SHARE
TWEET

Untitled

JordanTGraves Aug 17th, 2018 68 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. /*
  2. PrintExploit, developed by Powerful. This is a very simple exploit and it just prints directly
  3. to the ROBLOX Developer Console. It's a useless exploit, but it's a start for the ones who want
  4. to develop an exploit w/out copying other sources. I'm sure some of you guys will find this useful.
  5. This exploit doesn't require a Scanner, so there is no need for a scanner. It's just a Simple
  6. Console-Based Exploit that may have no meaning, but will get you in to exploiting.
  7. */
  8.  
  9. // PrintExploit Includes
  10.  
  11. #include <Windows.h>
  12. #include <iostream>
  13. #include <istream>
  14. #include <string>
  15.  
  16. // Define(s)
  17. #define _CRT_SECURE_NO_WARNINGS
  18.  
  19. int main() { return 0; }
  20.  
  21. // Most exploit developers won't use this, but it's for the sake of a beginner source code.
  22.  
  23. using namespace std;
  24.  
  25. // Now let's get on with the actual source code.
  26.  
  27. namespace PrintExploit {
  28.     namespace Integers {
  29.         int OutputType = 0; // 0 = Print, 1 = Info, 2 = Warn, 3 = Error
  30.     }
  31. }
  32.  
  33. // As you guys call the "Aslr" bypass. It's not really even a bypass, but okay.
  34.  
  35. int Address(int Offset) {
  36.     return (Offset - 0x00400000 + (DWORD)GetModuleHandle("RobloxPlayerBeta.exe"));
  37. }
  38.  
  39. // Now let's create the typedef for Singleton->Printf()
  40.  
  41. typedef int(__cdecl *SINGLETON)(int a1, const char *a2);
  42. SINGLETON SingletonPrint = (SINGLETON)Address(0x51EB70);
  43.  
  44. // This code is leaked publicly, so I'll just use this. I'm not sure who made it originally though. But credits to whoever you are.
  45.  
  46. void ConsoleBypass() {
  47.     DWORD CheckerValue;
  48.     VirtualProtect((PVOID)&FreeConsole, 1, PAGE_EXECUTE_READWRITE, &CheckerValue);
  49.     *(BYTE*)(&FreeConsole) = (0xC3);
  50. }
  51.  
  52. // Now let's create a Console Function. This just makes it easier for me to read my own code for some reason.
  53.  
  54. void Console(const char* ConsoleTitle) {
  55.     ConsoleBypass();
  56.     AllocConsole();
  57.     SetConsoleTitleA(ConsoleTitle);
  58.     freopen("CONOUT$", "w", stdout);
  59.     freopen("CONIN$", "r", stdin);
  60.     HWND ConsoleHandle = GetConsoleWindow();
  61.     ::SetWindowPos(ConsoleHandle, HWND_TOPMOST, 0, 0, 0, 0, SWP_DRAWFRAME | SWP_NOMOVE | SWP_NOSIZE | SWP_SHOWWINDOW);
  62.     ::ShowWindow(ConsoleHandle, SW_NORMAL);
  63. }
  64.  
  65. // Here is the actual start of the program.
  66.  
  67. void MainFunction() {
  68.     Console("Print Exploit");
  69.     do {
  70.         string OutputString = "";
  71.         getline(cin, OutputString);
  72.         SingletonPrint(PrintExploit::Integers::OutputType, OutputString.c_str());
  73.     } while (true);
  74. }
  75.  
  76. // Here is the end (dllmain) which creates a thread and executes the code above when injected.
  77.  
  78. int __stdcall DllMain(HMODULE a, DWORD b, void* c) {
  79.     if (b == 1) {
  80.         CreateThread(0, 0, (LPTHREAD_START_ROUTINE)MainFunction, 0, 0, 0);
  81.     }
  82.     return TRUE;
  83. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top