-
Notifications
You must be signed in to change notification settings - Fork 27
/
Copy pathmain.h
98 lines (86 loc) · 2.83 KB
/
main.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
// Copyright 2017 OpenSWE1R Maintainers
// Licensed under GPLv2 or any later version
// Refer to the included LICENSE.txt file.
#ifndef __OPENSWE1R_MAIN_H__
#define __OPENSWE1R_MAIN_H__
#include <unicorn/unicorn.h>
#include "emulation.h"
extern uint32_t callId;
extern Address clearEax;
static inline int hacky_printf(const char* fmt, ...) {
#if 1
va_list args;
va_start(args, fmt);
int ret = vprintf(fmt, args);
va_end(args);
return ret;
#endif
}
Address CreateInterface(const char* name, unsigned int slotCount);
void AddExport(const char* name, void* callback, Address address);
// Defines an INITIALIZER macro which will run code at startup
#if defined(__GNUC__)
# define INITIALIZER(_name) \
__attribute__((constructor)) void _name()
#elif defined(_MSC_VER)
# if (_MSC_VER >= 1400)
# if !defined(_WIN64)
# pragma section(".CRT$XIU", read)
# else
# pragma section(".CRT$XIU", long, read)
# endif
# define INITIALIZER(_name) \
void _name(); \
static int __cdecl __ ## _name ## _caller() { _name(); return 0; } \
__declspec(allocate(".CRT$XIU")) int(__cdecl *__ ## _name ## _pointer)() = __ ## _name ## _caller; \
void _name()
# else
# error Compiler not supported
# endif
#else
# error Compiler not detected
#endif
#define HACKY_IMPORT_BEGIN(_name) \
static void Hook_ ## _name (void* uc, Address _address, void* _user_data); \
INITIALIZER(Register_ ## _name) { \
const char* name = #_name; \
printf("Registering hook for '%s'\n", name); \
AddExport(name, Hook_ ## _name, 0); \
} \
static void Hook_ ## _name (void* uc, Address _address, void* _user_data) { \
bool silent = false; \
\
int eip; \
uc_reg_read(uc, UC_X86_REG_EIP, &eip); \
int esp; \
uc_reg_read(uc, UC_X86_REG_ESP, &esp); \
int eax; \
uc_reg_read(uc, UC_X86_REG_EAX, &eax); \
\
Address stackAddress = esp; \
uint32_t* stack = (uint32_t*)Memory(stackAddress); \
\
/* This lists a stack trace. */ \
/* It's a failed attempt because most functions omit the frame pointer */ \
/*int ebp; \
uc_reg_read(uc, UC_X86_REG_EBP, &ebp); \
StackTrace(ebp, 10, 4); */ \
\
/* Pop the return address */ \
Address returnAddress = stack[0]; \
eip = returnAddress; \
esp += 4; \
#define HACKY_IMPORT_END() \
if (!silent) { \
hacky_printf("Stack at 0x%" PRIX32 "; returning EAX: 0x%08" PRIX32 "\n", stackAddress, eax); \
hacky_printf("%7" PRIu32 " Emulation at %X ('%s') from %X\n\n", callId, eip, (char*)_user_data, returnAddress); \
} \
callId++; \
\
uc_reg_write(uc, UC_X86_REG_ESP, &esp); \
uc_reg_write(uc, UC_X86_REG_EIP, &eip); \
uc_reg_write(uc, UC_X86_REG_EAX, &eax); \
}
#define HACKY_COM_BEGIN(interface, slot) HACKY_IMPORT_BEGIN(interface ## __ ## slot)
#define HACKY_COM_END() HACKY_IMPORT_END()
#endif