hackf5 / unityspy Goto Github PK
View Code? Open in Web Editor NEWAn open source MIT licensed rewrite of the now closed source HearthMirror (that's about 100 times faster than HearthMirror)
License: MIT License
An open source MIT licensed rewrite of the now closed source HearthMirror (that's about 100 times faster than HearthMirror)
License: MIT License
Hey,
I have a user who reported an "Access denied" issue with the following stack trace:
Access is denied
at System.Diagnostics.ProcessManager.OpenProcess(Int32 processId, Int32 access, Boolean throwIfExited)
at System.Diagnostics.Process.GetProcessHandle(Int32 access, Boolean throwIfExited)
at System.Diagnostics.Process.OpenProcessHandle(Int32 access)
at System.Diagnostics.Process.get_Handle()
at HackF5.UnitySpy.Util.Native.GetProcessModulePointers(ProcessFacade process)
at HackF5.UnitySpy.AssemblyImageFactory.GetMonoModule(ProcessFacade process)
at HackF5.UnitySpy.AssemblyImageFactory.Create(Int32 processId, String assemblyName)
Running the app in Admin mode solves the issue.
However it's difficult to ask users to run the app as admin. Are you familiar with this? Are you aware of a way to ask for less permissions, so that it might work in more restrictive environments?
Looking at the trace I'm not sure exactly what part is causing the issue. It looks like Native.EnumProcessModulesEx
is the only thing that does some actual access here, so it's probably it?
Uploading UnitySpy.dll to https://www.virustotal.com results in some engines flagging the DLL as malware:
I wanted to know what piece of code was raising the flag, so I've started removing some code from the DLL and submitting it to the scan until I had a full green result.
I did two tests, removing the code in a different order:
In https://github.com/hackf5/unityspy/tree/investigate_antivurs_scan, I started to remove the Util package, then slowly removed some code from the Detail package. The code present in the branch still fails the 9 antivirus checks.
However, if I remove any line from ITypeDefinition or IFieldDefinition (and their corresponding implementation), the test is suddenly green, even though the methods do nothing and are never called.
In https://github.com/hackf5/unityspy/tree/test2_antivirus I then did it the other way around: start by removing code from the interfaces (and the implementations), then from the classes in Detail. The code present in the branch fails the 9 engines.
However, if I remove any line from what's left of TypeCode, the result is suddenly full green.
(maybe worth noting: if I remove one line, and replace it with a random value, it still fails)
In short, I have no clue as to what's going on :/
The game that I'm trying to get state out of stores state on a script mounted on a GameObject.
Is there any way to get this data? There are no static references to that GameObject, and there are no static instances of the state class.
I know that Cheat Engine has functionality to find instances of an object. Could that be implemented here? (I don't know much about Assemblies.)
Hi there,
first of all this is a really crazy and cool project and might help me out a lot as i've been struggeling to get data from the game my current project it about.
So right now i'm trying to get it working but it throws this exception right from the point where i select the process:
Game executable file closed, unity version = 2020.3.31.7034039.
The unity version the process is running (2020.3.31 in 64 bits mode) is not supported.
Offsets of 2020.3.13 selected instead.
System.ArgumentNullException: Value cannot be null. (Parameter 'moduleInfo')
at HackF5.UnitySpy.ProcessFacade.ProcessFacade.ReadModule(ModuleInfo moduleInfo) in C:\dev\github.com\unityspy\src\HackF5.UnitySpy\ProcessFacade\ProcessFacade.cs:line 164
at HackF5.UnitySpy.ProcessFacade.UnityProcessFacade.ReadModule(ModuleInfo moduleInfo) in C:\dev\github.com\unityspy\src\HackF5.UnitySpy\ProcessFacade\UnityProcessFacade.cs:line 59
at HackF5.UnitySpy.AssemblyImageFactory.Create(UnityProcessFacade process, String assemblyName) in C:\dev\github.com\unityspy\src\HackF5.UnitySpy\AssemblyImageFactory.cs:line 35
at HackF5.UnitySpy.Gui.Avalonia.ViewModel.MainWindowViewModel.BuildImageAsync() in C:\dev\github.com\unityspy\src\HackF5.UnitySpy.Gui.Avalonia\ViewModel\MainWindowViewModel.cs:line 355
I've tried to debug though it and it seems it's trying to find mono-2.0-bdwgc.dll
in the game process but that does not exist.
Any help on this is greatly appreciated!
Hey!
I just stumbled upon your article, which is a godsend - I've been looking for something like this for ages, as I was struggling to figure my way inside HearthMirror.
I have yet to test it (on the phone at the moment), but I just wanted to let you know that the Offsets have changed following the latest patch, that uses a new version of Unity.
See https://github.com/HearthSim/HearthMirror/commit/e3d4d5c751817c5e0a3ebaaad81647c1d8cada8f
(also, I think it will be a bit easier to maintain if all the offsets are maintained as constants in their own class, instead as appearing as magic numbers inside the code).
Thanks again!
@frcaton Sorry for the ping, but I need your help here. I don't know how to work on this in a systematic way, and I'm fumbling in the dark.
Would you be available for a paid contracting work to add support for this version, as well as teaching me how to do it next time?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.