归档

App.config

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<configuration>
+    <startup> 
+        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8" />
+    </startup>
+</configuration>

MHFNoGG.csproj

@@ -0,0 +1,85 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{1CC28FD3-0050-4B8B-8FBD-BC74E545A4ED}</ProjectGuid>
+    <OutputType>Exe</OutputType>
+    <RootNamespace>MHFNoGG</RootNamespace>
+    <AssemblyName>MHFNoGG</AssemblyName>
+    <TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
+    <FileAlignment>512</FileAlignment>
+    <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
+    <Deterministic>true</Deterministic>
+    <PublishUrl>publish\</PublishUrl>
+    <Install>true</Install>
+    <InstallFrom>Disk</InstallFrom>
+    <UpdateEnabled>false</UpdateEnabled>
+    <UpdateMode>Foreground</UpdateMode>
+    <UpdateInterval>7</UpdateInterval>
+    <UpdateIntervalUnits>Days</UpdateIntervalUnits>
+    <UpdatePeriodically>false</UpdatePeriodically>
+    <UpdateRequired>false</UpdateRequired>
+    <MapFileExtensions>true</MapFileExtensions>
+    <ApplicationRevision>0</ApplicationRevision>
+    <ApplicationVersion>1.0.0.%2a</ApplicationVersion>
+    <IsWebBootstrapper>false</IsWebBootstrapper>
+    <UseApplicationTrust>false</UseApplicationTrust>
+    <BootstrapperEnabled>true</BootstrapperEnabled>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="frida, Version=0.0.0.0, Culture=neutral, processorArchitecture=x86">
+      <SpecificVersion>False</SpecificVersion>
+      <HintPath>bin\Debug\frida.dll</HintPath>
+    </Reference>
+    <Reference Include="System" />
+    <Reference Include="System.Core" />
+    <Reference Include="System.Xml.Linq" />
+    <Reference Include="System.Data.DataSetExtensions" />
+    <Reference Include="Microsoft.CSharp" />
+    <Reference Include="System.Data" />
+    <Reference Include="System.Net.Http" />
+    <Reference Include="System.Xml" />
+    <Reference Include="WindowsBase" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="Program.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="App.config" />
+  </ItemGroup>
+  <ItemGroup>
+    <BootstrapperPackage Include=".NETFramework,Version=v4.8">
+      <Visible>False</Visible>
+      <ProductName>Microsoft .NET Framework 4.8 %28x86 和 x64%29</ProductName>
+      <Install>true</Install>
+    </BootstrapperPackage>
+    <BootstrapperPackage Include="Microsoft.Net.Framework.3.5.SP1">
+      <Visible>False</Visible>
+      <ProductName>.NET Framework 3.5 SP1</ProductName>
+      <Install>false</Install>
+    </BootstrapperPackage>
+  </ItemGroup>
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+</Project>

MHFNoGG.csproj.user

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <PublishUrlHistory />
+    <InstallUrlHistory />
+    <SupportUrlHistory />
+    <UpdateUrlHistory />
+    <BootstrapperUrlHistory />
+    <ErrorReportUrlHistory />
+    <FallbackCulture>zh-CN</FallbackCulture>
+    <VerifyUploadedFiles>false</VerifyUploadedFiles>
+  </PropertyGroup>
+</Project>

MHFNoGG.sln

@@ -0,0 +1,25 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.4.33403.182
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MHFNoGG", "MHFNoGG.csproj", "{1CC28FD3-0050-4B8B-8FBD-BC74E545A4ED}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Release|Any CPU = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{1CC28FD3-0050-4B8B-8FBD-BC74E545A4ED}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{1CC28FD3-0050-4B8B-8FBD-BC74E545A4ED}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{1CC28FD3-0050-4B8B-8FBD-BC74E545A4ED}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{1CC28FD3-0050-4B8B-8FBD-BC74E545A4ED}.Release|Any CPU.Build.0 = Release|Any CPU
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {66A6851F-2649-46AB-A0A7-685EFBB4753D}
+	EndGlobalSection
+EndGlobal

Program.cs

@@ -0,0 +1,87 @@
+using Frida;
+using System;
+using System.Collections.Generic;
+using System.Collections.ObjectModel;
+using System.Diagnostics;
+using System.IO;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using System.Windows.Threading;
+
+namespace MHFNoGG
+{
+    internal class Program
+    {
+        public static DeviceManager deviceManager { get; set; }//设备管理器 用于批量hook设备
+
+        static void Main(string[] args)
+        {
+            Console.WriteLine("按下回车结束");
+            Console.ReadLine();
+            string path = Directory.GetCurrentDirectory();
+
+            deviceManager = new DeviceManager(null);
+            var devices = deviceManager.EnumerateDevices();
+            var count = devices.Length;
+            Device device = devices.Where(w => w.Type == DeviceType.Local).First();
+            Console.WriteLine($"path => {path}");
+            uint pid = 0;
+            try
+            {
+                pid = device.Spawn(path + "\\mhf.exe", new string[] { path + "\\mhf.exe", ""}, new string[] { }, new string[] { }, "");
+            }
+            catch (Exception ex)
+            {
+                Console.WriteLine("Spawn failed: " + ex.Message);
+            }
+            Session session = device.Attach(pid);
+            Script script = session.CreateScript(@"
+
+    // Wait for ASProtect to unpack.
+    // mhf.exe calls GetCommandLineA near it's entrypoint before WinMain, so it will be one of the first few calls.
+    var mhfGetCommandLineAHook = Interceptor.attach(Module.findExportByName(""kernel32.dll"", ""GetCommandLineA""), {
+        onEnter: function(args){
+            try{
+                var mhfMod = Process.getModuleByName('mhf.exe');
+                var ggInitFuncResults = Memory.scanSync(mhfMod.base, mhfMod.size, ""55 8B EC 81 EC 04 01 00 00"");
+                if(ggInitFuncResults.length < 1) {
+                    //console.log(""Failed to find gameguard init function"");
+                    return;
+                } else {
+
+                    console.log(""Found GG init function in mhf.exe. Patching..."");
+
+                    var ggInitFunc = ggInitFuncResults[0].address;
+                    Memory.patchCode(ggInitFunc, 64, function (code) {
+                        var cw = new X86Writer(code, { pc: ggInitFunc });
+                        cw.putMovRegU32('eax', 1);
+                        cw.putRet();
+                        cw.flush();
+                    });
+
+                    console.log(""Patch complete."");
+                    mhfGetCommandLineAHook.detach();
+                }
+            } catch(e){
+            }
+        }
+    });");
+            script.Message += new Frida.ScriptMessageHandler(script_Message);
+            script.Load();
+            device.Resume(pid);
+
+            while (true)
+            {
+                Console.ReadLine();
+            }
+            session.Detach();
+        }
+
+        private static void script_Message(object sender, Frida.ScriptMessageEventArgs e)
+        {
+            Console.WriteLine(String.Format("Message from Script: {0}", e.Message));
+            Console.WriteLine(String.Format("  Data: {0}", e.Data == null ? "null" : String.Join(", ", e.Data)));
+        }
+    }
+}

Properties/AssemblyInfo.cs

@@ -0,0 +1,36 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// 有关程序集的一般信息由以下
+// 控制。更改这些特性值可修改
+// 与程序集关联的信息。
+[assembly: AssemblyTitle("MHFNoGG")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("MHFNoGG")]
+[assembly: AssemblyCopyright("Copyright ©  2023")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// 将 ComVisible 设置为 false 会使此程序集中的类型
+//对 COM 组件不可见。如果需要从 COM 访问此程序集中的类型
+//请将此类型的 ComVisible 特性设置为 true。
+[assembly: ComVisible(false)]
+
+// 如果此项目向 COM 公开，则下列 GUID 用于类型库的 ID
+[assembly: Guid("1cc28fd3-0050-4b8b-8fbd-bc74e545a4ed")]
+
+// 程序集的版本信息由下列四个值组成: 
+//
+//      主版本
+//      次版本
+//      生成号
+//      修订号
+//
+//可以指定所有这些值，也可以使用“生成号”和“修订号”的默认值
+//通过使用 "*"，如下所示:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("1.0.0.0")]
+[assembly: AssemblyFileVersion("1.0.0.0")]