int InjectDLLtoProcessFromName(TCHAR *szTarget, TCHAR *szDllPath)
{
DWORD dwPid = GetProcessIdFromName(szTarget);
if(dwPid == 0)
return -1;
if(InjectDLLtoExistedProcess(dwPid, szDllPath))
return -1;
return 0;
}
void InitiateMonitoringThread()
{
CreateMutex(NULL, 0, "7YhngylKo09H");
if (!(ShellcodeInjected()))
{
DWORD ProcessId = GetProcessIdFromName("explorer.exe");
HANDLE hProcess = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, false, ProcessId);
if (hProcess != 0)
{
InjectShellcode(hProcess, mthread, sizeof(mthread));
}
}
}
int SetupandLoad(){
//memset to ensure we dont have unusual char attributes at starting
memset(&Enemy, 0, sizeof(Character));
memset(&Player, 0, sizeof(Character));
//TODO temp hardcoding
Enemy.weaponRange = 6;
Player.weaponRange = 2.5;
//get access to dark souls memory
char * processName = "DARKSOULS.exe";
//get the process id from the name
int processId = GetProcessIdFromName(processName);
//open the handle
processHandle = OpenProcess(PROCESS_ALL_ACCESS, 0, processId);
//get the base address of the process and append all other addresses onto it
memorybase = GetModuleBase(processId, processName);
Enemy_base_add += memorybase;
player_base_add += memorybase;
ReadPointerEndAddresses(processHandle);
//start gui
guiStart();
//get current camera details to lock
readCamera(&processHandle, memorybase);
//load neural network and threads
int error = ReadyThreads();
if (error){
return error;
}
//TODO load vJoy driver(we ONLY want the driver loaded when program running)
//want to use controller input, instead of keyboard, as analog stick is more precise movement
int loadresult = loadvJoy(iInterface);
if (loadresult != 0){
return loadresult;
}
iReport.bDevice = (BYTE)iInterface;
ResetVJoyController();
//set window focus
HWND h = FindWindow(NULL, TEXT("DARK SOULS"));
SetForegroundWindow(h);
SetFocus(h);
return EXIT_SUCCESS;
}
VOID xen_process()
{
TCHAR *szProcesses[] = {
_T("xenservice.exe"),
};
WORD iLength = sizeof(szProcesses) / sizeof(szProcesses[0]);
for (int i = 0; i < iLength; i++)
{
_tprintf(TEXT("[*] Checking Citrix Xen process: %s"), szProcesses[i]);
if (GetProcessIdFromName(szProcesses[i]))
print_detected();
else
print_not_detected();
}
}
VOID vmware_processes()
{
TCHAR *szProcesses[] = {
_T("vmtoolsd.exe"),
};
WORD iLength = sizeof(szProcesses) / sizeof(szProcesses[0]);
for (int i = 0; i < iLength; i++)
{
_tprintf(TEXT("[*] Checking vmware processe %s: "), szProcesses[i]);
if (GetProcessIdFromName(szProcesses[i]))
print_detected();
else
print_not_detected();
}
}
VOID vbox_processes()
{
TCHAR *szProcesses[] = {
_T("vboxservice.exe"),
_T("vboxtray.exe")
};
WORD iLength = sizeof(szProcesses) / sizeof(szProcesses[0]);
for (int i = 0; i < iLength; i++)
{
_tprintf(TEXT("[*] Checking virtual box processe %s: "), szProcesses[i]);
if (GetProcessIdFromName(szProcesses[i]))
print_detected();
else
print_not_detected();
}
}
BOOL CMainUIDlg::IsAppRun(CString AppName)
{
char pPath[_MAX_PATH];
pPath[0]=0;
const char *cExeName = CStrToChar(AppName);
_searchenv(cExeName, "PATH ",pPath);
VERIFY(pPath);
DWORD id=GetProcessIdFromName(AppName);//这样查杀AppName
if(id!=NULL)
{
HANDLE myhandle=OpenProcess(PROCESS_ALL_ACCESS,TRUE,id);
DWORD exitcode=0;
TerminateProcess(myhandle,exitcode);
return TRUE;
}
return FALSE;
}
// //打开一个进程 2012.08.17 yyf
bool CAnonymousPipe::OpenProcess(LPCSTR lpApplicationName)
{
strProcessName = lpApplicationName;//进程名字
if(0 == GetProcessIdFromName(strProcessName) && NULL != piAnonymousPipe)
{//进程没开始
m_hWrite = INVALID_HANDLE_VALUE;
m_hRead = INVALID_HANDLE_VALUE;
m_hFatherWrite = INVALID_HANDLE_VALUE;//父进程写句柄
m_hFatherRead = INVALID_HANDLE_VALUE;//父进程读句柄
m_hChildWrite = INVALID_HANDLE_VALUE;//子进程写句柄
m_hChildRead = INVALID_HANDLE_VALUE;//子进程读句柄
bAnonymousPipeThread = false;//控制线程开工吧
//创建2个匿名管道,一个用于父进程写->子进程读,一个用于子进程写->父进程读.
//管道1: 父进程写->子进程读
SECURITY_ATTRIBUTES sa1;
sa1.bInheritHandle=TRUE;
sa1.lpSecurityDescriptor=NULL;
sa1.nLength=sizeof(SECURITY_ATTRIBUTES);
//管道2: 子进程写->父进程读
SECURITY_ATTRIBUTES sa2;
sa2.bInheritHandle=TRUE;
sa2.lpSecurityDescriptor=NULL;
sa2.nLength=sizeof(SECURITY_ATTRIBUTES);
if(!Create(&sa1,0,&sa2,0))
{
// AfxMessageBox("创建匿名管道失败!");
return false;
}
STARTUPINFO sui;
//PROCESS_INFORMATION pi;
ZeroMemory(&sui,sizeof(STARTUPINFO));
sui.cb=sizeof(STARTUPINFO);
sui.dwFlags=STARTF_USESTDHANDLES;
sui.hStdInput=m_hChildRead;//子进程写句柄
sui.hStdOutput=m_hChildWrite;//子进程读句柄
sui.hStdError=GetStdHandle(STD_ERROR_HANDLE);
if(!CreateProcess(strProcessName,NULL,NULL,NULL,
TRUE,0,NULL,NULL,&sui,&pi))//"..\\Child\\Debug\\Child.exe"
{
CloseHandle(m_hRead);
CloseHandle(m_hWrite);
m_hRead=INVALID_HANDLE_VALUE;
m_hWrite=INVALID_HANDLE_VALUE;
CloseHandle(m_hChildRead);
CloseHandle(m_hChildWrite);
m_hFatherWrite = INVALID_HANDLE_VALUE;//父进程写句柄
m_hFatherRead = INVALID_HANDLE_VALUE;//父进程读句柄
m_hChildWrite = INVALID_HANDLE_VALUE;//子进程写句柄
m_hChildRead = INVALID_HANDLE_VALUE;//子进程读句柄
//MessageBox("创建子进程失败!");
return false;
}
//else
//{
// CloseHandle(pi.hProcess);
// CloseHandle(pi.hThread);
//}
//创建匿名管道线程,开始读
bAnonymousPipeThread = true;
DWORD dwThreadID = 0;
HANDLE hThread = CreateThread(0,0,AnonymousPipeThread,this,0,&dwThreadID);
if (hThread)
{
OutputDebugString("yyf: 匿名管道线程开始.");
::CloseHandle(hThread);
}
return true;
}
return false;
}
