Phobos-developers · IronHammer-Std · May 14, 2026 · May 14, 2026 · May 14, 2026 · May 14, 2026
diff --git a/Debugger.vcxproj b/Debugger.vcxproj
@@ -148,15 +148,18 @@
   </ItemDefinitionGroup>
   <ItemGroup>
     <ClCompile Include="CRC32.cpp" />
+    <ClCompile Include="HookAnalyzer.cpp" />
     <ClCompile Include="Log.cpp" />
     <ClCompile Include="Main.cpp" />
     <ClCompile Include="PortableExecutable.cpp" />
     <ClCompile Include="SyringeDebugger.cpp" />
+    <ClCompile Include="ToolFunctions.cpp" />
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="CRC32.h" />
     <ClInclude Include="FindFile.h" />
     <ClInclude Include="Handle.h" />
+    <ClInclude Include="HookAnalyzer.h" />
     <ClInclude Include="Log.h" />
     <ClInclude Include="PortableExecutable.h" />
     <ClInclude Include="resource.h" />

diff --git a/Debugger.vcxproj.filters b/Debugger.vcxproj.filters
@@ -13,6 +13,9 @@
       <UniqueIdentifier>{e85625c5-48c3-4acf-a47a-873697970105}</UniqueIdentifier>
       <Extensions>ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe</Extensions>
     </Filter>
+    <Filter Include="Components">
+      <UniqueIdentifier>{0a7cbdbd-6556-4c84-b288-4ffa95f8120b}</UniqueIdentifier>
+    </Filter>
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="CRC32.cpp">
@@ -30,6 +33,12 @@
     <ClCompile Include="SyringeDebugger.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
+    <ClCompile Include="HookAnalyzer.cpp">
+      <Filter>Components</Filter>
+    </ClCompile>
+    <ClCompile Include="ToolFunctions.cpp">
+      <Filter>Components</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="CRC32.h">
@@ -56,6 +65,9 @@
     <ClInclude Include="Support.h">
       <Filter>Header Files</Filter>
     </ClInclude>
+    <ClInclude Include="HookAnalyzer.h">
+      <Filter>Components</Filter>
+    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <ResourceCompile Include="res.rc">

