-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSigScan.cpp
170 lines (157 loc) · 4.19 KB
/
SigScan.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
/*
From:
http://wiki.alliedmods.net/Signature_Scanning
and PimpinJuice
*/
#include "BATCore.h"
#include "SigScan.h"
#ifdef WIN32
unsigned char* g_BaseAddr;
size_t g_BaseAddrLength;
#else
void* g_BaseAddr;
#endif
/*
SigScan::~SigScan(void)
{
//delete[] sig_str;
//delete[] sig_mask;
}
*/
SigScan::SigScan()
{
#ifdef WIN32
bool GotBase = GetDllMemInfo();
#else
bool GotBase = GetBaseAddress();
#endif
if(!GotBase)
{
ScannerError = true;
g_BATCore.AddLogEntry("ERROR: There was a error getting base address (More details should be above log entry)");
}
else
ScannerError = false;
}
void* SigScan:: FindFunctionAddresss(const char *SignatureName,unsigned char *WinSig, char *WinMask, size_t WinSigLength, char *NixSymbol)
{
if(ScannerError)
return NULL;
#ifdef WIN32
void *FunctionPointer = FindSignature(SignatureName,WinSig,WinMask,WinSigLength);
#else
void *FunctionPointer = FindSymbolAddress(SignatureName,NixSymbol);
#endif
if(!FunctionPointer) g_BATCore.WriteLogBuffer(); // Something has gone wrong, we force the logs to written in case we are gonna crash soon
return FunctionPointer;
}
void SigScan::Dispose()
{
#ifdef WIN32
// Nothing to do really
#else
if(g_BaseAddr) dlclose(g_BaseAddr);
g_BaseAddr = NULL;
#endif
}
#ifdef WIN32
unsigned int istrcmp(char *str1, char *str2)
{
unsigned int i, len1 = strlen(str1), len2 = strlen(str2);
if(len1 != len2)
return 0;
for(i = 0;i < len1;i++)
{
if(tolower(str1[i]) != tolower(str2[i]))
return 0;
}
return 1;
}
void* SigScan::FindSignature(const char *SignatureName, unsigned char *WinSig, char *WinMask, size_t WinSigLength)
{
unsigned char *pBasePtr = g_BaseAddr;
unsigned char *pEndPtr = g_BaseAddr+g_BaseAddrLength;
size_t i, height = 0;
while(pBasePtr < pEndPtr)
{
for(i = 0;i < WinSigLength;i++)
{
if(i > height)
height++;
if((WinMask[i] != '?') && (WinSig[i] != pBasePtr[i]))
break;
}
if(i == WinSigLength)
return (void*)pBasePtr;
pBasePtr++;
}
g_BATCore.AddLogEntry("ERROR: %s - Signature finding failure: Sig Failed at Height: %d", SignatureName,height);
return NULL;
}
bool SigScan::GetDllMemInfo(void)
{
char binpath[1024];
HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 modent;
g_BaseAddr = 0;
g_BaseAddrLength = 0;
g_BATCore.GetEngine()->GetGameDir(binpath, 512);
sprintf(binpath, "%s\\bin\\server.dll", binpath);
hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, GetCurrentProcessId());
if(hModuleSnap == INVALID_HANDLE_VALUE)
{
g_BATCore.AddLogEntry("ERROR: Signature finding failure: CreateToolhelp32Snapshot failed");
return false;
}
modent.dwSize = sizeof(MODULEENTRY32);
if(!Module32First(hModuleSnap, &modent))
{
g_BATCore.AddLogEntry("ERROR: Signature finding failure: Module32First failed.");
CloseHandle(hModuleSnap);
return false;
}
do
{
if(istrcmp(modent.szExePath, binpath))
{
g_BaseAddr = modent.modBaseAddr;
g_BaseAddrLength = modent.modBaseSize;
CloseHandle(hModuleSnap);
return true;
}
} while(Module32Next(hModuleSnap, &modent));
CloseHandle(hModuleSnap);
g_BATCore.AddLogEntry("ERROR: Signature finding failure: Failed to find server module in module list");
return false;
}
#else
bool SigScan::GetBaseAddress()
{
char binpath[512];
g_BATCore.GetEngine()->GetGameDir(binpath,511);
sprintf(binpath, "%s/bin/server_i486.so",binpath);
g_BaseAddr = dlopen(binpath, RTLD_NOW);
if(g_BaseAddr == NULL)
{
g_BATCore.AddLogEntry("ERROR: dlopen() failed with error: \"%s\", This means signature scanning all failed",dlerror());
return false;
}
return true;
//find_sym_addr(handle,funcname,linuxstr,&newSignature->linux_addr);
}
void* SigScan::FindSymbolAddress(char *name, char *symbol)
{
void *addr;
if(g_BaseAddr == NULL)
return NULL;
addr = dlsym(g_BaseAddr, symbol);
if(addr == NULL) {
g_BATCore.AddLogEntry("ERROR: dlsym() failed for function \"%s\" with error: \"%s\", plugin will not function properly.",name, dlerror());
return NULL;
}
#if BAT_DEBUG == 1
g_BATCore.AddLogEntry("Found linux symbol function: %s, address: %X\n", name, addr);
#endif
return addr;
}
#endif