DrAg0n Protection (2012 ) Source code ( Clear )

#include <windows.h>
#include <stdio.h>
#include <fcntl.h>
#include <io.h>
#include <iostream>
#include <fstream>
#include <vector>
#include "detours.h"
#include <string>
#include <Wincrypt.h>
int hConHandle;
long lStdHandle;

#define dll extern "C" __declspec(dllexport)

using namespace std;

static const WORD MAX_CONSOLE_LINES = 1000;

// Aedes Protection


    string name = "Metin2Deluxe",
    version = "1.1.0.0",
    date = "18/03/2012";


#pragma region Prototipi Funzioni

dll void showInfo();
dll void get_pack(void);
dll void sub_get(void);
dll BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved);
dll void RedirectIOToConsole();
dll void FixExtractor();
dll void RedirectIOToConsole( void );
dll void get_name();
dll void lzo_func_1();
dll void lzo_func_2();
dll void lzo_func_3();
dll void lzo_func_4();
dll int xtea(int,int,LPBYTE,int);
dll void block_get();
dll int check(int,int,char*);
dll void xxtea();
dll void pong_func();
dll void block_ref();
dll void block_switch();

#pragma endregion Prototipi Funzioni
#pragma region Dichiarazioni

DWORD fileName_add;

// GetPack
DWORD push_0070F89B = 0x0070F89B;
DWORD call_005769F0 = 0x005769F0;
DWORD call_00576B90 = 0x00576B90;
DWORD call_00640230 = 0x00640230;
DWORD push_0073E6B4 = 0x0073E6B4;
DWORD call_0065932E = 0x0065932E;
DWORD push_0073E6AC = 0x0073E6AC;
DWORD push_0073E6A4 = 0x0073E6A4;
DWORD call_00571070 = 0x00571070;
DWORD call_005D6BA0 = 0x005D6BA0;
DWORD call_00571290 = 0x00571290;
DWORD call_0073E6A0 = 0x0073E6A0;
DWORD call_00571460 = 0x00571460;
DWORD call_0063F020 = 0x0063F020;

DWORD call_005DF7D0 = 0x005DF7D0;

int count = 0;

// end - GetPack Ref;

// SubGet - Ref
    DWORD call_005D3FC0 = 0x005D3FC0;
    DWORD call_005D63F0 = 0x005D63F0;
// End SubGet - Ref

char* control_1 = ".pyc";
char* control_2 = ".txt";
char* info,*info2,  *info3, *info4, *info5, *info6;

// Start Lzo_func_1 Ref;
DWORD call_005D7F80 = 0x005D7F80;
DWORD call_00407800 = 0x00407800;
DWORD call_0063F640 = 0x0063F640;
DWORD push_0074C518 = 0x0074C518;
DWORD call_004069F0 = 0x004069F0;
DWORD call_005D8120 = 0x005D8120;
DWORD call_005DA2D0 = 0x005DA2D0;
DWORD call_005714D0 = 0x005714D0;
DWORD push_0073E6A0 = 0x0073E6A0;
DWORD call_0074C518 = 0x0074c518;
DWORD addy_74C520 = 0x74C520;
BYTE addy_74C524 = 0x74C524;
// End Lzo_func_1 ref;
DWORD call_0063EFDD = 0x0063EFDD;
DWORD call_00428900 = 0x00428900;
DWORD call_005767B0 = 0x005767B0;
#pragma endregion Dichiarazioni
#pragma region Archivi

/* Standart */
char *magic = "MCOZ";

char *pong = "83da635ds12312ss";

char* est_1 = ".eue";
char* est_2 = ".dlx";


DWORD index_est = *(int *)(est_2);
byte key_1[] = {0xff , 0x37 , 0x3f , 0x3f , 0xf3 , 0x4E , 0xf1 , 0x25 , 0x4D , 0x2D , 0x5f , 0x30 , 0x52 , 0x37 , 0xf1 , 0xf5};
byte key_2[] = {0x22 , 0xB8 , 0xB4 , 0x04 , 0x64 , 0xB2 , 0x6E , 0x1F , 0xAE , 0xEA , 0x18 , 0x00 , 0xA6 , 0xF6 , 0xFB , 0x1C};

char* packName;


