📄 cachedext.cpp
字号:
#include "CachedExt.h"
CachedExt::CachedExt()
{
hCACHED = OpenProcess(PROCESS_ALL_ACCESS, false, GetCurrentProcessId());
if (!hCACHED)
{
//Close process
ExitProcess(0);
}
}
CachedExt *CachedExt::In()
{
static CachedExt CE;
return &CE;
}
CachedExt::~CachedExt()
{
CloseHandle(hCACHED);
}
void CachedExt::ReplaceMem(DWORD dwBaseAddr, LPCVOID pData, SIZE_T nSize)
{
DWORD dwOldProtect = NULL;
SIZE_T BytesWritten = NULL;
if(!VirtualProtect((LPVOID)dwBaseAddr, nSize, PAGE_EXECUTE_READWRITE, &dwOldProtect))
{
//Error while setting new protect
}
if (!WriteProcessMemory(hCACHED, (LPVOID)(dwBaseAddr), pData, nSize, &BytesWritten))
{
ExitProcess(0);
}
if(!VirtualProtect((LPVOID)dwBaseAddr, nSize, dwOldProtect, &dwOldProtect))
{
//Error while setting old protect
}
}
void CachedExt::SetHook(BYTE OpCode, DWORD dwBaseAddr, DWORD dwTargetAddr, int nNops)
{
DWORD dwOldProtect = NULL;
SIZE_T BytesWritten = NULL;
int nTempSize = 5+nNops;
BYTE *buffer = new BYTE[nTempSize];
if(nNops==0)
{
ZeroMemory(buffer,5);
buffer[0]=OpCode;
dwTargetAddr-=dwBaseAddr+5;
memcpy(buffer+1,&dwTargetAddr,4);
}else
{
ZeroMemory(buffer, nTempSize);
buffer[0]=OpCode;
dwTargetAddr-=dwBaseAddr+5;
memcpy(buffer+1,&dwTargetAddr,4);
for(unsigned int n=6; n < nTempSize; n++)
buffer[n]=0x90;
}
if(!VirtualProtect((LPVOID)dwBaseAddr, (nTempSize), PAGE_EXECUTE_READWRITE, &dwOldProtect))
{
//Error while setting new protect
}
if (!WriteProcessMemory(hCACHED, (LPVOID)(dwBaseAddr), buffer, (nTempSize), &BytesWritten))
{
ExitProcess(0);
}
if(!VirtualProtect((LPVOID)dwBaseAddr, (nTempSize), dwOldProtect, &dwOldProtect))
{
//Error while setting old protect
}
delete buffer;
}
void CachedExt::HookDummyPacket()
{
DWORD dwFuncAddr = (DWORD)PacketHandler;
ReplaceMem(0x0056A960,(BYTE*)&dwFuncAddr, 4); //overwriting address, our function will be called instead of DummyPacket from cached
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -