From 0de847bb4832c201233c87fa37867b9d89f0e8c8 Mon Sep 17 00:00:00 2001 From: BobTheBob <32057864+BobTheBob9@users.noreply.github.com> Date: Fri, 27 May 2022 01:13:14 +0100 Subject: rename project folder (:tf: commit log) --- NorthstarDLL/sigscanning.cpp | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 NorthstarDLL/sigscanning.cpp (limited to 'NorthstarDLL/sigscanning.cpp') diff --git a/NorthstarDLL/sigscanning.cpp b/NorthstarDLL/sigscanning.cpp new file mode 100644 index 00000000..761f9f08 --- /dev/null +++ b/NorthstarDLL/sigscanning.cpp @@ -0,0 +1,41 @@ +#include "pch.h" +#include "sigscanning.h" +#include + +// note: sigscanning is only really intended to be used for resolving stuff like shared function definitions +// we mostly use raw function addresses for stuff + +size_t GetModuleLength(HMODULE moduleHandle) +{ + // based on sigscn code from ttf2sdk, which is in turn based on CSigScan from https://wiki.alliedmods.net/Signature_Scanning + MEMORY_BASIC_INFORMATION mem; + VirtualQuery(moduleHandle, &mem, sizeof(mem)); + + IMAGE_DOS_HEADER* dos = (IMAGE_DOS_HEADER*)mem.AllocationBase; + IMAGE_NT_HEADERS* pe = (IMAGE_NT_HEADERS*)((unsigned char*)dos + dos->e_lfanew); + + return pe->OptionalHeader.SizeOfImage; +} + +void* FindSignature(std::string dllName, const char* sig, const char* mask) +{ + HMODULE module = GetModuleHandleA(dllName.c_str()); + + unsigned char* dllAddress = (unsigned char*)module; + unsigned char* dllEnd = dllAddress + GetModuleLength(module); + + size_t sigLength = strlen(mask); + + for (auto i = dllAddress; i < dllEnd - sigLength + 1; i++) + { + int j = 0; + for (; j < sigLength; j++) + if (mask[j] != '?' && sig[j] != i[j]) + break; + + if (j == sigLength) // loop finished of its own accord + return i; + } + + return nullptr; +} -- cgit v1.2.3