Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Text;
- using Magic;
- namespace OFPHook
- {
- public class HookData : Hook
- {
- public BlackMagic Memory = new BlackMagic();
- public uint OrigAddress { get; set; }
- public uint HookAddress { get; set; }
- public byte[] Origbytes { get; set; }
- public byte[] CodeCave { get; set; }
- public string PatchName { get; set; }
- public bool Applied { get; set; }
- public bool Initialized { get; set; }
- /// <summary>
- /// Ctor
- /// </summary>
- /// <param name="processID"></param>
- public HookData(int processID) : base(processID)
- {
- Memory.OpenProcessAndThread(processID);
- }
- /// <summary>
- /// Retourne si un hook est actif en mémoire ou non
- /// </summary>
- /// <returns>true / false</returns>
- public virtual bool IsApplied()
- {
- return Applied;
- }
- /// <summary>
- /// Retourne si un hook à été initialisé ou non
- /// </summary>
- /// <returns>true / false</returns>
- public virtual bool IsInitialized()
- {
- return Initialized;
- }
- /// <summary>
- /// Applique un hook en mémoire
- /// </summary>
- public virtual void Apply()
- {
- if (!Initialized || Applied)
- return;
- //writing hook
- //jmp HookAddress (long jump)
- //E9h HookAddress
- Memory.WriteByte(OrigAddress, 0xE9);
- Memory.WriteUInt(OrigAddress + 1, HookAddress);
- Applied = true;
- }
- /// <summary>
- /// Retire un hook actif en mémoire
- /// </summary>
- public virtual void Remove()
- {
- if (!Applied)
- return;
- //rewrite originals bytes
- Memory.WriteBytes(OrigAddress, Origbytes);
- Applied = false;
- }
- /// <summary>
- /// Initialise un hook en mémoire
- /// Sauvegarde les octets qui vont être réécrit (overwriting), écrit le code du hook, ecrit le saut final.
- /// </summary>
- public virtual void Initialize()
- {
- //saving originals bytes
- Origbytes = Memory.ReadBytes(OrigAddress, 5);
- //allocating destination
- HookAddress = Memory.AllocateMemory(CodeCave.Length + 0x100);
- //writing codecave
- Memory.WriteBytes(HookAddress, CodeCave);
- //wrinting the end's detour
- //jmp OrigAddress + 6
- //E9h OrigAddress + 6
- Memory.WriteByte(HookAddress + (uint)(CodeCave.Length), 0xE9);
- Memory.WriteUInt(HookAddress + (uint)(CodeCave.Length) + 1, OrigAddress + 6);
- Initialized = true;
- }
- /// <summary>
- /// Détruit un hook en mémoire (il devras être réajouté dans la liste et réinitialisé
- /// </summary>
- public virtual void Delete()
- {
- //rewriting original code
- Remove();
- //clearing allocated memory
- Memory.FreeMemory(HookAddress);
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement