IL2Cpp/Il2CppDumper
1
0
Fork 0
mirror of https://github.com/Perfare/Il2CppDumper.git synced 2025-01-09 19:27:17 -03:00
Code Issues Projects Releases Packages Wiki Activity

完善PlusSearch

Browse source
This commit is contained in:
Perfare 2020-08-17 20:50:33 +08:00
parent 66528fb843
commit 900f0b1054
3 changed files with 68 additions and 166 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
Il2CppDumper/IO/BinaryStream.cs
View file

@ -219,7 +219,12 @@ namespace Il2CppDumper
return Encoding.UTF8.GetString(bytes.ToArray());
}
public ulong ReadPointer()
public long ReadIntPtr()
{
return Is32Bit ? ReadInt32() : ReadInt64();
}
public ulong ReadUIntPtr()
{
return Is32Bit ? ReadUInt32() : ReadUInt64();
}

2
Il2CppDumper/Il2Cpp/Il2Cpp.cs
View file

@ -268,7 +268,7 @@ namespace Il2CppDumper
{
var customAttributeCacheGenerator = codeGenModules[imageName].customAttributeCacheGenerator;
Position = MapVATR(customAttributeCacheGenerator) + PointerSize * (ulong)generatorIndex;
return ReadPointer();
return ReadUIntPtr();
}
return customAttributeGenerators[attributeIndex];
}

225
Il2CppDumper/Utils/PlusSearch.cs
View file

@ -159,81 +159,39 @@ namespace Il2CppDumper
public ulong FindCodeRegistration()
{
if (il2Cpp.Is32Bit)
{
if (il2Cpp.Version >= 24.2)
{
return FindCodeRegistration32Bit2019();
}
return FindCodeRegistration32Bit();
}
if (il2Cpp.Version >= 24.2)
{
return FindCodeRegistration64Bit2019();
return FindCodeRegistration2019();
}
return FindCodeRegistration64Bit();
return FindCodeRegistrationOld();
}
public ulong FindMetadataRegistration()
{
if (il2Cpp.Version < 19 || il2Cpp.Version >= 27)
if (il2Cpp.Version < 19)
{
return 0;
}
if (il2Cpp.Is32Bit)
if (il2Cpp.Version >= 27)
{
return FindMetadataRegistration32Bit();
return FindMetadataRegistrationV21();
}
return FindMetadataRegistration64Bit();
return FindMetadataRegistrationOld();
}
private ulong FindCodeRegistration32Bit()
private ulong FindCodeRegistrationOld()
{
foreach (var section in data)
{
il2Cpp.Position = section.offset;
while (il2Cpp.Position < section.offsetEnd - 4)
while (il2Cpp.Position < section.offsetEnd)
{
var addr = il2Cpp.Position;
if (il2Cpp.ReadUInt32() == methodCount)
if (il2Cpp.ReadIntPtr() == methodCount)
{
try
{
var pointer = il2Cpp.MapVATR(il2Cpp.ReadUInt32());
if (CheckPointerRangeDataRa(pointer))
{
var pointers = il2Cpp.ReadClassArray<uint>(pointer, methodCount);
if (CheckPointerRangeExecVa(pointers))
{
return addr - section.offset + section.address;
}
}
}
catch
{
// ignored
}
}
il2Cpp.Position = addr + 4;
}
}
return 0ul;
}
private ulong FindCodeRegistration64Bit()
{
foreach (var section in data)
{
il2Cpp.Position = section.offset;
while (il2Cpp.Position < section.offsetEnd - 8)
{
var addr = il2Cpp.Position;
if (il2Cpp.ReadInt64() == methodCount)
{
try
{
ulong pointer = il2Cpp.MapVATR(il2Cpp.ReadUInt64());
var pointer = il2Cpp.MapVATR(il2Cpp.ReadUIntPtr());
if (CheckPointerRangeDataRa(pointer))
{
var pointers = il2Cpp.ReadClassArray<ulong>(pointer, methodCount);
@ -248,68 +206,33 @@ namespace Il2CppDumper
// ignored
}
}
il2Cpp.Position = addr + 8;
il2Cpp.Position = addr + il2Cpp.PointerSize;
}
}
return 0ul;
}
private ulong FindMetadataRegistration32Bit()
private ulong FindMetadataRegistrationOld()
{
foreach (var section in data)
{
il2Cpp.Position = section.offset;
while (il2Cpp.Position < section.offsetEnd - 4)
while (il2Cpp.Position < section.offsetEnd)
{
var addr = il2Cpp.Position;
if (il2Cpp.ReadInt32() == typeDefinitionsCount)
if (il2Cpp.ReadIntPtr() == typeDefinitionsCount)
{
try
{
il2Cpp.Position += 8;
var pointer = il2Cpp.MapVATR(il2Cpp.ReadUInt32());
if (CheckPointerRangeDataRa(pointer))
{
var pointers = il2Cpp.ReadClassArray<uint>(pointer, maxMetadataUsages);
if (CheckPointerRangeBssVa(pointers))
{
return addr - 48ul - section.offset + section.address;
}
}
}
catch
{
// ignored
}
}
il2Cpp.Position = addr + 4;
}
}
return 0ul;
}
private ulong FindMetadataRegistration64Bit()
{
foreach (var section in data)
{
il2Cpp.Position = section.offset;
while (il2Cpp.Position < section.offsetEnd - 8)
{
var addr = il2Cpp.Position;
if (il2Cpp.ReadInt64() == typeDefinitionsCount)
{
try
{
il2Cpp.Position += 16;
ulong pointer = il2Cpp.MapVATR(il2Cpp.ReadUInt64());
il2Cpp.Position += il2Cpp.PointerSize * 2;
var pointer = il2Cpp.MapVATR(il2Cpp.ReadUIntPtr());
if (CheckPointerRangeDataRa(pointer))
{
var pointers = il2Cpp.ReadClassArray<ulong>(pointer, maxMetadataUsages);
if (CheckPointerRangeBssVa(pointers))
{
return addr - 96ul - section.offset + section.address;
return addr - il2Cpp.PointerSize * 12 - section.offset + section.address;
}
}
}
@ -318,7 +241,38 @@ namespace Il2CppDumper
// ignored
}
}
il2Cpp.Position = addr + 8;
il2Cpp.Position = addr + il2Cpp.PointerSize;
}
}
return 0ul;
}
private ulong FindMetadataRegistrationV21()
{
foreach (var section in data)
{
il2Cpp.Position = section.offset;
while (il2Cpp.Position < section.offsetEnd)
{
var addr = il2Cpp.Position;
if (il2Cpp.ReadIntPtr() == typeDefinitionsCount)
{
il2Cpp.Position += il2Cpp.PointerSize;
if (il2Cpp.ReadIntPtr() == typeDefinitionsCount)
{
var pointer = il2Cpp.MapVATR(il2Cpp.ReadUIntPtr());
if (CheckPointerRangeDataRa(pointer))
{
var pointers = il2Cpp.ReadClassArray<ulong>(pointer, typeDefinitionsCount);
if (CheckPointerRangeDataVa(pointers))
{
return addr - il2Cpp.PointerSize * 10 - section.offset + section.address;
}
}
}
}
il2Cpp.Position = addr + il2Cpp.PointerSize;
}
}
@ -335,9 +289,9 @@ namespace Il2CppDumper
return pointers.All(x => exec.Any(y => x >= y.address && x <= y.addressEnd));
}
private bool CheckPointerRangeExecVa(uint[] pointers)
private bool CheckPointerRangeDataVa(ulong[] pointers)
{
return pointers.All(x => exec.Any(y => x >= y.address && x <= y.addressEnd));
return pointers.All(x => data.Any(y => x >= y.address && x <= y.addressEnd));
}
private bool CheckPointerRangeBssVa(ulong[] pointers)
@ -345,74 +299,17 @@ namespace Il2CppDumper
return pointers.All(x => bss.Any(y => x >= y.address && x <= y.addressEnd));
}
private bool CheckPointerRangeBssVa(uint[] pointers)
{
return pointers.All(x => bss.Any(y => x >= y.address && x <= y.addressEnd));
}
private static readonly byte[] featureBytes2019 = { 0x6D, 0x73, 0x63, 0x6F, 0x72, 0x6C, 0x69, 0x62, 0x2E, 0x64, 0x6C, 0x6C, 0x00 };
private static readonly byte[] featureBytes2020dot2 = { 0x41, 0x73, 0x73, 0x65, 0x6D, 0x62, 0x6C, 0x79, 0x2D, 0x43, 0x53, 0x68, 0x61, 0x72, 0x70, 0x2E, 0x64, 0x6C, 0x6C, 0x00 };
private ulong FindCodeRegistration32Bit2019()
private ulong FindCodeRegistration2019()
{
var featureBytes = il2Cpp.Version >= 27 ? featureBytes2020dot2 : featureBytes2019;
var secs = il2Cpp is Elf ? exec : data;
foreach (var sec in secs)
var secs = data;
if (il2Cpp is Elf || il2Cpp is Elf64)
{
il2Cpp.Position = sec.offset;
var buff = il2Cpp.ReadBytes((int)(sec.offsetEnd - sec.offset));
foreach (var index in buff.Search(featureBytes))
{
var va = (ulong)index + sec.address;
foreach (var dataSec in data)
{
il2Cpp.Position = dataSec.offset;
while (il2Cpp.Position < dataSec.offsetEnd)
{
var offset = il2Cpp.Position;
if (il2Cpp.ReadUInt32() == va)
{
var va2 = offset - dataSec.offset + dataSec.address;
foreach (var dataSec2 in data)
{
il2Cpp.Position = dataSec2.offset;
while (il2Cpp.Position < dataSec2.offsetEnd)
{
var offset2 = il2Cpp.Position;
if (il2Cpp.ReadUInt32() == va2)
{
var va3 = offset2 - dataSec2.offset + dataSec2.address;
foreach (var dataSec3 in data)
{
il2Cpp.Position = dataSec3.offset;
while (il2Cpp.Position < dataSec3.offsetEnd)
{
var offset3 = il2Cpp.Position;
if (il2Cpp.ReadUInt32() == va3)
{
var offset4 = offset3 - dataSec3.offset + dataSec3.address;
return offset4 - 52ul;
}
}
}
}
il2Cpp.Position = offset2 + 4;
}
}
}
il2Cpp.Position = offset + 4;
}
}
}
secs = exec;
}
return 0ul;
}
private ulong FindCodeRegistration64Bit2019()
{
var featureBytes = il2Cpp.Version >= 27 ? featureBytes2020dot2 : featureBytes2019;
var secs = il2Cpp is Elf64 ? exec : data;
foreach (var sec in secs)
{
il2Cpp.Position = sec.offset;
@ -426,7 +323,7 @@ namespace Il2CppDumper
while (il2Cpp.Position < dataSec.offsetEnd)
{
var offset = il2Cpp.Position;
if (il2Cpp.ReadUInt64() == va)
if (il2Cpp.ReadUIntPtr() == va)
{
var va2 = offset - dataSec.offset + dataSec.address;
foreach (var dataSec2 in data)
@ -435,7 +332,7 @@ namespace Il2CppDumper
while (il2Cpp.Position < dataSec2.offsetEnd)
{
var offset2 = il2Cpp.Position;
if (il2Cpp.ReadUInt64() == va2)
if (il2Cpp.ReadUIntPtr() == va2)
{
var va3 = offset2 - dataSec2.offset + dataSec2.address;
foreach (var dataSec3 in data)
@ -444,20 +341,20 @@ namespace Il2CppDumper
while (il2Cpp.Position < dataSec3.offsetEnd)
{
var offset3 = il2Cpp.Position;
if (il2Cpp.ReadUInt64() == va3)
if (il2Cpp.ReadUIntPtr() == va3)
{
var offset4 = offset3 - dataSec3.offset + dataSec3.address;
return offset4 - 104ul;
return offset4 - il2Cpp.PointerSize * 13;
}
}
}
}
il2Cpp.Position = offset2 + 8;
il2Cpp.Position = offset2 + il2Cpp.PointerSize;
}
}
}
il2Cpp.Position = offset + 8;
il2Cpp.Position = offset + il2Cpp.PointerSize;
}
}
}