void RevealFullMap(bool bToggle) { // GTA:Online Full Map static auto checkMultiplayerDrawMapFrame = FindPattern("\x40\x8A\x35\x00\x00\x00\x00\x84\xC0\x74\x05\x45\x84\xFF", "xxx????xxxxxxx"); static uint8_t original[7] = { 0 }; // Check if pattern is still valid if (!checkMultiplayerDrawMapFrame) return; // Initialize static bool bInitialized = false; if (!bInitialized) { bInitialized = true; // Unprotect, Original Memory VirtualProtect((void*)checkMultiplayerDrawMapFrame, 7, PAGE_EXECUTE_READWRITE, nullptr); memcpy(&original, (void*)checkMultiplayerDrawMapFrame, 7); } // Toggle if (bToggle) { // Nop memset((void*)checkMultiplayerDrawMapFrame, 0x90, 7); // Always draw full map *(uint16_t *)checkMultiplayerDrawMapFrame = 0xB640; // mov sil, *(uint8_t *)(checkMultiplayerDrawMapFrame + 2) = 1; // 1 (mov sil, 1) } else { // Copy memcpy((void*)checkMultiplayerDrawMapFrame, &original, 7); } }
void CPDF_StreamContentParser::Handle_SetColorPS_Stroke() { if (m_Options.m_bTextOnly) { return; } CPDF_Object* pLastParam = GetObject(0); if (!pLastParam) { return; } int nargs = m_ParamCount; int nvalues = nargs; if (pLastParam->IsName()) nvalues--; FX_FLOAT* values = NULL; if (nvalues) { values = FX_Alloc(FX_FLOAT, nvalues); for (int i = 0; i < nvalues; i++) { values[i] = GetNumber(nargs - i - 1); } } if (nvalues != nargs) { CPDF_Pattern* pPattern = FindPattern(GetString(0), FALSE); if (pPattern) { m_pCurStates->m_ColorState.SetStrokePattern(pPattern, values, nvalues); } } else { m_pCurStates->m_ColorState.SetStrokeColor(NULL, values, nvalues); } FX_Free(values); }
int DataFileSaveAsCallback(int panel, int control, int event, void *callbackData, int eventData1, int eventData2) { char path[300], path1[300], path2[300], name[300]; int i, filestatus; char *date, mon[10], day[10], yr[10]; if (event == EVENT_COMMIT) { Fmt (name, "%s<%s.%i", dataFile.name, dataFile.ext); filestatus = FileSelectPopup (dataFile.dir, name, "", "Save As [file extension must be a #!]:", VAL_OK_BUTTON, 0, 0, 1, 1, path); switch (filestatus) { case VAL_EXISTING_FILE_SELECTED: MessagePopup ("Save As Message", "Cannot select duplicate file paths"); break; case VAL_NEW_FILE_SELECTED: Fmt (path1, path); while (Scan(path1, "%s>%s[xdt92]%s", path2) == 2) Fmt (path1, path2); Scan (path2, "%s>%s[t46]", dataFile.name); i = Scan (path2, "%s>%s[xdt46]%i[b2]", &dataFile.ext); if (i != 2) MessagePopup ("File name error", "File extension must be a number..." "extension ignored"); Fmt (path1, path); i = FindPattern (path1, 0, StringLength (path1), path2, 0, 0); CopyString (dataFile.dir, 0, path1, 0, i-1); acquire_UpdateDataFileInfo(); break; } } return 0; }
int32* FindConsoleWriteOffset() { uint8 pattern[] = { 0x55, // push ebp 0x8B, 0xEC, // mov ebp, esp 0x8B, 0x45, 0x08, // mov eax, [ebp+arg_0] 0x81, 0xEC, 0x00, 0x00, 0x00, 0x00, // sub esp, 400h 0x85, 0xC0, // test eax, eax 0x74, 0x00, // jz short locret_xxxxxx 0x80, 0x38, 0x00, // cmp byte ptr [eax], 0 0x74, 0x00, // jz short locret_xxxxxx 0x8D, 0x4D, 0x10, // lea ecx, [ebp+arg_8] 0x51, // push ecx 0x50, // push eax 0x8D, 0x85, 0x00, 0xFC, 0xFF, 0xFF, // lea eax, [ebp+var_400] 0x68, 0x00, 0x00, 0x00, 0x00, // push 400h 0x50, // push eax 0xE8, 0x00, 0x00, 0x00, 0x00, // call sub_xxxxxx 0xFF, 0x75, 0x0C, // push [ebp+arg_4] 0x8D, 0x85, 0x00, 0xFC, 0xFF, 0xFF, // lea eax, [ebp+var_400] 0x50, // push eax 0xE8, 0x00, 0x00, 0x00, 0x00, // call sub_xxxxxx 0x83, 0xC4, 0x18, // add esp, 18h 0xC9, // leav 0xC3 // retn }; std::string patternOptions = "xxxxxxxx????xxx?xxxx?xxxxxxxxxxxx????xx????xxxxxxxxxxx????xxxxx"; return (int32*)FindPattern(pattern, sizeof(pattern), patternOptions); }
bool CPathOfExile::EnableMapHack(bool bEnable) { DWORD dwAddress = FindPattern(m_dwModuleAddress, m_dwModuleSize, (BYTE*)s_MapSignature, s_MapMask); if ( dwAddress ) { if ( ReadByte(dwAddress) == 0x51 ) { while ( ReadByte(dwAddress) != 0xc3 ) { BYTE num1 = ReadByte(dwAddress); BYTE num2 = ReadByte(dwAddress + 1); if ( bEnable && num1 == 0xd9 && num2 == 0x0 ) { WriteByte(dwAddress + 1, 0xe8); } else if ( !bEnable && num1 == 0xd9 && num2 == 0xe8 ) { WriteByte(dwAddress + 1, 0x0); } dwAddress++; } return true; } } return false; }
void ApplyPatches() { //Disable logos since they add loading time UINT64 logos = FindPattern("platform:/movies/rockstar_logos", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"); if (logos != 0) { //memset((void*)(logos + 0x11), 0x00, 0x0E); memcpy((void*)logos, "./nonexistingfilenonexistingfil", 32); //DisableLegalMessagesCompletely(); NoIntro(); #ifdef HOOKS_ENABLED InitFunctionBase::RunAll(); HookFunction::RunAll(); #endif #if 0 // game elements for crash handling purposes char* vtablePtrLoc = hook::pattern("41 89 40 10 49 83 60 18 00 48 8D 05").count(1).get(0).get<char>(12); void* vtablePtr = (void*)(*(int32_t*)vtablePtrLoc + vtablePtrLoc + 4); hook::put(&((uintptr_t*)vtablePtr)[1], CustomGameElementCall); #endif #if 0 // ignore steam requirement auto pattern = hook::pattern("FF 15 ? ? ? ? 84 C0 74 0C B2 01 B9 91 32 25");// 31 E8"); if (pattern.size() > 0) { hook::nop(pattern.get(0).get<void>(0), 6); hook::put<uint8_t>(pattern.get(0).get<void>(8), 0xEB); } #endif //Start loading.. } }
void CForceFeedBackSystem::PlayForceFeedbackEffect( ForceFeedbackFxId id, const SForceFeedbackRuntimeParams& runtimeParams ) { if(m_effectLock > 0) { return; } //Note: As requested, if the effect is running prefer to re-start, and reset its runtimeParams if (TryToRestartEffectIfAlreadyRunning(id, runtimeParams)) { return; } const int activeEffectSize = m_activeEffects.size(); bool freeSlotsAvailable = (activeEffectSize < (int)MAX_FORCE_FEEDBACK_EFFECTS); if (freeSlotsAvailable) { const int testId = (int)id; bool validId = ( (testId >= 0) && (testId < (int)(m_effects.size())) ); if (validId) { const SEffect& effect = m_effects[id]; const SPattern& effectPatternA = FindPattern(effect.patternA); const SPattern& effectPatternB = (effect.patternA == effect.patternB) ? effectPatternA : FindPattern(effect.patternB); const SEnvelope& effectEnvelopeA = FindEnvelope(effect.envelopeA); const SEnvelope& effectEnvelopeB = (effect.envelopeA == effect.envelopeB) ? effectEnvelopeA : FindEnvelope(effect.envelopeB); SActiveEffect newActiveEffect; m_activeEffects.push_back(newActiveEffect); SActiveEffect& justAddedEffect = m_activeEffects[activeEffectSize]; justAddedEffect.effectId = id; justAddedEffect.effectTime = effect.time; justAddedEffect.runningTime = 0.0f; justAddedEffect.frequencyA = effect.frequencyA; justAddedEffect.frequencyB = effect.frequencyB; justAddedEffect.runtimeParams = runtimeParams; //Patters are copied, for faster access when loop-processing, instead of being a pointer //Since we have a very small amount of fixed FX it should not be a big deal. justAddedEffect.m_patternA = effectPatternA; justAddedEffect.m_envelopeA = effectEnvelopeA; justAddedEffect.m_patternB = effectPatternB; justAddedEffect.m_envelopeB = effectEnvelopeB; } else { FORCEFEEDBACK_LOG("Play effect could not find effect. Invalid id '%d' provided", id); } } else { FORCEFEEDBACK_LOG("Too many effects already running, could not execute"); } }
void SignatureSearch::Search() { printf("Scanning for signatures.\n"); std::vector<SignatureF>::iterator it; for (it = allSignatures->begin(); it < allSignatures->end(); it++) { *((void**)it->address) = (void*)(FindPattern("payday2_win32_release.exe", it->signature, it->mask) + it->offset); } printf("Signatures Found.\n"); }
int GetBuild() { uint8 buffer[] = { 0x28, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x20 }; std::string patternOptions = "ppppppp"; void* result = FindPattern(buffer, sizeof(buffer), patternOptions); char buildBuffer[6]; memset(buildBuffer, 0x0, sizeof(buildBuffer)); memcpy(buildBuffer, (char*)((int)result + 7), 5); return atoi(buildBuffer); }
void *MemoryUtils::DecodeAndFindPattern(const void *libPtr, const char *pattern) { unsigned char real_sig[511]; size_t real_bytes = DecodeHexString(real_sig, sizeof(real_sig), pattern); if (real_bytes >= 1) { return FindPattern(libPtr, (char*)real_sig, real_bytes); } return NULL; }
bool ObjectsStore::Initialize() { auto address = FindPattern(GetModuleHandleW(L"core.dll"), reinterpret_cast<const unsigned char*>("\x8B\x0D\x00\x00\x00\x00\x8B\x04\x81\xC3\x33\xC0\xC3"), "xx????xxxxxxx"); if (address == -1) { return false; } GlobalObjects = reinterpret_cast<decltype(GlobalObjects)>(*reinterpret_cast<uint32_t*>(address + 2)); return true; }
bool ObjectsStore::Initialize() { auto address = FindPattern(GetModuleHandleW(nullptr), reinterpret_cast<const unsigned char*>("\x48\x8D\x15\x00\x00\x00\x00\x41\x8B\xF9"), "xxx????xxx"); if (address == -1) { return false; } auto offset = *reinterpret_cast<uint32_t*>(address + 3); GlobalObjects = reinterpret_cast<decltype(GlobalObjects)>(address + 7 + offset); return true; }
bool NamesStore::Initialize() { auto address = FindPattern(GetModuleHandleW(nullptr), reinterpret_cast<const unsigned char*>("\x48\x89\x05\x00\x00\x00\x00\x48\x83\xC4\x28\xC3\xE9"), "xxx????xxxxxx"); if (address == -1) { return false; } auto offset = *reinterpret_cast<uint32_t*>(address + 3); GlobalNames = reinterpret_cast<decltype(GlobalNames)>(*reinterpret_cast<uintptr_t*>(address + 7 + offset)); return true; }
bool ObjectsStore::Initialize() { const auto address = FindPattern(GetModuleHandleW(L"FortniteClient-Win64-Shipping.exe"), reinterpret_cast<const unsigned char*>("\x48\x8D\x05\x00\x00\x00\x00\x48\x89\x01\x33\xC9\x84\xD2\x41\x8B\x40\x08\x49\x89\x48\x10\x0F\x45\x05\x00\x00\x00\x00\xFF\xC0\x49\x89\x48\x10\x41\x89\x40\x08"), "xxx????xxxxxxxxxxxxxxxxxx????xxxxxxxxxx"); if (address == -1) { return false; } const auto offset = *reinterpret_cast<uint32_t*>(address + 3); GlobalObjects = reinterpret_cast<decltype(GlobalObjects)>(address + 7 + offset); return true; }
DWORD WINAPI Start(LPVOID lpParam) { DWORD codeloc, dwProtect; codeloc = FindPattern(0x401000, 0x1500000, pattern, "xxxxxxxx", 0); // if byte pattern is not found, exit if(!codeloc) { return 0; } FILE * coalescedFile = fopen("ServerCoalesced.bin", "rb"); // if the file is not in the current folder, look for it in ASI subfolder if(!coalescedFile) { coalescedFile = fopen("ASI\\ServerCoalesced.bin", "rb"); // if the file is not in the ASI subfolder, exit if(!coalescedFile) { return 0; } } fseek(coalescedFile, 0, SEEK_END ); int coalescedLen = ftell(coalescedFile); rewind(coalescedFile); BYTE *coalescedData = (BYTE*)malloc(coalescedLen); fread(coalescedData, coalescedLen, 1, coalescedFile); fclose(coalescedFile); // "NIBC" + (int)1 + (int)compressedSize + (int)coalescedLen = 16 bytes compressedCoalesced = (BYTE*)malloc(16 + coalescedLen); // we assume the compressed coalesced will be smaller than it's uncompressed size *(int*)&compressedCoalesced[0] = 0x4342494E; // "CBIN" as little-endian 32-bit number *(int*)&compressedCoalesced[4] = 1; *(int*)&compressedCoalesced[12] = coalescedLen; uLong compressedSize = compressBound(coalescedLen); int compressionResult = compress2(&compressedCoalesced[16], &compressedSize, coalescedData, coalescedLen, 6); // if compression failed, exit if(compressionResult != Z_OK) { free (coalescedData); return 0; } *(int*)&compressedCoalesced[8] = (int)compressedSize; // now that everything is ready, we can patch the game code to jump to our custom function :) locReturn = codeloc + 5; VirtualProtect((void*)codeloc, 0x5, PAGE_READWRITE, &dwProtect); BYTE* p = (BYTE*)codeloc; *p++ = 0xE9; *(DWORD*)p = (unsigned long)&UseNewCoalesced - (locReturn); VirtualProtect((void*)codeloc, 0x5, dwProtect, &dwProtect); free (coalescedData); return 0; }
//Find the array of pattern DWORD MemoryManager::FindPatternArr(DWORD start, DWORD size, const char* mask, int count, ...) { char* sig = new char[count + 1]; va_list ap; va_start(ap, count); for (int i = 0; i < count; i++) { char read = va_arg(ap, char); sig[i] = read; } va_end(ap); sig[count] = '\0'; return FindPattern(start, size, sig, mask); }
bool TickSet::TickInit() { #ifdef _WIN32 HMODULE handle = GetModuleHandleA("engine.dll"); if (!handle) return false; MODULEINFO info; GetModuleInformation(GetCurrentProcess(), handle, &info, sizeof(info)); auto moduleBase = info.lpBaseOfDll; auto moduleSize = info.SizeOfImage; unsigned char pattern[] = { 0x8B, 0x0D, '?', '?', '?', '?', '?', '?', '?', '?', '?', '?', '?', '?', 0xFF, '?', 0xD9, 0x15, '?', '?', '?', '?', 0xDD, 0x05, '?', '?', '?', '?', 0xDB, 0xF1, 0xDD, 0x05, '?', '?', '?', '?', 0x77, 0x08, 0xD9, 0xCA, 0xDB, 0xF2, 0x76, 0x1F, 0xD9, 0xCA }; auto p = reinterpret_cast<uintptr_t>(FindPattern(moduleBase, moduleSize, pattern, "xx????????????x?xx????xx????xxxx????xxxxxxxxxx")); if (p) interval_per_tick = *reinterpret_cast<float**>(p + 18); #elif defined (__linux__) void *base; size_t length; if (GetModuleInformation_Linux("engine.so", &base, &length)) return false; // mov ds:interval_per_tick, 3C75C28Fh <-- float for 0.015 unsigned char pattern[] = { 0xC7,0x05, '?','?','?','?', 0x8F,0xC2,0x75,0x3C, 0xE8 }; void* addr = FindPattern(base, length, pattern, "xx????xxxxx"); if (addr) interval_per_tick = *(float**)(addr + 2); #elif defined (__APPLE__) #endif return (interval_per_tick ? true : false); }
bool InitialiseHooks() { while(!GetModuleHandle("d3d9.dll")) { std::this_thread::sleep_for(std::chrono::milliseconds(100)); } DWORD* VTable = nullptr; std::this_thread::sleep_for(std::chrono::milliseconds(100)); static std::uint8_t bMask[] = {0xC7, 0x06, 0x00, 0x00, 0x00, 0x00, 0x89, 0x86, 0x00, 0x00, 0x00, 0x00, 0x89, 0x86}; DWORD Address = FindPattern(reinterpret_cast<DWORD>(GetModuleHandle("d3d9.dll")), 0x128000, bMask, "xx????xx????xx"); memcpy(&VTable, reinterpret_cast<void*>(Address + 2), 4); o_EndScene = reinterpret_cast<EndScene_t>(VTable[42]); DetourFunction(reinterpret_cast<std::uint8_t*>(o_EndScene), reinterpret_cast<std::uint8_t*>(&DXI_EndScene), 5); std::thread([&] {VTableRepatch();}).detach(); return VTable != nullptr; }
unsigned int FindPatchAddr() { HANDLE hFile=CreateFileA(dll_dump, GENERIC_ALL, 0, 0, OPEN_EXISTING, 0, 0); if(hFile==INVALID_HANDLE_VALUE) return 0; DWORD high=0,filesize=GetFileSize(hFile, &high); BYTE* mem_addr=(BYTE*)malloc(filesize); if(!ReadFile(hFile, mem_addr, filesize, &high, 0)) { CloseHandle(hFile); free(mem_addr); return 0; } CloseHandle(hFile); unsigned int retn=FindPattern(mem_addr, filesize, ®ister_byte); free(mem_addr); return retn; }
DWORD GetAddress(char *pattern, char *mask) { HINSTANCE game; LPVOID base = 0; DWORD size = 0; DWORD Addr; auto procID = ::GetCurrentProcessId(); game = (HINSTANCE)getGameProcessBaseAddress(procID); GetModuleSize(game, &base, &size); MEMORY_BASIC_INFORMATION mbi = {0}; unsigned char *pAddress = NULL, *pEndRegion = NULL; DWORD dwProtectionMask = PAGE_EXECUTE_READWRITE; while(sizeof(mbi) == VirtualQuery(pEndRegion, &mbi, sizeof(mbi))) { pAddress = pEndRegion; pEndRegion += mbi.RegionSize; if (mbi.State & MEM_COMMIT && (mbi.AllocationProtect & dwProtectionMask)) { /* char info[1024]={0}; sprintf_s(info,1024,"%08X - %d", mbi.BaseAddress, mbi.RegionSize); OutputDebugStringA(info); */ Addr = FindPattern((unsigned char*)mbi.BaseAddress, mbi.RegionSize, (BYTE*)pattern, mask); if (Addr != 0) { //MsgBoxAddress(Addr); break; } } } return Addr; }
int* FindGroupVtableOffset() { uint8 pattern[] = { 0xF6, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, // test byte ptr dword_xxxxxxx, 1 0x75, 0x00, // jnz short loc_xxxxxx 0x83, 0x0d, 0x00, 0x00, 0x00, 0x00, 0x00, // or dword_xxxxxxx, 1 0x33, 0xc0, // xor eax, eax 0x68, 0x00, 0x00, 0x00, 0x00, // push offset sub_xxxxxx 0xA3, 0x00, 0x00, 0x00, 0x00, // mov dword_xxxxxxx, eax 0xA3, 0x00, 0x00, 0x00, 0x00, // mov dword_xxxxxxx, eax 0xA3, 0x00, 0x00, 0x00, 0x00, // mov dword_xxxxxxx, eax 0xE8, 0x00, 0x00, 0x00, 0x00, // call sub_xxxxxx 0x59, // pop ecx 0xB8, 0x00, 0x00, 0x00, 0x00, 0xC3 // mov eax, offset dword_xxxxxxx }; std::string patternOptions = "xx?????x?xx?????xxx????x????x????x????x????xx????x"; return (int*)*(int*)(((int)FindPattern(pattern, sizeof(pattern), patternOptions)) + 45); }
void ScriptHook::NoIntro() { // CREDITS: CitizenMP //Disable logos since they add loading time UINT64 logos = FindPattern("platform:/movies/rockstar_logos", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"); if (logos != 0) { //memset((void*)(logos + 0x11), 0x00, 0x0E); memcpy((void*)logos, "./nonexistingfilenonexistingfil", 32); //DisableLegalMessagesCompletely(); DWORD64 dwSplashScreen = Pattern::Scan(g_MainModuleInfo, "72 1F E8 ? ? ? ? 8B 0D"); if (dwSplashScreen == NULL) //If the module is still encrypted at the time of injection, run the No Intro code. { while (dwSplashScreen == NULL) { Sleep(10); dwSplashScreen = Pattern::Scan(g_MainModuleInfo, "72 1F E8 ? ? ? ? 8B 0D"); } if (dwSplashScreen != NULL) *(unsigned short*)(dwSplashScreen) = 0x9090; //NOP out the check to make it think it's time to stop. DWORD64 dwRockStarLogo = Pattern::Scan(g_MainModuleInfo, "70 6C 61 74 66 6F 72 6D 3A"); int iCounter = 0; while (dwRockStarLogo == NULL) { Sleep(10); dwRockStarLogo = Pattern::Scan(g_MainModuleInfo, "70 6C 61 74 66 6F 72 6D 3A"); } if (dwRockStarLogo != NULL) *(unsigned char*)(dwRockStarLogo) = 0x71; //Replace the P with some garbage so it won't find the file. Sleep(15000); //Wait until the logo code has finished running. //Restore the EXE to its original state. *(unsigned char*)(dwRockStarLogo) = 0x70; *(unsigned short*)(dwSplashScreen) = 0x1F72; } } }
void CPDF_StreamContentParser::Handle_ShadeFill() { if (m_Options.m_bTextOnly) { return; } CPDF_Pattern* pPattern = FindPattern(GetString(0), TRUE); if (!pPattern) { return; } if (pPattern->m_PatternType != CPDF_Pattern::SHADING) { return; } CPDF_ShadingPattern* pShading = static_cast<CPDF_ShadingPattern*>(pPattern); if (!pShading->m_bShadingObj) { return; } if (!pShading->Load()) { return; } CPDF_ShadingObject* pObj = new CPDF_ShadingObject; pObj->m_pShading = pShading; SetGraphicStates(pObj, FALSE, FALSE, FALSE); pObj->m_Matrix = m_pCurStates->m_CTM; pObj->m_Matrix.Concat(m_mtContentToUser); CFX_FloatRect bbox; if (!pObj->m_ClipPath.IsNull()) { bbox = pObj->m_ClipPath.GetClipBox(); } else { bbox = m_BBox; } if (pShading->IsMeshShading()) { bbox.Intersect(GetShadingBBox(ToStream(pShading->m_pShadingObj), pShading->m_ShadingType, &pObj->m_Matrix, pShading->m_pFunctions, pShading->m_nFuncs, pShading->m_pCS)); } pObj->m_Left = bbox.left; pObj->m_Right = bbox.right; pObj->m_Top = bbox.top; pObj->m_Bottom = bbox.bottom; m_pObjectList->m_ObjectList.AddTail(pObj); }
void DisableLegalMessagesCompletely() { char* addr[32][256][64] = { { "\x72\x1F\xE8\x12\x8D\xFB\x00\x8B\x0D\x34\x7F\xC3\x01\xFF\xC1\x48", "xxx ? ? ? xxx ? ? ? xxxx"}, { "\x48\x85\xC9\x0F\x84\xED\x00\x00\x00\x48\x8D\x55\xA7\xE8", "xxx ? ? ? xxx ? ? ? xxxx"} }; UINT64 address[32]; for (int i = 0; i < 32; i++) { address[i] = FindPattern((char*)addr[i][0], (char*)addr[i][1]); if (address[i] != 0) { unsigned long dwProtect; unsigned long dwProtect2; VirtualProtect((LPVOID)address[i], 2, PAGE_EXECUTE_READWRITE, &dwProtect); *(unsigned short*)(address[i]) = 0x9090; VirtualProtect((LPVOID)address[i], 2, dwProtect, &dwProtect2); } } }
void SearchAndPatch(int patchArray[], int PatchCount, DWORD oldBase, DWORD newBase, DWORD searchEnd) { for(int i = 0;i<PatchCount;i++) { PBYTE pattern = (PBYTE)&(patchArray[i]); DWORD Address = CODE_START; int patchTo = patchArray[i] - oldBase + (int)newBase; while(Address < searchEnd) { DWORD ret = FindPattern(Address, (searchEnd - Address), pattern, "xxxx"); if(ret!=0) { *(int*)ret = patchTo; Address = ret + 1; } else { break; } } } }
bool CPathOfExile::Attach(bool bWriteAccess) { m_dwManagerBase = 0; m_dwModuleAddress = 0; m_dwModuleSize = 0; m_bWriteAccess = bWriteAccess; const TCHAR* szProcessName = s_ProcessName; DWORD dwProcessId = CProcess::Find(szProcessName); if ( dwProcessId == 0 ) { return false; } if ( !CProcess::GetModuleInfo(szProcessName, dwProcessId, &m_dwModuleAddress, &m_dwModuleSize) ) { return false; } DWORD dwDesiredAccess = PROCESS_DEFAULT_ACCESS; if ( m_bWriteAccess ) { dwDesiredAccess |= PROCESS_VM_WRITE | PROCESS_VM_OPERATION; } if ( Open(dwProcessId, dwDesiredAccess) ) { DWORD dwAddress = FindPattern(m_dwModuleAddress, m_dwModuleSize, (BYTE*)s_BaseSignature, s_BaseMask); if ( dwAddress ) { m_dwManagerBase = ReadDWORD(dwAddress - s_BaseOffset); return true; } } return false; }
int WINAPI DllThread() { HMODULE hd3d9 = NULL; MODULEINFO Info; DWORD EndScene_Addr = NULL; DWORD* vtbl = 0; DWORD table = FindPattern((DWORD)GetModuleHandle("d3d9.dll"), 0x128000, (PBYTE)"\xC7\x06\x00\x00\x00\x00\x89\x86\x00\x00\x00\x00\x89\x86", "xx????xx????xx"); memcpy(&vtbl, (void*)(table+2), 4); DWORD EndSceneaddy = vtbl[42]; while(hd3d9 == NULL) { hd3d9 = GetModuleHandle("d3d9.dll"); } /*GetModuleInformation(GetCurrentProcess(), hd3d9, &Info, sizeof(MODULEINFO)); EndScene_Addr = (DWORD)GetModuleHandle("d3d9.dll") + 0x01CE09; // Adicionar um Pettern para achar o offset oEndScene = (EndScene)DetourFunction((PBYTE)EndScene_Addr, (PBYTE)mEndScene);*/ oEndScene = (EndScene)DetourFunction((PBYTE)EndSceneaddy, (PBYTE)mEndScene); return 0; }
ConsoleInfo GetConsoleInfo() { uint8 pattern[] = { 0x55, 0x8B, 0xEC, 0x8B, 0x45, 0x08, 0x8B, 0x00, 0x3B, 0x05, 0x00, 0x00, 0x00, 0x00, 0x75, 0x00, 0x83, 0x3D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x74, 0x00, 0x33, 0xC0, 0x5D, 0xC3 }; ConsoleInfo consoleInfo; std::string patternOptions = "xxxxxxxxxx????x?xx?????x?xxxx"; int32 addr = (int32)FindPattern(pattern, sizeof(pattern), patternOptions); consoleInfo.HotkeyAddr = *(int*)(addr + 0xA); consoleInfo.EnableAddr = *(int*)(addr + 0x12); return consoleInfo; }
//--------------------------------------------------------------------------- bool TFileCustomCommand::IsFileCommand(const UnicodeString & Command) { return FindPattern(Command, L'!') || FindPattern(Command, L'&'); }
DWORD FindPattern(char *ModuleName, char *pattern, char *mask) { return FindPattern((DWORD)GetModuleHandle(ModuleName), GetModuleSize(ModuleName), pattern, mask); }