Dobby dobby = Dobby.getInstance(test.emulator);
dobby.replace(test.module.base + 0xCC64, new ReplaceCallback() {
private final Stack<UnidbgPointer> resultPointerStack = new Stack<>();
@Override
public HookStatus onCall(Emulator<?> emulator, HookContext context, long originFunction) {
// for (int i = 0; i < 8; i++) {
// System.out.println("0xCC64.arg." + i + ": " + context.getPointerArg(i));
// }
UnidbgPointer ptr = context.getPointerArg(0);
resultPointerStack.push(ptr);
// System.out.println("file content capacity: " + ptr.getInt(0));
// System.out.println("file content size: " + ptr.getInt(8));
// Inspector.inspect(ptr.getPointer(16).getByteArray(0, ptr.getInt(8)), "file content");
UnidbgPointer ptr2 = context.getPointerArg(1);
// System.out.println("file content capacity2: " + ptr2.getInt(0));
// System.out.println("file content size2: " + ptr2.getInt(8));
System.out.println("cut offset: " + context.getIntArg(2) + ", size: " + context.getIntArg(3));
Inspector.inspect(ptr2.getPointer(16).getByteArray(0, ptr2.getInt(8)), "in file content");
return super.onCall(emulator, context, originFunction);
}
@Override
public void postCall(Emulator<?> emulator, HookContext context) {
UnidbgPointer ptr = resultPointerStack.pop();
// System.out.println("ret file content capacity: " + ptr.getInt(0));
// System.out.println("ret file content size: " + ptr.getInt(8));
Inspector.inspect(ptr.getPointer(16).getByteArray(0, ptr.getInt(8)), "out file content");
super.postCall(emulator, context);
}
}, true);
浙公网安备 33010602011771号