更新ida脚本

2025-01-10 03:27:28 -03:00 · 2020-08-19 13:40:38 +08:00 · 2020-08-19 13:40:38 +08:00 · 2fd3624288
commit 2fd3624288
parent bb3e53cf36
6 changed files with 189 additions and 16 deletions
--- a/Il2CppDumper/Il2CppDumper.csproj
+++ b/Il2CppDumper/Il2CppDumper.csproj
@ -28,9 +28,15 @@
    <None Update="ida.py">
      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
    </None>
+    <None Update="ida_py3.py">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
    <None Update="ida_with_struct.py">
      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
    </None>
+    <None Update="ida_with_struct_py3.py">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </None>
  </ItemGroup>

 </Project>
--- a/Il2CppDumper/Outputs/ScriptGenerator.cs
+++ b/Il2CppDumper/Outputs/ScriptGenerator.cs
@ -738,8 +738,10 @@ namespace Il2CppDumper
            {
                var parentStructName = info.Parent + "_o";
                pre.Append(RecursionStructInfo(structInfoWithStructName[parentStructName]));
-                sb.Append($"struct {info.TypeName}_Fields {{\n");
-                sb.Append($"\t{info.Parent}_Fields _;\n");
+                sb.Append($"struct {info.TypeName}_Fields : {info.Parent}_Fields {{\n");
+                // C style
+                //sb.Append($"struct {info.TypeName}_Fields {{\n");
+                //sb.Append($"\t{info.Parent}_Fields _;\n");
            }
            else
            {
--- a/Il2CppDumper/ida.py
+++ b/Il2CppDumper/ida.py
@ -31,6 +31,13 @@ def make_function(start, end):
 path = idaapi.ask_file(False, '*.json', 'script.json from Il2cppdumper')
 data = json.loads(open(path, 'rb').read().decode('utf-8'))

+if "Addresses" in data and "Addresses" in processFields:
+	addresses = data["Addresses"]
+	for index in range(len(addresses) - 1):
+		start = get_addr(addresses[index])
+		end = get_addr(addresses[index + 1])
+		make_function(start, end)
+
 if "ScriptMethod" in data and "ScriptMethod" in processFields:
 	scriptMethods = data["ScriptMethod"]
 	for scriptMethod in scriptMethods:
@ -67,12 +74,5 @@ if "ScriptMetadataMethod" in data and "ScriptMetadataMethod" in processFields:
 		idc.set_cmt(addr, name, 1)
 		idc.set_cmt(addr, '{0:X}'.format(methodAddr), 0)

-if "Addresses" in data and "Addresses" in processFields:
-	addresses = data["Addresses"]
-	for index in range(len(addresses) - 1):
-		start = get_addr(addresses[index])
-		end = get_addr(addresses[index + 1])
-		make_function(start, end)
-
 print 'Script finished!'

--- a/Il2CppDumper/ida_py3.py
+++ b/Il2CppDumper/ida_py3.py
@ -0,0 +1,78 @@
+# -*- coding: utf-8 -*-
+import json
+
+processFields = [
+	"ScriptMethod",
+	"ScriptString",
+	"ScriptMetadata",
+	"ScriptMetadataMethod",
+	"Addresses",
+]
+
+imageBase = idaapi.get_imagebase()
+
+def get_addr(addr):
+	return imageBase + addr
+
+def set_name(addr, name):
+	ret = idc.set_name(addr, name, SN_NOWARN | SN_NOCHECK)
+	if ret == 0:
+		new_name = name + '_' + str(addr)
+		ret = idc.set_name(addr, new_name, SN_NOWARN | SN_NOCHECK)
+
+def make_function(start, end):
+	next_func = idc.get_next_func(start)
+	if next_func < end:
+		end = next_func
+	if idc.get_func_attr(start, FUNCATTR_START) == start:
+		ida_funcs.del_func(start)
+	ida_funcs.add_func(start, end)
+
+path = idaapi.ask_file(False, '*.json', 'script.json from Il2cppdumper')
+data = json.loads(open(path, 'rb').read().decode('utf-8'))
+
+if "Addresses" in data and "Addresses" in processFields:
+	addresses = data["Addresses"]
+	for index in range(len(addresses) - 1):
+		start = get_addr(addresses[index])
+		end = get_addr(addresses[index + 1])
+		make_function(start, end)
+
+if "ScriptMethod" in data and "ScriptMethod" in processFields:
+	scriptMethods = data["ScriptMethod"]
+	for scriptMethod in scriptMethods:
+		addr = get_addr(scriptMethod["Address"])
+		name = scriptMethod["Name"]
+		set_name(addr, name)
+
+if "ScriptString" in data and "ScriptString" in processFields:
+	index = 1
+	scriptStrings = data["ScriptString"]
+	for scriptString in scriptStrings:
+		addr = get_addr(scriptString["Address"])
+		value = scriptString["Value"]
+		name = "StringLiteral_" + str(index)
+		idc.set_name(addr, name, SN_NOWARN)
+		idc.set_cmt(addr, value, 1)
+		index += 1
+
+if "ScriptMetadata" in data and "ScriptMetadata" in processFields:
+	scriptMetadatas = data["ScriptMetadata"]
+	for scriptMetadata in scriptMetadatas:
+		addr = get_addr(scriptMetadata["Address"])
+		name = scriptMetadata["Name"]
+		set_name(addr, name)
+		idc.set_cmt(addr, name, 1)
+
+if "ScriptMetadataMethod" in data and "ScriptMetadataMethod" in processFields:
+	scriptMetadataMethods = data["ScriptMetadataMethod"]
+	for scriptMetadataMethod in scriptMetadataMethods:
+		addr = get_addr(scriptMetadataMethod["Address"])
+		name = scriptMetadataMethod["Name"]
+		methodAddr = get_addr(scriptMetadataMethod["MethodAddress"])
+		set_name(addr, name)
+		idc.set_cmt(addr, name, 1)
+		idc.set_cmt(addr, '{0:X}'.format(methodAddr), 0)
+
+print('Script finished!')
+
--- a/Il2CppDumper/ida_with_struct.py
+++ b/Il2CppDumper/ida_with_struct.py
@ -33,6 +33,13 @@ hpath = idaapi.ask_file(False, '*.h', 'il2cpp.h from Il2cppdumper')
 parse_decls(open(hpath, 'rb').read(), 0)
 data = json.loads(open(path, 'rb').read().decode('utf-8'))

