中文 | English
uniref is a framework to assist in analyzing Unity applications. It can help you obtain reflection information of classes, methods, fields, etc. in Unity applications, allowing you to view and manipulate them in real time.
You can use this framework to convert some of your analysis results into Python code, which is convenient for you to develop plug-ins for Unity applications.
- Support for obtaining reflection information through symbols
- Support real-time acquisition and modification of class attribute values
- Support real-time acquisition and modification of class method implementation and call class method
- Modifications are done in memory without modifying the source file
- Bypass some code protection mechanisms (compression, encryption, etc.) to avoid tedious reverse engineering
- Supports analysis of
MonoandIL2CPPtwo scripting backends - Supports profiling 32/64-bit Unity apps running on Windows x86 64-bit and Android ARM architecture
uniref requires Windows Python 3.7+ (64-bit) operating environment, you can complete the installation through pip:
pip install -U unirefA piece of code completed using the uniref framework is given below, which solves a reverse challenge of MRCTF2021.
from uniref import WinUniRef
ref = WinUniRef("GameHack.exe")
class_GetFlag = ref.find_class_in_image("Assembly-CSharp.dll", "Platformer.Flag.GetFlag")
class_GetFlag.find_field("goHome").value = True
class_GetFlag.find_field("findAlien").value = True
class_GetFlag.find_field("eatCookie").value = True
method_EatTokenUpdateKey = class_GetFlag.find_method("EatTokenUpdateKey")
for i in range(105):
method_EatTokenUpdateKey()Documentation also gives example code for analyzing Sons Of The Forest, Goose Goose Duck, Dream Blast, Temple Run, etc.
If you have any suggestions or needs, please submit Issues.
If you are interested in improving this framework together, you are welcome to submit Pull requests.