API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 1st, 2020
242
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.30 KB | None | 0 0
raw download clone embed print report
  1.  
  2. bool checksound = false;
  3. void hookPlaySound(const char* sample, float* origin)
  4. {
  5. checksound = true;
  6. }
  7. HANDLE hProcess = 0;
  8. DWORD hw_dll_offset = 0;
  9. DWORD client_dll_offset = 0;
  10.  
  11. void func_patch(void)
  12. {
  13. if (!hProcess)
  14. {
  15. HANDLE hModuleSnap = NULL;
  16. MODULEENTRY32 me32 = { NULL };
  17. int more;
  18. DWORD hwsize = NULL, clsize = NULL;
  19.  
  20. hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, NULL);
  21. if (!hModuleSnap) return;
  22. me32.dwSize = sizeof(MODULEENTRY32);
  23. more = Module32First(hModuleSnap, &me32);
  24.  
  25. while (more)
  26. {
  27. if (strlen(me32.szModule) > 5 && !strcmpi(me32.szModule + strlen(me32.szModule) - 6, "hw.dll"))
  28. {
  29. hw_dll_offset = (unsigned long)me32.modBaseAddr;
  30. hwsize = me32.modBaseSize;
  31. }
  32. if (strlen(me32.szModule) > 9 && !strcmpi(me32.szModule + strlen(me32.szModule) - 10, "client.dll"))
  33. {
  34. client_dll_offset = (unsigned long)me32.modBaseAddr;
  35. clsize = me32.modBaseSize;
  36. }
  37. more = Module32Next(hModuleSnap, &me32);
  38. }
  39. CloseHandle(hModuleSnap);
  40.  
  41. hProcess = GetCurrentProcess();
  42. if (!hProcess || !hw_dll_offset || !client_dll_offset)
  43. {
  44. g_Engine.pfnConsolePrint("patch failure\n");
  45. return;
  46. }
  47. }
  48.  
  49. if (!strcmp(g_Engine.Cmd_Argv(1), "sound"))
  50. {
  51. static DWORD pOrgPlaySound;
  52. pOrgPlaySound = (DWORD)g_Engine.pEventAPI->EV_PlaySound;
  53.  
  54. goto label_continue;
  55. label_destination:
  56. __asm {
  57. push ebp;
  58. mov ebp, esp;
  59. pushad;
  60.  
  61. mov eax, dword ptr[ebp + 0x0C];
  62. push eax;
  63. mov eax, dword ptr[ebp + 0x14];
  64. push eax;
  65.  
  66. call hookPlaySound;
  67. pop eax;
  68. pop eax;
  69.  
  70. popad;
  71. pop ebp;
  72.  
  73. // caller statements
  74. sub esp, 0x48;
  75. push ebx;
  76. mov ebx, dword ptr[esp + 0x68];
  77.  
  78. // return to caller:
  79. mov eax, pOrgPlaySound;
  80. add eax, 0x08;
  81. jmp eax;
  82. };
  83.  
  84. label_continue:
  85. char patch[8] =
  86. {
  87. (char)0xB8, (char)0x00, (char)0x00, (char)0x00,
  88. (char)0x00, (char)0xFF, (char)0xE0, (char)0x90
  89. };
  90. __asm {
  91. mov eax, offset label_destination;
  92. mov dword ptr[patch + 1], eax;
  93. }
  94. DWORD offset1 = 0x27610;
  95. bool status = WriteProcessMemory(hProcess, (LPVOID)(hw_dll_offset + offset1), patch, 8, NULL);
  96.  
  97. if (status)
  98. {
  99. g_Engine.pfnConsolePrint("sound patch applied\n");
  100. }
  101. else
  102. {
  103. g_Engine.pfnConsolePrint("sound patch failed\n");
  104. }
  105. }
  106. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!