/* MIllenium Word
char *magic = "THIA";
char *pong = "abdi@lswkdsg33.1";

char* est_1 = ".mln";
char* est_2 = ".wrl";

DWORD index_est = *(int *)(est_2);

byte key_1[] = {0x4D , 0x31 , 0x37 , 0x37 , 0x33 , 0x4E , 0x31 , 0x55 , 0x4D , 0x2D , 0x57 , 0x30 , 0x52 , 0x37 , 0x44 , 0x35};
byte key_2[] = {0x22 , 0xB8 , 0xB4 , 0x04 , 0x64 , 0xB2 , 0x6E , 0x1F , 0xAE , 0xEA , 0x18 , 0x00 , 0xA6 , 0xF6 , 0xFB , 0x1C};

*/

/*
ArisOnline
byte key_1[] = {0x32, 0x47, 0xDF, 0x98, 0x79, 0x87, 0x7D, 0xA7, 0x93, 0x21, 0x28, 0x79, 0x8D, 0xA3, 0x23, 0x20};
byte key_2[] = {0x22 , 0xB8 , 0xB4 , 0x04 , 0x64 , 0xB2 , 0x6E , 0x1F , 0xAE , 0xEA , 0x18 , 0x00 , 0xA6 , 0xF6 , 0xFB , 0x1C};


/*

Metin2Deluxe ( .Net )


char *pong = "1234abcd5678efgh";

char* est_1 = ".dlx";
char* est_2 = ".eue";

byte key_1[] = {0xff , 0x37 , 0x3f , 0x3f , 0xf3 , 0x4E , 0xf1 , 0x25 , 0x4D , 0x2D , 0x5f , 0x30 , 0x52 , 0x37 , 0xf1 , 0xf5};
byte key_2[] = {0x22 , 0xB8 , 0xB4 , 0x04 , 0x64 , 0xB2 , 0x6E , 0x1F , 0xAE , 0xEA , 0x18 , 0x00 , 0xA6 , 0xF6 , 0xFB , 0x1C};


*/

DWORD call_005728A0 = 0x005728A0;
DWORD jmp_005DF8E7 = 0x005DF8E7;
DWORD call_005700B0 = 0x005700B0;
DWORD jmp_572057 = 0x572057;
DWORD call_005D4090 = 0x005D4090;
#pragma endregion Archivi

dll void start_crypto(){

        DetourFunction((BYTE*) 0x729C80, (BYTE*)pong_func);
        DetourFunction((BYTE*) 0x5E06C8, (BYTE*)get_name);
        DetourFunction((BYTE*) 0x005E06C0, (BYTE*)lzo_func_1);
        DetourFunction((BYTE*) 0x005DF8BE, (BYTE*)lzo_func_2);
        DetourFunction((BYTE*) 0x00572040, (BYTE*)lzo_func_3);
        DetourFunction((BYTE*) 0x005700B0, (BYTE*)lzo_func_4);
        DetourFunction((BYTE*) 0x48f7e0,( BYTE* )get_pack);
        DetourFunction((BYTE*) 0x1E05D240, (BYTE*)block_get);
        DetourFunction((BYTE*) 0x1E05D4E0, (BYTE*)block_ref);
        DetourFunction((BYTE*) 0x0041D9D3, (BYTE*)block_switch);

        ifstream ReadFile;
        ReadFile.open("info.txt");
        string out;

        if (ReadFile.is_open()) {
            ReadFile >> out;
            if (out == "Show" || out == "show"){
                RedirectIOToConsole();
                showInfo();

            }
        }

        ReadFile.close();

}
dll void showInfo(){

    cout << "\t\t\tDrAg0n Protection v" << version << endl<< endl<< endl;
    cout << "Version compiled for - " << name << endl;
    cout << "Protection Compiled in date " << date << endl;

    cout << "Coded by DrAg0n" << endl;
    cout << "Skype = dragon_9330" << endl;

}
dll BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
    switch (fdwReason)
    {
    case DLL_PROCESS_ATTACH:
        start_crypto();
        break;

    case DLL_PROCESS_DETACH:

    ExitProcess(0);
        break;

    case DLL_THREAD_ATTACH:

        break;

    case DLL_THREAD_DETACH:

        break;
    }
    return TRUE; // succesful
}
dll __declspec (naked) void get_pack(){
 __asm{
  PUSH -1
  PUSH push_0070F89B
  MOV EAX,DWORD PTR FS:[0]
  PUSH EAX
  MOV DWORD PTR FS:[0],ESP
  SUB ESP,0x148
  MOV EAX,DWORD PTR DS:[0x7C2DE8]
  XOR EAX,ESP
  LEA ECX,[ESP+4]
  PUSH ECX
  MOV DWORD PTR SS:[ESP+0x148],EAX
  MOV EAX,DWORD PTR SS:[ESP+0x160]
  PUSH 0
  PUSH EAX
  CALL call_005769F0
  ADD ESP,0x0C
  TEST AL,AL
  JNE L0022
  PUSH 0
  CALL call_00576B90
  ADD ESP,0x4
  JMP L0083
L0022:
  MOV EDX,DWORD PTR SS:[ESP+0x4]
  MOV info2, EDX
  PUSH ESI
  PUSH 0x2E
  PUSH EDX
  ritorno:
  CALL call_00640230
  MOV ESI,EAX
  ADD ESP,0x8
  TEST ESI,ESI
  JE L0079
  PUSH push_0073E6B4
  PUSH ESI
  CALL call_0065932E
  ADD ESP,0x8
  TEST EAX,EAX
  JE L0049
  inizio:
  PUSH control_1
  PUSH ESI
  CALL call_0065932E
  ADD ESP,0x8
  TEST EAX,EAX
  JE L0049
  PUSH control_2
  PUSH ESI
  CALL  call_0065932E
  ADD ESP,0x8
  TEST EAX,EAX
  JNE L0079
  L0049:
  LEA ECX,[ESP+0x0C]
  CALL call_00571070
  MOV ECX,DWORD PTR SS:[ESP+0x8]
  LEA EAX,[ESP+04]
  PUSH EAX
  PUSH ECX
  MOV ECX,DWORD PTR DS:[0x7D0710]
  LEA EDX,[ESP+0x14]
  PUSH EDX
  MOV DWORD PTR SS:[ESP+0x160],0
  MOV DWORD PTR SS:[ESP+0x10],0
  CALL sub_get
  CALL check
  TEST AL,AL
  LEA ECX,[ESP+0x0C]
  JE L0077
  CALL call_00571290
  PUSH EAX
  MOV EAX,DWORD PTR SS:[ESP+0x08]
  PUSH EAX
  PUSH push_0073E6A0
  CALL DWORD PTR DS:[0x7317B0]
  ADD ESP,0x0C
  LEA ECX,[ESP+0x0C]
  MOV ESI,EAX
  MOV DWORD PTR SS:[ESP+0x154],-1
  CALL call_00571460
  MOV EAX,ESI
  JMP L0082
L0077:
  MOV DWORD PTR SS:[ESP+0x154],-1
  CALL call_00571460
L0079:
  PUSH 0
  CALL call_00576B90
  ADD ESP,0x4
L0082:
  POP ESI
L0083:
  MOV ECX,DWORD PTR SS:[ESP+0x148]
  MOV DWORD PTR FS:[0],ECX
  MOV ECX,DWORD PTR SS:[ESP+0x144]
  XOR ECX,ESP
  CALL call_0063F020
  ADD ESP,0x154
  RETN
 }

