Hermes/Dyforge is a program written in c++ allows you to inject a dll that can analyze all processes in a program, can be used for mod and reverse engeneering
| 1 | #include "../../include/DyForge.h" |
| 2 | #include <stdexcept> |
| 3 | #include <sstream> |
| 4 | |
| 5 | namespace DyForge { |
| 6 | |
| 7 | // Constructor |
| 8 | AnalysisManager::AnalysisManager(InjectionManager& injectionManager) |
| 9 | : m_injectionManager(injectionManager) |
| 10 | , m_analysisRunning(false) { |
| 11 | } |
| 12 | |
| 13 | // Destructor |
| 14 | AnalysisManager::~AnalysisManager() { |
| 15 | if (m_analysisRunning) { |
| 16 | StopAnalysis(); |
| 17 | } |
| 18 | } |
| 19 | |
| 20 | // Analysis management |
| 21 | bool AnalysisManager::StartAnalysis() { |
| 22 | if (!m_injectionManager.IsDllInjected()) { |
| 23 | throw std::runtime_error("No DLL is injected"); |
| 24 | } |
| 25 | |
| 26 | if (m_analysisRunning) { |
| 27 | return true; |
| 28 | } |
| 29 | |
| 30 | // Send start analysis command |
| 31 | const char* command = "START_ANALYSIS"; |
| 32 | DyHexInjectError error = DyHexInject_SendCommand( |
| 33 | m_injectionManager.GetCommunication(), |
| 34 | command, |
| 35 | strlen(command) |
| 36 | ); |
| 37 | |
| 38 | if (error != DYHEXINJECT_SUCCESS) { |
| 39 | std::stringstream ss; |
| 40 | ss << "Failed to send start analysis command: " |
| 41 | << DyHexInject_GetErrorString(error); |
| 42 | throw std::runtime_error(ss.str()); |
| 43 | } |
| 44 | |
| 45 | // Wait for response |
| 46 | char responseBuffer[1024]; |
| 47 | size_t bytesReceived; |
| 48 | error = DyHexInject_ReceiveResponse( |
| 49 | m_injectionManager.GetCommunication(), |
| 50 | responseBuffer, |
| 51 | sizeof(responseBuffer), |
| 52 | &bytesReceived |
| 53 | ); |
| 54 | |
| 55 | if (error != DYHEXINJECT_SUCCESS) { |
| 56 | std::stringstream ss; |
| 57 | ss << "Failed to receive start analysis response: " |
| 58 | << DyHexInject_GetErrorString(error); |
| 59 | throw std::runtime_error(ss.str()); |
| 60 | } |
| 61 | |
| 62 | // Check response |
| 63 | std::string response(responseBuffer, bytesReceived); |
| 64 | if (response != "ANALYSIS_STARTED") { |
| 65 | std::stringstream ss; |
| 66 | ss << "Unexpected response from DLL: " << response; |
| 67 | throw std::runtime_error(ss.str()); |
| 68 | } |
| 69 | |
| 70 | m_analysisRunning = true; |
| 71 | return true; |
| 72 | } |
| 73 | |
| 74 | bool AnalysisManager::StopAnalysis() { |
| 75 | if (!m_analysisRunning) { |
| 76 | return true; |
| 77 | } |
| 78 | |
| 79 | // Send stop analysis command |
| 80 | const char* command = "STOP_ANALYSIS"; |
| 81 | DyHexInjectError error = DyHexInject_SendCommand( |
| 82 | m_injectionManager.GetCommunication(), |
| 83 | command, |
| 84 | strlen(command) |
| 85 | ); |
| 86 | |
| 87 | if (error != DYHEXINJECT_SUCCESS) { |
| 88 | std::stringstream ss; |
| 89 | ss << "Failed to send stop analysis command: " |
| 90 | << DyHexInject_GetErrorString(error); |
| 91 | throw std::runtime_error(ss.str()); |
| 92 | } |
| 93 | |
| 94 | // Wait for response |
| 95 | char responseBuffer[1024]; |
| 96 | size_t bytesReceived; |
| 97 | error = DyHexInject_ReceiveResponse( |
| 98 | m_injectionManager.GetCommunication(), |
| 99 | responseBuffer, |
| 100 | sizeof(responseBuffer), |
| 101 | &bytesReceived |
| 102 | ); |
| 103 | |
| 104 | if (error != DYHEXINJECT_SUCCESS) { |
| 105 | std::stringstream ss; |
| 106 | ss << "Failed to receive stop analysis response: " |
| 107 | << DyHexInject_GetErrorString(error); |
| 108 | throw std::runtime_error(ss.str()); |
| 109 | } |
| 110 | |
| 111 | // Check response |
| 112 | std::string response(responseBuffer, bytesReceived); |
| 113 | if (response != "ANALYSIS_STOPPED") { |
| 114 | std::stringstream ss; |
| 115 | ss << "Unexpected response from DLL: " << response; |
| 116 | throw std::runtime_error(ss.str()); |
| 117 | } |
| 118 | |
| 119 | m_analysisRunning = false; |
| 120 | return true; |
| 121 | } |
| 122 | |
| 123 | bool AnalysisManager::IsAnalysisRunning() const { |
| 124 | return m_analysisRunning; |
| 125 | } |
| 126 | |
| 127 | } // namespace DyForge |