Update README

2025-01-25 02:03:02 -03:00 · 2019-11-06 20:15:03 +08:00 · 2019-11-06 20:15:03 +08:00 · 6a4bcb1da3
commit 6a4bcb1da3
parent 4acaa949b5
2 changed files with 64 additions and 27 deletions
--- a/README.md
+++ b/README.md
@ -6,8 +6,6 @@

 Extract .NET metadata from il2cpp binaries. (types, methods, fields, etc.)

-Extraction code is based on [Il2CppDumper](https://github.com/Jumboperson/Il2CppDumper)  
-
 ## Features

 * Supports il2cpp binaries in ELF, ELF64, Mach-O, PE and NSO format
@ -21,7 +19,13 @@ Extraction code is based on [Il2CppDumper](https://github.com/Jumboperson/Il2Cpp

 ## Usage

-Run `Il2CppDumper.exe` and choose the main il2cpp executable (in ELF, Mach-O or PE format) and `global-metadata.dat` file, then select the extraction mode. The program will then generate all the output files in current working directory.
+```
+Il2CppDumper.exe <executable-file> <global-metadata> [unityVersion] [mode]
+```
+
+Or run `Il2CppDumper.exe` and choose the il2cpp executable file and `global-metadata.dat` file, then enter the information as prompted.
+
+The program will then generate all the output files in current working directory.

 ### Extraction Modes

@ -29,9 +33,9 @@ Run `Il2CppDumper.exe` and choose the main il2cpp executable (in ELF, Mach-O or

 The parameters (`CodeRegistration` and `MetadataRegistration`) that are passed to `il2cpp::vm::MetadataCache::Register()` needs to be manually reverse engineered and passed to the program.

-#### Auto
+#### Auto - Obsolete

-Automatically finds the `il2cpp_codegen_register()` function by signature matching and read out the first (`CodeRegistration`) and second (`MetadataRegistration`) parameter passed to the `il2cpp::vm::MetadataCache::Register()` method that will be invoked in the registration function. May not work well due to compiler optimizations.
+~~Automatically finds the `il2cpp_codegen_register()` function by signature matching and read out the first (`CodeRegistration`) and second (`MetadataRegistration`) parameter passed to the `il2cpp::vm::MetadataCache::Register()` method that will be invoked in the registration function. May not work well due to compiler optimizations.~~

 #### Auto(Plus) - **Recommended**

@ -45,7 +49,7 @@ only `CodeRegistration` address can be found on metadata version 16

 Uses symbols in the il2cpp binary to locate `CodeRegistration` and `MetadataRegistration`.

-Only supports certain Android ELF files.
+Only supports ELF format file.

 ### Output files

@ -57,13 +61,20 @@ C# pseudocode. Can be viewed in text editors (syntax highlighting recommended)

 Requires IDA and IDAPython. Can be loaded in IDA via `File -> Script file`.

+#### stringliteral.json
+
+Contains all stringLiteral information
+
 #### DummyDll

-DLLs generated by Mono.Cecil which contain the .NET metadata extracted from the binary (no code included). Can be viewed in .NET decompilers.
+DLLs generated by Mono.Cecil which contain the .NET metadata extracted from the binary (no code included).
+
+Can be used for deserialization of MonoBehaviour.

 ### Configuration

 All the configuration options are located in `config.json`
+
 Available options:

 * `DumpMethod`, `DumpField`, `DumpProperty`, `DumpAttribute`, `DumpFieldOffset`, `DumpMethodOffset`, `DumpTypeDefIndex`
@ -72,6 +83,9 @@ Available options:
 * `DummyDll`
  * Whether or not the program should generate dummy DLLs

+* `MakeFunction`
+  * Whether to add the MakeFunction code in script.py
+
 * `ForceIl2CppVersion`, `ForceVersion`
  * If `ForceIl2CppVersion` is `true`, the program will use the version number specified in `ForceVersion` to choose parser for il2cpp binaries (does not affect the choice of metadata parser). This may be useful on some older il2cpp version (e.g. the program may need to use v16 parser on ilcpp v20 (Android) binaries in order to work properly)

@ -86,3 +100,7 @@ The specified `global-metadata.dat` is invalid and the program cannot recognize
 Try other extraction modes.

 If all automated extraction modes failed with this error and you are sure that the files you supplied are not corrupted/obfuscated, please file an issue with the logs and sample files.
+
+## Credits
+
+- Jumboperson - [Il2CppDumper](https://github.com/Jumboperson/Il2CppDumper)
--- a/README.zh-CN.md
+++ b/README.zh-CN.md
@ -1,7 +1,8 @@
 # Il2CppDumper
-[![Build status](https://ci.appveyor.com/api/projects/status/anhqw33vcpmp8ofa?svg=true)](https://ci.appveyor.com/project/Perfare/il2cppdumper/branch/master/artifacts)  
-从il2cpp中获取types, methods, fields等等数据  
-基础逻辑代码来源于[Il2CppDumper](https://github.com/Jumboperson/Il2CppDumper)  
+
+[![Build status](https://ci.appveyor.com/api/projects/status/anhqw33vcpmp8ofa?svg=true)](https://ci.appveyor.com/project/Perfare/il2cppdumper/branch/master/artifacts)
+
+从il2cpp文件中获取types, methods, fields等等数据

