87 lines
2.6 KiB
Plaintext
87 lines
2.6 KiB
Plaintext
/*
|
|
文件名:HackerClass.nut
|
|
路径:Dps_A/BaseClass/HackerClass/HackerClass.nut
|
|
创建日期:2024-09-22 11:33
|
|
文件用途:黑客类
|
|
*/
|
|
class _Hacker {
|
|
HookTable = null;
|
|
|
|
HookJumpMemoryTable = null;
|
|
|
|
__strtol__function__address__ = null;
|
|
|
|
NextReturnAddress = null;
|
|
|
|
constructor() {
|
|
HookTable = {};
|
|
HookJumpMemoryTable = {};
|
|
}
|
|
|
|
|
|
function UnLoadHook(AddressStr) {
|
|
Sq_DeHookFunc(HookTable[AddressStr]);
|
|
}
|
|
|
|
function LoadHook(AddressStr, ArgumentArr, EnterFunc, LeaveFunc) {
|
|
//如果已经HOOK过 需要先卸载原来的HOOK
|
|
if (HookTable.rawin(AddressStr)) {
|
|
UnLoadHook(AddressStr);
|
|
print("地址: " + AddressStr + " 已经装载了Hook,本次操作将会卸载之前的Hook在执行。")
|
|
}
|
|
|
|
local Controler = Sq_HookFunc(S_Ptr(AddressStr), ArgumentArr, EnterFunc, LeaveFunc);
|
|
HookTable.rawset(AddressStr, Controler);
|
|
}
|
|
|
|
|
|
function HexStringToInt(Str) {
|
|
if (!__strtol__function__address__) __strtol__function__address__ = Module.getExportByName(null, "strtol");
|
|
local Ret = Sq_CallFunc(__strtol__function__address__, "int", ["pointer", "pointer", "int"], Memory.allocUtf8String(Str).C_Object, Memory.alloc(0), 16);
|
|
return Ret;
|
|
}
|
|
|
|
function AsmGenerateMcd(...) {
|
|
local CodeArr = [];
|
|
local CurCode = "";
|
|
try {
|
|
foreach(Str in vargv) {
|
|
CurCode = Str;
|
|
local Code = Sq_Asmjit_Compile(Str);
|
|
CodeArr.extend(Code);
|
|
}
|
|
} catch (exception) {
|
|
error("汇编代码有误,错误行: " + CurCode);
|
|
}
|
|
return CodeArr;
|
|
}
|
|
|
|
function InsertCode(Address, Code) {
|
|
//置入代码的大小
|
|
local CodeSize = Code.len();
|
|
//申请一块内存
|
|
local MemBuffer = Memory.alloc(CodeSize);
|
|
//记录
|
|
HookJumpMemoryTable.rawset(Address, MemBuffer);
|
|
//写入置入的代码
|
|
MemBuffer.writeByteArray(Code);
|
|
|
|
//计算偏移
|
|
local Offset = Sq_PointerOperationPointer(MemBuffer.C_Object, Sq_PointerOperation(S_Ptr(Address), 5, "+"), "-");
|
|
local Str = "" + Offset;
|
|
Str = Str.slice(Str.find("0x") + 4, -1);
|
|
local JumpCodeArr = [0xE9];
|
|
for (local i = 0; i< 4; i++) {
|
|
local Index = -2 * (i + 1);
|
|
local StrBuffer = "0x" + (Str.slice(Index).slice(0, 2));
|
|
JumpCodeArr.push(HexStringToInt(StrBuffer));
|
|
}
|
|
Sq_WriteByteArr(S_Ptr(Address), JumpCodeArr);
|
|
}
|
|
}
|
|
|
|
function _Haker_SetNextReturnAddress(Address) {
|
|
Haker.NextReturnAddress = "" + Address;
|
|
}
|
|
//初始化Hacker
|
|
Haker <- _Hacker(); |