commit 2a430f4ffa538ffe945f1b86fff08f615f7d6cfe
Author: sin365 <353374337@qq.com>
Date: Fri May 19 18:15:14 2023 +0800
归档
diff --git a/.vs/MHFNoGG/FileContentIndex/1ba103d3-9a01-47b0-b783-1d43479fc516.vsidx b/.vs/MHFNoGG/FileContentIndex/1ba103d3-9a01-47b0-b783-1d43479fc516.vsidx
new file mode 100644
index 0000000..893d882
Binary files /dev/null and b/.vs/MHFNoGG/FileContentIndex/1ba103d3-9a01-47b0-b783-1d43479fc516.vsidx differ
diff --git a/.vs/MHFNoGG/FileContentIndex/read.lock b/.vs/MHFNoGG/FileContentIndex/read.lock
new file mode 100644
index 0000000..e69de29
diff --git a/.vs/MHFNoGG/v17/.suo b/.vs/MHFNoGG/v17/.suo
new file mode 100644
index 0000000..c25aa88
Binary files /dev/null and b/.vs/MHFNoGG/v17/.suo differ
diff --git a/App.config b/App.config
new file mode 100644
index 0000000..193aecc
--- /dev/null
+++ b/App.config
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/MHFNoGG.csproj b/MHFNoGG.csproj
new file mode 100644
index 0000000..7e26eb3
--- /dev/null
+++ b/MHFNoGG.csproj
@@ -0,0 +1,85 @@
+
+
+
+
+ Debug
+ AnyCPU
+ {1CC28FD3-0050-4B8B-8FBD-BC74E545A4ED}
+ Exe
+ MHFNoGG
+ MHFNoGG
+ v4.8
+ 512
+ true
+ true
+ publish\
+ true
+ Disk
+ false
+ Foreground
+ 7
+ Days
+ false
+ false
+ true
+ 0
+ 1.0.0.%2a
+ false
+ false
+ true
+
+
+ AnyCPU
+ true
+ full
+ false
+ bin\Debug\
+ DEBUG;TRACE
+ prompt
+ 4
+
+
+ AnyCPU
+ pdbonly
+ true
+ bin\Release\
+ TRACE
+ prompt
+ 4
+
+
+
+ False
+ bin\Debug\frida.dll
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ False
+ Microsoft .NET Framework 4.8 %28x86 和 x64%29
+ true
+
+
+ False
+ .NET Framework 3.5 SP1
+ false
+
+
+
+
\ No newline at end of file
diff --git a/MHFNoGG.csproj.user b/MHFNoGG.csproj.user
new file mode 100644
index 0000000..51efb67
--- /dev/null
+++ b/MHFNoGG.csproj.user
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+
+ zh-CN
+ false
+
+
\ No newline at end of file
diff --git a/MHFNoGG.sln b/MHFNoGG.sln
new file mode 100644
index 0000000..8d6aea5
--- /dev/null
+++ b/MHFNoGG.sln
@@ -0,0 +1,25 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.4.33403.182
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MHFNoGG", "MHFNoGG.csproj", "{1CC28FD3-0050-4B8B-8FBD-BC74E545A4ED}"
+EndProject
+Global
+ GlobalSection(SolutionConfigurationPlatforms) = preSolution
+ Debug|Any CPU = Debug|Any CPU
+ Release|Any CPU = Release|Any CPU
+ EndGlobalSection
+ GlobalSection(ProjectConfigurationPlatforms) = postSolution
+ {1CC28FD3-0050-4B8B-8FBD-BC74E545A4ED}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+ {1CC28FD3-0050-4B8B-8FBD-BC74E545A4ED}.Debug|Any CPU.Build.0 = Debug|Any CPU
+ {1CC28FD3-0050-4B8B-8FBD-BC74E545A4ED}.Release|Any CPU.ActiveCfg = Release|Any CPU
+ {1CC28FD3-0050-4B8B-8FBD-BC74E545A4ED}.Release|Any CPU.Build.0 = Release|Any CPU
+ EndGlobalSection
+ GlobalSection(SolutionProperties) = preSolution
+ HideSolutionNode = FALSE
+ EndGlobalSection
+ GlobalSection(ExtensibilityGlobals) = postSolution
+ SolutionGuid = {66A6851F-2649-46AB-A0A7-685EFBB4753D}
+ EndGlobalSection
+EndGlobal
diff --git a/Program.cs b/Program.cs
new file mode 100644
index 0000000..9b41c1e
--- /dev/null
+++ b/Program.cs
@@ -0,0 +1,87 @@
+using Frida;
+using System;
+using System.Collections.Generic;
+using System.Collections.ObjectModel;
+using System.Diagnostics;
+using System.IO;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using System.Windows.Threading;
+
+namespace MHFNoGG
+{
+ internal class Program
+ {
+ public static DeviceManager deviceManager { get; set; }//设备管理器 用于批量hook设备
+
+ static void Main(string[] args)
+ {
+ Console.WriteLine("按下回车结束");
+ Console.ReadLine();
+ string path = Directory.GetCurrentDirectory();
+
+ deviceManager = new DeviceManager(null);
+ var devices = deviceManager.EnumerateDevices();
+ var count = devices.Length;
+ Device device = devices.Where(w => w.Type == DeviceType.Local).First();
+ Console.WriteLine($"path => {path}");
+ uint pid = 0;
+ try
+ {
+ pid = device.Spawn(path + "\\mhf.exe", new string[] { path + "\\mhf.exe", ""}, new string[] { }, new string[] { }, "");
+ }
+ catch (Exception ex)
+ {
+ Console.WriteLine("Spawn failed: " + ex.Message);
+ }
+ Session session = device.Attach(pid);
+ Script script = session.CreateScript(@"
+
+ // Wait for ASProtect to unpack.
+ // mhf.exe calls GetCommandLineA near it's entrypoint before WinMain, so it will be one of the first few calls.
+ var mhfGetCommandLineAHook = Interceptor.attach(Module.findExportByName(""kernel32.dll"", ""GetCommandLineA""), {
+ onEnter: function(args){
+ try{
+ var mhfMod = Process.getModuleByName('mhf.exe');
+ var ggInitFuncResults = Memory.scanSync(mhfMod.base, mhfMod.size, ""55 8B EC 81 EC 04 01 00 00"");
+ if(ggInitFuncResults.length < 1) {
+ //console.log(""Failed to find gameguard init function"");
+ return;
+ } else {
+
+ console.log(""Found GG init function in mhf.exe. Patching..."");
+
+ var ggInitFunc = ggInitFuncResults[0].address;
+ Memory.patchCode(ggInitFunc, 64, function (code) {
+ var cw = new X86Writer(code, { pc: ggInitFunc });
+ cw.putMovRegU32('eax', 1);
+ cw.putRet();
+ cw.flush();
+ });
+
+ console.log(""Patch complete."");
+ mhfGetCommandLineAHook.detach();
+ }
+ } catch(e){
+ }
+ }
+ });");
+ script.Message += new Frida.ScriptMessageHandler(script_Message);
+ script.Load();
+ device.Resume(pid);
+
+ while (true)
+ {
+ Console.ReadLine();
+ }
+ session.Detach();
+ }
+
+ private static void script_Message(object sender, Frida.ScriptMessageEventArgs e)
+ {
+ Console.WriteLine(String.Format("Message from Script: {0}", e.Message));
+ Console.WriteLine(String.Format(" Data: {0}", e.Data == null ? "null" : String.Join(", ", e.Data)));
+ }
+ }
+}
diff --git a/Properties/AssemblyInfo.cs b/Properties/AssemblyInfo.cs
new file mode 100644
index 0000000..e40d13e
--- /dev/null
+++ b/Properties/AssemblyInfo.cs
@@ -0,0 +1,36 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// 有关程序集的一般信息由以下
+// 控制。更改这些特性值可修改
+// 与程序集关联的信息。
+[assembly: AssemblyTitle("MHFNoGG")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("MHFNoGG")]
+[assembly: AssemblyCopyright("Copyright © 2023")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// 将 ComVisible 设置为 false 会使此程序集中的类型
+//对 COM 组件不可见。如果需要从 COM 访问此程序集中的类型
+//请将此类型的 ComVisible 特性设置为 true。
+[assembly: ComVisible(false)]
+
+// 如果此项目向 COM 公开,则下列 GUID 用于类型库的 ID
+[assembly: Guid("1cc28fd3-0050-4b8b-8fbd-bc74e545a4ed")]
+
+// 程序集的版本信息由下列四个值组成:
+//
+// 主版本
+// 次版本
+// 生成号
+// 修订号
+//
+//可以指定所有这些值,也可以使用“生成号”和“修订号”的默认值
+//通过使用 "*",如下所示:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("1.0.0.0")]
+[assembly: AssemblyFileVersion("1.0.0.0")]
diff --git a/bin/Debug/frida.dll b/bin/Debug/frida.dll
new file mode 100644
index 0000000..416e1cc
Binary files /dev/null and b/bin/Debug/frida.dll differ
diff --git a/frida-clr-15.0.13-windows-x86_64.dll b/frida-clr-15.0.13-windows-x86_64.dll
new file mode 100644
index 0000000..7e0a44b
Binary files /dev/null and b/frida-clr-15.0.13-windows-x86_64.dll differ