S2S logger modified

1. #include <Windows.h>
2. #include <iostream>
3. #include <string>
4. #include <sstream>
5. #include <fstream>
6.  
7. #pragma warning( disable: 4996 )
8.  
9. using namespace std;
10. ofstream outfile;
11.  
12. #define dir_log "C:\\STS_LOG.txt" // where ID's get saved.
13. #define STS 0x62E3D3
14.  
15. void log(const char *fmt, ...) //standard stuffs
16. {
17. outfile.open(dir_log, ios::app);
18. va_list va_alist;
19. char buffer[512] = {0};
20. va_start( va_alist, fmt );
21. vsnprintf(buffer+strlen(buffer), sizeof(buffer) - strlen(buffer), fmt, va_alist );
22. va_end( va_alist );
23. outfile << buffer;
24. outfile.close();
25.  
26. return;
27. }
28.  
29. void *DetourFunction (BYTE *src, const BYTE *dst, const int len)
30. {
31. BYTE *jmp;
32. DWORD dwback;
33. DWORD jumpto, newjump;
34.  
35. VirtualProtect(src,len,PAGE_READWRITE,&dwback);
36.  
37. if(src[0] == 0xE9)
38. {
39. jmp = (BYTE*)malloc(10);
40. jumpto = (*(DWORD*)(src+1))+((DWORD)src)+5;
41. newjump = (jumpto-(DWORD)(jmp+5));
42. jmp[0] = 0xE9;
43. *(DWORD*)(jmp+1) = newjump;
44. jmp += 5;
45. jmp[0] = 0xE9;
46. *(DWORD*)(jmp+1) = (DWORD)(src-jmp);
47. }
48. else
49. {
50. jmp = (BYTE*)malloc(5+len);
51. memcpy(jmp,src,len);
52. jmp += len;
53. jmp[0] = 0xE9;
54. *(DWORD*)(jmp+1) = (DWORD)(src+len-jmp)-5;
55. }
56. src[0] = 0xE9;
57. *(DWORD*)(src+1) = (DWORD)(dst - src) - 5;
58.  
59. for(int i = 5; i < len; i++)
60. src[i] = 0x90;
61. VirtualProtect(src,len,dwback,&dwback);
62. return (jmp-len);
63. }
64.  
65. typedef unsigned int ( *tfnSendToServer)(void *pMsg, unsigned __int32 flags);
66.  
67. tfnSendToServer mfnSendToServer;
68.  
69. DWORD dwCache;
70.  
71. unsigned int hooked_SendToServer(void *pMsg, unsigned __int32 flags){
72. __asm pushad;
73.  
74. log("SendToServer( 0x%02x, 0x%02x );\n{\n", pMsg, flags);
75. VirtualProtect(pMsg, 400, 40, &dwCache);
76. for(unsigned long ul=0;ul<400;ul++){
77. if(!(ul%4)) log("\n");
78. log("0x%02x, ", PBYTE(DWORD(pMsg))[ul]);
79. }
80. VirtualProtect(pMsg, 400, dwCache, 0);
81.  
82. __asm popad;
83. return mfnSendToServer(pMsg, flags);
84. }
85.  
86. void hookthread(void)
87. {
88. DWORD CShell = *(DWORD*)GetModuleHandleA("CShell.dll");
89. if(CShell != NULL)
90. {
91. mfnSendToServer = (tfnSendToServer)DetourFunction((BYTE*)(STS),(BYTE*)hooked_SendToServer,5);
92. log("Hooked STS Function; 0x%02x -> 0x%02x\n", STS, hooked_SendToServer);
93. }
94. }
95.  
96. bool __stdcall DllMain( HMODULE hthis, DWORD dwReason, DWORD lpUNK ){
97.  
98. DisableThreadLibraryCalls(hthis);
99.  
100. if(dwReason==0x01){
101. CreateThread(0, 0, (LPTHREAD_START_ROUTINE)hookthread, 0, 0, 0);
102. }
103. return true;
104. }