2019-07-31 14:05:36 +03:00
|
|
|
//
|
|
|
|
|
// Yet Another POD-Bot, based on PODBot by Markus Klinge ("CountFloyd").
|
2019-09-21 23:20:33 +03:00
|
|
|
// Copyright (c) Yet Another POD-Bot Contributors <yapb@entix.io>.
|
2019-07-31 14:05:36 +03:00
|
|
|
//
|
2019-09-21 23:20:33 +03:00
|
|
|
// This software is licensed under the MIT license.
|
|
|
|
|
// Additional exceptions apply. For full license details, see LICENSE.txt
|
2019-07-31 14:05:36 +03:00
|
|
|
//
|
|
|
|
|
|
|
|
|
|
#pragma once
|
|
|
|
|
|
|
|
|
|
#include <crlib/cr-basic.h>
|
|
|
|
|
|
|
|
|
|
#if !defined (CR_WINDOWS)
|
|
|
|
|
# include <sys/mman.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
CR_NAMESPACE_BEGIN
|
|
|
|
|
|
|
|
|
|
class SimpleHook : DenyCopying {
|
|
|
|
|
private:
|
|
|
|
|
enum : uint32 {
|
2019-09-14 23:13:55 +03:00
|
|
|
#if defined (CR_ARCH_X64)
|
|
|
|
|
CodeLength = 14
|
|
|
|
|
#else
|
|
|
|
|
CodeLength = 6
|
|
|
|
|
#endif
|
2019-07-31 14:05:36 +03:00
|
|
|
};
|
|
|
|
|
|
2019-09-14 23:13:55 +03:00
|
|
|
#if defined (CR_ARCH_X64)
|
|
|
|
|
using uint = uint64;
|
|
|
|
|
#else
|
|
|
|
|
using uint = uint32;
|
|
|
|
|
#endif
|
|
|
|
|
|
2019-07-31 14:05:36 +03:00
|
|
|
private:
|
|
|
|
|
bool m_patched;
|
|
|
|
|
|
2019-09-14 23:13:55 +03:00
|
|
|
uint m_pageSize;
|
|
|
|
|
uint m_origFunc;
|
|
|
|
|
uint m_hookFunc;
|
2019-07-31 14:05:36 +03:00
|
|
|
|
2019-07-31 14:17:05 +03:00
|
|
|
uint8 m_origBytes[CodeLength] {};
|
|
|
|
|
uint8 m_hookBytes[CodeLength] {};
|
2019-07-31 14:05:36 +03:00
|
|
|
|
|
|
|
|
private:
|
|
|
|
|
void setPageSize () {
|
|
|
|
|
#if defined (CR_WINDOWS)
|
|
|
|
|
SYSTEM_INFO sysinfo;
|
|
|
|
|
GetSystemInfo (&sysinfo);
|
|
|
|
|
|
|
|
|
|
m_pageSize = sysinfo.dwPageSize;
|
|
|
|
|
#else
|
|
|
|
|
m_pageSize = sysconf (_SC_PAGESIZE);
|
|
|
|
|
#endif
|
2019-09-14 23:13:55 +03:00
|
|
|
}
|
2019-07-31 14:05:36 +03:00
|
|
|
|
2019-09-14 23:13:55 +03:00
|
|
|
#if !defined (CR_WINDOWS)
|
|
|
|
|
void *align (void *address) {
|
2019-07-31 14:05:36 +03:00
|
|
|
return reinterpret_cast <void *> ((reinterpret_cast <long> (address) & ~(m_pageSize - 1)));
|
|
|
|
|
}
|
2019-09-14 23:13:55 +03:00
|
|
|
#endif
|
2019-07-31 14:05:36 +03:00
|
|
|
|
|
|
|
|
bool unprotect () {
|
|
|
|
|
auto orig = reinterpret_cast <void *> (m_origFunc);
|
|
|
|
|
|
|
|
|
|
#if defined (CR_WINDOWS)
|
|
|
|
|
DWORD oldProt;
|
|
|
|
|
|
|
|
|
|
FlushInstructionCache (GetCurrentProcess (), orig, m_pageSize);
|
|
|
|
|
return VirtualProtect (orig, m_pageSize, PAGE_EXECUTE_READWRITE, &oldProt);
|
|
|
|
|
#else
|
|
|
|
|
auto aligned = align (orig);
|
|
|
|
|
return !mprotect (aligned, m_pageSize, PROT_READ | PROT_WRITE | PROT_EXEC);
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public:
|
2019-07-31 14:17:05 +03:00
|
|
|
SimpleHook () : m_patched (false), m_pageSize (0), m_origFunc (0), m_hookFunc (0) {
|
2019-07-31 14:05:36 +03:00
|
|
|
setPageSize ();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
~SimpleHook () {
|
|
|
|
|
disable ();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public:
|
|
|
|
|
bool patch (void *address, void *replacement) {
|
2019-09-14 23:13:55 +03:00
|
|
|
const uint16 jmp = 0x25ff;
|
|
|
|
|
|
|
|
|
|
if (plat.arm) {
|
2019-08-24 12:43:42 +03:00
|
|
|
return false;
|
|
|
|
|
}
|
2019-09-14 23:13:55 +03:00
|
|
|
auto ptr = reinterpret_cast <uint8 *> (address);
|
2019-07-31 14:05:36 +03:00
|
|
|
|
2019-09-14 23:13:55 +03:00
|
|
|
while (*reinterpret_cast <uint16 *> (ptr) == jmp) {
|
|
|
|
|
ptr = **reinterpret_cast <uint8 * **> (ptr + 2);
|
2019-07-31 14:05:36 +03:00
|
|
|
}
|
2019-09-14 23:13:55 +03:00
|
|
|
m_origFunc = reinterpret_cast <uint> (address);
|
2019-07-31 14:05:36 +03:00
|
|
|
|
|
|
|
|
if (!m_origFunc) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2019-09-14 23:13:55 +03:00
|
|
|
m_hookFunc = reinterpret_cast <uint> (replacement);
|
|
|
|
|
|
|
|
|
|
if (plat.x64) {
|
|
|
|
|
const uint16 nop = 0x00000000;
|
2019-07-31 14:05:36 +03:00
|
|
|
|
2019-09-14 23:13:55 +03:00
|
|
|
memcpy (&m_hookBytes[0], &jmp, sizeof (uint16));
|
|
|
|
|
memcpy (&m_hookBytes[2], &nop, sizeof (uint16));
|
|
|
|
|
memcpy (&m_hookBytes[6], &replacement, sizeof (uint));
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
m_hookBytes[0] = 0x68;
|
|
|
|
|
m_hookBytes[5] = 0xc3;
|
2019-07-31 14:05:36 +03:00
|
|
|
|
2019-09-14 23:13:55 +03:00
|
|
|
memcpy (&m_hookBytes[1], &m_hookFunc, sizeof (uint));
|
|
|
|
|
}
|
2019-07-31 14:05:36 +03:00
|
|
|
|
|
|
|
|
if (unprotect ()) {
|
|
|
|
|
memcpy (m_origBytes, reinterpret_cast <void *> (m_origFunc), CodeLength);
|
|
|
|
|
return enable ();
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool enable () {
|
|
|
|
|
if (m_patched) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
m_patched = true;
|
|
|
|
|
|
|
|
|
|
if (unprotect ()) {
|
|
|
|
|
memcpy (reinterpret_cast <void *> (m_origFunc), m_hookBytes, CodeLength);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool disable () {
|
|
|
|
|
if (!m_patched) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
m_patched = false;
|
|
|
|
|
|
|
|
|
|
if (unprotect ()) {
|
|
|
|
|
memcpy (reinterpret_cast <void *> (m_origFunc), m_origBytes, CodeLength);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool enabled () const {
|
|
|
|
|
return m_patched;
|
|
|
|
|
}
|
2019-09-14 23:13:55 +03:00
|
|
|
};
|
2019-07-31 14:05:36 +03:00
|
|
|
|
|
|
|
|
CR_NAMESPACE_END
|
