static void OnAttach(void) { gLog.OpenRelative(CSIDL_MYDOCUMENTS, "\\My Games\\Skyrim\\SKSE\\skse_steam_loader.log"); gLog.SetPrintLevel(IDebugLog::kLevel_Error); gLog.SetLogLevel(IDebugLog::kLevel_DebugMessage); FILETIME now; GetSystemTimeAsFileTime(&now); _MESSAGE("skse loader %08X (steam) %08X%08X %s", PACKED_SKSE_VERSION, now.dwHighDateTime, now.dwLowDateTime, GetOSInfoStr().c_str()); _MESSAGE("base addr = %08X", g_dllHandle); UInt32 oldProtect; _GetSystemTimeAsFileTime_IAT = (_GetSystemTimeAsFileTime *)GetIATAddr((UInt8 *)GetModuleHandle(NULL), "kernel32.dll", "GetSystemTimeAsFileTime"); if(_GetSystemTimeAsFileTime_IAT) { _MESSAGE("GetSystemTimeAsFileTime IAT = %08X", _GetSystemTimeAsFileTime_IAT); VirtualProtect((void *)_GetSystemTimeAsFileTime_IAT, 4, PAGE_EXECUTE_READWRITE, &oldProtect); _MESSAGE("original GetSystemTimeAsFileTime = %08X", *_GetSystemTimeAsFileTime_IAT); GetSystemTimeAsFileTime_Original = *_GetSystemTimeAsFileTime_IAT; *_GetSystemTimeAsFileTime_IAT = GetSystemTimeAsFileTime_Hook; _MESSAGE("patched GetSystemTimeAsFileTime = %08X", *_GetSystemTimeAsFileTime_IAT); UInt32 junk; VirtualProtect((void *)_GetSystemTimeAsFileTime_IAT, 4, oldProtect, &junk); } else { _ERROR("couldn't read IAT"); } // win8 automatically initializes the stack cookie, so the previous hook doesn't get hit _GetStartupInfoA_IAT = (_GetStartupInfoA *)GetIATAddr((UInt8 *)GetModuleHandle(NULL), "kernel32.dll", "GetStartupInfoA"); if(_GetStartupInfoA_IAT) { _MESSAGE("GetStartupInfoA IAT = %08X", _GetStartupInfoA_IAT); VirtualProtect((void *)_GetStartupInfoA_IAT, 4, PAGE_EXECUTE_READWRITE, &oldProtect); _MESSAGE("original GetStartupInfoA = %08X", *_GetStartupInfoA_IAT); GetStartupInfoA_Original = *_GetStartupInfoA_IAT; *_GetStartupInfoA_IAT = GetStartupInfoA_Hook; _MESSAGE("patched GetStartupInfoA = %08X", *_GetStartupInfoA_IAT); UInt32 junk; VirtualProtect((void *)_GetStartupInfoA_IAT, 4, oldProtect, &junk); } }
void Hooks_Debug_Init(void) { GetSystemTime(&s_launchTime); UInt32 enableMiniDump = 0; GetConfigOption_UInt32("Debug", "WriteMinidumps", &enableMiniDump); if(enableMiniDump) { _MESSAGE("minidumps enabled"); // try to get dbghelp s_dbgHelpDLL = LoadLibrary("dbghelp.dll"); if(s_dbgHelpDLL) { s_dbgHelpWriteDump = (_MiniDumpWriteDump)GetProcAddress(s_dbgHelpDLL, "MiniDumpWriteDump"); if(!s_dbgHelpWriteDump) _WARNING("dbghelp missing MiniDumpWriteDump, upgrade to dbghelp 5.1 or later"); } else { _MESSAGE("no dbghelp"); } // we want to catch crashes from hook commit, apply exception filter in Init function if(s_dbgHelpDLL && s_dbgHelpWriteDump) { // precalculate as much as possible char myDocumentsPath[MAX_PATH]; ASSERT(SUCCEEDED(SHGetFolderPath(NULL, CSIDL_MYDOCUMENTS, NULL, SHGFP_TYPE_CURRENT, myDocumentsPath))); sprintf_s(s_crashDumpPath, sizeof(s_crashDumpPath), "%s\\My Games\\Skyrim\\SKSE\\Crashdumps\\%04d-%02d-%02d_%02d.%02d.%02d.dmp", myDocumentsPath, s_launchTime.wYear, s_launchTime.wMonth, s_launchTime.wDay, s_launchTime.wHour, s_launchTime.wMinute, s_launchTime.wSecond); IFileStream::MakeAllDirs(s_crashDumpPath); // replace previous exception filter s_oldExceptionFilter = SetUnhandledExceptionFilter(ExceptionFilter); _MESSAGE("old exception filter = %08X", s_oldExceptionFilter); // disable game overwriting exception filter UInt32 thunkAddress = (UInt32)GetIATAddr((UInt8 *)GetModuleHandle(NULL), "kernel32.dll", "SetUnhandledExceptionFilter"); SafeWrite32(thunkAddress, (UInt32)SetUnhandledExceptionFilter_Hook); } } }
static void HookIAT() { ___telemetry_main_invoke_trigger * iat = (___telemetry_main_invoke_trigger *)GetIATAddr(GetModuleHandle(NULL), "VCRUNTIME140.dll", "__telemetry_main_invoke_trigger"); if(iat) { _MESSAGE("found iat at %016I64X", iat); __telemetry_main_invoke_trigger_Original = *iat; _MESSAGE("original thunk %016I64X", __telemetry_main_invoke_trigger_Original); SafeWrite64(uintptr_t(iat), (UInt64)__telemetry_main_invoke_trigger_Hook); _MESSAGE("patched iat"); } else { _MESSAGE("couldn't find __telemetry_main_invoke_trigger"); } }