-
Notifications
You must be signed in to change notification settings - Fork 3
/
Memory.h
123 lines (101 loc) · 3.57 KB
/
Memory.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#pragma once
#include <Psapi.h>
#include "safecall.h"
namespace MemoryHelper
{
namespace Pattern
{
uintptr_t PatternScan(uintptr_t pModuleBaseAddress, const char* sSignature, size_t nSelectResultIndex = 0);
uintptr_t PatternScan(const char* sSignature, size_t nSelectResultIndex = 0);
}
void Log(const char* sFilePath, char const* const sFormat, ...);
}
uintptr_t MemoryHelper::Pattern::PatternScan(uintptr_t pModuleBaseAddress, const char* sSignature, size_t nSelectResultIndex)
{
static auto patternToByte = [](const char* pattern)
{
auto bytes = std::vector<int>{};
const auto start = const_cast<char*>(pattern);
const auto end = const_cast<char*>(pattern) + strlen(pattern);
for (auto current = start; current < end; ++current)
{
if (*current == '?')
{
++current;
if (*current == '?')
++current;
bytes.push_back(-1);
}
else {
bytes.push_back(strtoul(current, ¤t, 16));
}
}
return bytes;
};
const auto dosHeader = (PIMAGE_DOS_HEADER)pModuleBaseAddress;
const auto ntHeaders = (PIMAGE_NT_HEADERS)((std::uint8_t*)pModuleBaseAddress + dosHeader->e_lfanew);
const auto sizeOfImage = ntHeaders->OptionalHeader.SizeOfImage;
auto patternBytes = patternToByte(sSignature);
const auto scanBytes = reinterpret_cast<std::uint8_t*>(pModuleBaseAddress);
const auto s = patternBytes.size();
const auto d = patternBytes.data();
size_t nFoundResults = 0;
for (auto i = 0ul; i < sizeOfImage - s; ++i)
{
bool found = true;
for (auto j = 0ul; j < s; ++j)
{
if (scanBytes[i + j] != d[j] && d[j] != -1)
{
found = false;
break;
}
}
if (found)
{
if (nSelectResultIndex != 0)
{
if (nFoundResults < nSelectResultIndex)
{
nFoundResults++; // Skip Result To Get nSelectResultIndex.
found = false; // Make sure we can loop again.
}
else
{
return reinterpret_cast<uintptr_t>(&scanBytes[i]); // Result By Index.
}
}
else
{
return reinterpret_cast<uintptr_t>(&scanBytes[i]); // Default/First Result.
}
}
}
return NULL;
}
uintptr_t MemoryHelper::Pattern::PatternScan(const char* sSignature, size_t nSelectResultIndex)
{
static bool bIsSetted = false;
static MODULEINFO info = { 0 };
if (!bIsSetted)
{
GetModuleInformation(safe_call(GetCurrentProcess)(), GetModuleHandle(0), &info, sizeof(info));
bIsSetted = true;
}
return PatternScan((uintptr_t)info.lpBaseOfDll, sSignature, nSelectResultIndex);
}
void MemoryHelper::Log(const char* sFilePath, char const* const sFormat, ...)
{
char sLog[1024];
va_list _ArgList;
__crt_va_start(_ArgList, sFormat);
#pragma warning(push)
#pragma warning(disable: 4996) // Deprecation
_vsprintf_l(sLog, sFormat, NULL, _ArgList);
#pragma warning(pop)
__crt_va_end(_ArgList);
std::ofstream ofs;
ofs.open(sFilePath, std::ofstream::out | std::ofstream::app);
ofs << sLog << std::endl;
ofs.close();
}