// Edit a single module's import table so that wherever it would have called the
// imported function pointer 'oldfunc', it now calls 'newfunc'. (When a module calls
// a function in another module, it uses an indirect JMP instruction that looks up
// the target address in the calling module's import table. Modifying an entry in
// the import table changes the target address. For a good description of the data
// structures involved, see "Peering Inside the PE" by Matt Pietrek on MSDN.)
static BOOL HookFunction(HMODULE module, void* oldfunc, void* newfunc) {
// Make sure we can read the module header.
if (IsBadReadPtr(module, sizeof(PIMAGE_NT_HEADERS))) return FALSE;
// Navigate to the module's import table.
GETPOINTER(IMAGE_DOS_HEADER, dosheader, module, 0);
if (dosheader->e_magic != IMAGE_DOS_SIGNATURE) return FALSE;
GETPOINTER(IMAGE_NT_HEADERS, ntheader, module, dosheader->e_lfanew);
if (ntheader->Signature != IMAGE_NT_SIGNATURE) return FALSE;
IMAGE_DATA_DIRECTORY* directory = ntheader->OptionalHeader.DataDirectory;
DWORD offset = directory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress;
GETPOINTER(IMAGE_IMPORT_DESCRIPTOR, importdesc, module, offset);
if (importdesc == (IMAGE_IMPORT_DESCRIPTOR*) ntheader) return FALSE;
// Scan the import table and replace all occurrences of the given function pointer.
// The table contains a list of import descriptors, one for each imported module,
// and each descriptor points to a list of thunks, one for each imported function.
BOOL success = FALSE;
for (; importdesc->Name; importdesc++) {
GETPOINTER(char, name, module, importdesc->Name);
GETPOINTER(IMAGE_THUNK_DATA, thunk, module, importdesc->FirstThunk);
for (; thunk->u1.Function; thunk++) {
void** funcptr = (void**) &thunk->u1.Function;
if (*funcptr == oldfunc) {
success |= WritePointer(funcptr, newfunc);
}
}
}
return success;
}
VOID UpdateMana()
{
while(TRUE)
{
if ((int) ReadPointer(alertBase, mpAlert) < 20)
{
WritePointer(alertBase, mpAlert, 20);
}
mana = (int) ReadPointer(guiBase, guiMana);
Sleep(100);
}
}
VOID UpdateHealth()
{
while(TRUE)
{
if ((int) ReadPointer(alertBase, hpAlert) < 20)
{
WritePointer(alertBase, hpAlert, 20);
}
health = (int) ReadPointer(guiBase, guiHealth);
Sleep(100);
}
}
void TeleXY( bool s , int x, int y)
{
WritePointer(PeopleBase,PeopleTeleX,x);
WritePointer(PeopleBase,PeopleTeleY,y);
WritePointer(PeopleBase,PeopleTeleSW,s);
}
void WriteFuncObjRef(const FuncObjRef& fFuncObjRef)
{
WritePointer(fFuncObjRef.objRef);
WriteInt(fFuncObjRef.objIndx);
WriteLine();
}
void WriteFuncObj(const FuncObjC* fFuncObj)
{
WritePointer(fFuncObj);
WriteLine();
}
