API tools faq
paste
Guest User

VMP keygenme whoknows analysis script

a guest
Sep 2nd, 2020
563
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C# 4.58 KB | None | 0 0
raw download clone embed print report
  1. // Author: Washi (https://github.com/Washi1337 - https://rtn-team.cc/)
  2.  
  3. using System;
  4. using System.Collections;
  5. using System.Linq;
  6. using System.Reflection;
  7. using HarmonyLib;
  8.  
  9. namespace ConsoleApplication4
  10. {
  11.     internal class Program
  12.     {
  13.         private static FieldInfo _stackField;
  14.         private static FieldInfo _pcField;
  15.  
  16.         public static void Main(string[] args)
  17.         {
  18.             var assembly = Assembly.LoadFile(@"awesome.vmp_nodbg.exe");
  19.            
  20.             var harmony = new Harmony("com.example.patch");
  21.  
  22.             var vmType = assembly.GetType("4775349C");
  23.             var readMethod = vmType.GetMethod("15154B6D", BindingFlags.Instance | BindingFlags.NonPublic);
  24.             _stackField = vmType.GetField("6BAE5C1B", BindingFlags.Instance | BindingFlags.NonPublic);
  25.             _pcField = vmType.GetField("58392466", BindingFlags.Instance | BindingFlags.NonPublic);
  26.            
  27.             var prefixMethod = typeof(Program).GetMethod(nameof(ReadBytePrefix), BindingFlags.Static | BindingFlags.Public);
  28.             var postfixMethod = typeof(Program).GetMethod(nameof(ReadBytePostfix), BindingFlags.Static | BindingFlags.Public);
  29.            
  30.             harmony.Patch(readMethod, new HarmonyMethod(prefixMethod), new HarmonyMethod(postfixMethod));
  31.  
  32.             var invokeMethod = typeof(object).Assembly
  33.                 .GetType("System.Reflection.RuntimeMethodInfo")
  34.                 .GetMethod("UnsafeInvokeInternal", BindingFlags.NonPublic | BindingFlags.Instance);
  35.            
  36.             prefixMethod = typeof(Program).GetMethod(nameof(InvokePrefix), BindingFlags.Static | BindingFlags.Public);
  37.             postfixMethod = typeof(Program).GetMethod(nameof(InvokePostfix), BindingFlags.Static | BindingFlags.Public);
  38.             harmony.Patch(invokeMethod, new HarmonyMethod(prefixMethod), new HarmonyMethod(postfixMethod));
  39.            
  40.             assembly.EntryPoint.Invoke(null, null);
  41.         }
  42.  
  43.         private static string FormatObject(object obj)
  44.         {
  45.             try
  46.             {
  47.                 switch (obj)
  48.                 {
  49.                     case null:
  50.                         return "null";
  51.  
  52.                     case string x:
  53.                         return $"\"{x}\"";
  54.  
  55.                     case IEnumerable enumerable:
  56.                         return
  57.                             $"{obj.GetType().Name} {{{string.Join(", ", enumerable.Cast<object>().Select(FormatObject))}}}";
  58.  
  59.                     case { } o when o.GetType().Name == "0FE23521":
  60.                     {
  61.                         var field = o.GetType().GetField("5BE47E90", BindingFlags.Instance | BindingFlags.NonPublic);
  62.                         return FormatObject(field.GetValue(o));
  63.                     }
  64.                     case { } o when o.GetType().Name == "6F9B56A3":
  65.                     {
  66.                         var field = o.GetType().GetField("1B4E1C53", BindingFlags.Instance | BindingFlags.NonPublic);
  67.                         return FormatObject(field.GetValue(o));
  68.                     }
  69.                     default:
  70.                         return obj.ToString();
  71.                 }
  72.             }
  73.             catch (Exception ex)
  74.             {
  75.                 return "???";
  76.             }
  77.         }
  78.  
  79.         public static void ReadBytePrefix(object __instance)
  80.         {
  81.             Console.Write("{0:X8} ({0}): ", _pcField.GetValue(__instance));
  82.             var stackContents = ((IEnumerable) _stackField.GetValue(__instance))
  83.                 .Cast<object>()
  84.                 .Reverse()
  85.                 .ToArray();
  86.             Console.WriteLine(FormatObject(stackContents));
  87.         }
  88.  
  89.         public static void ReadBytePostfix()
  90.         {
  91.         }
  92.        
  93.         public static void InvokePrefix(object __instance, object obj, object[] parameters, object[] arguments)
  94.         {
  95.             var method = (MethodBase) __instance;
  96.             string returnType = method is MethodInfo info ? info.ReturnType.FullName : "System.Object";
  97.             Console.WriteLine($"--- call to {returnType} {method.DeclaringType}::{method.Name}({string.Join(", ", method.GetParameters().Cast<object>())})");
  98.             if (arguments != null)
  99.             {
  100.                 for (int i = 0; i < arguments.Length; i++)
  101.                     Console.WriteLine($"--- {i}: {FormatObject(arguments[i])}");
  102.             }
  103.         }
  104.  
  105.         public static void InvokePostfix(object __instance, ref object __result, object obj, object[] parameters, object[] arguments)
  106.         {
  107.             Console.WriteLine("--- Resulted in " + FormatObject(__result));
  108.         }
  109.     }
  110. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!