let param = il2cpp_method_get_param(ret,idx) let type = il2cpp_class_from_type(param) let typeName = il2cpp_class_get_name(type) pstr += ptr(typeName).readCString() + " a"+idx +" ," } pstr+=");" console.log("[*]"+ret.readPointer()+" --> "+ptr(ret_class_name).read...
auto param_count = il2cpp_method_get_param_count(method); if (param_count > 0) { HookUtils::Hooker((void *) pointer, (void *) new_HookCallBack, (void **) &orig_HookCallBack ); } else { HookUtils::Hooker((void *) pointer, (void *) new_HookCallBackNoArgs, (void **) &orig...
constMethodInfo*il2cpp_class_get_methods(Il2CppClass*klass,void**iter)//导出函数很好找{returnClass::GetMethods(klass,iter);}constMethodInfo*Class::GetMethods(Il2CppClass*klass,void**iter){...if(!*iter){Class::SetupMethods(klass);if(klass->method_count==0)returnNULL;*iter=&klass->methods[...
(parameterDefinition->nameIndex);newParameter->position=paramIndex;newParameter->token=parameterDefinition->token;newParameter->customAttributeIndex=parameterDefinition->customAttributeIndex;newParameter->parameter_type=MetadataCache::GetIl2CppTypeFromIndex(parameterDefinition->typeIndex);newParameter++;}newMethod...
{ "Address": 1589, "Name": "N1CTFChecker$$check", "Signature": "bool N1CTFChecker__check (N1CTFChecker_o* __this, System_String_o* flag, const MethodInfo* method);" }, 根据返回类型以及参数类型可以判断对应的辅助函数为 dynCall_iiii。 接着使用 Ghidra 的ghidra-wasm-plugin 插件对 wasm...
DEFINE_IL2CPP_FUN(Il2CppMethodPointer, il2cpp_resolve_icall, (constchar* name)); DEFINE_IL2CPP_FUN(void*, il2cpp_alloc, (size_t size)); DEFINE_IL2CPP_FUN(void, il2cpp_free, (void* ptr)); // array DEFINE_IL2CPP_FUN(Il2CppClass*, il2cpp_array_class_get, (Il2CppClass * element...
/// Created by Administrator on 2019/5/14.//#ifndef TEST_UPDATE_IL2CPP_API_FUNCTIONS_H#defineTEST_UPDATE_IL2CPP_API_FUNCTIONS_H#include <stdint.h>#include <stddef.h>#ifndef DO_API_NO_RETURN#defineDO_API_NO_RETURN(r,n,p)DO_API(r,n,p)#endiftypedefvoid(*Il2CppMethodPointer)();typede...
il2cpp: couldn't resolve export il2cpp_method_get_name at r (D:\Stuff\Haaaaaaaaax\frida\bridge_install_web\node_modules\frida-il2cpp-bridge\dist\index.js:590) at get methodGetName (D:\Stuff\Haaaaaaaaax\frida\bridge_install_web\node_modules\frida-il2cpp-bridge\dist\index.js:471) at...
void il2cpp_add_internal_call(const char *name, Il2CppMethodPointer method); Il2CppMethodPointer il2cpp_resolve_icall(const char *a1); void *il2cpp_alloc(size_t size); void il2cpp_free(void *ptr); Il2CppClass *il2cpp_array_class_get(Il2CppClass *element_class, uint32_t rank); uint...
1~29位共28位为元数据索引信息,高三位是个枚举类型,代表元数据类型,比如kIl2CppMetadataUsageTypeInfo代表中间28位是s_Il2CppMetadataRegistration->types数组的索引,kIl2CppMetadataUsageMethodDef代表中间28位是global-metadata.dat里methods数组的索引,kIl2CppMetadataUsageStringLiteral代表中间28位是global-metadata.dat...