├── internal
├── engine_lean.h
├── Sdk.h
├── sdkgen
│ ├── PUBG.h
│ ├── Engine
│ │ ├── Logger.cpp
│ │ ├── NameValidator.h
│ │ ├── UE4
│ │ │ ├── Package.cpp
│ │ │ ├── FunctionFlags.h
│ │ │ ├── PropertyFlags.h
│ │ │ └── FunctionFlags.cpp
│ │ ├── PrintHelper.h
│ │ ├── Logger.h
│ │ ├── NamesStore.cpp
│ │ ├── NamesStore.h
│ │ ├── NameValidator.cpp
│ │ ├── PrintHelper.cpp
│ │ ├── ObjectsStore.cpp
│ │ └── ObjectsStore.h
│ └── Target
│ │ └── PUBG
│ │ └── ObjectsStore.cpp
└── sdk
│ ├── Names.h
│ ├── Format.h
│ ├── World.h
│ ├── EnumClassFlags.h
│ ├── World.cpp
│ ├── Encryption.h
│ ├── UnrealTypes.cpp
│ ├── World_decrypt.asm
│ └── Names_decrypt.asm
├── contrib
└── distorm
│ ├── examples
│ ├── ddk
│ │ ├── makefile
│ │ ├── sources
│ │ ├── distorm.ini
│ │ ├── dummy.c
│ │ ├── README
│ │ └── main.c
│ ├── cs
│ │ ├── readme
│ │ ├── distorm-net
│ │ │ ├── DecodedResult.cs
│ │ │ ├── DecomposedResult.cs
│ │ │ ├── DecodedInst.cs
│ │ │ ├── Operand.cs
│ │ │ ├── CodeInfo.cs
│ │ │ ├── DecomposedInst.cs
│ │ │ ├── Opcodes.tt
│ │ │ ├── Properties
│ │ │ │ └── AssemblyInfo.cs
│ │ │ └── distorm-net.csproj
│ │ ├── distorm-net.sln
│ │ └── TestdiStorm
│ │ │ ├── Properties
│ │ │ └── AssemblyInfo.cs
│ │ │ ├── Program.cs
│ │ │ └── TestdiStorm.csproj
│ ├── linux
│ │ └── Makefile
│ ├── tests
│ │ ├── Makefile
│ │ ├── tests.sln
│ │ ├── tests.vcxproj.filters
│ │ ├── main.cpp
│ │ ├── main.py
│ │ └── tests.vcxproj
│ ├── java
│ │ ├── distorm
│ │ │ ├── src
│ │ │ │ ├── diStorm3
│ │ │ │ │ ├── DecodedResult.java
│ │ │ │ │ ├── DecomposedResult.java
│ │ │ │ │ ├── Operand.java
│ │ │ │ │ ├── DecodedInst.java
│ │ │ │ │ ├── CodeInfo.java
│ │ │ │ │ ├── distorm3.java
│ │ │ │ │ └── DecomposedInst.java
│ │ │ │ └── Main.java
│ │ │ ├── .classpath
│ │ │ ├── .project
│ │ │ └── .settings
│ │ │ │ └── org.eclipse.jdt.core.prefs
│ │ ├── Makefile
│ │ ├── jdistorm.sln
│ │ └── jdistorm.h
│ ├── win32
│ │ ├── disasm.vcxproj.filters
│ │ └── disasm.sln
│ └── python
│ │ └── sample.py
│ ├── make
│ ├── win32
│ │ ├── distorm.idb
│ │ ├── resource.rc
│ │ ├── resource.h
│ │ ├── distorm.sln
│ │ └── cdistorm.vcxproj.filters
│ ├── mac
│ │ └── Makefile
│ └── linux
│ │ └── Makefile
│ ├── setup.cfg
│ ├── MANIFEST.in
│ ├── MANIFEST
│ ├── src
│ ├── operands.h
│ ├── wstring.c
│ ├── decoder.h
│ ├── wstring.h
│ ├── textdefs.h
│ ├── insts.h
│ ├── x86defs.h
│ └── prefix.h
│ ├── README.md
│ ├── COPYING
│ └── disOps
│ └── registers.py
├── vendor
└── vmp
│ ├── VMProtectDDK32.lib
│ ├── VMProtectDDK32.sys
│ ├── VMProtectDDK64.lib
│ ├── VMProtectDDK64.sys
│ ├── VMProtectSDK32.dll
│ ├── VMProtectSDK32.lib
│ ├── VMProtectSDK64.dll
│ ├── VMProtectSDK64.lib
│ ├── driver.vmp
│ ├── VMProtectDDK.h
│ └── VMProtectSDK.h
├── README.md
├── driver
├── driver.inf
├── dispatch.h
├── mm.h
├── mm.c
├── nttrust.h
├── crypto.h
├── inject.h
├── image.h
├── ntbuild.h
├── shared.h
└── driver.h
├── native
├── private
│ ├── nativeexcept.h
│ ├── nativewow64.h
│ ├── nativepool.h
│ └── nativeuser.h
├── native.h
├── service.h
├── wow64.h
├── service.c
└── eresource.h
├── utils
├── vmt.cpp
├── vthook.cpp
├── vmt.h
├── vthook.h
├── disasm.c
├── disasm.h
└── xorstr.h
├── reversal
└── pubg_reference_scan.py
├── .gitattributes
├── service
└── main.cpp
└── internal.sln
/internal/engine_lean.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/ddk/makefile:
--------------------------------------------------------------------------------
1 | !INCLUDE $(NTMAKEENV)\makefile.def
--------------------------------------------------------------------------------
/vendor/vmp/VMProtectDDK32.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajkhoury/pubg_internal/HEAD/vendor/vmp/VMProtectDDK32.lib
--------------------------------------------------------------------------------
/vendor/vmp/VMProtectDDK32.sys:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajkhoury/pubg_internal/HEAD/vendor/vmp/VMProtectDDK32.sys
--------------------------------------------------------------------------------
/vendor/vmp/VMProtectDDK64.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajkhoury/pubg_internal/HEAD/vendor/vmp/VMProtectDDK64.lib
--------------------------------------------------------------------------------
/vendor/vmp/VMProtectDDK64.sys:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajkhoury/pubg_internal/HEAD/vendor/vmp/VMProtectDDK64.sys
--------------------------------------------------------------------------------
/vendor/vmp/VMProtectSDK32.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajkhoury/pubg_internal/HEAD/vendor/vmp/VMProtectSDK32.dll
--------------------------------------------------------------------------------
/vendor/vmp/VMProtectSDK32.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajkhoury/pubg_internal/HEAD/vendor/vmp/VMProtectSDK32.lib
--------------------------------------------------------------------------------
/vendor/vmp/VMProtectSDK64.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajkhoury/pubg_internal/HEAD/vendor/vmp/VMProtectSDK64.dll
--------------------------------------------------------------------------------
/vendor/vmp/VMProtectSDK64.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajkhoury/pubg_internal/HEAD/vendor/vmp/VMProtectSDK64.lib
--------------------------------------------------------------------------------
/contrib/distorm/make/win32/distorm.idb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajkhoury/pubg_internal/HEAD/contrib/distorm/make/win32/distorm.idb
--------------------------------------------------------------------------------
/contrib/distorm/make/win32/resource.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ajkhoury/pubg_internal/HEAD/contrib/distorm/make/win32/resource.rc
--------------------------------------------------------------------------------
/contrib/distorm/setup.cfg:
--------------------------------------------------------------------------------
1 | [wheel]
2 | universal = 1
3 |
4 | [install]
5 | force=1
6 | compile=1
7 | optimize=1
8 |
9 | [bdist_wininst]
10 | user-access-control=auto
11 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/readme:
--------------------------------------------------------------------------------
1 | This is a .NET Wrapper of the distorm project for seamless decompilation of 32-bit and 64-bit intel binaries.
2 | This project is licensed under the GPLv3.
3 | By Dan Shechter
--------------------------------------------------------------------------------
/internal/Sdk.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "sdk/Types.h"
4 | #include "sdk/Names.h"
5 | #include "sdk/Objects.h"
6 | #include "sdk/World.h"
7 |
8 | #if defined(ENABLE_SDK)
9 | #include "sdk/PUBG_SDK.h"
10 | #else
11 | #include "sdk/UnrealTypes.h"
12 | #endif
--------------------------------------------------------------------------------
/contrib/distorm/examples/ddk/sources:
--------------------------------------------------------------------------------
1 | TARGETNAME = distorm
2 | TARGETPATH = obj
3 | TARGETTYPE = DRIVER
4 |
5 | C_DEFINES = $(C_DEFINES) -DSUPPORT_64BIT_OFFSET -DLIBDISTORM
6 |
7 | INCLUDES = %BUILD%\inc;..\src;
8 | LIBS = %BUILD%\lib
9 |
10 | SOURCES = main.c
11 |
--------------------------------------------------------------------------------
/contrib/distorm/MANIFEST.in:
--------------------------------------------------------------------------------
1 | include COPYING setup.cfg setup.py
2 | include make\win32\cdistorm.vcxproj make\win32\cdistorm.vcxproj.filters make\win32\distorm.sln make\win32\resource.h make\win32\Resource.rc
3 | recursive-include src *.c *.h
4 | recursive-include include *.c *.h
5 | recursive-include . *.py
6 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/linux/Makefile:
--------------------------------------------------------------------------------
1 | #
2 | # diStorm (Linux Port) / Demo Application Makefile
3 | #
4 |
5 | TARGET = disasm
6 | CC = gcc
7 | CFLAGS = -Wall -O2 -o
8 |
9 | all: disasm
10 |
11 | disasm:
12 | ${CC} ${CFLAGS} ${TARGET} main.c ../../distorm3.a
13 |
14 | clean:
15 | /bin/rm -rf *.o ${TARGET}
16 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/tests/Makefile:
--------------------------------------------------------------------------------
1 | #
2 | # diStorm (Linux Port) / Demo Application Makefile
3 | #
4 |
5 | TARGET = disasm
6 | CC = gcc
7 | CFLAGS = -Wall -O2 -I. -o
8 |
9 | all: disasm
10 |
11 | disasm:
12 | ${CC} ${CFLAGS} ${TARGET} main.cpp ../distorm64.a
13 |
14 | clean:
15 | /bin/rm -rf *.o ${TARGET}
16 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/distorm/src/diStorm3/DecodedResult.java:
--------------------------------------------------------------------------------
1 | package diStorm3;
2 |
3 | public class DecodedResult {
4 | public DecodedResult(int maxInstructions) {
5 | mMaxInstructions = maxInstructions;
6 | mInstructions = null;
7 | }
8 |
9 | public DecodedInst[] mInstructions;
10 | private int mMaxInstructions;
11 | }
--------------------------------------------------------------------------------
/internal/sdkgen/PUBG.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "Engine/IGenerator.h"
4 | #include "Engine/UE4/GenericTypes.h"
5 | #include "Engine/ObjectsStore.h"
6 | #include "Engine/NamesStore.h"
7 | #include "Engine/NameValidator.h"
8 | #include "Target/PUBG/EngineClasses.h"
9 |
10 | DWORD WINAPI SdkGeneratorOnAttach(LPVOID lpParameter);
11 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/distorm/src/diStorm3/DecomposedResult.java:
--------------------------------------------------------------------------------
1 | package diStorm3;
2 |
3 | public class DecomposedResult {
4 | public DecomposedResult(int maxInstructions) {
5 | mMaxInstructions = maxInstructions;
6 | mInstructions = null;
7 | }
8 |
9 | public DecomposedInst[] mInstructions;
10 | private int mMaxInstructions;
11 | }
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/distorm/.classpath:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/Logger.cpp:
--------------------------------------------------------------------------------
1 | #include "Logger.h"
2 |
3 | std::ostream* Logger::stream = nullptr;
4 |
5 | void Logger::SetStream(std::ostream* _stream)
6 | {
7 | stream = _stream;
8 | }
9 |
10 | void Logger::Log(const std::string& message)
11 | {
12 | if (stream != nullptr) {
13 | (*stream) << message << '\n' << std::flush;
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/internal/sdk/Names.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "Types.h"
4 |
5 |
6 | class NamesProxy {
7 | public:
8 | NamesProxy();
9 |
10 | inline void *GetAddress() const { return Names; }
11 |
12 | int32_t GetNum() const;
13 | bool IsValid(int32_t id) const;
14 | std::string GetById(int32_t id) const;
15 |
16 | private:
17 | void *Names;
18 | };
19 |
20 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # pubg_internal
2 |
3 | Old PUBG internal I made for fun and research. It seems some bad actors were able to get their hands on this, so I am publicizing it.
4 |
5 | ## Contains
6 |
7 | - Kernel driver used for mapping the PE image into a protected process.
8 | - PUBG SDK generator updated around summer of 2019
9 | - Simple PUBG cheat with ESP
10 |
11 | Have fun, and fuck you UnknownCheats 🖕
12 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/distorm-net/DecodedResult.cs:
--------------------------------------------------------------------------------
1 |
2 | namespace diStorm
3 | {
4 | public class DecodedResult
5 | {
6 | public DecodedResult(int maxInstructions)
7 | {
8 | MaxInstructions = maxInstructions;
9 | Instructions = null;
10 | }
11 | public DecodedInst[] Instructions { get; internal set; }
12 | public int MaxInstructions { get; internal set; }
13 | }
14 | }
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/distorm-net/DecomposedResult.cs:
--------------------------------------------------------------------------------
1 | namespace diStorm
2 | {
3 | public class DecomposedResult
4 | {
5 | public DecomposedResult(int maxInstructions)
6 | {
7 | MaxInstructions = maxInstructions;
8 | Instructions = null;
9 | }
10 |
11 | public DecomposedInst[] Instructions { get; internal set; }
12 | public int MaxInstructions { get; private set; }
13 | }
14 | }
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/distorm-net/DecodedInst.cs:
--------------------------------------------------------------------------------
1 | using System;
2 |
3 | namespace diStorm
4 | {
5 | public class DecodedInst
6 | {
7 | internal DecodedInst() { }
8 |
9 | public string Mnemonic { get; internal set; }
10 | public string Operands { get; internal set; }
11 | public string Hex { get; internal set; }
12 | public uint Size { get; internal set; }
13 | public IntPtr Offset { get; internal set; }
14 | }
15 | }
--------------------------------------------------------------------------------
/contrib/distorm/examples/ddk/distorm.ini:
--------------------------------------------------------------------------------
1 | \registry\machine\system\currentcontrolset\services\distorm
2 | ImagePath = system32\drivers\distorm.sys
3 | DisplayName = "distorm"
4 | Type = REG_DWORD 0x1
5 | Start = REG_DWORD 0x3
6 | Group = Extended base
7 | ErrorControl = REG_DWORD 0x1
8 | \registry\machine\system\currentcontrolset\services\distorm\Parameters
9 | BreakOnEntry = REG_DWORD 0x0
10 | DebugMask = REG_DWORD 0x0
11 | LogEvents = REG_DWORD 0x0
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/distorm-net/Operand.cs:
--------------------------------------------------------------------------------
1 |
2 | namespace diStorm
3 | {
4 |
5 | public enum OperandType : byte
6 | {
7 | None,
8 | Reg,
9 | Imm,
10 | Imm1,
11 | Imm2,
12 | Disp,
13 | Smem,
14 | Mem,
15 | Pc,
16 | Ptr
17 | }
18 |
19 | public class Operand
20 | {
21 | public OperandType Type { get; internal set; }
22 | public int Index { get; internal set; }
23 | public int Size { get; internal set; }
24 | }
25 | }
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/distorm/.project:
--------------------------------------------------------------------------------
1 |
2 |
3 | distorm
4 |
5 |
6 |
7 |
8 |
9 | org.eclipse.jdt.core.javabuilder
10 |
11 |
12 |
13 |
14 |
15 | org.eclipse.jdt.core.javanature
16 |
17 |
18 |
--------------------------------------------------------------------------------
/internal/sdk/Format.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "Types.h"
4 |
5 | #include
6 |
7 | class UEnum;
8 | class UStruct;
9 |
10 | namespace fmt {
11 |
12 | std::string MakeValidName(const std::string&& Name);
13 | std::string MakeUniqueEnumCppName(UEnum const* e);
14 | std::string MakeUniqueStructCppName(UStruct const* s);
15 |
16 | std::string StringifyFunctionFlags(const uint32_t Flags);
17 | std::string StringifyPropertyFlags(const uint64_t Flags);
18 |
19 | }
20 |
21 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/distorm/src/diStorm3/Operand.java:
--------------------------------------------------------------------------------
1 | package diStorm3;
2 |
3 | public class Operand {
4 |
5 | public enum OperandType {
6 | None, Reg, Imm, Imm1, Imm2, Disp, Smem, Mem, Pc, Ptr
7 | }
8 |
9 | private int mType;
10 | private int mIndex;
11 | private int mSize;
12 |
13 | public OperandType getType() {
14 | return OperandType.values()[mType];
15 | }
16 |
17 | public int getIndex() {
18 | return mIndex;
19 | }
20 |
21 | public int getSize() {
22 | return mSize;
23 | }
24 | }
--------------------------------------------------------------------------------
/contrib/distorm/examples/ddk/dummy.c:
--------------------------------------------------------------------------------
1 | // Since the DDK's nmake is limited with directories, we will bypass that with this simple hack.
2 | // Thanks to Razvan Hobeanu.
3 | // Sep 2009.
4 |
5 |
6 | #include "../src/mnemonics.c"
7 | #include "../src/wstring.c"
8 | #include "../src/textdefs.c"
9 | #include "../src/x86defs.c"
10 | #include "../src/prefix.c"
11 | #include "../src/operands.c"
12 | #include "../src/insts.c"
13 | #include "../src/instructions.c"
14 | #include "../src/distorm.c"
15 | #include "../src/decoder.c"
16 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/win32/disasm.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 |
10 |
11 | Source Files
12 |
13 |
14 |
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/NameValidator.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 |
5 | class UEConst;
6 | class UEEnum;
7 | class UEStruct;
8 |
9 | ///
10 | /// Makes valid C++ name from the given name.
11 | ///
12 | /// The name to process.
13 | /// A valid C++ name.
14 | std::string MakeValidName(std::string&& name);
15 |
16 | std::string SimplifyEnumName(std::string&& name);
17 |
18 | std::string MakeUniqueCppName(const UEConst& c);
19 | std::string MakeUniqueCppName(const UEEnum& e);
20 | std::string MakeUniqueCppName(const UEStruct& ss);
21 |
--------------------------------------------------------------------------------
/driver/driver.inf:
--------------------------------------------------------------------------------
1 | ;
2 | ; driver.inf
3 | ;
4 |
5 | [Version]
6 | Signature="$WINDOWS NT$"
7 | Class=System
8 | ClassGuid={4d36e97d-e325-11ce-bfc1-08002be10318}
9 | Provider=%ManufacturerName%
10 | DriverVer=
11 | CatalogFile=driver.cat
12 |
13 | [DestinationDirs]
14 | DefaultDestDir = 12
15 |
16 |
17 | [SourceDisksNames]
18 | 1 = %DiskName%,,,""
19 |
20 | [SourceDisksFiles]
21 |
22 |
23 | [Manufacturer]
24 | %ManufacturerName%=Standard,NT$ARCH$
25 |
26 | [Standard.NT$ARCH$]
27 |
28 |
29 | [Strings]
30 | ManufacturerName="" ;TODO: Replace with your manufacturer name
31 | ClassName=""
32 | DiskName=""
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/distorm-net/CodeInfo.cs:
--------------------------------------------------------------------------------
1 | using System;
2 |
3 | namespace diStorm
4 | {
5 | public class CodeInfo
6 | {
7 | public CodeInfo(long codeOffset, byte[] rawCode, DecodeType dt, int features)
8 | {
9 | _code = new byte[rawCode.Length];
10 | Array.Copy(rawCode, _code, _code.Length);
11 |
12 | _codeOffset = codeOffset;
13 | _decodeType = dt;
14 | _features = features;
15 | }
16 |
17 | internal long _codeOffset;
18 | internal long _nextOffset;
19 | internal byte[] _code;
20 | internal DecodeType _decodeType;
21 | internal int _features;
22 | }
23 | }
24 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/distorm/src/diStorm3/DecodedInst.java:
--------------------------------------------------------------------------------
1 | package diStorm3;
2 |
3 | public class DecodedInst {
4 | DecodedInst()
5 | {
6 | }
7 | private String mMnemonic;
8 | private String mOperands;
9 | private String mHex;
10 | private int mSize;
11 | private long mOffset;
12 |
13 | public String getMnemonic() {
14 | return mMnemonic;
15 | }
16 |
17 | public String getOperands() {
18 | return mOperands;
19 | }
20 |
21 | public String getHex() {
22 | return mHex;
23 | }
24 |
25 | public int getSize() {
26 | return mSize;
27 | }
28 |
29 | public long getOffset() {
30 | return mOffset;
31 | }
32 | }
--------------------------------------------------------------------------------
/native/private/nativeexcept.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "nativecommon.h"
4 |
5 | #ifdef __cplusplus
6 | extern "C" {
7 | #endif // __cplusplus
8 |
9 |
10 | ///
11 | /// < Exception Routines >
12 | ///
13 |
14 | typedef
15 | NTSTATUS
16 | (NTAPI *PNT_RAISE_EXCEPTION)(
17 | IN PEXCEPTION_RECORD ExceptionRecord,
18 | IN PCONTEXT Context,
19 | IN BOOLEAN FirstChance
20 | );
21 | NTSYSAPI
22 | NTSTATUS
23 | NTAPI
24 | NtRaiseException(
25 | IN PEXCEPTION_RECORD ExceptionRecord,
26 | IN PCONTEXT Context,
27 | IN BOOLEAN FirstChance
28 | );
29 |
30 |
31 | #ifdef __cplusplus
32 | } // extern "C"
33 | #endif // __cplusplus
--------------------------------------------------------------------------------
/contrib/distorm/MANIFEST:
--------------------------------------------------------------------------------
1 | COPYING
2 | setup.cfg
3 | setup.py
4 | include\distorm.h
5 | include\mnemonics.h
6 | python\distorm3\__init__.py
7 | examples\python\sample.py
8 | src\config.h
9 | src\decoder.c
10 | src\decoder.h
11 | src\distorm.c
12 | src\instructions.c
13 | src\instructions.h
14 | src\insts.c
15 | src\insts.h
16 | src\mnemonics.c
17 | src\operands.c
18 | src\operands.h
19 | src\prefix.c
20 | src\prefix.h
21 | src\textdefs.c
22 | src\textdefs.h
23 | src\wstring.c
24 | src\wstring.h
25 | src\x86defs.h
26 | make\win32\cdistorm.vcxproj
27 | make\win32\cdistorm.vcxproj.filters
28 | make\win32\distorm.sln
29 | make\win32\resource.h
30 | make\win32\Resource.rc
31 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/Makefile:
--------------------------------------------------------------------------------
1 | UNAME_S := $(shell uname -s)
2 |
3 | ifeq ($(UNAME_S),Darwin)
4 |
5 | JAVA_HOME=$(shell /usr/libexec/java_home)
6 |
7 | all: libjdistorm.dylib
8 | libjdistorm.dylib: jdistorm.c jdistorm.h
9 | gcc -dynamiclib -o libjdistorm.dylib jdistorm.c -I ${JAVA_HOME}/include/ -I ${JAVA_HOME}/include/darwin/ -ldistorm3
10 |
11 | endif
12 |
13 | ifeq ($(UNAME_S),Linux)
14 |
15 | all: libjdistorm.so
16 | jdistorm.o: jdistorm.c jdistorm.h
17 | gcc -c jdistorm.c -fPIC -I ${JAVA_HOME}/include -I ${JAVA_HOME}/include/linux
18 |
19 | libjdistorm.so: jdistorm.o
20 | gcc -shared -o libjdistorm.so -L${JAVA_HOME}/jre/lib -ldistorm3 jdistorm.o
21 |
22 | endif
23 |
24 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/distorm/.settings/org.eclipse.jdt.core.prefs:
--------------------------------------------------------------------------------
1 | #Sun Oct 31 17:27:29 IST 2010
2 | eclipse.preferences.version=1
3 | org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
4 | org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.6
5 | org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
6 | org.eclipse.jdt.core.compiler.compliance=1.6
7 | org.eclipse.jdt.core.compiler.debug.lineNumber=generate
8 | org.eclipse.jdt.core.compiler.debug.localVariable=generate
9 | org.eclipse.jdt.core.compiler.debug.sourceFile=generate
10 | org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
11 | org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
12 | org.eclipse.jdt.core.compiler.source=1.6
13 |
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/UE4/Package.cpp:
--------------------------------------------------------------------------------
1 | #include "../Package.h"
2 |
3 | bool Package::Method::Parameter::MakeType(UEPropertyFlags flags, Type& type)
4 | {
5 | if (flags & UEPropertyFlags::ReturnParm) {
6 |
7 | type = Type::Return;
8 |
9 | } else if (flags & UEPropertyFlags::OutParm) {
10 |
11 | //if it is a const parameter make it a default parameter
12 | if (flags & UEPropertyFlags::ConstParm) {
13 | type = Type::Default;
14 | } else {
15 | type = Type::Out;
16 | }
17 |
18 | } else if (flags & UEPropertyFlags::Parm) {
19 |
20 | type = Type::Default;
21 |
22 | } else {
23 |
24 | return false;
25 | }
26 |
27 | return true;
28 | }
--------------------------------------------------------------------------------
/native/native.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | //
4 | // Thanks to Microsoft's DDK and Process Hacker for this stuff!
5 | //
6 |
7 | #include "private/nativecommon.h"
8 | #include "private/nativepool.h"
9 | #include "private/nativeex.h"
10 | #include "private/nativeob.h"
11 | #include "private/nativepeb.h"
12 | #include "private/nativeteb.h"
13 | #include "private/nativeexcept.h"
14 | #include "private/nativeps.h"
15 | #include "private/nativeinfo.h"
16 | #include "private/nativemm.h"
17 | #include "private/nativeprefetch.h"
18 | #include "private/nativeio.h"
19 | #include "private/nativesec.h"
20 | #include "private/nativepecoff.h"
21 | #include "private/nativertl.h"
22 | #include "private/nativeldr.h"
23 | #include "private/nativeuser.h"
24 | #include "private/nativewow64.h"
25 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/distorm/src/diStorm3/CodeInfo.java:
--------------------------------------------------------------------------------
1 | package diStorm3;
2 |
3 | import java.nio.ByteBuffer;
4 |
5 | public class CodeInfo {
6 | public CodeInfo(long codeOffset, ByteBuffer code, distorm3.DecodeType dt, int features) {
7 | mCodeOffset = codeOffset;
8 | mCode = code;
9 | mDecodeType = dt.ordinal();
10 | mFeatures = features;
11 | }
12 |
13 | public CodeInfo(long codeOffset, byte[] rawCode, distorm3.DecodeType dt, int features) {
14 | mCode = ByteBuffer.allocateDirect(rawCode.length);
15 | mCode.put(rawCode);
16 |
17 | mCodeOffset = codeOffset;
18 | mDecodeType = dt.ordinal();
19 | mFeatures = features;
20 | }
21 |
22 | private long mCodeOffset;
23 | private long mNextOffset;
24 | private ByteBuffer mCode;
25 | private int mDecodeType;
26 | private int mFeatures;
27 | }
--------------------------------------------------------------------------------
/driver/dispatch.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Blackout Driver
3 | * Copyright (c) 2018-2019 Aidan Khoury. All rights reserved.
4 | *
5 | * @file dispatch.h
6 | * @author Aidan Khoury (ajkhoury)
7 | * @date 12/12/2018
8 | */
9 |
10 | #ifndef _BLACKOUT_DRIVER_IOCTL_H_
11 | #define _BLACKOUT_DRIVER_IOCTL_H_
12 | #if defined(_MSC_VER)
13 | #pragma once
14 | #endif
15 |
16 | #include "driver.h"
17 |
18 | _Dispatch_type_(IRP_MJ_CREATE) DRIVER_DISPATCH BoDeviceCreate; // This function handles the 'create' irp.
19 | _Dispatch_type_(IRP_MJ_CLOSE) DRIVER_DISPATCH BoDeviceClose; // This function handles the 'close' irp.
20 | _Dispatch_type_(IRP_MJ_CLEANUP) DRIVER_DISPATCH BoDeviceCleanup; // This function handles the 'cleanup' irp.
21 | _Dispatch_type_(IRP_MJ_DEVICE_CONTROL) DRIVER_DISPATCH BoDeviceControl; // This function handles the 'ioctl' irp.
22 |
23 | #endif // _BLACKOUT_DRIVER_IOCTL_H_
--------------------------------------------------------------------------------
/contrib/distorm/src/operands.h:
--------------------------------------------------------------------------------
1 | /*
2 | operands.h
3 |
4 | diStorm3 - Powerful disassembler for X86/AMD64
5 | http://ragestorm.net/distorm/
6 | distorm at gmail dot com
7 | Copyright (C) 2003-2018 Gil Dabah
8 | This library is licensed under the BSD license. See the file COPYING.
9 | */
10 |
11 |
12 | #ifndef OPERANDS_H
13 | #define OPERANDS_H
14 |
15 | #include "config.h"
16 | #include "decoder.h"
17 | #include "prefix.h"
18 | #include "instructions.h"
19 |
20 |
21 | extern uint32_t _REGISTERTORCLASS[];
22 |
23 | int operands_extract(_CodeInfo* ci, _DInst* di, const uint8_t* startCode, _InstInfo* ii,
24 | _iflags instFlags, _OpType type, _OperandNumberType opNum,
25 | unsigned int modrm, _PrefixState* ps, _DecodeType effOpSz,
26 | _DecodeType effAdrSz, int* lockableInstruction);
27 |
28 | #endif /* OPERANDS_H */
29 |
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/PrintHelper.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 | #include
5 |
6 | void PrintFileHeader(std::ostream& os, const std::vector& includes, const bool isHeaderFile);
7 |
8 | void PrintFileHeader(std::ostream& os, const bool isHeaderFile);
9 |
10 | void PrintFileFooter(std::ostream& os);
11 |
12 | void PrintSectionHeader(std::ostream& os, const char* name);
13 |
14 | enum class FileContentType {
15 | Structs,
16 | Classes,
17 | Functions,
18 | FunctionParameters
19 | };
20 |
21 | ///
22 | /// Generates a file name composed by the game name and the package object.
23 | ///
24 | /// The type of the file.
25 | ///
26 | /// The generated file name.
27 | ///
28 | std::string GenerateFileName(const FileContentType type, const class Package& package);
29 |
--------------------------------------------------------------------------------
/utils/vmt.cpp:
--------------------------------------------------------------------------------
1 | #include "vmt.h"
2 | #include "utils.h"
3 |
4 | VTHook::VTHook(void *InObject)
5 | {
6 | Instance = static_cast(InObject);
7 |
8 | // Roughly calculate the VTable method count.
9 | uintptr_t ImageBase = reinterpret_cast(utils::GetModuleHandleWIDE(NULL));
10 | size_t ImageSize = utils::GetModuleSize((HMODULE)ImageBase);
11 | VTableSize = 0;
12 | while (1) {
13 | uintptr_t VTableEntry = static_cast(*Instance)[VTableSize];
14 | if (VTableEntry < ImageBase || VTableEntry >= ImageBase + ImageSize)
15 | break;
16 | ++VTableSize;
17 | }
18 |
19 | OriginalVTable = *Instance;
20 | CurrentVTable = std::make_unique(VTableSize);
21 |
22 | memcpy(CurrentVTable.get(), OriginalVTable, VTableSize * sizeof(uintptr_t));
23 |
24 | *Instance = CurrentVTable.get();
25 | }
26 |
--------------------------------------------------------------------------------
/utils/vthook.cpp:
--------------------------------------------------------------------------------
1 | #include "vthook.h"
2 | #include "utils.h"
3 |
4 | SafeVTableHook::SafeVTableHook(void *InObject)
5 | {
6 | Instance = static_cast(InObject);
7 |
8 | // Roughly calculate the VTable method count.
9 | uintptr_t ImageBase = reinterpret_cast(utils::GetModuleHandleWIDE(NULL));
10 | size_t ImageSize = utils::GetModuleSize((HMODULE)ImageBase);
11 | VTableSize = 0;
12 | while (1) {
13 | uintptr_t VTableEntry = static_cast(*Instance)[VTableSize];
14 | if (VTableEntry < ImageBase || VTableEntry >= ImageBase + ImageSize)
15 | break;
16 | ++VTableSize;
17 | }
18 |
19 | OriginalVTable = *Instance;
20 | CurrentVTable = std::make_unique(VTableSize);
21 |
22 | memcpy(CurrentVTable.get(), OriginalVTable, VTableSize * sizeof(uintptr_t));
23 |
24 | *Instance = CurrentVTable.get();
25 | }
26 |
--------------------------------------------------------------------------------
/contrib/distorm/make/win32/resource.h:
--------------------------------------------------------------------------------
1 | //{{NO_DEPENDENCIES}}
2 | // Microsoft Visual C++ generated include file.
3 | // Used by resource.rc
4 |
5 | // Next default values for new objects
6 | //
7 | #ifdef APSTUDIO_INVOKED
8 | #ifndef APSTUDIO_READONLY_SYMBOLS
9 | #define _APS_NEXT_RESOURCE_VALUE 101
10 | #define _APS_NEXT_COMMAND_VALUE 40001
11 | #define _APS_NEXT_CONTROL_VALUE 1001
12 | #define _APS_NEXT_SYMED_VALUE 101
13 | #endif
14 | #endif
15 | //{{NO_DEPENDENCIES}}
16 | // Microsoft Visual C++ generated include file.
17 | // Used by Resource.rc
18 |
19 | // Next default values for new objects
20 | //
21 | #ifdef APSTUDIO_INVOKED
22 | #ifndef APSTUDIO_READONLY_SYMBOLS
23 | #define _APS_NEXT_RESOURCE_VALUE 101
24 | #define _APS_NEXT_COMMAND_VALUE 40001
25 | #define _APS_NEXT_CONTROL_VALUE 1001
26 | #define _APS_NEXT_SYMED_VALUE 101
27 | #endif
28 | #endif
29 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/jdistorm.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 10.00
3 | # Visual Studio 2008
4 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "jdistorm", "jdistorm.vcproj", "{AB6B51F5-79C6-44CA-9D0B-7CB2A009A9AB}"
5 | EndProject
6 | Global
7 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
8 | Debug|x64 = Debug|x64
9 | Release|x64 = Release|x64
10 | EndGlobalSection
11 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
12 | {AB6B51F5-79C6-44CA-9D0B-7CB2A009A9AB}.Debug|x64.ActiveCfg = Debug|x64
13 | {AB6B51F5-79C6-44CA-9D0B-7CB2A009A9AB}.Debug|x64.Build.0 = Debug|x64
14 | {AB6B51F5-79C6-44CA-9D0B-7CB2A009A9AB}.Release|x64.ActiveCfg = Release|x64
15 | {AB6B51F5-79C6-44CA-9D0B-7CB2A009A9AB}.Release|x64.Build.0 = Release|x64
16 | EndGlobalSection
17 | GlobalSection(SolutionProperties) = preSolution
18 | HideSolutionNode = FALSE
19 | EndGlobalSection
20 | EndGlobal
21 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/tests/tests.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 11.00
3 | # Visual Studio 2010
4 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "tests", "tests.vcxproj", "{C35D3921-227A-432A-BB5D-90ECEBAB08B2}"
5 | EndProject
6 | Global
7 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
8 | Debug|Win32 = Debug|Win32
9 | Release|Win32 = Release|Win32
10 | EndGlobalSection
11 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
12 | {C35D3921-227A-432A-BB5D-90ECEBAB08B2}.Debug|Win32.ActiveCfg = Debug|Win32
13 | {C35D3921-227A-432A-BB5D-90ECEBAB08B2}.Debug|Win32.Build.0 = Debug|Win32
14 | {C35D3921-227A-432A-BB5D-90ECEBAB08B2}.Release|Win32.ActiveCfg = Release|Win32
15 | {C35D3921-227A-432A-BB5D-90ECEBAB08B2}.Release|Win32.Build.0 = Release|Win32
16 | EndGlobalSection
17 | GlobalSection(SolutionProperties) = preSolution
18 | HideSolutionNode = FALSE
19 | EndGlobalSection
20 | EndGlobal
21 |
--------------------------------------------------------------------------------
/driver/mm.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Blackout Driver
3 | * Copyright (c) 2018-2019 Aidan Khoury. All rights reserved.
4 | *
5 | * @file mm.h
6 | * @author Aidan Khoury (ajkhoury)
7 | * @date 8/27/2018
8 | */
9 |
10 | #ifndef _BLACKOUT_DRIVER_MM_H_
11 | #define _BLACKOUT_DRIVER_MM_H_
12 | #if defined(_MSC_VER)
13 | #pragma once
14 | #endif
15 |
16 | #include "ntapi.h"
17 |
18 | #define MMAPI NTAPI
19 |
20 | #define MM_POOL_TAG ' mM'
21 |
22 |
23 | PVOID
24 | MMAPI
25 | MmAllocateNonPaged(
26 | IN SIZE_T NumberOfBytes
27 | );
28 |
29 | PVOID
30 | MMAPI
31 | MmAllocateNonPagedNx(
32 | IN SIZE_T NumberOfBytes
33 | );
34 |
35 | PVOID
36 | MMAPI
37 | MmAllocatePaged(
38 | IN SIZE_T NumberOfBytes
39 | );
40 |
41 | VOID
42 | MMAPI
43 | MmFreeNonPaged(
44 | IN PVOID P
45 | );
46 |
47 | #define MmFreeNonPagedNx MmFreeNonPaged
48 |
49 | VOID
50 | MMAPI
51 | MmFreePaged(
52 | IN PVOID P
53 | );
54 |
55 |
56 | #endif // _BLACKOUT_DRIVER_MM_H_
--------------------------------------------------------------------------------
/vendor/vmp/driver.vmp:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | A debugger has been found running in your system.
6 | Sorry, this application cannot run under a vm.
7 | File corrupted!
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/contrib/distorm/make/mac/Makefile:
--------------------------------------------------------------------------------
1 | #
2 | # diStorm3 (Mac Port)
3 | #
4 |
5 | DISTORM_MODE ?= DISTORM_DYNAMIC
6 | TARGET = libdistorm3.dylib
7 | PYTHON_BUILD_DIR = ../../Python/macosx-x86
8 | COBJS = ../../src/mnemonics.o ../../src/wstring.o ../../src/textdefs.o ../../src/prefix.o ../../src/operands.o ../../src/insts.o ../../src/instructions.o ../../src/distorm.o ../../src/decoder.o
9 | CC = gcc
10 | CFLAGS = -arch i386 -arch x86_64 -O2 -Wall -fPIC -DSUPPORT_64BIT_OFFSET -D${DISTORM_MODE}
11 |
12 | all: clib
13 |
14 | clean:
15 | /bin/rm -rf ../../src/*.o ${TARGET} ../../libdistorm3.dylib ../../distorm3.a ../../*.a
16 |
17 | clib: ${COBJS}
18 | ifeq '$(DISTORM_MODE)' 'DISTORM_DYNAMIC'
19 | ${CC} ${CFLAGS} ${VERSION} ${COBJS} -fPIC -dynamiclib -o ${TARGET}
20 | [ -d ${PYTHON_BUILD_DIR} ] && rm -rf ${PYTHON_BUILD_DIR} || true
21 | mkdir ${PYTHON_BUILD_DIR}
22 | cp ${TARGET} ${PYTHON_BUILD_DIR}/
23 | else
24 | ar rs ../../distorm3.a ${COBJS}
25 | endif
26 |
27 | .c.o:
28 | ${CC} ${CFLAGS} ${VERSION} -c $< -o $@
29 |
--------------------------------------------------------------------------------
/contrib/distorm/README.md:
--------------------------------------------------------------------------------
1 | Powerful Disassembler Library For x86/AMD64
2 | -----------
3 |
4 | Welcome to the diStorm3 binary stream disassembler library project.
5 |
6 | diStorm3 is really a decomposer, which means it takes an instruction and returns a binary structure which describes it rather than static text, which is great for advanced binary code analysis.
7 |
8 | diStorm3 is super lightweight (~45KB), ultra fast and easy to use (a single API)!
9 |
10 | "We benchmarked five popular open-source disassembly libraries and chose diStorm3, which had the best performance (and furthermore, has complete 64-bit support).", July 2014, Quoting David Williams-King in his Thesis about Binary Shuffling.
11 |
12 | diStorm3 is licensed under BSD!
13 |
14 | Installing diStorm3 -
15 | Clone repo locally and then 'python setup.py install' or alternatively: 'python -m pip install distorm3'.
16 |
17 | For Windows, use these pre-built installers in https://pypi.org/project/distorm3/#files.
18 |
19 | RTFM, the wiki has plenty of info.
20 |
--------------------------------------------------------------------------------
/driver/mm.c:
--------------------------------------------------------------------------------
1 | /**
2 | * Blackout Driver
3 | * Copyright (c) 2018-2019 Aidan Khoury. All rights reserved.
4 | *
5 | * @file mm.c
6 | * @author Aidan Khoury (ajkhoury)
7 | * @date 8/27/2018
8 | */
9 |
10 | #include "mm.h"
11 |
12 | PVOID
13 | MMAPI
14 | MmAllocateNonPaged(
15 | IN SIZE_T NumberOfBytes
16 | )
17 | {
18 | return ExAllocatePoolWithTag(NonPagedPool, NumberOfBytes, MM_POOL_TAG);
19 | }
20 |
21 | PVOID
22 | MMAPI
23 | MmAllocateNonPagedNx(
24 | IN SIZE_T NumberOfBytes
25 | )
26 | {
27 | return ExAllocatePoolWithTag(NonPagedPoolNx, NumberOfBytes, MM_POOL_TAG);
28 | }
29 |
30 | PVOID
31 | MMAPI
32 | MmAllocatePaged(
33 | IN SIZE_T NumberOfBytes
34 | )
35 | {
36 | return ExAllocatePoolWithTag(PagedPool, NumberOfBytes, MM_POOL_TAG);
37 | }
38 |
39 | VOID
40 | MMAPI
41 | MmFreeNonPaged(
42 | IN PVOID P
43 | )
44 | {
45 | ExFreePoolWithTag(P, MM_POOL_TAG);
46 | }
47 |
48 | VOID
49 | MMAPI
50 | MmFreePaged(
51 | IN PVOID P
52 | )
53 | {
54 | ExFreePoolWithTag(P, MM_POOL_TAG);
55 | }
--------------------------------------------------------------------------------
/contrib/distorm/examples/tests/tests.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hpp;hxx;hm;inl;inc;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 |
18 |
19 | Source Files
20 |
21 |
22 |
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/Logger.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 | #include
5 | #include
6 |
7 | #include "tinyformat.h"
8 |
9 | class Logger
10 | {
11 | public:
12 |
13 | ///
14 | /// Sets the stream where the output goes to.
15 | ///
16 | /// [in] The stream.
17 | static void SetStream(std::ostream* stream);
18 |
19 | ///
20 | /// Logs the given message.
21 | ///
22 | /// The message.
23 | static void Log(const std::string& message);
24 |
25 | ///
26 | /// Formats and logs the given message.
27 | ///
28 | /// Type of the arguments.
29 | /// Describes the format to use.
30 | /// Variable arguments providing the arguments.
31 | template
32 | static void Log(const char* fmt, const Args&... args)
33 | {
34 | Log(tfm::format(fmt, args...));
35 | }
36 |
37 | private:
38 | static std::ostream *stream;
39 | };
40 |
--------------------------------------------------------------------------------
/contrib/distorm/src/wstring.c:
--------------------------------------------------------------------------------
1 | /*
2 | wstring.c
3 |
4 | diStorm3 - Powerful disassembler for X86/AMD64
5 | http://ragestorm.net/distorm/
6 | distorm at gmail dot com
7 | Copyright (C) 2003-2018 Gil Dabah
8 | This library is licensed under the BSD license. See the file COPYING.
9 | */
10 |
11 |
12 | #include "wstring.h"
13 |
14 | #ifndef DISTORM_LIGHT
15 |
16 | void strclear_WS(_WString* s)
17 | {
18 | s->p[0] = '\0';
19 | s->length = 0;
20 | }
21 |
22 | void chrcat_WS(_WString* s, uint8_t ch)
23 | {
24 | s->p[s->length] = ch;
25 | s->p[s->length + 1] = '\0';
26 | s->length += 1;
27 | }
28 |
29 | void strcpylen_WS(_WString* s, const int8_t* buf, unsigned int len)
30 | {
31 | s->length = len;
32 | memcpy((int8_t*)s->p, buf, len + 1);
33 | }
34 |
35 | void strcatlen_WS(_WString* s, const int8_t* buf, unsigned int len)
36 | {
37 | memcpy((int8_t*)&s->p[s->length], buf, len + 1);
38 | s->length += len;
39 | }
40 |
41 | void strcat_WS(_WString* s, const _WString* s2)
42 | {
43 | memcpy((int8_t*)&s->p[s->length], s2->p, s2->length + 1);
44 | s->length += s2->length;
45 | }
46 |
47 | #endif /* DISTORM_LIGHT */
48 |
--------------------------------------------------------------------------------
/driver/nttrust.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Blackout Driver
3 | * Copyright (c) 2018-2019 Aidan Khoury. All rights reserved.
4 | *
5 | * @file ntapi.h
6 | * @author Aidan Khoury (ajkhoury)
7 | * @date 8/30/2018
8 | */
9 |
10 | #ifndef _BLACKOUT_NTTRUST_H_
11 | #define _BLACKOUT_NTTRUST_H_
12 | #if defined(_MSC_VER)
13 | #pragma once
14 | #endif
15 |
16 | #include
17 |
18 | typedef struct _WIN_CERTIFICATE {
19 | ULONG dwLength;
20 | SHORT wRevision;
21 | SHORT wCertificateType; // WIN_CERT_TYPE_xxx
22 | UCHAR bCertificate[ANYSIZE_ARRAY];
23 | } WIN_CERTIFICATE, *LPWIN_CERTIFICATE;
24 |
25 | #define WIN_CERT_REVISION_1_0 (0x0100)
26 | #define WIN_CERT_REVISION_2_0 (0x0200)
27 |
28 | #define WIN_CERT_TYPE_X509 (0x0001) // bCertificate contains an X.509 Certificate
29 | #define WIN_CERT_TYPE_PKCS_SIGNED_DATA (0x0002) // bCertificate contains a PKCS SignedData structure
30 | #define WIN_CERT_TYPE_RESERVED_1 (0x0003) // Reserved
31 | #define WIN_CERT_TYPE_TS_STACK_SIGNED (0x0004) // Terminal Server Protocol Stack Certificate signing
32 |
33 | #endif // _BLACKOUT_NTTRUST_H_
--------------------------------------------------------------------------------
/contrib/distorm/src/decoder.h:
--------------------------------------------------------------------------------
1 | /*
2 | decoder.h
3 |
4 | diStorm3 - Powerful disassembler for X86/AMD64
5 | http://ragestorm.net/distorm/
6 | distorm at gmail dot com
7 | Copyright (C) 2011 Gil Dabah
8 |
9 | This program is free software: you can redistribute it and/or modify
10 | it under the terms of the GNU General Public License as published by
11 | the Free Software Foundation, either version 3 of the License, or
12 | (at your option) any later version.
13 |
14 | This program is distributed in the hope that it will be useful,
15 | but WITHOUT ANY WARRANTY; without even the implied warranty of
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 | GNU General Public License for more details.
18 |
19 | You should have received a copy of the GNU General Public License
20 | along with this program. If not, see
21 | */
22 |
23 |
24 | #ifndef DECODER_H
25 | #define DECODER_H
26 |
27 | #include "config.h"
28 |
29 | typedef unsigned int _iflags;
30 |
31 | _DecodeResult decode_internal(_CodeInfo *ci, int supportOldIntr, _DInst result[], unsigned int maxResultCount, unsigned int *usedInstructionsCount);
32 |
33 | #endif /* DECODER_H */
34 |
--------------------------------------------------------------------------------
/contrib/distorm/src/wstring.h:
--------------------------------------------------------------------------------
1 | /*
2 | wstring.h
3 |
4 | diStorm3 - Powerful disassembler for X86/AMD64
5 | http://ragestorm.net/distorm/
6 | distorm at gmail dot com
7 | Copyright (C) 2003-2018 Gil Dabah
8 | This library is licensed under the BSD license. See the file COPYING.
9 | */
10 |
11 |
12 | #ifndef WSTRING_H
13 | #define WSTRING_H
14 |
15 | #include "config.h"
16 |
17 | #ifndef DISTORM_LIGHT
18 |
19 | void strclear_WS(_WString* s);
20 | void chrcat_WS(_WString* s, uint8_t ch);
21 | void strcpylen_WS(_WString* s, const int8_t* buf, unsigned int len);
22 | void strcatlen_WS(_WString* s, const int8_t* buf, unsigned int len);
23 | void strcat_WS(_WString* s, const _WString* s2);
24 |
25 | /*
26 | * Warning, this macro should be used only when the compiler knows the size of string in advance!
27 | * This macro is used in order to spare the call to strlen when the strings are known already.
28 | * Note: sizeof includes NULL terminated character.
29 | */
30 | #define strcat_WSN(s, t) strcatlen_WS((s), ((const int8_t*)t), sizeof((t))-1)
31 | #define strcpy_WSN(s, t) strcpylen_WS((s), ((const int8_t*)t), sizeof((t))-1)
32 |
33 | #endif /* DISTORM_LIGHT */
34 |
35 | #endif /* WSTRING_H */
36 |
--------------------------------------------------------------------------------
/contrib/distorm/make/linux/Makefile:
--------------------------------------------------------------------------------
1 | #
2 | # diStorm3 (Linux Port)
3 | #
4 |
5 | TARGET_BASE = libdistorm3.so
6 | COBJS = ../../src/mnemonics.o ../../src/wstring.o ../../src/textdefs.o ../../src/prefix.o ../../src/operands.o ../../src/insts.o ../../src/instructions.o ../../src/distorm.o ../../src/decoder.o
7 | CC = gcc
8 | CFLAGS += -fPIC -O2 -Wall -DSUPPORT_64BIT_OFFSET -DDISTORM_STATIC
9 | LDFLAGS += -shared
10 | PREFIX = /usr/local
11 | # The lib SONAME version:
12 | LIB_S_VERSION = 3
13 | # The lib real version:
14 | LIB_R_VERSION = 3.4.0
15 | LDFLAGS += -Wl,-soname,${TARGET_BASE}.${LIB_S_VERSION}
16 | DESTDIR =
17 | TARGET_NAME = ${TARGET_BASE}.${LIB_R_VERSION}
18 |
19 | all: clib
20 |
21 | clean:
22 | /bin/rm -rf ../../src/*.o ${TARGET_NAME} ../../distorm3.a ./../*.o
23 |
24 | clib: ${COBJS}
25 | ${CC} ${CFLAGS} ${VERSION} ${COBJS} ${LDFLAGS} -o ${TARGET_NAME}
26 | ar rs ../../distorm3.a ${COBJS}
27 |
28 | install: ${TARGET_NAME}
29 | install -D -s ${TARGET_NAME} ${DESTDIR}${PREFIX}/lib/${TARGET_NAME}
30 | ln -sf ${DESTDIR}${PREFIX}/lib/${TARGET_NAME} ${DESTDIR}${PREFIX}/lib/${TARGET_BASE}
31 | @echo "... running ldconfig might be smart ..."
32 |
33 | .c.o:
34 | ${CC} ${CFLAGS} ${VERSION} -c $< -o $@
35 |
36 |
--------------------------------------------------------------------------------
/reversal/pubg_reference_scan.py:
--------------------------------------------------------------------------------
1 | from idautils import *
2 | from idc import *
3 | from idaapi import *
4 |
5 | #for ea in Segments():
6 | # if addr >= SegStart(ea) and addr < SegEnd(ea):
7 | # print '%x-%x' % (SegStart(ea),SegEnd(ea))
8 |
9 | #
10 | # !!WARNING!! MAKE SURE TO DEFINE THE TEXT AND DATA SEGMENTS FIRST!
11 | #
12 | textseg = idaapi.get_segm_by_name('.text')
13 | dataseg = idaapi.get_segm_by_name('.data')
14 | if not dataseg or not textseg:
15 | print "MAKE SURE TO DEFINE THE DATA AND TEXT SEGMENTS FIRST!!"
16 | exit(-3)
17 |
18 | ea = dataseg.start_ea
19 | print "%s: start=0x%x end=0x%x" % (get_segm_name(dataseg), dataseg.start_ea, dataseg.end_ea)
20 |
21 | # This should only take about a minute to complete on an i7 8700K
22 | while ea < dataseg.end_ea and ea != BADADDR:
23 | addr = get_qword(ea)
24 | if addr >= textseg.start_ea and addr < textseg.end_ea or addr >= dataseg.start_ea and addr < dataseg.end_ea:
25 | #print " 0x%x => 0x%x" % (ea, addr) # this should be kept commented out so it doesnt cause a perf hit
26 | del_items(ea, DELIT_SIMPLE, 8)
27 | create_data(ea, FF_QWORD, 8, ida_idaapi.BADADDR)
28 | op_offset(ea, 0, REF_OFF64)
29 | add_func(addr)
30 | ea += 8
31 |
32 | print "Done.\n"
33 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/jdistorm.h:
--------------------------------------------------------------------------------
1 | /* DO NOT EDIT THIS FILE - it is machine generated */
2 | #include
3 | /* Header for class Distorm3 */
4 |
5 | #ifndef _Included_Distorm3
6 | #define _Included_Distorm3
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #define PACKAGE_PREFIX "diStorm3/"
12 |
13 | /*
14 | * Class: com_reviverstudio_core_disasms_distorm3_Distorm3
15 | * Method: Decompose
16 | * Signature: (LdiStorm3/CodeInfo;LdiStorm3/DecomposedResult;)V
17 | */
18 | JNIEXPORT void JNICALL Java_diStorm3_distorm3_Decompose
19 | (JNIEnv *, jclass, jobject, jobject);
20 |
21 | /*
22 | * Class: com_reviverstudio_core_disasms_distorm3_Distorm3
23 | * Method: Decode
24 | * Signature: (LdiStorm3/CodeInfo;LdiStorm3/DecodedResult;)V
25 | */
26 | JNIEXPORT void JNICALL Java_diStorm3_distorm3_Decode
27 | (JNIEnv *, jclass, jobject, jobject);
28 |
29 | /*
30 | * Class: com_reviverstudio_core_disasms_distorm3_Distorm3
31 | * Method: Format
32 | * Signature: (LdiStorm3/CodeInfo;LdiStorm3/DecomposedInst;)LdiStorm3/DecodedInst;
33 | */
34 | JNIEXPORT jobject JNICALL Java_diStorm3_distorm3_Format
35 | (JNIEnv *, jclass, jobject, jobject);
36 |
37 | #ifdef __cplusplus
38 | }
39 | #endif
40 | #endif
41 |
--------------------------------------------------------------------------------
/contrib/distorm/make/win32/distorm.sln:
--------------------------------------------------------------------------------
1 | Microsoft Visual Studio Solution File, Format Version 11.00
2 | # Visual Studio 2010
3 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "distorm", "cdistorm.vcxproj", "{15051CE1-AB10-4239-973D-01B84F2AD0A9}"
4 | EndProject
5 | Global
6 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
7 | clib|Win32 = clib|Win32
8 | clib|x64 = clib|x64
9 | dll|Win32 = dll|Win32
10 | dll|x64 = dll|x64
11 | EndGlobalSection
12 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
13 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.clib|Win32.ActiveCfg = clib|Win32
14 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.clib|Win32.Build.0 = clib|Win32
15 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.clib|x64.ActiveCfg = clib|x64
16 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.clib|x64.Build.0 = clib|x64
17 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.dll|Win32.ActiveCfg = dll|Win32
18 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.dll|Win32.Build.0 = dll|Win32
19 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.dll|x64.ActiveCfg = dll|x64
20 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.dll|x64.Build.0 = dll|x64
21 | EndGlobalSection
22 | GlobalSection(SolutionProperties) = preSolution
23 | HideSolutionNode = FALSE
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/driver/crypto.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Blackout Driver
3 | * Copyright (c) 2018 Archetype Entertainment Private Limited. All rights reserved.
4 | *
5 | * @file crypto.h
6 | * @author Aidan Khoury (dude719)
7 | * @date 12/12/2018
8 | */
9 |
10 | #ifndef _BLACKOUT_DRIVER_CRYPTO_H_
11 | #define _BLACKOUT_DRIVER_CRYPTO_H_
12 | #if defined(_MSC_VER)
13 | #pragma once
14 | #endif
15 |
16 | #include "ntapi.h"
17 |
18 | // Crypto API calling convention
19 | #define CRYPTAPI NTAPI
20 |
21 | // Magical XOR value
22 | #define CRYPT_MAGICAL_MAGIC 0xA55A5AA5
23 |
24 |
25 | SIZE_T
26 | CRYPTAPI
27 | CryptGetEncryptedXTEABufferSize(
28 | IN SIZE_T UnencryptedSize,
29 | IN BOOLEAN WithXorSeed
30 | );
31 |
32 | VOID
33 | CRYPTAPI
34 | CryptEncryptXTEABuffer(
35 | IN PUCHAR UnencryptedBuffer,
36 | IN SIZE_T UnencryptedSize,
37 | IN CONST PULONG Key,
38 | IN ULONG XorSeed OPTIONAL,
39 | OUT PUCHAR EncryptedBuffer,
40 | OUT PSIZE_T EncryptedSize
41 | );
42 |
43 | VOID
44 | CRYPTAPI
45 | CryptDecryptXTEABuffer(
46 | IN PUCHAR EncryptedBuffer,
47 | IN SIZE_T EncryptedSize,
48 | IN CONST PULONG Key,
49 | IN ULONG XorSeed OPTIONAL,
50 | OUT PUCHAR UnencryptedBuffer,
51 | OUT PSIZE_T UnencryptedSize
52 | );
53 |
54 | #endif // _BLACKOUT_DRIVER_CRYPTO_H_
--------------------------------------------------------------------------------
/utils/vmt.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 | #include
5 |
6 | class VTHook {
7 | private:
8 | uintptr_t **Instance = nullptr;
9 | uintptr_t *OriginalVTable = nullptr;
10 | std::unique_ptr CurrentVTable = nullptr;
11 |
12 | size_t VTableSize = 0;
13 |
14 | public:
15 | VTHook() = delete;
16 | explicit VTHook(void *InInstance);
17 | ~VTHook() { *Instance = OriginalVTable; }
18 |
19 | template
20 | inline Fn Install(const size_t FunctionIdx, void *NewFn)
21 | {
22 | if (FunctionIdx > VTableSize)
23 | return nullptr;
24 |
25 | CurrentVTable[FunctionIdx] = reinterpret_cast(NewFn);
26 | return GetOriginalFunction(FunctionIdx);
27 | }
28 |
29 | inline bool Uninstall(const size_t FunctionIdx)
30 | {
31 | if (FunctionIdx > VTableSize)
32 | return false;
33 |
34 | CurrentVTable[FunctionIdx] = OriginalVTable[FunctionIdx];
35 | return true;
36 | }
37 |
38 | template
39 | inline const Fn GetOriginalFunction(std::size_t FunctionIdx) const
40 | {
41 | return reinterpret_cast(OriginalVTable[FunctionIdx]);
42 | }
43 |
44 | inline size_t GetSize() const { return VTableSize; }
45 | };
--------------------------------------------------------------------------------
/contrib/distorm/examples/win32/disasm.sln:
--------------------------------------------------------------------------------
1 | Microsoft Visual Studio Solution File, Format Version 11.00
2 | # Visual Studio 2010
3 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "disasm", "disasm.vcxproj", "{91227BA8-F7EB-43CC-8C4A-A4944C00567B}"
4 | EndProject
5 | Global
6 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
7 | Debug|Win32 = Debug|Win32
8 | Debug|x64 = Debug|x64
9 | Release|Win32 = Release|Win32
10 | Release|x64 = Release|x64
11 | EndGlobalSection
12 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
13 | {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Debug|Win32.ActiveCfg = Debug|Win32
14 | {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Debug|Win32.Build.0 = Debug|Win32
15 | {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Debug|x64.ActiveCfg = Debug|x64
16 | {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Debug|x64.Build.0 = Debug|x64
17 | {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Release|Win32.ActiveCfg = Release|Win32
18 | {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Release|Win32.Build.0 = Release|Win32
19 | {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Release|x64.ActiveCfg = Release|x64
20 | {91227BA8-F7EB-43CC-8C4A-A4944C00567B}.Release|x64.Build.0 = Release|x64
21 | EndGlobalSection
22 | GlobalSection(SolutionProperties) = preSolution
23 | HideSolutionNode = FALSE
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/distorm/src/Main.java:
--------------------------------------------------------------------------------
1 | import java.nio.ByteBuffer;
2 |
3 | import diStorm3.distorm3.*;
4 | import diStorm3.CodeInfo;
5 | import diStorm3.DecodedInst;
6 | import diStorm3.OpcodeEnum;
7 | import diStorm3.distorm3;
8 | import diStorm3.DecodedResult;
9 | import diStorm3.DecomposedResult;
10 | import diStorm3.DecomposedInst;
11 |
12 | public class Main {
13 |
14 | public static void main(String[] args) {
15 | byte[] buf = new byte[4];
16 | buf[0] = (byte)0xc3;
17 | buf[1] = (byte)0x33;
18 | buf[2] = (byte)0xc0;
19 | buf[3] = (byte)0xc3;
20 | CodeInfo ci = new CodeInfo((long)0x1000, buf, DecodeType.Decode32Bits, 0);
21 | DecodedResult dr = new DecodedResult(10);
22 | distorm3.Decode(ci, dr);
23 |
24 | for (DecodedInst x : dr.mInstructions) {
25 | String s = String.format("%x %s %s", x.getOffset(), x.getMnemonic(), x.getOperands());
26 | System.out.println(s);
27 | }
28 |
29 | DecomposedResult dr2 = new DecomposedResult(10);
30 | distorm3.Decompose(ci, dr2);
31 |
32 | for (DecomposedInst y: dr2.mInstructions) {
33 | if (y.getOpcode() != OpcodeEnum.RET) {
34 | DecodedInst x = distorm3.Format(ci, y);
35 | String s = String.format("%x %s %s", x.getOffset(), x.getMnemonic(), x.getOperands());
36 | System.out.println(s);
37 | }
38 | }
39 |
40 | }
41 |
42 |
43 | }
44 |
--------------------------------------------------------------------------------
/utils/vthook.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 | #include
5 |
6 | class SafeVTableHook {
7 | private:
8 | uintptr_t **Instance = nullptr;
9 | uintptr_t *OriginalVTable = nullptr;
10 | std::unique_ptr CurrentVTable = nullptr;
11 |
12 | size_t VTableSize = 0;
13 |
14 | public:
15 | SafeVTableHook() = delete;
16 | explicit SafeVTableHook(void *InObject);
17 | ~SafeVTableHook() { *Instance = OriginalVTable; }
18 |
19 | template
20 | inline Fn Install(const size_t FunctionIdx, void *NewFn)
21 | {
22 | if (FunctionIdx > VTableSize)
23 | return nullptr;
24 |
25 | CurrentVTable[FunctionIdx] = reinterpret_cast(NewFn);
26 | return GetOriginalFunction(FunctionIdx);
27 | }
28 |
29 | inline bool Uninstall(const size_t FunctionIdx)
30 | {
31 | if (FunctionIdx > VTableSize)
32 | return false;
33 |
34 | CurrentVTable[FunctionIdx] = OriginalVTable[FunctionIdx];
35 | return true;
36 | }
37 |
38 | template
39 | inline const Fn GetOriginalFunction(std::size_t FunctionIdx) const
40 | {
41 | return reinterpret_cast(OriginalVTable[FunctionIdx]);
42 | }
43 |
44 | inline size_t GetSize() const { return VTableSize; }
45 | };
--------------------------------------------------------------------------------
/native/service.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "native.h"
4 | #include
5 |
6 | #ifdef __cplusplus
7 | extern "C" {
8 | #endif // __cplusplus
9 |
10 | BOOL
11 | SvcCreateService(
12 | OUT PHANDLE ServiceHandle,
13 | IN LPCWSTR ServiceName,
14 | IN LPCWSTR DisplayName OPTIONAL,
15 | IN LPCWSTR BinPath,
16 | IN ACCESS_MASK DesiredAccess,
17 | IN ULONG ServiceType,
18 | IN ULONG StartType,
19 | IN ULONG ErrorControl
20 | );
21 |
22 | BOOL
23 | SvcDeleteService(
24 | IN HANDLE ServiceHandle
25 | );
26 |
27 | BOOL
28 | SvcOpenServiceHandle(
29 | OUT PHANDLE ServiceHandle,
30 | IN LPCWSTR ServiceName,
31 | IN ACCESS_MASK DesiredAccess
32 | );
33 |
34 | BOOL
35 | SvcCloseServiceHandle(
36 | IN HANDLE ServiceHandle
37 | );
38 |
39 | BOOL
40 | SvcStartService(
41 | IN HANDLE ServiceHandle
42 | );
43 |
44 | BOOL
45 | SvcPauseService(
46 | IN HANDLE ServiceHandle,
47 | OUT SERVICE_STATUS *ServiceStatus OPTIONAL
48 | );
49 |
50 | BOOL
51 | SvcResumeService(
52 | IN HANDLE ServiceHandle,
53 | OUT SERVICE_STATUS *ServiceStatus OPTIONAL
54 | );
55 |
56 | BOOL
57 | SvcStopService(
58 | IN HANDLE ServiceHandle,
59 | OUT SERVICE_STATUS *ServiceStatus OPTIONAL
60 | );
61 |
62 |
63 | #if __cplusplus
64 | } // extern "C"
65 | #endif // __cplusplus
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/UE4/FunctionFlags.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 | #include
5 |
6 | enum class UEFunctionFlags : uint32_t {
7 | Final = 0x00000001,
8 | RequiredAPI = 0x00000002,
9 | BlueprintAuthorityOnly = 0x00000004,
10 | BlueprintCosmetic = 0x00000008,
11 | Net = 0x00000040,
12 | NetReliable = 0x00000080,
13 | NetRequest = 0x00000100,
14 | Exec = 0x00000200,
15 | Native = 0x00000400,
16 | Event = 0x00000800,
17 | NetResponse = 0x00001000,
18 | Static = 0x00002000,
19 | NetMulticast = 0x00004000,
20 | MulticastDelegate = 0x00010000,
21 | Public = 0x00020000,
22 | Private = 0x00040000,
23 | Protected = 0x00080000,
24 | Delegate = 0x00100000,
25 | NetServer = 0x00200000,
26 | HasOutParms = 0x00400000,
27 | HasDefaults = 0x00800000,
28 | NetClient = 0x01000000,
29 | DLLImport = 0x02000000,
30 | BlueprintCallable = 0x04000000,
31 | BlueprintEvent = 0x08000000,
32 | BlueprintPure = 0x10000000,
33 | Const = 0x40000000,
34 | NetValidate = 0x80000000
35 | };
36 |
37 | inline bool operator&(UEFunctionFlags lhs, UEFunctionFlags rhs)
38 | {
39 | return (static_cast>(lhs) & static_cast>(rhs)) == static_cast>(rhs);
40 | }
41 |
42 | std::string StringifyFlags(const UEFunctionFlags flags);
43 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/distorm-net/DecomposedInst.cs:
--------------------------------------------------------------------------------
1 | using System;
2 |
3 | namespace diStorm
4 | {
5 | public class DecomposedInst
6 | {
7 | public class ImmVariant
8 | {
9 | public ulong Imm { get; internal set; }
10 | public int Size { get; internal set; }
11 | }
12 | public class DispVariant
13 | {
14 | public ulong Displacement { get; internal set; }
15 | public int Size { get; internal set; }
16 | }
17 | internal int _segment;
18 | public IntPtr Address { get; internal set; }
19 | public ushort Flags { get; internal set; }
20 | public int Size { get; internal set; }
21 | public Opcode Opcode { get; internal set; }
22 | public int Segment { get { return _segment & 0x7f; } }
23 | public bool IsSegmentDefault { get { return (_segment & 0x80) == 0x80; } }
24 | public int Base { get; internal set; }
25 | public int Scale { get; internal set; }
26 | public int UnusedPrefixesMask { get; internal set; }
27 | public int Meta { get; internal set; }
28 | public int RegistersMask { get; internal set; }
29 | public int ModifiedFlagsMask { get; internal set; }
30 | public int TestedFlagsMask { get; internal set; }
31 | public int UndefinedFlagsMask { get; internal set; }
32 | public ImmVariant Imm { get; internal set; }
33 | public DispVariant Disp { get; internal set; }
34 | public Operand[] Operands { get; internal set; }
35 | }
36 | }
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/distorm-net.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 2012
4 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "distorm-net", "distorm-net\distorm-net.csproj", "{137ADE63-2489-4235-91C6-6CB664CAB63F}"
5 | EndProject
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "TestdiStorm", "TestDiStorm\TestdiStorm.csproj", "{2F2F3CBD-F968-47E4-ADEC-D42E42A924AC}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {137ADE63-2489-4235-91C6-6CB664CAB63F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {137ADE63-2489-4235-91C6-6CB664CAB63F}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {137ADE63-2489-4235-91C6-6CB664CAB63F}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {137ADE63-2489-4235-91C6-6CB664CAB63F}.Release|Any CPU.Build.0 = Release|Any CPU
18 | {2F2F3CBD-F968-47E4-ADEC-D42E42A924AC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
19 | {2F2F3CBD-F968-47E4-ADEC-D42E42A924AC}.Debug|Any CPU.Build.0 = Debug|Any CPU
20 | {2F2F3CBD-F968-47E4-ADEC-D42E42A924AC}.Release|Any CPU.ActiveCfg = Release|Any CPU
21 | {2F2F3CBD-F968-47E4-ADEC-D42E42A924AC}.Release|Any CPU.Build.0 = Release|Any CPU
22 | EndGlobalSection
23 | GlobalSection(SolutionProperties) = preSolution
24 | HideSolutionNode = FALSE
25 | EndGlobalSection
26 | EndGlobal
27 |
--------------------------------------------------------------------------------
/driver/inject.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Blackout Driver
3 | * Copyright (c) 2018-2019 Aidan Khoury. All rights reserved.
4 | *
5 | * @file inject.h
6 | * @author Aidan Khoury (ajkhoury)
7 | * @date 2/19/2019
8 | */
9 |
10 | #ifndef _BLACKOUT_DRIVER_INJECT_H_
11 | #define _BLACKOUT_DRIVER_INJECT_H_
12 | #if defined(_MSC_VER)
13 | #pragma once
14 | #endif
15 |
16 | #include "ntapi.h"
17 |
18 | // Inject API calling convention
19 | #define INJAPI NTAPI
20 |
21 | // Opaque Injection Handle
22 | typedef PVOID HINJECTION, *PHINJECTION;
23 |
24 |
25 | NTSTATUS
26 | INJAPI
27 | InjInitialize(
28 | VOID
29 | );
30 |
31 | VOID
32 | INJAPI
33 | InjDestroy(
34 | VOID
35 | );
36 |
37 | NTSTATUS
38 | INJAPI
39 | InjRegisterInjection(
40 | OUT PHINJECTION Handle,
41 | IN PVOID SourceImageBase OPTIONAL,
42 | IN PWCHAR SourceImagePath,
43 | IN HANDLE TargetProcessId OPTIONAL,
44 | IN PWCHAR TargetProcessName
45 | );
46 |
47 | NTSTATUS
48 | INJAPI
49 | InjQueueApc(
50 | IN PETHREAD Thread,
51 | IN KPROCESSOR_MODE ApcMode,
52 | IN PKNORMAL_ROUTINE NormalRoutine,
53 | IN PVOID NormalContext,
54 | IN PVOID SystemArgument1,
55 | IN PVOID SystemArgument2
56 | );
57 |
58 | NTSTATUS
59 | INJAPI
60 | InjForceApc(
61 | IN PETHREAD Thread,
62 | IN KPROCESSOR_MODE ApcMode,
63 | IN PKNORMAL_ROUTINE NormalRoutine,
64 | IN PVOID NormalContext,
65 | IN PVOID SystemArgument1,
66 | IN PVOID SystemArgument2
67 | );
68 |
69 | #endif // _BLACKOUT_DRIVER_INJECT_H_
--------------------------------------------------------------------------------
/internal/sdk/World.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "Types.h"
4 |
5 | //class WorldProxy {
6 | //public:
7 | // WorldProxy();
8 | //
9 | // inline uint64_t* GetEncryptedPtr() const { return WorldEncryptedPtr; }
10 | // const void* GetAddress() const;
11 | //
12 | // class UWorld const* GetConstPtr() const { return (class UWorld const*)GetAddress(); }
13 | // class UWorld* GetPtr() const { return (class UWorld*)GetAddress(); }
14 | //
15 | // class UWorld const& GetConstRef() const { return *GetConstPtr(); }
16 | // class UWorld& GetRef() const { return *GetPtr(); }
17 | //
18 | //#if defined(ENABLE_SDK)
19 | // TArray GetLevels() const;
20 | // class ULevel* GetPersistentLevel() const;
21 | // class ULevel* GetCurrentLevel() const;
22 | //#endif // ENABLE_SDK
23 | //
24 | //private:
25 | // uint64_t *WorldEncryptedPtr;
26 | //};
27 | //
28 | //class LevelProxy {
29 | //public:
30 | // LevelProxy(class ULevel* InLevel)
31 | // : Level(InLevel)
32 | // {
33 | // }
34 | //
35 | // inline LevelProxy& operator=(class ULevel* InLevel) { Level = InLevel; *this; }
36 | //
37 | // inline const void* GetAddress() const { return static_cast(Level); }
38 | //
39 | // class ULevel const* GetConstPtr() const { return Level; }
40 | // class ULevel* GetPtr() const { return Level; }
41 | //
42 | // class ULevel const& GetConstRef() const { return *GetConstPtr(); }
43 | // class ULevel& GetRef() const { return *GetPtr(); }
44 | //
45 | //private:
46 | // class ULevel* Level;
47 | //};
48 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/distorm/src/diStorm3/distorm3.java:
--------------------------------------------------------------------------------
1 | /*
2 | * diStorm3 JNI
3 | * Gil Dabah, Sep 2010
4 | *
5 | */
6 | package diStorm3;
7 | import diStorm3.CodeInfo;
8 | import diStorm3.DecodedResult;
9 | import diStorm3.DecomposedResult;
10 | import diStorm3.Opcodes;
11 |
12 | public class distorm3 {
13 |
14 | public enum DecodeType {
15 | Decode16Bits, Decode32Bits, Decode64Bits
16 | }
17 |
18 | public static native void Decompose(CodeInfo ci, DecomposedResult dr);
19 | public static native void Decode(CodeInfo ci, DecodedResult dr);
20 | public static native DecodedInst Format(CodeInfo ci, DecomposedInst di);
21 |
22 | public enum Registers {
23 | RAX, RCX, RDX, RBX, RSP, RBP, RSI, RDI, R8, R9, R10, R11, R12, R13, R14, R15,
24 | EAX, ECX, EDX, EBX, ESP, EBP, ESI, EDI, R8D, R9D, R10D, R11D, R12D, R13D, R14D, R15D,
25 | AX, CX, DX, BX, SP, BP, SI, DI, R8W, R9W, R10W, R11W, R12W, R13W, R14W, R15W,
26 | AL, CL, DL, BL, AH, CH, DH, BH, R8B, R9B, R10B, R11B, R12B, R13B, R14B, R15B,
27 | SPL, BPL, SIL, DIL,
28 | ES, CS, SS, DS, FS, GS,
29 | RIP,
30 | ST0, ST1, ST2, ST3, ST4, ST5, ST6, ST7,
31 | MM0, MM1, MM2, MM3, MM4, MM5, MM6, MM7,
32 | XMM0, XMM1, XMM2, XMM3, XMM4, XMM5, XMM6, XMM7, XMM8, XMM9, XMM10, XMM11, XMM12, XMM13, XMM14, XMM15,
33 | YMM0, YMM1, YMM2, YMM3, YMM4, YMM5, YMM6, YMM7, YMM8, YMM9, YMM10, YMM11, YMM12, YMM13, YMM14, YMM15,
34 | CR0, UNUSED0, CR2, CR3, CR4, UNUSED1, UNUSED2, UNUSED3, CR8,
35 | DR0, DR1, DR2, DR3, UNUSED4, UNUSED5, DR6, DR7
36 | };
37 |
38 | static {
39 | System.loadLibrary("jdistorm");
40 | }
41 | }
42 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/TestdiStorm/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("TestDiStorm")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("TestDiStorm")]
13 | [assembly: AssemblyCopyright("Copyright © 2012")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | [assembly: Guid("737cf66b-c136-47be-b92d-3f2fefbaf27a")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/distorm-net/Opcodes.tt:
--------------------------------------------------------------------------------
1 | <#@ template debug="true" hostSpecific="true" #>
2 | <#@ output extension=".cs" #>
3 | <#@ Assembly Name="System.Core" #>
4 | <#@ Assembly Name="System.Windows.Forms" #>
5 | <#@ import namespace="System" #>
6 | <#@ import namespace="System.IO" #>
7 | <#@ import namespace="System.Diagnostics" #>
8 | <#@ import namespace="System.Linq" #>
9 | <#@ import namespace="System.Collections" #>
10 | <#@ import namespace="System.Collections.Generic" #>
11 | <#@ import namespace="System.Text.RegularExpressions" #>
12 | // This file was auto generated from the distrom opcodes.h file
13 | // on <#= DateTime.UtcNow.ToString("yyyy-MM-dd HH:mm:ss.FFF") #>
14 | <#
15 | var mnemonics = File.ReadAllText(Host.ResolvePath(@"..\..\..\include\mnemonics.h"));
16 | var instRe = new Regex("typedef enum {(.+)} _InstructionType;", RegexOptions.Singleline);
17 | var regRe = new Regex("typedef enum {(.+)} _RegisterType;", RegexOptions.Singleline);
18 | var m = instRe.Match(mnemonics);
19 | var insts = m.Groups[1].Value.Split(',').Select(x => new {
20 | Name = x.Split('=')[0].Trim().Substring(2),
21 | Value = x.Split('=')[1].Trim(),
22 | }).ToArray();
23 | m = regRe.Match(mnemonics, m.Index + m.Length);
24 | var regs = m.Groups[1].Value.Split(',').Select(x => x.Trim()).ToArray();
25 | #>
26 | namespace diStorm
27 | {
28 | public enum Opcode : ushort {
29 | <# foreach (var i in insts) { #>
30 | <#= i.Name #> = <#= i.Value #>,<# } #>
31 | }
32 |
33 | public enum Register {
34 | <# foreach (var r in regs) { #>
35 | <#= r #>,<# } #>
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/distorm-net/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("distorm-net")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("distorm-net")]
13 | [assembly: AssemblyCopyright("Copyright © 2012")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | [assembly: Guid("ddf3403b-11ea-4470-9fb3-03e68ac68fb5")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/contrib/distorm/src/textdefs.h:
--------------------------------------------------------------------------------
1 | /*
2 | textdefs.h
3 |
4 | diStorm3 - Powerful disassembler for X86/AMD64
5 | http://ragestorm.net/distorm/
6 | distorm at gmail dot com
7 | Copyright (C) 2003-2018 Gil Dabah
8 | This library is licensed under the BSD license. See the file COPYING.
9 | */
10 |
11 |
12 | #ifndef TEXTDEFS_H
13 | #define TEXTDEFS_H
14 |
15 | #include "config.h"
16 | #include "wstring.h"
17 |
18 | #ifndef DISTORM_LIGHT
19 |
20 | #define PLUS_DISP_CHR '+'
21 | #define MINUS_DISP_CHR '-'
22 | #define OPEN_CHR '['
23 | #define CLOSE_CHR ']'
24 | #define SP_CHR ' '
25 | #define SEG_OFF_CHR ':'
26 |
27 | /*
28 | Naming Convention:
29 |
30 | * get - returns a pointer to a string.
31 | * str - concatenates to string.
32 |
33 | * hex - means the function is used for hex dump (number is padded to required size) - Little Endian output.
34 | * code - means the function is used for disassembled instruction - Big Endian output.
35 | * off - means the function is used for 64bit offset - Big Endian output.
36 |
37 | * h - '0x' in front of the string.
38 |
39 | * b - byte
40 | * dw - double word (can be used for word also)
41 | * qw - quad word
42 |
43 | * all numbers are in HEX.
44 | */
45 |
46 | void _FASTCALL_ str_hex_b(_WString* s, unsigned int x);
47 | void _FASTCALL_ str_code_hb(_WString* s, unsigned int x);
48 | void _FASTCALL_ str_code_hdw(_WString* s, uint32_t x);
49 | void _FASTCALL_ str_code_hqw(_WString* s, uint8_t src[8]);
50 |
51 | #ifdef SUPPORT_64BIT_OFFSET
52 | void _FASTCALL_ str_off64(_WString* s, OFFSET_INTEGER x);
53 | #endif
54 |
55 | #endif /* DISTORM_LIGHT */
56 |
57 | #endif /* TEXTDEFS_H */
58 |
--------------------------------------------------------------------------------
/contrib/distorm/COPYING:
--------------------------------------------------------------------------------
1 | :[diStorm3}:
2 | The ultimate disassembler library.
3 | Copyright (c) 2003-2018, Gil Dabah
4 | All rights reserved.
5 |
6 | Redistribution and use in source and binary forms, with or without
7 | modification, are permitted provided that the following conditions are met:
8 | * Redistributions of source code must retain the above copyright
9 | notice, this list of conditions and the following disclaimer.
10 | * Redistributions in binary form must reproduce the above copyright
11 | notice, this list of conditions and the following disclaimer in the
12 | documentation and/or other materials provided with the distribution.
13 | * Neither the name of the Gil Dabah nor the
14 | names of its contributors may be used to endorse or promote products
15 | derived from this software without specific prior written permission.
16 |
17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
18 | ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
19 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
20 | DISCLAIMED. IN NO EVENT SHALL GIL DABAH BE LIABLE FOR ANY
21 | DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
22 | (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
23 | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
24 | ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26 | SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/tests/main.cpp:
--------------------------------------------------------------------------------
1 | // diStorm64 library sample
2 | // http://ragestorm.net/distorm/
3 | // Arkon, Stefan, 2005
4 |
5 |
6 | #include
7 | #include
8 |
9 | #pragma comment(lib, "../../distorm.lib")
10 |
11 | #include "../../include/distorm.h"
12 |
13 | // The number of the array of instructions the decoder function will use to return the disassembled instructions.
14 | // Play with this value for performance...
15 | #define MAX_INSTRUCTIONS (1000)
16 |
17 | int main(int argc, char **argv)
18 | {
19 | _DecodeResult res;
20 | _DecodedInst decodedInstructions[1000];
21 | unsigned int decodedInstructionsCount = 0, i = 0;
22 | _OffsetType offset = 0;
23 | unsigned int dver = distorm_version();
24 | printf("diStorm version: %d.%d.%d\n", (dver >> 16), ((dver) >> 8) & 0xff, dver & 0xff);
25 |
26 | unsigned char rawData[] = {
27 |
28 | 0x68, 0, 0, 0, 0,
29 | 0x9b,
30 | 0xdf, 0xe0,
31 | 0x66, 0xa1, 0xcc, 0xb0, 0x97, 0x7c,
32 | 0xC7, 0xC1, 0x08, 0x00, 0x00, 0x00,
33 | 0xc7, 0xf8, 0xaa, 0xaa, 0xaa, 0xaa,
34 | 0x48, 0xC7, 0xC0, 0x00, 0x00, 0x00, 0x00
35 | } ;
36 | res = distorm_decode(offset, (const unsigned char*)rawData, sizeof(rawData), Decode64Bits, decodedInstructions, MAX_INSTRUCTIONS, &decodedInstructionsCount);
37 | for (int i = 0; i < decodedInstructionsCount; i++) {
38 | printf("%08I64x (%02d) %-24s %s%s%s\r\n", decodedInstructions[i].offset, decodedInstructions[i].size, (char*)decodedInstructions[i].instructionHex.p, (char*)decodedInstructions[i].mnemonic.p, decodedInstructions[i].operands.length != 0 ? " " : "", (char*)decodedInstructions[i].operands.p);
39 | }
40 |
41 | return 0;
42 | }
43 |
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/NamesStore.cpp:
--------------------------------------------------------------------------------
1 | #include "NamesStore.h"
2 |
3 | NamesIterator NamesStore::begin()
4 | {
5 | return NamesIterator(*this, 0);
6 | }
7 |
8 | NamesIterator NamesStore::begin() const
9 | {
10 | return NamesIterator(*this, 0);
11 | }
12 |
13 | NamesIterator NamesStore::end()
14 | {
15 | return NamesIterator(*this);
16 | }
17 |
18 | NamesIterator NamesStore::end() const
19 | {
20 | return NamesIterator(*this);
21 | }
22 |
23 | NamesIterator::NamesIterator(const NamesStore& _store)
24 | : store(_store),
25 | index(_store.GetNamesNum())
26 | {
27 | }
28 |
29 | NamesIterator::NamesIterator(const NamesStore& _store, size_t _index)
30 | : store(_store),
31 | index(_index)
32 | {
33 | }
34 |
35 | void NamesIterator::swap(NamesIterator& other) noexcept
36 | {
37 | std::swap(index, other.index);
38 | }
39 |
40 | NamesIterator& NamesIterator::operator++()
41 | {
42 | for (++index; index < store.GetNamesNum(); ++index) {
43 | if (store.IsValid(index)) {
44 | break;
45 | }
46 | }
47 | return *this;
48 | }
49 |
50 | NamesIterator NamesIterator::operator++ (int)
51 | {
52 | auto tmp(*this);
53 | ++(*this);
54 | return tmp;
55 | }
56 |
57 | bool NamesIterator::operator==(const NamesIterator& rhs) const
58 | {
59 | return index == rhs.index;
60 | }
61 |
62 | bool NamesIterator::operator!=(const NamesIterator& rhs) const
63 | {
64 | return index != rhs.index;
65 | }
66 |
67 | UENameInfo NamesIterator::operator*() const
68 | {
69 | return { index, store.GetById(index) };
70 | }
71 |
72 | UENameInfo NamesIterator::operator->() const
73 | {
74 | return { index, store.GetById(index) };
75 | }
--------------------------------------------------------------------------------
/native/wow64.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "Native.h"
4 |
5 | #ifdef __cplusplus
6 | extern "C" {
7 | #endif // __cplusplus
8 |
9 | ULONG64
10 | WINAPIV
11 | Wow64CallX64(
12 | IN ULONG64 FuncAddress,
13 | IN ULONG ArgCount,
14 | IN ...
15 | );
16 |
17 | ULONG64
18 | Wow64TebX64(
19 | VOID
20 | );
21 |
22 | BOOL
23 | Wow64CopyMemoryX64(
24 | OUT PVOID Dest,
25 | IN ULONG64 Source,
26 | IN SIZE_T Size
27 | );
28 |
29 | BOOL
30 | Wow64CompareMemoryX64(
31 | IN PVOID DestAddress,
32 | IN ULONG64 SourceAddress,
33 | IN SIZE_T Size
34 | );
35 |
36 | ULONG64
37 | WINAPI
38 | Wow64GetModuleHandleX64(
39 | IN LPCWSTR lpModuleName
40 | );
41 |
42 | ULONG64
43 | WINAPI
44 | Wow64GetNtdllX64(
45 | VOID
46 | );
47 |
48 | ULONG64
49 | WINAPI
50 | Wow64GetExportAddressX64(
51 | IN ULONG64 BaseAddress,
52 | IN LPCSTR pszName
53 | );
54 |
55 | ULONG64
56 | WINAPI
57 | Wow64VirtualAllocExX64(
58 | IN HANDLE hProcess,
59 | IN OUT ULONG64 lpAddress,
60 | IN SIZE_T dwSize,
61 | IN DWORD flAllocationType,
62 | IN DWORD flProtect
63 | );
64 |
65 | NTSTATUS
66 | NTAPI
67 | Wow64NtQuerySystemInformationX64(
68 | IN ULONG SystemInformationClass,
69 | IN OUT PVOID SystemInformation OPTIONAL,
70 | IN ULONG SystemInformationLength,
71 | OUT PULONG ReturnLength OPTIONAL
72 | );
73 |
74 | NTSTATUS
75 | NTAPI
76 | Wow64NtQueryObjectX64(
77 | IN HANDLE Handle,
78 | IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
79 | IN OUT PVOID ObjectInformation OPTIONAL,
80 | IN ULONG ObjectInformationLength,
81 | OUT PULONG ReturnLength OPTIONAL
82 | );
83 |
84 |
85 | #ifdef __cplusplus
86 | } // extern "C"
87 | #endif // __cplusplus
--------------------------------------------------------------------------------
/internal/sdk/EnumClassFlags.h:
--------------------------------------------------------------------------------
1 | // Copyright 1998-2017 Epic Games, Inc. All Rights Reserved.
2 |
3 | #pragma once
4 |
5 | // Defines all bitwise operators for enum classes so it can be (mostly) used as a regular flags enum
6 | #define ENUM_CLASS_FLAGS(Enum) \
7 | inline Enum& operator|=(Enum& Lhs, Enum Rhs) { return Lhs = (Enum)((__underlying_type(Enum))Lhs | (__underlying_type(Enum))Rhs); } \
8 | inline Enum& operator&=(Enum& Lhs, Enum Rhs) { return Lhs = (Enum)((__underlying_type(Enum))Lhs & (__underlying_type(Enum))Rhs); } \
9 | inline Enum& operator^=(Enum& Lhs, Enum Rhs) { return Lhs = (Enum)((__underlying_type(Enum))Lhs ^ (__underlying_type(Enum))Rhs); } \
10 | inline constexpr Enum operator| (Enum Lhs, Enum Rhs) { return (Enum)((__underlying_type(Enum))Lhs | (__underlying_type(Enum))Rhs); } \
11 | inline constexpr Enum operator& (Enum Lhs, Enum Rhs) { return (Enum)((__underlying_type(Enum))Lhs & (__underlying_type(Enum))Rhs); } \
12 | inline constexpr Enum operator^ (Enum Lhs, Enum Rhs) { return (Enum)((__underlying_type(Enum))Lhs ^ (__underlying_type(Enum))Rhs); } \
13 | inline constexpr bool operator! (Enum E) { return !(__underlying_type(Enum))E; } \
14 | inline constexpr Enum operator~ (Enum E) { return (Enum)~(__underlying_type(Enum))E; }
15 |
16 | template
17 | inline bool EnumHasAllFlags(Enum Flags, Enum Contains)
18 | {
19 | return (((__underlying_type(Enum))Flags) & (__underlying_type(Enum))Contains) == ((__underlying_type(Enum))Contains);
20 | }
21 |
22 | template
23 | inline bool EnumHasAnyFlags(Enum Flags, Enum Contains)
24 | {
25 | return (((__underlying_type(Enum))Flags) & (__underlying_type(Enum))Contains) != 0;
26 | }
--------------------------------------------------------------------------------
/utils/disasm.c:
--------------------------------------------------------------------------------
1 | #include "disasm.h"
2 |
3 | uint32_t
4 | DisInstruction(
5 | /* In */ const uint8_t *Instruction,
6 | /* Out */ DisData *Result,
7 | /* In */ uint8_t LongMode
8 | )
9 | {
10 | _CodeInfo ci;
11 | unsigned int instCount;
12 | _DecodeResult decodeResult;
13 |
14 | ci.codeOffset = (_OffsetType)Instruction;
15 | ci.code = Instruction;
16 | ci.codeLen = DISASM_MAX_INSTRUCTION_LENGTH;
17 | ci.dt = LongMode ? Decode64Bits : Decode32Bits;
18 | ci.features = DF_NONE;
19 |
20 | decodeResult = distorm_decompose64(&ci, Result, 1, &instCount);
21 | if (!(decodeResult == DECRES_SUCCESS || (decodeResult == DECRES_MEMORYERR && instCount))) {
22 | return 0;
23 | }
24 |
25 | return Result->size;
26 | }
27 |
28 | DisStatus
29 | DisDecompose(
30 | /* In */ const uint8_t *Code,
31 | /* In */ uint32_t CodeLength,
32 | /* In */ uint64_t VirtualAddress /*optional*/,
33 | /* Out */ DisData ResultInsts[],
34 | /* In */ uint32_t MaxInstCount,
35 | /* Out */ uint32_t *ResultInstCount,
36 | /* Out */ size_t *NextOffset /*optional*/,
37 | /* In */ uint8_t LongMode
38 | )
39 | {
40 | _CodeInfo ci;
41 | _DecodeResult decodeResult;
42 |
43 | ci.codeOffset = (_OffsetType)VirtualAddress;
44 | ci.code = Code;
45 | ci.codeLen = CodeLength;
46 | ci.dt = LongMode ? Decode64Bits : Decode32Bits;
47 | ci.features = DF_NONE;
48 |
49 | decodeResult = distorm_decompose64(&ci, ResultInsts, MaxInstCount, ResultInstCount);
50 |
51 | if (NextOffset) {
52 | *NextOffset = ci.nextOffset;
53 | }
54 |
55 | switch (decodeResult) {
56 | case DECRES_INPUTERR:
57 | return DIS_INVALID_PARAM;
58 | case DECRES_MEMORYERR:
59 | return DIS_OVERFLOW;
60 | case DECRES_SUCCESS:
61 | return DIS_SUCCESS;
62 | default:
63 | return DIS_INVALID;
64 | }
65 | }
66 |
--------------------------------------------------------------------------------
/contrib/distorm/disOps/registers.py:
--------------------------------------------------------------------------------
1 | # All VIAL and diStorm3 code are based on the order of this list, do NOT edit!
2 | REGISTERS = [
3 | "RAX", "RCX", "RDX", "RBX", "RSP", "RBP", "RSI", "RDI", "R8", "R9", "R10", "R11", "R12", "R13", "R14", "R15", "XX",
4 | "EAX", "ECX", "EDX", "EBX", "ESP", "EBP", "ESI", "EDI", "R8D", "R9D", "R10D", "R11D", "R12D", "R13D", "R14D", "R15D", "XX",
5 | "AX", "CX", "DX", "BX", "SP", "BP", "SI", "DI", "R8W", "R9W", "R10W", "R11W", "R12W", "R13W", "R14W", "R15W", "XX",
6 | "AL", "CL", "DL", "BL", "AH", "CH", "DH", "BH", "R8B", "R9B", "R10B", "R11B", "R12B", "R13B", "R14B", "R15B", "XX",
7 | "SPL", "BPL", "SIL", "DIL", "XX",
8 | "ES", "CS", "SS", "DS", "FS", "GS", "XX",
9 | "RIP", "XX",
10 | "ST0", "ST1", "ST2", "ST3", "ST4", "ST5", "ST6", "ST7", "XX",
11 | "MM0", "MM1", "MM2", "MM3", "MM4", "MM5", "MM6", "MM7", "XX",
12 | "XMM0", "XMM1", "XMM2", "XMM3", "XMM4", "XMM5", "XMM6", "XMM7", "XMM8", "XMM9", "XMM10", "XMM11", "XMM12", "XMM13", "XMM14", "XMM15", "XX",
13 | "YMM0", "YMM1", "YMM2", "YMM3", "YMM4", "YMM5", "YMM6", "YMM7", "YMM8", "YMM9", "YMM10", "YMM11", "YMM12", "YMM13", "YMM14", "YMM15", "XX",
14 | "CR0", "", "CR2", "CR3", "CR4", "", "", "", "CR8", "XX",
15 | "DR0", "DR1", "DR2", "DR3", "", "", "DR6", "DR7"]
16 |
17 | regsText = "const _WRegister _REGISTERS[] = {\n\t"
18 | regsEnum = "typedef enum {\n\t"
19 | old = "*"
20 | unused = 0
21 | for i in REGISTERS:
22 | if old != "*":
23 | if old == "XX":
24 | regsText += "\n\t"
25 | regsEnum += "\n\t"
26 | old = i
27 | continue
28 | else:
29 | regsText += "{%d, \"%s\"}," % (len(old), old)
30 | if len(old):
31 | regsEnum += "R_%s," % old
32 | else:
33 | regsEnum += "R_UNUSED%d," % unused
34 | unused += 1
35 | if i != "XX":
36 | regsText += " "
37 | regsEnum += " "
38 | old = i
39 | regsText += "{%d, \"%s\"}\n};\n" % (len(old), old)
40 | regsEnum += "R_" + old + "\n} _RegisterType;\n"
41 |
42 | print(regsEnum)
43 | print(regsText)
44 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/python/sample.py:
--------------------------------------------------------------------------------
1 | # Mario Vilas, http://breakingcode.wordpress.com
2 | # Licensed under BSD in 2016
3 |
4 | # Example code
5 |
6 | import distorm3
7 | import sys
8 | import optparse
9 |
10 | # Parse the command line arguments
11 | usage = 'Usage: %prog [--b16 | --b32 | --b64] filename [offset]'
12 | parser = optparse.OptionParser(usage=usage)
13 | parser.add_option( '--b16', help='80286 decoding',
14 | action='store_const', dest='dt', const=distorm3.Decode16Bits )
15 | parser.add_option( '--b32', help='IA-32 decoding [default]',
16 | action='store_const', dest='dt', const=distorm3.Decode32Bits )
17 | parser.add_option( '--b64', help='AMD64 decoding',
18 | action='store_const', dest='dt', const=distorm3.Decode64Bits )
19 | parser.set_defaults(dt=distorm3.Decode32Bits)
20 | options, args = parser.parse_args(sys.argv)
21 | if len(args) < 2:
22 | parser.error('missing parameter: filename')
23 | filename = args[1]
24 | offset = 0
25 | length = None
26 | if len(args) == 3:
27 | try:
28 | offset = int(args[2], 10)
29 | except ValueError:
30 | parser.error('invalid offset: %s' % args[2])
31 | if offset < 0:
32 | parser.error('invalid offset: %s' % args[2])
33 | elif len(args) > 3:
34 | parser.error('too many parameters')
35 |
36 | # Read the code from the file
37 | try:
38 | code = open(filename, 'rb').read()
39 | except Exception as e:
40 | parser.error('error reading file %s: %s' % (filename, e))
41 |
42 | # Print each decoded instruction
43 | # This shows how to use the Deocode - Generator
44 | iterable = distorm3.DecodeGenerator(offset, code, options.dt)
45 | for (offset, size, instruction, hexdump) in iterable:
46 | print("%.8x: %-32s %s" % (offset, hexdump, instruction))
47 |
48 | # It could also be used as a returned list:
49 | # l = distorm3.Decode(offset, code, options.dt)
50 | # for (offset, size, instruction, hexdump) in l:
51 | # print("%.8x: %-32s %s" % (offset, hexdump, instruction))
52 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/java/distorm/src/diStorm3/DecomposedInst.java:
--------------------------------------------------------------------------------
1 | package diStorm3;
2 |
3 | import diStorm3.Operand;
4 | import diStorm3.Opcodes;
5 |
6 | public class DecomposedInst {
7 | private class ImmVariant {
8 | private long mValue;
9 | private int mSize;
10 |
11 | public long getImm() {
12 | return mValue;
13 | }
14 |
15 | public int getSize() {
16 | return mSize;
17 | }
18 | }
19 |
20 | private class DispVariant {
21 |
22 | private long mDisplacement;
23 | private int mSize;
24 |
25 | public long getDisplacement() {
26 | return mDisplacement;
27 | }
28 |
29 | public int getSize() {
30 | return mSize;
31 | }
32 | }
33 |
34 | private long mAddr;
35 | private int mSize;
36 | private int mFlags;
37 | private int mSegment;
38 | private int mBase, mScale;
39 | private int mOpcode;
40 | public Operand[] mOperands;
41 | public DispVariant mDisp;
42 | public ImmVariant mImm;
43 | private int mUnusedPrefixesMask;
44 | private int mMeta;
45 | private int mRegistersMask;
46 | private int mModifiedFlagsMask;
47 | private int mTestedFlagsMask;
48 | private int mUndefinedFlagsMask;
49 |
50 | public long getAddress() {
51 | return mAddr;
52 | }
53 | public int getSize() {
54 | return mSize;
55 | }
56 | public OpcodeEnum getOpcode() {
57 | return Opcodes.lookup(mOpcode);
58 | }
59 | public int getSegment() {
60 | return mSegment & 0x7f;
61 | }
62 | public boolean isSegmentDefault() {
63 | return (mSegment & 0x80) == 0x80;
64 | }
65 | public int getBase() {
66 | return mBase;
67 | }
68 | public int getScale() {
69 | return mScale;
70 | }
71 | public int getUnusedPrefixesMask() {
72 | return mUnusedPrefixesMask;
73 | }
74 | public int getMeta() {
75 | return mMeta;
76 | }
77 | public int getRegistersMask() {
78 | return mRegistersMask;
79 | }
80 | public int getModifiedFlagsMask() {
81 | return mModifiedFlagsMask;
82 | }
83 | public int getTestedFlagsMask() {
84 | return mTestedFlagsMask;
85 | }
86 | public int getUndefinedFlagsMask() {
87 | return mUndefinedFlagsMask;
88 | }
89 | }
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/NamesStore.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 |
5 | #include "UE4/GenericTypes.h"
6 |
7 | class NamesIterator;
8 |
9 | class NamesStore {
10 | friend NamesIterator;
11 |
12 | public:
13 |
14 | ///
15 | /// Initializes this object.
16 | ///
17 | /// true if it succeeds, false if it fails.
18 | static bool Initialize();
19 |
20 | /// Gets the address of the global names store.
21 | /// The address of the global names store.
22 | static void* GetAddress();
23 |
24 | NamesIterator begin();
25 | NamesIterator begin() const;
26 |
27 | NamesIterator end();
28 | NamesIterator end() const;
29 |
30 | ///
31 | /// Gets the number of available names.
32 | ///
33 | /// The number of names.
34 | size_t GetNamesNum() const;
35 |
36 | ///
37 | /// Test if the given id is valid.
38 | ///
39 | /// The identifier.
40 | /// true if valid, false if not.
41 | bool IsValid(size_t id) const;
42 |
43 | ///
44 | /// Gets a name by id.
45 | ///
46 | /// The identifier.
47 | /// The name.
48 | std::string GetById(size_t id) const;
49 | };
50 |
51 | struct UENameInfo {
52 | size_t Index;
53 | std::string Name;
54 | };
55 |
56 | class NamesIterator : public std::iterator {
57 | const NamesStore& store;
58 | size_t index;
59 |
60 | public:
61 | NamesIterator(const NamesStore& store);
62 |
63 | explicit NamesIterator(const NamesStore& store, size_t index);
64 |
65 | void swap(NamesIterator& other) noexcept;
66 |
67 | NamesIterator& operator++();
68 |
69 | NamesIterator operator++ (int);
70 |
71 | bool operator==(const NamesIterator& rhs) const;
72 |
73 | bool operator!=(const NamesIterator& rhs) const;
74 |
75 | UENameInfo operator*() const;
76 |
77 | UENameInfo operator->() const;
78 | };
79 |
--------------------------------------------------------------------------------
/driver/image.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Blackout Driver
3 | * Copyright (c) 2018-2019 Aidan Khoury. All rights reserved.
4 | *
5 | * @file image.h
6 | * @author Aidan Khoury (ajkhoury)
7 | * @date 9/4/2018
8 | */
9 |
10 | #ifndef _BLACKOUT_DRIVER_IMAGE_H_
11 | #define _BLACKOUT_DRIVER_IMAGE_H_
12 | #if defined(_MSC_VER)
13 | #pragma once
14 | #endif
15 |
16 | #include "ntapi.h"
17 |
18 | // Image API calling convention
19 | #define IMAGEAPI NTAPI
20 |
21 | NTSTATUS
22 | IMAGEAPI
23 | RtlImageNtHeaderEx(
24 | IN ULONG Flags,
25 | IN PVOID Base,
26 | IN SIZE_T Size,
27 | OUT PIMAGE_NT_HEADERS* OutHeaders
28 | );
29 |
30 | #define IMAGE_NT_HEADER_EX_FLAG_NO_RANGE_CHECK (0x00000001)
31 |
32 | PIMAGE_NT_HEADERS
33 | IMAGEAPI
34 | RtlImageNtHeader(
35 | IN PVOID Base
36 | );
37 |
38 | PIMAGE_SECTION_HEADER
39 | IMAGEAPI
40 | RtlImageSectionTableFromVirtualAddress(
41 | IN PIMAGE_NT_HEADERS NtHeaders,
42 | IN PVOID Base,
43 | IN ULONG Address
44 | );
45 |
46 | PVOID
47 | IMAGEAPI
48 | RtlImageAddressInSectionTable(
49 | IN PIMAGE_NT_HEADERS NtHeaders,
50 | IN PVOID Base,
51 | IN ULONG Address
52 | );
53 |
54 | PVOID
55 | IMAGEAPI
56 | RtlImageDirectoryEntryToData(
57 | IN PVOID Base,
58 | IN BOOLEAN MappedAsImage,
59 | IN USHORT DirectoryEntry,
60 | OUT PULONG Size
61 | );
62 |
63 | PIMAGE_SECTION_HEADER
64 | IMAGEAPI
65 | RtlImageRvaToSection(
66 | IN PIMAGE_NT_HEADERS NtHeaders,
67 | IN PVOID Base,
68 | IN ULONG Rva
69 | );
70 |
71 | PVOID
72 | IMAGEAPI
73 | RtlImageRvaToVa(
74 | IN PIMAGE_NT_HEADERS NtHeaders,
75 | IN PVOID Base,
76 | IN ULONG Rva,
77 | IN OUT PIMAGE_SECTION_HEADER *LastRvaSection OPTIONAL
78 | );
79 |
80 | NTSTATUS
81 | IMAGEAPI
82 | ImageGetCertificateData(
83 | IN HANDLE FileHandle,
84 | IN ULONG CertificateIndex,
85 | OUT LPWIN_CERTIFICATE Certificate,
86 | IN OUT PULONG RequiredLength
87 | );
88 |
89 | NTSTATUS
90 | IMAGEAPI
91 | ImageGetCertificateHeader(
92 | IN HANDLE FileHandle,
93 | IN ULONG CertificateIndex,
94 | IN OUT LPWIN_CERTIFICATE CertificateHeader
95 | );
96 |
97 |
98 | #endif // _BLACKOUT_DRIVER_IMAGE_H_
--------------------------------------------------------------------------------
/contrib/distorm/src/insts.h:
--------------------------------------------------------------------------------
1 | /*
2 | insts.h
3 |
4 | diStorm3 - Powerful disassembler for X86/AMD64
5 | http://ragestorm.net/distorm/
6 | distorm at gmail dot com
7 | Copyright (C) 2003-2018 Gil Dabah
8 | This library is licensed under the BSD license. See the file COPYING.
9 | */
10 |
11 |
12 | #ifndef INSTS_H
13 | #define INSTS_H
14 |
15 | #include "instructions.h"
16 |
17 |
18 | /* Flags Table */
19 | extern _iflags FlagsTable[];
20 |
21 | /* Root Trie DB */
22 | extern _InstSharedInfo InstSharedInfoTable[];
23 | extern _InstInfo InstInfos[];
24 | extern _InstInfoEx InstInfosEx[];
25 | extern _InstNode InstructionsTree[];
26 |
27 | /* 3DNow! Trie DB */
28 | extern _InstNode Table_0F_0F;
29 | /* AVX related: */
30 | extern _InstNode Table_0F, Table_0F_38, Table_0F_3A;
31 |
32 | /*
33 | * The inst_lookup will return on of these two instructions according to the specified decoding mode.
34 | * ARPL or MOVSXD on 64 bits is one byte instruction at index 0x63.
35 | */
36 | extern _InstInfo II_MOVSXD;
37 |
38 | /*
39 | * The NOP instruction can be prefixed by REX in 64bits, therefore we have to decide in runtime whether it's an XCHG or NOP instruction.
40 | * If 0x90 is prefixed by a usable REX it will become XCHG, otherwise it will become a NOP.
41 | * Also note that if it's prefixed by 0xf3, it becomes a Pause.
42 | */
43 | extern _InstInfo II_NOP;
44 | extern _InstInfo II_PAUSE;
45 |
46 | /*
47 | * RDRAND and VMPTRLD share same 2.3 bytes opcode, and then alternates on the MOD bits,
48 | * RDRAND is OT_FULL_REG while VMPTRLD is OT_MEM, and there's no such mixed type.
49 | * So a hack into the inst_lookup was added for this decision, the DB isn't flexible enough. :(
50 | */
51 | extern _InstInfo II_RDRAND;
52 |
53 | /*
54 | * Used for letting the extract operand know the type of operands without knowing the
55 | * instruction itself yet, because of the way those instructions work.
56 | * See function instructions.c!inst_lookup_3dnow.
57 | */
58 | extern _InstInfo II_3DNOW;
59 |
60 | /* Helper tables for pseudo compare mnemonics. */
61 | extern uint16_t CmpMnemonicOffsets[8]; /* SSE */
62 | extern uint16_t VCmpMnemonicOffsets[32]; /* AVX */
63 |
64 | #endif /* INSTS_H */
65 |
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/NameValidator.cpp:
--------------------------------------------------------------------------------
1 | #include "NameValidator.h"
2 |
3 | #include
4 |
5 | #include "ObjectsStore.h"
6 |
7 | std::string MakeValidName(std::string&& name)
8 | {
9 | std::string valid(name);
10 |
11 | for (auto i = 0u; i < name.length(); ++i) {
12 | if (valid[i] == ' '
13 | || valid[i] == '?'
14 | || valid[i] == '+'
15 | || valid[i] == '-'
16 | || valid[i] == ':'
17 | || valid[i] == '/'
18 | || valid[i] == '^'
19 | || valid[i] == '('
20 | || valid[i] == ')'
21 | || valid[i] == '['
22 | || valid[i] == ']'
23 | || valid[i] == '<'
24 | || valid[i] == '>'
25 | || valid[i] == '&'
26 | || valid[i] == '.'
27 | || valid[i] == '#'
28 | || valid[i] == '\''
29 | || valid[i] == '"'
30 | || valid[i] == '%') {
31 | valid[i] = '_';
32 | }
33 | }
34 |
35 | if (!valid.empty()) {
36 | if (std::isdigit(valid[0])) {
37 | valid = '_' + valid;
38 | }
39 | }
40 |
41 | return valid;
42 | }
43 |
44 | std::string SimplifyEnumName(std::string&& name)
45 | {
46 | const auto index = name.find_last_of(':');
47 | if (index == std::string::npos) {
48 | return name;
49 | }
50 |
51 | return name.substr(index + 1);
52 | }
53 |
54 | template
55 | std::string MakeUniqueCppNameImpl(const T& t)
56 | {
57 | std::string name;
58 | if (ObjectsStore().CountObjects(t.GetName()) > 1) {
59 | name += MakeValidName(t.GetOuter().GetName()) + "_";
60 | }
61 | return name + MakeValidName(t.GetName());
62 | }
63 |
64 | std::string MakeUniqueCppName(const UEConst& c)
65 | {
66 | return MakeUniqueCppNameImpl(c);
67 | }
68 |
69 | std::string MakeUniqueCppName(const UEEnum& e)
70 | {
71 | auto name = MakeUniqueCppNameImpl(e);
72 | if (!name.empty() && name[0] != 'E') {
73 | name = 'E' + name;
74 | }
75 | return name;
76 | }
77 |
78 | std::string MakeUniqueCppName(const UEStruct& ss)
79 | {
80 | std::string name;
81 | if (ObjectsStore().CountObjects(ss.GetName()) > 1) {
82 | name += MakeValidName(ss.GetOuter().GetNameCPP()) + "_";
83 | }
84 | return name + MakeValidName(ss.GetNameCPP());
85 | }
86 |
--------------------------------------------------------------------------------
/contrib/distorm/src/x86defs.h:
--------------------------------------------------------------------------------
1 | /*
2 | x86defs.h
3 |
4 | diStorm3 - Powerful disassembler for X86/AMD64
5 | http://ragestorm.net/distorm/
6 | distorm at gmail dot com
7 | Copyright (C) 2003-2018 Gil Dabah
8 | This library is licensed under the BSD license. See the file COPYING.
9 | */
10 |
11 |
12 | #ifndef X86DEFS_H
13 | #define X86DEFS_H
14 |
15 |
16 | #define SEG_REGS_MAX (6)
17 | #define CREGS_MAX (9)
18 | #define DREGS_MAX (8)
19 |
20 | /* Maximum instruction size, including prefixes */
21 | #define INST_MAXIMUM_SIZE (15)
22 |
23 | /* Maximum range of imm8 (comparison type) of special SSE CMP instructions. */
24 | #define INST_CMP_MAX_RANGE (8)
25 |
26 | /* Maximum range of imm8 (comparison type) of special AVX VCMP instructions. */
27 | #define INST_VCMP_MAX_RANGE (32)
28 |
29 | /* Wait instruction byte code. */
30 | #define INST_WAIT_INDEX (0x9b)
31 |
32 | /* Lea instruction byte code. */
33 | #define INST_LEA_INDEX (0x8d)
34 |
35 | /* NOP/XCHG instruction byte code. */
36 | #define INST_NOP_INDEX (0x90)
37 |
38 | /* ARPL/MOVSXD instruction byte code. */
39 | #define INST_ARPL_INDEX (0x63)
40 |
41 | /*
42 | * Minimal MODR/M value of divided instructions.
43 | * It's 0xc0, two MSBs set, which indicates a general purpose register is used too.
44 | */
45 | #define INST_DIVIDED_MODRM (0xc0)
46 |
47 | /* This is the escape byte value used for 3DNow! instructions. */
48 | #define _3DNOW_ESCAPE_BYTE (0x0f)
49 |
50 | #define PREFIX_LOCK (0xf0)
51 | #define PREFIX_REPNZ (0xf2)
52 | #define PREFIX_REP (0xf3)
53 | #define PREFIX_CS (0x2e)
54 | #define PREFIX_SS (0x36)
55 | #define PREFIX_DS (0x3e)
56 | #define PREFIX_ES (0x26)
57 | #define PREFIX_FS (0x64)
58 | #define PREFIX_GS (0x65)
59 | #define PREFIX_OP_SIZE (0x66)
60 | #define PREFIX_ADDR_SIZE (0x67)
61 | #define PREFIX_VEX2b (0xc5)
62 | #define PREFIX_VEX3b (0xc4)
63 |
64 | /* REX prefix value range, 64 bits mode decoding only. */
65 | #define PREFIX_REX_LOW (0x40)
66 | #define PREFIX_REX_HI (0x4f)
67 | /* In order to use the extended GPR's we have to add 8 to the Modr/M info values. */
68 | #define EX_GPR_BASE (8)
69 |
70 | /* Mask for REX and VEX features: */
71 | /* Base */
72 | #define PREFIX_EX_B (1)
73 | /* Index */
74 | #define PREFIX_EX_X (2)
75 | /* Register */
76 | #define PREFIX_EX_R (4)
77 | /* Operand Width */
78 | #define PREFIX_EX_W (8)
79 | /* Vector Lengh */
80 | #define PREFIX_EX_L (0x10)
81 |
82 | #endif /* X86DEFS_H */
83 |
--------------------------------------------------------------------------------
/utils/disasm.h:
--------------------------------------------------------------------------------
1 | #ifndef _UTILS_DISASM_H_
2 | #define _UTILS_DISASM_H_
3 | #if defined(_MSC_VER)
4 | #pragma once
5 | #endif
6 |
7 | #include
8 | #include
9 |
10 | #define DISASM_MAX_INSTRUCTION_LENGTH 15
11 |
12 | #define DISASM_X64 1
13 | #define DISASM_X86 0
14 |
15 | #ifdef __cplusplus
16 | extern "C" {
17 | #endif
18 |
19 | #define DIS_SUCCESS 0
20 | #define DIS_OVERFLOW -1
21 | #define DIS_INVALID_PARAM -2
22 | #define DIS_INVALID -3
23 |
24 | typedef int32_t DisStatus;
25 | typedef _DInst DisData;
26 | typedef _Operand DisOp;
27 |
28 | /**
29 | * Disassemble a single instruction.
30 | *
31 | * @param[in] Instruction Pointer to the code for disassemble
32 | * @param[out] Result Pointer to disassembly data structure
33 | * @param[in] LongMode Set this flag for 64-bit code, and clear for 32-bit
34 | *
35 | * @return length of the instruction. 0 if invalid instruction.
36 | */
37 | uint32_t
38 | DisInstruction(
39 | /* In */ const uint8_t *Instruction,
40 | /* Out */ DisData *Result,
41 | /* In */ uint8_t LongMode
42 | );
43 |
44 | /**
45 | * Decomposes a series of instructions at the address given by the Code
46 | * parameter.
47 | *
48 | * @param[in] Code The code to decompose.
49 | * @param[in] CodeLength The length of code to decompose.
50 | * @param[in] VirtualAddress The optional virtual address of the code.
51 | * @param[out] ResultInsts The resulting array of instructions.
52 | * @param[in] MaxInstCount The maximum number of instructions in the array.
53 | * @param[out] ResultInstCount The number of resulting decomposed instructions.
54 | * @param[out] NextOffset The offset of the next instructions to decompose.
55 | * @param[in] LongMode Set this flag for 64-bit code, and clear for 32-bit.
56 | *
57 | * @return An appropriate status/rc value depending on if an error occurred
58 | * or not.
59 | */
60 | DisStatus
61 | DisDecompose(
62 | /* In */ const uint8_t *Code,
63 | /* In */ uint32_t CodeLength,
64 | /* In */ uint64_t VirtualAddress /*optional*/,
65 | /* Out */ DisData ResultInsts[],
66 | /* In */ uint32_t MaxInstCount,
67 | /* Out */ uint32_t *ResultInstCount,
68 | /* Out */ size_t *NextOffset /*optional*/,
69 | /* In */ uint8_t LongMode
70 | );
71 |
72 | #ifdef __cplusplus
73 | }
74 | #endif
75 |
76 | #endif // _UTILS_DISASM_H_
77 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/ddk/README:
--------------------------------------------------------------------------------
1 | diStorm3 for Ring 0
2 | Gil Dabah Aug 2010
3 | http://ragestorm.net/distorm/
4 |
5 | Tested sample with DDK 7600.16385.1 using WinXPSP2.
6 |
7 | Steps of how to build the diStorm64 sample using the DDK.
8 |
9 | Warning - Make sure the path you extracted diStorm to does not include any spaces, otherwise you will get an error from the build.
10 |
11 | 1) Open the DDK's build environment, for example: "Win XP Free Build Environment",
12 | which readies the evnrionment variables for building a driver. Or run the SETENV.BAT in console.
13 |
14 | 2) Launch "build", once you're in the directory of the /ddkproj.
15 |
16 | 3) If everything worked smoothly, you should see a new file named "distorm.sys" under objfre_wxp_x86\i386
17 | (that's if you use WinXP and the Free Environment).
18 |
19 | - If you experienced any errors, try moving the whole distorm directory to c:\winddk\src\
20 | (or any other directory tree which doesn't contain spaces in its name).
21 |
22 | 4) Now you will have to register the new driver:
23 | a. Copy the distorm.sys file to \windows\system32\drivers\.
24 | b. Use the DDK's regini.exe with the supplied distorm.ini.
25 | c. Restart Windows for the effect to take place. :(
26 |
27 | **The alternative is to use some tool like KmdManager.exe, which will register the driver without a need for the .ini file, nor a reboot.
28 |
29 |
30 | 5) Now open your favorite debug-strings monitor (mine is DebugView).
31 | Make sure you monitor kernel debug-strings.
32 |
33 | 6) Launching "net start distorm" from command line, will run the DriverEntry code in "main.c",
34 | which will disassemble a few instructions from the KeBugcheck routine and dump it using DbgPrint.
35 |
36 |
37 | NOTES:
38 | -+----
39 | The sample uses the stack for storing the results from the decode function.
40 | If you have too many structures on the stack, you better allocate memory before calling the decode function,
41 | and later on free that memory. Don't use the NONPAGED pool if you don't really need it.
42 |
43 | _OffsetType is the type of the DecodedInstruction.Offset field, which defaults to 64bits,
44 | so make sure that when you print this variable you use %I64X, or when you use it anywhere else, you use the _OffsetType as well.
45 | Notice that we call directly distorm_decode64, since we SUPPORT_64BIT_OFFSET and because we don't have the macros of distorm.h.
46 |
47 | diStorm can be really compiled for all IRQL, it doesn't use any resource or the standard C library at all.
48 | Although the sample uses diStorm at PASSIVE level.
49 |
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/PrintHelper.cpp:
--------------------------------------------------------------------------------
1 | #include "PrintHelper.h"
2 |
3 | #include "tinyformat.h"
4 |
5 | #include "IGenerator.h"
6 | #include "Package.h"
7 |
8 | void PrintFileHeader(std::ostream& os, const std::vector& includes, const bool isHeaderFile)
9 | {
10 | extern IGenerator* generator;
11 |
12 | if (isHeaderFile) {
13 | os << "#pragma once\n\n";
14 | }
15 |
16 | os << tfm::format("// %s (%s) SDK\n\n", generator->GetGameName(), generator->GetGameVersion())
17 | << tfm::format("#ifdef _MSC_VER\n\t#pragma pack(push, 0x%X)\n#endif\n\n", generator->GetGlobalMemberAlignment());
18 |
19 | if (!includes.empty()) {
20 | for (auto&& i : includes) {
21 | if (i[0] != '<' && i[0] != '"') {
22 | os << "#include \"" << i << "\"\n";
23 | } else {
24 | os << "#include " << i << "\n";
25 | }
26 | }
27 | os << "\n";
28 | }
29 |
30 | if (!generator->GetNamespaceName().empty()) {
31 | os << "namespace " << generator->GetNamespaceName() << "\n{\n";
32 | }
33 | }
34 |
35 | void PrintFileHeader(std::ostream& os, const bool isHeaderFile)
36 | {
37 | extern IGenerator* generator;
38 |
39 | PrintFileHeader(os, std::vector(), isHeaderFile);
40 | }
41 |
42 | void PrintFileFooter(std::ostream& os)
43 | {
44 | extern IGenerator* generator;
45 |
46 | if (!generator->GetNamespaceName().empty()) {
47 | os << "}\n\n";
48 | }
49 |
50 | os << "#ifdef _MSC_VER\n\t#pragma pack(pop)\n#endif\n";
51 | }
52 |
53 | void PrintSectionHeader(std::ostream& os, const char* name)
54 | {
55 | os << "//---------------------------------------------------------------------------\n"
56 | << "//" << name << "\n"
57 | << "//---------------------------------------------------------------------------\n\n";
58 | }
59 |
60 | std::string GenerateFileName(const FileContentType type, const Package& package)
61 | {
62 | extern IGenerator* generator;
63 |
64 | const char* name;
65 | switch (type) {
66 | case FileContentType::Structs:
67 | name = "%s_%s_structs.hpp";
68 | break;
69 | case FileContentType::Classes:
70 | name = "%s_%s_classes.hpp";
71 | break;
72 | case FileContentType::Functions:
73 | name = "%s_%s_functions.cpp";
74 | break;
75 | case FileContentType::FunctionParameters:
76 | name = "%s_%s_parameters.hpp";
77 | break;
78 | default:
79 | assert(false);
80 | }
81 |
82 | return tfm::format(name, generator->GetGameNameShort(), package.GetName());
83 | }
84 |
--------------------------------------------------------------------------------
/contrib/distorm/src/prefix.h:
--------------------------------------------------------------------------------
1 | /*
2 | prefix.h
3 |
4 | diStorm3 - Powerful disassembler for X86/AMD64
5 | http://ragestorm.net/distorm/
6 | distorm at gmail dot com
7 | Copyright (C) 2003-2018 Gil Dabah
8 | This library is licensed under the BSD license. See the file COPYING.
9 | */
10 |
11 |
12 | #ifndef PREFIX_H
13 | #define PREFIX_H
14 |
15 | #include "config.h"
16 | #include "decoder.h"
17 |
18 |
19 | /* Specifies the type of the extension prefix, such as: REX, 2 bytes VEX, 3 bytes VEX. */
20 | typedef enum {PET_NONE = 0, PET_REX, PET_VEX2BYTES, PET_VEX3BYTES} _PrefixExtType;
21 |
22 | /* Specifies an index into a table of prefixes by their type. */
23 | typedef enum {PFXIDX_NONE = -1, PFXIDX_REX, PFXIDX_LOREP, PFXIDX_SEG, PFXIDX_OP_SIZE, PFXIDX_ADRS, PFXIDX_MAX} _PrefixIndexer;
24 |
25 | /*
26 | * This holds the prefixes state for the current instruction we decode.
27 | * decodedPrefixes includes all specific prefixes that the instruction got.
28 | * start is a pointer to the first prefix to take into account.
29 | * last is a pointer to the last byte we scanned.
30 | * Other pointers are used to keep track of prefixes positions and help us know if they appeared already and where.
31 | */
32 | typedef struct {
33 | _iflags decodedPrefixes, usedPrefixes;
34 | const uint8_t *start, *last, *vexPos, *rexPos;
35 | _PrefixExtType prefixExtType;
36 | uint16_t unusedPrefixesMask;
37 | /* Indicates whether the operand size prefix (0x66) was used as a mandatory prefix. */
38 | int isOpSizeMandatory;
39 | /* If VEX prefix is used, store the VEX.vvvv field. */
40 | unsigned int vexV;
41 | /* The fields B/X/R/W/L of REX and VEX are stored together in this byte. */
42 | unsigned int vrex;
43 |
44 | /* !! Make sure pfxIndexer is LAST! Otherwise memset won't work well with it. !! */
45 |
46 | /* Holds the offset to the prefix byte by its type. */
47 | int pfxIndexer[PFXIDX_MAX];
48 | } _PrefixState;
49 |
50 | /*
51 | * Intel supports 6 types of prefixes, whereas AMD supports 5 types (lock is seperated from rep/nz).
52 | * REX is the fifth prefix type, this time I'm based on AMD64.
53 | * VEX is the 6th, though it can't be repeated.
54 | */
55 | #define MAX_PREFIXES (5)
56 |
57 | int prefixes_is_valid(unsigned int ch, _DecodeType dt);
58 | void prefixes_ignore(_PrefixState* ps, _PrefixIndexer pi);
59 | void prefixes_ignore_all(_PrefixState* ps);
60 | uint16_t prefixes_set_unused_mask(_PrefixState* ps);
61 | void prefixes_decode(const uint8_t* code, int codeLen, _PrefixState* ps, _DecodeType dt);
62 | void prefixes_use_segment(_iflags defaultSeg, _PrefixState* ps, _DecodeType dt, _DInst* di);
63 |
64 | #endif /* PREFIX_H */
65 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/tests/main.py:
--------------------------------------------------------------------------------
1 | #import distorm
2 | from pyasm import *
3 | from distorm3 import *
4 |
5 | _REGS = ["RAX", "RCX", "RDX", "RBX", "RSP", "RBP", "RSI", "RDI", "R8", "R9", "R10", "R11", "R12", "R13", "R14", "R15",
6 | "EAX", "ECX", "EDX", "EBX", "ESP", "EBP", "ESI", "EDI", "R8D", "R9D", "R10D", "R11D", "R12D", "R13D", "R14D", "R15D",
7 | "AX", "CX", "DX", "BX", "SP", "BP", "SI", "DI", "R8W", "R9W", "R10W", "R11W", "R12W", "R13W", "R14W", "R15W",
8 | "AL", "CL", "DL", "BL", "AH", "CH", "DH", "BH", "R8B", "R9B", "R10B", "R11B", "R12B", "R13B", "R14B", "R15B",
9 | "SPL", "BPL", "SIL", "DIL",
10 | "ES", "CS", "SS", "DS", "FS", "GS",
11 | "RIP",
12 | "ST0", "ST1", "ST2", "ST3", "ST4", "ST5", "ST6", "ST7",
13 | "MM0", "MM1", "MM2", "MM3", "MM4", "MM5", "MM6", "MM7",
14 | "XMM0", "XMM1", "XMM2", "XMM3", "XMM4", "XMM5", "XMM6", "XMM7", "XMM8", "XMM9", "XMM10", "XMM11", "XMM12", "XMM13", "XMM14", "XMM15",
15 | "YMM0", "YMM1", "YMM2", "YMM3", "YMM4", "YMM5", "YMM6", "YMM7", "YMM8", "YMM9", "YMM10", "YMM11", "YMM12", "YMM13", "YMM14", "YMM15",
16 | "CR0", "", "CR2", "CR3", "CR4", "", "", "", "CR8",
17 | "DR0", "DR1", "DR2", "DR3", "", "", "DR6", "DR7"]
18 |
19 | def decode(x, mode = 1):
20 | sizes = [16, 32, 64]
21 | x = Assemble(x, sizes[mode])
22 | print x.encode('hex')
23 | #print distorm.Decode(0, x, mode)
24 | print Decode(0, x, mode)
25 |
26 | #decode("bswap ecx", 1)
27 | #distorm3.Decode(0, "480fc3c0".decode('hex'), 2)
28 |
29 |
30 | def xxx(x):
31 | buf = "".join(map(lambda txt: Assemble(txt, 32), x.split("\n")))
32 | print ",0x".join(map(lambda x: "%02x" % ord(x), buf))
33 | return Decode(0, buf, Decode32Bits)[0]
34 |
35 | def yyy(inst):
36 | print "%x (%d): " % (inst["addr"], inst["size"])
37 | print inst
38 | ops = filter(lambda x:x is not None, inst["ops"])
39 | for o in ops:
40 | if o["type"] == O_REG:
41 | print _REGS[o["index"]]
42 | elif o["type"] == O_IMM:
43 | print hex(inst["imm"])
44 | elif o["type"] == O_MEM:
45 | print "[",
46 | if inst["base"] != R_NONE:
47 | print _REGS[inst["base"]],
48 | print "+",
49 | print _REGS[o["index"]],
50 | if inst["scale"] != 0:
51 | print "*%d" % inst["scale"],
52 | if inst["dispSize"] != 0:
53 | print " + 0x%x" % (inst["disp"]),
54 | print "]"
55 | elif o["type"] == O_SMEM:
56 | print "[%s" % (_REGS[o["index"]]),
57 | if inst["dispSize"] != 0:
58 | print " + 0x%x" % (inst["disp"]),
59 | print "]"
60 | elif o["type"] == O_DISP:
61 | print "[0x%x]" % inst["disp"]
62 | elif o["type"] == O_PC:
63 | print hex(inst["imm"])
64 |
65 | #yyy(Decode(0, "0fae38".decode('hex'), Decode32Bits)[0])
66 | yyy(xxx("mov eax, [ebp*4]"))
67 |
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/UE4/PropertyFlags.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 | #include
5 |
6 | enum class UEPropertyFlags : uint64_t {
7 | Edit = 0x0000000000000001,
8 | ConstParm = 0x0000000000000002,
9 | BlueprintVisible = 0x0000000000000004,
10 | ExportObject = 0x0000000000000008,
11 | BlueprintReadOnly = 0x0000000000000010,
12 | Net = 0x0000000000000020,
13 | EditFixedSize = 0x0000000000000040,
14 | Parm = 0x0000000000000080,
15 | OutParm = 0x0000000000000100,
16 | ZeroConstructor = 0x0000000000000200,
17 | ReturnParm = 0x0000000000000400,
18 | DisableEditOnTemplate = 0x0000000000000800,
19 | Transient = 0x0000000000002000,
20 | Config = 0x0000000000004000,
21 | DisableEditOnInstance = 0x0000000000010000,
22 | EditConst = 0x0000000000020000,
23 | GlobalConfig = 0x0000000000040000,
24 | InstancedReference = 0x0000000000080000,
25 | DuplicateTransient = 0x0000000000200000,
26 | SubobjectReference = 0x0000000000400000,
27 | SaveGame = 0x0000000001000000,
28 | NoClear = 0x0000000002000000,
29 | ReferenceParm = 0x0000000008000000,
30 | BlueprintAssignable = 0x0000000010000000,
31 | Deprecated = 0x0000000020000000,
32 | IsPlainOldData = 0x0000000040000000,
33 | RepSkip = 0x0000000080000000,
34 | RepNotify = 0x0000000100000000,
35 | Interp = 0x0000000200000000,
36 | NonTransactional = 0x0000000400000000,
37 | EditorOnly = 0x0000000800000000,
38 | NoDestructor = 0x0000001000000000,
39 | AutoWeak = 0x0000004000000000,
40 | ContainsInstancedReference = 0x0000008000000000,
41 | AssetRegistrySearchable = 0x0000010000000000,
42 | SimpleDisplay = 0x0000020000000000,
43 | AdvancedDisplay = 0x0000040000000000,
44 | Protected = 0x0000080000000000,
45 | BlueprintCallable = 0x0000100000000000,
46 | BlueprintAuthorityOnly = 0x0000200000000000,
47 | TextExportTransient = 0x0000400000000000,
48 | NonPIEDuplicateTransient = 0x0000800000000000,
49 | ExposeOnSpawn = 0x0001000000000000,
50 | PersistentInstance = 0x0002000000000000,
51 | UObjectWrapper = 0x0004000000000000,
52 | HasGetValueTypeHash = 0x0008000000000000,
53 | NativeAccessSpecifierPublic = 0x0010000000000000,
54 | NativeAccessSpecifierProtected = 0x0020000000000000,
55 | NativeAccessSpecifierPrivate = 0x0040000000000000
56 | };
57 |
58 | inline bool operator&(UEPropertyFlags lhs, UEPropertyFlags rhs)
59 | {
60 | return (static_cast>(lhs) & static_cast>(rhs)) == static_cast>(rhs);
61 | }
62 |
63 | std::string StringifyFlags(const UEPropertyFlags flags);
--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | ###############################################################################
2 | # Set default behavior to automatically normalize line endings.
3 | ###############################################################################
4 | * text=auto
5 |
6 | ###############################################################################
7 | # Set default behavior for command prompt diff.
8 | #
9 | # This is need for earlier builds of msysgit that does not have it on by
10 | # default for csharp files.
11 | # Note: This is only used by command line
12 | ###############################################################################
13 | #*.cs diff=csharp
14 |
15 | ###############################################################################
16 | # Set the merge driver for project and solution files
17 | #
18 | # Merging from the command prompt will add diff markers to the files if there
19 | # are conflicts (Merging from VS is not affected by the settings below, in VS
20 | # the diff markers are never inserted). Diff markers may cause the following
21 | # file extensions to fail to load in VS. An alternative would be to treat
22 | # these files as binary and thus will always conflict and require user
23 | # intervention with every merge. To do so, just uncomment the entries below
24 | ###############################################################################
25 | #*.sln merge=binary
26 | #*.csproj merge=binary
27 | #*.vbproj merge=binary
28 | #*.vcxproj merge=binary
29 | #*.vcproj merge=binary
30 | #*.dbproj merge=binary
31 | #*.fsproj merge=binary
32 | #*.lsproj merge=binary
33 | #*.wixproj merge=binary
34 | #*.modelproj merge=binary
35 | #*.sqlproj merge=binary
36 | #*.wwaproj merge=binary
37 |
38 | ###############################################################################
39 | # behavior for image files
40 | #
41 | # image files are treated as binary by default.
42 | ###############################################################################
43 | #*.jpg binary
44 | #*.png binary
45 | #*.gif binary
46 |
47 | ###############################################################################
48 | # diff behavior for common document formats
49 | #
50 | # Convert binary document formats to text before diffing them. This feature
51 | # is only available from the command line. Turn it on by uncommenting the
52 | # entries below.
53 | ###############################################################################
54 | #*.doc diff=astextplain
55 | #*.DOC diff=astextplain
56 | #*.docx diff=astextplain
57 | #*.DOCX diff=astextplain
58 | #*.dot diff=astextplain
59 | #*.DOT diff=astextplain
60 | #*.pdf diff=astextplain
61 | #*.PDF diff=astextplain
62 | #*.rtf diff=astextplain
63 | #*.RTF diff=astextplain
64 |
--------------------------------------------------------------------------------
/driver/ntbuild.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Blackout Driver
3 | * Copyright (c) 2017-2019, Aidan Khoury. All rights reserved.
4 | *
5 | * @file ntbuild.h
6 | * @author Aidan Khoury (ajkhoury)
7 | * @date 4/13/2017
8 | */
9 |
10 | #ifndef _NTBUILD_
11 | #define _NTBUILD_
12 |
13 | #define NT_BUILD_XP 2600 // winxp
14 | #define NT_BUILD_2600 2600 // winxp
15 | #define NT_BUILD_2K3 3790 // ws2k3
16 | #define NT_BUILD_3790 3790 // ws2k3
17 | #define NT_BUILD_VISTA 6000 // vista
18 | #define NT_BUILD_6000 6000 // vista
19 | #define NT_BUILD_7 7600 // win7
20 | #define NT_BUILD_7600 7600 // win7
21 | #define NT_BUILD_7_SP1 7601 // win7sp1
22 | #define NT_BUILD_7601 7601 // win7sp1
23 | #define NT_BUILD_8 9200 // win8
24 | #define NT_BUILD_9200 9200 // win8
25 | #define NT_BUILD_8_1 9600 // blue
26 | #define NT_BUILD_9600 9600 // blue
27 | #define NT_BUILD_10_1507_9841 9841 // 10 Pre RTM Insider
28 | #define NT_BUILD_10_1507_10041 10041 // 10 Pre RTM
29 | #define NT_BUILD_10_1507 10240 // th1
30 | #define NT_BUILD_10_1511 10586 // th2
31 | #define NT_BUILD_10_1607_14316 14316 // rs1 beta
32 | #define NT_BUILD_10_1607 14393 // rs1
33 | #define NT_BUILD_10_1703 15063 // rs2
34 | #define NT_BUILD_10_1709 16299 // rs3
35 | #define NT_BUILD_10_1803 17134 // rs4
36 | #define NT_BUILD_10_1809 17763 // rs5
37 | #define NT_BUILD_10_BUILD_18272 18272 // 19H1 beta
38 | #define NT_BUILD_10_BUILD_18348 18348 // 19H1
39 |
40 | #define NT_BUILD_BLUE NT_BUILD_8_1
41 | #define NT_BUILD_10_TH1 NT_BUILD_10_1507
42 | #define NT_BUILD_10_TH2 NT_BUILD_10_1511
43 | #define NT_BUILD_10_RS1_BETA NT_BUILD_10_1607_14316
44 | #define NT_BUILD_10_RS1 NT_BUILD_10_1607
45 | #define NT_BUILD_10_RS2 NT_BUILD_10_1703
46 | #define NT_BUILD_10_RS3 NT_BUILD_10_1709
47 | #define NT_BUILD_10_RS4 NT_BUILD_10_1803
48 | #define NT_BUILD_10_RS5 NT_BUILD_10_1809
49 |
50 | #define $7600 Build7600
51 | #define $7601 Build7601
52 | #define $9200 Build9200
53 | #define $9600 Build9600
54 | #define $1507 Build1507
55 | #define $1511 Build1511
56 | #define $1607 Build1607
57 | #define $1703 Build1703
58 | #define $1709 Build1709
59 | #define $1803 Build1803
60 | #define $1809 Build1809
61 |
62 | #define WIN7 Build7600
63 | #define WIN71 Build7601
64 | #define WIN8 Build9200
65 | #define WIN81 Build9600
66 | #define TH1 Build1507
67 | #define TH2 Build1511
68 | #define RS1 Build1607
69 | #define RS2 Build1703
70 | #define RS3 Build1709
71 | #define RS4 Build1803
72 | #define RS5 Build1809
73 |
74 | #endif // _NTBUILD_
75 |
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/ObjectsStore.cpp:
--------------------------------------------------------------------------------
1 | #include "ObjectsStore.h"
2 | #include
3 |
4 | ObjectsIterator ObjectsStore::begin()
5 | {
6 | return ObjectsIterator(*this, 0);
7 | }
8 |
9 | ObjectsIterator ObjectsStore::begin() const
10 | {
11 | return ObjectsIterator(*this, 0);
12 | }
13 |
14 | ObjectsIterator ObjectsStore::end()
15 | {
16 | return ObjectsIterator(*this);
17 | }
18 |
19 | ObjectsIterator ObjectsStore::end() const
20 | {
21 | return ObjectsIterator(*this);
22 | }
23 |
24 | UEClass ObjectsStore::FindClass(const std::string& name) const
25 | {
26 | for (auto obj : *this) {
27 | if (obj.GetFullName() == name) {
28 | return obj.Cast();
29 | }
30 | }
31 | return UEClass(nullptr);
32 | }
33 |
34 | ObjectsIterator::ObjectsIterator(const ObjectsStore& _store)
35 | : store(_store),
36 | index(_store.GetObjectsNum())
37 | {
38 | }
39 |
40 | ObjectsIterator::ObjectsIterator(const ObjectsStore& _store, size_t _index)
41 | : store(_store),
42 | index(_index),
43 | current(_store.GetById(_index))
44 | {
45 | }
46 |
47 | ObjectsIterator::ObjectsIterator(const ObjectsIterator& other)
48 | : store(other.store),
49 | index(other.index),
50 | current(other.current)
51 | {
52 | }
53 |
54 | ObjectsIterator::ObjectsIterator(ObjectsIterator&& other) noexcept
55 | : store(other.store),
56 | index(other.index),
57 | current(other.current)
58 | {
59 | }
60 |
61 | ObjectsIterator& ObjectsIterator::operator=(const ObjectsIterator& rhs)
62 | {
63 | index = rhs.index;
64 | current = rhs.current;
65 | return *this;
66 | }
67 |
68 | void ObjectsIterator::swap(ObjectsIterator& other) noexcept
69 | {
70 | std::swap(index, other.index);
71 | std::swap(current, other.current);
72 | }
73 |
74 | ObjectsIterator& ObjectsIterator::operator++()
75 | {
76 | current = UEObject();
77 |
78 | for (++index; index < store.GetObjectsNum(); ++index) {
79 | current = store.GetById(index);
80 | if (current.IsValid()) {
81 | break;
82 | }
83 | }
84 | return *this;
85 | }
86 |
87 | ObjectsIterator ObjectsIterator::operator++(int)
88 | {
89 | auto tmp(*this);
90 | ++(*this);
91 | return tmp;
92 | }
93 |
94 | bool ObjectsIterator::operator==(const ObjectsIterator& rhs) const
95 | {
96 | return index == rhs.index;
97 | }
98 |
99 | bool ObjectsIterator::operator!=(const ObjectsIterator& rhs) const
100 | {
101 | return index != rhs.index;
102 | }
103 |
104 | UEObject ObjectsIterator::operator*() const
105 | {
106 | assert(current.IsValid() && "ObjectsIterator::current is not valid!");
107 |
108 | return current;
109 | }
110 |
111 | UEObject ObjectsIterator::operator->() const
112 | {
113 | return operator*();
114 | }
--------------------------------------------------------------------------------
/internal/sdkgen/Target/PUBG/ObjectsStore.cpp:
--------------------------------------------------------------------------------
1 | #include
2 |
3 | #include "../../Engine/ObjectsStore.h"
4 |
5 | #include "EngineClasses.h"
6 |
7 | #include "../../../utils.h"
8 |
9 | class FUObjectItem {
10 | public:
11 | UObject *Object; // 0x00
12 | int32_t Flags; // 0x08
13 | int32_t ClusterIndex; // 0x0C
14 | int32_t SerialNumber; // 0x10
15 | }; // size=0x18
16 |
17 | class TUObjectArray {
18 | public:
19 | union CryptValue ObjectsEncrypted; // 0x00 FUObjectItem*
20 | int64_t MaxElements; // 0x08
21 | int32_t NumElements; // 0x10
22 | };
23 |
24 | class FUObjectArray {
25 | public:
26 | int32_t ObjFirstGCIndex; // 0x00
27 | int32_t ObjLastNonGCIndex; // 0x04
28 | int32_t MaxObjectsNotConsideredByGC; // 0x08
29 | bool OpenForDisregardForGC; // 0x0C
30 |
31 | TUObjectArray ObjObjects; // 0x10
32 |
33 | FCriticalSection ObjObjectsCritical; // 0x28
34 | FThreadSafeCounter ObjAvailableCount; // 0x50
35 | TArray UObjectCreateListeners; // 0x58
36 | TArray UObjectDeleteListeners; // 0x68
37 |
38 | // ....
39 | };
40 |
41 | FUObjectArray *GUObjectArray = nullptr;
42 |
43 | bool ObjectsStore::Initialize()
44 | {
45 | PVOID ImageBase = utils::GetModuleHandleWIDE(NULL);
46 | ULONG ImageSize = utils::GetModuleSize((HMODULE)ImageBase);
47 |
48 | // 48 8D 0D ? ? ? ? E8 ? ? ? ? 90 48 8B 5C 24 ? 48 83 C4 30
49 | static const UINT8 ObjectsSig[] = {
50 | 0x48, 0x8D, 0x0D, 0xCC, 0xCC, 0xCC, 0xCC, /* lea rcx, GUObjectArray */
51 | 0xE8, 0xCC, 0xCC, 0xCC, 0xCC, /* call FUObjectArray__FreeUObjectIndex */
52 | 0x90, /* nop */
53 | /* loc_7FF785413906: */
54 | 0x48, 0x8B, 0x5C, 0x24, 0xCC, /* mov rbx, [rsp+48h] */
55 | 0x48, 0x83, 0xC4, 0x30 /* add rsp, 30h */
56 | };
57 |
58 | PVOID Found = utils::FindPattern(ImageBase, ImageSize, 0xCC, ObjectsSig, sizeof(ObjectsSig));
59 | if (!Found) {
60 | return false;
61 | }
62 |
63 | GUObjectArray = reinterpret_cast(utils::GetInstructionTarget(Found, 3));
64 |
65 | return true;
66 | }
67 |
68 | void* ObjectsStore::GetAddress()
69 | {
70 | return GUObjectArray;
71 | }
72 |
73 | size_t ObjectsStore::GetObjectsNum() const
74 | {
75 | return GUObjectArray->ObjObjects.NumElements;
76 | }
77 |
78 | UEObject ObjectsStore::GetById(size_t id) const
79 | {
80 | union CryptValue ObjectsDecrypted;
81 | union CryptValue ObjectsEncrypted = GUObjectArray->ObjObjects.ObjectsEncrypted;
82 |
83 | ObjectsDecrypted.LoDword = (ObjectsEncrypted.LoDword + 0x7685D8E5) ^ 0x85E5D16B;
84 | ObjectsDecrypted.HiDword = (ObjectsEncrypted.HiDword - 0x40766DE5) ^ 0xFB75FBB5;
85 |
86 | FUObjectItem *Objects = reinterpret_cast(ObjectsDecrypted.Qword);
87 |
88 | return Objects[id].Object;
89 | }
90 |
--------------------------------------------------------------------------------
/native/private/nativewow64.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "nativecommon.h"
4 |
5 |
6 | #ifdef __cplusplus
7 | extern "C" {
8 | #endif // __cplusplus
9 |
10 | #define WOW64_BEGIN_X64(cs) \
11 | { \
12 | __asm __emit 0x6A __asm __emit (cs) /* push cs */ \
13 | __asm __emit 0xE8 __asm __emit 0x00 __asm __emit 0x00 __asm __emit 0x00 __asm __emit 0x00 /* call $+5 */ \
14 | __asm __emit 0x83 __asm __emit 0x04 __asm __emit 0x24 __asm __emit 0x05 /* add dword [esp], 0x05 */ \
15 | __asm __emit 0xCB /* retf */ \
16 | }
17 |
18 | #define WOW64_END_X64(cs) \
19 | { \
20 | __asm __emit 0xE8 __asm __emit 0x00 __asm __emit 0x00 __asm __emit 0x00 __asm __emit 0x00 /* call $+5 */ \
21 | __asm __emit 0xC7 __asm __emit 0x44 __asm __emit 0x24 __asm __emit 0x04 __asm __emit (cs) __asm __emit 0x00 __asm __emit 0x00 __asm __emit 0x00 /* mov dword [rsp + 4], cs */ \
22 | __asm __emit 0x83 __asm __emit 0x04 __asm __emit 0x24 __asm __emit 0x0D /* add dword [rsp], 0x0D */ \
23 | __asm __emit 0xCB /* retf */ \
24 | }
25 |
26 | #define WOW64_PUSH_X64(r) __asm __emit (0x48 | ((r) >> 3)) __asm __emit (0x50 | ((r) & 7))
27 |
28 | #define WOW64_POP_X64(r) __asm __emit (0x48 | ((r) >> 3)) __asm __emit (0x58 | ((r) & 7))
29 |
30 | #define WOW64_REX_W __asm __emit 0x48 __asm
31 |
32 |
33 | #define WOW64_RAX 0
34 | #define WOW64_RCX 1
35 | #define WOW64_RDX 2
36 | #define WOW64_RBX 3
37 | #define WOW64_RSP 4
38 | #define WOW64_RBP 5
39 | #define WOW64_RSI 6
40 | #define WOW64_RDI 7
41 | #define WOW64_R8 8
42 | #define WOW64_R9 9
43 | #define WOW64_R10 10
44 | #define WOW64_R11 11
45 | #define WOW64_R12 12
46 | #define WOW64_R13 13
47 | #define WOW64_R14 14
48 | #define WOW64_R15 15
49 |
50 | typedef union _WOW64_REGISTER64 {
51 | ULONG64 Dword64;
52 | ULONG Dword[2];
53 | USHORT Word[4];
54 | UCHAR Byte[8];
55 | } WOW64_REGISTER64, *PWOW64_REGISTER64;
56 |
57 | //
58 | // Calculate the address of the base of the structure given its type, and an
59 | // address of a field within the structure.
60 | //
61 | #define WOW64_CONTAINING_RECORD_X64(address, type, field) \
62 | ((ULONG64)((ULONG64)(address) - (ULONG64)(&((type *)0)->field)))
63 |
64 | #ifdef __cplusplus
65 | } // extern "C"
66 | #endif // __cplusplus
67 |
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/UE4/FunctionFlags.cpp:
--------------------------------------------------------------------------------
1 | #include "FunctionFlags.h"
2 |
3 | #include
4 | #include
5 | #include
6 |
7 | std::string StringifyFlags(const UEFunctionFlags flags)
8 | {
9 | std::vector buffer;
10 |
11 | if (flags & UEFunctionFlags::Final) { buffer.push_back("Final"); }
12 | if (flags & UEFunctionFlags::RequiredAPI) { buffer.push_back("RequiredAPI"); }
13 | if (flags & UEFunctionFlags::BlueprintAuthorityOnly) { buffer.push_back("BlueprintAuthorityOnly"); }
14 | if (flags & UEFunctionFlags::BlueprintCosmetic) { buffer.push_back("BlueprintCosmetic"); }
15 | if (flags & UEFunctionFlags::Net) { buffer.push_back("Net"); }
16 | if (flags & UEFunctionFlags::NetReliable) { buffer.push_back("NetReliable"); }
17 | if (flags & UEFunctionFlags::NetRequest) { buffer.push_back("NetRequest"); }
18 | if (flags & UEFunctionFlags::Exec) { buffer.push_back("Exec"); }
19 | if (flags & UEFunctionFlags::Native) { buffer.push_back("Native"); }
20 | if (flags & UEFunctionFlags::Event) { buffer.push_back("Event"); }
21 | if (flags & UEFunctionFlags::NetResponse) { buffer.push_back("NetResponse"); }
22 | if (flags & UEFunctionFlags::Static) { buffer.push_back("Static"); }
23 | if (flags & UEFunctionFlags::NetMulticast) { buffer.push_back("NetMulticast"); }
24 | if (flags & UEFunctionFlags::MulticastDelegate) { buffer.push_back("MulticastDelegate"); }
25 | if (flags & UEFunctionFlags::Public) { buffer.push_back("Public"); }
26 | if (flags & UEFunctionFlags::Private) { buffer.push_back("Private"); }
27 | if (flags & UEFunctionFlags::Protected) { buffer.push_back("Protected"); }
28 | if (flags & UEFunctionFlags::Delegate) { buffer.push_back("Delegate"); }
29 | if (flags & UEFunctionFlags::NetServer) { buffer.push_back("NetServer"); }
30 | if (flags & UEFunctionFlags::HasOutParms) { buffer.push_back("HasOutParms"); }
31 | if (flags & UEFunctionFlags::HasDefaults) { buffer.push_back("HasDefaults"); }
32 | if (flags & UEFunctionFlags::NetClient) { buffer.push_back("NetClient"); }
33 | if (flags & UEFunctionFlags::DLLImport) { buffer.push_back("DLLImport"); }
34 | if (flags & UEFunctionFlags::BlueprintCallable) { buffer.push_back("BlueprintCallable"); }
35 | if (flags & UEFunctionFlags::BlueprintEvent) { buffer.push_back("BlueprintEvent"); }
36 | if (flags & UEFunctionFlags::BlueprintPure) { buffer.push_back("BlueprintPure"); }
37 | if (flags & UEFunctionFlags::Const) { buffer.push_back("Const"); }
38 | if (flags & UEFunctionFlags::NetValidate) { buffer.push_back("NetValidate"); }
39 |
40 | switch (buffer.size()) {
41 | case 0:
42 | return std::string();
43 | case 1:
44 | return std::string(buffer[0]);
45 | default:
46 | std::ostringstream os;
47 | std::copy(buffer.begin(), buffer.end() - 1, std::ostream_iterator(os, ", "));
48 | os << *buffer.rbegin();
49 | return os.str();
50 | }
51 | }
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/TestdiStorm/Program.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Reflection;
3 | using System.Reflection.Emit;
4 | using diStorm;
5 |
6 | namespace TestdiStorm
7 | {
8 | public class Program
9 | {
10 | private static IntPtr LeakNativeMethodPtr(MethodInfo x)
11 | {
12 |
13 | //if ((x.MethodImplementationFlags & MethodImplAttributes.InternalCall) != 0)
14 | // Console.WriteLine("{0} is an InternalCall method. These methods always point to the same address.", x.Name);
15 | var domain = AppDomain.CurrentDomain;
16 | var dynAsm = new AssemblyName("MethodLeakAssembly");
17 | var asmBuilder = domain.DefineDynamicAssembly(dynAsm, AssemblyBuilderAccess.Run);
18 | var moduleBuilder = asmBuilder.DefineDynamicModule("MethodLeakModule");
19 | var typeBuilder = moduleBuilder.DefineType("MethodLeaker", TypeAttributes.Public);
20 | var p = new Type[0];
21 | var methodBuilder = typeBuilder.DefineMethod("LeakNativeMethodPtr", MethodAttributes.Public | MethodAttributes.Static, typeof(IntPtr), null);
22 | var generator = methodBuilder.GetILGenerator();
23 |
24 | // Push unmanaged pointer to MethodInfo onto the evaluation stack
25 | generator.Emit(OpCodes.Ldftn, x);
26 | // Convert the pointer to type - unsigned int64
27 | //generator.Emit(OpCodes.Conv_Ovf_U);
28 | generator.Emit(OpCodes.Ret);
29 |
30 | // Assemble everything
31 | var type = typeBuilder.CreateType();
32 |
33 | var method = type.GetMethod("LeakNativeMethodPtr");
34 |
35 | try {
36 | // Call the method and return its JITed address
37 | var address = (IntPtr) method.Invoke(null, new object[0]);
38 |
39 | Console.WriteLine("0x{0}", address.ToString(string.Format("X{0})", IntPtr.Size * 2)));
40 | return address;
41 | }
42 | catch (Exception e) {
43 | Console.WriteLine("{0} cannot return an unmanaged address.");
44 | }
45 | return IntPtr.Zero;
46 | }
47 |
48 |
49 | private static unsafe void Main(string[] args)
50 | {
51 | var buf = new byte[4];
52 | buf[0] = (byte) 0xc3;
53 | buf[1] = (byte) 0x33;
54 | buf[2] = (byte) 0xc0;
55 | buf[3] = (byte) 0xc3;
56 | var ci = new CodeInfo((long) 0x1000, buf, DecodeType.Decode32Bits, 0);
57 | var dr = new DecodedResult(10);
58 | diStorm3.Decode(ci, dr);
59 |
60 | foreach (var x in dr.Instructions) {
61 | var s = String.Format("{0:X} {1} {2}", x.Offset, x.Mnemonic, x.Operands);
62 | Console.WriteLine(s);
63 | }
64 |
65 | var dr2 = new DecomposedResult(10);
66 | diStorm3.Decompose(ci, dr2);
67 |
68 | foreach (var y in dr2.Instructions) {
69 | if (y.Opcode != Opcode.RET)
70 | {
71 | var x = diStorm3.Format(ci, y);
72 | var s = String.Format("{0:X} {1} {2}", x.Offset, x.Mnemonic, x.Operands);
73 | Console.WriteLine(s);
74 | }
75 | }
76 |
77 | }
78 | }
79 | }
80 |
--------------------------------------------------------------------------------
/contrib/distorm/make/win32/cdistorm.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {50ac9ad6-0895-4596-b142-1a7fad1b97d5}
6 | cpp;c;cxx;def;odl;idl;hpj;bat;asm
7 |
8 |
9 | {8612ae75-7b41-4557-b23b-d3e14e7f9613}
10 | h;hpp;hxx;hm;inl;inc
11 |
12 |
13 |
14 |
15 | Source Files
16 |
17 |
18 | Source Files
19 |
20 |
21 | Source Files
22 |
23 |
24 | Source Files
25 |
26 |
27 | Source Files
28 |
29 |
30 | Source Files
31 |
32 |
33 | Source Files
34 |
35 |
36 | Source Files
37 |
38 |
39 | Source Files
40 |
41 |
42 |
43 |
44 | Header Files
45 |
46 |
47 | Header Files
48 |
49 |
50 | Header Files
51 |
52 |
53 | Header Files
54 |
55 |
56 | Header Files
57 |
58 |
59 | Header Files
60 |
61 |
62 | Header Files
63 |
64 |
65 | Header Files
66 |
67 |
68 | Header Files
69 |
70 |
71 | Header Files
72 |
73 |
74 | Header Files
75 |
76 |
77 | Header Files
78 |
79 |
80 |
81 |
82 |
83 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/ddk/main.c:
--------------------------------------------------------------------------------
1 | /*
2 | * main.c
3 | * Sample kernel driver to show how diStorm can be easily compiled and used in Ring 0.
4 | *
5 | * /// Follow the README file in order to compile diStorm using the DDK. \\\
6 | *
7 | * Izik, Gil Dabah
8 | * Jan 2007
9 | * http://ragestorm.net/distorm/
10 | */
11 |
12 | #include
13 | #include "../include/distorm.h"
14 | #include "dummy.c"
15 |
16 | // The number of the array of instructions the decoder function will use to return the disassembled instructions.
17 | // Play with this value for performance...
18 | #define MAX_INSTRUCTIONS (15)
19 |
20 | void DriverUnload(IN PDRIVER_OBJECT DriverObject)
21 | {
22 | }
23 |
24 | NTSTATUS DriverEntry(IN PDRIVER_OBJECT DriverObject, IN PUNICODE_STRING RegistryPath)
25 | {
26 | UNICODE_STRING pFcnName;
27 |
28 | // Holds the result of the decoding.
29 | _DecodeResult res;
30 | // Decoded instruction information.
31 | _DecodedInst decodedInstructions[MAX_INSTRUCTIONS];
32 | // next is used for instruction's offset synchronization.
33 | // decodedInstructionsCount holds the count of filled instructions' array by the decoder.
34 | unsigned int decodedInstructionsCount = 0, i, next;
35 | // Default decoding mode is 32 bits, could be set by command line.
36 | _DecodeType dt = Decode32Bits;
37 |
38 | // Default offset for buffer is 0, could be set in command line.
39 | _OffsetType offset = 0;
40 | char* errch = NULL;
41 |
42 | // Buffer to disassemble.
43 | unsigned char *buf;
44 | int len = 100;
45 |
46 | // Register unload routine
47 | DriverObject->DriverUnload = DriverUnload;
48 |
49 | DbgPrint("diStorm Loaded!\n");
50 |
51 | // Get address of KeBugCheck
52 | RtlInitUnicodeString(&pFcnName, L"KeBugCheck");
53 | buf = (char *)MmGetSystemRoutineAddress(&pFcnName);
54 | offset = (unsigned) (_OffsetType)buf;
55 |
56 | DbgPrint("Resolving KeBugCheck @ 0x%08x\n", buf);
57 | // Decode the buffer at given offset (virtual address).
58 |
59 | while (1) {
60 | res = distorm_decode64(offset, (const unsigned char*)buf, len, dt, decodedInstructions, MAX_INSTRUCTIONS, &decodedInstructionsCount);
61 | if (res == DECRES_INPUTERR) {
62 | DbgPrint(("NULL Buffer?!\n"));
63 | break;
64 | }
65 |
66 | for (i = 0; i < decodedInstructionsCount; i++) {
67 | // Note that we print the offset as a 64 bits variable!!!
68 | // It might be that you'll have to change it to %08X...
69 | DbgPrint("%08I64x (%02d) %s %s %s\n", decodedInstructions[i].offset, decodedInstructions[i].size,
70 | (char*)decodedInstructions[i].instructionHex.p,
71 | (char*)decodedInstructions[i].mnemonic.p,
72 | (char*)decodedInstructions[i].operands.p);
73 | }
74 |
75 | if (res == DECRES_SUCCESS || decodedInstructionsCount == 0) {
76 | break; // All instructions were decoded.
77 | }
78 |
79 | // Synchronize:
80 | next = (unsigned int)(decodedInstructions[decodedInstructionsCount-1].offset - offset);
81 | next += decodedInstructions[decodedInstructionsCount-1].size;
82 |
83 | // Advance ptr and recalc offset.
84 | buf += next;
85 | len -= next;
86 | offset += next;
87 | }
88 |
89 | DbgPrint(("Done!\n"));
90 | return STATUS_UNSUCCESSFUL; // Make sure the driver doesn't stay resident, so we can recompile and run again!
91 | }
92 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/TestdiStorm/TestdiStorm.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | AnyCPU
7 | {2F2F3CBD-F968-47E4-ADEC-D42E42A924AC}
8 | Exe
9 | Properties
10 | TestDiStorm
11 | TestDiStorm
12 | v4.0
13 | 512
14 |
15 |
16 |
17 | x64
18 | true
19 | full
20 | false
21 | bin\Debug\
22 | DEBUG;TRACE
23 | prompt
24 | 4
25 | true
26 | false
27 |
28 |
29 | x64
30 | pdbonly
31 | true
32 | bin\Release\
33 | TRACE
34 | prompt
35 | 4
36 | true
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 | {137ade63-2489-4235-91c6-6cb664cab63f}
55 | distorm-net
56 |
57 |
58 |
59 |
60 | copy $(SolutionDir)\..\..\distorm3.dll $(TargetDir)
61 |
62 |
69 |
--------------------------------------------------------------------------------
/internal/sdk/World.cpp:
--------------------------------------------------------------------------------
1 | #include "World.h"
2 |
3 | #include
4 | #include
5 | #include
6 |
7 | #include "../Sdk.h"
8 |
9 | //static uint64_t *GWorldEncrypted = NULL;
10 | //static bool WorldInitializeGlobal()
11 | //{
12 | // void* ImageBase;
13 | // uint32_t ImageSize;
14 | //
15 | // if (GWorldEncrypted) {
16 | // return true;
17 | // }
18 | //
19 | // ImageBase = utils::GetModuleHandleWIDE(NULL);
20 | // ImageSize = utils::GetModuleSize((HMODULE)ImageBase);
21 | //
22 | // // Search for the GWorld address inside the HandleCSVProfileCommand routine:
23 | // // .text:7FF6FC3954C7 48 8B D9 mov rbx, rcx
24 | // // .text:7FF6FC3954CA 48 8B 05 57 34 9C 04 mov rax, cs:GWorld
25 | // // .text:7FF6FC3954D1 48 89 84 24 80 00 00 00 mov [rsp+68h+arg_10], rax
26 | // // .text:7FF6FC3954D9 33 F6 xor esi, esi
27 | // // .text:7FF6FC3954DB 48 39 35 1E 7C 04 03 cmp qword ptr cs:aXenuinesdkCarv_97, rsi ; "XENUINESDK_CARVE"
28 | // // .text:7FF6FC3954E2 75 10 jnz short loc_7FF6FC3954F4
29 | // // 48 8B D9 48 8B 05 ? ? ? ? 48 89 84 24 ? ? ? ? 33 F6
30 | // const uint8_t *Found;
31 | // do Found = utils::FindPatternIDA(ImageBase, ImageSize, _XOR_("48 8B D9 48 8B 05 ?? ?? ?? ?? 48 89 84 24"));
32 | // while (!Found);
33 | //
34 | // GWorldEncrypted = static_cast(utils::GetInstructionTarget(Found, 3 + 3));
35 | // LOG_INFO(_XOR_("GWorldEncrypted = 0x%016llx"), GWorldEncrypted);
36 | //
37 | // return true;
38 | //}
39 | //
40 | //WorldProxy::WorldProxy()
41 | //{
42 | // if (!GWorldEncrypted) {
43 | // WorldInitializeGlobal();
44 | // }
45 | // WorldEncryptedPtr = GWorldEncrypted;
46 | //}
47 | //
48 | //const void* WorldProxy::GetAddress() const
49 | //{
50 | // union CryptValue WorldDecrypted;
51 | // uint64_t WorldEncrypted = *WorldEncryptedPtr;
52 | //
53 | // //LOG_INFO(_XOR_("WorldEncrypted = 0x%016llx"), WorldEncrypted);
54 | // WorldDecrypted.Qword = DecryptWorldAsm(WorldEncrypted);
55 | // //LOG_INFO(_XOR_("WorldDecrypted = 0x%016llx"), WorldDecrypted.Qword);
56 | //
57 | // return WorldDecrypted.Pointer;
58 | //}
59 |
60 | #if defined(ENABLE_SDK)
61 | //TArray WorldProxy::GetLevels() const
62 | //{
63 | // const UWorld* World = GetConstPtr();
64 | // if (World) {
65 | // return World->Levels;
66 | // }
67 | // return TArray();
68 | //}
69 | //
70 | //ULevel* WorldProxy::GetPersistentLevel() const
71 | //{
72 | // UWorld* World = GetPtr();
73 | // if (World) {
74 | // CryptValue PersistentLevelDecrypted;
75 | // PersistentLevelDecrypted.Qword = DecryptPersistentLevelAsm(World->GetPersistentLevelEncrypted());
76 | // return static_cast(PersistentLevelDecrypted.Pointer);
77 | // }
78 | // return nullptr;
79 | //}
80 |
81 | //ULevel* WorldProxy::GetCurrentLevel() const
82 | //{
83 | // UWorld* World = GetPtr();
84 | // if (World) {
85 | // CryptValue CurrentLevelDecrypted;
86 | // CurrentLevelDecrypted.Qword = DecryptCurrentLevelAsm(reinterpret_cast(World->CurrentLevel));
87 | // return static_cast(CurrentLevelDecrypted.Pointer);
88 | // }
89 | // return nullptr;
90 | //}
91 | #endif // ENABLE_SDK
92 |
93 |
94 |
--------------------------------------------------------------------------------
/native/service.c:
--------------------------------------------------------------------------------
1 | #include "service.h"
2 |
3 | BOOL
4 | SvcCreateService(
5 | OUT PHANDLE ServiceHandle,
6 | IN LPCWSTR ServiceName,
7 | IN LPCWSTR DisplayName OPTIONAL,
8 | IN LPCWSTR BinaryPath,
9 | IN ACCESS_MASK DesiredAccess,
10 | IN ULONG ServiceType,
11 | IN ULONG StartType,
12 | IN ULONG ErrorControl
13 | )
14 | {
15 | SC_HANDLE ScHandle;
16 |
17 | ScHandle = OpenSCManagerW(NULL, NULL, SC_MANAGER_CREATE_SERVICE);
18 | if (!ScHandle) {
19 | return FALSE;
20 | }
21 |
22 | *ServiceHandle = CreateServiceW(ScHandle,
23 | ServiceName,
24 | DisplayName,
25 | DesiredAccess,
26 | ServiceType,
27 | StartType,
28 | ErrorControl,
29 | BinaryPath,
30 | NULL,
31 | NULL,
32 | NULL,
33 | NULL,
34 | NULL
35 | );
36 |
37 | CloseServiceHandle(ScHandle);
38 |
39 | return *ServiceHandle != NULL;
40 | }
41 |
42 | BOOL
43 | SvcDeleteService(
44 | IN HANDLE ServiceHandle
45 | )
46 | {
47 | return DeleteService(ServiceHandle);
48 | }
49 |
50 | BOOL
51 | SvcOpenServiceHandle(
52 | OUT PHANDLE ServiceHandle,
53 | IN LPCWSTR ServiceName,
54 | IN ACCESS_MASK DesiredAccess
55 | )
56 | {
57 | SC_HANDLE ScHandle;
58 |
59 | ScHandle = OpenSCManagerW(NULL, NULL, SC_MANAGER_CONNECT);
60 | if (!ScHandle) {
61 | return FALSE;
62 | }
63 |
64 | *ServiceHandle = OpenServiceW(ScHandle, ServiceName, DesiredAccess);
65 |
66 | CloseServiceHandle(ScHandle);
67 |
68 | return *ServiceHandle != NULL;
69 | }
70 |
71 | BOOL
72 | SvcCloseServiceHandle(
73 | IN HANDLE ServiceHandle
74 | )
75 | {
76 | return CloseServiceHandle(ServiceHandle);
77 | }
78 |
79 | BOOL
80 | SvcStartService(
81 | IN HANDLE ServiceHandle
82 | )
83 | {
84 | return StartServiceW(ServiceHandle, 0, NULL);
85 | }
86 |
87 | BOOL
88 | SvcPauseService(
89 | IN HANDLE ServiceHandle,
90 | OUT SERVICE_STATUS *ServiceStatus OPTIONAL
91 | )
92 | {
93 | BOOL Result;
94 | SERVICE_STATUS Status;
95 |
96 | Result = ControlService(ServiceHandle, SERVICE_CONTROL_PAUSE, &Status);
97 |
98 | if (ServiceStatus) {
99 | *ServiceStatus = Status;
100 | }
101 |
102 | return Result;
103 | }
104 |
105 | BOOL
106 | SvcResumeService(
107 | IN HANDLE ServiceHandle,
108 | OUT SERVICE_STATUS *ServiceStatus OPTIONAL
109 | )
110 | {
111 | BOOL Result;
112 | SERVICE_STATUS Status;
113 |
114 | Result = ControlService(ServiceHandle, SERVICE_CONTROL_CONTINUE, &Status);
115 |
116 | if (ServiceStatus) {
117 | *ServiceStatus = Status;
118 | }
119 |
120 | return Result;
121 | }
122 |
123 | BOOL
124 | SvcStopService(
125 | IN HANDLE ServiceHandle,
126 | OUT SERVICE_STATUS *ServiceStatus OPTIONAL
127 | )
128 | {
129 | BOOL Result;
130 | SERVICE_STATUS Status;
131 |
132 | Result = ControlService(ServiceHandle, SERVICE_CONTROL_STOP, &Status);
133 |
134 | if (ServiceStatus) {
135 | *ServiceStatus = Status;
136 | }
137 |
138 | return Result;
139 | }
140 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/cs/distorm-net/distorm-net.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | AnyCPU
7 | {137ADE63-2489-4235-91C6-6CB664CAB63F}
8 | Library
9 | Properties
10 | diStorm
11 | diStorm
12 | v4.0
13 | 512
14 |
15 |
16 |
17 | true
18 | full
19 | false
20 | bin\Debug\
21 | DEBUG;TRACE
22 | prompt
23 | 4
24 | true
25 | x64
26 |
27 |
28 | pdbonly
29 | true
30 | bin\Release\
31 | TRACE
32 | prompt
33 | 4
34 | true
35 | x64
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 | True
51 | True
52 | Opcodes.tt
53 |
54 |
55 |
56 |
57 |
58 | TextTemplatingFileGenerator
59 | Opcodes.cs
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
80 |
--------------------------------------------------------------------------------
/vendor/vmp/VMProtectDDK.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #define VMP_IMPORT __declspec(dllimport)
4 | #define VMP_API __stdcall
5 | #define VMP_WCHAR wchar_t
6 | #ifdef _WIN64
7 | #pragma comment(lib, "VMProtectDDK64.lib")
8 | #else
9 | #pragma comment(lib, "VMProtectDDK32.lib")
10 | #endif // _WIN64
11 |
12 | #ifdef __cplusplus
13 | extern "C" {
14 | #endif
15 |
16 | // protection
17 | VMP_IMPORT void VMP_API VMProtectBegin(const char *);
18 | VMP_IMPORT void VMP_API VMProtectBeginVirtualization(const char *);
19 | VMP_IMPORT void VMP_API VMProtectBeginMutation(const char *);
20 | VMP_IMPORT void VMP_API VMProtectBeginUltra(const char *);
21 | VMP_IMPORT void VMP_API VMProtectBeginVirtualizationLockByKey(const char *);
22 | VMP_IMPORT void VMP_API VMProtectBeginUltraLockByKey(const char *);
23 | VMP_IMPORT void VMP_API VMProtectEnd(void);
24 |
25 | // utils
26 | VMP_IMPORT BOOLEAN VMP_API VMProtectIsProtected();
27 | VMP_IMPORT BOOLEAN VMP_API VMProtectIsDebuggerPresent(BOOLEAN); // IRQL = PASSIVE_LEVEL
28 | VMP_IMPORT BOOLEAN VMP_API VMProtectIsVirtualMachinePresent(void); // IRQL = PASSIVE_LEVEL
29 | VMP_IMPORT BOOLEAN VMP_API VMProtectIsValidImageCRC(void);
30 | VMP_IMPORT const char * VMP_API VMProtectDecryptStringA(const char *value);
31 | VMP_IMPORT const VMP_WCHAR * VMP_API VMProtectDecryptStringW(const VMP_WCHAR *value);
32 | VMP_IMPORT BOOLEAN VMP_API VMProtectFreeString(const void *value);
33 |
34 | // licensing
35 | enum VMProtectSerialStateFlags
36 | {
37 | SERIAL_STATE_SUCCESS = 0,
38 | SERIAL_STATE_FLAG_CORRUPTED = 0x00000001,
39 | SERIAL_STATE_FLAG_INVALID = 0x00000002,
40 | SERIAL_STATE_FLAG_BLACKLISTED = 0x00000004,
41 | SERIAL_STATE_FLAG_DATE_EXPIRED = 0x00000008,
42 | SERIAL_STATE_FLAG_RUNNING_TIME_OVER = 0x00000010,
43 | SERIAL_STATE_FLAG_BAD_HWID = 0x00000020,
44 | SERIAL_STATE_FLAG_MAX_BUILD_EXPIRED = 0x00000040,
45 | };
46 |
47 | #pragma pack(push, 1)
48 | typedef struct
49 | {
50 | unsigned short wYear;
51 | unsigned char bMonth;
52 | unsigned char bDay;
53 | } VMProtectDate;
54 |
55 | typedef struct
56 | {
57 | int nState; // VMProtectSerialStateFlags
58 | VMP_WCHAR wUserName[256]; // user name
59 | VMP_WCHAR wEMail[256]; // email
60 | VMProtectDate dtExpire; // date of serial number expiration
61 | VMProtectDate dtMaxBuild; // max date of build, that will accept this key
62 | int bRunningTime; // running time in minutes
63 | unsigned char nUserDataLength; // length of user data in bUserData
64 | unsigned char bUserData[255]; // up to 255 bytes of user data
65 | } VMProtectSerialNumberData;
66 | #pragma pack(pop)
67 |
68 | VMP_IMPORT int VMP_API VMProtectSetSerialNumber(const char *serial);
69 | VMP_IMPORT int VMP_API VMProtectGetSerialNumberState();
70 | VMP_IMPORT BOOLEAN VMP_API VMProtectGetSerialNumberData(VMProtectSerialNumberData *data, int size);
71 | VMP_IMPORT int VMP_API VMProtectGetCurrentHWID(char *hwid, int size);
72 |
73 | // activation
74 | enum VMProtectActivationFlags
75 | {
76 | ACTIVATION_OK = 0,
77 | ACTIVATION_SMALL_BUFFER,
78 | ACTIVATION_NO_CONNECTION,
79 | ACTIVATION_BAD_REPLY,
80 | ACTIVATION_BANNED,
81 | ACTIVATION_CORRUPTED,
82 | ACTIVATION_BAD_CODE,
83 | ACTIVATION_ALREADY_USED,
84 | ACTIVATION_SERIAL_UNKNOWN,
85 | ACTIVATION_EXPIRED,
86 | ACTIVATION_NOT_AVAILABLE
87 | };
88 |
89 | VMP_IMPORT int VMP_API VMProtectActivateLicense(const char *code, char *serial, int size);
90 | VMP_IMPORT int VMP_API VMProtectDeactivateLicense(const char *serial);
91 | VMP_IMPORT int VMP_API VMProtectGetOfflineActivationString(const char *code, char *buf, int size);
92 | VMP_IMPORT int VMP_API VMProtectGetOfflineDeactivationString(const char *serial, char *buf, int size);
93 |
94 | #ifdef __cplusplus
95 | }
96 | #endif
--------------------------------------------------------------------------------
/internal/sdk/Encryption.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 |
5 | union CryptValue {
6 |
7 | /* Byte Values */
8 |
9 | unsigned char Byte;
10 | struct {
11 | unsigned char Byte1;
12 | unsigned char Byte2;
13 | unsigned char Byte3;
14 | unsigned char Byte4;
15 | unsigned char Byte5;
16 | unsigned char Byte6;
17 | unsigned char Byte7;
18 | unsigned char Byte8;
19 | };
20 |
21 | /* Word Values */
22 |
23 | unsigned short Word;
24 | struct {
25 | unsigned short Word1;
26 | unsigned short Word2;
27 | unsigned short Word3;
28 | unsigned short Word4;
29 | };
30 |
31 | /* Double Word Values */
32 |
33 | unsigned long Dword;
34 | struct {
35 | unsigned long LoDword;
36 | unsigned long HiDword;
37 | };
38 | struct {
39 | unsigned long Dword1;
40 | unsigned long Dword2;
41 | };
42 |
43 | /* Quad Word Value */
44 |
45 | unsigned __int64 Qword;
46 |
47 | /* Pointer Value */
48 |
49 | void *Pointer;
50 | };
51 |
52 | #ifndef __ROL__
53 | #define __ROL__(value,count) _rotl((unsigned int)(value),count)
54 | #endif
55 | #ifndef __ROR__
56 | #define __ROR__(value,count) _rotr((unsigned int)(value),count)
57 | #endif
58 | #ifndef __ROL1__
59 | #define __ROL1__(value,count) _rotl8((unsigned char)(value),count)
60 | #endif
61 | #ifndef __ROR1__
62 | #define __ROR1__(value,count) _rotr8((unsigned char)(value),count)
63 | #endif
64 | #ifndef __ROL2__
65 | #define __ROL2__(value,count) _rotl16((unsigned short)(value),count)
66 | #endif
67 | #ifndef __ROR2__
68 | #define __ROR2__(value,count) _rotr16((unsigned short)(value),count)
69 | #endif
70 | #ifndef __ROL4__
71 | #define __ROL4__(value,count) __ROL__(value,count)
72 | #endif
73 | #ifndef __ROR4__
74 | #define __ROR4__(value,count) __ROR__(value,count)
75 | #endif
76 | #ifndef __ROL8__
77 | #define __ROL8__(value,count) _rotl64((unsigned __int64)(value),count)
78 | #endif
79 | #ifndef __ROR8__
80 | #define __ROR8__(value,count) _rotr64((unsigned __int64)(value),count)
81 | #endif
82 |
83 | #ifndef __PAIR64__
84 | #define __PAIR64__(hi, low) ((unsigned __int64)(((unsigned __int64)(hi) << 32) | (unsigned __int32)(low)))
85 | #endif
86 |
87 | #ifdef __cplusplus
88 | extern "C" {
89 | #endif
90 |
91 | /**
92 | * Names asm decryption routines.
93 | */
94 | unsigned __int64 DecryptNamesAsm(unsigned __int64 NamesEncrypted);
95 | unsigned __int64 DecryptChunksAsm(unsigned __int64 ChunksEncrypted);
96 | unsigned __int64 DecryptNumElementsAsm(unsigned __int64 NumElementsEncrypted);
97 | unsigned __int64 DecryptNameEntryIndexAsm(unsigned __int64 IndexEncrypted);
98 |
99 | /**
100 | * Objects asm decryption routines.
101 | */
102 | unsigned __int64 DecryptObjectsAsm(unsigned __int64 ObjectsEncrypted);
103 | unsigned int DecryptObjectFlagsAsm(unsigned int ObjectFlagsEncrypted);
104 | unsigned int DecryptObjectIndexAsm(unsigned int InternalIndexEncrypted);
105 | unsigned __int64 DecryptObjectClassAsm(unsigned __int64 ClassEncrypted);
106 | unsigned __int64 DecryptObjectOuterAsm(unsigned __int64 OuterEncrypted);
107 | void DecryptObjectFNameAsm(const int InNameIndexEncrypted,
108 | const int InNameNumberEncrypted,
109 | int* OutNameIndex,
110 | int* OutNameNumber);
111 |
112 | /**
113 | * World asm decryption routines.
114 | */
115 | unsigned __int64 DecryptPersistentLevelAsm(unsigned __int64 PersistentLevelEncrypted);
116 | unsigned __int64 DecryptActorsAsm(unsigned __int64 ActorsEncrypted);
117 |
118 | #ifdef __cplusplus
119 | }
120 | #endif
--------------------------------------------------------------------------------
/vendor/vmp/VMProtectSDK.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #if defined(__APPLE__) || defined(__unix__)
4 | #define VMP_IMPORT
5 | #define VMP_API
6 | #define VMP_WCHAR unsigned short
7 | #else
8 | #define VMP_IMPORT __declspec(dllimport)
9 | #define VMP_API __stdcall
10 | #define VMP_WCHAR wchar_t
11 | #ifdef _WIN64
12 | #pragma comment(lib, "VMProtectSDK64.lib")
13 | #else
14 | #pragma comment(lib, "VMProtectSDK32.lib")
15 | #endif // _WIN64
16 | #endif // __APPLE__ || __unix__
17 |
18 | #ifdef __cplusplus
19 | extern "C" {
20 | #endif
21 |
22 | // protection
23 | VMP_IMPORT void VMP_API VMProtectBegin(const char *);
24 | VMP_IMPORT void VMP_API VMProtectBeginVirtualization(const char *);
25 | VMP_IMPORT void VMP_API VMProtectBeginMutation(const char *);
26 | VMP_IMPORT void VMP_API VMProtectBeginUltra(const char *);
27 | VMP_IMPORT void VMP_API VMProtectBeginVirtualizationLockByKey(const char *);
28 | VMP_IMPORT void VMP_API VMProtectBeginUltraLockByKey(const char *);
29 | VMP_IMPORT void VMP_API VMProtectEnd(void);
30 |
31 | // utils
32 | VMP_IMPORT bool VMP_API VMProtectIsProtected();
33 | VMP_IMPORT bool VMP_API VMProtectIsDebuggerPresent(bool);
34 | VMP_IMPORT bool VMP_API VMProtectIsVirtualMachinePresent(void);
35 | VMP_IMPORT bool VMP_API VMProtectIsValidImageCRC(void);
36 | VMP_IMPORT const char * VMP_API VMProtectDecryptStringA(const char *value);
37 | VMP_IMPORT const VMP_WCHAR * VMP_API VMProtectDecryptStringW(const VMP_WCHAR *value);
38 | VMP_IMPORT bool VMP_API VMProtectFreeString(const void *value);
39 |
40 | // licensing
41 | enum VMProtectSerialStateFlags
42 | {
43 | SERIAL_STATE_SUCCESS = 0,
44 | SERIAL_STATE_FLAG_CORRUPTED = 0x00000001,
45 | SERIAL_STATE_FLAG_INVALID = 0x00000002,
46 | SERIAL_STATE_FLAG_BLACKLISTED = 0x00000004,
47 | SERIAL_STATE_FLAG_DATE_EXPIRED = 0x00000008,
48 | SERIAL_STATE_FLAG_RUNNING_TIME_OVER = 0x00000010,
49 | SERIAL_STATE_FLAG_BAD_HWID = 0x00000020,
50 | SERIAL_STATE_FLAG_MAX_BUILD_EXPIRED = 0x00000040,
51 | };
52 |
53 | #pragma pack(push, 1)
54 | typedef struct
55 | {
56 | unsigned short wYear;
57 | unsigned char bMonth;
58 | unsigned char bDay;
59 | } VMProtectDate;
60 |
61 | typedef struct
62 | {
63 | int nState; // VMProtectSerialStateFlags
64 | VMP_WCHAR wUserName[256]; // user name
65 | VMP_WCHAR wEMail[256]; // email
66 | VMProtectDate dtExpire; // date of serial number expiration
67 | VMProtectDate dtMaxBuild; // max date of build, that will accept this key
68 | int bRunningTime; // running time in minutes
69 | unsigned char nUserDataLength; // length of user data in bUserData
70 | unsigned char bUserData[255]; // up to 255 bytes of user data
71 | } VMProtectSerialNumberData;
72 | #pragma pack(pop)
73 |
74 | VMP_IMPORT int VMP_API VMProtectSetSerialNumber(const char *serial);
75 | VMP_IMPORT int VMP_API VMProtectGetSerialNumberState();
76 | VMP_IMPORT bool VMP_API VMProtectGetSerialNumberData(VMProtectSerialNumberData *data, int size);
77 | VMP_IMPORT int VMP_API VMProtectGetCurrentHWID(char *hwid, int size);
78 |
79 | // activation
80 | enum VMProtectActivationFlags
81 | {
82 | ACTIVATION_OK = 0,
83 | ACTIVATION_SMALL_BUFFER,
84 | ACTIVATION_NO_CONNECTION,
85 | ACTIVATION_BAD_REPLY,
86 | ACTIVATION_BANNED,
87 | ACTIVATION_CORRUPTED,
88 | ACTIVATION_BAD_CODE,
89 | ACTIVATION_ALREADY_USED,
90 | ACTIVATION_SERIAL_UNKNOWN,
91 | ACTIVATION_EXPIRED,
92 | ACTIVATION_NOT_AVAILABLE
93 | };
94 |
95 | VMP_IMPORT int VMP_API VMProtectActivateLicense(const char *code, char *serial, int size);
96 | VMP_IMPORT int VMP_API VMProtectDeactivateLicense(const char *serial);
97 | VMP_IMPORT int VMP_API VMProtectGetOfflineActivationString(const char *code, char *buf, int size);
98 | VMP_IMPORT int VMP_API VMProtectGetOfflineDeactivationString(const char *serial, char *buf, int size);
99 |
100 | #ifdef __cplusplus
101 | }
102 | #endif
103 |
--------------------------------------------------------------------------------
/driver/shared.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Blackout Driver
3 | * Copyright (c) 2018-2019 Aidan Khoury. All rights reserved.
4 | *
5 | * @file shared.h
6 | * @author Aidan Khoury (ajkhoury)
7 | * @date 8/30/2018
8 | *
9 | * @brief Shared header between user mode and kernel mode components.
10 | */
11 |
12 | #ifndef _BLACKOUT_SHARED_H_
13 | #define _BLACKOUT_SHARED_H_
14 | #if defined(_MSC_VER)
15 | #pragma once
16 | #endif
17 |
18 | #include
19 |
20 | #if (_MSC_VER > 1000)
21 | #pragma warning(push)
22 | #pragma warning(disable:4214) // bit field types other than int
23 | #pragma warning(disable:4201) // nameless struct/union
24 | #endif
25 |
26 | //
27 | // Driver Version
28 | //
29 |
30 | #ifndef BO_DRIVER_VERSION
31 | #define BO_DRIVER_VERSION L"Development v1.0"
32 | #endif // OD_DRIVER_VERSION
33 |
34 | //
35 | // Driver and device names
36 | // It is important to change the names of the binaries
37 | // in the sample code to be unique for your own use.
38 | //
39 |
40 | #define BO_DRIVER_NAME L"BlackoutDriver"
41 | #define BO_DRIVER_NAME_WITH_EXT L"BlackoutDriver.sys"
42 | #define BO_TEST_DRIVER_NAME L"BlackoutDriverTest"
43 | #define BO_TEST_DRIVER_NAME_WITH_EXT L"BlackoutDriverTest.sys"
44 | #define BO_SERVICE_NAME L"BlackoutService"
45 | #define BO_SERVICE_NAME_WITH_EXT L"BlackoutService.exe"
46 |
47 | #define BO_NT_DEVICE_NAME L"\\Device\\BlackoutDriver"
48 | #define BO_DOS_DEVICE_NAME L"\\DosDevices\\BlackoutDriver"
49 | #define BO_WIN32_DEVICE_NAME L"\\\\.\\BlackoutDriver"
50 |
51 | //
52 | // MAXIMUM_FILENAME_LENGTH is only defined in wdm.h
53 | //
54 | // Define our own equivalent definition for use in usermode.
55 | //
56 |
57 | #define BO_MAXIMUM_FILENAME_LENGTH 256
58 | #if defined(_WDM_)
59 | C_ASSERT(BO_MAXIMUM_FILENAME_LENGTH == MAXIMUM_FILENAME_LENGTH);
60 | #endif
61 |
62 | //
63 | // IOCTLs exposed by the driver.
64 | //
65 | // Function codes 0-2047 are reserved for Microsoft Corporation, and
66 | // 2048-4095 are reserved for vendor. Note that the vendor-assigned
67 | // values set the Custom bit by being in the range of 2048-4095.
68 | //
69 |
70 | #define BO_DEFINE_IOCTL(Function) CTL_CODE( \
71 | FILE_DEVICE_UNKNOWN, \
72 | 0x800 | Function, \
73 | METHOD_BUFFERED, \
74 | FILE_SPECIAL_ACCESS \
75 | )
76 |
77 | #define BO_FUNCTION_GET_VERSION 0
78 | #define BO_FUNCTION_GET_NT_BUILD_LAB 1
79 | #define BO_FUNCTION_SET_TARGET_PATH 2
80 | #define BO_FUNCTION_SET_HOOK_MODULE_DATA 3
81 | #define BO_FUNCTION_SET_HOOK_MODULE_PATH 4
82 | #define BO_FUNCTION_MAX 5
83 |
84 | #define BO_IOCTL_GET_VERSION BO_DEFINE_IOCTL(BO_FUNCTION_GET_VERSION)
85 | #define BO_IOCTL_GET_NT_BUILD_LAB BO_DEFINE_IOCTL(BO_FUNCTION_GET_NT_BUILD_LAB)
86 | #define BO_IOCTL_SET_TARGET_PATH BO_DEFINE_IOCTL(BO_FUNCTION_SET_TARGET_PATH)
87 | #define BO_IOCTL_SET_HOOK_MODULE_DATA BO_DEFINE_IOCTL(BO_FUNCTION_SET_HOOK_MODULE_DATA)
88 | #define BO_IOCTL_SET_HOOK_MODULE_PATH BO_DEFINE_IOCTL(BO_FUNCTION_SET_HOOK_MODULE_PATH)
89 |
90 |
91 | typedef struct _BO_OBJECT_ACCESS_ENTRY {
92 | HANDLE SourceProcessId;
93 | HANDLE TargetProcessId;
94 | BOOLEAN Whitelisted;
95 | ACCESS_MASK AccessMask;
96 | UCHAR AccessObjectType; // 1,2 process, 3,4 thread
97 | USHORT RepeatAttempts;
98 | LARGE_INTEGER RepeatAttemptsTime;
99 | BOOLEAN RedFlagged; // Indicates if this access is flagged for too many repeat attempts.
100 | WCHAR SourceFile[BO_MAXIMUM_FILENAME_LENGTH];
101 | } BO_OBJECT_ACCESS_ENTRY, *POD_OBJECT_ACCESS_ENTRY;
102 |
103 | typedef struct _BO_OBJECT_ACCESS_LIST {
104 | ULONG EntryCount;
105 | BO_OBJECT_ACCESS_ENTRY AccessEntries[ANYSIZE_ARRAY];
106 | } BO_OBJECT_ACCESS_LIST, *PBO_OBJECT_ACCESS_LIST;
107 |
108 |
109 |
110 |
111 |
112 | #if (_MSC_VER > 1000)
113 | #pragma warning(pop)
114 | #endif
115 | #endif // _BLACKOUT_SHARED_H_
--------------------------------------------------------------------------------
/native/eresource.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "rtl.h"
4 |
5 | #if defined(__cplusplus)
6 | extern "C" {
7 | #endif
8 |
9 | //
10 | // The Executive Resource Struct
11 | //
12 |
13 | typedef struct _EXECUTIVE_RESOURCE {
14 | RTL_CRITICAL_SECTION Lock;
15 |
16 | BOOLEAN Initialized;
17 | HANDLE WaitEventHandle;
18 |
19 | volatile ULONG SharedCount;
20 | volatile ULONG StarveExclusiveCount;
21 | volatile ULONG ExclusiveCount;
22 | volatile ULONG SharedWaitersCount;
23 | volatile ULONG ExclusiveWaitersCount;
24 |
25 | RTL_AVL_TABLE LockStateMap;
26 | } EXECUTIVE_RESOURCE, *PEXECUTIVE_RESOURCE;
27 |
28 | //
29 | // Executive Resource routines.
30 | // These routines are intended to behave exactly like the kernel mode routines behave,
31 | // except that they operate at IRQL PASSIVE LEVEL.
32 | //
33 | // So, recursive acquisition is allowed, as long as the acquisition rules are
34 | // followed, i.e. if you have it shared, you can't acquire it exclusive, but if you
35 | // have it exclusive and try to get it shared, your shared acquisition becomes a
36 | // exclusive acquisition.
37 | //
38 | //
39 | // Note: If you do something illegal with the locks, they will throw an exception.
40 | // An exception indicates an illegal lock operation has taken place and cannot
41 | // be recovered from. The exception code 0xC000000X indicates where the exception
42 | // took place.
43 | //
44 | // Exception codes:
45 | //
46 | // 0xE0000001 - IsResourceAcquiredShared - invalid lock state, corruption?
47 | // 0xE0000002 - ReleaseResource - resource not owned by caller
48 | // 0xE0000003 - ConvertExclusiveToShared - resource not owned exclusive
49 | // 0xE0000004 - [NOT USED] ConvertExclusiveToShared - resource owned more than once
50 | // 0xE0000005 - ConvertExclusiveToShared - resource not owned by caller.
51 | // 0xE0000006 - ReleaseResourceForThread - resource not owned by input thread
52 | // 0xE0000007 - DeleteResource - resource still in use.
53 | // 0xE0000008 - AcquireResourceExclusive - already have the lock shared
54 | // 0xE0000009 - Generic Error - Resource not initialized.
55 | // 0xE000000A - OSRInitializeResourceLite - Resource already initialized.
56 | //
57 |
58 | BOOLEAN
59 | WINAPI
60 | AcquireResourceExclusiveLite (
61 | IN OUT PEXECUTIVE_RESOURCE Resource,
62 | IN BOOLEAN Wait
63 | );
64 |
65 | BOOLEAN
66 | WINAPI
67 | AcquireResourceSharedLite (
68 | IN OUT PEXECUTIVE_RESOURCE Resource,
69 | IN BOOLEAN Wait
70 | );
71 |
72 | BOOLEAN
73 | WINAPI
74 | AcquireSharedStarveExclusive(
75 | IN OUT PEXECUTIVE_RESOURCE Resource,
76 | IN BOOLEAN Wait
77 | );
78 |
79 | BOOLEAN
80 | WINAPI
81 | IsResourceAcquiredExclusiveLite (
82 | IN PEXECUTIVE_RESOURCE Resource
83 | );
84 |
85 | BOOLEAN
86 | WINAPI
87 | IsResourceAcquiredSharedLite (
88 | IN PEXECUTIVE_RESOURCE Resource
89 | );
90 |
91 | VOID
92 | WINAPI
93 | ReleaseResourceLite(
94 | IN OUT PEXECUTIVE_RESOURCE Resource
95 | );
96 |
97 | VOID
98 | WINAPI
99 | ConvertExclusiveToSharedLite(
100 | IN OUT PEXECUTIVE_RESOURCE Resource
101 | );
102 |
103 | VOID
104 | WINAPI
105 | ReleaseResourceForThreadLite(
106 | IN OUT PEXECUTIVE_RESOURCE Resource,
107 | IN ULONG ResourceThreadId
108 | );
109 |
110 | ULONG
111 | WINAPI
112 | InitializeResourceLite (
113 | OUT PEXECUTIVE_RESOURCE Resource
114 | );
115 |
116 | ULONG
117 | WINAPI
118 | DeleteResourceLite (
119 | IN OUT PEXECUTIVE_RESOURCE Resource
120 | );
121 |
122 | ULONG
123 | WINAPI
124 | GetCurrentResourceThreadId(
125 | VOID
126 | );
127 |
128 | ULONG
129 | WINAPI
130 | GetSharedWaiterCount(
131 | IN OUT PEXECUTIVE_RESOURCE Resource
132 | );
133 |
134 | ULONG
135 | WINAPI
136 | GetExclusiveWaiterCount(
137 | IN OUT PEXECUTIVE_RESOURCE Resource
138 | );
139 |
140 | #if defined(__cplusplus)
141 | } // extern "C"
142 | #endif
143 |
144 |
--------------------------------------------------------------------------------
/internal/sdkgen/Engine/ObjectsStore.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 |
5 | #include "UE4/GenericTypes.h"
6 |
7 | class ObjectsIterator;
8 |
9 | class ObjectsStore {
10 | public:
11 |
12 | ///
13 | /// Initializes this object.
14 | ///
15 | ///
16 | /// true if it succeeds, false if it fails.
17 | ///
18 | static bool Initialize();
19 |
20 | /// Gets the address of the global objects store.
21 | /// The address of the global objects store.
22 | static void* GetAddress();
23 |
24 | ObjectsIterator begin();
25 |
26 | ObjectsIterator begin() const;
27 |
28 | ObjectsIterator end();
29 |
30 | ObjectsIterator end() const;
31 |
32 | ///
33 | /// Gets the number of available objects.
34 | ///
35 | /// The number of objects.
36 | size_t GetObjectsNum() const;
37 |
38 | ///
39 | /// Gets the object by id.
40 | ///
41 | /// The identifier.
42 | /// The object.
43 | UEObject GetById(size_t id) const;
44 |
45 | ///
46 | /// Searches for the first class with the given name.
47 | ///
48 | /// The name of the class.
49 | /// The found class which is not valid if no class could be found.
50 | UEClass FindClass(const std::string& name) const;
51 |
52 | /// Count objects which have the same name and type.
53 | /// Type of the object.
54 | /// The name to search for.
55 | /// The number of objects which share a name.
56 | template
57 | size_t CountObjects(const std::string& name) const
58 | {
59 | static std::unordered_map cache;
60 |
61 | auto it = cache.find(name);
62 | if (it != std::end(cache)) {
63 | return it->second;
64 | }
65 |
66 | size_t count = 0;
67 | for (auto obj : *this) {
68 | if (obj.IsA() && obj.GetName() == name) {
69 | ++count;
70 | }
71 | }
72 |
73 | cache[name] = count;
74 |
75 | return count;
76 | }
77 | };
78 |
79 | /// Holds information about an object.
80 | struct UEObjectInfo {
81 | /// Zero-based index of the object in the global objects store.
82 | size_t Index;
83 |
84 | /// The object.
85 | UEObject Object;
86 | };
87 |
88 | /// An iterator for objects.
89 | class ObjectsIterator : public std::iterator {
90 | const ObjectsStore& store;
91 | size_t index;
92 | UEObject current;
93 |
94 | public:
95 |
96 | /// Constructor.
97 | /// The store to iterate.
98 | ObjectsIterator(const ObjectsStore& store);
99 |
100 | /// Constructor.
101 | /// The store to iterate.
102 | /// Zero-based start index.
103 | explicit ObjectsIterator(const ObjectsStore& store, size_t index);
104 |
105 | ObjectsIterator(const ObjectsIterator& other);
106 | ObjectsIterator(ObjectsIterator&& other) noexcept;
107 |
108 | ObjectsIterator& operator=(const ObjectsIterator& rhs);
109 |
110 | void swap(ObjectsIterator& other) noexcept;
111 |
112 | ObjectsIterator& operator++();
113 |
114 | ObjectsIterator operator++ (int);
115 |
116 | bool operator==(const ObjectsIterator& rhs) const;
117 |
118 | bool operator!=(const ObjectsIterator& rhs) const;
119 |
120 | UEObject operator*() const;
121 |
122 | UEObject operator->() const;
123 | };
124 |
--------------------------------------------------------------------------------
/contrib/distorm/examples/tests/tests.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 |
14 | {C35D3921-227A-432A-BB5D-90ECEBAB08B2}
15 | Win32Proj
16 | tests
17 |
18 |
19 |
20 | Application
21 | true
22 | Unicode
23 |
24 |
25 | Application
26 | false
27 | true
28 | Unicode
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 | true
42 |
43 |
44 | false
45 |
46 |
47 |
48 |
49 |
50 | Level3
51 | Disabled
52 | WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)
53 |
54 |
55 | Console
56 | true
57 |
58 |
59 |
60 |
61 | Level3
62 |
63 |
64 | MaxSpeed
65 | true
66 | true
67 | WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)
68 |
69 |
70 | Console
71 | true
72 | true
73 | true
74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 |
--------------------------------------------------------------------------------
/driver/driver.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Blackout Driver
3 | * Copyright (c) 2018-2019 Aidan Khoury. All rights reserved.
4 | *
5 | * @file driver.c
6 | * @author Aidan Khoury (ajkhoury)
7 | * @date 9/4/2018
8 | */
9 | #ifndef _BLACKOUT_DRIVER_H_
10 | #define _BLACKOUT_DRIVER_H_
11 | #if defined(_MSC_VER)
12 | #pragma once
13 | #endif
14 |
15 | #include "ntapi.h"
16 | #include "shared.h"
17 |
18 | //
19 | // Define macros for VMP3 virtualization.
20 | //
21 |
22 | #if defined(ENABLE_VMP)
23 | #include
24 | #define VM_START(x) VMProtectBeginVirtualization(x)
25 | #define VM_END() VMProtectEnd()
26 | #else
27 | #define VM_START(x) /* nothing */
28 | #define VM_END() /* nothing */
29 | #endif
30 |
31 |
32 | //
33 | // OD_DBG_BREAK
34 | //
35 | // Sets a break point that works only when a debugger is present.
36 | //
37 |
38 | #if !defined(BO_DBG_BREAK)
39 | #define BO_DBG_BREAK() \
40 | if (KD_DEBUGGER_NOT_PRESENT) { \
41 | } else { \
42 | __debugbreak(); \
43 | } \
44 | (void*)(0)
45 | #endif
46 |
47 | //
48 | // BO_ASSERT
49 | //
50 | // This macro is identical to NT_ASSERT but works in fre builds as well.
51 | //
52 | // It is used for error checking in the driver in cases where
53 | // we can't easily report the error to the user mode app, or the
54 | // error is so severe that we should break in immediately to
55 | // investigate.
56 | //
57 | // It's better than DbgBreakPoint because it provides additional info
58 | // that can be dumped with .exr -1, and individual asserts can be disabled
59 | // from kd using 'ahi' command.
60 | //
61 |
62 | #define BO_ASSERT(_exp) \
63 | ((!(_exp)) ? \
64 | (__annotation(L"Debug", L"AssertFail", L#_exp), \
65 | DbgRaiseAssertionFailure(), FALSE) : \
66 | TRUE)
67 |
68 | //
69 | // Define global runtime data structure.
70 | //
71 |
72 | typedef struct _DRIVER_RUNTIME_DATA {
73 | FAST_MUTEX Lock;
74 | BOOLEAN Initialized;
75 | BOOLEAN SymLinkCreated;
76 | PVOID DriverBase;
77 | SIZE_T DriverSize;
78 | PDRIVER_OBJECT DriverObject;
79 | PDEVICE_OBJECT DeviceObject;
80 | PVOID KernelBase;
81 | SIZE_T KernelSize;
82 | CHAR KernelBuildLab[224];
83 | USHORT KernelBuild;
84 | BOOLEAN IsWindows7;
85 | HANDLE ServiceProcessId;
86 | HANDLE TargetProcessId;
87 | WCHAR TargetProcess[BO_MAXIMUM_FILENAME_LENGTH];
88 | WCHAR HookPath[BO_MAXIMUM_FILENAME_LENGTH];
89 | PVOID EncryptedHookBuffer;
90 | SIZE_T EncryptedHookSize;
91 | HANDLE ManualMapThreadHandle;
92 | NTSTATUS ManualMapResultStatus;
93 | HANDLE HookModule;
94 | } DRIVER_RUNTIME_DATA, *PDRIVER_RUNTIME_DATA;
95 |
96 | //
97 | // Blackout driver global runtime data structure.
98 | //
99 |
100 | extern DRIVER_RUNTIME_DATA BoRuntimeData;
101 |
102 | #define RUNTIME_INIT { \
103 | {0}, /* Lock */ \
104 | FALSE, /* Initialized */ \
105 | FALSE, /* SymLinkCreated */ \
106 | NULL, /* DriverBase */ \
107 | 0, /* DriverSize */ \
108 | NULL, /* DriverObject */ \
109 | NULL, /* DeviceObject */ \
110 | NULL, /* KernelBase */ \
111 | 0, /* KernelSize */ \
112 | {0}, /* KernelBuildLab */ \
113 | 0, /* KernelBuild */ \
114 | FALSE, /* IsWindows7 */ \
115 | NULL, /* ServiceProcessId */ \
116 | NULL, /* TargetProcessId */ \
117 | {0}, /* TargetProcess */ \
118 | {0}, /* HookPath */ \
119 | NULL, /* EncryptedHookBuffer */ \
120 | 0, /* EncryptedHookSize */ \
121 | NULL, /* ManualMapThreadHandle */ \
122 | 0, /* ManualMapResultStatus */ \
123 | NULL, /* HookModule */ \
124 | }
125 |
126 |
127 | #endif // _BLACKOUT_DRIVER_H_
--------------------------------------------------------------------------------
/native/private/nativepool.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "nativecommon.h"
4 |
5 | #ifdef __cplusplus
6 | extern "C" {
7 | #endif // __cplusplus
8 |
9 | ///
10 | /// < Pool Definitions >
11 | ///
12 |
13 | #define POOL_COLD_ALLOCATION 256 // Note this cannot encode into the header.
14 | #define POOL_NX_ALLOCATION 512 // Note this cannot encode into the header.
15 |
16 | #define __IS_ASCII(c) \
17 | (((c) >= 'A' && (c) <= 'z') || \
18 | ((c) >= '0' && (c) <= '9') || \
19 | (c) == ' ' || (c) == '@' || (c) == '_' || (c) == '?')
20 |
21 | #define IsPoolTagValid(PoolTag) \
22 | (__IS_ASCII( ((PoolTag) >> 24) & 0xFF ) && __IS_ASCII( ((PoolTag) >> 16) & 0xFF ) && \
23 | __IS_ASCII( ((PoolTag) >> 8) & 0xFF ) && __IS_ASCII( ((PoolTag) >> 0) & 0xFF ))
24 |
25 |
26 | ///
27 | /// < Pool Enums >
28 | ///
29 |
30 | //
31 | // Pool Allocation routines (in pool.c)
32 | //
33 | typedef enum _POOL_TYPE {
34 | NonPagedPool,
35 | NonPagedPoolExecute = NonPagedPool,
36 | PagedPool,
37 | NonPagedPoolMustSucceed = NonPagedPool + 2,
38 | DontUseThisType,
39 | NonPagedPoolCacheAligned = NonPagedPool + 4,
40 | PagedPoolCacheAligned,
41 | NonPagedPoolCacheAlignedMustS = NonPagedPool + 6,
42 | MaxPoolType,
43 |
44 | //
45 | // Define base types for NonPaged (versus Paged) pool, for use in cracking
46 | // the underlying pool type.
47 | //
48 | NonPagedPoolBase = 0,
49 | NonPagedPoolBaseMustSucceed = NonPagedPoolBase + 2,
50 | NonPagedPoolBaseCacheAligned = NonPagedPoolBase + 4,
51 | NonPagedPoolBaseCacheAlignedMustS = NonPagedPoolBase + 6,
52 |
53 | //
54 | // Note these per session types are carefully chosen so that the appropriate
55 | // masking still applies as well as MaxPoolType above.
56 | //
57 | NonPagedPoolSession = 32,
58 | PagedPoolSession = NonPagedPoolSession + 1,
59 | NonPagedPoolMustSucceedSession = PagedPoolSession + 1,
60 | DontUseThisTypeSession = NonPagedPoolMustSucceedSession + 1,
61 | NonPagedPoolCacheAlignedSession = DontUseThisTypeSession + 1,
62 | PagedPoolCacheAlignedSession = NonPagedPoolCacheAlignedSession + 1,
63 | NonPagedPoolCacheAlignedMustSSession = PagedPoolCacheAlignedSession + 1,
64 |
65 | NonPagedPoolNx = 512,
66 | NonPagedPoolNxCacheAligned = NonPagedPoolNx + 4,
67 | NonPagedPoolSessionNx = NonPagedPoolNx + 32,
68 | } POOL_TYPE;
69 |
70 |
71 |
72 | ///
73 | /// < Pool Structures & Types >
74 | ///
75 |
76 | typedef struct _POOL_HEADER {
77 | union {
78 | struct {
79 | #if defined(_WIN64)
80 | ULONG PreviousSize : 8;
81 | ULONG PoolIndex : 8;
82 | ULONG BlockSize : 8;
83 | ULONG PoolType : 8;
84 | #else
85 | USHORT PreviousSize : 9;
86 | USHORT PoolIndex : 7;
87 | USHORT BlockSize : 9;
88 | USHORT PoolType : 7;
89 | #endif
90 | };
91 | ULONG Ulong1;
92 | };
93 | #if defined (_WIN64)
94 | ULONG PoolTag;
95 | #endif
96 | union {
97 | #if defined (_WIN64)
98 | struct _EPROCESS *ProcessBilled;
99 | #else
100 | ULONG PoolTag;
101 | #endif
102 | struct {
103 | USHORT AllocatorBackTraceIndex;
104 | USHORT PoolTagHash;
105 | };
106 | };
107 | } POOL_HEADER, *PPOOL_HEADER;
108 |
109 | typedef struct _POOL_HEADER64 {
110 | union {
111 | struct {
112 | ULONG PreviousSize : 8;
113 | ULONG PoolIndex : 8;
114 | ULONG BlockSize : 8;
115 | ULONG PoolType : 8;
116 | };
117 | ULONG Ulong1;
118 | };
119 | union {
120 | ULONG PoolTag;
121 | CHAR PoolTagChars[4];
122 | };
123 | union {
124 | ULONGLONG ProcessBilled; // PEPROCESS
125 | struct {
126 | USHORT AllocatorBackTraceIndex;
127 | USHORT PoolTagHash;
128 | };
129 | };
130 | } POOL_HEADER64, *PPOOL_HEADER64;
131 |
132 |
133 | #ifdef __cplusplus
134 | } // extern "C"
135 | #endif // __cplusplus
--------------------------------------------------------------------------------
/internal/sdk/UnrealTypes.cpp:
--------------------------------------------------------------------------------
1 | #include "UnrealTypes.h"
2 | #include "Names.h"
3 | #include "Objects.h"
4 |
5 | DEFINE_STATIC_CLASS(Object);
6 | DEFINE_STATIC_CLASS(Package);
7 | DEFINE_STATIC_CLASS(Field);
8 | DEFINE_STATIC_CLASS(Enum);
9 | DEFINE_STATIC_CLASS(Struct);
10 | DEFINE_STATIC_CLASS(ScriptStruct);
11 | DEFINE_STATIC_CLASS(Function);
12 | DEFINE_STATIC_CLASS(Class);
13 |
14 | #if !defined(ENABLE_SDK)
15 |
16 | int32_t UObject::GetFlags() const
17 | {
18 | return (int32_t)DecryptObjectFlagsAsm(ObjectFlagsEncrypted);
19 | }
20 |
21 | uint32_t UObject::GetUniqueId() const
22 | {
23 | return (uint32_t)DecryptObjectIndexAsm(InternalIndexEncrypted);
24 | }
25 |
26 | UClass const* UObject::GetClass() const
27 | {
28 | return (UClass const*)DecryptObjectClassAsm(ClassEncrypted);
29 | }
30 |
31 | UObject const* UObject::GetOuter() const
32 | {
33 | return (UObject const*)DecryptObjectOuterAsm(OuterEncrypted);
34 | }
35 |
36 | FName UObject::GetFName() const
37 | {
38 | FName Name;
39 | DecryptObjectFNameAsm(NameIndexEncrypted, NameNumberEncrypted, &Name.Index, &Name.Number);
40 | return Name;
41 | }
42 |
43 | UPackage const* UObject::GetOutermost() const
44 | {
45 | UObject const* Top = NULL;
46 | for (UObject const* Outer = GetOuter(); Outer; Outer = Outer->GetOuter()) {
47 | Top = Outer;
48 | }
49 | return static_cast(Top);
50 | }
51 |
52 | std::string UObject::GetName() const
53 | {
54 | std::string NameString;
55 |
56 | FName Name = GetFName();
57 | NameString = NamesProxy().GetById(Name.Index);
58 | if (Name.Number > 0) {
59 | NameString += '_' + std::to_string(Name.Number);
60 | }
61 |
62 | size_t pos = NameString.rfind('/');
63 | if (pos != std::string::npos) {
64 | NameString = NameString.substr(pos + 1);
65 | }
66 |
67 | return NameString;
68 | }
69 |
70 | std::string UObject::GetFullName() const
71 | {
72 | std::string NameString;
73 | UClass const* Class = GetClass();
74 | if (Class) {
75 | std::string Temp;
76 |
77 | UObject const* Outer = GetOuter();
78 | while (Outer) {
79 | Temp = Outer->GetName() + '.' + Temp;
80 | Outer = Outer->GetOuter();
81 | }
82 |
83 | NameString = Class->GetName();
84 | NameString += ' ';
85 | NameString += Temp;
86 | NameString += GetName();
87 | }
88 | return NameString;
89 | }
90 |
91 | std::string UObject::GetNameCPP() const
92 | {
93 | std::string NameString;
94 |
95 | if (IsA()) {
96 |
97 | const UClass* Class = static_cast(this);
98 | while (Class) {
99 |
100 | const std::string ClassName = Class->GetName();
101 | if (ClassName == "Actor") {
102 | NameString += "A";
103 | break;
104 | }
105 | if (ClassName == "Object") {
106 | NameString += "U";
107 | break;
108 | }
109 |
110 | Class = static_cast(Class->GetSuper());
111 | }
112 |
113 | } else {
114 | NameString += "F";
115 | }
116 |
117 | NameString += GetName();
118 | return NameString;
119 | }
120 |
121 | bool UObject::IsA(const UClass* CmpClass) const
122 | {
123 | UClass const* SuperClass = GetClass();
124 | while (SuperClass != nullptr) {
125 | if (SuperClass == CmpClass) {
126 | return true;
127 | }
128 | SuperClass = static_cast(SuperClass->GetSuper());
129 | }
130 | return false;
131 | }
132 |
133 | std::vector UEnum::GetNames() const
134 | {
135 | NamesProxy GlobalNames;
136 | std::vector StringArray;
137 | const TArray>& NamesArray = this->Names;
138 |
139 | for (const TPair& Name : NamesArray) {
140 | int32_t Index = Name.Key.GetIndex();
141 | StringArray.push_back(GlobalNames.GetById(Index));
142 | }
143 |
144 | return StringArray;
145 | }
146 |
147 | #endif // CORE_UOBJECT_CLASSES
--------------------------------------------------------------------------------
/service/main.cpp:
--------------------------------------------------------------------------------
1 | #include
2 | #include
3 | #include
4 | #include
5 |
6 | void help() {
7 | fputs(_XOR_("Usage:\n program start [bin] | stop\n\npress any key to exit..."), stderr);
8 | getchar();
9 | }
10 |
11 | int main(int argc, char **argv)
12 | {
13 | HANDLE SvcHandle;
14 | WCHAR DriverPath[MAX_PATH];
15 | WCHAR BinaryPath[MAX_PATH+2];
16 | int Operation;
17 | int rc;
18 |
19 | rc = LogInitialize(LogPutLevelDebug | LogOptDisableFunctionName,
20 | _XOR_(L"C:\\Users\\Owner\\svclog.txt"));
21 | if (rc != NOERROR) {
22 | return rc;
23 | }
24 |
25 | if (argc < 2) {
26 | LOG_WARN(_XOR_("No arguments supplied"));
27 | help();
28 | rc = -1;
29 | goto Exit;
30 | }
31 |
32 | if (_stricmp(argv[1], _XOR_("start")) == 0) {
33 | Operation = 1;
34 | } else if (_stricmp(argv[1], _XOR_("stop")) == 0) {
35 | Operation = 2;
36 | } else {
37 | LOG_WARN(_XOR_("Invalid argument supplied"));
38 | help();
39 | rc = -1;
40 | goto Exit;
41 | }
42 |
43 | //
44 | // Start operation
45 | //
46 | if (Operation == 1) {
47 |
48 | wcscpy_s(DriverPath, SharedUserData->NtSystemRoot);
49 | wcscat_s(DriverPath, _XOR_(L"\\System32\\drivers\\nvdid.sys"));
50 | wcscpy_s(BinaryPath, L"\"");
51 | wcscat_s(BinaryPath, DriverPath);
52 | wcscat_s(BinaryPath, L"\"");
53 |
54 | if (!SvcCreateService(&SvcHandle,
55 | _XOR_(L"nvdid"),
56 | _XOR_(L"nvdid"),
57 | DriverPath,
58 | SERVICE_ALL_ACCESS,
59 | SERVICE_KERNEL_DRIVER,
60 | SERVICE_DEMAND_START,
61 | SERVICE_ERROR_NORMAL))
62 | {
63 | rc = (int)RtlGetLastWin32Error();
64 | if (rc == ERROR_SERVICE_EXISTS) {
65 |
66 | //
67 | // Since it already exists, try to open a handle to the
68 | // existing service.
69 | //
70 | if (!SvcOpenServiceHandle(&SvcHandle, _XOR_(L"nvdid"), SERVICE_ALL_ACCESS)) {
71 | rc = (int)RtlGetLastWin32Error();
72 | LOG_ERROR(_XOR_("Failed to open service with error %d"), rc);
73 | goto Exit;
74 | }
75 | rc = NOERROR;
76 |
77 | } else {
78 | LOG_ERROR(_XOR_("Failed to create service with error %d"), rc);
79 | goto Exit;
80 | }
81 | }
82 |
83 | if (!SvcStartService(SvcHandle)) {
84 | rc = (int)RtlGetLastWin32Error();
85 | if (rc != ERROR_SERVICE_ALREADY_RUNNING) {
86 | SvcDeleteService(SvcHandle);
87 | LOG_ERROR(_XOR_("Service failed to start with error %d"), rc);
88 | goto Exit;
89 | }
90 | }
91 | }
92 |
93 | //
94 | // Stop operation
95 | //
96 | else {
97 |
98 | if (!SvcOpenServiceHandle(&SvcHandle, _XOR_(L"nvdid"), SERVICE_ALL_ACCESS)) {
99 | rc = (int)RtlGetLastWin32Error();
100 | if (rc != ERROR_SERVICE_DOES_NOT_EXIST) {
101 | LOG_ERROR(_XOR_("Failed to open service with error %d"), rc);
102 | } else {
103 | rc = NOERROR;
104 | }
105 | goto Exit;
106 | }
107 |
108 | if (!SvcStopService(SvcHandle, NULL)) {
109 | rc = (int)RtlGetLastWin32Error();
110 | if (rc != ERROR_SERVICE_NOT_ACTIVE) {
111 | LOG_ERROR(_XOR_("Failed to stop service with error %d"), rc);
112 | } else {
113 | rc = NOERROR;
114 | }
115 | goto Exit;
116 | }
117 |
118 | if (!SvcDeleteService(SvcHandle)) {
119 | rc = (int)RtlGetLastWin32Error();
120 | if (rc != ERROR_SERVICE_MARKED_FOR_DELETE) {
121 | LOG_ERROR(_XOR_("Failed to stop service with error %d"), rc);
122 | goto Exit;
123 | }
124 | }
125 | }
126 |
127 | Exit:
128 | LogDestroy();
129 |
130 | return rc;
131 | }
132 |
133 |
134 |
--------------------------------------------------------------------------------
/native/private/nativeuser.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "nativecommon.h"
4 | #include "nativertl.h"
5 |
6 | #ifdef __cplusplus
7 | extern "C" {
8 | #endif // __cplusplus
9 |
10 |
11 | /**
12 | * Definitions & Macros
13 | */
14 |
15 | #define IS_PTR(p) ((((ULONG_PTR)(p)) & ~USHRT_MAX) != 0)
16 |
17 | /* Unicode->Unicode macros */
18 | #define COPYLPWSTR(pinstr, psz) \
19 | (pinstr)->fAllocated = FALSE; \
20 | (pinstr)->pstr = &(pinstr)->strCapture; \
21 | RtlInitUnicodeString(&(pinstr)->strCapture, (psz));
22 |
23 | #define COPYLPWSTRID(pinstr, psz) \
24 | (pinstr)->fAllocated = FALSE; \
25 | (pinstr)->pstr = &(pinstr)->strCapture; \
26 | if (IS_PTR(psz)) { \
27 | RtlInitUnicodeString(&(pinstr)->strCapture, (psz)); \
28 | } else { \
29 | (pinstr)->strCapture.Length = \
30 | (pinstr)->strCapture.MaximumLength = 0; \
31 | (pinstr)->strCapture.Buffer = (LPWSTR)(psz); \
32 | }
33 |
34 | #define COPYLPWSTRIDOPT COPYLPWSTRID
35 | #define COPYLPWSTROPT COPYLPWSTR
36 |
37 | #define FIRSTCOPYLPWSTR COPYLPWSTR
38 | #define FIRSTCOPYLPWSTRID COPYLPWSTRID
39 | #define FIRSTCOPYLPWSTRIDOPT COPYLPWSTRIDOPT
40 | #define FIRSTCOPYLPWSTROPT COPYLPWSTROPT
41 |
42 | #define CLEANUPLPWSTR(instr)
43 |
44 | /* Type-neutral macros */
45 | #if 1 //UNICODE
46 | #define COPYLPTSTR COPYLPWSTR
47 | #define COPYLPTSTRID COPYLPWSTRID
48 | #define COPYLPTSTRIDOPT COPYLPWSTRIDOPT
49 | #define COPYLPTSTROPT COPYLPWSTROPT
50 | #define FIRSTCOPYLPTSTR COPYLPWSTR
51 | #define FIRSTCOPYLPTSTRID COPYLPWSTRID
52 | #define FIRSTCOPYLPTSTRIDOPT COPYLPWSTRIDOPT
53 | #define CLEANUPLPTSTR CLEANUPLPWSTR
54 | #else
55 | #define COPYLPTSTR COPYLPSTRW
56 | #define COPYLPTSTRID COPYLPSTRIDW
57 | #define COPYLPTSTRIDOPT COPYLPSTRIDOPTW
58 | #define COPYLPTSTROPT COPYLPSTROPTW
59 | #define FIRSTCOPYLPTSTR COPYLPSTRW
60 | #define FIRSTCOPYLPTSTRID COPYLPSTRIDW
61 | #define FIRSTCOPYLPTSTRIDOPT COPYLPSTRIDOPTW
62 | #define CLEANUPLPTSTR CLEANUPLPSTRW
63 | #endif
64 |
65 | /* Use this macro if you don't need to access shared memory. */
66 | #define BEGINCALL() \
67 | { \
68 | ULONG_PTR retval; \
69 | {
70 |
71 | #define BEGINCALLVOID() \
72 | {
73 |
74 | #define ERRORTRAP(error) \
75 | goto cleanup; \
76 | } \
77 | goto errorexit; \
78 | errorexit: \
79 | retval = (ULONG_PTR)error; \
80 | cleanup:
81 |
82 | #define ERRORTRAPVOID() \
83 | goto errorexit; \
84 | errorexit:
85 |
86 | #define ENDCALL(type) \
87 | return (type)retval; \
88 | }
89 |
90 | #define ENDCALLVOID() \
91 | return; \
92 | }
93 |
94 |
95 |
96 | ///
97 | /// < Win32k/User32 Structs & Typedefs >
98 | ///
99 |
100 | /* Typedefs used for capturing string arguments to be passed to the kernel. */
101 | typedef struct _IN_STRING {
102 | UNICODE_STRING strCapture;
103 | PUNICODE_STRING pstr;
104 | BOOL fAllocated;
105 | } IN_STRING, *PIN_STRING;
106 |
107 | typedef LRESULT(CALLBACK* HOOKPROC)(int code, WPARAM wParam, LPARAM lParam);
108 |
109 |
110 | //
111 | // Win32k Routines
112 | //
113 |
114 | typedef HHOOK( NTAPI *tNtUserSetWindowsHookEx )(
115 | IN HINSTANCE Mod,
116 | IN PUNICODE_STRING UnsafeModuleName,
117 | IN DWORD ThreadId,
118 | IN int HookId,
119 | IN HOOKPROC HookProc,
120 | IN BOOL Ansi
121 | );
122 |
123 | typedef BOOL( NTAPI *tNtUserUnhookWindowsHookEx )(
124 | IN HHOOK Hook
125 | );
126 |
127 | typedef LRESULT( NTAPI *tNtUserCallNextHookEx )(
128 | IN int Code,
129 | IN WPARAM wParam,
130 | IN LPARAM lParam,
131 | IN BOOL Ansi
132 | );
133 |
134 | #ifdef __cplusplus
135 | } // extern "C"
136 | #endif // __cplusplus
--------------------------------------------------------------------------------
/utils/xorstr.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 | #include
5 |
6 | namespace {
7 | constexpr int const_atoi(char c) { return c - '0'; }
8 | }
9 |
10 | #ifdef _MSC_VER
11 | #define ALWAYS_INLINE __forceinline
12 | #else
13 | #define ALWAYS_INLINE __attribute__((always_inline))
14 | #endif
15 |
16 | template
17 | class _Basic_XorStr {
18 | using value_type = typename _string_type::value_type;
19 | static constexpr auto _length_minus_one = _length - 1;
20 |
21 | public:
22 | constexpr ALWAYS_INLINE _Basic_XorStr(value_type const (&str)[_length])
23 | : _Basic_XorStr(str, std::make_index_sequence<_length_minus_one>())
24 | {
25 | }
26 |
27 | inline auto get() const
28 | {
29 | decrypt();
30 | return data;
31 | }
32 |
33 | inline auto str() const
34 | {
35 | decrypt();
36 | return _string_type(data, data + _length_minus_one);
37 | }
38 |
39 | inline operator _string_type() const
40 | {
41 | return str();
42 | }
43 |
44 | private:
45 | template
46 | constexpr ALWAYS_INLINE _Basic_XorStr(value_type const (&str)[_length], std::index_sequence)
47 | : data{ crypt(str[indices], indices)..., '\0' }
48 | , encrypted(true)
49 | {
50 | }
51 |
52 | static constexpr auto XOR_KEY = static_cast(
53 | const_atoi(__TIME__[7]) +
54 | const_atoi(__TIME__[6]) * 10 +
55 | const_atoi(__TIME__[4]) * 60 +
56 | const_atoi(__TIME__[3]) * 600 +
57 | const_atoi(__TIME__[1]) * 3600 +
58 | const_atoi(__TIME__[0]) * 36000
59 | );
60 |
61 | static ALWAYS_INLINE constexpr auto crypt(value_type c, size_t i)
62 | {
63 | return static_cast(c ^ (XOR_KEY + i));
64 | }
65 |
66 | inline void decrypt() const
67 | {
68 | if (encrypted) {
69 | for (size_t t = 0; t < _length_minus_one; t++) {
70 | data[t] = crypt(data[t], t);
71 | }
72 | encrypted = false;
73 | }
74 | }
75 |
76 | mutable value_type data[_length];
77 | mutable bool encrypted;
78 | };
79 |
80 | template
81 | using XorStrA = _Basic_XorStr;
82 | template
83 | using XorStrW = _Basic_XorStr;
84 | template
85 | using XorStrU16 = _Basic_XorStr;
86 | template
87 | using XorStrU32 = _Basic_XorStr;
88 |
89 | template
90 | inline auto operator==(const _Basic_XorStr<_string_type, _length> &lhs, const _Basic_XorStr<_string_type, _length2> &rhs)
91 | {
92 | static_assert(_length == _length2, "XorStr== different length");
93 | return _length == _length2 && lhs.str() == rhs.str();
94 | }
95 |
96 | template
97 | inline auto operator==(const _string_type &lhs, const _Basic_XorStr<_string_type, _length> &rhs)
98 | {
99 | return lhs.size() == _length && lhs == rhs.str();
100 | }
101 |
102 | template
103 | inline auto& operator<<(_stream_type &lhs, const _Basic_XorStr<_string_type, _length> &rhs)
104 | {
105 | lhs << rhs.c_str();
106 | return lhs;
107 | }
108 |
109 | template
110 | inline auto operator+(const _Basic_XorStr<_string_type, _length> &lhs, const _Basic_XorStr<_string_type, _length2> &rhs)
111 | {
112 | return lhs.str() + rhs.str();
113 | }
114 |
115 | template
116 | inline auto operator+(const _string_type &lhs, const _Basic_XorStr<_string_type, _length> &rhs)
117 | {
118 | return lhs + rhs.str();
119 | }
120 |
121 | template
122 | constexpr ALWAYS_INLINE auto _xor_(char const (&str)[_length])
123 | {
124 | return XorStrA<_length>(str);
125 | }
126 |
127 | template
128 | constexpr ALWAYS_INLINE auto _xor_(wchar_t const (&str)[_length])
129 | {
130 | return XorStrW<_length>(str);
131 | }
132 |
133 | template
134 | constexpr ALWAYS_INLINE auto _xor_(char16_t const (&str)[_length])
135 | {
136 | return XorStrU16<_length>(str);
137 | }
138 |
139 | template
140 | constexpr ALWAYS_INLINE auto _xor_(char32_t const (&str)[_length])
141 | {
142 | return XorStrU32<_length>(str);
143 | }
144 |
145 | #define _XOR_(s) _xor_(s).get()
146 | #define _XORSTR_(s) _xor_(s).str()
--------------------------------------------------------------------------------
/internal.sln:
--------------------------------------------------------------------------------
1 | Microsoft Visual Studio Solution File, Format Version 12.00
2 | # Visual Studio 15
3 | VisualStudioVersion = 15.0.28010.2003
4 | MinimumVisualStudioVersion = 10.0.40219.1
5 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "internal", "internal\internal.vcxproj", "{EA82D96C-529D-4907-B6DB-1D104695579B}"
6 | ProjectSection(ProjectDependencies) = postProject
7 | {15051CE1-AB10-4239-973D-01B84F2AD0A9} = {15051CE1-AB10-4239-973D-01B84F2AD0A9}
8 | EndProjectSection
9 | EndProject
10 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "distorm", "contrib\distorm\make\win32\cdistorm.vcxproj", "{15051CE1-AB10-4239-973D-01B84F2AD0A9}"
11 | EndProject
12 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "driver", "driver\driver.vcxproj", "{850E3104-6DE2-4FA3-8E53-4CA21A230429}"
13 | EndProject
14 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "service", "service\service.vcxproj", "{1F4BD289-FCED-4310-B884-45597BDB0242}"
15 | ProjectSection(ProjectDependencies) = postProject
16 | {850E3104-6DE2-4FA3-8E53-4CA21A230429} = {850E3104-6DE2-4FA3-8E53-4CA21A230429}
17 | EndProjectSection
18 | EndProject
19 | Global
20 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
21 | clib|x64 = clib|x64
22 | Debug|x64 = Debug|x64
23 | dll|x64 = dll|x64
24 | Release|x64 = Release|x64
25 | Test|x64 = Test|x64
26 | EndGlobalSection
27 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
28 | {EA82D96C-529D-4907-B6DB-1D104695579B}.clib|x64.ActiveCfg = Release|x64
29 | {EA82D96C-529D-4907-B6DB-1D104695579B}.clib|x64.Build.0 = Release|x64
30 | {EA82D96C-529D-4907-B6DB-1D104695579B}.Debug|x64.ActiveCfg = Debug|x64
31 | {EA82D96C-529D-4907-B6DB-1D104695579B}.Debug|x64.Build.0 = Debug|x64
32 | {EA82D96C-529D-4907-B6DB-1D104695579B}.dll|x64.ActiveCfg = Debug|x64
33 | {EA82D96C-529D-4907-B6DB-1D104695579B}.dll|x64.Build.0 = Debug|x64
34 | {EA82D96C-529D-4907-B6DB-1D104695579B}.Release|x64.ActiveCfg = Release|x64
35 | {EA82D96C-529D-4907-B6DB-1D104695579B}.Release|x64.Build.0 = Release|x64
36 | {EA82D96C-529D-4907-B6DB-1D104695579B}.Test|x64.ActiveCfg = Test|x64
37 | {EA82D96C-529D-4907-B6DB-1D104695579B}.Test|x64.Build.0 = Test|x64
38 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.clib|x64.ActiveCfg = Release|x64
39 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.clib|x64.Build.0 = Release|x64
40 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.Debug|x64.ActiveCfg = Debug|x64
41 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.Debug|x64.Build.0 = Debug|x64
42 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.dll|x64.ActiveCfg = Debug|x64
43 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.dll|x64.Build.0 = Debug|x64
44 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.Release|x64.ActiveCfg = Release|x64
45 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.Release|x64.Build.0 = Release|x64
46 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.Test|x64.ActiveCfg = Debug|x64
47 | {15051CE1-AB10-4239-973D-01B84F2AD0A9}.Test|x64.Build.0 = Debug|x64
48 | {850E3104-6DE2-4FA3-8E53-4CA21A230429}.clib|x64.ActiveCfg = Release|x64
49 | {850E3104-6DE2-4FA3-8E53-4CA21A230429}.clib|x64.Build.0 = Release|x64
50 | {850E3104-6DE2-4FA3-8E53-4CA21A230429}.clib|x64.Deploy.0 = Release|x64
51 | {850E3104-6DE2-4FA3-8E53-4CA21A230429}.Debug|x64.ActiveCfg = Debug|x64
52 | {850E3104-6DE2-4FA3-8E53-4CA21A230429}.Debug|x64.Build.0 = Debug|x64
53 | {850E3104-6DE2-4FA3-8E53-4CA21A230429}.dll|x64.ActiveCfg = Debug|x64
54 | {850E3104-6DE2-4FA3-8E53-4CA21A230429}.dll|x64.Build.0 = Debug|x64
55 | {850E3104-6DE2-4FA3-8E53-4CA21A230429}.dll|x64.Deploy.0 = Debug|x64
56 | {850E3104-6DE2-4FA3-8E53-4CA21A230429}.Release|x64.ActiveCfg = Release|x64
57 | {850E3104-6DE2-4FA3-8E53-4CA21A230429}.Test|x64.ActiveCfg = Debug|x64
58 | {850E3104-6DE2-4FA3-8E53-4CA21A230429}.Test|x64.Build.0 = Debug|x64
59 | {1F4BD289-FCED-4310-B884-45597BDB0242}.clib|x64.ActiveCfg = Release|x64
60 | {1F4BD289-FCED-4310-B884-45597BDB0242}.clib|x64.Build.0 = Release|x64
61 | {1F4BD289-FCED-4310-B884-45597BDB0242}.Debug|x64.ActiveCfg = Debug|x64
62 | {1F4BD289-FCED-4310-B884-45597BDB0242}.Debug|x64.Build.0 = Debug|x64
63 | {1F4BD289-FCED-4310-B884-45597BDB0242}.dll|x64.ActiveCfg = Debug|x64
64 | {1F4BD289-FCED-4310-B884-45597BDB0242}.dll|x64.Build.0 = Debug|x64
65 | {1F4BD289-FCED-4310-B884-45597BDB0242}.Release|x64.ActiveCfg = Release|x64
66 | {1F4BD289-FCED-4310-B884-45597BDB0242}.Release|x64.Build.0 = Release|x64
67 | {1F4BD289-FCED-4310-B884-45597BDB0242}.Test|x64.ActiveCfg = Debug|x64
68 | {1F4BD289-FCED-4310-B884-45597BDB0242}.Test|x64.Build.0 = Debug|x64
69 | EndGlobalSection
70 | GlobalSection(SolutionProperties) = preSolution
71 | HideSolutionNode = FALSE
72 | EndGlobalSection
73 | GlobalSection(ExtensibilityGlobals) = postSolution
74 | SolutionGuid = {9446D927-BA40-4F3B-8CDF-4683353F43F7}
75 | EndGlobalSection
76 | EndGlobal
77 |
--------------------------------------------------------------------------------
/internal/sdk/World_decrypt.asm:
--------------------------------------------------------------------------------
1 | .CODE
2 |
3 | ;; unsigned __int64 DecryptWorldAsm(unsigned __int64 WorldEncrypted);
4 | ;PUBLIC DecryptWorldAsm
5 | ;DecryptWorldAsm PROC
6 | ; push rbx
7 | ; push rbp
8 | ; sub rsp, 8
9 | ; mov rbp, rsp
10 | ;
11 | ; mov rax, rcx
12 | ; xor eax, 0e93303bdh
13 | ; ror eax, 16
14 | ; sub eax, 07bfb0bc4h
15 | ; xor eax, 0843303bdh
16 | ; ror eax, 16
17 | ; xor eax, 08404f43ch
18 | ; mov DWORD PTR [rbp],eax
19 | ; mov rax, rcx
20 | ; shr rax, 32
21 | ; xor eax, 04e62c6e8h
22 | ; ror eax, 8
23 | ; sub eax, 07c447c44h
24 | ; xor eax, 0e962c6e8h
25 | ; ror eax, 8
26 | ; xor eax, 07c447c44h
27 | ; mov DWORD PTR [rbp+4], eax
28 | ; mov rax, QWORD PTR [rbp]
29 | ;
30 | ; add rsp, 8
31 | ; pop rbp
32 | ; pop rbx
33 | ; ret
34 | ;DecryptWorldAsm ENDP
35 | ;
36 | ;; unsigned __int64 DecryptCurrentLevelAsm(unsigned __int64 CurrentLevelEncrypted);
37 | ;PUBLIC DecryptCurrentLevelAsm
38 | ;DecryptCurrentLevelAsm PROC
39 | ; push rbx
40 | ; push rbp
41 | ; sub rsp, 8
42 | ; mov rbp, rsp
43 | ;
44 | ; mov rdx, rcx ; RDX = CurrentLevelEncrypted
45 | ; mov eax, edx
46 | ; xor eax, 0B8CCFC42h
47 | ; not eax
48 | ; add eax, 62229AFEh
49 | ; xor eax, 80119943h
50 | ; mov DWORD PTR [rbp], eax
51 | ; shr rdx, 32
52 | ; xor edx, 539D3917h
53 | ; not edx
54 | ; add edx, 613D61BEh
55 | ; xor edx, 0D9A058AAh
56 | ; mov DWORD PTR [rbp+4], edx
57 | ; mov rax, QWORD PTR [rbp]
58 | ;
59 | ; add rsp, 8
60 | ; pop rbp
61 | ; pop rbx
62 | ; ret
63 | ;DecryptCurrentLevelAsm ENDP
64 |
65 | ; unsigned __int64 DecryptPersistentLevelAsm(unsigned __int64 PersistentLevelEncrypted);
66 | PUBLIC DecryptPersistentLevelAsm
67 | DecryptPersistentLevelAsm PROC
68 | push rbx
69 | push rbp
70 | sub rsp, 8
71 | mov rbp, rsp
72 |
73 | mov eax,ecx ; RCX = PersistentLevelEncrypted
74 | mov QWORD PTR [rbp],0
75 | rol eax,8
76 | shr rcx,32
77 | not eax
78 | ror ecx,16
79 | add eax,021017d0fh
80 | not ecx
81 | rol eax,8
82 | xor eax,0defe82f0h
83 | sub ecx,05f515f91h
84 | ror ecx,16
85 | xor ecx,0a0aea06eh
86 | mov DWORD PTR [rbp],eax
87 | mov DWORD PTR [rbp+4],ecx
88 | mov rax,QWORD PTR [rbp]
89 |
90 | add rsp, 8
91 | pop rbp
92 | pop rbx
93 | ret
94 | DecryptPersistentLevelAsm ENDP
95 |
96 | ; unsigned __int64 DecryptActorsAsm(unsigned __int64 ActorsEncrypted);
97 | PUBLIC DecryptActorsAsm
98 | DecryptActorsAsm PROC
99 | push rbx
100 | push rbp
101 | sub rsp, 8
102 | mov rbp, rsp
103 |
104 | mov r8, rcx ; R8 = ActorsEncrypted
105 | mov ecx,r8d
106 | mov QWORD PTR [rbp],0
107 | shr ecx,16
108 | mov r9,r8
109 | movzx eax,cx
110 | shr r9,32
111 | ror ax,8
112 | movzx edx,ax
113 | movzx eax,r8w
114 | xor ecx,eax
115 | shl edx,16
116 | or edx,ecx
117 | add edx,078789808h
118 | mov ecx,edx
119 | shr ecx,16
120 | movzx eax,cx
121 | ror ax,8
122 | movzx r8d,ax
123 | movzx eax,dx
124 | xor ecx,eax
125 | shl r8d,16
126 | or r8d,ecx
127 | mov eax,r9d
128 | shr eax,16
129 | xor r8d,078789808h
130 | xor ax,r9w
131 | mov DWORD PTR [rbp],r8d
132 | rol ax,8
133 | and r9d,0ffff0000h
134 | movzx edx,ax
135 | or edx,r9d
136 | add edx,077077708h
137 | mov eax,edx
138 | shr eax,16
139 | xor ax,dx
140 | and edx,0ffff0000h
141 | rol ax,8
142 | movzx ecx,ax
143 | or ecx,edx
144 | xor ecx,088f888f8h
145 | mov DWORD PTR [rbp+4],ecx
146 | mov rax,QWORD PTR [rbp]
147 |
148 | add rsp, 8
149 | pop rbp
150 | pop rbx
151 | ret
152 | DecryptActorsAsm ENDP
153 |
154 | END
--------------------------------------------------------------------------------
/internal/sdk/Names_decrypt.asm:
--------------------------------------------------------------------------------
1 | .CODE
2 |
3 | ; uint64_t DecryptNamesAsm(uint64_t NamesEncrypted)
4 | PUBLIC DecryptNamesAsm
5 | DecryptNamesAsm PROC
6 | push rbx
7 | push rdi
8 | push rsi
9 | push rbp
10 | sub rsp, 8
11 | mov rbp, rsp
12 |
13 | mov QWORD PTR [rbp],0
14 | mov eax,ecx ; RCX = NamesEncrypted
15 | rol eax,16
16 | add eax,06cec3cd4h
17 | rol eax,16
18 | xor eax,06cec3cd4h
19 | mov DWORD PTR [rbp],eax
20 | shr rcx,32
21 | ror ecx,8
22 | add ecx,06b536b54h
23 | ror ecx,8
24 | xor ecx,094ac94ach
25 | mov DWORD PTR [rbp+4],ecx
26 | mov rax,QWORD PTR [rbp]
27 |
28 | add rsp, 8
29 | pop rbp
30 | pop rsi
31 | pop rdi
32 | pop rbx
33 | ret
34 | DecryptNamesAsm ENDP
35 |
36 | ; uint64_t DecryptNameEntryIndexAsm(uint64_t IndexEncrypted)
37 | PUBLIC DecryptNameEntryIndexAsm
38 | DecryptNameEntryIndexAsm PROC
39 | push r8
40 | push r9
41 | push rdx
42 | push rbx
43 | push rdi
44 | push rsi
45 | push rbp
46 | sub rsp, 8
47 | mov rbp, rsp
48 |
49 | mov r9,rcx ; RCX = IndexEncrypted
50 | shr r9,32
51 | mov QWORD PTR [rbp],0
52 | mov edx,ecx
53 | shr edx,16
54 | movzx eax,cx
55 | xor edx,eax
56 | and ecx,0ffff0000h
57 | or edx,ecx
58 | add edx,04e8e5652h
59 | mov ecx,edx
60 | shr ecx,16
61 | movzx eax,cx
62 | ror ax,8
63 | movzx r8d,ax
64 | shl r8d,16
65 | movzx eax,dx
66 | xor ecx,eax
67 | or r8d,ecx
68 | xor r8d,04e8e5652h
69 | mov DWORD PTR [rbp],r8d
70 | mov edx,r9d
71 | shr edx,16
72 | movzx eax,dx
73 | xor ax,r9w
74 | ror ax,8
75 | movzx ecx,ax
76 | ror dx,8
77 | movzx edx,dx
78 | shl edx,16
79 | or edx,ecx
80 | add edx,04d114d92h
81 | mov eax,edx
82 | shr eax,16
83 | xor ax,dx
84 | ror ax,8
85 | movzx ecx,ax
86 | and edx,0ffff0000h
87 | or ecx,edx
88 | xor ecx,0b2eeb26eh
89 | mov DWORD PTR [rbp+4],ecx
90 | mov rax,QWORD PTR [rbp]
91 |
92 | add rsp, 8
93 | pop rbp
94 | pop rsi
95 | pop rdi
96 | pop rbx
97 | pop rdx
98 | pop r9
99 | pop r8
100 | ret
101 | DecryptNameEntryIndexAsm ENDP
102 |
103 | ; uint64_t DecryptChunksAsm(uint64_t ChunksEncrypted)
104 | PUBLIC DecryptChunksAsm
105 | DecryptChunksAsm PROC
106 | push rbx
107 | push rdi
108 | push rsi
109 | push rbp
110 | sub rsp, 8
111 | mov rbp, rsp
112 |
113 | mov QWORD PTR [rbp],0
114 | lea eax,[rcx-019d971c6h] ; RCX = ChunksEncrypted
115 | xor eax,0e6268e3ah
116 | mov DWORD PTR [rbp],eax
117 | shr rcx,32
118 | sub ecx,01a061a86h
119 | xor ecx,01a061a86h
120 | mov DWORD PTR [rbp+4],ecx
121 | mov rax,QWORD PTR [rbp]
122 |
123 | add rsp, 8
124 | pop rbp
125 | pop rsi
126 | pop rdi
127 | pop rbx
128 | ret
129 | DecryptChunksAsm ENDP
130 |
131 | ; uint64_t DecryptNumElementsAsm(uint64_t NumElementsEncrypted)
132 | PUBLIC DecryptNumElementsAsm
133 | DecryptNumElementsAsm PROC
134 | push rbx
135 | push rdi
136 | push rsi
137 | push rbp
138 | sub rsp, 8
139 | mov rbp, rsp
140 |
141 | mov eax,ecx ; RCX = NumElementsEncrypted
142 | mov QWORD PTR [rbp],0
143 | ror eax,8
144 | add eax,047674b09h
145 | shr rcx,32
146 | ror eax,8
147 | sub ecx,039973957h
148 | xor eax,047674b09h
149 | xor ecx,039973957h
150 | mov DWORD PTR [rbp],eax
151 | mov DWORD PTR [rbp+4],ecx
152 | mov rax,QWORD PTR [rbp]
153 |
154 | add rsp, 8
155 | pop rbp
156 | pop rsi
157 | pop rdi
158 | pop rbx
159 | ret
160 | DecryptNumElementsAsm ENDP
161 |
162 | END
--------------------------------------------------------------------------------