From 335c6611a86588702663c20ed69aec9c43e8b485 Mon Sep 17 00:00:00 2001 From: wallbreaker2 <784942619@qq.com> Date: Tue, 11 Jun 2019 19:01:53 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=8F=92=E4=BB=B6=E4=B8=8E?= =?UTF-8?q?=E7=AA=97=E5=8F=A3=E8=BF=9B=E7=A8=8B=E4=BD=8D=E6=95=B0=E4=B8=8D?= =?UTF-8?q?=E4=B8=80=E8=87=B4=E6=97=B6=E5=B4=A9=E6=BA=83=E7=9A=84=E9=97=AE?= =?UTF-8?q?=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- op/Bkdx.cpp | 85 ++++++++++++++++++++------------------ op/Common.h | 7 ++++ op/ImageProc.cpp | 5 +-- op/OpInterface.cpp | 4 +- op/bkopengl.cpp | 101 ++++++++++++++++++++++----------------------- op/include/Dict.h | 8 ++++ op/xhook.cpp | 19 +++++---- op/xhook.h | 2 + 8 files changed, 124 insertions(+), 107 deletions(-) diff --git a/op/Bkdx.cpp b/op/Bkdx.cpp index 8385758..4de3ff6 100644 --- a/op/Bkdx.cpp +++ b/op/Bkdx.cpp @@ -32,43 +32,50 @@ long Bkdx::Bind(HWND hwnd,long flag) { auto hr = _process.Attach(id); long bind_ret = 0; if (NT_SUCCESS(hr)) { - //获取当前模块文件名 - wchar_t buff[256]; - ::GetModuleFileName(gInstance, buff, 256); - _dllname = buff; - _dllname = _dllname.substr(_dllname.rfind(L"\\") + 1); - _process.Resume(); - blackbone::call_result_t reg_ret; - //判断是否已经注入 - auto _dllptr = _process.modules().GetModule(_dllname); - if (!_dllptr) { - //setlog(L"inject.."); - reg_ret = _process.modules().Inject(buff); - //setlog(L"inject finish..."); - } - else { - //setlog("alreadly inject."); - reg_ret.status = 0; - } - //恢复进程 - _process.Resume(); - if (NT_SUCCESS(reg_ret.status)) { - //wait some time - ::Sleep(200); - using my_func_t = long(__stdcall*)(HWND); - auto SetDX9HookPtr = blackbone::MakeRemoteFunction(_process, _dllname, "SetDX9Hook"); - if (SetDX9HookPtr) { - bind_init(); - SetDX9HookPtr(hwnd); - bind_ret = 1; + //检查是否与插件相同的32/64位 + auto &mod = _process.modules().GetMainModule(); + constexpr blackbone::eModType curModType = (SYSTEM_BITS == 32 ? blackbone::eModType::mt_mod32 : blackbone::eModType::mt_mod64); + if (mod&&mod->type == curModType) { + //获取当前模块文件名 + wchar_t buff[256]; + ::GetModuleFileName(gInstance, buff, 256); + _dllname = buff; + _dllname = _dllname.substr(_dllname.rfind(L"\\") + 1); + + /*_process.Resume();*/ + bool injected = false; + //判断是否已经注入 + auto _dllptr = _process.modules().GetModule(_dllname); + if (_dllptr) { + injected = true; } else { - setlog(L"remote function not found."); + injected = (_process.modules().Inject(buff) ? true : false); + } + if (injected) { + //wait some time + ::Sleep(200); + using my_func_t = long(__stdcall*)(HWND); + auto SetDX9HookPtr = blackbone::MakeRemoteFunction(_process, _dllname, "SetDX9Hook"); + if (SetDX9HookPtr) { + bind_init(); + auto cret = SetDX9HookPtr(hwnd); + bind_ret = cret.result(); + } + else { + setlog(L"remote function not found."); + } + } + else { + setlog(L"Inject false."); } } else { - setlog(L"Inject false."); - } + setlog("error:mod->type != current_mod"); + }//end check + + + } else { setlog(L"attach false."); @@ -77,37 +84,35 @@ long Bkdx::Bind(HWND hwnd,long flag) { _hwnd = bind_ret ? hwnd : NULL; if (bind_ret) { _bind_state = 1; - //setlog("shared_res_name=%s mutex_name=%s",_shared_res_name,_mutex_name); } + else { + bind_release(); + _bind_state = 0; + } return bind_ret; } long Bkdx::UnBind() { auto hr = _process.Attach(_process_id); - long bind_ret = 0; if (NT_SUCCESS(hr)) { //wait some time ::Sleep(200); using my_func_t = long(__stdcall*)(void); auto UnDX9HookPtr = blackbone::MakeRemoteFunction(_process, _dllname, "UnDX9Hook"); - //auto UnDX9HookPtr = blackbone::MakeRemoteFunction(_process, L"dll_test.dll", "UnDX9Hook"); if (UnDX9HookPtr) { UnDX9HookPtr(); - bind_ret = 1; } else { setlog(L"get unhook ptr false."); } } - else { - setlog("attach false."); - } + _process.Detach(); _hwnd = NULL; bind_release(); - return bind_ret; + return 1; } diff --git a/op/Common.h b/op/Common.h index fc43e10..5f70272 100644 --- a/op/Common.h +++ b/op/Common.h @@ -41,6 +41,13 @@ const size_t SHARED_MEMORY_SIZE = 1080 * 1928 * 4; #define SHARED_RES_NAME_FORMAT L"op_x64_shared_res_%p" #define MUTEX_NAME_FORMAT L"op_x64_mutex_%p" #endif + +#ifndef _M_X64 +#define SYSTEM_BITS 32 +#else +#define SYSTEM_BITS 64 +#endif + //模块句柄 extern HINSTANCE gInstance; //是否显示错误信息 diff --git a/op/ImageProc.cpp b/op/ImageProc.cpp index dc935c0..a93152a 100644 --- a/op/ImageProc.cpp +++ b/op/ImageProc.cpp @@ -129,10 +129,7 @@ long ImageProc::SetDict(int idx, const wstring& file_name) { else { setlog(L"file '%s' does not exist", file_name.c_str()); } - if (_dicts->info._word_count) - return 1; - else - return 0; + return _dicts[idx].empty() ? 0 : 1; } diff --git a/op/OpInterface.cpp b/op/OpInterface.cpp index 7ab253d..c7771d9 100644 --- a/op/OpInterface.cpp +++ b/op/OpInterface.cpp @@ -11,9 +11,9 @@ STDMETHODIMP OpInterface::Ver(BSTR* ret) { #ifndef _WIN64 - const char* ver = "0.2.3.2.x86"; + const char* ver = "0.2.4.0.x86"; #else - static const wchar_t* ver = L"0.2.3.2.x64"; + static const wchar_t* ver = L"0.2.4.0.x64"; #endif; //Tool::setlog("address=%d,str=%s", ver, ver); diff --git a/op/bkopengl.cpp b/op/bkopengl.cpp index 3e200ba..9a9f3e6 100644 --- a/op/bkopengl.cpp +++ b/op/bkopengl.cpp @@ -28,70 +28,69 @@ long bkopengl::Bind(HWND hwnd, long flag) { auto hr = _process.Attach(id); long bind_ret = 0; if (NT_SUCCESS(hr)) { - //获取当前模块文件名 - wchar_t buff[256]; - ::GetModuleFileName(gInstance, buff, 256); - _dllname = buff; - _dllname = _dllname.substr(_dllname.rfind(L"\\") + 1); - _process.Resume(); - blackbone::call_result_t reg_ret; - //判断是否已经注入 - auto _dllptr = _process.modules().GetModule(_dllname); - if (!_dllptr) { - //setlog(L"inject.."); - //reg_ret = _process.modules().Inject(buff); - /*long error_code = 0; - if (!Injecter::EnablePrivilege(true)) - Tool::setlog("Injecter::EnablePrivilege False."); - reg_ret.status = Injecter::InjectDll(id, buff, error_code); - Tool::setlog("inject ret=%d,error_code=%d", reg_ret.status, error_code); - */ - //setlog(buff); - auto& modules = _process.modules(); - reg_ret = modules.Inject(buff); - //setlog(L"inject finish..."); - } - else { - //setlog("alreadly inject."); - reg_ret.status = 0; - } - //恢复进程 - _process.Resume(); - if (NT_SUCCESS(reg_ret.status)) { - //wait some time - ::Sleep(200); - using my_func_t = long(__stdcall*)(HWND); - auto HookPtr = blackbone::MakeRemoteFunction(_process, _dllname, "SetOpenglHook"); - if (HookPtr) { - bind_init(); - HookPtr(hwnd); - bind_ret = 1; + //检查是否与插件相同的32/64位 + auto &mod = _process.modules().GetMainModule(); + constexpr blackbone::eModType curModType = (SYSTEM_BITS == 32 ? blackbone::eModType::mt_mod32 : blackbone::eModType::mt_mod64); + if (mod&&mod->type == curModType) { + //获取当前模块文件名 + wchar_t buff[256]; + ::GetModuleFileName(gInstance, buff, 256); + _dllname = buff; + _dllname = _dllname.substr(_dllname.rfind(L"\\") + 1); + + //_process.Resume(); + bool injected = false; + //判断是否已经注入 + auto _dllptr = _process.modules().GetModule(_dllname); + if (_dllptr) { + injected = true; } else { - setlog(L"remote function not found."); + injected = (_process.modules().Inject(buff) ? true : false); + } + + //恢复进程 + //_process.Resume(); + if (injected) { + //wait some time + ::Sleep(200); + using my_func_t = long(__stdcall*)(HWND); + auto HookPtr = blackbone::MakeRemoteFunction(_process, _dllname, "SetOpenglHook"); + if (HookPtr) { + bind_init(); + auto cret = HookPtr(hwnd); + bind_ret = cret.result(); + } + else { + setlog(L"remote function not found."); + } + } + else { + setlog(L"Inject false."); } } else { - setlog(L"Inject false."); - } + setlog("error:mod->type != current_mod"); + }//end check } else { setlog(L"attach false."); } _process.Detach(); + setlog("bind ret:%d", bind_ret); _hwnd = bind_ret ? hwnd : NULL; - if (bind_ret) { + if (bind_ret) {//bind ok _bind_state = 1; - //setlog("shared_res_name=%s mutex_name=%s",_shared_res_name,_mutex_name); - } - //setlog("bkopengl::Bind finish"); + else {//bind error + _bind_state = 0; + bind_release(); + } return bind_ret; } long bkopengl::UnBind() { auto hr = _process.Attach(_process_id); - long bind_ret = 0; if (NT_SUCCESS(hr)) { //wait some time ::Sleep(200); @@ -99,19 +98,17 @@ long bkopengl::UnBind() { auto UnDX9HookPtr = blackbone::MakeRemoteFunction(_process, _dllname, "UnOpenglHook"); if (UnDX9HookPtr) { UnDX9HookPtr(); - bind_ret = 1; } else { setlog(L"get unhook ptr false."); } } - else { - setlog("attach false."); - } + _process.Detach(); _hwnd = NULL; bind_release(); - return bind_ret; + _bind_state = 0; + return 1; } @@ -138,7 +135,7 @@ long bkopengl::capture(const std::wstring& file_name) { file.write((char*)&bih, sizeof(BITMAPINFOHEADER)); //setlog("file.write((char*)_image_data=%p", _image_data); try { - + _pmutex->lock(); file.write(_shmem->data(), bih.biSizeImage); _pmutex->unlock(); diff --git a/op/include/Dict.h b/op/include/Dict.h index ffb8534..1a08ab3 100644 --- a/op/include/Dict.h +++ b/op/include/Dict.h @@ -206,6 +206,14 @@ struct Dict { words.erase(it); info._word_count = words.size(); } + + int size() const{ + return info._word_count; + } + + bool empty()const { + return size() == 0; + } }; #endif diff --git a/op/xhook.cpp b/op/xhook.cpp index 57f5a06..a2f576c 100644 --- a/op/xhook.cpp +++ b/op/xhook.cpp @@ -144,13 +144,14 @@ long SetDX9Hook(HWND hwnd) { if (ret == kiero::Status::Success) { kiero::bind(42, (void**)&g_oEndScene, hkEndScene); //setlog("bind ok."); + return 1; } else { - setlog("kiero::init false"); + //kiero::init false + return 0; } - return 1; } long UnDX9Hook() { @@ -158,7 +159,7 @@ long UnDX9Hook() { kiero::unbind(); } hook_release(); - return 0; + return 1; } long SetDX10Hook(HWND hwnd) { @@ -171,7 +172,7 @@ long SetDX10Hook(HWND hwnd) { return 1; } else { - setlog("kiero::init false"); + //setlog("kiero::init false"); return 0; } @@ -180,7 +181,7 @@ long SetDX10Hook(HWND hwnd) { long UnDX10Hook() { kiero::unbind(); hook_release(); - return 0; + return 1; } long SetDX11Hook(HWND hwnd) { @@ -193,7 +194,7 @@ long SetDX11Hook(HWND hwnd) { return 1; } else { - setlog("kiero::init false"); + //setlog("kiero::init false"); return 0; } @@ -202,7 +203,7 @@ long SetDX11Hook(HWND hwnd) { long UnDX11Hook() { kiero::unbind(); hook_release(); - return 0; + return 1; } long SetOpenglHook(HWND hwnd) { @@ -215,7 +216,7 @@ long SetOpenglHook(HWND hwnd) { return 1; } else { - setlog("kiero::init false"); + //setlog("kiero::init false"); return 0; } @@ -224,5 +225,5 @@ long SetOpenglHook(HWND hwnd) { long UnOpenglHook() { kiero::unbind(); hook_release(); - return 0; + return 1; } \ No newline at end of file diff --git a/op/xhook.h b/op/xhook.h index 0b9ee91..f0cb013 100644 --- a/op/xhook.h +++ b/op/xhook.h @@ -9,6 +9,8 @@ 2.设置共享内存,互斥量 3.截图(hook)至共享内存 */ + +//返回值:1 成功,0失败 //dx9 DLL_API long SetDX9Hook(HWND hwnd); //恢复原状态,释放共享内存