Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <Windows.h>
- #include <tlhelp32.h>
- #include <iostream>
- using namespace std;
- #define MSGRET(str, ret) { cout << "ERROR: " << str << endl; system("pause"); return ret; }
- DWORD procNameToPID(const char *procName);
- bool dllInjection(DWORD pid, string dll);
- void WinAPIError();
- int main(int argc, const char *argv[])
- {
- DWORD pid = procNameToPID("externalCrackme.exe");
- if (!pid)
- MSGRET("Process not found.", 1)
- cout << "PID Found: " << pid << endl;
- cout << "Killing strcmp..." << endl;
- HANDLE processHandle = OpenProcess(PROCESS_ALL_ACCESS, false, pid);
- if (!processHandle)
- MSGRET("Cannot open process.", false)
- HMODULE kernel32 = GetModuleHandle("Kernel32");
- FARPROC lstrcmpAptr = GetProcAddress(kernel32, "lstrcmpA");
- char data[] = { 0x33, 0xc0, 0xc2, 0x08, 0x00 };
- DWORD oldFlags;
- VirtualProtectEx(processHandle, (void*)lstrcmpAptr, sizeof(data), PAGE_EXECUTE_READWRITE, &oldFlags);
- if (!WriteProcessMemory(processHandle, (void*)lstrcmpAptr, &data, sizeof(data), NULL))
- {
- WinAPIError();
- MSGRET("Could not WriteProcessMemory.", 0)
- }
- VirtualProtectEx(processHandle, (void*)lstrcmpAptr, sizeof(data), oldFlags, &oldFlags);
- system("pause");
- return 0;
- }
- DWORD procNameToPID(const char *procName)
- {
- HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
- if (snapshot == INVALID_HANDLE_VALUE)
- MSGRET("Unable to create snapshot.", 0)
- PROCESSENTRY32 process;
- process.dwSize = sizeof(PROCESSENTRY32);
- Process32First(snapshot, &process);
- do
- {
- if (strstr(process.szExeFile, procName))
- return process.th32ProcessID;
- }
- while (Process32Next(snapshot, &process));
- return 0;
- }
- void WinAPIError()
- {
- LPSTR errorMessage = NULL;
- FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_ALLOCATE_BUFFER, 0, GetLastError(), 0, (LPSTR)&errorMessage, 0, 0);
- cout << "WinAPI: " << errorMessage;
- LocalFree(errorMessage);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement