mirror of
https://github.com/Perfare/Il2CppDumper.git
synced 2025-01-10 03:27:28 -03:00
Macho加密判断
This commit is contained in:
parent
6200b9e84a
commit
4dc37fa71e
2 changed files with 73 additions and 53 deletions
|
@ -25,34 +25,44 @@ namespace Il2CppDumper
|
||||||
var pos = Position;
|
var pos = Position;
|
||||||
var cmd = ReadUInt32();
|
var cmd = ReadUInt32();
|
||||||
var cmdsize = ReadUInt32();
|
var cmdsize = ReadUInt32();
|
||||||
if (cmd == 1) //LC_SEGMENT
|
switch (cmd)
|
||||||
{
|
{
|
||||||
var segname = Encoding.UTF8.GetString(ReadBytes(16)).TrimEnd('\0');
|
case 1: //LC_SEGMENT
|
||||||
if (segname == "__TEXT") //__PAGEZERO
|
var segname = Encoding.UTF8.GetString(ReadBytes(16)).TrimEnd('\0');
|
||||||
{
|
if (segname == "__TEXT") //__PAGEZERO
|
||||||
vmaddr = ReadUInt32();
|
{
|
||||||
}
|
vmaddr = ReadUInt32();
|
||||||
else
|
}
|
||||||
{
|
else
|
||||||
Position += 4;
|
{
|
||||||
}
|
Position += 4;
|
||||||
Position += 20; //skip vmsize, fileoff, filesize, maxprot, initprot
|
}
|
||||||
var nsects = ReadUInt32();
|
Position += 20; //skip vmsize, fileoff, filesize, maxprot, initprot
|
||||||
Position += 4; //skip flags
|
var nsects = ReadUInt32();
|
||||||
for (var j = 0; j < nsects; j++)
|
Position += 4; //skip flags
|
||||||
{
|
for (var j = 0; j < nsects; j++)
|
||||||
var section = new MachoSection();
|
{
|
||||||
sections.Add(section);
|
var section = new MachoSection();
|
||||||
section.sectname = Encoding.UTF8.GetString(ReadBytes(16)).TrimEnd('\0');
|
sections.Add(section);
|
||||||
Position += 16; //skip segname
|
section.sectname = Encoding.UTF8.GetString(ReadBytes(16)).TrimEnd('\0');
|
||||||
section.addr = ReadUInt32();
|
Position += 16; //skip segname
|
||||||
section.size = ReadUInt32();
|
section.addr = ReadUInt32();
|
||||||
section.offset = ReadUInt32();
|
section.size = ReadUInt32();
|
||||||
Position += 12; //skip align, reloff, nreloc
|
section.offset = ReadUInt32();
|
||||||
section.flags = ReadUInt32();
|
Position += 12; //skip align, reloff, nreloc
|
||||||
section.end = section.addr + section.size;
|
section.flags = ReadUInt32();
|
||||||
Position += 8; //skip reserved1, reserved2
|
section.end = section.addr + section.size;
|
||||||
}
|
Position += 8; //skip reserved1, reserved2
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case 0x21: //LC_ENCRYPTION_INFO
|
||||||
|
Position += 8;
|
||||||
|
var cryptID = ReadUInt32();
|
||||||
|
if (cryptID != 0)
|
||||||
|
{
|
||||||
|
Console.WriteLine("ERROR: This Mach-O executable is encrypted and cannot be processed.");
|
||||||
|
}
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
Position = pos + cmdsize;//next
|
Position = pos + cmdsize;//next
|
||||||
}
|
}
|
||||||
|
|
|
@ -24,34 +24,44 @@ namespace Il2CppDumper
|
||||||
var pos = Position;
|
var pos = Position;
|
||||||
var cmd = ReadUInt32();
|
var cmd = ReadUInt32();
|
||||||
var cmdsize = ReadUInt32();
|
var cmdsize = ReadUInt32();
|
||||||
if (cmd == 0x19) //LC_SEGMENT_64
|
switch (cmd)
|
||||||
{
|
{
|
||||||
var segname = Encoding.UTF8.GetString(ReadBytes(16)).TrimEnd('\0');
|
case 0x19: //LC_SEGMENT_64
|
||||||
if (segname == "__TEXT") //__PAGEZERO
|
var segname = Encoding.UTF8.GetString(ReadBytes(16)).TrimEnd('\0');
|
||||||
{
|
if (segname == "__TEXT") //__PAGEZERO
|
||||||
vmaddr = ReadUInt64();
|
{
|
||||||
}
|
vmaddr = ReadUInt64();
|
||||||
else
|
}
|
||||||
{
|
else
|
||||||
|
{
|
||||||
|
Position += 8;
|
||||||
|
}
|
||||||
|
Position += 32; //skip vmsize, fileoff, filesize, maxprot, initprot
|
||||||
|
var nsects = ReadUInt32();
|
||||||
|
Position += 4; //skip flags
|
||||||
|
for (var j = 0; j < nsects; j++)
|
||||||
|
{
|
||||||
|
var section = new MachoSection64Bit();
|
||||||
|
sections.Add(section);
|
||||||
|
section.sectname = Encoding.UTF8.GetString(ReadBytes(16)).TrimEnd('\0');
|
||||||
|
Position += 16; //skip segname
|
||||||
|
section.addr = ReadUInt64();
|
||||||
|
section.size = ReadUInt64();
|
||||||
|
section.offset = ReadUInt32();
|
||||||
|
Position += 12; //skip align, reloff, nreloc
|
||||||
|
section.flags = ReadUInt32();
|
||||||
|
section.end = section.addr + section.size;
|
||||||
|
Position += 12; //skip reserved1, reserved2, reserved3
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case 0x2C: //LC_ENCRYPTION_INFO_64
|
||||||
Position += 8;
|
Position += 8;
|
||||||
}
|
var cryptID = ReadUInt32();
|
||||||
Position += 32; //skip vmsize, fileoff, filesize, maxprot, initprot
|
if (cryptID != 0)
|
||||||
var nsects = ReadUInt32();
|
{
|
||||||
Position += 4; //skip flags
|
Console.WriteLine("ERROR: This Mach-O executable is encrypted and cannot be processed.");
|
||||||
for (var j = 0; j < nsects; j++)
|
}
|
||||||
{
|
break;
|
||||||
var section = new MachoSection64Bit();
|
|
||||||
sections.Add(section);
|
|
||||||
section.sectname = Encoding.UTF8.GetString(ReadBytes(16)).TrimEnd('\0');
|
|
||||||
Position += 16; //skip segname
|
|
||||||
section.addr = ReadUInt64();
|
|
||||||
section.size = ReadUInt64();
|
|
||||||
section.offset = ReadUInt32();
|
|
||||||
Position += 12; //skip align, reloff, nreloc
|
|
||||||
section.flags = ReadUInt32();
|
|
||||||
section.end = section.addr + section.size;
|
|
||||||
Position += 12; //skip reserved1, reserved2, reserved3
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
Position = pos + cmdsize;//skip
|
Position = pos + cmdsize;//skip
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue