Lessica · July 30, 2024 06:24 · dinhthiet2702 · Aug 26, 2023 · CNKCQ · Jan 2, 2024
diff --git a/MGCopyAnswer-Tweak.mm b/MGCopyAnswer-Tweak.mm
 #import <dlfcn.h>
 #import <os/log.h>
 #import <substrate.h>
 #import <Foundation/Foundation.h>

 #import "pac_helper.h"
 #define _FUNC_ADDR_(A, O) (const void *)((long)(A) + (O))

 /* ... */

 static __attribute__((constructor)) void CHConstructor20()
 {
    if (memcmp(make_sym_readable(ptrMGCopyAnswer), "\x01\x00\x80\xd2\x01\x00\x00\x14", 8) == 0)
    {
        MSHookFunction(make_sym_callable((void *)_FUNC_ADDR_(ptrMGCopyAnswer, 8)), 
                      (void *)replaced_MGCopyAnswer_internal,
                      (void **)&original_MGCopyAnswer_internal);
        
        os_log_debug(OS_LOG_DEFAULT, "Hooked legacy MGCopyAnswer_internal");
    }
    else if (memcmp(make_sym_readable(ptrMGCopyAnswer), "\x01\x00\x80\xd2", 4) == 0)
    {
        // Calculate the opcode of arm64 instruction B
        // Which is the offset of the function pointer
        
        // B <offset>
        void *bInstPtr = (void *)((uint8_t *)ptrMGCopyAnswer + 4);
        int32_t bInst = *((int32_t *)make_sym_readable(bInstPtr));
        
        // Check if it is a branch instruction
        if ((bInst & 0xFC000000) != 0x14000000) {
            os_log_error(OS_LOG_DEFAULT, "MGCopyAnswer_internal: Invalid branch instruction");
            return;
        }
        os_log_debug(OS_LOG_DEFAULT, "B instruction: 0x%x", bInst);

        int32_t offset = bInst & 0x3FFFFFF;
        if (offset & 0x2000000)
            offset |= 0xFC000000;
        offset <<= 2;
        os_log_debug(OS_LOG_DEFAULT, "Offset: 0x%x, %d", offset, offset);
        
        void *mPtrMGCopyAnswer = (void *)_FUNC_ADDR_(bInstPtr, offset);
        os_log_debug(OS_LOG_DEFAULT, "File offset of MGCopyAnswer_internal: 0x%lx", ABS((long)mPtrMGCopyAnswer - (long)handle));
        
        MSHookFunction(make_sym_callable(mPtrMGCopyAnswer), 
                      (void *)replaced_MGCopyAnswer_internal,
                      (void **)&original_MGCopyAnswer_internal);
        
        os_log_debug(OS_LOG_DEFAULT, "Hooked modern MGCopyAnswer_internal");
    }
    else
    {
        os_log_error(OS_LOG_DEFAULT, "Unsupported MGCopyAnswer");
    }
 }
	#import <dlfcn.h>
	#import <os/log.h>
	#import <substrate.h>
	#import <Foundation/Foundation.h>

	#import "pac_helper.h"
	#define _FUNC_ADDR_(A, O) (const void *)((long)(A) + (O))

	/* ... */

	static __attribute__((constructor)) void CHConstructor20()
	{
	if (memcmp(make_sym_readable(ptrMGCopyAnswer), "\x01\x00\x80\xd2\x01\x00\x00\x14", 8) == 0)
	{
	MSHookFunction(make_sym_callable((void *)_FUNC_ADDR_(ptrMGCopyAnswer, 8)),
	(void *)replaced_MGCopyAnswer_internal,
	(void **)&original_MGCopyAnswer_internal);

	os_log_debug(OS_LOG_DEFAULT, "Hooked legacy MGCopyAnswer_internal");
	}
	else if (memcmp(make_sym_readable(ptrMGCopyAnswer), "\x01\x00\x80\xd2", 4) == 0)
	{
	// Calculate the opcode of arm64 instruction B
	// Which is the offset of the function pointer

	// B <offset>
	void bInstPtr = (void )((uint8_t *)ptrMGCopyAnswer + 4);
	int32_t bInst = ((int32_t )make_sym_readable(bInstPtr));

	// Check if it is a branch instruction
	if ((bInst & 0xFC000000) != 0x14000000) {
	os_log_error(OS_LOG_DEFAULT, "MGCopyAnswer_internal: Invalid branch instruction");
	return;
	}
	os_log_debug(OS_LOG_DEFAULT, "B instruction: 0x%x", bInst);

	int32_t offset = bInst & 0x3FFFFFF;
	if (offset & 0x2000000)
	offset \|= 0xFC000000;
	offset <<= 2;
	os_log_debug(OS_LOG_DEFAULT, "Offset: 0x%x, %d", offset, offset);

	void mPtrMGCopyAnswer = (void )_FUNC_ADDR_(bInstPtr, offset);
	os_log_debug(OS_LOG_DEFAULT, "File offset of MGCopyAnswer_internal: 0x%lx", ABS((long)mPtrMGCopyAnswer - (long)handle));

	MSHookFunction(make_sym_callable(mPtrMGCopyAnswer),
	(void *)replaced_MGCopyAnswer_internal,
	(void **)&original_MGCopyAnswer_internal);

	os_log_debug(OS_LOG_DEFAULT, "Hooked modern MGCopyAnswer_internal");
	}
	else
	{
	os_log_error(OS_LOG_DEFAULT, "Unsupported MGCopyAnswer");
	}
	}