-
Notifications
You must be signed in to change notification settings - Fork 7
/
Detourer.cs
83 lines (68 loc) · 2.98 KB
/
Detourer.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
using System;
using System.Reflection;
using UnityEngine;
namespace CustomBarnKit
{
// Note(TMSP): Borrowed from BDDMP
public static class Detourer
{
/**
This is a basic first implementation of the IL method 'hooks' (detours) made possible by RawCode's work;
https://ludeon.com/forums/index.php?topic=17143.0
Performs detours, spits out basic logs and warns if a method is detoured multiple times.
**/
public static unsafe Boolean TryDetourFromTo(MethodBase source, MethodBase destination)
{
// error out on null arguments
if (source == null)
{
Debug.Log("[Detours] Source MethodInfo is null");
return false;
}
if (destination == null)
{
Debug.Log("[Detours] Destination MethodInfo is null");
return false;
}
if (IntPtr.Size == sizeof(Int64))
{
// 64-bit systems use 64-bit absolute address and jumps
// 12 byte destructive
// Get function pointers
Int64 sourceBase = source.MethodHandle.GetFunctionPointer().ToInt64();
Int64 destinationBase = destination.MethodHandle.GetFunctionPointer().ToInt64();
// Native source address
Byte* pointerRawSource = (Byte*)sourceBase;
// Pointer to insert jump address into native code
Int64* pointerRawAddress = (Int64*)(pointerRawSource + 0x02);
// Insert 64-bit absolute jump into native code (address in rax)
// mov rax, immediate64
// jmp [rax]
*(pointerRawSource + 0x00) = 0x48;
*(pointerRawSource + 0x01) = 0xB8;
*pointerRawAddress = destinationBase; // ( Pointer_Raw_Source + 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09 )
*(pointerRawSource + 0x0A) = 0xFF;
*(pointerRawSource + 0x0B) = 0xE0;
}
else
{
// 32-bit systems use 32-bit relative offset and jump
// 5 byte destructive
// Get function pointers
Int32 sourceBase = source.MethodHandle.GetFunctionPointer().ToInt32();
Int32 destinationBase = destination.MethodHandle.GetFunctionPointer().ToInt32();
// Native source address
Byte* pointerRawSource = (Byte*)sourceBase;
// Pointer to insert jump address into native code
Int32* pointerRawAddress = (Int32*)(pointerRawSource + 1);
// Jump offset (less instruction size)
Int32 offset = (destinationBase - sourceBase) - 5;
// Insert 32-bit relative jump into native code
*pointerRawSource = 0xE9;
*pointerRawAddress = offset;
}
// done!
return true;
}
}
}