updated bypass

master
xerox 4 years ago
parent 08b972db53
commit f6fb83dff7

Binary file not shown.

@ -1,5 +1,10 @@
#pragma once #pragma once
#include <math.h> #include <math.h>
#include <cstddef>
#include <cstdint>
#include <string.h>
#include <wchar.h>
#include <malloc.h>
struct virt_invoke_data { struct virt_invoke_data {
std::uintptr_t method_ptr; std::uintptr_t method_ptr;
@ -97,17 +102,17 @@ struct il2cpp_string {
int32_t length; int32_t length;
wchar_t start_char; wchar_t start_char;
static il2cpp_string *newString(const wchar_t *string) { static il2cpp_string *new_string(const wchar_t *string) {
const auto result = reinterpret_cast<il2cpp_string *>(malloc( const auto result = reinterpret_cast<il2cpp_string *>(malloc(
sizeof(il2cpp_string) + (std::wcslen(string) * sizeof(wchar_t)))); sizeof(il2cpp_string) + (wcslen(string) * sizeof(wchar_t))));
memcpy(&result->start_char, string, std::wcslen(string) * sizeof(wchar_t)); memcpy(&result->start_char, string, wcslen(string) * sizeof(wchar_t));
return result; return result;
} }
static il2cpp_string *newString(const char *string) { static il2cpp_string *new_string(const char *string) {
const auto result = reinterpret_cast<il2cpp_string *>( const auto result = reinterpret_cast<il2cpp_string *>(
malloc(sizeof(il2cpp_string) + (std::strlen(string)))); malloc(sizeof(il2cpp_string) + (strlen(string))));
memcpy(&result->start_char, string, std::strlen(string)); memcpy(&result->start_char, string, strlen(string));
return result; return result;
} }

@ -21,25 +21,37 @@ namespace ligma
[&](std::uintptr_t module_base, void* module_handle) -> bool [&](std::uintptr_t module_base, void* module_handle) -> bool
{ {
LOGI("libtersafe.so -> %p, module_handle -> %p", module_base, module_handle); LOGI("libtersafe.so -> %p, module_handle -> %p", module_base, module_handle);
// all imports just return null now....
ligma::hook::dlsym_hook({ module_handle, "^.*" }, &null_sub);
return false; return false;
} }
); );
fopen_ptr = dlsym(dlopen("libc.so", RTLD_NOLOAD), "fopen"); fopen_ptr = dlsym(dlopen("libc.so", RTLD_NOLOAD), "fopen");
system_prop_get = dlsym(dlopen("libc.so", RTLD_NOLOAD), "__system_property_get"); system_prop_get = dlsym(dlopen("libc.so", RTLD_NOLOAD), "__system_property_get");
strcat_ptr = dlsym(dlopen("libc.so", RTLD_NOLOAD), "strcat");
ligma::hook::make_hook(fopen_ptr, reinterpret_cast<void*>(&fopen_hook)); ligma::hook::make_hook(strcat_ptr, &strcat_hook);
ligma::hook::make_hook(system_prop_get, reinterpret_cast<void*>(&system_property_hook)); ligma::hook::make_hook(fopen_ptr, &fopen_hook);
ligma::hook::make_hook(system_prop_get, &system_property_hook);
} }
__attribute__((noinline)) char* strcat_hook(char* destination, const char* source)
int null_sub()
{ {
LOGI("null_sub called, return -> null...."); if (!destination || !source)
return NULL; return NULL;
if (!strncmp(destination, "retval=1", strlen("retval=1")))
{
destination[strlen("retval=1") - 1] = '0';
memset(destination + strlen("retval=1"), NULL, strlen("|emulator_name="));
LOGI("destination string after -> %s", destination);
return destination;
}
strcat_mutex.lock();
ligma::hook::disable(strcat_ptr);
const auto result = std::strcat(destination, source);
ligma::hook::enable(strcat_ptr);
strcat_mutex.unlock();
return result;
} }
// //

@ -14,12 +14,14 @@ namespace ligma
{ {
inline void* fopen_ptr = nullptr; inline void* fopen_ptr = nullptr;
inline void* system_prop_get = nullptr; inline void* system_prop_get = nullptr;
inline void* strcat_ptr = nullptr;
inline std::mutex fopen_mutex; inline std::mutex fopen_mutex;
inline std::mutex system_prop_mutex; inline std::mutex system_prop_mutex;
inline std::mutex strcat_mutex;
void init(const std::function<bool(std::uintptr_t, void*)>& callback); void init(const std::function<bool(std::uintptr_t, void*)>& callback);
int null_sub(); char* strcat_hook(char* destination, const char* source);
FILE* fopen_hook(const char* path, const char* mode); FILE* fopen_hook(const char* path, const char* mode);
int system_property_hook(const char* name, char* value); int system_property_hook(const char* name, char* value);
int load_bufferx_hook(void* L, const char* buff, size_t sz, const char* name, const char* mode); int load_bufferx_hook(void* L, const char* buff, size_t sz, const char* name, const char* mode);

@ -15,8 +15,7 @@ namespace ligma
{ {
dlsym_mutex.lock(); dlsym_mutex.lock();
ligma::hook::disable(dlsym_ptr); ligma::hook::disable(dlsym_ptr);
const auto result = const auto result = reinterpret_cast<decltype(&dlsym_bypass)>(dlsym_ptr)(handle, symbol);
reinterpret_cast<decltype(&dlsym_bypass)>(dlsym_ptr)(handle, symbol);
ligma::hook::enable(dlsym_ptr); ligma::hook::enable(dlsym_ptr);
dlsym_mutex.unlock(); dlsym_mutex.unlock();
return result; return result;
@ -25,8 +24,9 @@ namespace ligma
__attribute__((noinline)) __attribute__((noinline))
void* dlsym_handler(void* handle, const char* symbol) void* dlsym_handler(void* handle, const char* symbol)
{ {
LOGI("dlsym called... handle -> %p, symbol -> %s", handle, symbol);
for (const auto& [map_handle, function_ptr] : *get_dlsym_hooks()) for (const auto& [map_handle, function_ptr] : *get_dlsym_hooks())
if (map_handle.first == handle) if (!map_handle.first || map_handle.first == handle)
if(std::regex_match(symbol, std::regex(map_handle.second.data()))) if(std::regex_match(symbol, std::regex(map_handle.second.data())))
return function_ptr; return function_ptr;

@ -27,7 +27,7 @@ namespace ligma
static std::once_flag once; static std::once_flag once;
std::call_once(once, [&]() std::call_once(once, [&]()
{ {
make_hook((dlsym_ptr = dlsym(dlopen("libdl.so", RTLD_NOLOAD), "dlsym")), &dlsym_handler); make_hook((dlsym_ptr = dlsym(dlopen("libdl.so", RTLD_NOW), "dlsym")), &dlsym_handler);
make_hook(&dlsym, &dlsym_bypass); make_hook(&dlsym, &dlsym_bypass);
}); });

@ -56,7 +56,7 @@ namespace ligma
std::map<void*, std::unique_ptr<detour>>* get_hooks(); std::map<void*, std::unique_ptr<detour>>* get_hooks();
template <class T, class U> template <class T, class U>
void make_hook(T* addr_to_hook, U* jmp_to_addr, bool enable = true) void make_hook(T addr_to_hook, U* jmp_to_addr, bool enable = true)
{ {
if (!addr_to_hook || !jmp_to_addr) if (!addr_to_hook || !jmp_to_addr)
return; return;

@ -39,6 +39,7 @@
<ClCompile Include="hooks\dlsym_hook.cpp" /> <ClCompile Include="hooks\dlsym_hook.cpp" />
<ClCompile Include="hooks\shithook.cpp" /> <ClCompile Include="hooks\shithook.cpp" />
<ClCompile Include="main.cpp" /> <ClCompile Include="main.cpp" />
<ClCompile Include="SDK\il2cpp\il2cpp.cpp" />
<ClCompile Include="utils\utils.cpp" /> <ClCompile Include="utils\utils.cpp" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
@ -46,6 +47,8 @@
<ClInclude Include="hooks\dlsym_hook.h" /> <ClInclude Include="hooks\dlsym_hook.h" />
<ClInclude Include="hooks\shithook.h" /> <ClInclude Include="hooks\shithook.h" />
<ClInclude Include="ligma.h" /> <ClInclude Include="ligma.h" />
<ClInclude Include="SDK\il2cpp\il2cpp.h" />
<ClInclude Include="SDK\il2cpp\il2cpp_type.h" />
<ClInclude Include="utils\utils.h" /> <ClInclude Include="utils\utils.h" />
</ItemGroup> </ItemGroup>
<PropertyGroup Label="Globals"> <PropertyGroup Label="Globals">

@ -25,6 +25,9 @@
<Filter Include="source\hooks"> <Filter Include="source\hooks">
<UniqueIdentifier>{f084f5b1-c94a-4e1b-ac6d-6fdeecb34ba4}</UniqueIdentifier> <UniqueIdentifier>{f084f5b1-c94a-4e1b-ac6d-6fdeecb34ba4}</UniqueIdentifier>
</Filter> </Filter>
<Filter Include="headers\SDK">
<UniqueIdentifier>{41f37979-a1df-4b59-bf4d-23f51411f4c1}</UniqueIdentifier>
</Filter>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<ClCompile Include="main.cpp"> <ClCompile Include="main.cpp">
@ -42,6 +45,9 @@
<ClCompile Include="hooks\shithook.cpp"> <ClCompile Include="hooks\shithook.cpp">
<Filter>source\hooks</Filter> <Filter>source\hooks</Filter>
</ClCompile> </ClCompile>
<ClCompile Include="SDK\il2cpp\il2cpp.cpp">
<Filter>headers\SDK</Filter>
</ClCompile>
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<ClInclude Include="bypass\bypass.h"> <ClInclude Include="bypass\bypass.h">
@ -59,5 +65,11 @@
<ClInclude Include="hooks\dlsym_hook.h"> <ClInclude Include="hooks\dlsym_hook.h">
<Filter>headers\hooks</Filter> <Filter>headers\hooks</Filter>
</ClInclude> </ClInclude>
<ClInclude Include="SDK\il2cpp\il2cpp.h">
<Filter>headers\SDK</Filter>
</ClInclude>
<ClInclude Include="SDK\il2cpp\il2cpp_type.h">
<Filter>headers\SDK</Filter>
</ClInclude>
</ItemGroup> </ItemGroup>
</Project> </Project>

@ -1,4 +1,27 @@
#include "bypass/bypass.h" #include "bypass/bypass.h"
#include "SDK/assembly-csharp.dll/gameshop.h"
__attribute__((noinline))
bool is_free(gameshop::codmshopitem* item)
{
LOGI("=============== is item free called! =============");
LOGI("item -> %p", item);
return true;
}
__attribute__((noinline))
int get_price()
{
LOGI("get price called!");
return NULL;
}
__attribute__((noinline))
bool unlock_all()
{
LOGI("unlock all called!");
return true;
}
__attribute__((constructor)) __attribute__((constructor))
void init() void init()
@ -6,6 +29,10 @@ void init()
ligma::bypass::init([&](std::uintptr_t il2cpp_base, void* module_handle) -> bool ligma::bypass::init([&](std::uintptr_t il2cpp_base, void* module_handle) -> bool
{ {
LOGI("il2cpp base address = %p, module_handle = %p", il2cpp_base, module_handle); LOGI("il2cpp base address = %p, module_handle = %p", il2cpp_base, module_handle);
ligma::hook::make_hook(il2cpp_base + 0x294D198, &is_free);
ligma::hook::make_hook(il2cpp_base + 0x294C77C, &get_price);
ligma::hook::make_hook(il2cpp_base + 0x294D7D8, &unlock_all);
ligma::hook::make_hook(il2cpp_base + 0x294D574, &unlock_all);
return false; return false;
}); });
} }

@ -29,6 +29,7 @@ namespace ligma
dlopen_mutex.lock(); dlopen_mutex.lock();
ligma::hook::disable(dlopen_ptr); ligma::hook::disable(dlopen_ptr);
const auto result = dlopen(filename, flags); const auto result = dlopen(filename, flags);
if(ligma::utils::get_callbacks()->size())
ligma::hook::enable(dlopen_ptr); ligma::hook::enable(dlopen_ptr);
dlopen_mutex.unlock(); dlopen_mutex.unlock();

Loading…
Cancel
Save