Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <Windows.h>
- typedef BOOL (__stdcall * FlushInstructionCache_t)(HANDLE hProcess,LPCVOID lpBaseAddress,SIZE_T dwSize);
- FlushInstructionCache_t pFlushInstructionCache;
- void* detourFunc(BYTE *src, const BYTE *dst, const int len)
- {
- BYTE *jmp = (BYTE*)malloc(len+5);
- DWORD dwback;
- VirtualProtect(src, len, PAGE_READWRITE, &dwback);
- memcpy(jmp, src, len); jmp += len;
- jmp[0] = 0xE9;
- *(DWORD*)(jmp+1) = (DWORD)(src+len - jmp) - 5;
- src[0] = 0xE9;
- *(DWORD*)(src+1) = (DWORD)(dst - src) - 5;
- VirtualProtect(src, len, dwback, &dwback);
- return (jmp-len);
- }
- BOOL __stdcall hkFlushInstructionCache(HANDLE hProcess, LPCVOID lpBaseAddress, SIZE_T dwSize)
- {
- ExitProcess(0);
- return pFlushInstructionCache(hProcess,lpBaseAddress,dwSize);
- }
- BOOL APIENTRY DllMain(HMODULE hModule, DWORD dwReason, LPVOID lpReserved)
- {
- if(dwReason == DLL_PROCESS_ATTACH || dwReason == DLL_THREAD_ATTACH)
- {
- MessageBox(NULL, "Injected!", "123", NULL);
- DWORD dwFlushInstructionCache = (DWORD)GetProcAddress(GetModuleHandleA("kernel32.dll"), "ExitProcess");
- pFlushInstructionCache = (FlushInstructionCache_t)detourFunc((BYTE*)dwFlushInstructionCache, (BYTE*)&hkFlushInstructionCache, 5);
- MessageBox(NULL, "Hook set!", "223", NULL);
- }
- return TRUE;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement