IL2Cpp/Il2CppDumper
1
0
Fork 0
mirror of https://github.com/Perfare/Il2CppDumper.git synced 2025-01-26 10:43:02 -03:00
Code Issues Projects Releases Packages Wiki Activity

完善PlusSearch

Browse source
This commit is contained in:
Perfare 2020-08-17 20:50:33 +08:00
parent 66528fb843
commit 900f0b1054
3 changed files with 68 additions and 166 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
Il2CppDumper/IO/BinaryStream.cs
View file

@ -219,7 +219,12 @@ namespace Il2CppDumper
return Encoding.UTF8.GetString(bytes.ToArray()); return Encoding.UTF8.GetString(bytes.ToArray());
} }
public ulong ReadPointer() public long ReadIntPtr()
{
return Is32Bit ? ReadInt32() : ReadInt64();
}
public ulong ReadUIntPtr()
{ {
return Is32Bit ? ReadUInt32() : ReadUInt64(); return Is32Bit ? ReadUInt32() : ReadUInt64();
} }

2
Il2CppDumper/Il2Cpp/Il2Cpp.cs
View file

@ -268,7 +268,7 @@ namespace Il2CppDumper
{ {
var customAttributeCacheGenerator = codeGenModules[imageName].customAttributeCacheGenerator; var customAttributeCacheGenerator = codeGenModules[imageName].customAttributeCacheGenerator;
Position = MapVATR(customAttributeCacheGenerator) + PointerSize * (ulong)generatorIndex; Position = MapVATR(customAttributeCacheGenerator) + PointerSize * (ulong)generatorIndex;
return ReadPointer(); return ReadUIntPtr();
} }
return customAttributeGenerators[attributeIndex]; return customAttributeGenerators[attributeIndex];
} }

229
Il2CppDumper/Utils/PlusSearch.cs
View file

@ -158,82 +158,40 @@ namespace Il2CppDumper
} }
public ulong FindCodeRegistration() public ulong FindCodeRegistration()
{
if (il2Cpp.Is32Bit)
{ {
if (il2Cpp.Version >= 24.2) if (il2Cpp.Version >= 24.2)
{ {
return FindCodeRegistration32Bit2019(); return FindCodeRegistration2019();
} }
return FindCodeRegistration32Bit(); return FindCodeRegistrationOld();
}
if (il2Cpp.Version >= 24.2)
{
return FindCodeRegistration64Bit2019();
}
return FindCodeRegistration64Bit();
} }
public ulong FindMetadataRegistration() public ulong FindMetadataRegistration()
{ {
if (il2Cpp.Version < 19 || il2Cpp.Version >= 27) if (il2Cpp.Version < 19)
{ {
return 0; return 0;
} }
if (il2Cpp.Is32Bit) if (il2Cpp.Version >= 27)
{ {
return FindMetadataRegistration32Bit(); return FindMetadataRegistrationV21();
} }
return FindMetadataRegistration64Bit(); return FindMetadataRegistrationOld();
} }
private ulong FindCodeRegistration32Bit() private ulong FindCodeRegistrationOld()
{ {
foreach (var section in data) foreach (var section in data)
{ {
il2Cpp.Position = section.offset; il2Cpp.Position = section.offset;
while (il2Cpp.Position < section.offsetEnd - 4) while (il2Cpp.Position < section.offsetEnd)
{ {
var addr = il2Cpp.Position; var addr = il2Cpp.Position;
if (il2Cpp.ReadUInt32() == methodCount) if (il2Cpp.ReadIntPtr() == methodCount)
{ {
try try
{ {
var pointer = il2Cpp.MapVATR(il2Cpp.ReadUInt32()); var pointer = il2Cpp.MapVATR(il2Cpp.ReadUIntPtr());
if (CheckPointerRangeDataRa(pointer))
{
var pointers = il2Cpp.ReadClassArray<uint>(pointer, methodCount);
if (CheckPointerRangeExecVa(pointers))
{
return addr - section.offset + section.address;
}
}
}
catch
{
// ignored
}
}
il2Cpp.Position = addr + 4;
}
}
return 0ul;
}
private ulong FindCodeRegistration64Bit()
{
foreach (var section in data)
{
il2Cpp.Position = section.offset;
while (il2Cpp.Position < section.offsetEnd - 8)
{
var addr = il2Cpp.Position;
if (il2Cpp.ReadInt64() == methodCount)
{
try
{
ulong pointer = il2Cpp.MapVATR(il2Cpp.ReadUInt64());
if (CheckPointerRangeDataRa(pointer)) if (CheckPointerRangeDataRa(pointer))
{ {
var pointers = il2Cpp.ReadClassArray<ulong>(pointer, methodCount); var pointers = il2Cpp.ReadClassArray<ulong>(pointer, methodCount);
@ -248,68 +206,33 @@ namespace Il2CppDumper
// ignored // ignored
} }
} }
il2Cpp.Position = addr + 8; il2Cpp.Position = addr + il2Cpp.PointerSize;
} }
} }
return 0ul; return 0ul;
} }
private ulong FindMetadataRegistration32Bit() private ulong FindMetadataRegistrationOld()
{ {
foreach (var section in data) foreach (var section in data)
{ {
il2Cpp.Position = section.offset; il2Cpp.Position = section.offset;
while (il2Cpp.Position < section.offsetEnd - 4) while (il2Cpp.Position < section.offsetEnd)
{ {
var addr = il2Cpp.Position; var addr = il2Cpp.Position;
if (il2Cpp.ReadInt32() == typeDefinitionsCount) if (il2Cpp.ReadIntPtr() == typeDefinitionsCount)
{ {
try try
{ {
il2Cpp.Position += 8; il2Cpp.Position += il2Cpp.PointerSize * 2;
var pointer = il2Cpp.MapVATR(il2Cpp.ReadUInt32()); var pointer = il2Cpp.MapVATR(il2Cpp.ReadUIntPtr());
if (CheckPointerRangeDataRa(pointer))
{
var pointers = il2Cpp.ReadClassArray<uint>(pointer, maxMetadataUsages);
if (CheckPointerRangeBssVa(pointers))
{
return addr - 48ul - section.offset + section.address;
}
}
}
catch
{
// ignored
}
}
il2Cpp.Position = addr + 4;
}
}
return 0ul;
}
private ulong FindMetadataRegistration64Bit()
{
foreach (var section in data)
{
il2Cpp.Position = section.offset;
while (il2Cpp.Position < section.offsetEnd - 8)
{
var addr = il2Cpp.Position;
if (il2Cpp.ReadInt64() == typeDefinitionsCount)
{
try
{
il2Cpp.Position += 16;
ulong pointer = il2Cpp.MapVATR(il2Cpp.ReadUInt64());
if (CheckPointerRangeDataRa(pointer)) if (CheckPointerRangeDataRa(pointer))
{ {
var pointers = il2Cpp.ReadClassArray<ulong>(pointer, maxMetadataUsages); var pointers = il2Cpp.ReadClassArray<ulong>(pointer, maxMetadataUsages);
if (CheckPointerRangeBssVa(pointers)) if (CheckPointerRangeBssVa(pointers))
{ {
return addr - 96ul - section.offset + section.address; return addr - il2Cpp.PointerSize * 12 - section.offset + section.address;
} }
} }
} }
@ -318,7 +241,38 @@ namespace Il2CppDumper
// ignored // ignored
} }
} }
il2Cpp.Position = addr + 8; il2Cpp.Position = addr + il2Cpp.PointerSize;
}
}
return 0ul;
}
private ulong FindMetadataRegistrationV21()
{
foreach (var section in data)
{
il2Cpp.Position = section.offset;
while (il2Cpp.Position < section.offsetEnd)
{
var addr = il2Cpp.Position;
if (il2Cpp.ReadIntPtr() == typeDefinitionsCount)
{
il2Cpp.Position += il2Cpp.PointerSize;
if (il2Cpp.ReadIntPtr() == typeDefinitionsCount)
{
var pointer = il2Cpp.MapVATR(il2Cpp.ReadUIntPtr());
if (CheckPointerRangeDataRa(pointer))
{
var pointers = il2Cpp.ReadClassArray<ulong>(pointer, typeDefinitionsCount);
if (CheckPointerRangeDataVa(pointers))
{
return addr - il2Cpp.PointerSize * 10 - section.offset + section.address;
}
}
}
}
il2Cpp.Position = addr + il2Cpp.PointerSize;
} }
} }
@ -335,9 +289,9 @@ namespace Il2CppDumper
return pointers.All(x => exec.Any(y => x >= y.address && x <= y.addressEnd)); return pointers.All(x => exec.Any(y => x >= y.address && x <= y.addressEnd));
} }
private bool CheckPointerRangeExecVa(uint[] pointers) private bool CheckPointerRangeDataVa(ulong[] pointers)
{ {
return pointers.All(x => exec.Any(y => x >= y.address && x <= y.addressEnd)); return pointers.All(x => data.Any(y => x >= y.address && x <= y.addressEnd));
} }
private bool CheckPointerRangeBssVa(ulong[] pointers) private bool CheckPointerRangeBssVa(ulong[] pointers)
@ -345,18 +299,17 @@ namespace Il2CppDumper
return pointers.All(x => bss.Any(y => x >= y.address && x <= y.addressEnd)); return pointers.All(x => bss.Any(y => x >= y.address && x <= y.addressEnd));
} }
private bool CheckPointerRangeBssVa(uint[] pointers)
{
return pointers.All(x => bss.Any(y => x >= y.address && x <= y.addressEnd));
}
private static readonly byte[] featureBytes2019 = { 0x6D, 0x73, 0x63, 0x6F, 0x72, 0x6C, 0x69, 0x62, 0x2E, 0x64, 0x6C, 0x6C, 0x00 }; private static readonly byte[] featureBytes2019 = { 0x6D, 0x73, 0x63, 0x6F, 0x72, 0x6C, 0x69, 0x62, 0x2E, 0x64, 0x6C, 0x6C, 0x00 };
private static readonly byte[] featureBytes2020dot2 = { 0x41, 0x73, 0x73, 0x65, 0x6D, 0x62, 0x6C, 0x79, 0x2D, 0x43, 0x53, 0x68, 0x61, 0x72, 0x70, 0x2E, 0x64, 0x6C, 0x6C, 0x00 }; private static readonly byte[] featureBytes2020dot2 = { 0x41, 0x73, 0x73, 0x65, 0x6D, 0x62, 0x6C, 0x79, 0x2D, 0x43, 0x53, 0x68, 0x61, 0x72, 0x70, 0x2E, 0x64, 0x6C, 0x6C, 0x00 };
private ulong FindCodeRegistration32Bit2019() private ulong FindCodeRegistration2019()
{ {
var featureBytes = il2Cpp.Version >= 27 ? featureBytes2020dot2 : featureBytes2019; var featureBytes = il2Cpp.Version >= 27 ? featureBytes2020dot2 : featureBytes2019;
var secs = il2Cpp is Elf ? exec : data; var secs = data;
if (il2Cpp is Elf || il2Cpp is Elf64)
{
secs = exec;
}
foreach (var sec in secs) foreach (var sec in secs)
{ {
il2Cpp.Position = sec.offset; il2Cpp.Position = sec.offset;
@ -370,7 +323,7 @@ namespace Il2CppDumper
while (il2Cpp.Position < dataSec.offsetEnd) while (il2Cpp.Position < dataSec.offsetEnd)
{ {
var offset = il2Cpp.Position; var offset = il2Cpp.Position;
if (il2Cpp.ReadUInt32() == va) if (il2Cpp.ReadUIntPtr() == va)
{ {
var va2 = offset - dataSec.offset + dataSec.address; var va2 = offset - dataSec.offset + dataSec.address;
foreach (var dataSec2 in data) foreach (var dataSec2 in data)
@ -379,7 +332,7 @@ namespace Il2CppDumper
while (il2Cpp.Position < dataSec2.offsetEnd) while (il2Cpp.Position < dataSec2.offsetEnd)
{ {
var offset2 = il2Cpp.Position; var offset2 = il2Cpp.Position;
if (il2Cpp.ReadUInt32() == va2) if (il2Cpp.ReadUIntPtr() == va2)
{ {
var va3 = offset2 - dataSec2.offset + dataSec2.address; var va3 = offset2 - dataSec2.offset + dataSec2.address;
foreach (var dataSec3 in data) foreach (var dataSec3 in data)
@ -388,76 +341,20 @@ namespace Il2CppDumper
while (il2Cpp.Position < dataSec3.offsetEnd) while (il2Cpp.Position < dataSec3.offsetEnd)
{ {
var offset3 = il2Cpp.Position; var offset3 = il2Cpp.Position;
if (il2Cpp.ReadUInt32() == va3) if (il2Cpp.ReadUIntPtr() == va3)
{ {
var offset4 = offset3 - dataSec3.offset + dataSec3.address; var offset4 = offset3 - dataSec3.offset + dataSec3.address;
return offset4 - 52ul; return offset4 - il2Cpp.PointerSize * 13;
} }
} }
} }
} }
il2Cpp.Position = offset2 + 4; il2Cpp.Position = offset2 + il2Cpp.PointerSize;
} }
} }
} }
il2Cpp.Position = offset + 4; il2Cpp.Position = offset + il2Cpp.PointerSize;
}
}
}
}
return 0ul;
}
private ulong FindCodeRegistration64Bit2019()
{
var featureBytes = il2Cpp.Version >= 27 ? featureBytes2020dot2 : featureBytes2019;
var secs = il2Cpp is Elf64 ? exec : data;
foreach (var sec in secs)
{
il2Cpp.Position = sec.offset;
var buff = il2Cpp.ReadBytes((int)(sec.offsetEnd - sec.offset));
foreach (var index in buff.Search(featureBytes))
{
var va = (ulong)index + sec.address;
foreach (var dataSec in data)
{
il2Cpp.Position = dataSec.offset;
while (il2Cpp.Position < dataSec.offsetEnd)
{
var offset = il2Cpp.Position;
if (il2Cpp.ReadUInt64() == va)
{
var va2 = offset - dataSec.offset + dataSec.address;
foreach (var dataSec2 in data)
{
il2Cpp.Position = dataSec2.offset;
while (il2Cpp.Position < dataSec2.offsetEnd)
{
var offset2 = il2Cpp.Position;
if (il2Cpp.ReadUInt64() == va2)
{
var va3 = offset2 - dataSec2.offset + dataSec2.address;
foreach (var dataSec3 in data)
{
il2Cpp.Position = dataSec3.offset;
while (il2Cpp.Position < dataSec3.offsetEnd)
{
var offset3 = il2Cpp.Position;
if (il2Cpp.ReadUInt64() == va3)
{
var offset4 = offset3 - dataSec3.offset + dataSec3.address;
return offset4 - 104ul;
}
}
}
}
il2Cpp.Position = offset2 + 8;
}
}
}
il2Cpp.Position = offset + 8;
} }
} }
} }