search

vfsfitvnm / frida-il2cpp-bridge

A Frida module to dump, trace or hijack any Il2Cpp application at runtime, without needing the global-metadata.dat file.
https://github.com/vfsfitvnm/frida-il2cpp-bridge/wiki
MIT License
974 stars 199 forks source link

Unity version support #227

Closed Gabrielnero000 closed 1 year ago

Gabrielnero000 commented 1 year ago

Hello :D

I'm trying to use the library with an app that recently updated the Unity version to 2021.3.6f1 and now get this exception:

Error: "Expected version: %s. Actual version: %s." is not a valid versio." is not a valid version.
    at new Version (/frida/repl-2.js:5814:19)
    at Function.get version (/frida/repl-2.js:5483:24)
    at Function.descriptor.get (/frida/repl-2.js:243:28)
    at Function.get isBelow2018_3_0 (/frida/repl-2.js:5469:21)
    at Function.descriptor.get (/frida/repl-2.js:243:28)
    at Il2CppImage.get classes (/frida/repl-2.js:4106:19)
    at Il2CppImage.descriptor.get (/frida/repl-2.js:243:28)
    at /frida/repl-2.js:9:43
    at executor (/frida/repl-2.js:3036:13)

I believe this is the function that fails to parse the version:

    /** Gets the Unity version of the current application. */
    static get version() {
        version_1.Version.pattern = /(20\d{2}|\d)\.(\d)\.(\d{1,2})([abcfp]|rc){0,2}\d?/;
        const module = Process.getModuleByName(this.moduleName);
        const ranges = [...module.enumerateRanges("r--"), Process.getRangeByAddress(module.base)];
        for (const range of ranges) {
            const scan = Memory.scanSync(range.base, range.size, "45787065637465642076657273696f6e3a")[0];
            if (scan != undefined) {
                return new version_1.Version(scan.address.readUtf8String());
            }
        }
        (0, console_1.raise)("Couldn't obtain the Unity version. Please open an issue.");
    }

I've tried to manually set the version like this, which does work and the exception above it's not raised:

            if (scan != undefined) {
                return new version_1.Version("2021.3.6f1");
            }

But the issue is that now all implementation replacements are not working, I get the same exception about the number of arguments:

Error: bad argument count
    at NativeFunction.<anonymous> (<anonymous>)
    at Il2CppMethod.invokeRaw (/frida/repl-2.js:4367:49)  
    at Il2CppMethod.<anonymous> (/frida/repl-2.js:4377:25)
    at Il2CppObject.ls_handler.methods.OnReceive.implementation (/frida/repl-2.js:161:35)
    at InvocationContext.replaceCallback (/frida/repl-2.js:4316:34)

This is the C# definition:

    // RVA: 0x1680B84 Offset: 0x1680B84 VA: 0x1680B84
    private void OnReceive(object sender, SocketAsyncEventArgs e) { }

And this is the hooking code:

  ls_handler.methods["OnReceive"].implementation = function (sender: Il2Cpp.Object, e: Il2Cpp.Object) {
    console.log('\n------------ OnReceive ------------')
    this.methods["OnReceive"].invoke(sender, e);
    console.log('\n------------ OnReceive ------------\n')
  }

This used to work before the version update, please help :)

vfsfitvnm commented 1 year ago

It looks like you are running an outdated version of frida-il2cpp-bridge. Would you update it to 0.7.13?

Gabrielnero000 commented 1 year ago

Yeap, that was it. Many thanks!