#import "SearchResults.h"
+// for comparing floats
+#import <Chaz/Misc.h>
+
#include <string.h>
#include <math.h>
+#include <errno.h>
// Internal Functions
-BOOL inline compare_float( float a, float b );
-BOOL inline compare_double( double a, double b );
+int bmsearch( char *pat, int m, char *text, int n, void *base, void *loc[] );
+//BOOL inline compare_float( float a, float b );
+//BOOL inline compare_double( double a, double b );
@implementation CheatServer
}
}
- NSLog( @"SERVER message %i/%i/%i", header.checksum, header.function, header.size );
+ //NSLog( @"SERVER message %i/%i/%i", header.checksum, header.function, header.size );
switch ( header.function )
{
TCaddress *results = NULL;
int resultsAmount = 0;
- NSLog( @"string search: %s", value );
-
for (;;)
{
if ( (result = vm_region( processTask, &address, &size, VM_REGION_BASIC_INFO, (vm_region_info_t)(&info), &infoCnt, &object_name )) != KERN_SUCCESS )
if ( result == KERN_SUCCESS )
{
- int i, top = dataLength - vsize;
+ //int i, top = dataLength - vsize;
if ( (results = realloc( results, TCAddressSize*resultsAmount + dataLength )) == NULL )
{
exit(0);
}
- for ( i = 0; i < top; i++ )
+ resultsAmount += bmsearch( (char *)value, vsize, (char *)data, dataLength, (void *)address, (void **)((char *)results+TCAddressSize*resultsAmount) );
+ //resultsAmount += TBM( (char *)value, vsize, data, dataLength, (void **)((char *)results+TCAddressSize*resultsAmount) );
+ //resultsAmount += SMITH( data, dataLength, (char *)value, vsize, (void **)((char *)results+TCAddressSize*resultsAmount) );
+
+ /*for ( i = 0; i < top; i++ )
{
if ( strncmp( value, data+i, vsize ) == 0 )
{
results[resultsAmount++] = (TCaddress)address + i;
}
- }
+ }*/
}
free( data );
TCaddress *results = NULL;
int resultsAmount = 0;
- unsigned zone_count = 10;
+ /*unsigned zone_count = 10;
vm_address_t *zones = (vm_address_t *)malloc( zone_count * sizeof(vm_address_t) );
//memory_reader_t reader;
{
//address = zones[0];
- /*int i;
+ int i;
for ( i = 0; i < 10; i++ )
{
NSLog( @"malloc_get_all_zones[%i] = %X", i, (vm_address_t)zones[i] );
- }*/
- }
+ }
+ }*/
for (;;)
{
data = (int32_t *)malloc( size );
dataLength = size;
- NSLog( @"address: %.8X size: %i", address, size );
+ //NSLog( @"address: %.8X size: %i", address, size );
if ( (result = vm_read_overwrite( processTask, address, size, (vm_address_t)data, &dataLength )) != KERN_SUCCESS && result != KERN_PROTECTION_FAILURE )
{
NSLog( @"ERROR: could not expand buffer" );
exit(0);
}
-
+
for ( i = 0; i < top; i++ )
{
if ( *(data+i) == value )
NSLog( @"found %i of %i", resultsAmount, value );
}
-
- (void)firstSearchDecimalFloat:(float)value
{
kern_return_t result;
for ( i = 0; i < top; i++ )
{
- if ( compare_float( *(data+i), value ) )
+ if ( CMCompareFloatsWithEpsilon( *(data+i), value, 0.1f ) == 0 )
{
results[resultsAmount++] = (TCaddress)address + i * sizeof(value);
}
for ( i = 0; i < top; i++ )
{
- if ( compare_double( *(data+i), value ) )
+ if ( CMCompareDoublesWithEpsilon( *(data+i), value, 0.1 ) == 0 )
{
results[resultsAmount++] = (TCaddress)address + i * sizeof(value);
}
{
kern_return_t result;
- int8_t data;
+ char *data;
vm_size_t dataLength;
TCaddress *results;
return;
}
+ if ( (data = (char *)malloc( vsize )) == NULL )
+ {
+ NSLog( @"ERROR: could not create buffer" );
+
+ [self sendError:@"The server cancelled the search because it ran out of memory." fatal:NO];
+ return;
+ }
+
if ( (results = (TCaddress *)malloc( TCAddressSize*lastResultsAmount )) == NULL )
{
NSLog( @"ERROR: could not create buffer" );
[self sendError:@"The server cancelled the search because it ran out of memory." fatal:NO];
+ free( data );
return;
}
{
TCaddress address = lastResultsData[i];
- dataLength = sizeof(data);
+ //dataLength = sizeof(data);
- if ( (result = vm_read_overwrite( processTask, address, sizeof(data), (vm_address_t)(&data), &dataLength )) == KERN_SUCCESS )
+ if ( (result = vm_read_overwrite( processTask, address, vsize, (vm_address_t)(data), &dataLength )) == KERN_SUCCESS )
{
- if ( data == value[0] )
+ if ( memcmp( data, value, dataLength ) == 0 )
{
results[resultsAmount++] = address;
}
realloc( results, TCAddressSize*resultsAmount );
[searchResults addObject:[SearchResults resultsWithType:TYPE_INTEGER size:SIZE_8_BIT data:results amount:resultsAmount]];
+ free( data );
+
NSLog( @"found %i of %i", resultsAmount, value );
}
if ( (result = vm_read_overwrite( processTask, address, sizeof(data), (vm_address_t)(&data), &dataLength )) == KERN_SUCCESS )
{
- if ( compare_float( data, value ) )
+ if ( CMCompareFloatsWithEpsilon( data, value, 0.1f ) == 0 )
{
results[resultsAmount++] = address;
}
if ( (result = vm_read_overwrite( processTask, address, sizeof(data), (vm_address_t)(&data), &dataLength )) == KERN_SUCCESS )
{
- if ( compare_double( data, value ) )
+ if ( CMCompareDoublesWithEpsilon( data, value, 0.1 ) == 0 )
{
results[resultsAmount++] = address;
}
int failCount = 0;
int i;
- NSLog( @"change string: %s", value );
-
for ( i = 0; i < count; i++ )
{
if ( vm_write( processTask, (vm_address_t)addresses[i], (vm_offset_t)value, vsize ) != KERN_SUCCESS )
header.checksum = RandomChecksum();
header.function = 7;
- header.size = sizeof(amount) + TCAddressSize*amount;
- // AMOUNT DATA
+ header.size = sizeof(amount) + sizeof(maxSearchResultsAmount) + TCAddressSize*maxSearchResultsAmount;
+ // AMOUNT MAX AMOUNT DATA
lengthAfter = length = header.size + sizeof(header);
COPY_TO_BUFFER( ptr, &header, sizeof(header) );
COPY_TO_BUFFER( ptr, &amount, sizeof(amount) );
- COPY_TO_BUFFER( ptr, data, TCAddressSize*amount );
+ COPY_TO_BUFFER( ptr, &maxSearchResultsAmount, sizeof(maxSearchResultsAmount) );
+ COPY_TO_BUFFER( ptr, data, TCAddressSize*maxSearchResultsAmount );
if ( SendBuffer( sockfd, buffer, &length ) == -1 || lengthAfter != length )
{
COPY_FROM_BUFFER( &type, ptr, sizeof(type) );
COPY_FROM_BUFFER( &size, ptr, sizeof(size) );
+
+ COPY_FROM_BUFFER( &maxSearchResultsAmount, ptr, sizeof(maxSearchResultsAmount) );
if ( ![searchResults lastObject] )
{
{
case SIZE_8_BIT:
{
- [self firstSearchString8bit:ptr size:(dataSize - (ptr - data))];
+ [self firstSearchString8bit:ptr size:(dataSize - (ptr - data) - 1)];
}
break;
}
{
int wait_status;
- if ( ptrace( PT_ATTACH, processID, 0, 0 ) != -1 )
+ NS_DURING
{
- if ( waitpid( processID, &wait_status, WUNTRACED ) == processID )
+ if ( ptrace( PT_ATTACH, processID, 0, 0 ) != -1 )
{
- if ( WIFSTOPPED(wait_status) )
+ if ( waitpid( processID, &wait_status, WUNTRACED ) == processID )
{
- processPaused = YES;
- [self sendPauseFinished:YES];
+ if ( WIFSTOPPED(wait_status) )
+ {
+ processPaused = YES;
+ [self sendPauseFinished:YES];
+ }
+ else
+ {
+ NSLog( @"ERROR: process couldn't be paused" );
+ [self sendPauseFinished:NO];
+ [self sendError:@"Could not pause target because of an unknown error." fatal:NO];
+ }
}
else
{
NSLog( @"ERROR: process couldn't be paused" );
[self sendPauseFinished:NO];
- [self sendError:@"Process couldn't be paused." fatal:NO];
+ [self sendError:@"Could not pause target because of an unknown error." fatal:NO];
}
}
else
{
NSLog( @"ERROR: process couldn't be paused" );
[self sendPauseFinished:NO];
- [self sendError:@"Process couldn't be paused." fatal:NO];
+
+ switch ( errno )
+ {
+ case ESRCH:
+ [self sendError:@"Could not pause target because there is no valid target to pause." fatal:NO];
+ break;
+
+ case EINVAL:
+ [self sendError:@"Could not pause target because a process cannot pause itself." fatal:NO];
+ break;
+
+ case EBUSY:
+ [self sendError:@"Could not pause target because the target is being controlled by another instance or application." fatal:NO];
+ break;
+
+ case EPERM:
+ [self sendError:@"Could not pause target because this type of application cannot be paused." fatal:NO];
+ break;
+
+ default:
+ [self sendError:@"Could not pause target because of an unknown error." fatal:NO];
+ break;
+ }
}
}
- else
+ NS_HANDLER
{
- NSLog( @"ERROR: process couldn't be paused" );
[self sendPauseFinished:NO];
- [self sendError:@"Process couldn't be paused." fatal:NO];
+ [self sendError:[NSString stringWithFormat:@"Could not pause target because an exception (%@) was raised: %@", [localException name], [localException reason]] fatal:NO];
}
+ NS_ENDHANDLER
}
else
{
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%*/
+#define ASIZE 256
+int bmsearch( char *pat, int m, char *text, int n, void *base, void *loc[] )
+{
+ int count = 0;
+ int i, j, k, skip[ASIZE];
+
+ if( m==0 ) return 0;
+ for( k=0; k<ASIZE; k++ ) skip[k] = m;
+ for( k=0; k<m-1; k++ ) skip[(int)pat[k]] = m-k-1;
+
+ for( k=m-1; k < n; k += skip[(int)text[k] & (ASIZE-1)] ) {
+ for( j=m-1, i=k; j>=0 && text[i] == pat[j]; j-- ) i--;
+ if( j == (-1) )
+ /* SAVE LOCATION */
+ loc[count++] = (void *)( base+i+1 );
+ //return( text+i+1 );
+ }
+ return count;
+}
+
+/*
BOOL compare_float( float a, float b )
{
float const feps = 0.0001f;
double const deps = 0.0000001;
return deps > fabs( a - b );
-}
\ No newline at end of file
+}*/
\ No newline at end of file