int main()
{
DWORD pid = 4792;
ListProcessThreads(pid);
return 0;
}
void CThreadMonitor::Run()
{
while ( m_bRunning )
{
ListProcessThreads( m_dwPID );
Sleep( m_nInterval );
}
}
BOOL GetProcessList( )
{
HANDLE hProcessSnap;
HANDLE hProcess;
PROCESSENTRY32 pe32;
DWORD dwPriorityClass;
// Take a snapshot of all processes in the system.
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
if( hProcessSnap == INVALID_HANDLE_VALUE )
{
printError( TEXT("CreateToolhelp32Snapshot (of processes)") );
return( FALSE );
}
// Set the size of the structure before using it.
pe32.dwSize = sizeof( PROCESSENTRY32 );
// Retrieve information about the first process,
// and exit if unsuccessful
if( !Process32First( hProcessSnap, &pe32 ) )
{
printError( TEXT("Process32First") ); // show cause of failure
CloseHandle( hProcessSnap ); // clean the snapshot object
return( FALSE );
}
// Now walk the snapshot of processes, and
// display information about each process in turn
do
{
_tprintf( TEXT("\n\n=====================================================" ));
_tprintf( TEXT("\nPROCESS NAME: %s"), pe32.szExeFile );
_tprintf( TEXT("\n-------------------------------------------------------" ));
// Retrieve the priority class.
dwPriorityClass = 0;
hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID );
if( hProcess == NULL )
printError( TEXT("OpenProcess") );
else
{
dwPriorityClass = GetPriorityClass( hProcess );
if( !dwPriorityClass )
printError( TEXT("GetPriorityClass") );
CloseHandle( hProcess );
}
_tprintf( TEXT("\n Process ID = 0x%08X"), pe32.th32ProcessID );
_tprintf( TEXT("\n Thread count = %d"), pe32.cntThreads );
_tprintf( TEXT("\n Parent process ID = 0x%08X"), pe32.th32ParentProcessID );
_tprintf( TEXT("\n Priority base = %d"), pe32.pcPriClassBase );
if( dwPriorityClass )
_tprintf( TEXT("\n Priority class = %d"), dwPriorityClass );
// List the modules and threads associated with this process
ListProcessModules( pe32.th32ProcessID );
ListProcessThreads( pe32.th32ProcessID );
} while( Process32Next( hProcessSnap, &pe32 ) );
CloseHandle( hProcessSnap );
return( TRUE );
}
BOOL GetProcessList()//获取进程列表
{
HANDLE hProcessSnap;//进程快照句柄
HANDLE hProcess;//进程句柄
PROCESSENTRY32 pe32;//快照进程信息
/*PROCESSENTRY32:用来存放快照进程信息的一个结构体。(存放进程信息和调用成员输出进程信息)
用 Process32First指向第一个进程信息,并将进程信息抽取到PROCESSENTRY32中。
用Process32Next指向下一条进程信息。*/
DWORD dwPriorityClass;//优先级
// Take a snapshot of all processes in the system.
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
/*
HANDLE WINAPI CreateToolhelp32Snapshot( 获取进程、堆、模块和线程的快照,以句柄返回
DWORD dwFlags, 参数 TH32CS_SNAPPROCESS 表示在快照中包含系统中所有的进程
DWORD th32ProcessID, 参数 0 表示在表示快照当前进程
);
*/
if (hProcessSnap == INVALID_HANDLE_VALUE)
{ // //如果调用CreateToolhelp32Snapshot失败则报错
printError(TEXT("CreateToolhelp32Snapshot (of processes)"));
return(FALSE);
}
// Set the size of the structure before using it.使用结构之前,先设置它的大小
pe32.dwSize = sizeof(PROCESSENTRY32);
// Retrieve information about the first process,
// and exit if unsuccessful
if (!Process32First(hProcessSnap, &pe32))
/*BOOL WINAPI Process32First(获得第一个进程
HANDLE hSnapshot,//_in快照句柄
LPPROCESSENTRY32 lppe//_out存放信息位置
);
*/
{
printError(TEXT("Process32First")); // show cause of failure
CloseHandle(hProcessSnap); // clean the snapshot object
return(FALSE);
}
// Now walk the snapshot of processes, and
// display information about each process in turn
do
{
_tprintf(TEXT("\n\n====================================================="));
_tprintf(TEXT("\n Process Name: %s"),pe32.szExeFile);
_tprintf(TEXT("\n-------------------------------------------------------"));
// Retrieve the priority class.获取优先级
dwPriorityClass = 0;
//hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
/*
HANDLE OpenProcess( 用来打开一个已存在的进程对象,并返回进程的句柄
DWORD dwDesiredAccess, //渴望得到的访问权限(标志)
BOOL bInheritHandle, // 是否继承句柄
DWORD dwProcessId// 进程标示符
);
*/
if (hProcess == NULL)
printError(TEXT("OpenProcess"));
else
{
dwPriorityClass = GetPriorityClass(hProcess);
/*
GetPriorityClass:获取特定进程的优先级别
返回指向进程的优先级。返回的优先级以及它的每一个线程的优先级来决定每一个线程的基础优先水平。
*/
if (!dwPriorityClass)
printError(TEXT("GetPriorityClass"));
CloseHandle(hProcess);
}
_tprintf(TEXT("\n Process ID = 0x%08X"), pe32.th32ProcessID);
_tprintf(TEXT("\n Thread count = %d"), pe32.cntThreads);
_tprintf(TEXT("\n Parent process ID = 0x%08X"), pe32.th32ParentProcessID);
_tprintf(TEXT("\n Priority base = %d"), pe32.pcPriClassBase);
if (dwPriorityClass)
_tprintf(TEXT("\n Priority class = %d"), dwPriorityClass);
// List the modules and threads associated with this process列举与当前进程相关的线程和模块
ListProcessModules(pe32.th32ProcessID);//函数调用
ListProcessThreads(pe32.th32ProcessID);//
} while (Process32Next(hProcessSnap, &pe32));
/*BOOL WINAPI Process32Next(获得下一进程的句柄
HANDLE hSnapshot,
LPPROCESSENTRY32 lppe
);
*/
//循环直到Process32Next返回值为FALSE
CloseHandle(hProcessSnap);
return(TRUE);
}
extern std::vector<pid_t> win_get_threads()
{
std::vector<pid_t> t_pids;
ListProcessThreads(GetCurrentProcessId(), &t_pids);
return t_pids;
}
int win_get_thread_num()
{
return ListProcessThreads(::GetCurrentProcessId(), NULL);
}
DWORD WINAPI Hack( LPVOID lpVoid )
{
TCHAR msg[ 4096 ];
LPHACK_PARAMS lphp = (LPHACK_PARAMS) lpVoid;
HWND hWnd = lphp -> myHwnd;
const int iMyId = lphp -> iMyId;
LPTARGETINFO lpTarget = lphp -> lpTarget;
LPTSTR * lpszStatus = lphp -> lpszStatus;
DWORD dwTargetProcessId = lpTarget -> dwProcessId;
DWORD dwPrevSuspendCount;
DWORD dwTotalChanges = 0;
int iPrevThreadCount = 0;
int errorflag = 0;
const RECT minirect = { 20L, 20L + 90L * iMyId, 479L, 40L + 90L * iMyId };
const RECT hackrect = { 20L, 20L + 90L * iMyId, 479L, 100L + 90L * iMyId };
TCHAR lpszEnemyPath[ MAX_PATH * 2 ] = _T("");
TCHAR lpszEnemyExe[ MAX_PATH * 2 ] = _T("");
lstrcpy( lpszEnemyPath, lpTarget->szPath );
lstrcpy( lpszEnemyExe, lpTarget->szExe );
int i , j;
HANDLE hProcess = NULL;
DWORD dwOldPriority = NORMAL_PRIORITY_CLASS;
int iOpenThreadRetry = 0;
int iSuspendThreadRetry = 0;
int iResumeThreadRetry = 0;
SYSTEMTIME st;
for( i = 0 + iMyId * 4; i < 4 + iMyId * 4; i++ )
{
lstrcpy( lpszStatus[ i ], TEXT( "" ) );
}
lstrcpy( lpszStatus[ 2 + iMyId * 4 ], lpszEnemyPath );
#if !defined( _UNICODE )
// for watching...
if( iMyId == 2 && lstrlen( lpszEnemyPath ) >= 19 )
{
lpszStatus[ 2 + iMyId * 4 ][ 15 ] = '\0';
PathToExeEx( lpszStatus[ 2 + iMyId * 4 ], MAX_PATH * 2 );
}
#endif
AdjustLength( lpszStatus[ 2 + iMyId * 4 ] );
for( DWORD dwOuterLoops = 0;
g_bHack[ iMyId ];
dwOuterLoops++ )
{
if( dwOuterLoops == 0UL )
{
hProcess = OpenProcess(
PROCESS_QUERY_INFORMATION | PROCESS_SET_INFORMATION ,
FALSE,
dwTargetProcessId
);
if( hProcess )
{
dwOldPriority = GetPriorityClass( hProcess );
wsprintf( msg, TEXT( "Target #%d: \"%s\"\r\n\tProcess ID = 0x%08lX : hProcess = 0x%08lX (Priority: %lu)" ),
iMyId + 1, lpszEnemyPath, dwTargetProcessId, hProcess, dwOldPriority
);
WriteDebugLog( msg );
if( g_bRealTime )
{
WriteDebugLog( SetPriorityClass( hProcess, IDLE_PRIORITY_CLASS )?
TEXT( "SetPriorityClass OK" ) : TEXT( "SetPriorityClass failed" ) );
}
}
else
{
WriteDebugLog( TEXT( "OpenProcess failed." ) );
GetLocalTime( &st );
wsprintf( lpszStatus[ 1 + iMyId * 4 ], TEXT( "Process ID = n/a" ) );
wsprintf( lpszStatus[ 3 + iMyId * 4 ], TEXT( "%02d:%02d:%02d Initial OpenThread failed" ),
st.wHour, st.wMinute, st.wSecond
);
g_dwTargetProcessId[ iMyId ] = TARGET_PID_NOT_SET;
// This is needed as a workaround
UpdateStatus( hWnd );
if( ReleaseSemaphore( hSemaphore[ iMyId ], 1L, (LPLONG) NULL ) )
{
wsprintf( msg, TEXT( "* ReleaseSemaphore #%d in Hack()" ), iMyId + 1 );
WriteDebugLog( msg );
}
else
{
wsprintf( msg, TEXT( "[!] Target #%d : ReleaseSemaphore failed in Hack(): ErrCode %lu" ),
iMyId + 1, GetLastError() );
WriteDebugLog( msg );
}
lphp->lpTarget->dwProcessId = TARGET_PID_NOT_SET;
if( PathToProcess( lpszEnemyPath ) == ( DWORD ) -1 )
{
SendMessageCallback( hWnd, WM_USER_STOP, (WPARAM) iMyId, (LPARAM) TARGET_MISSING,
(SENDASYNCPROC) DummyCallback, (DWORD) hWnd );
InvalidateRect( hWnd, NULL, TRUE );
return TARGET_MISSING;
}
else
{
SendMessageCallback( hWnd, WM_USER_STOP, (WPARAM) iMyId, (LPARAM) THREAD_NOT_OPENED,
(SENDASYNCPROC) DummyCallback, (DWORD) hWnd );
InvalidateRect( hWnd, NULL, TRUE );
return THREAD_NOT_OPENED;
}
}
wsprintf( lpszStatus[ 0 + iMyId * 4 ],
TEXT( "Target #%d [ -%d%% ]" ),
iMyId + 1,
g_Slider[ iMyId ]
);
} // endif( dwOuterLoops == 0 )
DWORD dwThreadId[ MAX_THREAD_CNT ];
int iThreadCount = ListProcessThreads( dwTargetProcessId, dwThreadId );
// ----------------------- @@@
if( iThreadCount == 0 )
{
GetLocalTime( &st );
wsprintf( lpszStatus[ 1 + iMyId * 4 ], TEXT( "Process ID = n/a" ) );
wsprintf( lpszStatus[ 3 + iMyId * 4 ], TEXT( "%02d:%02d:%02d No threads" ),
st.wHour, st.wMinute, st.wSecond
);
g_dwTargetProcessId[ iMyId ] = TARGET_PID_NOT_SET;
if( hProcess )
{
SetPriorityClass( hProcess, dwOldPriority );
CloseHandle( hProcess );
}
if( ReleaseSemaphore( hSemaphore[ iMyId ], 1L, (LPLONG) NULL ) )
{
wsprintf( msg, TEXT( "* TARGET_MISSING #%d : ReleaseSemaphore in Hack()" ), iMyId + 1 );
WriteDebugLog( msg );
}
else
{
wsprintf( msg, TEXT( "[!] Target #%d : ReleaseSemaphore failed in Hack(): ErrCode %lu" ),
iMyId + 1, GetLastError() );
WriteDebugLog( msg );
}
g_bBlock = TRUE;
WriteDebugLog( TEXT("SendMessage Doing...") );
SendMessageCallback( hWnd, WM_USER_STOP, (WPARAM) iMyId, (LPARAM) TARGET_MISSING,
(SENDASYNCPROC) DummyCallback, (DWORD) hWnd );
WriteDebugLog( TEXT("SendMessage Done!") );
for( int z = 0; z < 10; z++ )
{
if( ! g_bBlock )
{
wsprintf( msg, TEXT("g_bBlock cleared at z=%d"), z );
WriteDebugLog( msg );
break;
}
Sleep( 10UL );
}
lphp->lpTarget->dwProcessId = TARGET_PID_NOT_SET;
// [email protected] beta
// This is not needed because WM_USER_STOP will do the same,
// and this thread will die (so thie order wil be probably void) anyway
// InvalidateRect( hWnd, NULL, TRUE );
return TARGET_MISSING;
}
if( dwOuterLoops == 0UL )
{
iPrevThreadCount = iThreadCount;
wsprintf( msg, TEXT( "Target #%d : iThreadCount = %3d" ), iMyId + 1, iThreadCount );
WriteDebugLog( msg );
}
else if( dwOuterLoops % 50UL == 0UL )
{
wsprintf( msg, TEXT( "Target #%d : Loops %5d, ThreadCnt %3d (Prev %3d)" ),
iMyId + 1, dwOuterLoops, iThreadCount, iPrevThreadCount );
WriteDebugLog( msg );
}
wsprintf( lpszStatus[ 1 + iMyId * 4 ], TEXT( "Process ID = 0x%04X %04X [ %d %s ]" ),
HIWORD( dwTargetProcessId ),
LOWORD( dwTargetProcessId ),
iThreadCount,
( iThreadCount > 1 ? TEXT( "Threads" ) : TEXT( "Thread" ) )
);
GetLocalTime( &st );
if( iThreadCount != iPrevThreadCount || errorflag )
{
dwTotalChanges++;
wsprintf( msg, TEXT( "Target #%d : iThreadCount = %3d (Prev = %d)" ), iMyId + 1, iThreadCount, iPrevThreadCount );
WriteDebugLog( msg );
iPrevThreadCount = iThreadCount;
errorflag = 0;
wsprintf( lpszStatus[ 3 + iMyId * 4 ], TEXT( "%02d:%02d:%02d Target Re-Locked On: OK" ),
st.wHour, st.wMinute, st.wSecond
);
}
else
{
wsprintf( lpszStatus[ 3 + iMyId * 4 ], TEXT( "%02d:%02d:%02d %s: OK" ),
st.wHour, st.wMinute, st.wSecond,
dwOuterLoops == 0 ? TEXT( "Started" ) : TEXT( "Calm" )
);
}
HANDLE hTarget[ MAX_THREAD_CNT ];
ZeroMemory( hTarget, sizeof( HANDLE ) * MAX_THREAD_CNT );
int iOpenedThread = 0;
for( i = 0; i < iThreadCount; i++ )
{
hTarget[ i ] = OpenThread( THREAD_SUSPEND_RESUME, FALSE, dwThreadId[ i ] );
if( hTarget[ i ] == NULL )
{
wsprintf( msg, TEXT( "[!] Target #%d : OpenThread failed: Thread #%03d, ThreadId 0x%08lX" ),
iMyId + 1, i + 1, dwThreadId[ i ] );
WriteDebugLog( msg );
}
else
{
iOpenedThread++;
}
}
// ###----------------
if( iOpenedThread == 0
||
iOpenedThread != iThreadCount && iOpenThreadRetry > 10
||
iSuspendThreadRetry > 100
||
iResumeThreadRetry > 50
)
{
GetLocalTime( &st );
if( iResumeThreadRetry > 50 )
{
wsprintf( lpszStatus[ 3 + iMyId * 4 ], TEXT( "%02d:%02d:%02d ResumeThread Error" ),
st.wHour, st.wMinute, st.wSecond
);
// to do
// 'unfreeze'
}
else if( iSuspendThreadRetry > 100 )
{
wsprintf( lpszStatus[ 3 + iMyId * 4 ], TEXT( "%02d:%02d:%02d SuspendThread Error" ),
st.wHour, st.wMinute, st.wSecond
);
}
else
{
wsprintf( lpszStatus[ 3 + iMyId * 4 ], TEXT( "%02d:%02d:%02d OpenThread Error" ),
st.wHour, st.wMinute, st.wSecond
);
}
WriteDebugLog( lpszStatus[ 3 + iMyId * 4 ] );
WriteDebugLog( TEXT( "### Giving up... ###" ) );
lphp->lpTarget->dwProcessId = TARGET_PID_NOT_SET; //?
g_dwTargetProcessId[ iMyId ] = TARGET_PID_NOT_SET;
if( hProcess )
{
SetPriorityClass( hProcess, dwOldPriority );
CloseHandle( hProcess );
}
// This is needed as a workaround ? (Possibly this works as a workaround) 1.0 beta6
UpdateStatus( hWnd );
if( ReleaseSemaphore( hSemaphore[ iMyId ], 1L, NULL ) )
{
wsprintf( msg, TEXT( "* THREAD_NOT_OPENED #%d : ReleaseSemaphore in Hack()" ), iMyId + 1 );
WriteDebugLog( msg );
}
BOOL bMissing = ( PathToProcess( lpszEnemyPath ) == ( DWORD ) -1 );
WriteDebugLog( TEXT("SendMessage Doing...") );
SendMessageCallback( hWnd, WM_USER_STOP, (WPARAM) iMyId,
bMissing? TARGET_MISSING : THREAD_NOT_OPENED,
(SENDASYNCPROC) DummyCallback, (DWORD) hWnd );
WriteDebugLog( TEXT("SendMessage Done!") );
lphp->lpTarget->dwProcessId = TARGET_PID_NOT_SET;
InvalidateRect( hWnd, NULL, TRUE );
return ( bMissing ) ? TARGET_MISSING : THREAD_NOT_OPENED ;
}
else if( iOpenedThread != iThreadCount )
{
for( j = 0; j < i; j++ ) if( hTarget[ j ] ) CloseHandle( hTarget[ j ] );
iOpenThreadRetry++;
wsprintf( msg, TEXT( "@ Couldn't open some threads: Retrying #%d..." ), iOpenThreadRetry );
WriteDebugLog( msg );
Sleep( 100UL );
continue;
}
iOpenThreadRetry = 0;
if( g_bHack[ 0 ] || g_bHack[ 1 ] || g_bHack[ 2 ] )
{
TCHAR strStatus[ 1024 ] = TEXT( " Limiting CPU load:" );
#ifdef _UNICODE
if( IS_JAPANESE )
{
MultiByteToWideChar( CP_UTF8, MB_CUTE, S_JPN_2000, -1, strStatus, 1023 );
}
else if( IS_FINNISH )
{
MultiByteToWideChar( CP_UTF8, MB_CUTE, S_FIN_2000, -1, strStatus, 1023 );
}
else if( IS_SPANISH )
{
MultiByteToWideChar( CP_UTF8, MB_CUTE, S_SPA_2000, -1, strStatus, 1023 );
}
else if( IS_CHINESE_T )
{
MultiByteToWideChar( CP_UTF8, MB_CUTE, S_CHI_2000T, -1, strStatus, 1023 );
}
else if( IS_CHINESE_S )
{
MultiByteToWideChar( CP_UTF8, MB_CUTE, S_CHI_2000S, -1, strStatus, 1023 );
}
else if( IS_FRENCH )
{
MultiByteToWideChar( CP_UTF8, MB_CUTE, S_FRE_2000, -1, strStatus, 1023 );
}
#endif
if( g_bHack[ 0 ] )
{
lstrcat( strStatus, TEXT( " #1" ) );
}
if( g_bHack[ 1 ] )
{
lstrcat( strStatus, TEXT( " #2" ) );
}
if( g_bHack[ 2 ] && g_dwTargetProcessId[ 2 ] != (DWORD) -1 )
{
lstrcat( strStatus, TEXT( " #3" ) );
}
wsprintf( lpszStatus[ 12 ], TEXT( "%s" ), strStatus );
}
else
{
lstrcpy( lpszStatus[ 12 ], TEXT( "" ) );
}
InvalidateRect( hWnd, &hackrect, FALSE );
for( DWORD dwInnerLoops = 1; dwInnerLoops <= MAX_INNER_LOOPS; dwInnerLoops++ )
{
BYTE TimeRed = g_Slider[ iMyId ];
BYTE TimeGreen = (BYTE)( 100 - TimeRed );
for( i = 0; i < iThreadCount; i++ )
{
if( ! hTarget[ i ] ) continue;
dwPrevSuspendCount = SuspendThread( hTarget[ i ] );
if( ( DWORD ) -1 == dwPrevSuspendCount )
{
errorflag = 1;
wsprintf( msg,
TEXT( "Target #%d : SuspendThread failed (Thread #%03d) : Retry=%d" ),
iMyId + 1, i + 1, iSuspendThreadRetry );
WriteDebugLog( msg );
}
// else if( dwPrevSuspendCount != 0UL )
// {
// WriteDebugLog( TEXT( "### dwPrevSuspendCount != 0UL" ) );
// do
// {
// dwPrevSuspendCount = ResumeThread( hTarget[ i ] );
// }
// while( dwPrevSuspendCount > 1UL );
// }
}
if( errorflag == 1 )
{
iSuspendThreadRetry++;
}
else
{
iSuspendThreadRetry = 0;
}
Sleep( (DWORD) TimeRed );
for( i = 0; i < iThreadCount; i++ )
{
if( ! hTarget[ i ] ) continue;
DWORD dwPrevSuspendCount = ResumeThread( hTarget[ i ] );
if( ( DWORD ) -1 == dwPrevSuspendCount )
{
errorflag = 2;
wsprintf( msg,
TEXT( "Target #%d : ResumeThread failed: Thread #%03d, ThreadId 0x%08lX, iResumeThreadRetry=%d" ),
iMyId + 1, i + 1, dwThreadId[ i ], iResumeThreadRetry );
WriteDebugLog( msg );
}
//
// else if( dwPrevSuspendCount != 1UL )
// {
// WriteDebugLog( TEXT( "### dwPrevSuspendCount != 1UL" ) );
// do
// {
// dwPrevSuspendCount = ResumeThread( hTarget[ i ] );
// }
// while( dwPrevSuspendCount > 1UL );
// }
}
if( errorflag == 2 )
{
iResumeThreadRetry++;
}
else
{
iResumeThreadRetry = 0;
}
if( g_bHack[ iMyId ] == FALSE || errorflag )
{
break;
}
Sleep( (DWORD) TimeGreen );
if( dwInnerLoops % 10UL == 0UL )
{
wsprintf( lpszStatus[ 0 + iMyId * 4 ],
TEXT( "Target #%d [ -%d%% ] %s" ),
iMyId + 1,
g_Slider[ iMyId ],
( dwInnerLoops % 20UL == 0UL )?
_T( " " ) :
#ifdef _UNICODE
L"\x25CF"
#else
"*"
#endif
);
InvalidateRect( hWnd, &minirect, 0 );
}
}
for( i = 0; i < iThreadCount; i++ )
{
if( hTarget[ i ] ) CloseHandle( hTarget[ i ] );
}
}
wsprintf( lpszStatus[ 1 + iMyId * 4 ], TEXT( "* Unlimited *" ) );
if( ReleaseSemaphore( hSemaphore[ iMyId ], 1L, (LONG *) NULL ) )
{
wsprintf( msg, TEXT( "* Target #%d : ReleaseSemaphore in Hack()" ), iMyId + 1 );
WriteDebugLog( msg );
}
else
{
wsprintf( msg, TEXT( "[!] Target #%d : ReleaseSemaphore failed in Hack(): ErrCode %lu" ),
iMyId + 1, GetLastError() );
WriteDebugLog( msg );
}
if( hProcess )
{
WriteDebugLog( SetPriorityClass( hProcess, dwOldPriority )? TEXT( "Set dwOldPriority: OK" ) : TEXT( "Set dwOldPriority: Failed" ) );
CloseHandle( hProcess );
}
lstrcpy( lpszStatus[ 3 + iMyId * 4 ], TEXT( "" ) );
return NORMAL_TERMINATION;
}
BOOL GetProcessList( )
{
HANDLE hProcessSnap;
HANDLE hProcess;
PROCESSENTRY32 pe32;
//DWORD dwPriorityClass;
// Take a snapshot of all processes in the system.
hProcessSnap = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
if( hProcessSnap == INVALID_HANDLE_VALUE )
{
//printError( TEXT("CreateToolhelp32Snapshot (of processes)") );
printf( "error: CreateToolhelp32Snapshot (of processes)" );
return( FALSE );
}
// Set the size of the structure before using it.
pe32.dwSize = sizeof( PROCESSENTRY32 );
if( !Process32First( hProcessSnap, &pe32 ) )
{
printf( "error: Process32First");
CloseHandle( hProcessSnap );
return( FALSE );
}
do
{
if( strcmp( pe32.szExeFile, "dota.exe" ) != 0 )
continue;
//if( pe32.th32ProcessID != 2772 )
// continue;
printf( "\n\n=====================================================" );
printf( "\n Dota2 Harvester beta, build 04082013" );
printf( "\n=====================================================\n" );
printf( "\n Process ID = 0x%08X\n", (unsigned int)pe32.th32ProcessID );
// Retrieve the priority class.
//dwPriorityClass = 0;
hProcess = OpenProcess( PROCESS_VM_READ, false, pe32.th32ProcessID );
if( hProcess == NULL )
//printError( TEXT("OpenProcess") );
printf( "error: OpenProcess" );
else
{
//printf("OpenProcess fine");
/*
dwPriorityClass = GetPriorityClass( hProcess );
if( !dwPriorityClass )
printError( TEXT("GetPriorityClass") );
*/
}
/*
int addr0 = 0x64E30000 + 0x1EAFDA8;
ReadProcessMemory(hProcess, (LPCVOID)addr_, &addr_ , 4, NULL);
int addr1 = addr_;
ReadProcessMemory(hProcess, (LPCVOID)(addr1 + 14), &addr1 , 4, NULL);
printf( "addr1: %p\n", addr0 );
int r = 0;
int offset0 = 0x1EAFDA8;
int offset1 = 0x14;
int offset2 = 0;
int offset3 = 0x824;
int myaddr = FindPointerAddr(hProcess, 0x64E30000, 1, &r, offset0 );
*/
/*
_tprintf( TEXT("\n Process ID = 0x%08X"), pe32.th32ProcessID );
_tprintf( TEXT("\n Thread count = %d"), pe32.cntThreads );
_tprintf( TEXT("\n Parent process ID = 0x%08X"), pe32.th32ParentProcessID );
_tprintf( TEXT("\n Priority base = %d"), pe32.pcPriClassBase );
*/
/*
if( dwPriorityClass )
_tprintf( TEXT("\n Priority class = %d"), dwPriorityClass );
*/
// List the modules and threads associated with this process
ListProcessModules( pe32.th32ProcessID, &hProcess );
ListProcessThreads( pe32.th32ProcessID );
CloseHandle( hProcess );
} while( Process32Next( hProcessSnap, &pe32 ) );
CloseHandle( hProcessSnap );
return( TRUE );
}
