API tools faq
paste
Advertisement
Baoulettes

ptr_is_in_exe()

Baoulettes
Dec 4th, 2021
914
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 1.96 KB | None | 0 0
raw download clone embed print report
  1. bool ptr_is_in_exe(const intptr_t ptr, const struct mach_header *& header, intptr_t& offset, uintptr_t& vmaddr, const char* image_name) {
  2.     // Usage :
  3.     /*
  4.     const char* image_name = "Binary / dylib etc"; //Should point to Dokkan binary
  5.     const char* symbol_name = "Symbol / function _ZTS etc"; //Symbol to hook
  6.     const struct mach_header* header;
  7.     intptr_t offset;
  8.     uintptr_t vmaddr;
  9.     //ptr_is_in_exe(200, header, offset, vmaddr, image_name);
  10.     //*/
  11.     uint32_t i, count = _dyld_image_count();
  12.     for (i = 0; i < count; i++) {
  13.         header = _dyld_get_image_header(i);
  14.         offset = _dyld_get_image_vmaddr_slide(i);
  15.         //notes << i << "," << offset << ": " << _dyld_get_image_name(i) << endl;
  16.  
  17.         uint32_t j = 0;
  18.         struct load_command* cmd = (struct load_command*)((char *)header + sizeof(struct mach_header));
  19.         if(header->magic == MH_MAGIC_64)
  20.             cmd = (struct load_command*)((char *)header + sizeof(struct mach_header_64));
  21.         //struct load_command* cmd_end = cmd + header->sizeofcmds;
  22.  
  23.         while (j < header->ncmds) {
  24.             if (cmd->cmd == LC_SEGMENT) {
  25.                 struct segment_command* seg = (struct segment_command*)cmd;
  26.                 if (((intptr_t)ptr >= (seg->vmaddr + offset)) && ((intptr_t)ptr < (seg->vmaddr + offset + seg->vmsize))) {
  27.                     vmaddr = seg->vmaddr;
  28.                     image_name = _dyld_get_image_name(i);
  29.                     return true;
  30.                 }
  31.             }
  32.             if (cmd->cmd == LC_SEGMENT_64) {
  33.                 struct segment_command_64* seg = (struct segment_command_64*)cmd;
  34.                 if (((uintptr_t)ptr >= (seg->vmaddr + offset)) && ((uintptr_t)ptr < (seg->vmaddr + offset + seg->vmsize))) {
  35.                     vmaddr = seg->vmaddr;
  36.                     image_name = _dyld_get_image_name(i);
  37.                     return true;
  38.                 }
  39.             }
  40.  
  41.             j++;
  42.             NSLog(@"[ptr_is_in_exe][%x]image_name : %s",i,image_name);
  43.             NSLog(@"[ptr_is_in_exe][%x]header : %lx",i,(uintptr_t)header);
  44.             NSLog(@"[ptr_is_in_exe][%x]offset : %ld",i,offset);
  45.             NSLog(@"[ptr_is_in_exe][%x]vmaddr : %lu",i,vmaddr);
  46.             cmd = (struct load_command*)((char*)cmd + cmd->cmdsize);
  47.         }
  48.     }
  49.     return false;
  50. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!