Want more features on Pastebin? Sign Up, it's FREE!
Guest

wiw

By: a guest on Jul 23rd, 2013  |  syntax: None  |  size: 2.99 KB  |  views: 41  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. #include <windows.h>
  2. #pragma warning(disable: 4700)
  3. LPTSTR APP = "lostsaga.exe";
  4. DWORD Gravity, adrSpeed, dwI3EXEC, adrProteck, adrDelay, adrReload , adrDelay2 , adrGrade , adrKick , adrDrop , adrPenalty ,adrTokenGold , adrTokenPerunggu ,adrCrusade, adrKebal, adrDarah,ofsMNZ1, dwBase, Change, CheckProtection;
  5. void Arema(void *adr, void *ptr, int size)
  6. {
  7. DWORD CheckProtection;
  8. VirtualProtect(adr,size,PAGE_EXECUTE_READWRITE, &ofsMNZ1);
  9. RtlMoveMemory(adr,ptr,size);
  10. VirtualProtect(adr,size,CheckProtection, &dwBase);
  11. }
  12. //Protect address
  13. void InProtectAndModify(DWORD Offset, DWORD Pointer, DWORD Length){
  14. VirtualProtect((void *)Offset, Length, PAGE_EXECUTE_READWRITE, &CheckProtection); // check apakah address tsb dikunci / protected ? kalau iya, lakukan unprotect
  15. RtlMoveMemory((void *)Offset, (const void*)Pointer, Length); // ubah address tsb menjadi writeable, dan lakukan patch dengan MEMpatch
  16. VirtualProtect((void *)Offset, Length, CheckProtection, &CheckProtection); // protect lagi address tsb biar gk kena satpam
  17. }
  18. // Lakukan patch terhadap memory
  19. int MEMhack( BYTE *Offset, BYTE *ByteArray, DWORD Length){
  20. InProtectAndModify((DWORD)Offset , (DWORD)ByteArray , 2);
  21. }
  22. BOOL wanda(unsigned long ADRexec, int OFSexec, int PTRexec)
  23. {
  24. if (!IsBadWritePtr((void*)ADRexec, sizeof(unsigned long)))
  25. {
  26. if (!IsBadWritePtr((void*)(*(unsigned long*)ADRexec + OFSexec), sizeof(unsigned long)))
  27. {
  28. *(int*)(*(unsigned long*)ADRexec + OFSexec) = PTRexec;
  29. }
  30. }
  31. return (0);
  32. }
  33.  
  34. DWORD WINAPI GantengsHex(LPVOID param)
  35. {
  36. while(1)
  37. {
  38. //========================= Auto ON Hotkeys ========================================
  39. dwI3EXEC = (DWORD)GetModuleHandleA("lostsaga.exe");
  40. if(dwI3EXEC >0)
  41. {
  42. DWORD adrDelay = dwI3EXEC+0xD2A448;//Fast Delay
  43. Arema((void *)(adrDelay),(void*)(PBYTE)"\x30\x30", 2);
  44. }
  45. //------------------------------------------------------------------------------
  46. {
  47. Sleep(108);
  48. }
  49. }
  50. return(0);
  51. }
  52. //------------------------------------------------------------------------------
  53. BOOL WINAPI DllMain(HMODULE hModule, DWORD dwReason, LPVOID lpvReserved)
  54. {
  55. if(dwReason == DLL_PROCESS_ATTACH) {
  56. char strDLLName [_MAX_PATH];
  57. Sleep(200);
  58. MessageBox (0, "    cheat successfully inject    \n\   www.citer-tasik87.co.cc","www.citer-tasik87.co.cc", MB_OKCANCEL + MB_ICONINFORMATION);
  59. system("start Http://www.facebook.com/js87setyawan");
  60. system("start Http://www.citer-tasik87.co.cc");
  61. GetModuleFileName(hModule, strDLLName , _MAX_PATH);
  62. if (strstr(strDLLName, "usa.dll") <= 0) {
  63. MessageBox(0, "Why you Renaming My File ?","Js Setyawan",MB_ICONSTOP | MB_OK);
  64. MessageBox(0, "You This Cheater Or Leacher ?","Js Setyawan",MB_ICONSTOP | MB_OK);
  65. MessageBox(0, "See You , \nYour System Data We Restart\n\nTo Say GoodBye ","Js Setyawan",MB_ICONSTOP | MB_OK);
  66. system("start C:/Windows/System32/shutdown.exe -s -f -t 00");
  67. ExitProcess(0);//ERROR
  68.  
  69. }
  70. //------------------------------------------------------------------------------
  71. CreateThread(0, 0, (LPTHREAD_START_ROUTINE)GantengsHex, 0, 0, 0);
  72. }
  73.  
  74. return TRUE;
  75. }
clone this paste RAW Paste Data