MAKE NEW PROJECT MVSC++ 2008/2010
SDK 2004/SDK JUNE 2010ADE32.h
// ADE32 v2.02c by z0mbie
#ifndef __ADE32_H__
#define __ADE32_H__
#define C_ERROR 0xFFFFFFFF
#define C_ADDR1 0x00000001
#define C_ADDR2 0x00000002
#define C_ADDR4 0x00000004
#define C_LOCK 0x00000008
#define C_67 0x00000010
#define C_66 0x00000020
#define C_REP 0x00000040
#define C_SEG 0x00000080
#define C_ANYPREFIX (C_66+C_67+C_LOCK+C_REP+C_SEG)
#define C_DATA1 0x00000100
#define C_DATA2 0x00000200
#define C_DATA4 0x00000400
#define C_SIB 0x00000800
#define C_ADDR67 0x00001000
#define C_DATA66 0x00002000
#define C_MODRM 0x00004000
#define C_BAD 0x00008000
#define C_OPCODE2 0x00010000
#define C_REL 0x00020000
#define C_STOP 0x00040000
#pragma pack(push)
#pragma pack(1)
struct disasm_struct {
BYTE disasm_defaddr; // 00
BYTE disasm_defdata; // 01
DWORD disasm_len; // 02 03 04 05
DWORD disasm_flag; // 06 07 08 09
DWORD disasm_addrsize; // 0A 0B 0C 0D
DWORD disasm_datasize; // 0E 0F 10 11
BYTE disasm_rep; // 12
BYTE disasm_seg; // 13
BYTE disasm_opcode; // 14
BYTE disasm_opcode2; // 15
BYTE disasm_modrm; // 16
BYTE disasm_sib; // 17
union {
BYTE disasm_addr_b[8]; // 18 19 1A 1B 1C 1D 1E 1F
WORD disasm_addr_w[4];
DWORD disasm_addr_d[2];
char disasm_addr_c[8];
short disasm_addr_s[4];
long disasm_addr_l[2];
};
union {
BYTE disasm_data_b[8]; // 20 21 22 23 24 25 26 27
WORD disasm_data_w[4];
DWORD disasm_data_d[2];
char disasm_data_c[8];
short disasm_data_s[4];
long disasm_data_l[2];
};
}; // disasm_struct
#pragma pack(pop)
int disasm(BYTE* opcode0, disasm_struct* diza);
int oplen(BYTE* opcode);
#endif // __ADE32_H__// ADE32 version 2.02c -- C edition
#define WIN32_LEAN_AND_MEAN
#define WIN32_EXTRA_LEAN
#include <windows.h>
#include "ADE32.h"
DWORD ade32_table[512] = {
/* 00 */ C_MODRM,
/* 01 */ C_MODRM,
/* 02 */ C_MODRM,
/* 03 */ C_MODRM,
/* 04 */ C_DATA1,
/* 05 */ C_DATA66,
/* 06 */ C_BAD,
/* 07 */ C_BAD,
/* 08 */ C_MODRM,
/* 09 */ C_MODRM,
/* 0A */ C_MODRM,
/* 0B */ C_MODRM,
/* 0C */ C_DATA1,
/* 0D */ C_DATA66,
/* 0E */ C_BAD,
/* 0F */ C_OPCODE2,
/* 10 */ C_MODRM+C_BAD,
/* 11 */ C_MODRM,
/* 12 */ C_MODRM+C_BAD,
/* 13 */ C_MODRM,
/* 14 */ C_DATA1+C_BAD,
/* 15 */ C_DATA66+C_BAD,
/* 16 */ C_BAD,
/* 17 */ C_BAD,
/* 18 */ C_MODRM+C_BAD,
/* 19 */ C_MODRM,
/* 1A */ C_MODRM,
/* 1B */ C_MODRM,
/* 1C */ C_DATA1+C_BAD,
/* 1D */ C_DATA66+C_BAD,
/* 1E */ C_BAD,
/* 1F */ C_BAD,
/* 20 */ C_MODRM,
/* 21 */ C_MODRM,
/* 22 */ C_MODRM,
/* 23 */ C_MODRM,
/* 24 */ C_DATA1,
/* 25 */ C_DATA66,
/* 26 */ C_SEG+C_BAD,
/* 27 */ C_BAD,
/* 28 */ C_MODRM,
/* 29 */ C_MODRM,
/* 2A */ C_MODRM,
/* 2B */ C_MODRM,
/* 2C */ C_DATA1,
/* 2D */ C_DATA66,
/* 2E */ C_SEG+C_BAD,
/* 2F */ C_BAD,
/* 30 */ C_MODRM,
/* 31 */ C_MODRM,
/* 32 */ C_MODRM,
/* 33 */ C_MODRM,
/* 34 */ C_DATA1,
/* 35 */ C_DATA66,
/* 36 */ C_SEG+C_BAD,
/* 37 */ C_BAD,
/* 38 */ C_MODRM,
/* 39 */ C_MODRM,
/* 3A */ C_MODRM,
/* 3B */ C_MODRM,
/* 3C */ C_DATA1,
/* 3D */ C_DATA66,
/* 3E */ C_SEG+C_BAD,
/* 3F */ C_BAD,
/* 40 */ 0,
/* 41 */ 0,
/* 42 */ 0,
/* 43 */ 0,
/* 44 */ C_BAD,
/* 45 */ 0,
/* 46 */ 0,
/* 47 */ 0,
/* 48 */ 0,
/* 49 */ 0,
/* 4A */ 0,
/* 4B */ 0,
/* 4C */ C_BAD,
/* 4D */ 0,
/* 4E */ 0,
/* 4F */ 0,
/* 50 */ 0,
/* 51 */ 0,
/* 52 */ 0,
/* 53 */ 0,
/* 54 */ 0,
/* 55 */ 0,
/* 56 */ 0,
/* 57 */ 0,
/* 58 */ 0,
/* 59 */ 0,
/* 5A */ 0,
/* 5B */ 0,
/* 5C */ C_BAD,
/* 5D */ 0,
/* 5E */ 0,
/* 5F */ 0,
/* 60 */ C_BAD,
/* 61 */ C_BAD,
/* 62 */ C_MODRM+C_BAD,
/* 63 */ C_MODRM+C_BAD,
/* 64 */ C_SEG,
/* 65 */ C_SEG+C_BAD,
/* 66 */ C_66,
/* 67 */ C_67,
/* 68 */ C_DATA66,
/* 69 */ C_MODRM+C_DATA66,
/* 6A */ C_DATA1,
/* 6B */ C_MODRM+C_DATA1,
/* 6C */ C_BAD,
/* 6D */ C_BAD,
/* 6E */ C_BAD,
/* 6F */ C_BAD,
/* 70 */ C_DATA1+C_REL+C_BAD,
/* 71 */ C_DATA1+C_REL+C_BAD,
/* 72 */ C_DATA1+C_REL,
/* 73 */ C_DATA1+C_REL,
/* 74 */ C_DATA1+C_REL,
/* 75 */ C_DATA1+C_REL,
/* 76 */ C_DATA1+C_REL,
/* 77 */ C_DATA1+C_REL,
/* 78 */ C_DATA1+C_REL,
/* 79 */ C_DATA1+C_REL,
/* 7A */ C_DATA1+C_REL+C_BAD,
/* 7B */ C_DATA1+C_REL+C_BAD,
/* 7C */ C_DATA1+C_REL,
/* 7D */ C_DATA1+C_REL,
/* 7E */ C_DATA1+C_REL,
/* 7F */ C_DATA1+C_REL,
/* 80 */ C_MODRM+C_DATA1,
/* 81 */ C_MODRM+C_DATA66,
/* 82 */ C_MODRM+C_DATA1+C_BAD,
/* 83 */ C_MODRM+C_DATA1,
/* 84 */ C_MODRM,
/* 85 */ C_MODRM,
/* 86 */ C_MODRM,
/* 87 */ C_MODRM,
/* 88 */ C_MODRM,
/* 89 */ C_MODRM,
/* 8A */ C_MODRM,
/* 8B */ C_MODRM,
/* 8C */ C_MODRM+C_BAD,
/* 8D */ C_MODRM,
/* 8E */ C_MODRM+C_BAD,
/* 8F */ C_MODRM,
/* 90 */ 0,
/* 91 */ 0,
/* 92 */ 0,
/* 93 */ C_BAD,
/* 94 */ C_BAD,
/* 95 */ C_BAD,
/* 96 */ C_BAD,
/* 97 */ C_BAD,
/* 98 */ C_BAD,
/* 99 */ 0,
/* 9A */ C_DATA66+C_DATA2+C_BAD,
/* 9B */ 0,
/* 9C */ C_BAD,
/* 9D */ C_BAD,
/* 9E */ C_BAD,
/* 9F */ C_BAD,
/* A0 */ C_ADDR67,
/* A1 */ C_ADDR67,
/* A2 */ C_ADDR67,
/* A3 */ C_ADDR67,
/* A4 */ 0,
/* A5 */ 0,
/* A6 */ 0,
/* A7 */ 0,
/* A8 */ C_DATA1,
/* A9 */ C_DATA66,
/* AA */ 0,
/* AB */ 0,
/* AC */ 0,
/* AD */ C_BAD,
/* AE */ 0,
/* AF */ C_BAD,
/* B0 */ C_DATA1,
/* B1 */ C_DATA1,
/* B2 */ C_DATA1,
/* B3 */ C_DATA1,
/* B4 */ C_DATA1,
/* B5 */ C_DATA1,
/* B6 */ C_DATA1+C_BAD,
/* B7 */ C_DATA1+C_BAD,
/* B8 */ C_DATA66,
/* B9 */ C_DATA66,
/* BA */ C_DATA66,
/* BB */ C_DATA66,
/* BC */ C_DATA66+C_BAD,
/* BD */ C_DATA66,
/* BE */ C_DATA66,
/* BF */ C_DATA66,
/* C0 */ C_MODRM+C_DATA1,
/* C1 */ C_MODRM+C_DATA1,
/* C2 */ C_DATA2+C_STOP,
/* C3 */ C_STOP,
/* C4 */ C_MODRM+C_BAD,
/* C5 */ C_MODRM+C_BAD,
/* C6 */ C_MODRM+C_DATA1,
/* C7 */ C_MODRM+C_DATA66,
/* C8 */ C_DATA2+C_DATA1,
/* C9 */ 0,
/* CA */ C_DATA2+C_STOP+C_BAD,
/* CB */ C_STOP+C_BAD,
/* CC */ C_BAD,
/* CD */ C_BAD,
/* CE */ C_BAD,
/* CF */ C_STOP+C_BAD,
/* D0 */ C_MODRM,
/* D1 */ C_MODRM,
/* D2 */ C_MODRM,
/* D3 */ C_MODRM,
/* D4 */ C_DATA1+C_BAD,
/* D5 */ C_DATA1+C_BAD,
/* D6 */ C_BAD,
/* D7 */ C_BAD,
/* D8 */ C_MODRM,
/* D9 */ C_MODRM,
/* DA */ C_MODRM,
/* DB */ C_MODRM,
/* DC */ C_MODRM,
/* DD */ C_MODRM,
/* DE */ C_MODRM,
/* DF */ C_MODRM,
/* E0 */ C_DATA1+C_REL+C_BAD,
/* E1 */ C_DATA1+C_REL+C_BAD,
/* E2 */ C_DATA1+C_REL,
/* E3 */ C_DATA1+C_REL,
/* E4 */ C_DATA1+C_BAD,
/* E5 */ C_DATA1+C_BAD,
/* E6 */ C_DATA1+C_BAD,
/* E7 */ C_DATA1+C_BAD,
/* E8 */ C_DATA66+C_REL,
/* E9 */ C_DATA66+C_REL+C_STOP,
/* EA */ C_DATA66+C_DATA2+C_BAD,
/* EB */ C_DATA1+C_REL+C_STOP,
/* EC */ C_BAD,
/* ED */ C_BAD,
/* EE */ C_BAD,
/* EF */ C_BAD,
