API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 21st, 2018
287
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.80 KB | None | 0 0
raw download clone embed print report
  1. using System;
  2. using System.ComponentModel;
  3. using System.Diagnostics;
  4. using System.Drawing;
  5. using System.IO;
  6. using System.Linq;
  7. using System.Runtime.InteropServices;
  8. using System.Runtime.Serialization.Formatters.Binary;
  9. using System.Threading;
  10. using System.Windows.Forms;
  11.  
  12. namespace WindowsFormsApp1
  13. {
  14. // Token: 0x02000002 RID: 2
  15. public class Form1 : Form
  16. {
  17. // Token: 0x06000001 RID: 1 RVA: 0x00002048 File Offset: 0x00000248
  18. public Form1()
  19. {
  20. this.InitializeComponent();
  21. }
  22.  
  23. // Token: 0x06000002 RID: 2
  24. [DllImport("kernel32.dll")]
  25. public static extern int OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);
  26.  
  27. // Token: 0x06000003 RID: 3
  28. [DllImport("kernel32")]
  29. public static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttributes, uint dwStackSize, UIntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, out IntPtr lpThreadId);
  30.  
  31. // Token: 0x06000004 RID: 4
  32. [DllImport("kernel32.dll")]
  33. public static extern IntPtr OpenProcess(uint dwDesiredAccess, int bInheritHandle, int dwProcessId);
  34.  
  35. // Token: 0x06000005 RID: 5
  36. [DllImport("kernel32.dll")]
  37. public static extern int CloseHandle(IntPtr hObject);
  38.  
  39. // Token: 0x06000006 RID: 6
  40. [DllImport("kernel32.dll", ExactSpelling = true, SetLastError = true)]
  41. private static extern bool VirtualFreeEx(IntPtr hProcess, IntPtr lpAddress, UIntPtr dwSize, uint dwFreeType);
  42.  
  43. // Token: 0x06000007 RID: 7
  44. [DllImport("kernel32.dll", CharSet = CharSet.Ansi, ExactSpelling = true)]
  45. public static extern UIntPtr GetProcAddress(IntPtr hModule, string procName);
  46.  
  47. // Token: 0x06000008 RID: 8
  48. [DllImport("kernel32.dll", ExactSpelling = true, SetLastError = true)]
  49. private static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect);
  50.  
  51. // Token: 0x06000009 RID: 9
  52. [DllImport("kernel32.dll")]
  53. private static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, string lpBuffer, UIntPtr nSize, out IntPtr lpNumberOfBytesWritten);
  54.  
  55. // Token: 0x0600000A RID: 10
  56. [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
  57. public static extern IntPtr GetModuleHandle(string lpModuleName);
  58.  
  59. // Token: 0x0600000B RID: 11
  60. [DllImport("kernel32", ExactSpelling = true, SetLastError = true)]
  61. internal static extern int WaitForSingleObject(IntPtr handle, int milliseconds);
  62.  
  63. // Token: 0x0600000C RID: 12
  64. [DllImport("kernel32.dll")]
  65. public static extern bool ReadProcessMemory(int hProcess, long lpBaseAddress, byte[] buffer, int size, int lpNumberOfBytesRead);
  66.  
  67. // Token: 0x0600000D RID: 13
  68. [DllImport("kernel32.dll")]
  69. public static extern bool WriteProcessMemory(int hProcess, long lpBaseAddress, byte[] buffer, int size, int lpNumberOfBytesWritten);
  70.  
  71. // Token: 0x0600000E RID: 14 RVA: 0x00002060 File Offset: 0x00000260
  72. public int GetProcessId(string proc)
  73. {
  74. Process[] processesByName = Process.GetProcessesByName(proc);
  75. return processesByName[0].Id;
  76. }
  77.  
  78. // Token: 0x0600000F RID: 15 RVA: 0x00002084 File Offset: 0x00000284
  79. public static byte[] ReadProcessMemory(long adress, int processSize, int processHandle)
  80. {
  81. byte[] array = new byte[processSize];
  82. Form1.ReadProcessMemory(processHandle, adress, array, processSize, 0);
  83. return array;
  84. }
  85.  
  86. // Token: 0x06000010 RID: 16 RVA: 0x000020A9 File Offset: 0x000002A9
  87. public static void WriteProcessMemory(long adress, byte[] processBytes, int processHandle)
  88. {
  89. Form1.WriteProcessMemory(processHandle, adress, processBytes, processBytes.Length, 0);
  90. }
  91.  
  92. // Token: 0x06000011 RID: 17 RVA: 0x000020BC File Offset: 0x000002BC
  93. public static int GetObjectSize(object TestObject)
  94. {
  95. BinaryFormatter binaryFormatter = new BinaryFormatter();
  96. MemoryStream memoryStream = new MemoryStream();
  97. binaryFormatter.Serialize(memoryStream, TestObject);
  98. byte[] array = memoryStream.ToArray();
  99. return array.Length;
  100. }
  101.  
  102. // Token: 0x06000012 RID: 18 RVA: 0x000020F0 File Offset: 0x000002F0
  103. public static string ConvertStringToHex(string asciiString)
  104. {
  105. string text = "";
  106. foreach (char c in asciiString)
  107. {
  108. int num = (int)c;
  109. text += string.Format("{0:x2}", Convert.ToUInt32(num.ToString()));
  110. }
  111. return text;
  112. }
  113.  
  114. // Token: 0x06000013 RID: 19 RVA: 0x00002150 File Offset: 0x00000350
  115. public static byte[] StringToByteArray(string hex)
  116. {
  117. return (from x in Enumerable.Range(0, hex.Length)
  118. where x % 2 == 0
  119. select Convert.ToByte(hex.Substring(x, 2), 16)).ToArray<byte>();
  120. }
  121.  
  122. // Token: 0x06000014 RID: 20 RVA: 0x000021BC File Offset: 0x000003BC
  123. public void InjectDLL(IntPtr hProcess, string strDLLName)
  124. {
  125. int num = strDLLName.Length + 1;
  126. IntPtr intPtr = Form1.VirtualAllocEx(hProcess, (IntPtr)null, (uint)num, 12288u, 4u);
  127. IntPtr intPtr2;
  128. Form1.WriteProcessMemory(hProcess, intPtr, strDLLName, (UIntPtr)((ulong)((long)num)), out intPtr2);
  129. UIntPtr procAddress = Form1.GetProcAddress(Form1.GetModuleHandle("kernel32.dll"), "LoadLibraryA");
  130. IntPtr intPtr3 = Form1.CreateRemoteThread(hProcess, (IntPtr)null, 0u, procAddress, intPtr, 0u, out intPtr2);
  131. int num2 = Form1.WaitForSingleObject(intPtr3, 10000);
  132.  
  133. }
  134.  
  135. // Token: 0x06000015 RID: 21 RVA: 0x000022AC File Offset: 0x000004AC
  136. private void button1_Click(object sender, EventArgs e)
  137. {
  138. string text = this.textBox1.Text;
  139. string text2 = this.textBox2.Text;
  140. try
  141. {
  142. Process.Start("BlackDesert64.exe", (this.textBox1.Text + "," + this.textBox2.Text) ?? "");
  143. }
  144. catch
  145. {
  146. MessageBox.Show("Cannot find BlackDesert64.exe, make sure the launcher is in the bin64 folder.", "Error!");
  147. return;
  148. }
  149. Thread.Sleep(1500);
  150. string strDLLName = "steam_api64.dll";
  151. string proc = "BlackDesert64";
  152. int processId = this.GetProcessId(proc);
  153. bool flag = processId >= 0;
  154. if (flag)
  155. {
  156. IntPtr hProcess = Form1.OpenProcess(2035711u, 1, processId);
  157. this.InjectDLL(hProcess, strDLLName);
  158. Thread.Sleep(500);
  159. Process[] processesByName = Process.GetProcessesByName("BlackDesert64");
  160. uint num = 65536u;
  161. uint num2 = 131072u;
  162. uint num3 = 262144u;
  163. uint num4 = 524288u;
  164. uint num5 = 1048576u;
  165. uint num6 = 4095u;
  166. uint dwDesiredAccess = num | num2 | num3 | num4 | num5 | num6;
  167. int processHandle = Form1.OpenProcess(dwDesiredAccess, false, processesByName[0].Id);
  168. Form1.ReadProcessMemory(processesByName[0].MainModule.BaseAddress.ToInt64() + 43055736L, 11, processHandle);
  169. bool flag2 = this.textBox3.Text == null;
  170. if (flag2)
  171. {
  172. string hex = Form1.ConvertStringToHex("127.0.0.1");
  173. Form1.WriteProcessMemory(processesByName[0].MainModule.BaseAddress.ToInt64() + 43055736L, Form1.StringToByteArray(hex), processHandle);
  174. }
  175. else
  176. {
  177. string hex2 = Form1.ConvertStringToHex(this.textBox3.Text);
  178. Form1.WriteProcessMemory(processesByName[0].MainModule.BaseAddress.ToInt64() + 43055736L, Form1.StringToByteArray(hex2), processHandle);
  179. }
  180. }
  181. Application.Exit();
  182. }
  183.  
  184. // Token: 0x06000016 RID: 22 RVA: 0x000024AC File Offset: 0x000006AC
  185. protected override void Dispose(bool disposing)
  186. {
  187. bool flag = disposing && this.components != null;
  188. if (flag)
  189. {
  190. this.components.Dispose();
  191. }
  192. base.Dispose(disposing);
  193. }
  194.  
  195. // Token: 0x06000017 RID: 23 RVA: 0x000024E4 File Offset: 0x000006E4
  196. private void InitializeComponent()
  197. {
  198. this.button1 = new Button();
  199. this.textBox1 = new TextBox();
  200. this.textBox2 = new TextBox();
  201. this.label1 = new Label();
  202. this.textBox3 = new TextBox();
  203. this.label2 = new Label();
  204. this.label3 = new Label();
  205. this.label4 = new Label();
  206. this.pictureBox1 = new PictureBox();
  207. base.SuspendLayout();
  208. this.button1.Location = new Point(225, 163);
  209. this.button1.Name = "button1";
  210. this.button1.Size = new Size(211, 48);
  211. this.button1.TabIndex = 0;
  212. this.button1.Text = "Start Game";
  213. this.button1.UseVisualStyleBackColor = false;
  214. this.button1.Click += this.button1_Click;
  215. this.textBox1.Font = new Font("Arial", 12F);
  216. this.textBox1.Location = new Point(336, 84);
  217. this.textBox1.Name = "textBox1";
  218. this.textBox1.Size = new Size(100, 26);
  219. this.textBox1.TabIndex = 1;
  220. this.textBox2.Font = new Font("Arial", 12F);
  221. this.textBox2.Location = new Point(336, 120);
  222. this.textBox2.Name = "textBox2";
  223. this.textBox2.Size = new Size(100, 26);
  224. this.textBox2.TabIndex = 2;
  225. this.label1.AutoSize = true;
  226. this.label1.BackColor = Color.Transparent;
  227. this.label1.ForeColor = Color.Transparent;
  228. this.label1.Font = new Font("Agency FB", 18F);
  229. this.label1.Location = new Point(220, 79);
  230. this.label1.Name = "label1";
  231. this.label1.Size = new Size(93, 28);
  232. this.label1.TabIndex = 3;
  233. this.label1.Text = "Username:";
  234. this.textBox3.Location = new Point(72, 27);
  235. this.textBox3.Name = "textBox3";
  236. this.textBox3.Size = new Size(100, 20);
  237. this.textBox3.TabIndex = 4;
  238. this.textBox3.Text = "94.130.20.54";
  239. this.textBox3.Visible = false;
  240. this.label2.AutoSize = true;
  241. this.label2.Location = new Point(12, 30);
  242. this.label2.Name = "label2";
  243. this.label2.Size = new Size(54, 13);
  244. this.label2.TabIndex = 5;
  245. this.label2.Text = "Server IP:";
  246. this.label2.Visible = false;
  247. this.label3.AutoSize = true;
  248. this.label3.BackColor = Color.Transparent;
  249. this.label3.ForeColor = Color.Transparent;
  250. this.label3.Font = new Font("Agency FB", 18F);
  251. this.label3.Location = new Point(224, 120);
  252. this.label3.Name = "label3";
  253. this.label3.Size = new Size(89, 28);
  254. this.label3.TabIndex = 6;
  255. this.label3.Text = "Password:";
  256. this.label4.AutoSize = true;
  257. this.label4.BackColor = Color.Transparent;
  258. this.label4.ForeColor = Color.Transparent;
  259. this.label4.Font = new Font("Unispace", 14.25F);
  260. this.label4.Location = new Point(225, 23);
  261. this.label4.Name = "label4";
  262. this.label4.Size = new Size(214, 23);
  263. this.label4.TabIndex = 7;
  264. this.label4.Text = "Register or Login";
  265. this.pictureBox1.BackgroundImage = Image.FromFile("launcher/image.png");
  266. this.pictureBox1.Location = new Point(40, 68);
  267. this.pictureBox1.Name = "pictureBox1";
  268. this.pictureBox1.Size = new Size(155, 143);
  269. this.pictureBox1.TabIndex = 8;
  270. this.BackgroundImage = System.Drawing.Image.FromFile("launcher/launcher.png");
  271. base.ClientSize = new Size(492, 270);
  272. base.AutoScaleDimensions = new SizeF(6f, 13f);
  273. base.AutoScaleMode = AutoScaleMode.Font;
  274. base.Controls.Add(this.pictureBox1);
  275. base.Controls.Add(this.label4);
  276. base.Controls.Add(this.label3);
  277. base.Controls.Add(this.label2);
  278. base.Controls.Add(this.textBox3);
  279. base.Controls.Add(this.label1);
  280. base.Controls.Add(this.textBox2);
  281. base.Controls.Add(this.textBox1);
  282. base.Controls.Add(this.button1);
  283. base.Name = "Form1";
  284. this.Text = "Black Avalanche";
  285. base.ResumeLayout(false);
  286. base.PerformLayout();
  287. this.Icon = new Icon("launcher/avalanche.ico");
  288. base.FormBorderStyle = FormBorderStyle.FixedDialog;
  289. base.MaximizeBox = false;
  290. }
  291.  
  292. // Token: 0x04000001 RID: 1
  293. private IContainer components = null;
  294.  
  295. // Token: 0x04000002 RID: 2
  296. private Button button1;
  297.  
  298. // Token: 0x04000003 RID: 3
  299. private TextBox textBox1;
  300.  
  301. // Token: 0x04000004 RID: 4
  302. private TextBox textBox2;
  303.  
  304. // Token: 0x04000005 RID: 5
  305. private Label label1;
  306.  
  307. // Token: 0x04000006 RID: 6
  308. private TextBox textBox3;
  309.  
  310. // Token: 0x04000007 RID: 7
  311. private Label label2;
  312.  
  313. // Token: 0x04000008 RID: 8
  314. private Label label3;
  315. private PictureBox pictureBox1;
  316.  
  317. // Token: 0x04000009 RID: 9
  318. private Label label4;
  319. }
  320. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!