diff --git a/dumper/GameGuardian.99.0.apk b/dumper/GameGuardian.99.0.apk new file mode 100644 index 000000000..0cf47dce4 Binary files /dev/null and b/dumper/GameGuardian.99.0.apk differ diff --git a/dumper/dll2sdk/CommandLine.dll b/dumper/dll2sdk/CommandLine.dll new file mode 100644 index 000000000..a946a5a49 Binary files /dev/null and b/dumper/dll2sdk/CommandLine.dll differ diff --git a/dumper/dll2sdk/Dll2Sdk.deps.json b/dumper/dll2sdk/Dll2Sdk.deps.json new file mode 100644 index 000000000..85cecc469 --- /dev/null +++ b/dumper/dll2sdk/Dll2Sdk.deps.json @@ -0,0 +1,77 @@ +{ + "runtimeTarget": { + "name": ".NETCoreApp,Version=v3.1", + "signature": "" + }, + "compilationOptions": {}, + "targets": { + ".NETCoreApp,Version=v3.1": { + "Dll2Sdk/1.0.0": { + "dependencies": { + "CommandLineParser": "2.7.82", + "dnlib": "3.3.2" + }, + "runtime": { + "Dll2Sdk.dll": {} + } + }, + "CommandLineParser/2.7.82": { + "runtime": { + "lib/netstandard2.0/CommandLine.dll": { + "assemblyVersion": "2.7.82.0", + "fileVersion": "2.7.82.0" + } + } + }, + "dnlib/3.3.2": { + "dependencies": { + "System.Reflection.Emit": "4.7.0", + "System.Reflection.Emit.Lightweight": "4.7.0" + }, + "runtime": { + "lib/netstandard2.0/dnlib.dll": { + "assemblyVersion": "3.3.2.0", + "fileVersion": "3.3.2.0" + } + } + }, + "System.Reflection.Emit/4.7.0": {}, + "System.Reflection.Emit.Lightweight/4.7.0": {} + } + }, + "libraries": { + "Dll2Sdk/1.0.0": { + "type": "project", + "serviceable": false, + "sha512": "" + }, + "CommandLineParser/2.7.82": { + "type": "package", + "serviceable": true, + "sha512": "sha512-JnjxBu4++EDnYtDzHskiPrPJ9hAna8amu8qlQx8J+2oZnPddDnkR/0FFtQMDz0Cs0YF2lbyW3OmYfRmIrLNY0A==", + "path": "commandlineparser/2.7.82", + "hashPath": "commandlineparser.2.7.82.nupkg.sha512" + }, + "dnlib/3.3.2": { + "type": "package", + "serviceable": true, + "sha512": "sha512-16p2zxL0d0FJ7POvunZ+9cn3mREmQD1rDm+1C1eIMDBRAuEGLCSWdIobrUNYP//DcfMRYHbpgB8Gh2BYjEkS2Q==", + "path": "dnlib/3.3.2", + "hashPath": "dnlib.3.3.2.nupkg.sha512" + }, + "System.Reflection.Emit/4.7.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-VR4kk8XLKebQ4MZuKuIni/7oh+QGFmZW3qORd1GvBq/8026OpW501SzT/oypwiQl4TvT8ErnReh/NzY9u+C6wQ==", + "path": "system.reflection.emit/4.7.0", + "hashPath": "system.reflection.emit.4.7.0.nupkg.sha512" + }, + "System.Reflection.Emit.Lightweight/4.7.0": { + "type": "package", + "serviceable": true, + "sha512": "sha512-a4OLB4IITxAXJeV74MDx49Oq2+PsF6Sml54XAFv+2RyWwtDBcabzoxiiJRhdhx+gaohLh4hEGCLQyBozXoQPqA==", + "path": "system.reflection.emit.lightweight/4.7.0", + "hashPath": "system.reflection.emit.lightweight.4.7.0.nupkg.sha512" + } + } +} \ No newline at end of file diff --git a/dumper/dll2sdk/Dll2Sdk.dll b/dumper/dll2sdk/Dll2Sdk.dll new file mode 100644 index 000000000..b8762e208 Binary files /dev/null and b/dumper/dll2sdk/Dll2Sdk.dll differ diff --git a/dumper/dll2sdk/Dll2Sdk.exe b/dumper/dll2sdk/Dll2Sdk.exe new file mode 100644 index 000000000..a7b5de5bf Binary files /dev/null and b/dumper/dll2sdk/Dll2Sdk.exe differ diff --git a/dumper/dll2sdk/Dll2Sdk.pdb b/dumper/dll2sdk/Dll2Sdk.pdb new file mode 100644 index 000000000..b0f59e2bf Binary files /dev/null and b/dumper/dll2sdk/Dll2Sdk.pdb differ diff --git a/dumper/dll2sdk/Dll2Sdk.runtimeconfig.dev.json b/dumper/dll2sdk/Dll2Sdk.runtimeconfig.dev.json new file mode 100644 index 000000000..7b78ea5a3 --- /dev/null +++ b/dumper/dll2sdk/Dll2Sdk.runtimeconfig.dev.json @@ -0,0 +1,8 @@ +{ + "runtimeOptions": { + "additionalProbingPaths": [ + "C:\\Users\\xerox\\.dotnet\\store\\|arch|\\|tfm|", + "C:\\Users\\xerox\\.nuget\\packages" + ] + } +} \ No newline at end of file diff --git a/dumper/dll2sdk/Dll2Sdk.runtimeconfig.json b/dumper/dll2sdk/Dll2Sdk.runtimeconfig.json new file mode 100644 index 000000000..bc456d786 --- /dev/null +++ b/dumper/dll2sdk/Dll2Sdk.runtimeconfig.json @@ -0,0 +1,9 @@ +{ + "runtimeOptions": { + "tfm": "netcoreapp3.1", + "framework": { + "name": "Microsoft.NETCore.App", + "version": "3.1.0" + } + } +} \ No newline at end of file diff --git a/dumper/dll2sdk/dnlib.dll b/dumper/dll2sdk/dnlib.dll new file mode 100644 index 000000000..58e49b471 Binary files /dev/null and b/dumper/dll2sdk/dnlib.dll differ diff --git a/dumper/il2cppdumper/Il2CppDumper.exe b/dumper/il2cppdumper/Il2CppDumper.exe new file mode 100644 index 000000000..1de7b944c Binary files /dev/null and b/dumper/il2cppdumper/Il2CppDumper.exe differ diff --git a/dumper/il2cppdumper/Il2CppDumper.exe.config b/dumper/il2cppdumper/Il2CppDumper.exe.config new file mode 100644 index 000000000..8f60dcb21 --- /dev/null +++ b/dumper/il2cppdumper/Il2CppDumper.exe.config @@ -0,0 +1,6 @@ + + + + + + \ No newline at end of file diff --git a/dumper/il2cppdumper/Il2CppDumper.pdb b/dumper/il2cppdumper/Il2CppDumper.pdb new file mode 100644 index 000000000..bd98ca1fb Binary files /dev/null and b/dumper/il2cppdumper/Il2CppDumper.pdb differ diff --git a/dumper/il2cppdumper/Mono.Cecil.Mdb.dll b/dumper/il2cppdumper/Mono.Cecil.Mdb.dll new file mode 100644 index 000000000..ea79bf89d Binary files /dev/null and b/dumper/il2cppdumper/Mono.Cecil.Mdb.dll differ diff --git a/dumper/il2cppdumper/Mono.Cecil.Pdb.dll b/dumper/il2cppdumper/Mono.Cecil.Pdb.dll new file mode 100644 index 000000000..c5c92f1a7 Binary files /dev/null and b/dumper/il2cppdumper/Mono.Cecil.Pdb.dll differ diff --git a/dumper/il2cppdumper/Mono.Cecil.Rocks.dll b/dumper/il2cppdumper/Mono.Cecil.Rocks.dll new file mode 100644 index 000000000..6e096fccb Binary files /dev/null and b/dumper/il2cppdumper/Mono.Cecil.Rocks.dll differ diff --git a/dumper/il2cppdumper/Mono.Cecil.dll b/dumper/il2cppdumper/Mono.Cecil.dll new file mode 100644 index 000000000..bdb99dfcf Binary files /dev/null and b/dumper/il2cppdumper/Mono.Cecil.dll differ diff --git a/dumper/il2cppdumper/Newtonsoft.Json.dll b/dumper/il2cppdumper/Newtonsoft.Json.dll new file mode 100644 index 000000000..e4a63399d Binary files /dev/null and b/dumper/il2cppdumper/Newtonsoft.Json.dll differ diff --git a/dumper/il2cppdumper/config.json b/dumper/il2cppdumper/config.json new file mode 100644 index 000000000..b40c6a2bc --- /dev/null +++ b/dumper/il2cppdumper/config.json @@ -0,0 +1,14 @@ +{ + "DumpMethod": true, + "DumpField": true, + "DumpProperty": true, + "DumpAttribute": true, + "DumpFieldOffset": true, + "DumpMethodOffset": true, + "DumpTypeDefIndex": true, + "GenerateDummyDll": true, + "GenerateScript": true, + "RequireAnyKey": true, + "ForceIl2CppVersion": false, + "ForceVersion": 16 +} \ No newline at end of file diff --git a/dumper/il2cppdumper/ghidra.py b/dumper/il2cppdumper/ghidra.py new file mode 100644 index 000000000..e1038e1dd --- /dev/null +++ b/dumper/il2cppdumper/ghidra.py @@ -0,0 +1,82 @@ +# -*- coding: utf-8 -*- +import json + +processFields = [ + "ScriptMethod", + "ScriptString", + "ScriptMetadata", + "ScriptMetadataMethod", + "Addresses", +] + +functionManager = currentProgram.getFunctionManager() +baseAddress = currentProgram.getImageBase() +USER_DEFINED = ghidra.program.model.symbol.SourceType.USER_DEFINED + +def get_addr(addr): + return baseAddress.add(addr) + +def set_name(addr, name): + name = name.replace(' ', '-') + createLabel(addr, name, True, USER_DEFINED) + +def make_function(start, end): + next_func_start = getFunctionAfter(start).getEntryPoint() + if next_func_start < end: + end = next_func_start + body = createAddressSet() + body.addRange(start, end.subtract(1)) + functionManager.deleteAddressRange(start, end.subtract(1), getMonitor()) + func = getFunctionAt(start) + if func is None: + functionManager.createFunction(None, start, body, USER_DEFINED) + else: + func.setBody(body) + +f = askFile("script.json from Il2cppdumper", "Open") +data = json.loads(open(f.absolutePath, 'rb').read().decode('utf-8')) + +if "ScriptMethod" in data and "ScriptMethod" in processFields: + scriptMethods = data["ScriptMethod"] + for scriptMethod in scriptMethods: + addr = get_addr(scriptMethod["Address"]) + name = scriptMethod["Name"].encode("utf-8") + set_name(addr, name) + +if "ScriptString" in data and "ScriptString" in processFields: + index = 1 + scriptStrings = data["ScriptString"] + for scriptString in scriptStrings: + addr = get_addr(scriptString["Address"]) + value = scriptString["Value"].encode("utf-8") + name = "StringLiteral_" + str(index) + createLabel(addr, name, True, USER_DEFINED) + setEOLComment(addr, value) + index += 1 + +if "ScriptMetadata" in data and "ScriptMetadata" in processFields: + scriptMetadatas = data["ScriptMetadata"] + for scriptMetadata in scriptMetadatas: + addr = get_addr(scriptMetadata["Address"]) + name = scriptMetadata["Name"].encode("utf-8") + set_name(addr, name) + setEOLComment(addr, name) + +if "ScriptMetadataMethod" in data and "ScriptMetadataMethod" in processFields: + scriptMetadataMethods = data["ScriptMetadataMethod"] + for scriptMetadataMethod in scriptMetadataMethods: + addr = get_addr(scriptMetadataMethod["Address"]) + name = scriptMetadataMethod["Name"].encode("utf-8") + methodAddr = get_addr(scriptMetadataMethod["MethodAddress"]) + set_name(addr, name) + setEOLComment(addr, name) + +if "Addresses" in data and "Addresses" in processFields: + addresses = data["Addresses"] + for index in range(len(addresses) - 1): + start = get_addr(addresses[index]) + end = get_addr(addresses[index + 1]) + make_function(start, end) + +print 'Script finished!' + diff --git a/dumper/il2cppdumper/ida.py b/dumper/il2cppdumper/ida.py new file mode 100644 index 000000000..2a0667a89 --- /dev/null +++ b/dumper/il2cppdumper/ida.py @@ -0,0 +1,78 @@ +# -*- coding: utf-8 -*- +import json + +processFields = [ + "ScriptMethod", + "ScriptString", + "ScriptMetadata", + "ScriptMetadataMethod", + "Addresses", +] + +imageBase = idaapi.get_imagebase() + +def get_addr(addr): + return imageBase + addr + +def set_name(addr, name): + ret = idc.set_name(addr, name, SN_NOWARN | SN_NOCHECK) + if ret == 0: + new_name = name + '_' + str(addr) + ret = idc.set_name(addr, new_name, SN_NOWARN | SN_NOCHECK) + +def make_function(start, end): + next_func = idc.get_next_func(start) + if next_func < end: + end = next_func + if idc.get_func_attr(start, FUNCATTR_START) == start: + ida_funcs.del_func(start) + ida_funcs.add_func(start, end) + +path = idaapi.ask_file(False, '*.json', 'script.json from Il2cppdumper') +data = json.loads(open(path, 'rb').read().decode('utf-8')) + +if "ScriptMethod" in data and "ScriptMethod" in processFields: + scriptMethods = data["ScriptMethod"] + for scriptMethod in scriptMethods: + addr = get_addr(scriptMethod["Address"]) + name = scriptMethod["Name"].encode("utf-8") + set_name(addr, name) + +if "ScriptString" in data and "ScriptString" in processFields: + index = 1 + scriptStrings = data["ScriptString"] + for scriptString in scriptStrings: + addr = get_addr(scriptString["Address"]) + value = scriptString["Value"].encode("utf-8") + name = "StringLiteral_" + str(index) + idc.set_name(addr, name, SN_NOWARN) + idc.set_cmt(addr, value, 1) + index += 1 + +if "ScriptMetadata" in data and "ScriptMetadata" in processFields: + scriptMetadatas = data["ScriptMetadata"] + for scriptMetadata in scriptMetadatas: + addr = get_addr(scriptMetadata["Address"]) + name = scriptMetadata["Name"].encode("utf-8") + set_name(addr, name) + idc.set_cmt(addr, name, 1) + +if "ScriptMetadataMethod" in data and "ScriptMetadataMethod" in processFields: + scriptMetadataMethods = data["ScriptMetadataMethod"] + for scriptMetadataMethod in scriptMetadataMethods: + addr = get_addr(scriptMetadataMethod["Address"]) + name = scriptMetadataMethod["Name"].encode("utf-8") + methodAddr = get_addr(scriptMetadataMethod["MethodAddress"]) + set_name(addr, name) + idc.set_cmt(addr, name, 1) + idc.set_cmt(addr, '{0:X}'.format(methodAddr), 0) + +if "Addresses" in data and "Addresses" in processFields: + addresses = data["Addresses"] + for index in range(len(addresses) - 1): + start = get_addr(addresses[index]) + end = get_addr(addresses[index + 1]) + make_function(start, end) + +print 'Script finished!' + diff --git a/dumper/il2cppdumper/ida_with_struct.py b/dumper/il2cppdumper/ida_with_struct.py new file mode 100644 index 000000000..0d6f37e5b --- /dev/null +++ b/dumper/il2cppdumper/ida_with_struct.py @@ -0,0 +1,87 @@ +# -*- coding: utf-8 -*- +import json + +processFields = [ + "ScriptMethod", + "ScriptString", + "ScriptMetadata", + "ScriptMetadataMethod", + "Addresses", +] + +imageBase = idaapi.get_imagebase() + +def get_addr(addr): + return imageBase + addr + +def set_name(addr, name): + ret = idc.set_name(addr, name, SN_NOWARN | SN_NOCHECK) + if ret == 0: + new_name = name + '_' + str(addr) + ret = idc.set_name(addr, new_name, SN_NOWARN | SN_NOCHECK) + +def make_function(start, end): + next_func = idc.get_next_func(start) + if next_func < end: + end = next_func + if idc.get_func_attr(start, FUNCATTR_START) == start: + ida_funcs.del_func(start) + ida_funcs.add_func(start, end) + +path = idaapi.ask_file(False, '*.json', 'script.json from Il2cppdumper') +hpath = idaapi.ask_file(False, '*.h', 'il2cpp.h from Il2cppdumper') +parse_decls(open(hpath, 'rb').read(), 0) +data = json.loads(open(path, 'rb').read().decode('utf-8')) + +if "ScriptMethod" in data and "ScriptMethod" in processFields: + scriptMethods = data["ScriptMethod"] + for scriptMethod in scriptMethods: + addr = get_addr(scriptMethod["Address"]) + name = scriptMethod["Name"].encode("utf-8") + set_name(addr, name) + signature = scriptMethod["Signature"].encode("utf-8") + if apply_type(addr, parse_decl(signature, 0), 1) == False: + print "apply_type failed:", hex(addr), signature + +if "ScriptString" in data and "ScriptString" in processFields: + index = 1 + scriptStrings = data["ScriptString"] + for scriptString in scriptStrings: + addr = get_addr(scriptString["Address"]) + value = scriptString["Value"].encode("utf-8") + name = "StringLiteral_" + str(index) + idc.set_name(addr, name, SN_NOWARN) + idc.set_cmt(addr, value, 1) + index += 1 + +if "ScriptMetadata" in data and "ScriptMetadata" in processFields: + scriptMetadatas = data["ScriptMetadata"] + for scriptMetadata in scriptMetadatas: + addr = get_addr(scriptMetadata["Address"]) + name = scriptMetadata["Name"].encode("utf-8") + set_name(addr, name) + idc.set_cmt(addr, name, 1) + if scriptMetadata["Signature"] is not None: + signature = scriptMetadata["Signature"].encode("utf-8") + if apply_type(addr, parse_decl(signature, 0), 1) == False: + print "apply_type failed:", hex(addr), signature + +if "ScriptMetadataMethod" in data and "ScriptMetadataMethod" in processFields: + scriptMetadataMethods = data["ScriptMetadataMethod"] + for scriptMetadataMethod in scriptMetadataMethods: + addr = get_addr(scriptMetadataMethod["Address"]) + name = scriptMetadataMethod["Name"].encode("utf-8") + methodAddr = get_addr(scriptMetadataMethod["MethodAddress"]) + set_name(addr, name) + idc.set_cmt(addr, name, 1) + idc.set_cmt(addr, '{0:X}'.format(methodAddr), 0) + +if "Addresses" in data and "Addresses" in processFields: + addresses = data["Addresses"] + for index in range(len(addresses) - 1): + start = get_addr(addresses[index]) + end = get_addr(addresses[index + 1]) + make_function(start, end) + +print 'Script finished!' +