Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <iostream>
- #include <Windows.h>
- #include <vector>
- #include <fstream>
- #include <string>
- /*
- ===========================================================================
- HOW TO READ / WRITE PROCESS MEMORY WITH DLL
- Read / Write ProcessMemory(ProcessHandle, (BYTE*)Address, &FinalAdd, 4, NULL);
- ReadProcessMemory - Function
- ProcessHandle - This is the handle of the program you want to read memory of. This needs to be a HANDLE variable type.
- Address - This is the address in the memory that you would like to read
- &FinalAdd - This is a varible you want to set / create with the info read. It will read / write it and set what it has found to the variable
- 4 - Amount of bytes you want read
- NULL - Returns how many bytes was read. This most of the time can just be 0 or NULL
- Example -
- HANDLE ProcessHandle = GetCurrentProcess();
- uintptr_t ProcessAddress = (uintptr_t)GetModuleHandle(NULL);
- uintptr_t Add1 = ProcessAddress + 0x00748BDC;
- uintptr_t FinalAdd;
- ReadProcessMemory(ProcessHandle, (BYTE*)Add1, &FinalAdd, 4, NULL);
- ===========================================================================
- ===========================================================================
- HOW FINDING THE CORRECT ADDRESS WORKS
- Ok so every address is a hexedecimal. Something that looks like this 0x00748BDC. Every hexedecimal must start with 0x indicating
- that it is a hexedecimal.
- When using pointers. You MUST remember when finding an address a pointer is pointing to you need to ADD hexedecimals and READ what its pointing to.
- For example if a values pointer address is 0xCB+0xCA51. That will point to one address. You must then read what it is pointing to and then
- add an OFFSET to that address that you just read. so 0xCB + 0xCA51 = 0xD18BC (for example) but you need to add 0xDC and 0x16 to it.
- You dont just Add the offsets to the 0xD18BC. You must read what 0xD18BC is pointing to and add it to that. So if its pointing to
- the address 0x8BAC16. You must take that address and add 0xDC to it. You will get a new address then repeat, read what its pointing to and
- add the new offset until all offsets are finished and you have gotten to what you want.
- ===========================================================================
- ===========================================================================
- HOW TO CALL GAME FUNCTIONS USING THE OFFSET
- typedef void(_stdcall * _Caller)();
- _Caller Call1;
- uintptr_t ProcessHandle = (uintptr_t)GetModuleHandle(NULL);{
- Call1 = (_Caller)(ProcessHandle + 0x9E264);
- Call1();
- }
- Cant really explain what is happening here but you can get a idea of what is happening. So yea.
- 0x9E264 = THE FUNCTIONS OFFSET
- ===========================================================================
- ===========================================================================
- HOW TO GET HWND / PROCESSS ID / HANDLE with exe
- Get the programs hwnd. an example of this is
- HWND hwnd = FindWindowA(NULL,"AssultCube");
- Then get the process id. an example of this is
- DWORD procid;
- GetWindowThreadProcessId(hwnd, &procid);
- Then get the handle. an example of this is
- HANDLE handle = openProcess(PROCESS_ALL_ACCESS, FALSE,procid)
- ===========================================================================
- */
- void CreateDllDebug() {
- HANDLE haConsole = GetStdHandle(STD_OUTPUT_HANDLE);
- AllocConsole();
- FILE* f;
- freopen_s(&f, "CONOUT$", "w", stdout);
- SetConsoleTextAttribute(haConsole, 12);
- std::cout << "------------------------\n - INJECTED -\n------------------------";
- SetConsoleTextAttribute(haConsole, 7);
- }
- uintptr_t FindAddress(HANDLE hProc, uintptr_t ptr, std::vector<unsigned int> offsets)
- {
- uintptr_t addr = ptr;
- for (unsigned int i = 0; i < offsets.size(); ++i)
- {
- ReadProcessMemory(hProc, (BYTE*)addr, &addr, sizeof(addr), 0);
- addr += offsets[i];
- }
- return addr;
- }
- int* Hook(void* toHook, void* ourFunction, int len, int* SavedBytes) { // The hook function that will redirect the opcode to your own function
- if (len < 5) { // When doing a JMP opcode the amount of bytes being written needs to be more than 5 otherwise it wont work
- return SavedBytes;
- }
- else
- {
- DWORD CurrentProtection; // Creates a variable that will hold the current programs protection
- VirtualProtect(toHook, len, PAGE_EXECUTE_READWRITE, &CurrentProtection); // Changes the programs protection to PAGE_EXECUTE_READWRITE and assigns its old protection to CurrentProtection
- for (int i = 0; i < len; i++) {
- SavedBytes[i] = *(BYTE*)((DWORD)toHook + i);
- }
- memset(toHook, 0x90, len); // Sets the amount of bytes written to 0x90 which makes it NOP
- DWORD relativeAddress = ((DWORD)ourFunction - (DWORD)toHook) - 5; // No idea honestly
- *(BYTE*)toHook = 0xE9; // 0xE9 is the byte value for jmp - This adds jmp to the opcode
- *(DWORD*)((DWORD)toHook + 1) = relativeAddress; // This adds the address that will be jumped to so now it will look like - jmp (address)
- DWORD tempProtect; // Gets the current protection we set it to (PAGE_EXECUTE_READWRITE)
- VirtualProtect(toHook, len, CurrentProtection, &tempProtect); // Puts back the old / default protection
- return SavedBytes;
- }
- }
- bool UnHook(void* toHook, int len, int* SavedBytes) {
- if (len < 5) { // When doing a JMP opcode the amount of bytes being written needs to be more than 5 otherwise it wont work
- return false;
- }
- else
- {
- DWORD CurrentProtection; // Creates a variable that will hold the current programs protection
- VirtualProtect(toHook, len, PAGE_EXECUTE_READWRITE, &CurrentProtection); // Changes the programs protection to PAGE_EXECUTE_READWRITE and assigns its old protection to CurrentProtection
- for (int i = 0; i < sizeof(SavedBytes) + 1; i++) {
- *(BYTE*)((DWORD)toHook + i) = SavedBytes[i];
- }
- DWORD tempProtect; // Gets the current protection we set it to (PAGE_EXECUTE_READWRITE)
- VirtualProtect(toHook, len, CurrentProtection, &tempProtect); // Puts back the old / default protection
- return true;
- }
- }
- static int Treenum = 0;
- void ZTreeMain(std::string Branch, bool NewTree, int Color) {
- /*
- Colors:
- Green - 10
- Yellow - 14
- Red - 12
- */
- HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
- int Current = 0;
- if (Color == 0) {
- Color = 7;
- }
- if (NewTree == true) {
- Treenum = 0;
- Color = 7;
- Current = 0;
- std::cout << std::endl;
- SetConsoleTextAttribute(hConsole, 7);
- }
- if (Treenum == 0) {
- SetConsoleTextAttribute(hConsole, Color);
- std::cout << " " << Branch << std::endl;
- Treenum = Treenum++;
- }
- else {
- while (Current < Treenum) {
- std::cout << " ";
- Current = Current++;
- }
- std::cout << " \\___";
- SetConsoleTextAttribute(hConsole, Color);
- std::cout << Branch << std::endl;
- Treenum = Treenum++;
- SetConsoleTextAttribute(hConsole, 7);
- }
- SetConsoleTextAttribute(hConsole, 7);
- }
- void ZTreeAddress(std::string Branch, uintptr_t Address, int Color) {
- HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
- int Current = 0;
- if (Color == 0) {
- Color = 7;
- }
- while (Current < Treenum) {
- std::cout << " ";
- Current = Current++;
- }
- std::cout << " \\___";
- SetConsoleTextAttribute(hConsole, Color);
- std::cout << Branch << std::hex << Address << std::endl;
- Treenum = Treenum++;
- SetConsoleTextAttribute(hConsole, 7);
- SetConsoleTextAttribute(hConsole, 7);
- }
- void ZTreeValue(std::string Branch, int Value, int Color) {
- HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
- int Current = 0;
- if (Color == 0) {
- Color = 7;
- }
- while (Current < Treenum) {
- std::cout << " ";
- Current = Current++;
- }
- std::cout << " \\___";
- SetConsoleTextAttribute(hConsole, Color);
- std::cout << Branch << std::hex << Value << std::endl;
- Treenum = Treenum++;
- SetConsoleTextAttribute(hConsole, 7);
- SetConsoleTextAttribute(hConsole, 7);
- }
Add Comment
Please, Sign In to add comment