Fixed pyproject.toml

Author: danielfvm

build.py

@@ -1,40 +1,9 @@
-from distutils.command.build_ext import build_ext
-from distutils.core import Distribution
-from distutils.core import Extension
-from distutils.errors import CCompilerError
-from distutils.errors import DistutilsExecError
-from distutils.errors import DistutilsPlatformError
-
-ext_modules = [
-    Extension("memscan.memscan",
-      sources=["./memscan/memscan.c"],
-     ),
-]
-
-
-class BuildFailed(Exception):
-    pass
-
-
-class ExtBuilder(build_ext):
-
-    def run(self):
-        try:
-            build_ext.run(self)
-        except (DistutilsPlatformError, FileNotFoundError):
-            raise BuildFailed('File not found. Could not compile C extension.')
-
-    def build_extension(self, ext):
-        try:
-            build_ext.build_extension(self, ext)
-        except (CCompilerError, DistutilsExecError, DistutilsPlatformError, ValueError):
-            raise BuildFailed('Could not compile C extension.')
+from setuptools.extension import Extension
 
+custom_extension = Extension(
+    "memmod.memscan",
+    sources=["memmod/memscan.c"],
+)
 
 def build(setup_kwargs):
-    """
-    This function is mandatory in order to build the extensions.
-    """
-    setup_kwargs.update(
-        {"ext_modules": ext_modules, "cmdclass": {"build_ext": ExtBuilder}}
-    )
+    setup_kwargs.update({ "ext_modules": [custom_extension], })

examples/assaultcube.py

@@ -0,0 +1,37 @@
+from memmod import Process
+
+import struct
+import sys
+
+proc = Process(name="native_client")
+base = proc.find_module(proc.name)
+assert base != None, "Failed to locate base module!"
+heap = proc.find_module("heap")
+assert heap != None, "Failed to locate heap module!"
+
+entity_list_addr = proc.resolve_pointer_chain(base.start + 0x1c4540)
+print("Entity list addr:", hex(entity_list_addr))
+
+player = 0
+for i in range(5):
+    entity_addr = proc.resolve_pointer_chain(entity_list_addr + i * 8)
+    name = proc.read(entity_addr + 0x219, 20)
+    if name[0] == 0:
+        continue
+    dead = int.from_bytes(proc.read(entity_addr + 0x7a, 1), sys.byteorder)
+
+    print(name.decode(), hex(entity_addr), dead)
+    print(struct.unpack("i", proc.read(entity_addr + 0x6c, 4)))
+    print(struct.unpack("d", proc.read(entity_addr + 0x10, 8)))
+    print(struct.unpack("H", proc.read(entity_addr + 0x67, 2)))
+    print(struct.unpack("H", proc.read(entity_addr + 0x69, 2)))
+
+"""
+x = bytes(0x350)
+while True:
+    _x = proc.read(player, 0x350)
+    for i in range(0x350):
+        if x[i] is not _x[i]:
+            print(i, x[i])
+    x = _x
+"""

findcppvector.py renamed to examples/findcppvector.py

@@ -36,7 +36,7 @@ def list_to_dict(pointers: list[ScanResult]) -> dict[int, int]:
         continue
 
     size = int(size / 8)
-    if not(size >= 200 and size <= 300):
+    if not(size > 100 and size < 300):
         continue
 
     valid = True

examples/key.py

@@ -0,0 +1,11 @@
+from memmod import Process
+from Xlib import XK
+
+from time import sleep
+
+proc = Process(name = "firefox")
+win = proc.get_x11_window()[0]
+
+while True:
+    proc.send_key(win, XK.string_to_keysym("A"))
+    sleep(1)

examples/search_func.py

@@ -0,0 +1,99 @@
+from dataclasses import dataclass
+from memmod import Process, Module
+from capstone import Cs, CS_ARCH_X86, CS_MODE_64, CsInsn
+
+import cxxfilt
+import sys
+
+proc = Process(name=sys.argv[1])
+base = proc.find_module(proc.name)
+base_proc = proc.find_module(proc.name, mode='r-xp')
+assert base != None, "Failed to load base module!"
+assert base_proc != None, "Failed to load base module!"
+
+symbols = base.get_symbols()
+symbols_f = list(filter(lambda x: x.entry['st_info']['type'] == 'STT_FUNC' and x.entry['st_value'] != 0, symbols))
+symbols_f = list(reversed(sorted(symbols_f, key=lambda x: x.entry['st_value'])))
+symbols = list(filter(lambda x: x.entry['st_info']['type'] == 'STT_OBJECT', symbols))
+
+
+binary = proc.read(base_proc.start, base_proc.size)
+md = Cs(CS_ARCH_X86, CS_MODE_64)
+
+func = {}
+
+def get_function_name(address) -> str:
+    for f in symbols_f:
+        if f.entry['st_value'] < address - base.start:
+            return cxxfilt.demangle(f.name)
+    return ""
+
+
+"""
+for instruction in md.disasm(binary, base_proc.start):
+    if instruction.mnemonic != 'call':
+        continue
+    if '[' not in instruction.op_str:
+        continue
+    if 'rip' not in instruction.op_str:
+        continue
+    if '+' not in instruction.op_str:
+        continue
+
+    offset = int(instruction.op_str[instruction.op_str.find('+')+1:instruction.op_str.find(']')], 16)
+    rip = instruction.address+instruction.size
+    got = rip + offset
+
+    address = int.from_bytes(proc.read(got, 8), sys.byteorder)
+    if address not in func:
+        mod = proc.find_module_with_address(address)
+
+        if mod == None:
+            continue
+
+        func[address] = {
+            "module": mod,
+            "got": got,
+            "address": address,
+            "offset": address - mod.start,
+            "calls": [ instruction.address ]
+        }
+    else:
+        func[address]["calls"].append(instruction.address)
+
+for f in func.values():
+    print(f["module"].path, '+', hex(f["offset"]), hex(f["address"]), len(f["calls"]))
+"""
+
+
+for instruction in md.disasm(binary, base_proc.start):
+    if instruction.mnemonic != 'call':
+        continue
+
+    op_str = instruction.op_str
+    if '[' in op_str:
+        continue
+    if '+' in op_str:
+        continue
+    if not op_str[0].isdigit():
+        continue
+
+    address = int(op_str, 16)
+
+    if not base_proc.contains_address(address):
+        continue
+
+    if address not in func:
+        func[address] = {
+            "address": address,
+            "offset": address - base_proc.start,
+            "calls": [ instruction.address ]
+        }
+    else:
+        func[address]["calls"].append(instruction.address)
+
+for f in func.values():
+    print("%s+%x (%x)  %d  %s" % (base_proc.path, f["offset"], f["address"], len(f["calls"]), get_function_name(f["address"])))
+print(len(func))
+
+# /usr/bin/supertux2+1b4930 (5573d99e4930)  6  Player::set_on_ground(bool)

search_statics.py renamed to examples/search_statics.py

@@ -14,7 +14,6 @@
 for i, r in enumerate(results):
     print(i, r.address, hex(r.value))
 
-sys.exit()
 
 # Hello World 
 puts = proc.get_libc_function("puts")

examples/supertux.py

@@ -0,0 +1,27 @@
+from gi.repository import Adw, Gio, Gtk, Gdk
+from pathlib import Path
+
+from memmod import Process
+
+info = "A small test script to check if this is working"
+name = "Test"
+
+
+BASE_DIR = Path(__file__).resolve().parent
+@Gtk.Template(filename=str(BASE_DIR.joinpath('test.ui')))
+class Test(Gtk.Box):
+    __gtype_name__ = 'Test'
+
+    liststore = Gtk.Template.Child()
+
+    def __init__(self, proc: Process, **kwargs):
+        super().__init__(**kwargs)
+
+        for m in proc.modules:
+            self.liststore.append(["%x" % m.start, "%x" % m.end, m.mode, "%x" % m.offset, "%d:%d" % (m.major, m.minor), m.inode, m.path])
+
+def init():
+    print("hello")
+
+def get_widget(proc: Process):
+    return Test(proc)

gui/extensions/test.py

@@ -0,0 +1,131 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<interface>
+	<requires lib="gtk" version="4.0"/>
+	<requires lib="adw" version="1.0"/>
+
+
+  <object class="GtkListStore" id="liststore">
+    <columns>
+      <column type="gchararray"/>
+      <column type="gchararray"/>
+
+      <column type="gchararray"/>
+
+      <column type="gchararray"/>
+
+      <column type="gchararray"/>
+
+      <column type="gint"/>
+
+      <column type="gchararray"/>
+    </columns>
+  </object>
+
+
+	<template class="Test" parent="GtkBox">
+        <property name="orientation">vertical</property>
+
+
+            <child>
+
+      <object class="GtkScrolledWindow">
+        <property name="has-frame">1</property>
+        <property name="hexpand">1</property>
+        <property name="vexpand">1</property>
+        <child>
+          <object class="GtkTreeView" id="view">
+            <property name="model">liststore</property>
+            <signal name="row-activated" handler="action_open"/>
+            <child>
+              <object class="GtkTreeViewColumn">
+                <property name="sizing">autosize</property>
+                <property name="title">Start</property>
+                <child>
+                  <object class="GtkCellRendererText"/>
+                  <attributes>
+                    <attribute name="text">0</attribute>
+                  </attributes>
+                </child>
+              </object>
+            </child>
+            <child>
+              <object class="GtkTreeViewColumn">
+                <property name="sizing">autosize</property>
+                <property name="title">End</property>
+                <child>
+                  <object class="GtkCellRendererText"/>
+                  <attributes>
+                    <attribute name="text">1</attribute>
+                  </attributes>
+                </child>
+              </object>
+            </child>
+            <child>
+              <object class="GtkTreeViewColumn">
+                <property name="sizing">autosize</property>
+                <property name="title">Mode</property>
+                <child>
+                  <object class="GtkCellRendererText"/>
+                  <attributes>
+                    <attribute name="text">2</attribute>
+                  </attributes>
+                </child>
+              </object>
+            </child>
+            <child>
+              <object class="GtkTreeViewColumn">
+                <property name="sizing">autosize</property>
+                <property name="title">Offset</property>
+                <child>
+                  <object class="GtkCellRendererText"/>
+                  <attributes>
+                    <attribute name="text">3</attribute>
+                  </attributes>
+                </child>
+              </object>
+            </child>
+            <child>
+              <object class="GtkTreeViewColumn">
+                <property name="sizing">autosize</property>
+                <property name="title">major:minor</property>
+                <child>
+                  <object class="GtkCellRendererText"/>
+                  <attributes>
+                    <attribute name="text">4</attribute>
+                  </attributes>
+                </child>
+              </object>
+            </child>
+            <child>
+              <object class="GtkTreeViewColumn">
+                <property name="sizing">autosize</property>
+                <property name="title">inode</property>
+                <child>
+                  <object class="GtkCellRendererText"/>
+                  <attributes>
+                    <attribute name="text">5</attribute>
+                  </attributes>
+                </child>
+              </object>
+            </child>
+            <child>
+              <object class="GtkTreeViewColumn">
+                <property name="sizing">autosize</property>
+                <property name="title">path</property>
+                <child>
+                  <object class="GtkCellRendererText"/>
+                  <attributes>
+                    <attribute name="text">6</attribute>
+                  </attributes>
+                </child>
+              </object>
+            </child>
+          </object>
+
+        </child>
+      </object>
+        </child>
+
+
+	</template>
+</interface>