Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /*
- Heap copy approach. Copies the original instructions to a buffer on heap, marks it as executable, and calls it from there.
- Shouldn't be too complicated, I may have also messed up the iterator math.
- This assumes that the heap isn't explicitly -X (hopefully, it isn't)
- */
- std::vector<uint32_t> insts;
- MAKE_HOOK_OFFSETLESS(LateUpdate, void, void *self) {
- reinterpret_cast<void (*)(void*)>(insts.data())(self);
- }
- extern "C" void load() {
- auto lateUpdateInfo = il2cpp_utils::FindMethodUnsafe("", "BeatmapObjectCallbackController", "LateUpdate", 0);
- auto nextMethodInfo = il2cpp_utils::FindMethodUnsafe("", "BeatmapObjectCallbackController", "AddBeatmapObjectCallback", 2);
- uint32_t *startAddr = (uint32_t *) lateUpdateInfo->methodPointer;
- uint32_t *endAddr = (uint32_t *) nextMethodInfo->methodPointer;
- std::vector<uint32_t> instructions(startAddr, endAddr);
- insts.assign(instructions.begin(), instructions.end());
- for (int i = 0; i < instructions.size(); i++) {
- uint32_t ins = instructions[i];
- if (ins == 0x1e293901) { // 0x0139291e fsub s1,s8,s9
- // Insert instructions, can insert at index i, since insts is copied
- insts.insert(insts.begin() + i, 0x0);
- }
- }
- if (mprotect(reinterpret_cast<void*>(insts.data()), insts.size() * sizeof(uint32_t), PROT_EXEC) == 0) {
- // Success
- }
- INSTALL_HOOK_OFFSETLESS(LateUpdate, il2cpp_utils::FindMethodUnsafe("", "BeatmapObjectCallbackController", "LateUpdate", 0));
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