diff --git a/HookAnalyzer.cpp b/HookAnalyzer.cpp
@@ -0,0 +1,147 @@
+#include "HookAnalyzer.h"
+#include "Handle.h"
+//#include "Setting.h"
+#include <filesystem>
+#include "Log.h"
+#include "resource.h"
+
+const std::string& ExecutableDirectoryPath();
+
+void HookAnalyzer::Add(HookAnalyzeData&& Data, bool Show)
+{
+	if (Show)
+	{
+		ByLibName[Data.Lib].push_back(Data);
+		HookMap[Data.Lib + AnalyzerDelim + Data.Proc] = Data;
+		ByAddress[Data.Addr].push_back(Data);
+	}
+
+	HookMapEx[Data.Lib + AnalyzerDelim + Data.Proc] = Data;
+	ByLibNameEx[Data.Lib].push_back(Data);
+	ByAddressEx[Data.RelLib][Data.Addr].push_back(std::move(Data));
+}
+
+bool HookAnalyzer::ReportLOG(bool ByAddr, bool ByLib)
+{
+	constexpr auto const VersionString = "SyringeEx " SYRINGEEX_VER_TEXT ", based on Syringe 0.7.2.0";
+
+	FileHandle File = FileHandle(fopen("HookAnalysis.log", "w"));
+	if (!File)return false;
+	fprintf(File, "%s will analyze the specified hooks.\n", VersionString);
+	if (ByAddr)
+	{
+		fputs("========================\n", File);
+		fputs("By Hook Position: （Execution order for each address）\n", File);
+		for (auto& p : ByAddress)
+		{
+			fprintf(File, "At %08X : \n", p.first);
+			for (auto v : p.second)
+			{
+				//fprintf(File, "Hook\"%s, Relative to\"%s\", From\"%s\", %d Bytes Overridden ,Priority %d, Sub Priority \"%s\"\n", v.Proc.c_str(), v.RelLib.c_str(), v.Lib.c_str(), v.Len, v.Priority, v.SubPriority.c_str());
+				fprintf(File, "Hook\"%s, From\"%s\", %d Bytes Overridden\n", v.Proc.c_str(), v.Lib.c_str(), v.Len);
+			}
+		}
+	}
+
+	if (ByLib)
+	{
+		fputs("========================\n", File);
+		fputs("By Hook Source: \n", File);
+		for (auto& p : ByLibName)
+		{
+			fprintf(File, "Analyzing DLL : \"%s\" ……\n", p.first.c_str());
+			for (auto v : p.second)
+			{
+				//fprintf(File, "Hook\"%s, Relative to\"%s\", From\"%s\", %d Bytes Overridden ,Priority %d, Sub Priority \"%s\"\n", v.Proc.c_str(), v.RelLib.c_str(), v.Lib.c_str(), v.Len, v.Priority, v.SubPriority.c_str());
+				fprintf(File, "Hook\"%s, From\"%s\", %d Bytes Overridden\n", v.Proc.c_str(), v.Lib.c_str(), v.Len);
+			}
+		}
+	}
+
+	fputs("========================\n", File);
+	fprintf(File, "%s : Complete.\n", VersionString);
+	return true;
+}
+
+bool HookAnalyzer::ReportNDJSON()
+{
+	//TODO
+	//Until a JSON library is chosen and imported
+	//A format may work : 
+	//every line :
+	//Hook Address / Name / Source / Bytes Overridden
+}
+
+bool HookAnalyzer::HasHookConflict(bool ShowHookConflictPopup)
+{
+	//check if there are conflicting hooks
+	bool Conflict = false;
+	for (auto& [lib, byaddr] : ByAddressEx)
+	{
+		std::vector<std::vector<HookAnalyzeData>*> SortedHooks;
+		for (auto& p : byaddr)
+			SortedHooks.push_back(&p.second);
+		std::sort(SortedHooks.begin(), SortedHooks.end(), [](const auto& lhs, const auto& rhs) -> bool
+			{
+				return lhs->front().Addr < rhs->front().Addr;
+			});
+		for (size_t i = 0; i < SortedHooks.size() - 1; i++)
+		{
+			auto Addr1 = SortedHooks[i]->front().Addr;
+			auto Addr2 = SortedHooks[i + 1]->front().Addr;
+			auto Len1 = std::max_element(SortedHooks[i]->begin(), SortedHooks[i]->end(), [](const auto& lhs, const auto& rhs) -> bool
+				{
+					return lhs.Len < rhs.Len;
+				})->Len;
+			Len1 = std::max(Len1, 5);//a JMP is 5 bytes
+			if (Addr1 + Len1 > Addr2)
+			{
+				Log::WriteLine("Hook Conflict Detected:");
+				for (auto& v : *SortedHooks[i])
+					//Log::WriteLine("Hook\"%s, Relative to\"%s\", From\"%s\", %d Bytes Overridden ,Priority %d, Sub Priority \"%s\"\n", v.Proc.c_str(), v.RelLib.c_str(), v.Lib.c_str(), v.Len, v.Priority, v.SubPriority.c_str());
+					Log::WriteLine("Hook\"%s, From\"%s\", %d Bytes Overridden\n", v.Proc.c_str(), v.Lib.c_str(), v.Len);
+				for (auto& v : *SortedHooks[i + 1])
+					//Log::WriteLine("Hook\"%s, Relative to\"%s\", From\"%s\", %d Bytes Overridden ,Priority %d, Sub Priority \"%s\"\n", v.Proc.c_str(), v.RelLib.c_str(), v.Lib.c_str(), v.Len, v.Priority, v.SubPriority.c_str());
+					Log::WriteLine("Hook\"%s, From\"%s\", %d Bytes Overridden\n", v.Proc.c_str(), v.Lib.c_str(), v.Len);
+				if (!Conflict && ShowHookConflictPopup)
+				{
+					wchar_t ErrorStr[1000];
+					swprintf_s(ErrorStr, 1000, L"Hook Conflict detected at 0x%08X and 0x%08X , see details in Syringe.log.", Addr1, Addr2);
+					MessageBoxW(NULL, ErrorStr, L"SyringeEx", MB_OK | MB_ICONERROR);
+				}
+				Conflict = true;
+			}
+		}
+	}
+	return Conflict;
+}
+
+bool HookAnalyzer::GenerateINJ()
+{
+	//Log::WriteLine(ExecutableDirectoryPath().c_str());
+	auto path = ExecutableDirectoryPath() + "\\INJ";
+	auto pp = CreateDirectoryA(path.c_str(), NULL);
+	if (pp || GetLastError() == ERROR_ALREADY_EXISTS)
+	{
+		//Log::WriteLine((path + "\\").c_str());
+		for (auto& p : ByLibNameEx)
+		{
+			//Log::WriteLine((path + "\\" + p.first).c_str());
+			FileHandle File = FileHandle(fopen((path + "\\" + p.first + ".inj").c_str(), "w"));
+			if (!File)return false;
+			for (auto& h : p.second)
+			{
+				if (!h.RelLib.empty())
+					fputs(";Relative Hook Found ,failed to Generate", File);
+				else if (!h.SubPriority.empty())
+					fprintf(File, "%X=%s,%X,%d,%s\n", h.Addr, h.Proc.c_str(), h.Len, h.Priority, h.SubPriority.c_str());
+				else if (h.Priority == DefaultPriority)
+					fprintf(File, "%X=%s,%X\n", h.Addr, h.Proc.c_str(), h.Len);
+				else
+					fprintf(File, "%X=%s,%X,%d\n", h.Addr, h.Proc.c_str(), h.Len, h.Priority);
+			}
+		}
+		return true;
+	}
+	return false;
+}
diff --git a/HookAnalyzer.h b/HookAnalyzer.h
@@ -0,0 +1,52 @@
+#pragma once
+
+#include<vector>
+#include<unordered_map>
+#include<string>
+
+const std::string AnalyzerDelim = "\\*^*\\";
+const int DefaultPriority = 100000;
+
+struct HookAnalyzeData
+{
+	std::string Lib;
+	std::string Proc;
+	int Addr;
+	int Len;
+
+	int Priority{ DefaultPriority };
+	std::string SubPriority{ "" };
+	std::string RelLib{ "" };
+};
+
+class HookAnalyzer
+{
+private:
+	std::unordered_map<std::string, std::vector<HookAnalyzeData>> ByLibName;
+	std::unordered_map<std::string, std::vector<HookAnalyzeData>> ByLibNameEx;
+public:
+	std::unordered_map<std::string, HookAnalyzeData> HookMap;
+	std::unordered_map<int, std::vector<HookAnalyzeData>> ByAddress;
+	std::unordered_map<std::string, HookAnalyzeData> HookMapEx;
+	std::unordered_map<std::string, std::unordered_map<int, std::vector<HookAnalyzeData>>> ByAddressEx;
+
+	void Add(HookAnalyzeData&& , bool Show);
+	bool ReportLOG(bool ByAddr, bool ByLib);
+	bool ReportNDJSON();//TODO
+	bool GenerateINJ();
+	bool HasHookConflict(bool ShowHookConflictPopup);
+};
+
+//static constexpr size_t MaxNameLength = 0x100u;
+//
+//struct Hook
+//{
+//	char lib[MaxNameLength];
+//	char proc[MaxNameLength];
+//	void* proc_address;
+//
+//	size_t num_overridden;
+//	int Priority;
+//	char SubPriority[MaxNameLength];
+//	char RelativeLib[MaxNameLength];
+//};
diff --git a/SyringeDebugger.cpp b/SyringeDebugger.cpp
@@ -1,4 +1,4 @@
-#include "SyringeDebugger.h"
+#include "SyringeDebugger.h"
 
