntPtr)tomarshal)); } else { return(UnmanagedObject.Create(knowntype, (IntPtr)tomarshal)); } } else if (type == UnmanagedType.LPStruct) { UnmanagedBuffer buff = new UnmanagedBuffer((IntPtr)tomarshal); return(buff.ReadAt(0, knowntype)); } else if (type == UnmanagedType.LPWStr) { UnmanagedBuffer buff = new UnmanagedBuffer((IntPtr)tomarshal); return((object)buff.ReadUnicodeStringAt(0)); } else if (type == UnmanagedType.LPStr) { UnmanagedBuffer buff = new UnmanagedBuffer((IntPtr)tomarshal); return((object)buff.ReadStringAt(0)); } else { return((object)tomarshal); } }
public UnmanagedProxy(Type unmanagedinterface, IntPtr address, UnmanagedObject tokeepalive) { m_ToKeepAlive = tokeepalive; m_Interface = unmanagedinterface; m_Address = address; EventInfo[] events = unmanagedinterface.GetEvents(); if (events.Length > 0) { m_EventsByAddHandler = new Dictionary <int, UnmanagedEvent>(events.Length); m_EventsByRemoveHandler = new Dictionary <int, UnmanagedEvent>(events.Length); } foreach (EventInfo ev in events) { UnmanagedEvent uev; object[] attribs = ev.GetCustomAttributes(typeof(UHookAttribute), true); if (attribs.Length > 0) { UHookAttribute uha = (UHookAttribute)attribs[0]; if (uha.IsVtblHook) { UnmanagedBuffer tempbuffer = new UnmanagedBuffer((IntPtr)address); uint m_addr = tempbuffer.ReadAt <uint>(0); uev = new UnmanagedEvent(ev, (uint)m_addr + 4 * uha.Address, uha.StackSize, uha.IsVtblHook, uha.IsEarly); } else { uint m_addr = (uint)UOCallibration.Callibrations[uha.Address]; uev = new UnmanagedEvent(ev, m_addr, uha.StackSize, uha.IsVtblHook, uha.IsEarly); } m_EventsByAddHandler.Add((int)ev.GetAddMethod().MethodHandle.Value, uev); m_EventsByRemoveHandler.Add((int)ev.GetRemoveMethod().MethodHandle.Value, uev); } else if ((attribs = ev.GetCustomAttributes(typeof(UForwardAttribute), true)).Length > 0) { uev = new UnmanagedEvent((UForwardAttribute)attribs[0]); m_EventsByAddHandler.Add((int)ev.GetAddMethod().MethodHandle.Value, uev); m_EventsByRemoveHandler.Add((int)ev.GetRemoveMethod().MethodHandle.Value, uev); } } }
//only one instance is ever created; when requesting a reference (proxy) //through remoting from the user app public Client() { m_Client = this;//keep us alive /* * * //for debugging purposes, this object is on the client app (injected code) * //the VS debugger has no access to it... * //...so a console is our only source of debugging info (or attaching IDA to the client would work too ofc) * * Imports.AllocConsole(); * */ //create IClient proxy //this is what we will return to the user app //the UnmanagedObject has all calls intercepted on a proxy //which allows us to forward calls to unmanaged functions (actual client functions) m_ActualClient = (IClient)UnmanagedObject.Create(typeof(IClient), IntPtr.Zero); drop_msg_message = Imports.RegisterWindowMessage("drop_msg_message");//dummy message.. changing an msg.message to this will make sure the client doesn't handle it //callibrations: try { UOCallibration.Callibrate(ProcessHandler.CurrentProcess); } catch (Exception e) { m_CallibrationException = e; } m_PacketInfo = new UnmanagedBuffer((IntPtr)UOCallibration.Callibrations[(uint)UOCallibration.CallibratedFeatures.pPacketInfo]); m_Hooks.Add(LocalHook.Hook((uint)UOCallibration.Callibrations[(uint)UOCallibration.CallibratedFeatures.GeneralPurposeHookAddress], 0, false)); m_Hooks[0].onCall += new LocalHook.OnCallDelegate(Client_onTick); }