 ## 功能
 * 支持ELF, ELF64, Mach-O, PE和NSO格式
@ -14,13 +15,20 @@
 * 生成DummyDll

 ## 使用说明
-运行Il2CppDumper.exe并依次选择il2cpp的可执行文件（ELF，Mach-O或者PE文件）和global-metadata.dat文件，然后选择运行的模式，将在程序运行目录下生成dump.cs文件和script.py脚本
+
+```
+Il2CppDumper.exe <executable-file> <global-metadata> [unityVersion] [mode]
+```
+
+或者直接运行Il2CppDumper.exe并依次选择il2cpp的可执行文件和global-metadata.dat文件，然后根据提示输入相应信息。
+
+将在程序运行目录下生成输出文件

 ### 关于模式
 #### Manual
 你需要手动输入`CodeRegistration`和`MetadataRegistration`的指针地址，一般需要依靠反汇编工具来获取地址
-#### Auto
-通过函数的特征字节找到`il2cpp_codegen_register`函数并获取传入`il2cpp::vm::MetadataCache::Register`中的参数1（`CodeRegistration`）和参数2（`MetadataRegistration`）。由于不同编译器优化差异，很多情况下无法正常工作。
+#### Auto - 已弃用
+~~通过函数的特征字节找到`il2cpp_codegen_register`函数并获取传入`il2cpp::vm::MetadataCache::Register`中的参数1（`CodeRegistration`）和参数2（`MetadataRegistration`）。由于不同编译器优化差异，很多情况下无法正常工作。~~
 #### Auto(Plus) - **优先使用此模式**
 以metadata的数据作为依据，指针特征作为判读条件进行搜索。

@ -29,30 +37,41 @@
 在16版本下只能获取到`CodeRegistration`地址

 #### Auto(Symbol)
-目前只支持ELF，使用自带的符号进行处理。
+只支持ELF，使用自带的符号进行处理。

-### 关于dump.cs
+### 输出文件
+
+#### dump.cs
 文本文件，推荐使用有c#语法高亮的编辑器打开

-### 关于script.py
+#### script.py
 需要安装IDA所需的python。在IDA中File-Script file选择script.py运行即可，会重命名methodName，添加stringLiteral注释和MakeFunction

-### 关于DummyDll
-利用Mono.Cecil生成的仿制Dll，使用反编译工具进行查看  
+#### stringliteral.json
+包含所有stringLiteral信息
+
+#### DummyDll
+利用Mono.Cecil生成的仿制Dll，可用于MonoBehaviour的反序列化

 ### 关于config.json
-`DumpMethod`，`DumpField`，`DumpProperty`，`DumpAttribute`，`DumpFieldOffset`, `DumpMethodOffset`, `DumpTypeDefIndex`
-控制程序是否在dump.cs输出相应的内容  
+* `DumpMethod`，`DumpField`，`DumpProperty`，`DumpAttribute`，`DumpFieldOffset`, `DumpMethodOffset`, `DumpTypeDefIndex`
+  * 是否在dump.cs输出相应的内容

-`DummyDll`  
-控制程序是否生成DummyDll  
+* `DummyDll`
+  * 是否生成DummyDll

-`ForceIl2CppVersion`，`ForceVersion`  
-当ForceIl2CppVersion为true时，程序将根据ForceVersion指定的版本读取il2cpp的可执行文件（Metadata仍然使用header里的版本），在部分低版本的il2cpp中可能会用到（比如安卓20版本下，你可能需要设置ForceVersion为16程序才能正常工作）  
+* `MakeFunction`
+  * 是否在script.py中添加MakeFunction代码
+
+* `ForceIl2CppVersion`，`ForceVersion`  
+  * 当ForceIl2CppVersion为true时，程序将根据ForceVersion指定的版本读取il2cpp的可执行文件（Metadata仍然使用header里的版本），在部分低版本的il2cpp中可能会用到（比如安卓20版本下，你可能需要设置ForceVersion为16程序才能正常工作）

 ## 常见问题
-#### `ERROR: Metadata file supplied is not valid metadata file.`  
-global-metadata.dat不是一个有效的metadata文件，通常是因为游戏加密了global-metadata.dat文件。关于解密的问题最好去相关破解论坛寻求帮助，请不要在issues提问！  
+#### `ERROR: Metadata file supplied is not valid metadata file.`
+global-metadata.dat不是一个有效的metadata文件，通常是因为游戏加密了global-metadata.dat文件。关于解密的问题最好去相关破解论坛寻求帮助，请不要在issues提问！

-#### `ERROR: Can't use this mode to process file, try another mode.`  
+#### `ERROR: Can't use this mode to process file, try another mode.`
 当所有自动模式都无法工作时，确认可执行文件未加壳或受保护后，你可以打开一个新的issue，并上传文件，我会尝试解决
+
+## 感谢
+- Jumboperson - [Il2CppDumper](https://github.com/Jumboperson/Il2CppDumper)