OldSchoolHack

Register / Login English

[Source] Beispielcode für eine Hack-DLL


icon [Source] Beispielcode für eine Hack-DLL #1

Join Date: Aug 2007

Posts: 8643

User-Rating:

199 positive
33 negative
An diesem Beispielcode könnt ihr sehen, wie einfach ihr das GUI in euren Hack integrieren könnt:

CPP Code:
  1. #define OSHGUI_COMPILE_STATIC
  2. #include "../../OSHGui.hpp"
  3. #include "../../Drawing/RendererDX9.hpp"
  4. #include "../../Input/Windows.hpp"
  5. using namespace OSHGui;
  6.  
  7. //---------------------------------------------------------------------------
  8. DWORD FindPattern(const HMODULE module, const BYTE *pattern, LPCTSTR mask);
  9. void* DetourFunction(BYTE *source, const BYTE *destination, const int length);
  10. typedef HRESULT (WINAPI *oEndScene)(LPDIRECT3DDEVICE9 pDevice);
  11. oEndScene pEndScene = nullptr;
  12. //---------------------------------------------------------------------------
  13. //global vars
  14. //---------------------------------------------------------------------------
  15. Input::Windows input;
  16. Drawing::RendererDX9 *renderer;
  17. HHOOK messageHookHandle;
  18. //---------------------------------------------------------------------------
  19. LRESULT CALLBACK KeyboardHook(int code, WPARAM wParam, LPARAM lParam)
  20. {
  21. if (lParam & 0x80000000 || lParam & 0x40000000)
  22. {
  23. return CallNextHookEx(messageHookHandle, code, wParam, lParam);
  24. }
  25.  
  26. if (code == HC_ACTION)
  27. {
  28. if(input.ProcessMessage((LPMSG)lParam))
  29. {
  30. return true;
  31. }
  32. }
  33.  
  34. return CallNextHookEx(messageHookHandle, code, wParam, lParam);
  35. }
  36. //---------------------------------------------------------------------------
  37. HRESULT WINAPI hook_EndScene(LPDIRECT3DDEVICE9 pDevice)
  38. {
  39. Application *app = Application::Instance();
  40. static bool initGui = true;
  41. if (initGui)
  42. {
  43. initGui = false;
  44. renderer = new Drawing::RendererDX9(pDevice);
  45. app->Create(renderer);
  46.  
  47. messageHookHandle = SetWindowsHookExW(WH_GETMESSAGE, KeyboardHook, 0, GetCurrentThreadId());
  48.  
  49. app->Run(std::shared_ptr<Form>(new Form()));
  50. app->Enable();
  51. }
  52.  
  53. renderer->Begin();
  54. app->Render();
  55. renderer->End();
  56.  
  57. return pEndScene(pDevice);
  58. }
  59. //---------------------------------------------------------------------------
  60. bool WINAPI DllMain(HMODULE hDll, DWORD dwReason, PVOID pvReserved)
  61. {
  62. if (dwReason == DLL_PROCESS_ATTACH)
  63. {
  64. DisableThreadLibraryCalls(hDll);
  65.  
  66. HMODULE d3d9 = NULL;
  67. for (; !(d3d9 = GetModuleHandle("d3d9.dll")); Sleep(100));
  68.  
  69. DWORD device = FindPattern(d3d9, (BYTE*)"\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x86", "xx????xx????xx") + 2;
  70. DWORD *VTable = NULL;
  71. memcpy(&VTable, (void*)device, 4);
  72.  
  73. pEndScene = (oEndScene)DetourFunction((BYTE*)VTable[42], (BYTE*)hook_EndScene, 5);
  74. }
  75. return true;
  76. }
  77. //---------------------------------------------------------------------------
  78. //Utils
  79. //---------------------------------------------------------------------------
  80. bool DataCompare(const BYTE *data, const BYTE *pattern, LPCTSTR mask)
  81. {
  82. for (; *mask; ++mask, ++data, ++pattern)
  83. {
  84. if (*mask == 'x' && *data != *pattern)
  85. {
  86. return false;
  87. }
  88. }
  89.  
  90. return *mask == 0;
  91. }
  92. //---------------------------------------------------------------------------
  93. DWORD FindPattern(const HMODULE module, const BYTE *pattern, LPCTSTR mask)
  94. {
  95. if (module == NULL || module == INVALID_HANDLE_VALUE)
  96. {
  97. throw Misc::ArgumentNullException("module");
  98. }
  99.  
  100. PIMAGE_DOS_HEADER dosHeader =(PIMAGE_DOS_HEADER)module;
  101.  
  102. if (dosHeader->e_magic != IMAGE_DOS_SIGNATURE)
  103. {
  104. throw Misc::Exception("e_magic != IMAGE_DOS_SIGNATURE");
  105. }
  106.  
  107. PIMAGE_NT_HEADERS NTHead = (PIMAGE_NT_HEADERS)((DWORD)dosHeader + (DWORD)dosHeader->e_lfanew);
  108.  
  109. if (NTHead->Signature != IMAGE_NT_SIGNATURE)
  110. {
  111. throw Misc::Exception("Signature != IMAGE_NT_SIGNATURE");
  112. }
  113.  
  114. DWORD address = (DWORD)module + NTHead->OptionalHeader.BaseOfCode;
  115. DWORD size = NTHead->OptionalHeader.SizeOfCode;
  116.  
  117. for (DWORD i = NULL; i < size; i++)
  118. {
  119. if (DataCompare((BYTE*)(address + i), pattern, mask))
  120. {
  121. return address + i;
  122. }
  123. }
  124.  
  125. return NULL;
  126. }
  127. //---------------------------------------------------------------------------
  128. void* DetourFunction(BYTE *source, const BYTE *destination, const int length)
  129. {
  130. BYTE *trampolin = (BYTE*)malloc(5 + length);
  131. DWORD dwback;
  132.  
  133. VirtualProtect(trampolin, length + 5, PAGE_EXECUTE_READWRITE, &dwback);
  134. VirtualProtect(source, length, PAGE_EXECUTE_READWRITE, &dwback);
  135.  
  136. memcpy(trampolin, source, length);
  137. trampolin += length;
  138.  
  139. trampolin[0] = 0xE9;
  140. *(DWORD*)(trampolin + 1) = (DWORD)(source + length - trampolin) - 5;
  141.  
  142. source[0] = 0xE9;
  143. *(DWORD*)(source + 1) = (DWORD)(destination - source) - 5;
  144.  
  145. for (int i = 5; i < length; i++)
  146. {
  147. source[i] = 0x90;
  148. }
  149.  
  150. return trampolin - length;
  151. }
  152. //---------------------------------------------------------------------------
Die DLL aus diesem Code erzeugt eine leere Form und zeigt sie an.

__________________

Hallo
icon #2

Join Date: Aug 2008

Posts: 2594

User-Rating:

17 positive
5 negative
Danke, jetzt nur noch GUI framework releasen.