Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.ComponentModel;
- using System.Diagnostics;
- using System.Drawing;
- using System.IO;
- using System.Linq;
- using System.Runtime.InteropServices;
- using System.Runtime.Serialization.Formatters.Binary;
- using System.Threading;
- using System.Windows.Forms;
- namespace WindowsFormsApp1
- {
- // Token: 0x02000002 RID: 2
- public class Form1 : Form
- {
- // Token: 0x06000001 RID: 1 RVA: 0x00002048 File Offset: 0x00000248
- public Form1()
- {
- this.InitializeComponent();
- }
- // Token: 0x06000002 RID: 2
- [DllImport("kernel32.dll")]
- public static extern int OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);
- // Token: 0x06000003 RID: 3
- [DllImport("kernel32")]
- public static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttributes, uint dwStackSize, UIntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, out IntPtr lpThreadId);
- // Token: 0x06000004 RID: 4
- [DllImport("kernel32.dll")]
- public static extern IntPtr OpenProcess(uint dwDesiredAccess, int bInheritHandle, int dwProcessId);
- // Token: 0x06000005 RID: 5
- [DllImport("kernel32.dll")]
- public static extern int CloseHandle(IntPtr hObject);
- // Token: 0x06000006 RID: 6
- [DllImport("kernel32.dll", ExactSpelling = true, SetLastError = true)]
- private static extern bool VirtualFreeEx(IntPtr hProcess, IntPtr lpAddress, UIntPtr dwSize, uint dwFreeType);
- // Token: 0x06000007 RID: 7
- [DllImport("kernel32.dll", CharSet = CharSet.Ansi, ExactSpelling = true)]
- public static extern UIntPtr GetProcAddress(IntPtr hModule, string procName);
- // Token: 0x06000008 RID: 8
- [DllImport("kernel32.dll", ExactSpelling = true, SetLastError = true)]
- private static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect);
- // Token: 0x06000009 RID: 9
- [DllImport("kernel32.dll")]
- private static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, string lpBuffer, UIntPtr nSize, out IntPtr lpNumberOfBytesWritten);
- // Token: 0x0600000A RID: 10
- [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
- public static extern IntPtr GetModuleHandle(string lpModuleName);
- // Token: 0x0600000B RID: 11
- [DllImport("kernel32", ExactSpelling = true, SetLastError = true)]
- internal static extern int WaitForSingleObject(IntPtr handle, int milliseconds);
- // Token: 0x0600000C RID: 12
- [DllImport("kernel32.dll")]
- public static extern bool ReadProcessMemory(int hProcess, long lpBaseAddress, byte[] buffer, int size, int lpNumberOfBytesRead);
- // Token: 0x0600000D RID: 13
- [DllImport("kernel32.dll")]
- public static extern bool WriteProcessMemory(int hProcess, long lpBaseAddress, byte[] buffer, int size, int lpNumberOfBytesWritten);
- // Token: 0x0600000E RID: 14 RVA: 0x00002060 File Offset: 0x00000260
- public int GetProcessId(string proc)
- {
- Process[] processesByName = Process.GetProcessesByName(proc);
- return processesByName[0].Id;
- }
- // Token: 0x0600000F RID: 15 RVA: 0x00002084 File Offset: 0x00000284
- public static byte[] ReadProcessMemory(long adress, int processSize, int processHandle)
- {
- byte[] array = new byte[processSize];
- Form1.ReadProcessMemory(processHandle, adress, array, processSize, 0);
- return array;
- }
- // Token: 0x06000010 RID: 16 RVA: 0x000020A9 File Offset: 0x000002A9
- public static void WriteProcessMemory(long adress, byte[] processBytes, int processHandle)
- {
- Form1.WriteProcessMemory(processHandle, adress, processBytes, processBytes.Length, 0);
- }
- // Token: 0x06000011 RID: 17 RVA: 0x000020BC File Offset: 0x000002BC
- public static int GetObjectSize(object TestObject)
- {
- BinaryFormatter binaryFormatter = new BinaryFormatter();
- MemoryStream memoryStream = new MemoryStream();
- binaryFormatter.Serialize(memoryStream, TestObject);
- byte[] array = memoryStream.ToArray();
- return array.Length;
- }
- // Token: 0x06000012 RID: 18 RVA: 0x000020F0 File Offset: 0x000002F0
- public static string ConvertStringToHex(string asciiString)
- {
- string text = "";
- foreach (char c in asciiString)
- {
- int num = (int)c;
- text += string.Format("{0:x2}", Convert.ToUInt32(num.ToString()));
- }
- return text;
- }
- // Token: 0x06000013 RID: 19 RVA: 0x00002150 File Offset: 0x00000350
- public static byte[] StringToByteArray(string hex)
- {
- return (from x in Enumerable.Range(0, hex.Length)
- where x % 2 == 0
- select Convert.ToByte(hex.Substring(x, 2), 16)).ToArray<byte>();
- }
- // Token: 0x06000014 RID: 20 RVA: 0x000021BC File Offset: 0x000003BC
- public void InjectDLL(IntPtr hProcess, string strDLLName)
- {
- int num = strDLLName.Length + 1;
- IntPtr intPtr = Form1.VirtualAllocEx(hProcess, (IntPtr)null, (uint)num, 12288u, 4u);
- IntPtr intPtr2;
- Form1.WriteProcessMemory(hProcess, intPtr, strDLLName, (UIntPtr)((ulong)((long)num)), out intPtr2);
- UIntPtr procAddress = Form1.GetProcAddress(Form1.GetModuleHandle("kernel32.dll"), "LoadLibraryA");
- IntPtr intPtr3 = Form1.CreateRemoteThread(hProcess, (IntPtr)null, 0u, procAddress, intPtr, 0u, out intPtr2);
- int num2 = Form1.WaitForSingleObject(intPtr3, 10000);
- }
- // Token: 0x06000015 RID: 21 RVA: 0x000022AC File Offset: 0x000004AC
- private void button1_Click(object sender, EventArgs e)
- {
- string text = this.textBox1.Text;
- string text2 = this.textBox2.Text;
- try
- {
- Process.Start("BlackDesert64.exe", (this.textBox1.Text + "," + this.textBox2.Text) ?? "");
- }
- catch
- {
- MessageBox.Show("Cannot find BlackDesert64.exe, make sure the launcher is in the bin64 folder.", "Error!");
- return;
- }
- Thread.Sleep(1500);
- string strDLLName = "steam_api64.dll";
- string proc = "BlackDesert64";
- int processId = this.GetProcessId(proc);
- bool flag = processId >= 0;
- if (flag)
- {
- IntPtr hProcess = Form1.OpenProcess(2035711u, 1, processId);
- this.InjectDLL(hProcess, strDLLName);
- Thread.Sleep(500);
- Process[] processesByName = Process.GetProcessesByName("BlackDesert64");
- uint num = 65536u;
- uint num2 = 131072u;
- uint num3 = 262144u;
- uint num4 = 524288u;
- uint num5 = 1048576u;
- uint num6 = 4095u;
- uint dwDesiredAccess = num | num2 | num3 | num4 | num5 | num6;
- int processHandle = Form1.OpenProcess(dwDesiredAccess, false, processesByName[0].Id);
- Form1.ReadProcessMemory(processesByName[0].MainModule.BaseAddress.ToInt64() + 43055736L, 11, processHandle);
- bool flag2 = this.textBox3.Text == null;
- if (flag2)
- {
- string hex = Form1.ConvertStringToHex("127.0.0.1");
- Form1.WriteProcessMemory(processesByName[0].MainModule.BaseAddress.ToInt64() + 43055736L, Form1.StringToByteArray(hex), processHandle);
- }
- else
- {
- string hex2 = Form1.ConvertStringToHex(this.textBox3.Text);
- Form1.WriteProcessMemory(processesByName[0].MainModule.BaseAddress.ToInt64() + 43055736L, Form1.StringToByteArray(hex2), processHandle);
- }
- }
- Application.Exit();
- }
- // Token: 0x06000016 RID: 22 RVA: 0x000024AC File Offset: 0x000006AC
- protected override void Dispose(bool disposing)
- {
- bool flag = disposing && this.components != null;
- if (flag)
- {
- this.components.Dispose();
- }
- base.Dispose(disposing);
- }
- // Token: 0x06000017 RID: 23 RVA: 0x000024E4 File Offset: 0x000006E4
- private void InitializeComponent()
- {
- this.button1 = new Button();
- this.textBox1 = new TextBox();
- this.textBox2 = new TextBox();
- this.label1 = new Label();
- this.textBox3 = new TextBox();
- this.label2 = new Label();
- this.label3 = new Label();
- this.label4 = new Label();
- this.pictureBox1 = new PictureBox();
- base.SuspendLayout();
- this.button1.Location = new Point(225, 163);
- this.button1.Name = "button1";
- this.button1.Size = new Size(211, 48);
- this.button1.TabIndex = 0;
- this.button1.Text = "Start Game";
- this.button1.UseVisualStyleBackColor = false;
- this.button1.Click += this.button1_Click;
- this.textBox1.Font = new Font("Arial", 12F);
- this.textBox1.Location = new Point(336, 84);
- this.textBox1.Name = "textBox1";
- this.textBox1.Size = new Size(100, 26);
- this.textBox1.TabIndex = 1;
- this.textBox2.Font = new Font("Arial", 12F);
- this.textBox2.Location = new Point(336, 120);
- this.textBox2.Name = "textBox2";
- this.textBox2.Size = new Size(100, 26);
- this.textBox2.TabIndex = 2;
- this.label1.AutoSize = true;
- this.label1.BackColor = Color.Transparent;
- this.label1.ForeColor = Color.Transparent;
- this.label1.Font = new Font("Agency FB", 18F);
- this.label1.Location = new Point(220, 79);
- this.label1.Name = "label1";
- this.label1.Size = new Size(93, 28);
- this.label1.TabIndex = 3;
- this.label1.Text = "Username:";
- this.textBox3.Location = new Point(72, 27);
- this.textBox3.Name = "textBox3";
- this.textBox3.Size = new Size(100, 20);
- this.textBox3.TabIndex = 4;
- this.textBox3.Text = "94.130.20.54";
- this.textBox3.Visible = false;
- this.label2.AutoSize = true;
- this.label2.Location = new Point(12, 30);
- this.label2.Name = "label2";
- this.label2.Size = new Size(54, 13);
- this.label2.TabIndex = 5;
- this.label2.Text = "Server IP:";
- this.label2.Visible = false;
- this.label3.AutoSize = true;
- this.label3.BackColor = Color.Transparent;
- this.label3.ForeColor = Color.Transparent;
- this.label3.Font = new Font("Agency FB", 18F);
- this.label3.Location = new Point(224, 120);
- this.label3.Name = "label3";
- this.label3.Size = new Size(89, 28);
- this.label3.TabIndex = 6;
- this.label3.Text = "Password:";
- this.label4.AutoSize = true;
- this.label4.BackColor = Color.Transparent;
- this.label4.ForeColor = Color.Transparent;
- this.label4.Font = new Font("Unispace", 14.25F);
- this.label4.Location = new Point(225, 23);
- this.label4.Name = "label4";
- this.label4.Size = new Size(214, 23);
- this.label4.TabIndex = 7;
- this.label4.Text = "Register or Login";
- this.pictureBox1.BackgroundImage = Image.FromFile("launcher/image.png");
- this.pictureBox1.Location = new Point(40, 68);
- this.pictureBox1.Name = "pictureBox1";
- this.pictureBox1.Size = new Size(155, 143);
- this.pictureBox1.TabIndex = 8;
- this.BackgroundImage = System.Drawing.Image.FromFile("launcher/launcher.png");
- base.ClientSize = new Size(492, 270);
- base.AutoScaleDimensions = new SizeF(6f, 13f);
- base.AutoScaleMode = AutoScaleMode.Font;
- base.Controls.Add(this.pictureBox1);
- base.Controls.Add(this.label4);
- base.Controls.Add(this.label3);
- base.Controls.Add(this.label2);
- base.Controls.Add(this.textBox3);
- base.Controls.Add(this.label1);
- base.Controls.Add(this.textBox2);
- base.Controls.Add(this.textBox1);
- base.Controls.Add(this.button1);
- base.Name = "Form1";
- this.Text = "Black Avalanche";
- base.ResumeLayout(false);
- base.PerformLayout();
- this.Icon = new Icon("launcher/avalanche.ico");
- base.FormBorderStyle = FormBorderStyle.FixedDialog;
- base.MaximizeBox = false;
- }
- // Token: 0x04000001 RID: 1
- private IContainer components = null;
- // Token: 0x04000002 RID: 2
- private Button button1;
- // Token: 0x04000003 RID: 3
- private TextBox textBox1;
- // Token: 0x04000004 RID: 4
- private TextBox textBox2;
- // Token: 0x04000005 RID: 5
- private Label label1;
- // Token: 0x04000006 RID: 6
- private TextBox textBox3;
- // Token: 0x04000007 RID: 7
- private Label label2;
- // Token: 0x04000008 RID: 8
- private Label label3;
- private PictureBox pictureBox1;
- // Token: 0x04000009 RID: 9
- private Label label4;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement