-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdllmain.cpp
More file actions
271 lines (222 loc) · 9.44 KB
/
dllmain.cpp
File metadata and controls
271 lines (222 loc) · 9.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
#pragma comment(linker, "/MERGE:.CRT=INIT")
#include "Imports.h"
#pragma comment(lib, "ucrt.lib")
#pragma comment(lib, "vcruntime.lib")
#pragma comment(lib, "msvcrt.lib")
#include <Windows.h>
#include <cstdarg>
#include <conio.h>
void* operator new(size_t size) {
if (_malloc) return _malloc(size);
return ::HeapAlloc(::GetProcessHeap(), 0, size);
}
void operator delete(void* ptr) noexcept {
if (_free) { _free(ptr); return; }
::HeapFree(::GetProcessHeap(), 0, ptr);
}
void operator delete(void* ptr, size_t) noexcept {
operator delete(ptr);
}
// helper to get Desktop path: %USERPROFILE%\Desktop\cheatdump.h
static bool GetDesktopDumpPath(wchar_t* out, DWORD outSize)
{
// get USERPROFILE
DWORD len = GetEnvironmentVariableW(L"USERPROFILE", out, outSize);
if (len == 0 || len >= outSize) return false;
// append \Desktop\cheatdump.h
const wchar_t* suffix = L"\\Desktop\\cheatdump.h";
if (wcslen(out) + wcslen(suffix) + 1 >= outSize) return false;
wcscat_s(out, outSize, suffix);
return true;
}
// Helper function to dump all fields from a class
void DumpClass(const char* className, auto& write_line, HANDLE hConsole) {
auto type = (Unity::Type*)il2cpp::TypeGetObject(_(""), className);
if (!MemUtils::IsValidCheck(type)) {
wchar_t consoleBuff[256];
GetSwprintf(consoleBuff, L"// Failed to get type for class: %S\n", className);
DWORD charsWritten;
WriteConsoleW(hConsole, consoleBuff, wcslen(consoleBuff), &charsWritten, nullptr);
return;
}
Unity::BindingFlags flags = Unity::BindingFlags::Public | Unity::BindingFlags::NonPublic |
Unity::BindingFlags::Instance | Unity::BindingFlags::Static;
auto fields = type->GetFields(flags);
if (!MemUtils::IsValidCheck(fields)) {
wchar_t consoleBuff[256];
GetSwprintf(consoleBuff, L"// Failed to get fields for class: %S\n", className);
DWORD charsWritten;
WriteConsoleW(hConsole, consoleBuff, wcslen(consoleBuff), &charsWritten, nullptr);
return;
}
// Convert class name to lowercase for namespace
char lowerClassName[256];
int i = 0;
while (className[i] && i < 255) {
lowerClassName[i] = (className[i] >= 'A' && className[i] <= 'Z') ?
(className[i] + 32) : className[i];
i++;
}
lowerClassName[i] = '\0';
wchar_t wideClassName[256];
MultiByteToWideChar(CP_UTF8, 0, lowerClassName, -1, wideClassName, 256);
write_line(L" namespace %s {", wideClassName);
int fieldCount = 0;
for (int i = 0; i < fields->GetSize(); i++) {
auto field = fields->Get(i);
if (!MemUtils::IsValidCheck(field))
continue;
auto fieldName = field->get_Name();
if (!MemUtils::IsValidCheck(fieldName))
continue;
auto fieldType = field->get_FieldType();
if (!MemUtils::IsValidCheck(fieldType))
continue;
auto typeName = fieldType->get_FullNameOrDefault();
uint32_t offset = field->GetFieldOffset() + 0x10;
// Unity::String already has str member which is wchar_t*
const wchar_t* wideFieldName = fieldName->str;
const wchar_t* wideTypeName = L"Unknown";
if (MemUtils::IsValidCheck(typeName)) {
wideTypeName = typeName->str;
}
write_line(L" constexpr std::uint64_t %s = 0x%X; // %s", wideFieldName, offset, wideTypeName);
fieldCount++;
}
write_line(L" } // namespace %s (%d fields)", wideClassName, fieldCount);
write_line(L"");
// Also print to console
wchar_t consoleBuff[512];
GetSwprintf(consoleBuff, L"\n%S (%d fields):\n", className, fieldCount);
DWORD charsWritten;
WriteConsoleW(hConsole, consoleBuff, wcslen(consoleBuff), &charsWritten, nullptr);
}
inline bool InitCheat()
{
//1337 fully automatic 1337 hhacker dumper 1337
GameAssembly = (DWORD64)MemUtils::ModuleBase(_("GameAssembly.dll"));
if (!GameAssembly)
return false;
GetCRT = (strstrf___)MemUtils::GetExport((DWORD64)MemUtils::ModuleBase(_("ucrtbase.dll")), _("strstr"));
GetSwprintf = (_swprintf___)MemUtils::GetExport((DWORD64)MemUtils::ModuleBase(_("msvcrt.dll")), _("swprintf"));
GetSprintf = (_sprintf___)MemUtils::GetExport((DWORD64)MemUtils::ModuleBase(_("msvcrt.dll")), _("sprintf"));
_malloc = (_malloc___)MemUtils::GetExport((DWORD64)MemUtils::ModuleBase(_("msvcrt.dll")), _("malloc"));
_memset = (_memset___)MemUtils::GetExport((DWORD64)MemUtils::ModuleBase(_("msvcrt.dll")), _("memset"));
_free = (_free___)MemUtils::GetExport((DWORD64)MemUtils::ModuleBase(_("msvcrt.dll")), _("free"));
AllocConsole();
HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
DWORD charsWritten;
il2cpp::Init();
Unity::Methods::Init();
Dump::Init();
wchar_t outPath[MAX_PATH] = { 0 };
if (!GetDesktopDumpPath(outPath, (DWORD)std::size(outPath))) {
// fallback to current dir
wcscpy_s(outPath, L".\\cheatdump.h");
}
HANDLE hFile = CreateFileW(outPath,
GENERIC_WRITE,
0,
nullptr,
CREATE_ALWAYS,
FILE_ATTRIBUTE_NORMAL,
nullptr);
if (hFile == INVALID_HANDLE_VALUE) {
// optionally show error
MessageBoxW(nullptr, L"Failed to create dump file", L"Error", MB_OK);
return false;
}
// write UTF-8 BOM
{
const BYTE bom[] = { 0xEF,0xBB,0xBF };
DWORD bw;
WriteFile(hFile, bom, sizeof(bom), &bw, nullptr);
}
auto write_line = [&](const wchar_t* fmt, ...)
{
// wide formatting via Win32 (wvsprintfW)
wchar_t wbuf[2048];
va_list args;
va_start(args, fmt);
int wlen = wvsprintfW(wbuf, fmt, args); // limited but sufficient for our text
va_end(args);
if (wlen <= 0) return;
// ensure newline at end if not present
if (wbuf[wlen - 1] != L'\n') {
if (wlen + 1 < (int)std::size(wbuf)) {
wbuf[wlen++] = L'\n';
wbuf[wlen] = L'\0';
}
}
// convert to UTF-8
int utf8len = WideCharToMultiByte(CP_UTF8, 0, wbuf, wlen, nullptr, 0, nullptr, nullptr);
if (utf8len <= 0) return;
// allocate on heap if large
char* ubuf = (char*)HeapAlloc(GetProcessHeap(), 0, (utf8len + 1));
if (!ubuf) return;
WideCharToMultiByte(CP_UTF8, 0, wbuf, wlen, ubuf, utf8len, nullptr, nullptr);
DWORD written = 0;
WriteFile(hFile, ubuf, (DWORD)utf8len, &written, nullptr);
HeapFree(GetProcessHeap(), 0, ubuf);
};
write_line(L"// Auto-generated offsets header");
write_line(L"#pragma once");
write_line(L"#include <cstdint>");
write_line(L"// generated by zerogravity's rust dumper");
write_line(L"namespace offsets {");
write_line(L"");
// List of classes to dump
const char* classesToDump[] = {
"BasePlayer",
"ItemDefinition",
"PlayerModel",
"RecoilProperties",
"TOD_Sky"
};
int numClasses = sizeof(classesToDump) / sizeof(classesToDump[0]);
wchar_t buff[512];
GetSwprintf(buff, L"Dumping %d classes...\n", numClasses);
WriteConsoleW(hConsole, buff, wcslen(buff), &charsWritten, nullptr);
for (int i = 0; i < numClasses; i++) {
DumpClass(classesToDump[i], write_line, hConsole);
}
// Add special globals section for signature-based offsets
write_line(L" namespace globals {");
write_line(L" constexpr std::uint64_t il2cppGCHandleBase = 0x%X; // Signature scan", Dump::il2cpphandlebase - GameAssembly);
write_line(L" constexpr std::uint64_t BaseNetworkableOffset = 0x%X; // Signature scan", Dump::basenetworkable - GameAssembly);
write_line(L" constexpr std::uint64_t CameraManager = 0x%X; // Signature scan", Dump::cameramanager - GameAssembly);
write_line(L" } // namespace globals");
write_line(L"");
write_line(L"} // namespace offsets");
CloseHandle(hFile);
// Print summary to console
GetSwprintf(buff, L"\n=== Dump Complete ===\n");
WriteConsoleW(hConsole, buff, wcslen(buff), &charsWritten, nullptr);
GetSwprintf(buff, L"Output file: %s\n", outPath);
WriteConsoleW(hConsole, buff, wcslen(buff), &charsWritten, nullptr);
GetSwprintf(buff, L"\nSignature-based offsets:\n");
WriteConsoleW(hConsole, buff, wcslen(buff), &charsWritten, nullptr);
GetSwprintf(buff, L" il2cppGCHandleBase = 0x%X\n", Dump::il2cpphandlebase - GameAssembly);
WriteConsoleW(hConsole, buff, wcslen(buff), &charsWritten, nullptr);
GetSwprintf(buff, L" BaseNetworkableOffset = 0x%X\n", Dump::basenetworkable - GameAssembly);
WriteConsoleW(hConsole, buff, wcslen(buff), &charsWritten, nullptr);
GetSwprintf(buff, L" CameraManager = 0x%X\n", Dump::cameramanager - GameAssembly);
WriteConsoleW(hConsole, buff, wcslen(buff), &charsWritten, nullptr);
GetSwprintf(buff, L"\nPress any key to exit...\n");
WriteConsoleW(hConsole, buff, wcslen(buff), &charsWritten, nullptr);
_getch();
FreeConsole();
return true;
}
BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
CreateThread(nullptr, 0, (LPTHREAD_START_ROUTINE)InitCheat, nullptr, 0, nullptr);
break;
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}