-
Notifications
You must be signed in to change notification settings - Fork 70
/
Copy pathbinpatch.c
149 lines (133 loc) · 3.41 KB
/
binpatch.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
//
// binpatch.c
//
// Created by RehabMan on 01-Jul-2016 (some code from patcho.c)
// Licensed under GPLv3, full text at http://www.gnu.org/licenses/gpl-3.0.txt
//
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
int quiet = 0;
int tohex(unsigned char hex)
{
if (hex >= '0' && hex <= '9')
return hex - '0';
else if (hex >= 'A' && hex <= 'F')
return hex - 'A' + 10;
else if (hex >= 'a' && hex <= 'f')
return hex - 'a' + 10;
printf("Bad hex character '%c'\n", hex);
exit(6);
}
void hexStr(const char *hex, unsigned char *str)
{
u_int64_t j = 0, i = strlen(hex)/2;
if (i < 1) return;
while (j < i)
{
str[j]=(tohex(hex[j*2])<<4)+tohex(hex[j*2+1]);
j++;
}
}
void stripSpaces(char* arg)
{
char* dest = arg;
char* src = arg;
while (*src) {
if (*src != '\t' && *src != ' ')
*dest++ = *src;
++src;
}
*dest = 0;
}
void patchMemory(unsigned char* bytes, u_int64_t count, unsigned char* find, unsigned char* replace, u_int64_t fr_count)
{
unsigned char* ptr = bytes;
while (count--)
{
if (0 == memcmp(ptr, find, fr_count))
{
if (!quiet)
printf("\tpatching offset: %zu\n", (size_t)(ptr - bytes));
memcpy(ptr, replace, fr_count);
ptr += fr_count;
count -= fr_count;
continue;
}
ptr++;
}
}
int main(int argc, char * argv[])
{
if (argc < 4 || argc > 5)
{
printf("Usage: %s [options] <hex find> <hex replace> <file>\nExample: %s CAFEBABE CAFE00AB java.exe\nResult: CAFEBABE -> CAFE00AB\n", argv[0], argv[0]);
printf("options:\n");
printf("\t-q\tquiet; do not print non-errors\n");
exit(1);
}
if (access(argv[argc-1], F_OK) != 0)
{
printf("File cannot be found\n");
exit(2);
}
int arg = 1;
for (; arg < argc; arg++)
{
if (argv[arg][0] != '-')
break;
switch (argv[arg][1])
{
case 'q':
quiet = 1;
break;
case 'n':
quiet = 0;
break;
default:
printf("invalid option: \"%s\"\n", argv[arg]);
break;
}
}
char* findArg = argv[arg+0];
char* replArg = argv[arg+1];
char* fileArg = argv[arg+2];
stripSpaces(findArg);
stripSpaces(replArg);
if (!quiet)
{
printf("\tfind: '%s'\n", findArg);
printf("\trepl: '%s'\n", replArg);
}
if (strlen(findArg) != strlen(replArg))
{
printf("Find and Replace sizes do not match\n");
exit(4);
}
if (strlen(findArg) % 2 != 0 || strlen(replArg) % 2 != 0)
{
printf("Find and Replace sizes not in whole bytes\n");
exit(5);
}
// read entire file to memory
FILE* file = fopen(fileArg, "r+b");
fseek(file, 0, SEEK_END);
u_int64_t l = ftell(file);
unsigned char* bytes = malloc(l);
fseek(file, 0, SEEK_SET);
fread(bytes, 1, l, file);
// patch it
u_int64_t fr_len = strlen(findArg)/2;
unsigned char find[fr_len];
unsigned char repl[fr_len];
hexStr(findArg, find);
hexStr(replArg, repl);
patchMemory(bytes, l, find, repl, fr_len);
// write it back out
fseek(file, 0, SEEK_SET);
fwrite(bytes, 1, l, file);
fclose(file);
return 0;
}