Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <Windows.h>
- unsigned long hk_addr, jmp_to;
- void __declspec(naked) hk()
- {
- __asm
- {
- push ebx
- push esi
- push edi
- mov eax, [ebp - 0x8]
- pushad
- pushfd
- }
- // отсюда нужно сделать вызов нашей функи Functions_Handler
- MessageBoxA(0, "Я в функе еее", "алферов сосет", MB_OK);
- __asm
- {
- popfd
- popad
- jmp jmp_to
- }
- }
- void create_jmp_hook(unsigned long addr, unsigned long dwJumpTo, unsigned int size)
- {
- unsigned long old_protect;
- VirtualProtect((void*)addr, size, PAGE_EXECUTE_READWRITE, &old_protect);
- *reinterpret_cast<unsigned char*>(addr) = 0xE9;
- *reinterpret_cast<unsigned long*>(addr + 0x1) = dwJumpTo - addr - 0x5;
- for (unsigned long i = 0x5; i < size; i++)
- *reinterpret_cast<unsigned char*>(addr + i) = 0x90;
- VirtualProtect((void*)addr, size, old_protect, &old_protect);
- }
- bool DataCompare(const unsigned char* pData, const unsigned char* pattern, const char* mask)
- {
- for (; *mask; ++mask, ++pData, ++pattern)
- if (*pData != *pattern)
- return false;
- return (*mask) == NULL;
- }
- unsigned long FindPattern(unsigned long start_address, unsigned char* pattern, char *mask)
- {
- for (unsigned long i = 0;; i++)
- if (DataCompare((unsigned char*)(start_address + i), pattern, mask))
- return (unsigned long)(start_address + i);
- return NULL;
- }
- BOOL APIENTRY DllMain(HMODULE hModule, unsigned long ReasonForCall, void* lpReserved)
- {
- if (ReasonForCall == DLL_PROCESS_ATTACH)
- {
- char mask[] = "xxxxxxxxxxxxxxxxxxxxxxx";
- hk_addr = FindPattern((unsigned long)GetModuleHandleA("samp-server.exe"), (unsigned char*)"\x53\x56\x57\x8B\x45\xF8\x89\x65\xE8\x50\x8B\x45\xFC\xC7\x45\xFC\xFF\xFF\xFF\xFF\x89\x45\xF8", mask);
- jmp_to = hk_addr + 6;
- if (hk_addr) create_jmp_hook(hk_addr, (unsigned long)hk, 6);
- }
- return TRUE;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement