Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #undef UNICODE
- #include <vector>
- #include <string>
- #include <windows.h>
- #include <Tlhelp32.h>
- #include <iostream>
- #include <conio.h>
- using std::vector;
- using std::string;
- int main(void)
- {
- vector<string>processNames;
- PROCESSENTRY32 pe32;
- pe32.dwSize = sizeof(PROCESSENTRY32);
- HANDLE hTool32 = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
- BOOL bProcess = Process32First(hTool32, &pe32);
- bool blTest = false;
- if(bProcess == TRUE)
- {
- while((Process32Next(hTool32, &pe32)) == TRUE) {
- if(strcmp(pe32.szExeFile,"tb.exe") == 0) {
- char* DirPath = new char[MAX_PATH];
- char* FullPath = new char[MAX_PATH];
- GetCurrentDirectory(MAX_PATH, DirPath);
- sprintf_s(FullPath, MAX_PATH, "%s\\TBHookDll.dll", DirPath);
- HANDLE hProcess = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_VM_OPERATION |
- PROCESS_VM_WRITE, FALSE, pe32.th32ProcessID);
- LPVOID LoadLibraryAddr = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"),
- "LoadLibraryA");
- LPVOID LLParam = (LPVOID)VirtualAllocEx(hProcess, NULL, strlen(FullPath),
- MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
- WriteProcessMemory(hProcess, LLParam, FullPath, strlen(FullPath), NULL);
- CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibraryAddr,
- LLParam, NULL, NULL);
- CloseHandle(hProcess);
- delete [] DirPath;
- delete [] FullPath;
- blTest = true;
- }
- }
- }
- CloseHandle(hTool32);
- if(!blTest) {
- std::cout << "Did not detect tb.exe running on your computer.\nPress the enter key to close this dialog.";
- } else {
- std::cout << "Found tb.exe. Hooking..\nPress the enter key to close this window. (This will not affect the hook.)\n";
- }
- std::cin.ignore(0,'\n');
- _getch();
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement