IL2Cpp/Il2CppDumper
1
0
Fork 0
mirror of https://github.com/Perfare/Il2CppDumper.git synced 2025-01-25 02:03:02 -03:00
Code Issues Projects Releases Packages Wiki Activity

Elf64 dump模式

Browse source 
优化dump so的处理方式
This commit is contained in:
Perfare 2019-07-15 10:44:22 +08:00
parent b3d4dc61fe
commit ff55f2bff3
3 changed files with 36 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
Il2CppDumper/Elf.cs
View file

@ -13,8 +13,7 @@ namespace Il2CppDumper
private Elf32_Dyn[] dynamic_table;
private Elf32_Sym[] dynamic_symbol_table;
private Dictionary<string, Elf32_Shdr> sectionWithName = new Dictionary<string, Elf32_Shdr>();
private bool isDump;
private uint dumpAddr;
private bool isDumped;
//默认编译器
/*
@ -64,19 +63,22 @@ namespace Il2CppDumper
if (!GetSectionWithName())
{
Console.WriteLine("Detected this may be a dump file. If not, it must be protected.");
isDump = true;
isDumped = true;
Console.WriteLine("Input dump address:");
dumpAddr = Convert.ToUInt32(Console.ReadLine(), 16);
var dumpAddr = Convert.ToUInt32(Console.ReadLine(), 16);
foreach (var phdr in program_table)
{
phdr.p_offset = phdr.p_vaddr;
phdr.p_filesz = phdr.p_memsz;
phdr.p_vaddr += dumpAddr;
}
Console.WriteLine("Note that in this state, the Offset of the output is actually RVA.");
}
var pt_dynamic = program_table.First(x => x.p_type == 2u);
dynamic_table = ReadClassArray<Elf32_Dyn>(pt_dynamic.p_offset, pt_dynamic.p_filesz / 8u);
RelocationProcessing();
if (!isDumped)
{
RelocationProcessing();
}
}
private bool GetSectionWithName()
@ -101,11 +103,6 @@ namespace Il2CppDumper
public override dynamic MapVATR(dynamic uiAddr)
{
if (isDump && uiAddr > dumpAddr)
{
uiAddr -= dumpAddr;
return uiAddr;
}
var program_header_table = program_table.First(x => uiAddr >= x.p_vaddr && uiAddr <= (x.p_vaddr + x.p_memsz));
return uiAddr - (program_header_table.p_vaddr - program_header_table.p_offset);
}
@ -167,7 +164,7 @@ namespace Il2CppDumper
public override bool PlusSearch(int methodCount, int typeDefinitionsCount)
{
if (!isDump && (!sectionWithName.ContainsKey(".data.rel.ro") || !sectionWithName.ContainsKey(".text") || !sectionWithName.ContainsKey(".bss")))
if (!isDumped && (!sectionWithName.ContainsKey(".data.rel.ro") || !sectionWithName.ContainsKey(".text") || !sectionWithName.ContainsKey(".bss")))
{
Console.WriteLine("ERROR: This file has been protected.");
}
@ -198,24 +195,9 @@ namespace Il2CppDumper
var exec = execList.ToArray();
plusSearch.SetSearch(data);
plusSearch.SetPointerRangeFirst(data);
if (isDump)
{
plusSearch.SetPointerRangeSecond(dumpAddr, exec);
}
else
{
plusSearch.SetPointerRangeSecond(exec);
}
plusSearch.SetPointerRangeSecond(exec);
var codeRegistration = plusSearch.FindCodeRegistration();
if (isDump)
{
plusSearch.SetPointerRangeSecond(dumpAddr, data);
}
else
{
plusSearch.SetPointerRangeSecond(data);
}
plusSearch.SetPointerRangeSecond(data);
var metadataRegistration = plusSearch.FindMetadataRegistration();
return AutoInit(codeRegistration, metadataRegistration);
}

29
Il2CppDumper/Elf64.cs
View file

@ -13,6 +13,7 @@ namespace Il2CppDumper
private Elf64_Dyn[] dynamic_table;
private Elf64_Sym[] dynamic_symbol_table;
private Dictionary<string, Elf64_Shdr> sectionWithName = new Dictionary<string, Elf64_Shdr>();
private bool isDumped;
public Elf64(Stream stream, float version, long maxMetadataUsages) : base(stream, version, maxMetadataUsages)
{
@ -38,13 +39,28 @@ namespace Il2CppDumper
elf_header.e_shnum = ReadUInt16();
elf_header.e_shtrndx = ReadUInt16();
program_table = ReadClassArray<Elf64_Phdr>(elf_header.e_phoff, elf_header.e_phnum);
GetSectionWithName();
if (!GetSectionWithName())
{
Console.WriteLine("Detected this may be a dump file. If not, it must be protected.");
isDumped = true;
Console.WriteLine("Input dump address:");
var dumpAddr = Convert.ToUInt64(Console.ReadLine(), 16);
foreach (var phdr in program_table)
{
phdr.p_offset = phdr.p_vaddr;
phdr.p_filesz = phdr.p_memsz;
phdr.p_vaddr += dumpAddr;
}
}
var pt_dynamic = program_table.First(x => x.p_type == 2u);
dynamic_table = ReadClassArray<Elf64_Dyn>(pt_dynamic.p_offset, (long)pt_dynamic.p_filesz / 16L);
RelocationProcessing();
if (!isDumped)
{
RelocationProcessing();
}
}
private void GetSectionWithName()
private bool GetSectionWithName()
{
try
{
@ -59,8 +75,9 @@ namespace Il2CppDumper
}
catch
{
Console.WriteLine("WARNING: Unable to get section.");
return false;
}
return true;
}
public override dynamic MapVATR(dynamic uiAddr)
@ -76,6 +93,10 @@ namespace Il2CppDumper
public override bool PlusSearch(int methodCount, int typeDefinitionsCount)
{
if (!isDumped && (!sectionWithName.ContainsKey(".data.rel.ro") || !sectionWithName.ContainsKey(".text") || !sectionWithName.ContainsKey(".bss")))
{
Console.WriteLine("ERROR: This file has been protected.");
}
var plusSearch = new PlusSearch(this, methodCount, typeDefinitionsCount, maxMetadataUsages);
var dataList = new List<Elf64_Phdr>();
var execList = new List<Elf64_Phdr>();

17
Il2CppDumper/PlusSearch.cs
View file

@ -271,23 +271,6 @@ namespace Il2CppDumper
}
}
public void SetPointerRangeSecond(uint dumpAddr, params Elf32_Phdr[] sections)
{
pointerRange2.Clear();
foreach (var section in sections)
{
if (section != null)
{
pointerRange2.Add(new Section
{
start = section.p_vaddr + dumpAddr,
end = section.p_vaddr + dumpAddr + section.p_memsz,
address = section.p_vaddr
});
}
}
}
public void SetPointerRangeSecond(params Elf64_Phdr[] sections)
{
pointerRange2.Clear();