/* F0 */ C_LOCK+C_BAD,
/* F1 */ C_BAD,
/* F2 */ C_REP,
/* F3 */ C_REP,
/* F4 */ C_BAD,
/* F5 */ C_BAD,
/* F6 */ C_MODRM,
/* F7 */ C_MODRM,
/* F8 */ 0,
/* F9 */ 0,
/* FA */ C_BAD,
/* FB */ C_BAD,
/* FC */ 0,
/* FD */ 0,
/* FE */ C_MODRM,
/* FF */ C_MODRM,
/* 00 */ C_MODRM,
/* 01 */ C_MODRM,
/* 02 */ C_MODRM,
/* 03 */ C_MODRM,
/* 04 */ C_ERROR,
/* 05 */ C_ERROR,
/* 06 */ 0,
/* 07 */ C_ERROR,
/* 08 */ 0,
/* 09 */ 0,
/* 0A */ 0,
/* 0B */ 0,
/* 0C */ C_ERROR,
/* 0D */ C_ERROR,
/* 0E */ C_ERROR,
/* 0F */ C_ERROR,
/* 10 */ C_ERROR,
/* 11 */ C_ERROR,
/* 12 */ C_ERROR,
/* 13 */ C_ERROR,
/* 14 */ C_ERROR,
/* 15 */ C_ERROR,
/* 16 */ C_ERROR,
/* 17 */ C_ERROR,
/* 18 */ C_ERROR,
/* 19 */ C_ERROR,
/* 1A */ C_ERROR,
/* 1B */ C_ERROR,
/* 1C */ C_ERROR,
/* 1D */ C_ERROR,
/* 1E */ C_ERROR,
/* 1F */ C_ERROR,
/* 20 */ C_ERROR,
/* 21 */ C_ERROR,
/* 22 */ C_ERROR,
/* 23 */ C_ERROR,
/* 24 */ C_ERROR,
/* 25 */ C_ERROR,
/* 26 */ C_ERROR,
/* 27 */ C_ERROR,
/* 28 */ C_ERROR,
/* 29 */ C_ERROR,
/* 2A */ C_ERROR,
/* 2B */ C_ERROR,
/* 2C */ C_ERROR,
/* 2D */ C_ERROR,
/* 2E */ C_ERROR,
/* 2F */ C_ERROR,
/* 30 */ C_ERROR,
/* 31 */ C_ERROR,
/* 32 */ C_ERROR,
/* 33 */ C_ERROR,
/* 34 */ C_ERROR,
/* 35 */ C_ERROR,
/* 36 */ C_ERROR,
/* 37 */ C_ERROR,
/* 38 */ C_ERROR,
/* 39 */ C_ERROR,
/* 3A */ C_ERROR,
/* 3B */ C_ERROR,
/* 3C */ C_ERROR,
/* 3D */ C_ERROR,
/* 3E */ C_ERROR,
/* 3F */ C_ERROR,
/* 40 */ C_ERROR,
/* 41 */ C_ERROR,
/* 42 */ C_ERROR,
/* 43 */ C_ERROR,
/* 44 */ C_ERROR,
/* 45 */ C_ERROR,
/* 46 */ C_ERROR,
/* 47 */ C_ERROR,
/* 48 */ C_ERROR,
/* 49 */ C_ERROR,
/* 4A */ C_ERROR,
/* 4B */ C_ERROR,
/* 4C */ C_ERROR,
/* 4D */ C_ERROR,
/* 4E */ C_ERROR,
/* 4F */ C_ERROR,
/* 50 */ C_ERROR,
/* 51 */ C_ERROR,
/* 52 */ C_ERROR,
/* 53 */ C_ERROR,
/* 54 */ C_ERROR,
/* 55 */ C_ERROR,
/* 56 */ C_ERROR,
/* 57 */ C_ERROR,
/* 58 */ C_ERROR,
/* 59 */ C_ERROR,
/* 5A */ C_ERROR,
/* 5B */ C_ERROR,
/* 5C */ C_ERROR,
/* 5D */ C_ERROR,
/* 5E */ C_ERROR,
/* 5F */ C_ERROR,
/* 60 */ C_ERROR,
/* 61 */ C_ERROR,
/* 62 */ C_ERROR,
/* 63 */ C_ERROR,
/* 64 */ C_ERROR,
/* 65 */ C_ERROR,
/* 66 */ C_ERROR,
/* 67 */ C_ERROR,
/* 68 */ C_ERROR,
/* 69 */ C_ERROR,
/* 6A */ C_ERROR,
/* 6B */ C_ERROR,
/* 6C */ C_ERROR,
/* 6D */ C_ERROR,
/* 6E */ C_ERROR,
/* 6F */ C_ERROR,
/* 70 */ C_ERROR,
/* 71 */ C_ERROR,
/* 72 */ C_ERROR,
/* 73 */ C_ERROR,
/* 74 */ C_ERROR,
/* 75 */ C_ERROR,
/* 76 */ C_ERROR,
/* 77 */ C_ERROR,
/* 78 */ C_ERROR,
/* 79 */ C_ERROR,
/* 7A */ C_ERROR,
/* 7B */ C_ERROR,
/* 7C */ C_ERROR,
/* 7D */ C_ERROR,
/* 7E */ C_ERROR,
/* 7F */ C_ERROR,
/* 80 */ C_DATA66+C_REL,
/* 81 */ C_DATA66+C_REL,
/* 82 */ C_DATA66+C_REL,
/* 83 */ C_DATA66+C_REL,
/* 84 */ C_DATA66+C_REL,
/* 85 */ C_DATA66+C_REL,
/* 86 */ C_DATA66+C_REL,
/* 87 */ C_DATA66+C_REL,
/* 88 */ C_DATA66+C_REL,
/* 89 */ C_DATA66+C_REL,
/* 8A */ C_DATA66+C_REL,
/* 8B */ C_DATA66+C_REL,
/* 8C */ C_DATA66+C_REL,
/* 8D */ C_DATA66+C_REL,
/* 8E */ C_DATA66+C_REL,
/* 8F */ C_DATA66+C_REL,
/* 90 */ C_MODRM,
/* 91 */ C_MODRM,
/* 92 */ C_MODRM,
/* 93 */ C_MODRM,
/* 94 */ C_MODRM,
/* 95 */ C_MODRM,
/* 96 */ C_MODRM,
/* 97 */ C_MODRM,
/* 98 */ C_MODRM,
/* 99 */ C_MODRM,
/* 9A */ C_MODRM,
/* 9B */ C_MODRM,
/* 9C */ C_MODRM,
/* 9D */ C_MODRM,
/* 9E */ C_MODRM,
/* 9F */ C_MODRM,
/* A0 */ 0,
/* A1 */ 0,
/* A2 */ 0,
/* A3 */ C_MODRM,
/* A4 */ C_MODRM+C_DATA1,
/* A5 */ C_MODRM,
/* A6 */ C_ERROR,
/* A7 */ C_ERROR,
/* A8 */ 0,
/* A9 */ 0,
/* AA */ 0,
/* AB */ C_MODRM,
/* AC */ C_MODRM+C_DATA1,
/* AD */ C_MODRM,
/* AE */ C_ERROR,
/* AF */ C_MODRM,
/* B0 */ C_MODRM,
/* B1 */ C_MODRM,
/* B2 */ C_MODRM,
/* B3 */ C_MODRM,
/* B4 */ C_MODRM,
/* B5 */ C_MODRM,
/* B6 */ C_MODRM,
/* B7 */ C_MODRM,
/* B8 */ C_ERROR,
/* B9 */ C_ERROR,
/* BA */ C_MODRM+C_DATA1,
/* BB */ C_MODRM,
/* BC */ C_MODRM,
/* BD */ C_MODRM,
/* BE */ C_MODRM,
/* BF */ C_MODRM,
/* C0 */ C_MODRM,
/* C1 */ C_MODRM,
/* C2 */ C_ERROR,
/* C3 */ C_ERROR,
/* C4 */ C_ERROR,
/* C5 */ C_ERROR,
/* C6 */ C_ERROR,
/* C7 */ C_ERROR,
/* C8 */ 0,
/* C9 */ 0,
/* CA */ 0,
/* CB */ 0,
/* CC */ 0,
/* CD */ C_DATA1,
/* CE */ 0,
/* CF */ 0,
/* D0 */ C_ERROR,
/* D1 */ C_ERROR,
/* D2 */ C_ERROR,
/* D3 */ C_ERROR,
/* D4 */ C_ERROR,
/* D5 */ C_ERROR,
/* D6 */ C_ERROR,
/* D7 */ C_ERROR,
/* D8 */ C_ERROR,
/* D9 */ C_ERROR,
/* DA */ C_ERROR,
/* DB */ C_ERROR,
/* DC */ C_ERROR,
/* DD */ C_ERROR,
/* DE */ C_ERROR,
/* DF */ C_ERROR,
/* E0 */ C_ERROR,
/* E1 */ C_ERROR,
/* E2 */ C_ERROR,
/* E3 */ C_ERROR,
/* E4 */ C_ERROR,
/* E5 */ C_ERROR,
/* E6 */ C_ERROR,
/* E7 */ C_ERROR,
/* E8 */ C_ERROR,
/* E9 */ C_ERROR,
/* EA */ C_ERROR,
/* EB */ C_ERROR,
/* EC */ C_ERROR,
/* ED */ C_ERROR,
/* EE */ C_ERROR,
/* EF */ C_ERROR,
/* F0 */ C_ERROR,
/* F1 */ C_ERROR,
/* F2 */ C_ERROR,
/* F3 */ C_ERROR,
/* F4 */ C_ERROR,
/* F5 */ C_ERROR,
/* F6 */ C_ERROR,
/* F7 */ C_ERROR,
/* F8 */ C_ERROR,
/* F9 */ C_ERROR,
/* FA */ C_ERROR,
/* FB */ C_ERROR,
/* FC */ C_ERROR,
/* FD */ C_ERROR,
/* FE */ C_ERROR,
/* FF */ C_ERROR
}; // ade32_table[]
int disasm(BYTE* opcode0, disasm_struct* diza){
BYTE* opcode = opcode0;
memset(diza, 0x00, sizeof(disasm_struct));
diza->disasm_defdata = 4;
diza->disasm_defaddr = 4;
if(*(WORD*)opcode == 0x0000)
return 0;
if(*(WORD*)opcode == 0xFFFF)
return 0;
DWORD flag = 0;
repeat_prefix:
BYTE c = *opcode++;
DWORD t = ade32_table[ c ];
if(t & C_ANYPREFIX){
if(flag & t)
return 0;
flag |= t;
if(t & C_67)
diza->disasm_defaddr ^= 2^4;
else if(t & C_66)
diza->disasm_defdata ^= 2^4;
else if(t & C_SEG)
diza->disasm_seg = c;
else if(t & C_REP)
diza->disasm_rep = c;
// LOCK
goto repeat_prefix;
} // C_ANYPREFIX
flag |= t;
diza->disasm_opcode = c;
if(c == 0x0F){
c = *opcode++;
diza->disasm_opcode2 = c;
flag |= ade32_table[256+c]; // 2nd flagtable half
if(flag == C_ERROR)
return 0;
}else if(c == 0xF7){
if(((*opcode) & 0x38) == 0)
flag |= C_DATA66;
}else if(c == 0xF6){
if(((*opcode) & 0x38) == 0)
flag |= C_DATA1;
}else if(c == 0xCD){
if(*opcode == 0x20)
flag |= C_DATA4;
}
if(flag & C_MODRM){
c = *opcode++;
diza->disasm_modrm = c;
if(((c & 0x38) == 0x20) && (diza->disasm_opcode == 0xFF))
flag |= C_STOP;
BYTE mod = c & 0xC0;
BYTE rm = c & 0x07;
if(mod != 0xC0){
if(diza->disasm_defaddr == 4){
if(rm == 4){
flag |= C_SIB;
c = *opcode++;
diza->disasm_sib = c;
rm = c & 0x07;
}
if(mod == 0x40)
flag |= C_ADDR1;
else if(mod == 0x80)
flag |= C_ADDR4;
else if (rm == 5)
flag |= C_ADDR4;
}else{ // MODRM 16-bit
if(mod == 0x40)
flag |= C_ADDR1;
else if(mod == 0x80)
flag |= C_ADDR2;
else if(rm == 6)
flag |= C_ADDR2;
}
}
} // C_MODRM
diza->disasm_flag = flag;
DWORD a = flag & (C_ADDR1 | C_ADDR2 | C_ADDR4);
DWORD d = (flag & (C_DATA1 | C_DATA2 | C_DATA4)) >> 8;
if(flag & C_ADDR67)
a += diza->disasm_defaddr;
if(flag & C_DATA66)
d += diza->disasm_defdata;
diza->disasm_addrsize = a;
diza->disasm_datasize = d;
DWORD i;
for(i = 0; i < a; i++)
diza->disasm_addr_b[i] = *opcode++;
for(i = 0; i < d; i++)
diza->disasm_data_b[i] = *opcode++;
diza->disasm_len = opcode - opcode0;
return diza->disasm_len;
} // disasm()
int oplen(BYTE *opcode){
disasm_struct diza;
memset(&diza,0,sizeof(diza));
disasm((BYTE*)opcode,&diza);
if((diza.disasm_flag == C_ERROR) || ((diza.disasm_flag&C_STOP) == C_STOP) || ((diza.disasm_flag&C_REL)==C_REL) || ((diza.disasm_flag&C_BAD)==C_BAD))
return -1;
return diza.disasm_len;
}cDetour.h
#ifndef _CDETOURS_H
#define _CDETOURS_H
#include <windows.h>
class cDetours
{
public:
DWORD CreateJMP_EAX( DWORD SrcVA, DWORD DstVA, DWORD Size );
DWORD CreateJMP_REL( DWORD SrcVA, DWORD DstVA, DWORD Size );
void * CreateJMP(BYTE *org, CONST BYTE *det, INT len);
LPVOID CreateJZ(LPVOID lpFuncOrig, LPVOID lpFuncDetour);
void *memcpy_s( void* pvAddress, const void* pvBuffer, size_t stLen );
private:
INT GetDetourLenAuto(PBYTE &pbFuncOrig,INT minDetLen);
};
#endifcDetour.cpp
#include <windows.h>
#include <stdio.h>
#include <malloc.h>
#include "ADE32.h"
#include "ADE32.h"
#include "cDetour.h"
void * cDetours::CreateJMP(BYTE *org, const BYTE *det, int len)
{
BYTE *jmp = (BYTE*)malloc(len+5);
DWORD dwBack;
if(len != 0 && len < 5)
return 0;
if(!len)
{
int tmpLen = 0;
BYTE *pCurOp = org;
while(tmpLen < 5) {
int i = oplen(pCurOp);
if(i == 0 || i == -1)
return 0;
tmpLen += i;
pCurOp += i;
}
if(tmpLen < 5)
return 0;
len = tmpLen;
}
VirtualProtect(org, len, PAGE_READWRITE, &dwBack);
memcpy(jmp, org, len);
jmp += len;
jmp[0] = 0xE9;
*(DWORD*)(jmp+1) = (DWORD)(org+len - jmp) - 5;
org[0] = 0xE9;
*(DWORD*)(org+1) = (DWORD)(det - org) - 5;
for(int i=5; i < len; i++)
org[i] = 0x90;
VirtualProtect(org, len, dwBack, &dwBack);
Sleep(2);
return (jmp-len);
}
INT cDetours::GetDetourLenAuto(PBYTE &pbFuncOrig,INT minDetLen)
{
INT len = 0;
PBYTE pbCurOp = pbFuncOrig;
while(len < minDetLen)
{
int i = oplen(pbCurOp);
if(i == 0 || i == -1)
return 0;
if(len > 64)
return 0;
len += i;
pbCurOp += i;
}
return len;
}
LPVOID cDetours::CreateJZ(LPVOID lpFuncOrig, LPVOID lpFuncDetour)
{
LPVOID lpMallocPtr = NULL;
PBYTE pbMallocPtr = NULL;
PBYTE pbFuncOrig = (PBYTE)lpFuncOrig;
PBYTE pbFuncDetour = (PBYTE)lpFuncDetour;
PBYTE pbPatchBuf = NULL;
INT detLen = GetDetourLenAuto(pbFuncOrig,10);
if((lpMallocPtr = (LPVOID)GlobalAlloc(GPTR,detLen + 5 + 3 )) == NULL)
return NULL;
pbMallocPtr = (PBYTE)lpMallocPtr;
DWORD lpfnOldProtect = NULL,lpNewProtect = PAGE_READWRITE;
VirtualProtect(lpFuncOrig, detLen,lpNewProtect,&lpfnOldProtect);
memcpy(lpMallocPtr, lpFuncOrig, detLen);
pbMallocPtr += detLen;
pbMallocPtr[0] = 0xE9;
*(DWORD*)(pbMallocPtr+1) = (DWORD)((pbFuncOrig+detLen)-pbMallocPtr) - 5;
pbMallocPtr += 0x05;
pbMallocPtr[0] = 0xCC;
pbMallocPtr[1] = 0x90;
pbMallocPtr[2] = 0xC3;
pbPatchBuf = (BYTE *)GlobalAlloc(GPTR,detLen);
memset(pbPatchBuf, 0x90, detLen);
pbPatchBuf[0] = 0x33;
pbPatchBuf[1] = 0xC0;
pbPatchBuf[2] = 0x85;
pbPatchBuf[3] = 0xC0;
pbPatchBuf[4] = 0x0F;
pbPatchBuf[5] = 0x84;
*(DWORD*)&pbPatchBuf[6] = (DWORD)(pbFuncDetour - pbFuncOrig) - 10;
int i;
for(i = 0; i < detLen; i++)
pbFuncOrig[i] = pbPatchBuf[i];
GlobalFree(pbPatchBuf);
VirtualProtect(lpFuncOrig, detLen,lpfnOldProtect,&lpNewProtect);
return lpMallocPtr;
}
DWORD cDetours::CreateJMP_EAX( DWORD SrcVA, DWORD DstVA, DWORD Size )
{
DWORD DetourVA, dwProtect, i;
#define SIZEOF_MOVEAX_JMPEAX 7
if ( SrcVA && DstVA && Size >= SIZEOF_MOVEAX_JMPEAX )
{
DetourVA = (DWORD) VirtualAlloc(
NULL, Size + SIZEOF_MOVEAX_JMPEAX,
MEM_COMMIT, PAGE_EXECUTE_READWRITE );
if ( DetourVA && VirtualProtect( (VOID*)SrcVA, Size, PAGE_EXECUTE_READWRITE, &dwProtect ) )
{
for ( i=0; i < Size; i++ ) {
*(BYTE*)( DetourVA + i ) = *(BYTE*)( SrcVA + i );
}
*(BYTE*)( DetourVA + Size + 0 ) = 0xB8;
*(DWORD*)( DetourVA + Size + 1 ) = ( SrcVA + Size );
*(WORD*)( DetourVA + Size + 5 ) = 0xE0FF;
*(BYTE*)( SrcVA + 0 ) = 0xB8;
*(DWORD*)( SrcVA + 1 ) = ( DstVA );
*(WORD*)( SrcVA + 5 ) = 0xE0FF;
VirtualProtect( (VOID*)SrcVA, Size, dwProtect, &dwProtect );
VirtualProtect( (VOID*)DetourVA, Size +
SIZEOF_MOVEAX_JMPEAX, PAGE_EXECUTE_READ, &dwProtect );
return DetourVA;
}
}
return (0);
}
void* cDetours::memcpy_s( void* pvAddress, const void* pvBuffer, size_t stLen )
{
MEMORY_BASIC_INFORMATION mbi;
VirtualQuery( ( void* )pvAddress, &mbi, sizeof( mbi ) );
VirtualProtect( mbi.BaseAddress, mbi.RegionSize, PAGE_EXECUTE_READWRITE, &mbi.Protect );
void* pvRetn = memcpy( ( void* )pvAddress, ( void* )pvBuffer, stLen );
VirtualProtect( mbi.BaseAddress, mbi.RegionSize, mbi.Protect, &mbi.Protect );
FlushInstructionCache( GetCurrentProcess( ), ( void* )pvAddress, stLen );
return pvRetn;
}
DWORD cDetours::CreateJMP_REL( DWORD SrcVA, DWORD DstVA, DWORD Size )
{
DWORD DetourVA, dwProtect, i;
#define SIZEOF_JMP_REL 5
if ( SrcVA && DstVA && Size >= SIZEOF_JMP_REL )
{
DetourVA = (DWORD) VirtualAlloc(
NULL, Size + SIZEOF_JMP_REL,
MEM_COMMIT, PAGE_EXECUTE_READWRITE );
if ( DetourVA && VirtualProtect( (VOID*)SrcVA, Size, PAGE_EXECUTE_READWRITE, &dwProtect ) )
{
for ( i=0; i < Size; i++ ) {
*(BYTE*)( DetourVA + i ) = *(BYTE*)( SrcVA + i );
}
*(BYTE*)( DetourVA + Size + 0 ) = 0xE9;
*(DWORD*)( DetourVA + Size + 1 ) = ( SrcVA - DetourVA - SIZEOF_JMP_REL );
*(BYTE*)( SrcVA + 0 ) = 0xE9;
*(DWORD*)( SrcVA + 1 ) = ( DstVA - SrcVA - SIZEOF_JMP_REL );
VirtualProtect( (VOID*)SrcVA, Size, dwProtect, &dwProtect );
VirtualProtect( (VOID*)DetourVA, Size +
SIZEOF_JMP_REL, PAGE_EXECUTE_READ, &dwProtect );
return DetourVA;
}
}
return (0);
}Main.cpp
//-----------------------------------------------------------------------------------------------------------------------------------
/****************************************************************
Coded by: JoshRose
Type: D3D VTable Base Hook
Credits: Strife, R4z8r, Zoomgod, Roverturbo and MSDN. Thanks all
for helping me when i got stuck.
