int InjectDLLtoProcessFromName(TCHAR *szTarget, TCHAR *szDllPath) { DWORD dwPid = GetProcessIdFromName(szTarget); if(dwPid == 0) return -1; if(InjectDLLtoExistedProcess(dwPid, szDllPath)) return -1; return 0; }
void InitiateMonitoringThread() { CreateMutex(NULL, 0, "7YhngylKo09H"); if (!(ShellcodeInjected())) { DWORD ProcessId = GetProcessIdFromName("explorer.exe"); HANDLE hProcess = OpenProcess(PROCESS_CREATE_THREAD | PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, false, ProcessId); if (hProcess != 0) { InjectShellcode(hProcess, mthread, sizeof(mthread)); } } }
int SetupandLoad(){ //memset to ensure we dont have unusual char attributes at starting memset(&Enemy, 0, sizeof(Character)); memset(&Player, 0, sizeof(Character)); //TODO temp hardcoding Enemy.weaponRange = 6; Player.weaponRange = 2.5; //get access to dark souls memory char * processName = "DARKSOULS.exe"; //get the process id from the name int processId = GetProcessIdFromName(processName); //open the handle processHandle = OpenProcess(PROCESS_ALL_ACCESS, 0, processId); //get the base address of the process and append all other addresses onto it memorybase = GetModuleBase(processId, processName); Enemy_base_add += memorybase; player_base_add += memorybase; ReadPointerEndAddresses(processHandle); //start gui guiStart(); //get current camera details to lock readCamera(&processHandle, memorybase); //load neural network and threads int error = ReadyThreads(); if (error){ return error; } //TODO load vJoy driver(we ONLY want the driver loaded when program running) //want to use controller input, instead of keyboard, as analog stick is more precise movement int loadresult = loadvJoy(iInterface); if (loadresult != 0){ return loadresult; } iReport.bDevice = (BYTE)iInterface; ResetVJoyController(); //set window focus HWND h = FindWindow(NULL, TEXT("DARK SOULS")); SetForegroundWindow(h); SetFocus(h); return EXIT_SUCCESS; }
VOID xen_process() { TCHAR *szProcesses[] = { _T("xenservice.exe"), }; WORD iLength = sizeof(szProcesses) / sizeof(szProcesses[0]); for (int i = 0; i < iLength; i++) { _tprintf(TEXT("[*] Checking Citrix Xen process: %s"), szProcesses[i]); if (GetProcessIdFromName(szProcesses[i])) print_detected(); else print_not_detected(); } }
VOID vmware_processes() { TCHAR *szProcesses[] = { _T("vmtoolsd.exe"), }; WORD iLength = sizeof(szProcesses) / sizeof(szProcesses[0]); for (int i = 0; i < iLength; i++) { _tprintf(TEXT("[*] Checking vmware processe %s: "), szProcesses[i]); if (GetProcessIdFromName(szProcesses[i])) print_detected(); else print_not_detected(); } }
VOID vbox_processes() { TCHAR *szProcesses[] = { _T("vboxservice.exe"), _T("vboxtray.exe") }; WORD iLength = sizeof(szProcesses) / sizeof(szProcesses[0]); for (int i = 0; i < iLength; i++) { _tprintf(TEXT("[*] Checking virtual box processe %s: "), szProcesses[i]); if (GetProcessIdFromName(szProcesses[i])) print_detected(); else print_not_detected(); } }
BOOL CMainUIDlg::IsAppRun(CString AppName) { char pPath[_MAX_PATH]; pPath[0]=0; const char *cExeName = CStrToChar(AppName); _searchenv(cExeName, "PATH ",pPath); VERIFY(pPath); DWORD id=GetProcessIdFromName(AppName);//这样查杀AppName if(id!=NULL) { HANDLE myhandle=OpenProcess(PROCESS_ALL_ACCESS,TRUE,id); DWORD exitcode=0; TerminateProcess(myhandle,exitcode); return TRUE; } return FALSE; }
// //打开一个进程 2012.08.17 yyf bool CAnonymousPipe::OpenProcess(LPCSTR lpApplicationName) { strProcessName = lpApplicationName;//进程名字 if(0 == GetProcessIdFromName(strProcessName) && NULL != piAnonymousPipe) {//进程没开始 m_hWrite = INVALID_HANDLE_VALUE; m_hRead = INVALID_HANDLE_VALUE; m_hFatherWrite = INVALID_HANDLE_VALUE;//父进程写句柄 m_hFatherRead = INVALID_HANDLE_VALUE;//父进程读句柄 m_hChildWrite = INVALID_HANDLE_VALUE;//子进程写句柄 m_hChildRead = INVALID_HANDLE_VALUE;//子进程读句柄 bAnonymousPipeThread = false;//控制线程开工吧 //创建2个匿名管道,一个用于父进程写->子进程读,一个用于子进程写->父进程读. //管道1: 父进程写->子进程读 SECURITY_ATTRIBUTES sa1; sa1.bInheritHandle=TRUE; sa1.lpSecurityDescriptor=NULL; sa1.nLength=sizeof(SECURITY_ATTRIBUTES); //管道2: 子进程写->父进程读 SECURITY_ATTRIBUTES sa2; sa2.bInheritHandle=TRUE; sa2.lpSecurityDescriptor=NULL; sa2.nLength=sizeof(SECURITY_ATTRIBUTES); if(!Create(&sa1,0,&sa2,0)) { // AfxMessageBox("创建匿名管道失败!"); return false; } STARTUPINFO sui; //PROCESS_INFORMATION pi; ZeroMemory(&sui,sizeof(STARTUPINFO)); sui.cb=sizeof(STARTUPINFO); sui.dwFlags=STARTF_USESTDHANDLES; sui.hStdInput=m_hChildRead;//子进程写句柄 sui.hStdOutput=m_hChildWrite;//子进程读句柄 sui.hStdError=GetStdHandle(STD_ERROR_HANDLE); if(!CreateProcess(strProcessName,NULL,NULL,NULL, TRUE,0,NULL,NULL,&sui,&pi))//"..\\Child\\Debug\\Child.exe" { CloseHandle(m_hRead); CloseHandle(m_hWrite); m_hRead=INVALID_HANDLE_VALUE; m_hWrite=INVALID_HANDLE_VALUE; CloseHandle(m_hChildRead); CloseHandle(m_hChildWrite); m_hFatherWrite = INVALID_HANDLE_VALUE;//父进程写句柄 m_hFatherRead = INVALID_HANDLE_VALUE;//父进程读句柄 m_hChildWrite = INVALID_HANDLE_VALUE;//子进程写句柄 m_hChildRead = INVALID_HANDLE_VALUE;//子进程读句柄 //MessageBox("创建子进程失败!"); return false; } //else //{ // CloseHandle(pi.hProcess); // CloseHandle(pi.hThread); //} //创建匿名管道线程,开始读 bAnonymousPipeThread = true; DWORD dwThreadID = 0; HANDLE hThread = CreateThread(0,0,AnonymousPipeThread,this,0,&dwThreadID); if (hThread) { OutputDebugString("yyf: 匿名管道线程开始."); ::CloseHandle(hThread); } return true; } return false; }