VOID MapHack()
{
if (!GameCheck())
{
return;
}
if (OnCheck)
{
OnCheck = FALSE;
PatchDll(DllBase + 0x3a159b, "\x90\x90", 2);
PatchDll(DllBase + 0x36143C, "\x00", 1);
PatchDll(DllBase + 0x282A5C, "\x40\xC3", 2);
PatchDll(DllBase + 0x399A98, "\xEB", 1);
PrintText("|CFFFAFF21Cheat Real|R : |CFFFF0000Hack On|R");
}
else
{
OnCheck = TRUE;
PatchDll(DllBase + 0x3a159b, "\x23\xCA", 2);
PatchDll(DllBase + 0x36143C, "\x01", 1);
PatchDll(DllBase + 0x282A5C, "\xC3\xCC", 2);
PatchDll(DllBase + 0x399A98, "\x74", 1);
PrintText("|CFFFAFF21Cheat Real|R : |CFFFF0000Hack OFF|R");
}
}
PPROFBLK SetupProfiling(LPCTSTR ptchFileName)
{
PVOID ImageBase;
PPROFBLK pProfBlk;
PPROFBLK pPrevProfBlk;
ULONG ulBlkOff;
LPCSTR ptchImageName;
TCHAR atchImageName [256];
PIMAGE_NT_HEADERS pImageNtHeader;
IMAGEHLP_MODULE ModuleInfo;
// Skip directory name
if ( (ptchImageName = strrchr(ptchFileName, '\\')) )
ptchImageName++;
else
ptchImageName = (PTCHAR)ptchFileName;
// Make uppercase copy
_strupr (strcpy (atchImageName, ptchImageName));
// Don't profile CAP
if ( !strcmp (atchImageName, CAPDLL) )
return NULL;
// Search prof blk list for matching image name
pPrevProfBlk = NULL;
ulBlkOff = ulLocProfBlkOff;
while (ulBlkOff != 0)
{
pPrevProfBlk = MKPPROFBLK(ulBlkOff);
// If found image, no need to set up new block
if (!strcmp((PCHAR)pPrevProfBlk->atchImageName, atchImageName))
return FALSE;
ulBlkOff = pPrevProfBlk->ulNxtBlk;
}
try // Accessing new block can cause an access fault
// which will extend the allocation
{
// Place block at next available offset
pProfBlk = MKPPROFBLK(*pulProfBlkBase);
// Fill in initial values
pProfBlk->ImageBase =0;
pProfBlk->CodeStart = 0;
pProfBlk->CodeLength = 0;
pProfBlk->iSymCnt = 0;
pProfBlk->State = BLKSTATE_ASSIGNED;
pProfBlk->ulNxtBlk = 0;
strcpy ((TCHAR *) pProfBlk->atchImageName, atchImageName);
// Link to previous block or initial block offset
if (pPrevProfBlk)
pPrevProfBlk->ulNxtBlk = *pulProfBlkBase;
else
ulLocProfBlkOff = *pulProfBlkBase;
// Load module symbols
ImageBase = GetModuleHandle(ptchImageName);
SymLoadModule(hThisProcess, NULL, (LPSTR)ptchFileName,
(LPSTR)ptchImageName, (DWORD)ImageBase, 0);
if (ImageBase != NULL)
{
pProfBlk->ImageBase = ImageBase;
// Get code start address
if ((pImageNtHeader = ImageNtHeader(ImageBase)) != NULL)
{
pProfBlk->CodeStart = (PULONG)((TCHAR *)ImageBase +
pImageNtHeader->OptionalHeader.BaseOfCode);
}
else
{
// If can't get code start, use imagebase as next best guess
pProfBlk->CodeStart = ImageBase;
}
#if defined(MIPS) && !defined(MIPS_VC40_INTERFACE)
// Enumerate symbols to find adress of _penter
fPenterFound = FALSE;
SymEnumerateSymbols(hThisProcess, (DWORD)ImageBase,
FindPenterCallback, (PVOID)pProfBlk);
#endif // MIPS && !MIPS_VC40_INTERFACE
// Get module info for symbols count
SymGetModuleInfo(hThisProcess, (DWORD)ImageBase, &ModuleInfo);
pProfBlk->iSymCnt = ModuleInfo.NumSyms;
// Determine location for symbols and symbol names
pProfSymb = (PSYMINFO)(&pProfBlk->atchImageName[strlen(atchImageName) + 1]);
pProfBlk->ulSym = (PTCHAR)pProfSymb - (PTCHAR)pulProfBlkBase;
pcProfSymbName = (PTCHAR)&pProfSymb[ModuleInfo.NumSyms];
// Now enumerate symbols to build up symbol table
ulMaxSymbAddr = (ULONG)pProfBlk->CodeStart;
SymEnumerateSymbols(hThisProcess, (DWORD)ImageBase,
SymbolEnumCallback, (PVOID)pProfBlk);
// Set symbol range based on max symbol address encountered
if (ulMaxSymbAddr > (ULONG)pProfBlk->CodeStart)
pProfBlk->CodeLength = ulMaxSymbAddr - (ULONG)pProfBlk->CodeStart;
// Update pointer to available space
*pulProfBlkBase = (ULONG)(pcProfSymbName - (PTCHAR)pulProfBlkBase);
// Unload the module
SymUnloadModule(hThisProcess, (DWORD)ImageBase);
// Do any requested import/export patching
PatchDll (ptchPatchImports, ptchPatchCallers, bCallersToPatch,
atchImageName, ImageBase);
}
else
{
// No symbols - Update offset to next free space
*pulProfBlkBase = (ULONG)&pProfBlk->atchImageName[strlen(atchImageName) + 1]
-(ULONG)pulProfBlkBase;
} // ImageBase != NULL
}
//
// + : transfer control to the handler (EXCEPTION_EXECUTE_HANDLER)
// 0 : continue search (EXCEPTION_CONTINUE_SEARCH)
// - : dismiss exception & continue (EXCEPTION_CONTINUE_EXECUTION)
//
except ( AccessXcptFilter (GetExceptionCode(), GetExceptionInformation(), COMMIT_SIZE))
{
// Should never get here since filter never returns
// EXCEPTION_EXECUTE_HANDLER.
CapDbgPrint ("CAP: DoDllInitializations() - *LOGIC ERROR* - "
"Inside the EXCEPT: (xcpt=0x%lx)\n", GetExceptionCode());
} // end of TRY/EXCEPT
return pProfBlk;
}
