Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #define WIN32_LEAN_AND_MEAN
- #define _CRT_SECURE_NO_WARNINGS
- #include <Windows.h>
- #include <cstdio>
- #include <tlhelp32.h>
- void EnableDebugPriv();
- DWORD GetProcessIdByName(LPCWSTR name);
- HMODULE GetProcessModuleHandle(DWORD processId, LPCWSTR name);
- LPVOID AllocString(HANDLE process, const char *string);
- BOOL TranslateString(HANDLE process, DWORD module, DWORD opcodeOffset, BYTE opcode, int offset, const char *newString);
- int main()
- {
- ///////////////////////////////////////////////////////////////////////////////////////////////////////
- EnableDebugPriv();
- // Wait gta_sa.exe
- DWORD processId = NULL;
- do
- {
- processId = GetProcessIdByName(L"gta_sa.exe");
- Sleep(100);
- } while (processId == NULL);
- HANDLE process = OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION, FALSE, processId);
- // Wait samp.dll to be loaded
- DWORD SampDll = NULL;
- do
- {
- SampDll = (DWORD)GetProcessModuleHandle(processId, L"samp.dll");
- Sleep(100);
- } while (SampDll == NULL);
- ///////////////////////////////////////////////////////////////////////////////////////////////////////
- // TO DO: usar aobscan
- const int TOTAL_TRANSLATIONS = 3;
- DWORD translateOpcodesOffsets[TOTAL_TRANSLATIONS] =
- {
- 0x2647C6,
- 0x2EEDAE,
- 0x00AE9A,
- };
- BYTE translateOpcodes[TOTAL_TRANSLATIONS] =
- {
- 0xC7,
- 0x68,
- 0x68,
- };
- BYTE translateAddressOffsets[TOTAL_TRANSLATIONS] =
- {
- 3,
- 1,
- 1,
- };
- char translateStrings[TOTAL_TRANSLATIONS][128] =
- {
- "{FFFFFF}SA-MP {00FFAA}0.3.7 {FFFFFF}iniciado e traduzido!",
- "{FFFFFF}Conectando em {00FFAA}%s:%d{FFFFFF}, aguarde um instante...",
- "{FFFFFF}O servidor {FFAAAA}não responde{FFFFFF}. Tentando novamente!"
- };
- int result = 0;
- for (int i = 0; i < TOTAL_TRANSLATIONS; i++)
- {
- result += TranslateString(process, SampDll, translateOpcodesOffsets[i], translateOpcodes[i], translateAddressOffsets[i], translateStrings[i]);
- printf("\n");
- }
- printf("Result: %s (%d)\n", result == TOTAL_TRANSLATIONS ? "sucess" : "error", GetLastError());
- // Close Handles
- CloseHandle(process);
- getchar();
- return 0;
- }
- BOOL TranslateString(HANDLE process, DWORD module, DWORD opcodeOffset, BYTE opcode, int addressOffset, const char *newString)
- {
- // Allocate the string in memory
- LPVOID address = AllocString(process, newString);
- // Change instruction address
- // module + opcodeOffset = opcode
- // module + opcodeOffset + addressOffset = instruction target address
- printf("Translating: 0x%X\n", opcodeOffset);
- printf("%s\n", newString);
- printf("Process Handle: 0x%X\n", process);
- printf("Target Module: 0x%X\n", module);
- printf("Opcode check: 0x%X\n", opcode);
- printf("Address Offset: %d\n", addressOffset);
- printf("String alloc address: 0x%X\n", address);
- printf("-----------------------------------\n");
- BYTE opcodeCheck = 0;
- ReadProcessMemory(process, (LPVOID)(module + opcodeOffset), &opcodeCheck, sizeof(BYTE), NULL);
- if (opcodeCheck != opcode)
- {
- printf("[Error] Opcode check failed. (%X)\n\n", opcodeCheck);
- return FALSE;
- }
- int result = WriteProcessMemory(process, (LPVOID)(module + opcodeOffset + addressOffset), &address, sizeof(DWORD), NULL);
- if (result == 0)
- {
- printf("[Error] WriteProcessMemory failed. (Error: %X)\n\n", GetLastError());
- return FALSE;
- }
- return TRUE;
- }
- LPVOID AllocString(HANDLE process, const char *string)
- {
- LPVOID address;
- unsigned int size = strlen(string);
- address = VirtualAllocEx(process, NULL, size, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
- WriteProcessMemory(process, address, string, size, NULL);
- return address;
- }
- DWORD GetProcessIdByName(LPCWSTR name)
- {
- PROCESSENTRY32 entry;
- entry.dwSize = sizeof(PROCESSENTRY32);
- DWORD processId = NULL;
- HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
- if (Process32First(snapshot, &entry) == TRUE)
- {
- while (Process32Next(snapshot, &entry) == TRUE)
- {
- if (lstrcmp(entry.szExeFile, name) == 0)
- processId = entry.th32ProcessID;
- }
- }
- CloseHandle(snapshot);
- return processId;
- }
- void EnableDebugPriv()
- {
- HANDLE hToken;
- LUID luid;
- TOKEN_PRIVILEGES tkp;
- OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken);
- LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid);
- tkp.PrivilegeCount = 1;
- tkp.Privileges[0].Luid = luid;
- tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
- AdjustTokenPrivileges(hToken, false, &tkp, sizeof(tkp), NULL, NULL);
- CloseHandle(hToken);
- }
- HMODULE GetProcessModuleHandle(DWORD processId, LPCWSTR name)
- {
- HANDLE hModuleSnapshot;
- MODULEENTRY32 moduleInfo;
- HMODULE hResult;
- hModuleSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, processId);
- if (hModuleSnapshot == INVALID_HANDLE_VALUE)
- return NULL;
- moduleInfo.dwSize = sizeof(MODULEENTRY32);
- if (Module32First(hModuleSnapshot, &moduleInfo))
- {
- do
- {
- if (!lstrcmp(name, moduleInfo.szModule))
- {
- hResult = (HMODULE)moduleInfo.modBaseAddr;
- break;
- }
- } while (Module32Next(hModuleSnapshot, &moduleInfo));
- }
- if (!hResult) SetLastError(126);
- CloseHandle(hModuleSnapshot);
- return hResult;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement