A configurable pattern finder for static analysis written in Dart

Related tags

Utilities mistdumper
Overview

mistdumper

A configurable pattern finder for static analysis written in Dart.

It is meant to retrieve offsets from file on disk without running them.

This project has been inspired by hazedumper which is a runtime signature finder.

Usage

mistdumper.exe [options] <executablePath>

options :

-c, --config=<path> (mandatory)      Path of the config file
-f, --format=<format> (mandatory)    The output format
    --[no-]versioned                 Should the version be appended to file name
executablePath                       Path of the executable to parse

Formatters

Mistdumper can format to multiple output formats.

Currently implemented output formats are :

  • Dart
  • C++
  • CSharp

JSON configuration

Full structure :

{
  "name": "ExampleApp Signature List",
  "appname": "ExampleApp",
  "version": "0.0.0.1",
  "author": "Midi12",
  "signatures" : [
    {
      "name": "s_globalPtr",
      "relative": true,
      "dereference": false,
      "dereference_size": 0,
      "offset": 3,
      "extra": 12,
      "pattern": "DE AD BE ?? ?? ?? ?? EF DE AD C0 DE ?? ?? ?? ??",
      "namespace": "Statics"
    }
  ]
}
  • name : mandatory
  • pattern : mandatory
  • namespace : mandatory
  • dereference : optional (default value : false)
  • dereference_size : optional (default value : 4)
  • relative : optional (default value : false)
  • offset : optional (default value : 0)
  • extra : optional (default value : 0)

Full example of JSON configuration:

{
  "name": "ExampleApp Signature List",
  "appname": "ExampleApp",
  "version": "0.0.0.1",
  "author": "Midi12",
  "signatures" : [
    {
      "name": "s_globalPtr",
      "relative": true,
      "offset": 3,
      "pattern": "DE AD BE ?? ?? ?? ?? EF DE AD C0 DE ?? ?? ?? ??",
      "namespace": "Statics"
    },
    {
      "name": "s_globalPtr__pOffset",
      "dereference": true,
      "dereference_size": 4,
      "offset": 8,
      "pattern": "DE AD BE ?? ?? ?? ?? EF DE AD C0 DE ?? ?? ?? ??",
      "namespace": "Offsets"
    },
    {
      "name": "ExampleFunction",
      "extra": 12,
      "pattern": "DE AD BE ?? ?? ?? ?? EF DE AD C0 DE ?? ?? ?? ??",
      "namespace": "Functions"
    }
  ]
}

Example outputs

Dart :

library mistdumper;


	class Functions {
		static const int ExampleFunction = 0xdeadc0de;
	}
	class Offsets {
		static const int s_globalPtr__pOffset = 0xc0ffee;
	}
	class Statics {
		static const int s_globalPtr = 0xdeadbeef;
	}

C++ :

#pragma once
#include <cstdint>

namespace mistdumper {

	namespace Functions {
			constexpr ptrdiff_t ExampleFunction = 0xdeadc0de;
	}
	namespace Offsets {
			constexpr ptrdiff_t s_globalPtr__pOffset = 0xc0ffee;
	}
	namespace Statics {
			constexpr ptrdiff_t s_globalPtr = 0xdeadbeef;
	}

}

CSharp :

using System;

namespace MistDumper
{

	public static class Functions {
			public static readonly UIntPtr ExampleFunction = 0xdeadc0de;
	}
	public static class Offsets {
			public static readonly UIntPtr s_globalPtr__pOffset = 0xc0ffee;
	}
	public static class Statics {
			public static readonly UIntPtr s_globalPtr = 0xdeadbeef;
	}

}

Building from the source

You need Dart SDK 2.12.0 at least (https://dart.dev/get-dart).

In case you modified the JSON class you need to run dart run build_runner build.

Run dart compile exe .\bin\mistdumper.dart -o .\build\mistdumper.exe.

You might also like...

Dart wrapper via dart:ffi for https://github.com/libusb/libusb

libusb Dart wrapper via dart:ffi for https://github.com/libusb/libusb Environment Windows(10) macOS Linux(Ubuntu 18.04 LTS) Usage Checkout example Fea

Dec 20, 2022

Extensible Dart interpreter for Dart with full interop

dart_eval is an extensible interpreter for the Dart language, written in Dart. It's powered under the hood by the Dart analyzer, so it achieves 100% c

Dec 28, 2022

Quiver is a set of utility libraries for Dart that makes using many Dart libraries easier and more convenient, or adds additional functionality.

Quiver is a set of utility libraries for Dart that makes using many Dart libraries easier and more convenient, or adds additional functionality.

Jan 2, 2023

AOP for Flutter(Dart)

AOP for Flutter(Dart)

AspectD Salute to AspectJ. AspectD is an AOP(aspect oriented programming) framework for dart. Like other traditional aop framework, AspectD provides c

Jan 7, 2023

Environment specific config generator for Dart and Flutter applications during CI/CD builds

Environment Config Generator Environment specific config generator. Allows to specify env configuration during CI/CD build. Primarily created to simpl

Dec 2, 2022

A Very Good Command Line Interface for Dart created by Very Good Ventures 🦄

A Very Good Command Line Interface for Dart created by Very Good Ventures 🦄

Very Good CLI Developed with 💙 by Very Good Ventures 🦄 A Very Good Command Line Interface for Dart. Installing $ dart pub global activate very_good_

Jan 8, 2023

🚀The Flutter dart code generator from zeplin. ex) Container, Text, Color, TextStyle, ... - Save your time.

🚀The Flutter dart code generator from zeplin. ex) Container, Text, Color, TextStyle, ... - Save your time.

Flutter Gen Zeplin Extension 🚀 The Flutter dart code generator from zeplin. ex) Container, Text, Color, TextStyle, ... - Save your time. ⬇ 1.1k Getti

Oct 12, 2022

Dart language version of Persian-Tools

Dart language version of Persian-Tools

Persian tools Persian Tools dart package which you can use in all platforms Features Adding ordinal suffixes Converting Persian words to number Conver

Dec 29, 2022

A Dart package to web scraping data from websites easily and faster using less code lines.

Chaleno A flutter package to webscraping data from websites This package contains a set of high-level functions that make it easy to webscrap websites

Dec 29, 2022
Releases(v1.0.2)
Owner
Software engineering consultant at day, hobbyist reverse engineer at night, also file analyst @UnKnoWnCheaTs
null
GitHub
Reflectable is a Dart library that allows programmers to eliminate certain usages of dynamic reflection by specialization of reflective code to an equivalent implementation using only static techniques

Reflectable is a Dart library that allows programmers to eliminate certain usages of dynamic reflection by specialization of reflective code to an equivalent implementation using only static techniques. The use of dynamic reflection is constrained in order to ensure that the specialized code can be generated and will have a reasonable size.

Google 318 Dec 31, 2022
Morphological analysis of Japanese sentences. This Flutter plugin helps you to analyze Japanese sentences.

ringo ringo is japanese word separator. Usage final ringo = await Ringo.init(); final tokenized = ringo.tokenize('吾輩はRingoである'); print('tokenized: $to

ryo 8 Oct 31, 2022
An application built using Flutter that holds a static personal/professional informations related to me in the form of card.(Digital Visiting Card)

mi_card_flutter A new Flutter application. Getting Started This project is a starting point for a Flutter application. A few resources to get you star

dev_allauddin 3 Feb 3, 2022
Log snapshot management solution (iOS/Android/Web/Server) built with Flutter/Dart using Bloc pattern and Firebase Firestore backend.

Log snapshot management solution (iOS/Android/Web/Server) built with Flutter/Dart using Bloc pattern and Firebase Firestore backend.

Alexey Perov 5 Nov 9, 2022
Provides Dart Build System builder for creating Injection pattern using annotations.

Provides Dart Build System builder for creating Injection pattern using annotations. Gate generator The core package providing generators using annoat

Apparence.io 17 Dec 20, 2022
How to use the Robot Testing pattern in Flutter

Robot Testing Pattern in Flutter Developed with ?? by Very Good Ventures ?? This project showcases how to apply the Robot Testing pattern to a Flutter

Very Good Ventures 38 Dec 16, 2022
Dependency Injection is a great design pattern that allows us to eliminate rigid dependencies between elements and it makes the application more flexible

GetX lib DI pattern Dependency Injection is a great design pattern that allows us to eliminate rigid dependencies between elements and it makes the ap

Trương Việt Hoàng 4 Feb 1, 2022
Simple & Beautiful Note taking app written in dart with flutter UI toolkit.

Notes is a privacy oriented, Secure ,beautiful and fast application made in flutter, it supports various features like adding and saving notes. Hiding

null 26 Dec 30, 2022
Uproot(uprt) is a multi-platform (Windows, MacOs, and Linux) command line utility written in Dart to convert a router's DHCP IP Reservations between routers

UPROOT Uproot(uprt) is a multi-platform (Windows, MacOs, and Linux) command line utility written in Dart to convert a router's DHCP IP Reservations be

GeekVisit 73 Jan 1, 2023
A Dart build script that downloads the Protobuf compiler and Dart plugin to streamline .proto to .dart compilation.

A Dart build script that downloads the Protobuf compiler and Dart plugin to streamline .proto to .dart compilation.

Julien Scholz 10 Oct 26, 2022