-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathModule.cpp
137 lines (117 loc) · 3.83 KB
/
Module.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
//
// Created by emiel on 9/03/21.
//
#include "Module.h"
#include <dlfcn.h>
#include <functional>
#include <string>
#include <sstream>
#include <vector>
#include <iterator>
std::map<unsigned int, std::shared_ptr<Module>> Module::_cache;
Module::Module(const char *filename) : _filename(filename)
{
_handle = dlopen(filename, RTLD_NOLOAD | RTLD_NOW);
if (_handle == nullptr)
{
char message[128];
snprintf(message, sizeof(message), "module '%s' could not be opened!", filename);
printf("%s\n", message);
}
CreateInterface = reinterpret_cast<CreateInterfaceFn>(getSymbol("CreateInterface"));
}
void *Module::getSymbol(const char *symbolName) const
{
auto result = dlsym(_handle, symbolName);
if (result == nullptr)
{
char message[128];
snprintf(message, sizeof(message), "symbol '%s' of module '%s' could not be found!", symbolName, _filename);
printf("%s\n", message);
}
return result;
}
void Module::close()
{
dlclose(_handle);
}
InterfaceReg *Module::getInterfaces() const
{
auto interface_symb = getSymbol("s_pInterfaceRegs");
if (interface_symb)
{
return *reinterpret_cast<InterfaceReg**>(interface_symb);
} else
{
auto createInterface = getSymbol("CreateInterface");
auto jmp_adr = uintptr_t(createInterface) + 4;
auto offset = *reinterpret_cast<int32_t *>(jmp_adr + 1);
auto createInterfaceInternal = (jmp_adr + 5) + offset;
return **reinterpret_cast<InterfaceReg***>(createInterfaceInternal + 11);
}
}
std::shared_ptr<Module> Module::grab(const char* filename)
{
auto hash = std::hash<const char*>{}(filename);
if (_cache.count(hash))
{
return _cache[hash];
}
std::shared_ptr<Module> ret(new Module(filename));
_cache[hash] = ret;
return ret;
}
void Module::walkInterfaces() const
{
for (InterfaceReg* current = getInterfaces(); current; current = current->m_pNext) {
printf("\033[0;36m%s => 0x%p\n\033[0m", current->m_pName, (void *) current->m_CreateFn());
}
}
uint64_t Module::findSignature(const char *sig)
{
auto fp = fopen("/proc/self/maps", "r");
if (!fp) return -1;
unsigned int base = 0, end = 0;
char *line;
size_t line_size = 0;
while (getline(&line, &line_size, fp) > 0)
{
std::string sline(line);
if (sline.find(this->_filename) != std::string::npos && sline.find("r-xp") != std::string::npos)
{
printf("%s", line);
// use find for '-' and space
std::string base_addr(sline.substr(0,sline.find('-')));
std::string end_addr(sline.substr(0, sline.find(' ')));
printf("base: %s, end: %s", base_addr.c_str(), end_addr.c_str());
sscanf(base_addr.c_str(), "%x", &base);
sscanf(end_addr.c_str(), "%x", &end);
break;
}
}
free(line);
if (base == 0) return -1;
// |firstMatch
// |current
//Memory: +----------------------------------------------------------------------------+
//pat: +----------+
// 012
const char* pat = sig;
unsigned int firstMatch = 0;
for (unsigned int current = base; current < end; current++)
{
if (!*pat) return firstMatch; // We matched the whole pattern
if (pat[0] == '\?' || *(byte*) current == (byte) pat[0]) // Wildcard or match?
{
if (firstMatch == 0) firstMatch = current; // We just started matching
if (!pat[2]) return firstMatch;
if (*(uint16_t*) pat == '\?\?' || *(byte*) pat != '\?') pat += 3;
else pat += 2;
} else
{
pat = sig;
firstMatch = 0;
}
}
return -1;
}