fine:
 __asm MOV info,ESI
cout << info << endl;
__asm JMP inizio

log2:
cout << info2 << endl;
__asm JMP ritorno

}
dll __declspec (naked) void sub_get(){


__asm{

  PUSH EBX
  MOV EBX,DWORD PTR SS:[ESP+0x0C]
  PUSH EBP
  MOV EBP,DWORD PTR SS:[ESP+0x0C]
  PUSH ESI
  PUSH EDI
  MOV EDI,DWORD PTR SS:[ESP+0x1C]
  MOV ESI,ECX
  MOV EAX,DWORD PTR DS:[ESI+0x8]
  TEST EAX,EAX
  PUSH EDI
  PUSH EBX
  PUSH EBP
  JNE L0027
  CALL call_005D3FC0
  TEST AL,AL
  JNE L0030
  PUSH EDI
  PUSH EBX
  PUSH EBP
  MOV ECX,ESI
  CALL call_005D63F0
  POP EDI
  POP ESI
  POP EBP
  POP EBX
  RETN 0x0C
L0027:
  CALL call_005D63F0
  TEST AL,AL
  JE L0036
L0030:
  POP EDI
  POP ESI
  POP EBP
  MOV AL,1
  POP EBX
  RETN 0x0C
L0036:
  PUSH EDI
  PUSH EBX
  PUSH EBP
  MOV ECX,ESI
  CALL call_005D3FC0
  POP EDI
  POP ESI
  POP EBP
  POP EBX
  RETN 0x0C
    }
}

DWORD jmp_005E06C9 = 0x005E06C9;


dll __declspec (naked) void get_name(){

cout << packName;


}

dll __declspec (naked) void lzo_func_1(){

__asm{

  PUSH EBP
  MOV EBP,DWORD PTR SS:[ESP+0x18]
  TEST EBP,EBP
  PUSH ESI
  PUSH EDI
  MOV packName,EDI
  MOV ESI,ECX
  JE L0012
  PUSH 0x20
  PUSH EBP
  LEA ECX,[ESI+0x1BEC]
  CALL call_00407800
  MOV BYTE PTR DS:[ESI+0x35D],0
L0012:
  MOV EDX,DWORD PTR SS:[ESP+0x18]
  MOV EAX,EDX
  LEA EDI,[EAX+0x1]
  JMP L0017
  LEA ECX,[ECX]
L0017:
  MOV CL,BYTE PTR DS:[EAX]
  INC EAX
  TEST CL,CL
  JNE L0017
  PUSH EBX
  SUB EAX,EDI
  PUSH EAX
  PUSH EDX
  LEA ECX,[ESI+0x1BC8]
  CALL call_00407800
  MOV EBX,DWORD PTR SS:[ESP+0x18]
  PUSH 0x0FF
  LEA EAX,[ESI+0x14D]
  PUSH EBX
  PUSH EAX
  CALL call_0063F640
  PUSH 104
  LEA EDI,[ESI+0x24D]
  PUSH EBX
  PUSH EDI
  CALL call_0063F640
  ADD ESP,0x18
  DEC EDI
L0040:
  MOV AL,BYTE PTR DS:[EDI+0x1]
  INC EDI
  TEST AL,AL
  JNE L0040
  MOV ECX,DWORD PTR DS:[index_est]
  MOV DWORD PTR DS:[EDI],ECX
  MOV DL,BYTE PTR DS:[0x74C524]
  MOV EAX,EBX
  MOV BYTE PTR DS:[EDI+0x4],DL
  LEA EDX,[EAX+0x1]
L0050:
  MOV CL,BYTE PTR DS:[EAX]
  INC EAX
  TEST CL,CL
  JNE L0050
  SUB EAX,EDX
  PUSH EAX
  LEA EDI,[ESI+0x1BAC]
  PUSH EBX
  MOV ECX,EDI
  CALL call_00407800
  PUSH 0x4
  PUSH est_1
  MOV ECX,EDI
  CALL call_004069F0
  MOV AL,BYTE PTR SS:[ESP+0x20]
  MOV ECX,ESI
  MOV BYTE PTR DS:[ESI+0x35C],AL
  CALL call_005D8120
  TEST AL,AL
  POP EBX
  JE L0099
  MOV ECX,ESI
  CALL call_005DA2D0
  TEST AL,AL
  JE L0099
  MOV EDX,DWORD PTR SS:[ESP+0x10]
  TEST EBP,EBP
  SETNE CL
  PUSH ECX
  PUSH EDX
  MOV ECX,ESI
  CALL call_005DF7D0
  MOV AL,BYTE PTR DS:[ESI+0x35C]
  TEST AL,AL
  JE L0104
  CMP DWORD PTR DS:[EDI+0x18],0x10
  JB L0089
  MOV EDI,DWORD PTR DS:[EDI+0x4]
  JMP L0090
L0089:
  ADD EDI,0x4
L0090:
  PUSH 0
  PUSH 0
  LEA EAX,[ESI+0x140]
  PUSH EAX
  PUSH EDI
  LEA ECX,[ESI+0x4]
  CALL call_005714D0
  TEST EAX,EAX
  JNE L0106
L0099:
  POP EDI
  POP ESI
  XOR AL,AL
  POP EBP
  RETN 0x14
L0104:
  MOV ECX,ESI
  CALL call_005D7F80
L0106:
  POP EDI
  POP ESI
  MOV AL,0x1
  POP EBP
  RETN 0x14

}

}
dll __declspec (naked) void lzo_func_2(){

__asm{

  CMP EAX,magic
  JNE 0x005DFAC3
  PUSH OFFSET key_1
  PUSH ESI
  LEA EAX,[ESP+0x14]
  MOV BYTE PTR SS:[EBP+0x14C],0x1
  MOV ECX,DWORD PTR DS:[0x7D0C1C]
  PUSH EAX
  CALL call_005728A0
  JMP jmp_005DF8E7

}
}
dll __declspec (naked) void lzo_func_3(){

__asm{

  PUSH EDX
  PUSH EBX
  SUB EAX,4
  PUSH EAX
  PUSH EDI
  MOV DWORD PTR SS:[ESP+0x2030],0
  CALL call_005700B0
  JMP jmp_572057

  }


}
dll __declspec (naked) void  lzo_func_4(){

__asm{

  MOV EAX,DWORD PTR SS:[ESP+0x10]
  MOV ECX,EAX
  AND ECX,0x80000007
  JNS L0007
  DEC ECX
  OR ECX,0xFFFFFFF8
  INC ECX
L0007:
  JE L0012
  SUB EAX,ECX
  ADD EAX,0x8
  MOV DWORD PTR SS:[ESP+0x10],EAX
  JMP L0013
L0012:
  MOV DWORD PTR SS:[ESP+0x10],EAX
L0013:
  PUSH EBX
  MOV EBX,EAX
  SAR EBX,0x3
  TEST EBX,EBX
  JLE L0041
  PUSH EBP
  MOV EBP,DWORD PTR SS:[ESP+0x14]
  PUSH ESI
  MOV ESI,DWORD PTR SS:[ESP+0x14]
  PUSH EDI
  MOV EDI,DWORD PTR SS:[ESP+0x14]
  LEA ECX,[ECX]
L0025:
  MOV EAX,DWORD PTR DS:[ESI]
  MOV ECX,DWORD PTR DS:[ESI+0x4]
  PUSH EDI // DwSize
  PUSH EBP // lzoData
  PUSH EAX // Pointer to [InData]
  PUSH ECX // OutBuffer
  CALL xtea
  ADD ESP,0x10
  ADD EDI,0x8
  ADD ESI,0x8
  DEC EBX
  JNE L0025
  MOV EAX,DWORD PTR SS:[ESP+0x20]
  POP EDI
  POP ESI
  POP EBP
L0041:
  POP EBX
  RETN

}


}

bool first = false;

dll int xtea(int a1, int a2, LPBYTE key, int a4){

 int result;


unsigned int sum = -957401312;
  unsigned int delta = 0x61C88647;
  unsigned int v5;
  unsigned int v6;
  signed int v7;


  v5 = a2;
  v6 = a1;

  v7 = 32;

  for(int i = 0; i < v7; i++){
    v6 -= (sum + *(DWORD*)(key + 4 * ((sum >> 11) & 3))) ^ (v5 + (16 * v5 ^ (v5 >> 5)));
    sum += delta;
    v5 -= (sum + *(DWORD*)(key + 4 * (sum & 3))) ^ (v6 + (16 * v6 ^ (v6 >> 5)));
  }


  result = a4;
  *(DWORD*)a4 = v5;
  *(DWORD*)(a4 + 4) = v6;

return result;

}
__declspec (naked) void xxtea(){

    __asm{
  MOV EDX,DWORD PTR SS:[ESP+0x8]
  MOV ECX,DWORD PTR SS:[ESP+0x4]
  PUSH EBX
  PUSH EBP
  PUSH ESI
  MOV ESI,DWORD PTR SS:[ESP+0x18]
  PUSH EDI
  MOV EAX,0xC6EF3720
  MOV EDI,0x20
  LEA EBX,[EBX]
L0010:
  MOV EBX,EDX
  SHR EBX,0x5
  MOV EBP,EDX
  SHL EBP,0x4
  XOR EBX,EBP
  MOV EBP,EAX
  SHR EBP,0x0B
  AND EBP,0x00000003
  MOV EBP,DWORD PTR DS:[EBP*0x4+ESI]
  ADD EBP,EAX
  ADD EBX,EDX
  XOR EBX,EBP
  SUB ECX,EBX
  MOV EBX,ECX
  SHR EBX,0x5
  MOV EBP,ECX
  SHL EBP,0x4
  XOR EBX,EBP
  ADD EAX,0x61C88647
  MOV EBP,EAX
  AND EBP,0x00000003
  MOV EBP,DWORD PTR DS:[EBP*0x4+ESI]
  ADD EBX,ECX
  ADD EBP,EAX
  XOR EBX,EBP
  SUB EDX,EBX
  DEC EDI
  JNE L0010
  MOV EAX,DWORD PTR SS:[ESP+0x20]
  POP EDI
  POP ESI
  POP EBP
  MOV DWORD PTR DS:[EAX],EDX
  MOV DWORD PTR DS:[EAX+0x4],ECX
  POP EBX
  RETN
  }


}
__declspec (naked) void xxea_2(){

    __asm{

  MOV EDX,DWORD PTR SS:[ESP+0x8]
  MOV ECX,DWORD PTR SS:[ESP+0x4]
  PUSH EBX
  PUSH EBP
  PUSH ESI
  MOV ESI,DWORD PTR SS:[ESP+0x18]
  PUSH EDI
  MOV EAX,0xC6EF3720
  MOV EDI,0x20
  LEA EBX,[EBX]
L0010:
  MOV EBX,EDX
  SHR EBX,0x5
  MOV EBP,EDX
  SHL EBP,0x4
  XOR EBX,EBP
  MOV EBP,EAX
  SHR EBP,0x0B
  AND EBP,0x00000003
  MOV EBP,DWORD PTR DS:[EBP*0x4+ESI]
  ADD EBP,EAX
  ADD EBX,EDX
  XOR EBX,EBP
  SUB ECX,EBX
  MOV EBX,ECX
  SHR EBX,0x5
  MOV EBP,ECX
  SHL EBP,0x4
  XOR EBX,EBP
  ADD EAX,0x61C88647
  MOV EBP,EAX
  AND EBP,0x00000003
  MOV EBP,DWORD PTR DS:[EBP*0x4+ESI]
  ADD EBX,ECX
  ADD EBP,EAX
  XOR EBX,EBP
  SUB EDX,EBX
  DEC EDI
  JNE L0010
  MOV EAX,DWORD PTR SS:[ESP+0x20]
  POP EDI
  POP ESI
  POP EBP
  MOV DWORD PTR DS:[EAX],EDX
  MOV DWORD PTR DS:[EAX+0x4],ECX
  POP EBX
  RETN

    }
}
__declspec (naked) void xtea_lzo(){

    __asm{

  MOV EDX,DWORD PTR SS:[ESP+0x8]
  MOV ECX,DWORD PTR SS:[ESP+0x4]
  PUSH EBX
  PUSH EBP
  PUSH ESI
  MOV ESI,DWORD PTR SS:[ESP+0x18]
  PUSH EDI
  MOV EAX,0xC6EF3720
  MOV EDI,0x20
  LEA EBX,[EBX]
L0010:
  MOV EBX,EDX
  SHR EBX,0x5
  MOV EBP,EDX
  SHL EBP,0x4
  XOR EBX,EBP
  MOV EBP,EAX
  SHR EBP,0x0B
  AND EBP,0x00000003
  MOV EBP,DWORD PTR DS:[EBP*0x4+ESI]
  ADD EBP,EAX
  ADD EBX,EDX
  XOR EBX,EBP
  SUB ECX,EBX
  MOV EBX,ECX
  SHR EBX,0x5
  MOV EBP,ECX
  SHL EBP,0x4
  XOR EBX,EBP
  ADD EAX,0x61C88647
  MOV EBP,EAX
  AND EBP,0x00000003
  MOV EBP,DWORD PTR DS:[EBP*0x4+ESI]
  ADD EBX,ECX
  ADD EBP,EAX
  XOR EBX,EBP
  SUB EDX,EBX
  DEC EDI
  JNE L0010
  MOV EAX,DWORD PTR SS:[ESP+0x20]
  POP EDI
  POP ESI
  POP EBP
  MOV DWORD PTR DS:[EAX],EDX
  MOV DWORD PTR DS:[EAX+0x4],ECX
  POP EBX
  RETN

    }
}
dll int check(int, int,char *f_name)
{

    string fName = f_name;
    int pos = fName.rfind(".");
    if (pos == 0){
        ::MessageBoxA(0,"Universal Extractor Founded!","DrAg0N Protection",MB_OK);
        ExitProcess(0);
    }
    else{
    string Est = fName.substr(pos);
    if (Est != ".py" && Est != ".txt" && Est != ".pyc"){
        ::MessageBoxA(0,"Universal Extractor Founded!","DrAg0N Protection",MB_OK);
        ExitProcess(0);
    }}

    return 1;

}
dll __declspec (naked) void pong_func(){

    __asm {

  PUSH 0x10
  PUSH pong
  MOV ECX,0x7A6188
  CALL call_00407800
  PUSH 0x0072E7F0
  CALL call_0063EFDD
  POP ECX
  RETN

}
}
dll __declspec (naked )void block_get(){
    ::MessageBoxA(0,"Py Injection Founded!","DrAg0N Protection",MB_OK);
    ExitProcess(0);
}
dll __declspec (naked )void block_str(){
    ::MessageBoxA(0,"Py Injection Founded!","DrAg0N Protection",MB_OK);
    ExitProcess(0);
}
dll __declspec (naked) void block_ref(){
    ::MessageBoxA(0,"Py Injection Founded!","DrAg0N Protection",MB_OK);
    ExitProcess(0);
}
dll __declspec (naked) void block_switch(){

    __asm{

  MOV DWORD PTR SS:[ESP+0x4],0
  MOV EAX,DWORD PTR SS:[ESP+0x8]
  MOV ECX,DWORD PTR SS:[ESP+0x0C]
  PUSH ECX
  PUSH EAX
  MOV ECX,DWORD PTR DS:[0x7D070C]
  CALL call_00428900
  CALL call_005767B0
  POP ESI
  ADD ESP,0x0C
  RETN
    }
}

void RedirectIOToConsole( void )
{

    CONSOLE_SCREEN_BUFFER_INFO coninfo;
    FILE *fp;

    // allocate a console for this app
    AllocConsole();

    // set the screen buffer to be big enough to let us scroll text
    GetConsoleScreenBufferInfo(GetStdHandle(STD_OUTPUT_HANDLE),    &coninfo);
    coninfo.dwSize.Y = MAX_CONSOLE_LINES;
    SetConsoleScreenBufferSize(GetStdHandle(STD_OUTPUT_HANDLE),    coninfo.dwSize);

    // redirect unbuffered STDOUT to the console
    lStdHandle = (long)GetStdHandle(STD_OUTPUT_HANDLE);
    hConHandle = _open_osfhandle(lStdHandle, _O_TEXT);

    fp = _fdopen( hConHandle, "w" );

    *stdout = *fp;
    setvbuf( stdout, NULL, _IONBF, 0 );

    // redirect unbuffered STDIN to the console
    lStdHandle = (long)GetStdHandle(STD_INPUT_HANDLE);
    hConHandle = _open_osfhandle(lStdHandle, _O_TEXT);

    fp = _fdopen( hConHandle, "r" );

    *stdin = *fp;
    setvbuf( stdin, NULL, _IONBF, 0 );

    // redirect unbuffered STDERR to the console
    lStdHandle = (long)GetStdHandle(STD_ERROR_HANDLE);
    hConHandle = _open_osfhandle(lStdHandle, _O_TEXT);

    fp = _fdopen( hConHandle, "w" );

    *stderr = *fp;
    setvbuf( stderr, NULL, _IONBF, 0 );

    // make cout, wcout, cin, wcin, wcerr, cerr, wclog and clog
    // point to console as well
    ios::sync_with_stdio();
}