added dumping executables.

dumper/dll2sdk/Dll2Sdk.deps.json

@@ -0,0 +1,77 @@
+{
+  "runtimeTarget": {
+    "name": ".NETCoreApp,Version=v3.1",
+    "signature": ""
+  },
+  "compilationOptions": {},
+  "targets": {
+    ".NETCoreApp,Version=v3.1": {
+      "Dll2Sdk/1.0.0": {
+        "dependencies": {
+          "CommandLineParser": "2.7.82",
+          "dnlib": "3.3.2"
+        },
+        "runtime": {
+          "Dll2Sdk.dll": {}
+        }
+      },
+      "CommandLineParser/2.7.82": {
+        "runtime": {
+          "lib/netstandard2.0/CommandLine.dll": {
+            "assemblyVersion": "2.7.82.0",
+            "fileVersion": "2.7.82.0"
+          }
+        }
+      },
+      "dnlib/3.3.2": {
+        "dependencies": {
+          "System.Reflection.Emit": "4.7.0",
+          "System.Reflection.Emit.Lightweight": "4.7.0"
+        },
+        "runtime": {
+          "lib/netstandard2.0/dnlib.dll": {
+            "assemblyVersion": "3.3.2.0",
+            "fileVersion": "3.3.2.0"
+          }
+        }
+      },
+      "System.Reflection.Emit/4.7.0": {},
+      "System.Reflection.Emit.Lightweight/4.7.0": {}
+    }
+  },
+  "libraries": {
+    "Dll2Sdk/1.0.0": {
+      "type": "project",
+      "serviceable": false,
+      "sha512": ""
+    },
+    "CommandLineParser/2.7.82": {
+      "type": "package",
+      "serviceable": true,
+      "sha512": "sha512-JnjxBu4++EDnYtDzHskiPrPJ9hAna8amu8qlQx8J+2oZnPddDnkR/0FFtQMDz0Cs0YF2lbyW3OmYfRmIrLNY0A==",
+      "path": "commandlineparser/2.7.82",
+      "hashPath": "commandlineparser.2.7.82.nupkg.sha512"
+    },
+    "dnlib/3.3.2": {
+      "type": "package",
+      "serviceable": true,
+      "sha512": "sha512-16p2zxL0d0FJ7POvunZ+9cn3mREmQD1rDm+1C1eIMDBRAuEGLCSWdIobrUNYP//DcfMRYHbpgB8Gh2BYjEkS2Q==",
+      "path": "dnlib/3.3.2",
+      "hashPath": "dnlib.3.3.2.nupkg.sha512"
+    },
+    "System.Reflection.Emit/4.7.0": {
+      "type": "package",
+      "serviceable": true,
+      "sha512": "sha512-VR4kk8XLKebQ4MZuKuIni/7oh+QGFmZW3qORd1GvBq/8026OpW501SzT/oypwiQl4TvT8ErnReh/NzY9u+C6wQ==",
+      "path": "system.reflection.emit/4.7.0",
+      "hashPath": "system.reflection.emit.4.7.0.nupkg.sha512"
+    },
+    "System.Reflection.Emit.Lightweight/4.7.0": {
+      "type": "package",
+      "serviceable": true,
+      "sha512": "sha512-a4OLB4IITxAXJeV74MDx49Oq2+PsF6Sml54XAFv+2RyWwtDBcabzoxiiJRhdhx+gaohLh4hEGCLQyBozXoQPqA==",
+      "path": "system.reflection.emit.lightweight/4.7.0",
+      "hashPath": "system.reflection.emit.lightweight.4.7.0.nupkg.sha512"
+    }
+  }
+}

dumper/dll2sdk/Dll2Sdk.runtimeconfig.dev.json

@@ -0,0 +1,8 @@
+{
+  "runtimeOptions": {
+    "additionalProbingPaths": [
+      "C:\\Users\\xerox\\.dotnet\\store\\|arch|\\|tfm|",
+      "C:\\Users\\xerox\\.nuget\\packages"
+    ]
+  }
+}

dumper/dll2sdk/Dll2Sdk.runtimeconfig.json

@@ -0,0 +1,9 @@
+{
+  "runtimeOptions": {
+    "tfm": "netcoreapp3.1",
+    "framework": {
+      "name": "Microsoft.NETCore.App",
+      "version": "3.1.0"
+    }
+  }
+}

dumper/il2cppdumper/Il2CppDumper.exe.config

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+  <startup>
+    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.7.2" />
+  </startup>
+</configuration>

dumper/il2cppdumper/config.json

@@ -0,0 +1,14 @@
+{
+  "DumpMethod": true,
+  "DumpField": true,
+  "DumpProperty": true,
+  "DumpAttribute": true,
+  "DumpFieldOffset": true,
+  "DumpMethodOffset": true,
+  "DumpTypeDefIndex": true,
+  "GenerateDummyDll": true,
+  "GenerateScript": true,
+  "RequireAnyKey": true,
+  "ForceIl2CppVersion": false,
+  "ForceVersion": 16
+}

dumper/il2cppdumper/ghidra.py

@@ -0,0 +1,82 @@
+# -*- coding: utf-8 -*-
+import json
+
+processFields = [
+	"ScriptMethod",
+	"ScriptString",
+	"ScriptMetadata",
+	"ScriptMetadataMethod",
+	"Addresses",
+]
+
+functionManager = currentProgram.getFunctionManager()
+baseAddress = currentProgram.getImageBase()
+USER_DEFINED = ghidra.program.model.symbol.SourceType.USER_DEFINED
+
+def get_addr(addr):
+	return baseAddress.add(addr)
+
+def set_name(addr, name):
+	name = name.replace(' ', '-')
+	createLabel(addr, name, True, USER_DEFINED)
+
+def make_function(start, end):
+	next_func_start = getFunctionAfter(start).getEntryPoint()
+	if next_func_start < end:
+		end = next_func_start
+	body = createAddressSet()
+	body.addRange(start, end.subtract(1))
+	functionManager.deleteAddressRange(start, end.subtract(1), getMonitor())
+	func = getFunctionAt(start)
+	if func is None:
+		functionManager.createFunction(None, start, body, USER_DEFINED)
+	else:
+		func.setBody(body)
+
+f = askFile("script.json from Il2cppdumper", "Open")
+data = json.loads(open(f.absolutePath, 'rb').read().decode('utf-8'))
+
+if "ScriptMethod" in data and "ScriptMethod" in processFields:
+	scriptMethods = data["ScriptMethod"]
+	for scriptMethod in scriptMethods:
+		addr = get_addr(scriptMethod["Address"])
+		name = scriptMethod["Name"].encode("utf-8")
+		set_name(addr, name)
+
+if "ScriptString" in data and "ScriptString" in processFields:
+	index = 1
+	scriptStrings = data["ScriptString"]
+	for scriptString in scriptStrings:
+		addr = get_addr(scriptString["Address"])
+		value = scriptString["Value"].encode("utf-8")
+		name = "StringLiteral_" + str(index)
+		createLabel(addr, name, True, USER_DEFINED)
+		setEOLComment(addr, value)
+		index += 1
+
+if "ScriptMetadata" in data and "ScriptMetadata" in processFields:
+	scriptMetadatas = data["ScriptMetadata"]
+	for scriptMetadata in scriptMetadatas:
+		addr = get_addr(scriptMetadata["Address"])
+		name = scriptMetadata["Name"].encode("utf-8")
+		set_name(addr, name)
+		setEOLComment(addr, name)
+
+if "ScriptMetadataMethod" in data and "ScriptMetadataMethod" in processFields:
+	scriptMetadataMethods = data["ScriptMetadataMethod"]
+	for scriptMetadataMethod in scriptMetadataMethods:
+		addr = get_addr(scriptMetadataMethod["Address"])
+		name = scriptMetadataMethod["Name"].encode("utf-8")
+		methodAddr = get_addr(scriptMetadataMethod["MethodAddress"])
+		set_name(addr, name)
+		setEOLComment(addr, name)
+
+if "Addresses" in data and "Addresses" in processFields:
+	addresses = data["Addresses"]
+	for index in range(len(addresses) - 1):
+		start = get_addr(addresses[index])
+		end = get_addr(addresses[index + 1])
+		make_function(start, end)
+
+print 'Script finished!'
+

dumper/il2cppdumper/ida.py

@@ -0,0 +1,78 @@
+# -*- coding: utf-8 -*-
+import json
+
+processFields = [
+	"ScriptMethod",
+	"ScriptString",
+	"ScriptMetadata",
+	"ScriptMetadataMethod",
+	"Addresses",
+]
+
+imageBase = idaapi.get_imagebase()
+
+def get_addr(addr):
+	return imageBase + addr
+
+def set_name(addr, name):
+	ret = idc.set_name(addr, name, SN_NOWARN | SN_NOCHECK)
+	if ret == 0:
+		new_name = name + '_' + str(addr)
+		ret = idc.set_name(addr, new_name, SN_NOWARN | SN_NOCHECK)
+
+def make_function(start, end):
+	next_func = idc.get_next_func(start)
+	if next_func < end:
+		end = next_func
+	if idc.get_func_attr(start, FUNCATTR_START) == start:
+		ida_funcs.del_func(start)
+	ida_funcs.add_func(start, end)
+
+path = idaapi.ask_file(False, '*.json', 'script.json from Il2cppdumper')
+data = json.loads(open(path, 'rb').read().decode('utf-8'))
+
+if "ScriptMethod" in data and "ScriptMethod" in processFields:
+	scriptMethods = data["ScriptMethod"]
+	for scriptMethod in scriptMethods:
+		addr = get_addr(scriptMethod["Address"])
+		name = scriptMethod["Name"].encode("utf-8")
+		set_name(addr, name)
+
+if "ScriptString" in data and "ScriptString" in processFields:
+	index = 1
+	scriptStrings = data["ScriptString"]
+	for scriptString in scriptStrings:
+		addr = get_addr(scriptString["Address"])
+		value = scriptString["Value"].encode("utf-8")
+		name = "StringLiteral_" + str(index)
+		idc.set_name(addr, name, SN_NOWARN)
+		idc.set_cmt(addr, value, 1)
+		index += 1
+
+if "ScriptMetadata" in data and "ScriptMetadata" in processFields:
+	scriptMetadatas = data["ScriptMetadata"]
+	for scriptMetadata in scriptMetadatas:
+		addr = get_addr(scriptMetadata["Address"])
+		name = scriptMetadata["Name"].encode("utf-8")
+		set_name(addr, name)
+		idc.set_cmt(addr, name, 1)
+
+if "ScriptMetadataMethod" in data and "ScriptMetadataMethod" in processFields:
+	scriptMetadataMethods = data["ScriptMetadataMethod"]
+	for scriptMetadataMethod in scriptMetadataMethods:
+		addr = get_addr(scriptMetadataMethod["Address"])
+		name = scriptMetadataMethod["Name"].encode("utf-8")
+		methodAddr = get_addr(scriptMetadataMethod["MethodAddress"])
+		set_name(addr, name)
+		idc.set_cmt(addr, name, 1)
+		idc.set_cmt(addr, '{0:X}'.format(methodAddr), 0)
+
+if "Addresses" in data and "Addresses" in processFields:
+	addresses = data["Addresses"]
+	for index in range(len(addresses) - 1):
+		start = get_addr(addresses[index])
+		end = get_addr(addresses[index + 1])
+		make_function(start, end)
+
+print 'Script finished!'
+

dumper/il2cppdumper/ida_with_struct.py

@@ -0,0 +1,87 @@
+# -*- coding: utf-8 -*-
+import json
+
+processFields = [
+	"ScriptMethod",
+	"ScriptString",
+	"ScriptMetadata",
+	"ScriptMetadataMethod",
+	"Addresses",
+]
+
+imageBase = idaapi.get_imagebase()
+
+def get_addr(addr):
+	return imageBase + addr
+
+def set_name(addr, name):
+	ret = idc.set_name(addr, name, SN_NOWARN | SN_NOCHECK)
+	if ret == 0:
+		new_name = name + '_' + str(addr)
+		ret = idc.set_name(addr, new_name, SN_NOWARN | SN_NOCHECK)
+
+def make_function(start, end):
+	next_func = idc.get_next_func(start)
+	if next_func < end:
+		end = next_func
+	if idc.get_func_attr(start, FUNCATTR_START) == start:
+		ida_funcs.del_func(start)
+	ida_funcs.add_func(start, end)
+
+path = idaapi.ask_file(False, '*.json', 'script.json from Il2cppdumper')
+hpath = idaapi.ask_file(False, '*.h', 'il2cpp.h from Il2cppdumper')
+parse_decls(open(hpath, 'rb').read(), 0)
+data = json.loads(open(path, 'rb').read().decode('utf-8'))
+
+if "ScriptMethod" in data and "ScriptMethod" in processFields:
+	scriptMethods = data["ScriptMethod"]
+	for scriptMethod in scriptMethods:
+		addr = get_addr(scriptMethod["Address"])
+		name = scriptMethod["Name"].encode("utf-8")
+		set_name(addr, name)
+		signature = scriptMethod["Signature"].encode("utf-8")
+		if apply_type(addr, parse_decl(signature, 0), 1) == False:
+			print "apply_type failed:", hex(addr), signature
+
+if "ScriptString" in data and "ScriptString" in processFields:
+	index = 1
+	scriptStrings = data["ScriptString"]
+	for scriptString in scriptStrings:
+		addr = get_addr(scriptString["Address"])
+		value = scriptString["Value"].encode("utf-8")
+		name = "StringLiteral_" + str(index)
+		idc.set_name(addr, name, SN_NOWARN)
+		idc.set_cmt(addr, value, 1)
+		index += 1
+
+if "ScriptMetadata" in data and "ScriptMetadata" in processFields:
+	scriptMetadatas = data["ScriptMetadata"]
+	for scriptMetadata in scriptMetadatas:
+		addr = get_addr(scriptMetadata["Address"])
+		name = scriptMetadata["Name"].encode("utf-8")
+		set_name(addr, name)
+		idc.set_cmt(addr, name, 1)
+		if scriptMetadata["Signature"] is not None:
+			signature = scriptMetadata["Signature"].encode("utf-8")
+			if apply_type(addr, parse_decl(signature, 0), 1) == False:
+				print "apply_type failed:", hex(addr), signature
+
+if "ScriptMetadataMethod" in data and "ScriptMetadataMethod" in processFields:
+	scriptMetadataMethods = data["ScriptMetadataMethod"]
+	for scriptMetadataMethod in scriptMetadataMethods:
+		addr = get_addr(scriptMetadataMethod["Address"])
+		name = scriptMetadataMethod["Name"].encode("utf-8")
+		methodAddr = get_addr(scriptMetadataMethod["MethodAddress"])
+		set_name(addr, name)
+		idc.set_cmt(addr, name, 1)
+		idc.set_cmt(addr, '{0:X}'.format(methodAddr), 0)
+
+if "Addresses" in data and "Addresses" in processFields:
+	addresses = data["Addresses"]
+	for index in range(len(addresses) - 1):
+		start = get_addr(addresses[index])
+		end = get_addr(addresses[index + 1])
+		make_function(start, end)
+
+print 'Script finished!'
+