API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 22nd, 2018
72
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.77 KB | None | 0 0
raw download clone embed print report
  1. using System;
  2. using System.Diagnostics;
  3. using System.IO;
  4. using System.Runtime.InteropServices;
  5. using System.Text;
  6. namespace StormCheats
  7. {
  8.  
  9. class Cheat
  10. {
  11. [DllImport("kernel32.dll")]
  12. public static extern IntPtr OpenProcess(int dwDesiredAccess, bool bInheritHandle, int dwProcessId);
  13.  
  14. [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
  15. public static extern IntPtr GetModuleHandle(string lpModuleName);
  16.  
  17. [DllImport("kernel32", CharSet = CharSet.Ansi, ExactSpelling = true, SetLastError = true)]
  18. static extern IntPtr GetProcAddress(IntPtr hModule, string procName);
  19.  
  20. [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)]
  21. static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress,
  22. uint dwSize, uint flAllocationType, uint flProtect);
  23.  
  24. [DllImport("kernel32.dll", SetLastError = true)]
  25. static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, out UIntPtr lpNumberOfBytesWritten);
  26.  
  27. [DllImport("kernel32.dll")]
  28. static extern IntPtr CreateRemoteThread(IntPtr hProcess,
  29. IntPtr lpThreadAttributes, uint dwStackSize, IntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, IntPtr lpThreadId);
  30.  
  31.  
  32. const int PROCESS_CREATE_THREAD = 0x0002;
  33. const int PROCESS_QUERY_INFORMATION = 0x0400;
  34. const int PROCESS_VM_OPERATION = 0x0008;
  35. const int PROCESS_VM_WRITE = 0x0020;
  36. const int PROCESS_VM_READ = 0x0010;
  37.  
  38. const uint MEM_COMMIT = 0x00001000;
  39. const uint MEM_RESERVE = 0x00002000;
  40. const uint PAGE_READWRITE = 4;
  41.  
  42. public static int Load()
  43. {
  44. Process targetProcess = Process.GetProcessesByName("hl")[0];
  45.  
  46.  
  47. IntPtr procHandle = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ, false, targetProcess.Id);
  48.  
  49.  
  50. IntPtr loadLibraryAddr = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
  51.  
  52. string path = Path.GetFileName("StormCheat.dll");
  53. string dllName = path;
  54.  
  55.  
  56. IntPtr allocMemAddress = VirtualAllocEx(procHandle, IntPtr.Zero, (uint)((dllName.Length + 1) * Marshal.SizeOf(typeof(char))), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
  57.  
  58.  
  59. UIntPtr bytesWritten;
  60. WriteProcessMemory(procHandle, allocMemAddress, Encoding.Default.GetBytes(dllName), (uint)((dllName.Length + 1) * Marshal.SizeOf(typeof(char))), out bytesWritten);
  61.  
  62.  
  63. CreateRemoteThread(procHandle, IntPtr.Zero, 0, loadLibraryAddr, allocMemAddress, 0, IntPtr.Zero);
  64.  
  65. return 0;
  66. }
  67. }
  68. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!