hackf5
/ medium-hacking mono-get cpp offsets.cpp
Last active
June 27, 2019 15:10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <iostream> | |
| #include <cstddef> | |
| #include "mono/metadata/metadata-internals.h" | |
| int main() | |
| { | |
| std::cout << "Domain Assemblies Offset: " | |
| << offsetof (_MonoDomain, domain_assemblies) << std::endl; | |
| std::cout << "Class Cache Offset: " | |
| << offsetof (_MonoImage, class_cache) << std::endl; |
hackf5
/ medium-hacking unity-mono decompile.c
Last active
June 26, 2019 15:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| void** mono_get_root_domain(void** ecx, void** a2, void** a3, void** a4, | |
| void** a5, void** a6, void** a7, void** a8, void** a9, void** a10, | |
| void** a11, void** a12, void** a13, void** a14, void** a15, | |
| void** a16, void** a17, void** a18, void** a19, void** a20, | |
| void** a21, void** a22, void** a23, void** a24, void** a25, | |
| void** a26, void** a27, void** a28, void** a29, void** a30, | |
| void** a31, void** a32, void** a33, void** a34) | |
| { | |
| void** eax35; |
hackf5
/ medium-hacking unity-get the root domain function.cs
Created
June 26, 2019 14:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // interprets the bytes in buffer starting at start as an integer. | |
| static int ToInt32(this byte[] buffer, int start); | |
| // interprets the bytes in buffer starting at start as an ASCII string. | |
| static string ToAsciiString(this byte[] buffer, int start0); | |
| // code to find the address of the root domain function. | |
| const int nullPtr = 0; | |
| const int sizeOfPtr = sizeof(uint); |
hackf5
/ medium-hacking unity-read mono modul.cs
Last active
May 19, 2023 23:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [DllImport("kernel32", SetLastError = true)] | |
| static extern bool ReadProcessMemory( | |
| IntPtr hProcess, | |
| IntPtr lpBaseAddress, | |
| IntPtr lpBuffer, | |
| int nSize, | |
| out IntPtr lpNumberOfBytesRead); | |
| void ReadProcessMemory(Process process, byte[] buffer, IntPtr processAddress) | |
| { |
hackf5
/ medium-hack mono-get mono dll.cs
Last active
June 26, 2019 12:48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var monoModule = process | |
| .Modules | |
| .Cast<ProcessModule>() | |
| .First(m => m.ModuleName == "mono.dll") |