+if "Addresses" in data and "Addresses" in processFields:
+	addresses = data["Addresses"]
+	for index in range(len(addresses) - 1):
+		start = get_addr(addresses[index])
+		end = get_addr(addresses[index + 1])
+		make_function(start, end)
+
 if "ScriptMethod" in data and "ScriptMethod" in processFields:
 	scriptMethods = data["ScriptMethod"]
 	for scriptMethod in scriptMethods:
@ -76,12 +83,5 @@ if "ScriptMetadataMethod" in data and "ScriptMetadataMethod" in processFields:
 		idc.set_cmt(addr, name, 1)
 		idc.set_cmt(addr, '{0:X}'.format(methodAddr), 0)

-if "Addresses" in data and "Addresses" in processFields:
-	addresses = data["Addresses"]
-	for index in range(len(addresses) - 1):
-		start = get_addr(addresses[index])
-		end = get_addr(addresses[index + 1])
-		make_function(start, end)
-
 print 'Script finished!'

--- a/Il2CppDumper/ida_with_struct_py3.py
+++ b/Il2CppDumper/ida_with_struct_py3.py
@ -0,0 +1,87 @@
+# -*- coding: utf-8 -*-
+import json
+
+processFields = [
+	"ScriptMethod",
+	"ScriptString",
+	"ScriptMetadata",
+	"ScriptMetadataMethod",
+	"Addresses",
+]
+
+imageBase = idaapi.get_imagebase()
+
+def get_addr(addr):
+	return imageBase + addr
+
+def set_name(addr, name):
+	ret = idc.set_name(addr, name, SN_NOWARN | SN_NOCHECK)
+	if ret == 0:
+		new_name = name + '_' + str(addr)
+		ret = idc.set_name(addr, new_name, SN_NOWARN | SN_NOCHECK)
+
+def make_function(start, end):
+	next_func = idc.get_next_func(start)
+	if next_func < end:
+		end = next_func
+	if idc.get_func_attr(start, FUNCATTR_START) == start:
+		ida_funcs.del_func(start)
+	ida_funcs.add_func(start, end)
+
+path = idaapi.ask_file(False, '*.json', 'script.json from Il2cppdumper')
+hpath = idaapi.ask_file(False, '*.h', 'il2cpp.h from Il2cppdumper')
+parse_decls(open(hpath, 'r').read(), 0)
+data = json.loads(open(path, 'rb').read().decode('utf-8'))
+
+if "Addresses" in data and "Addresses" in processFields:
+	addresses = data["Addresses"]
+	for index in range(len(addresses) - 1):
+		start = get_addr(addresses[index])
+		end = get_addr(addresses[index + 1])
+		make_function(start, end)
+
+if "ScriptMethod" in data and "ScriptMethod" in processFields:
+	scriptMethods = data["ScriptMethod"]
+	for scriptMethod in scriptMethods:
+		addr = get_addr(scriptMethod["Address"])
+		name = scriptMethod["Name"]
+		set_name(addr, name)
+		signature = scriptMethod["Signature"]
+		if apply_type(addr, parse_decl(signature, 0), 1) == False:
+			print("apply_type failed:", hex(addr), signature)
+
+if "ScriptString" in data and "ScriptString" in processFields:
+	index = 1
+	scriptStrings = data["ScriptString"]
+	for scriptString in scriptStrings:
+		addr = get_addr(scriptString["Address"])
+		value = scriptString["Value"]
+		name = "StringLiteral_" + str(index)
+		idc.set_name(addr, name, SN_NOWARN)
+		idc.set_cmt(addr, value, 1)
+		index += 1
+
+if "ScriptMetadata" in data and "ScriptMetadata" in processFields:
+	scriptMetadatas = data["ScriptMetadata"]
+	for scriptMetadata in scriptMetadatas:
+		addr = get_addr(scriptMetadata["Address"])
+		name = scriptMetadata["Name"]
+		set_name(addr, name)
+		idc.set_cmt(addr, name, 1)
+		if scriptMetadata["Signature"] is not None:
+			signature = scriptMetadata["Signature"]
+			if apply_type(addr, parse_decl(signature, 0), 1) == False:
+				print("apply_type failed:", hex(addr), signature)
+
+if "ScriptMetadataMethod" in data and "ScriptMetadataMethod" in processFields:
+	scriptMetadataMethods = data["ScriptMetadataMethod"]
+	for scriptMetadataMethod in scriptMetadataMethods:
+		addr = get_addr(scriptMetadataMethod["Address"])
+		name = scriptMetadataMethod["Name"]
+		methodAddr = get_addr(scriptMetadataMethod["MethodAddress"])
+		set_name(addr, name)
+		idc.set_cmt(addr, name, 1)
+		idc.set_cmt(addr, '{0:X}'.format(methodAddr), 0)
+
+print('Script finished!')
+