Skip to content

Commit

Permalink
修复插件与窗口进程位数不一致时崩溃的问题
Browse files Browse the repository at this point in the history
  • Loading branch information
WallBreaker2 committed Jun 11, 2019
1 parent 66ec84e commit 335c661
Show file tree
Hide file tree
Showing 8 changed files with 124 additions and 107 deletions.
85 changes: 45 additions & 40 deletions op/Bkdx.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -32,43 +32,50 @@ long Bkdx::Bind(HWND hwnd,long flag) {
auto hr = _process.Attach(id);
long bind_ret = 0;
if (NT_SUCCESS(hr)) {
//获取当前模块文件名
wchar_t buff[256];
::GetModuleFileName(gInstance, buff, 256);
_dllname = buff;
_dllname = _dllname.substr(_dllname.rfind(L"\\") + 1);
_process.Resume();
blackbone::call_result_t<blackbone::ModuleDataPtr> reg_ret;
//判断是否已经注入
auto _dllptr = _process.modules().GetModule(_dllname);
if (!_dllptr) {
//setlog(L"inject..");
reg_ret = _process.modules().Inject(buff);
//setlog(L"inject finish...");
}
else {
//setlog("alreadly inject.");
reg_ret.status = 0;
}
//恢复进程
_process.Resume();
if (NT_SUCCESS(reg_ret.status)) {
//wait some time
::Sleep(200);
using my_func_t = long(__stdcall*)(HWND);
auto SetDX9HookPtr = blackbone::MakeRemoteFunction<my_func_t>(_process, _dllname, "SetDX9Hook");
if (SetDX9HookPtr) {
bind_init();
SetDX9HookPtr(hwnd);
bind_ret = 1;
//检查是否与插件相同的32/64位
auto &mod = _process.modules().GetMainModule();
constexpr blackbone::eModType curModType = (SYSTEM_BITS == 32 ? blackbone::eModType::mt_mod32 : blackbone::eModType::mt_mod64);
if (mod&&mod->type == curModType) {
//获取当前模块文件名
wchar_t buff[256];
::GetModuleFileName(gInstance, buff, 256);
_dllname = buff;
_dllname = _dllname.substr(_dllname.rfind(L"\\") + 1);

/*_process.Resume();*/
bool injected = false;
//判断是否已经注入
auto _dllptr = _process.modules().GetModule(_dllname);
if (_dllptr) {
injected = true;
}
else {
setlog(L"remote function not found.");
injected = (_process.modules().Inject(buff) ? true : false);
}
if (injected) {
//wait some time
::Sleep(200);
using my_func_t = long(__stdcall*)(HWND);
auto SetDX9HookPtr = blackbone::MakeRemoteFunction<my_func_t>(_process, _dllname, "SetDX9Hook");
if (SetDX9HookPtr) {
bind_init();
auto cret = SetDX9HookPtr(hwnd);
bind_ret = cret.result();
}
else {
setlog(L"remote function not found.");
}
}
else {
setlog(L"Inject false.");
}
}
else {
setlog(L"Inject false.");
}
setlog("error:mod->type != current_mod");
}//end check



}
else {
setlog(L"attach false.");
Expand All @@ -77,37 +84,35 @@ long Bkdx::Bind(HWND hwnd,long flag) {
_hwnd = bind_ret ? hwnd : NULL;
if (bind_ret) {
_bind_state = 1;
//setlog("shared_res_name=%s mutex_name=%s",_shared_res_name,_mutex_name);

}
else {
bind_release();
_bind_state = 0;
}

return bind_ret;
}

long Bkdx::UnBind() {
auto hr = _process.Attach(_process_id);
long bind_ret = 0;
if (NT_SUCCESS(hr)) {
//wait some time
::Sleep(200);
using my_func_t = long(__stdcall*)(void);
auto UnDX9HookPtr = blackbone::MakeRemoteFunction<my_func_t>(_process, _dllname, "UnDX9Hook");
//auto UnDX9HookPtr = blackbone::MakeRemoteFunction<my_func_t>(_process, L"dll_test.dll", "UnDX9Hook");
if (UnDX9HookPtr) {
UnDX9HookPtr();
bind_ret = 1;
}
else {
setlog(L"get unhook ptr false.");
}
}
else {
setlog("attach false.");
}

_process.Detach();
_hwnd = NULL;
bind_release();
return bind_ret;
return 1;
}


Expand Down
7 changes: 7 additions & 0 deletions op/Common.h
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,13 @@ const size_t SHARED_MEMORY_SIZE = 1080 * 1928 * 4;
#define SHARED_RES_NAME_FORMAT L"op_x64_shared_res_%p"
#define MUTEX_NAME_FORMAT L"op_x64_mutex_%p"
#endif

#ifndef _M_X64
#define SYSTEM_BITS 32
#else
#define SYSTEM_BITS 64
#endif

//模块句柄
extern HINSTANCE gInstance;
//是否显示错误信息
Expand Down
5 changes: 1 addition & 4 deletions op/ImageProc.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -129,10 +129,7 @@ long ImageProc::SetDict(int idx, const wstring& file_name) {
else {
setlog(L"file '%s' does not exist", file_name.c_str());
}
if (_dicts->info._word_count)
return 1;
else
return 0;
return _dicts[idx].empty() ? 0 : 1;

}

Expand Down
4 changes: 2 additions & 2 deletions op/OpInterface.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,9 @@

STDMETHODIMP OpInterface::Ver(BSTR* ret) {
#ifndef _WIN64
const char* ver = "0.2.3.2.x86";
const char* ver = "0.2.4.0.x86";
#else
static const wchar_t* ver = L"0.2.3.2.x64";
static const wchar_t* ver = L"0.2.4.0.x64";

#endif;
//Tool::setlog("address=%d,str=%s", ver, ver);
Expand Down
101 changes: 49 additions & 52 deletions op/bkopengl.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -28,90 +28,87 @@ long bkopengl::Bind(HWND hwnd, long flag) {
auto hr = _process.Attach(id);
long bind_ret = 0;
if (NT_SUCCESS(hr)) {
//获取当前模块文件名
wchar_t buff[256];
::GetModuleFileName(gInstance, buff, 256);
_dllname = buff;
_dllname = _dllname.substr(_dllname.rfind(L"\\") + 1);
_process.Resume();
blackbone::call_result_t<blackbone::ModuleDataPtr> reg_ret;
//判断是否已经注入
auto _dllptr = _process.modules().GetModule(_dllname);
if (!_dllptr) {
//setlog(L"inject..");
//reg_ret = _process.modules().Inject(buff);
/*long error_code = 0;
if (!Injecter::EnablePrivilege(true))
Tool::setlog("Injecter::EnablePrivilege False.");
reg_ret.status = Injecter::InjectDll(id, buff, error_code);
Tool::setlog("inject ret=%d,error_code=%d", reg_ret.status, error_code);
*/
//setlog(buff);
auto& modules = _process.modules();
reg_ret = modules.Inject(buff);
//setlog(L"inject finish...");
}
else {
//setlog("alreadly inject.");
reg_ret.status = 0;
}
//恢复进程
_process.Resume();
if (NT_SUCCESS(reg_ret.status)) {
//wait some time
::Sleep(200);
using my_func_t = long(__stdcall*)(HWND);
auto HookPtr = blackbone::MakeRemoteFunction<my_func_t>(_process, _dllname, "SetOpenglHook");
if (HookPtr) {
bind_init();
HookPtr(hwnd);
bind_ret = 1;
//检查是否与插件相同的32/64位
auto &mod = _process.modules().GetMainModule();
constexpr blackbone::eModType curModType = (SYSTEM_BITS == 32 ? blackbone::eModType::mt_mod32 : blackbone::eModType::mt_mod64);
if (mod&&mod->type == curModType) {
//获取当前模块文件名
wchar_t buff[256];
::GetModuleFileName(gInstance, buff, 256);
_dllname = buff;
_dllname = _dllname.substr(_dllname.rfind(L"\\") + 1);

//_process.Resume();
bool injected = false;
//判断是否已经注入
auto _dllptr = _process.modules().GetModule(_dllname);
if (_dllptr) {
injected = true;
}
else {
setlog(L"remote function not found.");
injected = (_process.modules().Inject(buff) ? true : false);
}

//恢复进程
//_process.Resume();
if (injected) {
//wait some time
::Sleep(200);
using my_func_t = long(__stdcall*)(HWND);
auto HookPtr = blackbone::MakeRemoteFunction<my_func_t>(_process, _dllname, "SetOpenglHook");
if (HookPtr) {
bind_init();
auto cret = HookPtr(hwnd);
bind_ret = cret.result();
}
else {
setlog(L"remote function not found.");
}
}
else {
setlog(L"Inject false.");
}
}
else {
setlog(L"Inject false.");
}
setlog("error:mod->type != current_mod");
}//end check
}
else {
setlog(L"attach false.");
}
_process.Detach();
setlog("bind ret:%d", bind_ret);
_hwnd = bind_ret ? hwnd : NULL;
if (bind_ret) {
if (bind_ret) {//bind ok
_bind_state = 1;
//setlog("shared_res_name=%s mutex_name=%s",_shared_res_name,_mutex_name);

}
//setlog("bkopengl::Bind finish");
else {//bind error
_bind_state = 0;
bind_release();
}
return bind_ret;
}

long bkopengl::UnBind() {
auto hr = _process.Attach(_process_id);
long bind_ret = 0;
if (NT_SUCCESS(hr)) {
//wait some time
::Sleep(200);
using my_func_t = long(__stdcall*)(void);
auto UnDX9HookPtr = blackbone::MakeRemoteFunction<my_func_t>(_process, _dllname, "UnOpenglHook");
if (UnDX9HookPtr) {
UnDX9HookPtr();
bind_ret = 1;
}
else {
setlog(L"get unhook ptr false.");
}
}
else {
setlog("attach false.");
}

_process.Detach();
_hwnd = NULL;
bind_release();
return bind_ret;
_bind_state = 0;
return 1;
}


Expand All @@ -138,7 +135,7 @@ long bkopengl::capture(const std::wstring& file_name) {
file.write((char*)&bih, sizeof(BITMAPINFOHEADER));
//setlog("file.write((char*)_image_data=%p", _image_data);
try {

_pmutex->lock();
file.write(_shmem->data<char>(), bih.biSizeImage);
_pmutex->unlock();
Expand Down
8 changes: 8 additions & 0 deletions op/include/Dict.h
Original file line number Diff line number Diff line change
Expand Up @@ -206,6 +206,14 @@ struct Dict {
words.erase(it);
info._word_count = words.size();
}

int size() const{
return info._word_count;
}

bool empty()const {
return size() == 0;
}
};

#endif
Loading

0 comments on commit 335c661

Please sign in to comment.