 #include "CRC32.h"
 #include "FindFile.h"
@@ -788,8 +788,28 @@ DWORD SyringeDebugger::HandleException(DEBUG_EVENT const& dbgEvent)
     return DBG_CONTINUE;
 }
 
-void SyringeDebugger::Run(std::string_view const arguments)
+void SyringeDebugger::Run(std::string_view arguments)
 {
+    if(bDryRun)
+    {
+        Log::WriteLine(__FUNCTION__ ": Entering dry run mode, not actually running the process.");
+		DryRun(arguments);
+	}
+    else
+    {
+        RealRun(arguments);
+    }
+}
+
+void SyringeDebugger::DryRun(std::string_view const arguments)
+{
+    PreLoadData();
+}
+
+void SyringeDebugger::RealRun(std::string_view const arguments)
+{
+    PreLoadData();
+
     constexpr auto AllocDataSize = sizeof(AllocData);
 
     Log::WriteLine(
@@ -937,6 +957,36 @@ void SyringeDebugger::Run(std::string_view const arguments)
     Log::WriteLine();
 }
 
+void SyringeDebugger::PreLoadData()
+{
+    if (bReportLOG)
+    {
+        Log::WriteLine(__FUNCTION__ ": Writing Hook Analysis Report LOG……", v_AllHooks.size());
+        if(analyzer.ReportLOG(bReportLogByAddress, bReportLogByLibrary))Log::WriteLine(__FUNCTION__ ": Complete, see HookAnalysis.log 。", v_AllHooks.size());
+        else Log::WriteLine(__FUNCTION__ ": Failed to generate.", v_AllHooks.size());
+    }
+
+    if (bReportJSON)
+    {
+        Log::WriteLine(__FUNCTION__ ": Writing Hook Analysis Report JSON……", v_AllHooks.size());
+        if (analyzer.ReportNDJSON())Log::WriteLine(__FUNCTION__ ": Complete, see HookAnalysis.json 。", v_AllHooks.size());
+        else Log::WriteLine(__FUNCTION__ ": Failed to generate.", v_AllHooks.size());
+    }
+
+    if (bDetectConflict)
+    {
+        analyzer.HasHookConflict(bShowHookConflictPopup);
+    }
+
+    if (bGenerateINJ)
+    {
+        Log::WriteLine(__FUNCTION__ ": Creating INJ files...");
+        if (analyzer.GenerateINJ())
+            Log::WriteLine(__FUNCTION__ ": Complete.");
+        else Log::WriteLine(__FUNCTION__ ": Failed.");
+    }
+}
+
 void SyringeDebugger::RemoveBP(LPVOID const address, bool const restoreOpcode)
 {
     if (auto const i = Breakpoints.find(address); i != Breakpoints.end())
@@ -1108,6 +1158,11 @@ void SyringeDebugger::FindDLLs()
     {
         for (auto& i : it.second.hooks)
         {
+            std::string_view filename = i.lib;
+            auto sz = filename.find_last_of('\\');
+            auto sv = (sz != std::string_view::npos) ? filename.substr(sz + 1, filename.size() - sz - 1) : filename;
+            analyzer.Add(HookAnalyzeData{ sv.data(), i.proc, (int)it.first, (int)i.num_overridden }, true);
+
             v_AllHooks.push_back(&i);
         }
     }