Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #define _SILENCE_STDEXT_HASH_DEPRECATION_WARNINGS
- #include <windows.h>
- #include <string>
- #include <assert.h>
- #include <process.h>
- #include "SAMPFUNCS_API.h"
- #include "game_api\game_api.h"
- SAMPFUNCS *SF = new SAMPFUNCS();
- BOOL DataCompare(BYTE *data, BYTE *sign, char *mask)
- {
- for (; *mask; mask++, sign++, data++) {
- if (*mask == 'x' && *data != *sign) return FALSE;
- }
- return (*mask) == NULL;
- }
- DWORD ScanSignature(DWORD addr, DWORD size, BYTE *sign, char *mask)
- {
- if (size == 0 || sign == nullptr || mask == nullptr) return 0;
- HANDLE hProc = GetCurrentProcess();
- if (hProc)
- {
- MEMORY_BASIC_INFORMATION mbi = { 0 };
- DWORD offset = 0;
- while (offset < size)
- {
- VirtualQueryEx(hProc, reinterpret_cast<LPCVOID>(addr + offset), &mbi, sizeof(MEMORY_BASIC_INFORMATION));
- if (mbi.State != MEM_FREE)
- {
- BYTE *buffer = new BYTE[mbi.RegionSize];
- ReadProcessMemory(hProc, mbi.BaseAddress, buffer, mbi.RegionSize, 0);
- for (SIZE_T i = 0; i < mbi.RegionSize; i++)
- {
- if (DataCompare(buffer + i, sign, mask))
- {
- CloseHandle(hProc);
- delete[] buffer;
- return reinterpret_cast<DWORD>(mbi.BaseAddress) + i;
- }
- }
- delete[] buffer;
- }
- offset += mbi.RegionSize;
- }
- CloseHandle(hProc);
- }
- return 0;
- }
- void kill_fucking_raklogger(DWORD addr)
- {
- DWORD old_prot;
- VirtualProtect((void*)addr, 0x3, PAGE_EXECUTE_READWRITE, &old_prot);
- *(byte*)addr = 0xC2;
- *(byte*)(addr + 0x1) = 0x4;
- *(byte*)(addr + 0x2) = 0x0;
- VirtualProtect((void*)addr, 0x3, old_prot, &old_prot);
- }
- void CALLBACK mainloop()
- {
- static bool init = false;
- if (!init)
- {
- if (GAME == nullptr)
- return;
- if (GAME->GetSystemState() != eSystemState::GS_PLAYING_GAME)
- return;
- if (!SF->getSAMP()->IsInitialized())
- return;
- DWORD addr = ScanSignature(0x400000, 0xFFFFFFFF,
- (byte*)"\x8B\x4D\xF4\xB0\x01\x5F\x5E\x64\x89\x0D\x00\x00\x00\x00\x5B\x8D\x65\x68\x5D\xC2\x04\x00\x6A\x01\x6A\xFF\x6A\x01\x68\x00\x00\x00\x00\x8D\x4D\x18\xE8\x00\x00\x00\x00\x8B\xF0\x8B\x4D\x60\xC6\x45\xFC\x07\x8B\x11\xFF\x52\x04\x83\xEC\x18\x8B\xCC",
- "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx????xxxx????xxxxxxxxxxxxxxxxxxx") - 0x5527;
- SF->Log("0x%X", addr);
- if (addr)
- {
- kill_fucking_raklogger(addr + 0x5588); // incoming rpc
- kill_fucking_raklogger(addr + 0x5918); // outcoming rpc
- kill_fucking_raklogger(addr + 0x53D9); // incoming packet
- kill_fucking_raklogger(addr + 0x572D); // outcoming packet
- }
- init = true;
- }
- }
- BOOL APIENTRY DllMain(HMODULE hModule, DWORD dwReasonForCall, LPVOID lpReserved)
- {
- if (dwReasonForCall == DLL_PROCESS_ATTACH)
- SF->initPlugin(mainloop, hModule);
- return TRUE;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement