API tools faq
paste
Advertisement
Guest User

TotalLockDown - Instance Logger

a guest
May 10th, 2019
748
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 4.82 KB | None | 0 0
raw download clone embed print report
  1. #include <Windows.h>
  2. #include <stdio.h>
  3. #include <Psapi.h>
  4.  
  5. #include <cstring>
  6.  
  7. DWORD64   GObjObjects_offset = NULL;
  8. DWORD64   Names_offset = NULL;
  9. DWORD   Offset_Name = 0x18;
  10.  
  11. MODULEINFO GetModuleInfo(LPCTSTR lpModuleName)
  12. {
  13.     MODULEINFO miInfos = { NULL };
  14.  
  15.     HMODULE hmModule = GetModuleHandle(lpModuleName);
  16.  
  17.     if (hmModule)
  18.     {
  19.         GetModuleInformation(GetCurrentProcess(), hmModule, &miInfos, sizeof(MODULEINFO));
  20.     }
  21.  
  22.     return miInfos;
  23. }
  24.  
  25. template < class T > struct TArray
  26. {
  27.     T*              Data;
  28.     DWORD   Num;
  29.     DWORD   Max;
  30. };
  31.  
  32. struct UObject
  33. {
  34.     UCHAR   Unknown[0x18];       // unknowed data
  35.     DWORD   NameIndex;                              // struct FName
  36. };
  37.  
  38. class FUObjectItem
  39. {
  40. public:
  41.     UObject * Object;
  42.     __int32 Flags;
  43.     __int32 ClusterIndex;
  44.     __int32 SerialNumber;
  45.     char unknowndata_00[0x4]; //New
  46. };
  47.  
  48. class PreFUObjectItem
  49. {
  50. public:
  51.     FUObjectItem * Object_1;
  52.     FUObjectItem * Object_2;
  53. };
  54.  
  55. class TUObjectArray
  56. {
  57. public:
  58.     PreFUObjectItem * Objects;
  59.     char unknowndata_00[0x8]; //New
  60.     __int32 MaxElements;
  61.     __int32 NumElements;
  62. };
  63.  
  64. class FUObjectArray
  65. {
  66. public:
  67.     __int32 ObjFirstGCIndex; //0x0000
  68.     __int32 ObjLastNonGCIndex; //0x0004
  69.     __int32 MaxObjectsNotConsideredByGC; //0x0008
  70.     __int32 OpenForDisregardForGC; //0x000C
  71.  
  72.     TUObjectArray ObjObjects;
  73. };
  74.  
  75. struct FNameEntry
  76. {
  77.     int Index;
  78.     char pad_0x0004[0x4];
  79.     FNameEntry* HashNext;
  80.     char AnsiName[1024];
  81. };
  82.  
  83. class TNameEntryArray
  84. {
  85. private:
  86.     DWORD64 * chunks;
  87.  
  88. public:
  89.     FNameEntry const* const& GetById(int Index) const
  90.     {
  91.         if (!chunks ||
  92.             !*(DWORD64*)chunks ||
  93.             !(DWORD64*)(*(DWORD64*)chunks) ||
  94.             !(DWORD64*)(*(DWORD64*)(chunks + 1)) ||
  95.             !(DWORD64*)(*(DWORD64*)(chunks + 2)) ||
  96.             !(DWORD64*)(*(DWORD64*)(chunks + 3))) return NULL;
  97.  
  98.         if (Index * 0x8 < 0x20000)
  99.             return *(FNameEntry**)(*(DWORD64*)chunks + (Index * 0x8));
  100.         else if (Index * 0x8 >= 0x20000
  101.             && Index * 0x8 < (0x20000 * 2))
  102.             return *(FNameEntry**)(*(DWORD64*)(chunks + 1) + (Index * 0x8 - 0x20000));
  103.         else if (Index * 0x8 >= (0x20000 * 2)
  104.             && Index * 0x8 < (0x20000 * 3))
  105.             return *(FNameEntry**)(*(DWORD64*)(chunks + 2) + (Index * 0x8 - (0x20000 * 2)));
  106.         else if (Index * 0x8 >= (0x20000 * 3)
  107.             && Index * 0x8 < (0x20000 * 4))
  108.         {
  109.             if (!*(DWORD64*)(chunks + 3)
  110.                 || !*(DWORD64*)(*(DWORD64*)(chunks + 3) + (Index * 0x8 - (0x20000 * 3)))
  111.                 || !*(DWORD64**)(*(DWORD64*)(chunks + 3) + (Index * 0x8 - (0x20000 * 3))))
  112.                 return NULL;
  113.  
  114.             return *(FNameEntry**)(*(DWORD64*)(chunks + 3) + (Index * 0x8 - (0x20000 * 3)));
  115.         }
  116.         else
  117.             return NULL;
  118.     }
  119.  
  120.     bool IsValidIndex(int index) const
  121.     {
  122.         return index >= 0 && index < (0x20000 * 4) && GetById(index) != nullptr;
  123.     }
  124. };
  125.  
  126. FUObjectArray* GObjObjects = NULL;
  127. TNameEntryArray* Names = NULL;
  128.  
  129. char* GetName(UObject* Object)
  130. {
  131.     DWORD NameIndex = *(PDWORD)((DWORD64)Object + Offset_Name);
  132.  
  133.     if (NameIndex < 0 || NameIndex >(0x20000 * 4))
  134.     {
  135.         static char ret[256];
  136.         sprintf_s(ret, "INVALID NAME INDEX : %i > %i", NameIndex, (0x20000 * 4));
  137.         return ret;
  138.     }
  139.     else
  140.     {
  141.         return (char*)Names->GetById(NameIndex)->AnsiName;
  142.     }
  143. }
  144.  
  145. void ObjectDump()
  146. {
  147.     FILE* Log = NULL;
  148.     fopen_s(&Log, "ObjectDump.txt", "w+");
  149.  
  150.     for (DWORD64 i = 0x0; i < (GObjObjects->ObjObjects.NumElements - 2); i++)
  151.     {
  152.         if (i <= 0xFFFF)
  153.         {
  154.             if (!GObjObjects->ObjObjects.Objects->Object_1[i].Object) { continue; }
  155.  
  156.             fprintf(Log, "UObject[%06i] %-50s 0x%llX\n", i, GetName(GObjObjects->ObjObjects.Objects->Object_1[i].Object), GObjObjects->ObjObjects.Objects->Object_1[i].Object);
  157.         }
  158.         else if (i > 0xFFFF && i <= 0x1FFFE)
  159.         {
  160.             if (!GObjObjects->ObjObjects.Objects->Object_2[(i - 0xFFFF)].Object) { continue; }
  161.  
  162.             fprintf(Log, "UObject[%06i] %-50s 0x%llX\n", i, GetName(GObjObjects->ObjObjects.Objects->Object_2[(i - 0xFFFF)].Object), GObjObjects->ObjObjects.Objects->Object_2[(i - 0xFFFF)].Object);
  163.         }
  164.         else
  165.         {
  166.             fclose(Log);
  167.             return;
  168.         }
  169.     }
  170.  
  171.     fclose(Log);
  172. }
  173.  
  174. void NameDump()
  175. {
  176.     FILE* Log = NULL;
  177.     fopen_s(&Log, "NameDump.txt", "w+");
  178.  
  179.     for (DWORD64 i = 0x0; i < (0x20000 * 4); i++)
  180.     {
  181.         if (!Names->GetById(i)) { continue; }
  182.  
  183.         fprintf(Log, "Name[%06i] %s\n", i, Names->GetById(i)->AnsiName);
  184.     }
  185.  
  186.     fclose(Log);
  187. }
  188.  
  189. void onAttach()
  190. {
  191.     MODULEINFO miGame = GetModuleInfo(NULL);
  192.  
  193.     GObjObjects_offset = (DWORD64)((DWORD64)miGame.lpBaseOfDll + 0x3272CE8);
  194.     Names_offset = ((DWORD64)miGame.lpBaseOfDll + 0x326E880);
  195.  
  196.     GObjObjects = (FUObjectArray*)GObjObjects_offset;
  197.     Names = (TNameEntryArray*)Names_offset;
  198.  
  199.     NameDump();
  200.     ObjectDump();
  201. }
  202.  
  203. BOOL WINAPI DllMain(HMODULE hModule, DWORD dwReason, LPVOID lpReserved)
  204. {
  205.     switch (dwReason)
  206.     {
  207.     case DLL_PROCESS_ATTACH:
  208.         DisableThreadLibraryCalls(hModule);
  209.         CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)onAttach, NULL, 0, NULL);
  210.         return true;
  211.         break;
  212.  
  213.     case DLL_PROCESS_DETACH:
  214.         return true;
  215.         break;
  216.     }
  217. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!