API tools faq
paste
Advertisement
Mijyuoon

LuaNewstate.cpp

Mijyuoon
Oct 5th, 2016
125
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 3.20 KB | None | 0 0
raw download clone embed print report
  1. #include "LuaNewstate.h"
  2. #include <Windows.h>
  3. #include <cstdint>
  4. #include <algorithm>
  5.  
  6. #define LU_MODULE  "lua_shared.dll"
  7. #define LU_NEWSTATE_N "lua_newstate"
  8. #define LU_NEWSTATE_I 0xD9
  9. #define LU_CLOSE_N "lua_close"
  10. #define LU_CLOSE_I 0x89
  11.  
  12. #define OPCODE_JMP '\xE9'
  13. #define TCALL_ADDR_OLD 0xFFFFFDE2u
  14. #define UU_OPCODE_OLD '\x5F'
  15. #define UU_ADDRESS_OLD 0xC35B5D5Eu
  16.  
  17. LuaNewstate::LuaStateList vecLuaStates;
  18.  
  19. void* pLuaStateTmp = nullptr;
  20. void* pAddrCloseTailCall = nullptr;
  21.  
  22. void* _HandlerNewstate() {
  23.     vecLuaStates.push_back((lua_State*)pLuaStateTmp);
  24.     return pLuaStateTmp;
  25. }
  26.  
  27. __declspec(naked)
  28. void _DetourNewstate() {
  29.     __asm {
  30.         pop edi
  31.         pop esi
  32.         pop ebp
  33.         pop ebx
  34.         mov [pLuaStateTmp], eax
  35.         jmp _HandlerNewstate
  36.     }
  37. }
  38.  
  39. void _HandlerClose() {
  40.     auto itBegin = vecLuaStates.begin();
  41.     auto itEnd = vecLuaStates.end();
  42.     vecLuaStates.erase(std::remove(itBegin, itEnd, pLuaStateTmp), itEnd);
  43. }
  44.  
  45. __declspec(naked)
  46. void _DetourClose() {
  47.     __asm {
  48.         pushad
  49.         mov eax, [esp-8]
  50.         mov [pLuaStateTmp], eax
  51.         call _HandlerClose
  52.         popad
  53.         jmp [pAddrCloseTailCall]
  54.     }
  55. }
  56.  
  57. bool LuaNewstate::SetupDetour() {
  58.     auto hModule = GetModuleHandleA(LU_MODULE);
  59.     auto pLuaOpen = GetProcAddress(hModule, LU_NEWSTATE_N);
  60.     auto pLuaClose = GetProcAddress(hModule, LU_CLOSE_N);
  61.  
  62.     {
  63.         char* hookPtr = (char*)pLuaOpen + LU_NEWSTATE_I;
  64.         uint32_t hookAddr = (uint32_t)_DetourNewstate - (uint32_t)hookPtr - 5;
  65.  
  66.         if(hookPtr[0] != OPCODE_JMP) {
  67.             DWORD dwProt;
  68.             VirtualProtect(pLuaOpen, 0x100, PAGE_READWRITE, &dwProt);
  69.  
  70.             hookPtr[0] = OPCODE_JMP;
  71.             *(uint32_t*)(hookPtr + 1) = hookAddr;
  72.  
  73.             VirtualProtect(pLuaOpen, 0x100, dwProt, &dwProt);
  74.         }
  75.     }
  76.  
  77.     {
  78.         char* hookPtr = (char*)pLuaClose + LU_CLOSE_I;
  79.         uint32_t hookAddr = (uint32_t)_DetourClose - (uint32_t)hookPtr - 5;
  80.         uint32_t tmpAddr = *(uint32_t*)(hookPtr + 1);
  81.  
  82.         if(tmpAddr == TCALL_ADDR_OLD) {
  83.             DWORD dwProt;
  84.             VirtualProtect(pLuaClose, 0x100, PAGE_READWRITE, &dwProt);
  85.  
  86.             uint32_t tmpAddr = *(uint32_t*)(hookPtr + 1);
  87.             pAddrCloseTailCall = (void*)(tmpAddr + (uint32_t)hookPtr + 5);
  88.  
  89.             //hookPtr[0] = (char)0xE9;
  90.             *(uint32_t*)(hookPtr + 1) = hookAddr;
  91.  
  92.             VirtualProtect(pLuaClose, 0x100, dwProt, &dwProt);
  93.         }
  94.  
  95.     }
  96.  
  97.     return true;
  98. }
  99.  
  100. bool LuaNewstate::RemoveDetour() {
  101.     auto hModule = GetModuleHandleA(LU_MODULE);
  102.     auto pLuaOpen = GetProcAddress(hModule, LU_NEWSTATE_N);
  103.     auto pLuaClose = GetProcAddress(hModule, LU_CLOSE_N);
  104.  
  105.     {
  106.         char* hookPtr = (char*)pLuaOpen + LU_NEWSTATE_I;
  107.  
  108.         if(hookPtr[0] == OPCODE_JMP) {
  109.             DWORD dwProt;
  110.             VirtualProtect(pLuaOpen, 0xE0, PAGE_READWRITE, &dwProt);
  111.  
  112.             hookPtr[0] = UU_OPCODE_OLD;
  113.             *(uint32_t*)(hookPtr + 1) = UU_ADDRESS_OLD;
  114.  
  115.             VirtualProtect(pLuaOpen, 0xE0, dwProt, &dwProt);
  116.         }
  117.     }
  118.  
  119.     {
  120.         char* hookPtr = (char*)pLuaClose + LU_CLOSE_I;
  121.         uint32_t tmpAddr = *(uint32_t*)(hookPtr + 1);
  122.  
  123.         if(tmpAddr != TCALL_ADDR_OLD) {
  124.             DWORD dwProt;
  125.             VirtualProtect(pLuaClose, 0x90, PAGE_READWRITE, &dwProt);
  126.  
  127.             //hookPtr[0] = (char)0xE9;
  128.             *(uint32_t*)(hookPtr + 1) = TCALL_ADDR_OLD;
  129.  
  130.             VirtualProtect(pLuaClose, 0x90, dwProt, &dwProt);
  131.         }
  132.     }
  133.  
  134.     vecLuaStates.clear();
  135.  
  136.     return true;
  137. }
  138.  
  139. LuaNewstate::LuaStateList LuaNewstate::Get() {
  140.     return vecLuaStates;
  141. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!