Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <windows.h>
- #include <string>
- #include <iostream>
- #include <tlhelp32.h>
- #include <algorithm>
- #define BA 0x00E444A4
- #define GA 0x00E44C4C
- #define INJECT_OK 0x00
- #define INJECT_NO_PROCESS 0x01
- #define INJECT_NO_ACCESS 0x02
- #define INJECT_BAD_VERSION 0x03
- #define INJECT_THREAD_FAIL 0x04
- using namespace std;
- wstring StringToUpper(wstring strToConvert)
- {
- std::transform(strToConvert.begin(), strToConvert.end(), strToConvert.begin(), ::toupper);
- return strToConvert;
- }
- bool GetProcessId(DWORD * pId, wstring ExeName)
- {
- HANDLE hProcessSnap;
- PROCESSENTRY32 ProcEntry32 = { 0 };
- hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
- if (hProcessSnap == INVALID_HANDLE_VALUE)
- {
- *pId = 0;
- return false;
- }
- ProcEntry32.dwSize = sizeof(PROCESSENTRY32);
- if (Process32First(hProcessSnap, &ProcEntry32))
- {
- do {
- wstring asName = ProcEntry32.szExeFile;
- if ((StringToUpper(asName)) == StringToUpper(ExeName))
- {
- *pId = ProcEntry32.th32ProcessID;
- CloseHandle(hProcessSnap);
- return true;
- }
- ProcEntry32.dwSize = sizeof(PROCESSENTRY32);
- Process32Next(hProcessSnap, &ProcEntry32);
- } while (hProcessSnap != INVALID_HANDLE_VALUE);
- }
- CloseHandle(hProcessSnap);
- *pId = 0;
- return false;
- }
- bool IsGameVersionValid(HANDLE hProc)
- {
- if (hProc == INVALID_HANDLE_VALUE)
- return false;
- DWORD ShouldBeEqualToGA;
- ReadProcessMemory(hProc, (void*)BA, &ShouldBeEqualToGA, 4, NULL);
- ShouldBeEqualToGA += 0x1C;
- return (ShouldBeEqualToGA == GA);
- }
- BYTE InjectAndExecute(void* Func, void* Params)
- {
- DWORD pId;
- HWND windowHandle = FindWindowA("ElementClient Window", NULL);
- GetWindowThreadProcessId(windowHandle, &pId);
- if (!pId)
- return INJECT_NO_PROCESS;
- HANDLE hProc;
- HANDLE hProcThread;
- void* pFunction;
- void* pParams;
- hProc = OpenProcess(PROCESS_ALL_ACCESS, false, pId);
- if (hProc == INVALID_HANDLE_VALUE)
- return INJECT_NO_ACCESS;
- if (!IsGameVersionValid(hProc))
- return INJECT_BAD_VERSION;
- pFunction = VirtualAllocEx(hProc, NULL, 4096, MEM_COMMIT, PAGE_READWRITE);
- pParams = VirtualAllocEx(hProc, NULL, 256, MEM_COMMIT, PAGE_READWRITE);
- WriteProcessMemory(hProc, pFunction, Func, 4096, NULL);
- WriteProcessMemory(hProc, pParams, Params, 256, NULL);
- hProcThread = CreateRemoteThread(hProc, NULL, NULL, (LPTHREAD_START_ROUTINE)pFunction, pParams, NULL, NULL);
- if (hProcThread == INVALID_HANDLE_VALUE)
- {
- VirtualFreeEx(hProc, pFunction, 4096, MEM_RELEASE);
- VirtualFreeEx(hProc, pParams, 256, MEM_RELEASE);
- CloseHandle(hProc);
- return INJECT_THREAD_FAIL;
- }
- WaitForSingleObject(hProcThread, INFINITE);
- CloseHandle(hProcThread);
- VirtualFreeEx(hProc, pFunction, 4096, MEM_RELEASE);
- VirtualFreeEx(hProc, pParams, 256, MEM_RELEASE);
- CloseHandle(hProc);
- return INJECT_OK;
- }
- void __stdcall Target_THREAD(DWORD* WorldIdentifier)
- {
- DWORD Id = *WorldIdentifier;
- __asm
- {
- pushad
- mov edx, 0x00606A70
- mov edi, Id
- mov eax, dword ptr ds : [BA]
- push edi
- mov ecx, dword ptr ds : [eax + 0x20]
- add ecx, 0xEC
- call edx
- popad
- }
- }
- void __stdcall Attack_THREAD()
- {
- __asm
- {
- pushad
- mov edx, 0x0044FE60
- mov ecx, dword ptr ds : [BA]
- mov ecx, dword ptr ds : [ecx + 0x1C]
- mov ecx, dword ptr ds : [ecx + 0x20]
- push - 1
- push 0
- push 0
- push 0
- call edx
- popad
- }
- }
- class CHostPlayer
- {
- public:
- bool SelectSomething(DWORD GlobalId)
- {
- return (InjectAndExecute(&Target_THREAD, &GlobalId) == INJECT_OK);
- }
- bool AttackSelectedTarget()
- {
- return (InjectAndExecute(&Attack_THREAD, NULL) == INJECT_OK);
- }
- } *HostPlayer;
- int main()
- {
- HostPlayer->AttackSelectedTarget();
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
