 |  
Need help writing opcodes in C++
| C / C++ Discuss, Need help writing opcodes in C++ at Programmers Lounge forum; Code:
#include "stdafx.h"
#include <iostream>
#include "windows.h"
#include "detours.h"
#pragma comment(lib,"detours.lib")
#pragma comment(lib,"kernel32.lib")
#ifdef __cplusplus
extern "C"
{
#endif
DWORD ... |
| Notices | Welcome to the Gamerz Needs forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact us. |
 | | 
08-14-2008, 09:39 PM
|  | Ethical Hacker | | | Last Online: Yesterday 08:30 PM Join Date: Sep 2006 Location: South NJ Age: 20
Posts: 445
Thanks: 57
Thanked 64 Times in 51 Posts
Nominated 0 Times in 0 Posts TOTW/F/M Award(s): 0
Latest Blog: world crashing around me...but i don't care
Rep Power: 6 Points: 188,742.75 Bank: 0.05 Total Points: 188,742.79 | | | Need help writing opcodes in C++
Code: #include "stdafx.h"
#include <iostream>
#include "windows.h"
#include "detours.h"
#pragma comment(lib,"detours.lib")
#pragma comment(lib,"kernel32.lib")
#ifdef __cplusplus
extern "C"
{
#endif
DWORD mplprocid;
HANDLE mplhndl;
DETOUR_TRAMPOLINE(
BOOL WINAPI Mine_ReadProcessMemory(
HANDLE hProcess,
LPCVOID lpBaseAddress,
LPVOID lpBuffer,
SIZE_T nSize,
SIZE_T *lpNumberOfBytesRead
), ReadProcessMemory);
DETOUR_TRAMPOLINE(
BOOL WINAPI Mine_WriteProcessMemory(
HANDLE hProcess,
LPVOID lpBaseAddress,
LPCVOID lpBuffer,
SIZE_T nSize,
SIZE_T *lpNumberOfBytesWritten
), WriteProcessMemory);
DETOUR_TRAMPOLINE(
HWND WINAPI MineFindWindow(
LPCTSTR lpClassName,
LPCTSTR lpWindowName
), FindWindow);
DETOUR_TRAMPOLINE(
DWORD WINAPI GetCerentProsessId(
void
), GetCurrentProcessId);
DETOUR_TRAMPOLINE(
HANDLE WINAPI MineOpenProcess(
DWORD dwDesiredAccess,
BOOL bInheritHandle,
DWORD dwProcessId
), OpenProcess);
#ifdef __cplusplus
}
#endif
BOOL __stdcall WINAPI Real_ReadProcessMemory(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesRead)
{
return Mine_ReadProcessMemory(hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesRead);
}
BOOL __stdcall WINAPI Real_WriteProcessMemory(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten)
{
return Mine_WriteProcessMemory(hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesWritten);
}
HWND WINAPI Real_FindWindow(LPCTSTR lpClassName, LPCTSTR lpWindowName)
{
return MineFindWindow(lpClassName, lpWindowName);
}
DWORD __stdcall WINAPI RealGetCerentProsessId(void)
{
return GetCerentProsessId();
}
HANDLE __stdcall WINAPI Real_OpenProcess(DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwProcessId)
{
return MineOpenProcess(dwDesiredAccess, bInheritHandle, dwProcessId);
}
void OpenMapleMeM()
{
mplprocid = RealGetCerentProsessId();
mplhndl = MineOpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_INFORMATION, FALSE, mplprocid);
}
void killGG()
{
BYTE time[5] = {0xB8, 0x55, 0x07, 0x00, 0x00};
BYTE low[2] = {0x6A, 0x00};
BYTE peace[5] = {0xE9, 0xF9, 0x57, 0x86, 0x00};
OpenMapleMeM();
Mine_WriteProcessMemory(mplhndl,(LPVOID*)(DWORD)0x865DC6, time, sizeof(time), NULL);
Mine_WriteProcessMemory(mplhndl,(LPVOID*)(DWORD)0x864A91, low, sizeof(low), NULL);
Mine_WriteProcessMemory(mplhndl,(LPVOID*)(DWORD)0x86363E, peace, sizeof(peace), NULL);
}
BOOL APIENTRY DllMain( HMODULE hModule, DWORD dwReason, LPVOID lpReserved)
{
switch( dwReason )
{
case DLL_PROCESS_ATTACH:{
DisableThreadLibraryCalls( hModule );
DetourFunctionWithTrampoline((PBYTE)MineOpenProcess, (PBYTE)Real_OpenProcess);
DetourFunctionWithTrampoline((PBYTE)GetCerentProsessId(), (PBYTE)RealGetCerentProsessId());
DetourFunctionWithTrampoline((PBYTE)MineFindWindow, (PBYTE)Real_FindWindow);
DetourFunctionWithTrampoline((PBYTE)Mine_ReadProcessMemory, (PBYTE)Real_ReadProcessMemory);
DetourFunctionWithTrampoline((PBYTE)Mine_WriteProcessMemory, (PBYTE)Real_WriteProcessMemory);
OpenMapleMeM();
killGG();
}
return TRUE;
case DLL_PROCESS_DETACH:
{
DetourRemove((PBYTE)MineOpenProcess, (PBYTE)Real_OpenProcess);
DetourRemove((PBYTE)GetCerentProsessId(), (PBYTE)RealGetCerentProsessId());
DetourRemove((PBYTE)MineFindWindow, (PBYTE)Real_FindWindow);
DetourRemove((PBYTE)Mine_ReadProcessMemory, (PBYTE)Real_ReadProcessMemory);
DetourRemove((PBYTE)Mine_WriteProcessMemory, (PBYTE)Real_WriteProcessMemory);
}
return TRUE;
}
return FALSE;
}
It just seems to crash MapleStory...I'm using InjecTOR. Its based on this post: Quote: Code: [ENABLE]
00865DC6:
MOV EAX,755
00864A91:
PUSH 0
0086363E:
jmp 008657f9
| What I'm trying to do is modify the respective opcodes at the respective addresses.
__________________  Mysterio-Tom Nguyen 1990-2007
Last edited by Z3R0; 08-14-2008 at 10:57 PM..
|
08-19-2008, 08:39 AM
|  | Registered Users + | | | Last Online: Today 12:03 PM Join Date: Nov 2006 Location: Location:
Posts: 2,064
Thanks: 230
Thanked 221 Times in 145 Posts
Nominated 0 Times in 0 Posts TOTW/F/M Award(s): 0
Latest Blog:
Rep Power: 11 Points: 1,091.40 Bank: 110,398.61 Total Points: 111,490.01 | | |
meh i don't get this, hopefully someone can help
*bump*
btw whats opcode?
__________________ Ha I'm back whatever |
08-19-2008, 09:30 AM
| | Ethical Hacker | | | Last Online: Yesterday 08:30 PM Join Date: Sep 2006 Location: South NJ Age: 20
Posts: 445
Thanks: 57
Thanked 64 Times in 51 Posts
Nominated 0 Times in 0 Posts TOTW/F/M Award(s): 0
Latest Blog: world crashing around me...but i don't care
Rep Power: 6 Points: 188,742.75 Bank: 0.05 Total Points: 188,742.79 | | Quote:
Originally Posted by kaswar  meh i don't get this, hopefully someone can help
*bump*
btw whats opcode? | an opcode (operation code) is the portion of a machine language instruction that specifies the operation to be performed.
For example '0xE9' is the 'jmp' instruction.
__________________ Mysterio-Tom Nguyen 1990-2007
Last edited by Z3R0; 08-19-2008 at 10:06 AM..
|
08-19-2008, 01:32 PM
|  | Diamond Hole | | | Last Online: Today 05:09 PM Join Date: Jan 2007 Location: California
Posts: 756
Thanks: 144
Thanked 110 Times in 60 Posts
Nominated 6 Times in 3 Posts TOTW/F/M Award(s): 0
Latest Blog: blahh!!!
Rep Power: 6 Points: 1,607.20 Bank: 95,830.04 Total Points: 97,437.24 | | |
well, for the source you posted, there is no point in hooking the API's. and theres no point of using WriteProcessMemory, if your making a dll. id just write to it directly. (i forgot how to do it in C++, but in delphi it's like pbyte($923582)^:=3; )
|
08-19-2008, 01:35 PM
|  | Gunbound UnderGround Level 3 | | | Last Online: Today 02:00 AM Join Date: Aug 2005 Age: 20
Posts: 4,402
Thanks: 2
Thanked 8,568 Times in 794 Posts
Nominated 33 Times in 17 Posts  TOTW/F/M Award(s): 1
Latest Blog:
Rep Power: 23 Points: 41,597.46 Bank: 259,569.03 Total Points: 301,166.49 | | Quote:
Originally Posted by wassssup34579 well, for the source you posted, there is no point in hooking the API's. and theres no point of using WriteProcessMemory, if your making a dll. id just write to it directly. (i forgot how to do it in C++, but in delphi it's like pbyte($923582)^:=3; ) | Well one way of writing directly in c++ is to just inline asm
__asm{
}
p.s. if this "gg remover" is in demand, I could code one that auto updates..
__________________  Hacks of mine that you can get if you buy premium:- Gunz Multi Hack (IJJI)
- Wolfteam Multi Hack (WIS, WLS)
- Gunbound Multi Hack (GBNA, GIS, GBEU)
- Rakion Legit Hack (RIS, RLS, RSS)
So support GzN, buy premium, and start hacking today! |
08-19-2008, 01:48 PM
| | Diamond Hole | | | Last Online: Today 05:09 PM Join Date: Jan 2007 Location: California
Posts: 756
Thanks: 144
Thanked 110 Times in 60 Posts
Nominated 6 Times in 3 Posts TOTW/F/M Award(s): 0
Latest Blog: blahh!!!
Rep Power: 6 Points: 1,607.20 Bank: 95,830.04 Total Points: 97,437.24 | | Code: __asm{
push eax
mov eax, 00865DC6h
mov [eax], 0B8h
mov [eax+1], 55h
mov [eax+2], 07h
mov [eax+3], 00h
mov [eax+4], 00h
mov eax, 00864A91h
mov [eax], 6Ah
mov [eax+1], 00h
mov eax, 0086363Eh
mov [eax], 0E9h
mov [eax], 0F9h
mov [eax], 57h
mov [eax], 86h
mov [eax], 00h
pop eax
}
it might need to be tweaked a little...
|
08-19-2008, 02:07 PM
| | Registered Users + | | | Last Online: Today 12:03 PM Join Date: Nov 2006 Location: Location:
Posts: 2,064
Thanks: 230
Thanked 221 Times in 145 Posts
Nominated 0 Times in 0 Posts TOTW/F/M Award(s): 0
Latest Blog:
Rep Power: 11 Points: 1,091.40 Bank: 110,398.61 Total Points: 111,490.01 | |
C++ is something like that.
__________________ Ha I'm back whatever |
08-19-2008, 02:15 PM
| | Gunbound UnderGround Level 3 | | | Last Online: Today 02:00 AM Join Date: Aug 2005 Age: 20
Posts: 4,402
Thanks: 2
Thanked 8,568 Times in 794 Posts
Nominated 33 Times in 17 Posts TOTW/F/M Award(s): 1
Latest Blog:
Rep Power: 23 Points: 41,597.46 Bank: 259,569.03 Total Points: 301,166.49 | | Quote:
Originally Posted by wassssup34579 Code: __asm{
push eax
mov eax, 00865DC6h
mov [eax], 0B8h
mov [eax+1], 55h
mov [eax+2], 07h
mov [eax+3], 00h
mov [eax+4], 00h
mov eax, 00864A91h
mov [eax], 6Ah
mov [eax+1], 00h
mov eax, 0086363Eh
mov [eax], 0E9h
mov [eax], 0F9h
mov [eax], 57h
mov [eax], 86h
mov [eax], 00h
pop eax
}
it might need to be tweaked a little... | definitely needs to be tweaked.. Code: __asm{
pushad
mov eax, 0x00865DC6
mov dword ptr ds:[eax], 0x000755B8
mov byte ptr ds:[eax+4], 0x00
mov eax, 0x00864A91
mov word ptr ds:[eax], 0x006A
mov eax, 0x0086363E
mov byte ptr ds:[eax], 0xE9
mov ecx, 0x008657F9
sub ecx, 0x00863643
mov dword ptr ds:[eax+1], ecx
popad
}
k that should be good.
__________________ Hacks of mine that you can get if you buy premium:- Gunz Multi Hack (IJJI)
- Wolfteam Multi Hack (WIS, WLS)
- Gunbound Multi Hack (GBNA, GIS, GBEU)
- Rakion Legit Hack (RIS, RLS, RSS)
So support GzN, buy premium, and start hacking today!
Last edited by Sean; 08-19-2008 at 02:22 PM..
| | The Following User Says Thank You to Sean For This Useful Post: | |
08-26-2008, 06:20 AM
|  | Metal Axe | | | Last Online: Today 07:21 AM Join Date: May 2008
Posts: 60
Thanks: 4
Thanked 3 Times in 3 Posts
Nominated 0 Times in 0 Posts TOTW/F/M Award(s): 0
Latest Blog:
Rep Power: | | | |
