|
|
sponsored advertisements
|
|
10th November 2009, 08:00 AM
|
#1
|
too old for this ****
|
read/writeprocessmemory
umm is it possible to do something like this:
Code:
pReal_PostRender = (void (__stdcall *)(float))((DWORD)pPostRenderHook + *pPostRenderHook + 4);
VirtualProtect(pPostRenderHook, sizeof(DWORD), PAGE_READWRITE, &Protect);
*pPostRenderHook = (DWORD)Hooked_PostRender - ((DWORD)pPostRenderHook + 4);
VirtualProtect(pPostRenderHook, sizeof(DWORD), Protect, &Protect);
with this:
Code:
WINBASEAPI
BOOL
WINAPI
ReadProcessMemory(
__in HANDLE hProcess,
__in LPCVOID lpBaseAddress,
__out_bcount_part(nSize, *lpNumberOfBytesRead) LPVOID lpBuffer,
__in SIZE_T nSize,
__out_opt SIZE_T * lpNumberOfBytesRead
);
WINBASEAPI
BOOL
WINAPI
WriteProcessMemory(
__in HANDLE hProcess,
__in LPVOID lpBaseAddress,
__in_bcount(nSize) LPCVOID lpBuffer,
__in SIZE_T nSize,
__out_opt SIZE_T * lpNumberOfBytesWritten
);
?
i see over 9000 people doing this for a simpler prog in VB:
Code:
Try
Dim M As ProcessModule
Dim MAddress As Integer
Dim Address As Integer
Dim Value As Integer
If Process.GetProcessesByName("Solitaire").Length = 0 Then
Exit Sub
End If
Dim Handle As Integer = Process.GetProcessesByName("Solitaire")(0).Handle
Dim HandleP As Process() = Process.GetProcessesByName("Solitaire")
For Each M In HandleP(0).Modules
If "Solitaire.exe" = M.ModuleName Then
MAddress = M.BaseAddress
End If
Next
ReadProcessMemory(Handle, MAddress + &H82848, Value, 4, 0)
Address = Value + &H2C
ReadProcessMemory(Handle, Address, Value, 4, 0)
Address = Value + &H10
'And Write To The Final Address
WriteProcessMemory(Handle, Address, 1000, 4, 0)
Catch ex As Exception
MsgBox(Err.Description)
End Try
Thx.
__________________
Quote:
Originally Posted by TarkovEnjoer
Without a second PC, the cheat will not work? If I write my cheat without a second PC, I won't be able to run it, so that they wouldn't find me?
|
Last edited by smaller; 10th November 2009 at 08:03 AM.
|
smaller is offline
|
|
|
10th November 2009, 11:07 AM
|
#2
|
A Forum Hero
|
Make a simple hook on WriteProcessMemory? Of course that's possible!
U can use that function.. how's it called? GetProcAdress or something?
Be aware that it's a bool, so at the end of the hooked function, U need to return something.
if you return 0 there, then WriteProcessMemory will be FULLY disabled for the application U hooked it in.
if you return > 0, it will always return succeed.
if you return itself (return _WriteProcessMemory), it will return normal values like it should.
|
ultimate-tester is offline
|
|
10th November 2009, 02:39 PM
|
#3
|
|
Hi,
Here is some old code that may could help you:
Code:
// KUSER_SHARED_DATA UserSharedData
#define SYSENTER_SHAREDUSERDATA 0x7FFE0000
// UserSharedData.SystemCall -> KiFastSystemCall
#define SYSENTER_SYSTEMCALL 0x0300
// UserSharedData.SystemCallReturn -> KiFastSystemCallRet
#define SYSENTER_SYSTEMCALLRETURN 0x0304
Code:
// NtReadVirtualMemory
#define SYSCALL_NTREADVIRTUALMEMORY_XP 0x00BA
#define SYSCALL_NTREADVIRTUALMEMORY_VISTA 0x0102
#define SYSCALL_NTREADVIRTUALMEMORY_SEVEN 0x003C
Code:
// NtWriteVirtualMemory
#define SYSCALL_NTWRITEVIRTUALMEMORY_XP 0x0115
#define SYSCALL_NTWRITEVIRTUALMEMORY_VISTA 0x0167
#define SYSCALL_NTWRITEVIRTUALMEMORY_SEVEN 0x0037
Code:
// NtProtectVirtualMemory
#define SYSCALL_NTPROTECTVIRTUALMEMORY_XP 0x0089
#define SYSCALL_NTPROTECTVIRTUALMEMORY_VISTA 0x00CF
#define SYSCALL_NTPROTECTVIRTUALMEMORY_SEVEN 0x004D
NTDLL.DLL
Code:
NTSTATUS NTAPI NtReadVirtualMemory( HANDLE processHandle, PVOID baseAddress, PVOID buffer, ULONG numberOfBytesToRead, PULONG numberOfBytesReaded )
{
/*
.text:7C91D9FE mov eax, 0BAh ; Syscall index
.text:7C91DA03 mov edx, 7FFE0300h ; UserSharedData.SystemCall
.text:7C91DA08 call dword ptr [edx] ; KiFastSystemCall
.text:7C91DA0A retn 14h
*/
_asm
{
MOV EAX, SYSCALL_NTREADVIRTUALMEMORY_XP;
// KiFastSystemCall
MOV EDX, SYSENTER_SHAREDUSERDATA;
XOR EDX, SYSENTER_SYSTEMCALL;
PUSH DWORD PTR [EDX];
RET;
}
}
Code:
NTSTATUS NTAPI NtWriteVirtualMemory( HANDLE processHandle, PVOID baseAddress, PVOID buffer, ULONG numberOfBytesToWrite, PULONG numberOfBytesWritten )
{
/*
.text:7C91DFAE mov eax, 115h ; Syscall index
.text:7C91DFB3 mov edx, 7FFE0300h ; UserSharedData.SystemCall
.text:7C91DFB8 call dword ptr [edx] ; KiFastSystemCall
.text:7C91DFBA retn 14h
*/
_asm
{
MOV EAX, SYSCALL_NTWRITEVIRTUALMEMORY_XP;
// KiFastSystemCall
MOV EDX, SYSENTER_SHAREDUSERDATA;
XOR EDX, SYSENTER_SYSTEMCALL;
PUSH DWORD PTR [EDX];
RET;
}
}
Code:
NTSTATUS NTAPI NtProtectVirtualMemory( HANDLE processHandle, PVOID *baseAddress, PULONG numberOfBytesToProtect, ULONG newAccessProtection, PULONG oldAccessProtection )
{
/*
.text:7C91DFAE mov eax, 89h ; Syscall index
.text:7C91DFB3 mov edx, 7FFE0300h ; UserSharedData.SystemCall
.text:7C91DFB8 call dword ptr [edx] ; KiFastSystemCall
.text:7C91DFBA retn 14h
*/
_asm
{
MOV EAX, SYSCALL_NTPROTECTVIRTUALMEMORY_XP;
// KiFastSystemCall
MOV EDX, SYSENTER_SHAREDUSERDATA;
XOR EDX, SYSENTER_SYSTEMCALL;
PUSH DWORD PTR [EDX];
RET;
}
}
KERNEL32.DLL
Code:
BOOL WINAPI ReadProcessMemory( HANDLE process, LPCVOID address, LPVOID buffer, SIZE_T size, SIZE_T *bytesRead )
{
NTSTATUS status = NtReadVirtualMemory( process, address, buffer, size, bytesRead );
return !status;
}
Code:
BOOL WINAPI WriteProcessMemory( HANDLE process, LPVOID address, LPCVOID buffer, SIZE_T size, SIZE_T *bytesWritten )
{
NTSTATUS status = NtWriteVirtualMemory( process, address, buffer, size, bytesWritten );
return !status;
}
Code:
BOOL WINAPI VirtualProtectEx( HANDLE process, LPVOID address, SIZE_T size,DWORD newProt, LPDWORD oldProt )
{
NTSTATUS status = NtProtectVirtualMemory( process, &address, &size, newProt, oldProt );
return !status;
}
Code:
BOOL WINAPI VirtualProtect( LPVOID address, SIZE_T size, DWORD newProt, LPDWORD oldProt )
{
return VirtualProtectEx( ( HANDLE )0xFFFFFFFF, address, size, newProt, oldProt );
}
Regards.
__________________
Thrall, a young Orc raised as a Human slave and gladiator...
Last edited by okidoki; 16th November 2009 at 08:44 AM.
Reason: Added VirtualProtect
|
okidoki is offline
|
|
|
11th November 2009, 02:38 AM
|
#4
|
too old for this ****
|
Thank you for this info. Will fiddle around when I get to my pc
__________________
Quote:
Originally Posted by TarkovEnjoer
Without a second PC, the cheat will not work? If I write my cheat without a second PC, I won't be able to run it, so that they wouldn't find me?
|
|
smaller is offline
|
|
We strive to provide all our services for free and not interrupt your visit with overly intrusive advertisements or restrictions - support us by disabling your ad blocker or whitelisting our site.
All times are GMT. The time now is 04:50 PM.
|
|
sponsored advertisement |
| | |