****************************************************************/
//----------------------------------------------------------------------------------------------------------------------------------
#include <windows.h>
//----------------------------------------------------------------------------------------------------------------------------------
#include "Main.h"
//-----------------------------------------------------------------------------------------------------------------------------------
#include <mmsystem.h>
#pragma comment(lib, "winmm.lib")
//-----------------------------------------------------------------------------------------------------------------------------------
#include <stdio.h>
//-----------------------------------------------------------------------------------------------------------------------------------
#include <fstream>
//-----------------------------------------------------------------------------------------------------------------------------------
#include "detours.h"
#pragma comment(lib,"detours.lib")
//-----------------------------------------------------------------------------------------------------------------------------------
#include <d3d9.h>
#include <d3dx9.h>
#pragma comment(lib, "d3d9.lib")
#pragma comment(lib, "d3dx9.lib")
//-----------------------------------------------------------------------------------------------------------------------------------
using namespace std;
LPDIRECT3DTEXTURE9 texGreen;
LPDIRECT3DTEXTURE9 texYellow;
LPDIRECT3DTEXTURE9 texRed;
LPDIRECT3DTEXTURE9 texBlue;
LPDIRECT3DTEXTURE9 texPurple;
//LPDIRECT3DTEXTURE9 texPRIM; //front color
//LPDIRECT3DTEXTURE9 texSEC; //behind wall color
LPDIRECT3DTEXTURE9 texPink;
LPDIRECT3DTEXTURE9 texOrange;
LPDIRECT3DTEXTURE9 texBlack;
bool Colors=true;
int m_Stride;
HRESULT GenerateTexture(IDirect3DDevice9 *m_pD3Ddev, IDirect3DTexture9 **ppD3Dtex, DWORD colour32)
{
if( FAILED(m_pD3Ddev->CreateTexture(8, 8, 1, 0, D3DFMT_A4R4G4B4, D3DPOOL_MANAGED, ppD3Dtex, NULL)) )
return E_FAIL;
WORD colour16 = ((WORD)((colour32>>28)&0xF)<<12)
|(WORD)(((colour32>>20)&0xF)<<8)
|(WORD)(((colour32>>12)&0xF)<<4)
|(WORD)(((colour32>>4)&0xF)<<0);
D3DLOCKED_RECT d3dlr;
(*ppD3Dtex)->LockRect(0, &d3dlr, 0, 0);
WORD *pDst16 = (WORD*)d3dlr.pBits;
for(int xy=0; xy < 8*8; xy++)
*pDst16++ = colour16;
(*ppD3Dtex)->UnlockRect(0);
return S_OK;
}
//---------------------------------------------------------------------------------------------------------------------------------
#define HOOK(func,addy) o##func = (t##func)cDetour->CreateJMP_EAX((DWORD)addy,(DWORD)hk##func, 7)
#define UNHOOK(func,addy) o##func = (t##func)cDetour->CreateJMP_EAX((DWORD)addy,(DWORD)o##func, 7)
//---------------------------------------------------------------------------------------------------------------------------------
#define ES 0 //EndScene
#define DIP 1 //DrawIndexedPrimitive
#define RES 2 //Reset
//---------------------------------------------------------------------------------------------------------------------------------
LPDIRECT3DDEVICE9 npDevice; //pDevice is stored here so we can hook through the VTable
//---------------------------------------------------------------------------------------------------------------------------------
LPD3DXFONT g_pFont = NULL; //D3D Font
LPD3DXLINE g_pLine = NULL; //D3D Line
D3DVIEWPORT9 g_ViewPort; //ViewPort
//---------------------------------------------------------------------------------------------------------------------------------
LPDIRECT3DVERTEXBUFFER9 Stream_Data;
UINT Offset = 0;
UINT Stride = 0;
//---------------------------------------------------------------------------------------------------------------------------------
ofstream myfile; //Used for logging to a text file
//---------------------------------------------------------------------------------------------------------------------------------
typedef HRESULT (WINAPI* tEndScene)(LPDIRECT3DDEVICE9 pDevice);
tEndScene oEndScene = NULL;
typedef HRESULT (WINAPI* tDrawIndexedPrimitive)(LPDIRECT3DDEVICE9 pDevice, D3DPRIMITIVETYPE PrimType,INT BaseVertexIndex,UINT MinVertexIndex,UINT NumVertices,UINT startIndex,UINT primCount);
tDrawIndexedPrimitive oDrawIndexedPrimitive = NULL;
typedef HRESULT(WINAPI* tReset)(LPDIRECT3DDEVICE9 pDevice, D3DPRESENT_PARAMETERS* pPresentationParameters);
tReset oReset = NULL;
//---------------------------------------------------------------------------------------------------------------------------------
PBYTE HookVTableFunction( PDWORD* dwVTable, PBYTE dwHook, INT Index )
{
DWORD dwOld = 0;
VirtualProtect((void*)((*dwVTable) + (Index*4) ), 4, PAGE_EXECUTE_READWRITE, &dwOld);
PBYTE pOrig = ((PBYTE)(*dwVTable)[Index]);
(*dwVTable)[Index] = (DWORD)dwHook;
VirtualProtect((void*)((*dwVTable) + (Index*4)), 4, dwOld, &dwOld);
return pOrig;
}
//-----------------------------------------------------------------------------------------------------------------------------------
HRESULT WINAPI hkEndScene(LPDIRECT3DDEVICE9 pDevice)
{
while(!npDevice) {
npDevice = pDevice;
}
if(g_pFont == NULL) D3DXCreateFont(pDevice, 15, 0, FW_BOLD, 1, 0, DEFAULT_CHARSET, OUT_DEFAULT_PRECIS, ANTIALIASED_QUALITY, DEFAULT_PITCH | FF_DONTCARE, "Verdana", &g_pFont); //Create fonts
if(g_pLine == NULL) D3DXCreateLine(pDevice, &g_pLine); //Create lines
pDevice->GetViewport(&g_ViewPort);
if(Colors)
{
GenerateTexture(pDevice, &texGreen,D3DCOLOR_ARGB(255,0,255,0));
GenerateTexture(pDevice, &texYellow,D3DCOLOR_ARGB(255,255,255,0));
GenerateTexture(pDevice, &texRed, D3DCOLOR_ARGB(255,255,0,0));
GenerateTexture(pDevice, &texBlue, D3DCOLOR_ARGB(255,0,0,255));
GenerateTexture(pDevice, &texPurple, D3DCOLOR_ARGB(255,160,0,255));
GenerateTexture(pDevice, &texPink, D3DCOLOR_ARGB(255,255,192,203));
GenerateTexture(pDevice, &texOrange, D3DCOLOR_ARGB(255,255,160,0));
GenerateTexture(pDevice, &texBlack, D3DCOLOR_ARGB(255, 0, 0, 0));
Colors=false;
}
return oEndScene(pDevice);
}
//---------------------------------------------------------------------------------------------------------------------------------
HRESULT WINAPI hkDrawIndexedPrimitive(LPDIRECT3DDEVICE9 pDevice, D3DPRIMITIVETYPE PrimType,INT BaseVertexIndex,UINT MinVertexIndex,UINT NumVertices,UINT startIndex,UINT primCount)
{
if(pDevice->GetStreamSource(0, &Stream_Data, &Offset, &Stride) == D3D_OK)
Stream_Data->Release();
m_Stride=Stride;
if(m_Stride == 20)//head+bod
{
pDevice->SetRenderState(D3DRS_ZENABLE,false); //bring to front
pDevice->SetRenderState(D3DRS_FILLMODE,D3DFILL_SOLID); //fill it with a solid color
pDevice->SetTexture( 0, texGreen); //fill
pDevice->DrawIndexedPrimitive(PrimType, BaseVertexIndex, MinVertexIndex, NumVertices, startIndex, primCount);
pDevice->SetRenderState(D3DRS_ZENABLE, true);
pDevice->SetRenderState(D3DRS_FILLMODE,D3DFILL_SOLID);
pDevice->SetTexture( 0, texRed);
}
return oDrawIndexedPrimitive(pDevice, PrimType, BaseVertexIndex, MinVertexIndex, NumVertices, startIndex, primCount);
}
//---------------------------------------------------------------------------------------------------------------------------------
HRESULT WINAPI hkReset(LPDIRECT3DDEVICE9 pDevice, D3DPRESENT_PARAMETERS* pPresentationParameters)
{
myfile << "Reset is hooked\n"; //Check log
if( g_pFont )
g_pFont->OnLostDevice();
if( g_pLine )
g_pLine->OnLostDevice();
HRESULT iReturnValue = oReset(pDevice, pPresentationParameters);
if(iReturnValue == D3D_OK) {
if( g_pFont )
g_pFont->OnResetDevice();
if( g_pLine )
g_pLine->OnResetDevice();
}
return iReturnValue;
}
//-----------------------------------------------------------------------------------------------------------------------------------
LRESULT CALLBACK MsgProc(HWND hwnd,UINT uMsg,WPARAM wParam,LPARAM lParam){return DefWindowProc(hwnd, uMsg, wParam, lParam);}
void DX_Init(DWORD* table)
{
WNDCLASSEX wc = {sizeof(WNDCLASSEX),CS_CLASSDC,MsgProc,0L,0L,GetModuleHandle(NULL),NULL,NULL,NULL,NULL,"DX",NULL};
RegisterClassEx(&wc);
HWND hWnd = CreateWindow("DX",NULL,WS_OVERLAPPEDWINDOW,100,100,300,300,GetDesktopWindow(),NULL,wc.hInstance,NULL);
LPDIRECT3D9 pD3D = Direct3DCreate9( D3D_SDK_VERSION );
D3DPRESENT_PARAMETERS d3dpp;
ZeroMemory( &d3dpp, sizeof(d3dpp) );
d3dpp.Windowed = TRUE;
d3dpp.SwapEffect = D3DSWAPEFFECT_DISCARD;
d3dpp.BackBufferFormat = D3DFMT_UNKNOWN;
LPDIRECT3DDEVICE9 pd3dDevice;
pD3D->CreateDevice(D3DADAPTER_DEFAULT,D3DDEVTYPE_HAL,hWnd,D3DCREATE_SOFTWARE_VERTEXPROCESSING,&d3dpp,&pd3dDevice);
DWORD* pVTable = (DWORD*)pd3dDevice;
pVTable = (DWORD*)pVTable[0];
table[ES] = pVTable[42]; //EndScene address
table[DIP] = pVTable[82]; //DrawIndexedPrimitive address
table[RES] = pVTable[16]; //Reset address
DestroyWindow(hWnd);
}
//------------------------------------------------------------------------------------------------------------------------------------
DWORD WINAPI VirtualMethodTableRepatchingLoopToCounterExtensionRepatching( LPVOID Param )
{
while(1) {
Sleep(100);
HookVTableFunction((PDWORD*)npDevice, (PBYTE)0x4FF505C0,82);
HookVTableFunction((PDWORD*)npDevice, (PBYTE)0x4FF50270,42);
}
return 1;
}
//------------------------------------------------------------------------------------------------------------------------------------
bool hooked = false;
DWORD WINAPI LoopFunction( LPVOID lpParam )
{
while(1) {
if( hooked == false) {
DWORD VTable[3] = {0};
while(GetModuleHandle("d3d9.dll")==NULL) {
Sleep(250);
}
DX_Init(VTable);
HOOK(EndScene,VTable[ES]); //Hook EndScene as a device discovery hook
while(!npDevice) {
Sleep(50); //Sleep until npDevice is not equal to NULL
}
UNHOOK(EndScene, VTable[ES]); //Unhook as soon as we have a valid pointer to pDevice
oDrawIndexedPrimitive = (tDrawIndexedPrimitive) cDetour->CreateJMP_REL((DWORD)0x4FF505C0, (DWORD)hkDrawIndexedPrimitive, 5);
oEndScene = (tEndScene) cDetour->CreateJMP_REL((DWORD)0x4FF50270, (DWORD)hkEndScene, 5);
*(PDWORD)&oDrawIndexedPrimitive = VTable[DIP];
*(PDWORD)&oEndScene = VTable[ES];
*(PDWORD)&oReset = VTable[RES];
CreateThread(NULL,0,&VirtualMethodTableRepatchingLoopToCounterExtensionRepatching,NULL,0,NULL); //Create hooking thread
hooked = true;
Sleep(200);
}
}
return 0;
}
//------------------------------------------------------------------------------------------------------------------------------------
BOOL WINAPI DllMain(HMODULE hModule, DWORD dwReason, LPVOID lpvReserved)
{
DisableThreadLibraryCalls(hModule); // meringankan kerja dll
if(dwReason == DLL_PROCESS_ATTACH)
{
CreateThread(0, 0, LoopFunction, 0, 0, 0);
}
return TRUE;
}
//------------------------------------------------------------------------------------------------------------------------------------
0 comments:
Posting Komentar
Post Your Comment !