2022-02-03 19:20:05 +08:00
|
|
|
|
// dllmain.cpp : 定义 DLL 应用程序的入口点。
|
|
|
|
|
|
#include "pch.h"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2022-02-03 22:25:03 +08:00
|
|
|
|
|
2022-02-06 11:33:52 +08:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2022-02-10 14:14:08 +08:00
|
|
|
|
static realSqNewClosure* MLnewclosure = NULL;
|
|
|
|
|
|
|
|
|
|
|
|
uint32_t NewClosure(uint32_t v, void* f, int freeVarsCnt)
|
|
|
|
|
|
{
|
|
|
|
|
|
std::cout << std::endl;
|
|
|
|
|
|
|
|
|
|
|
|
wchar_t* funcName;
|
|
|
|
|
|
SQGetString(v, -1 - freeVarsCnt, &funcName);
|
|
|
|
|
|
//if (funcName == L"sq_CreateAICharacter")
|
|
|
|
|
|
//{
|
|
|
|
|
|
//wprintf(L"Funaddr:%s\t", f);
|
|
|
|
|
|
//std::cout << f << std::endl;
|
|
|
|
|
|
//}
|
|
|
|
|
|
wprintf(L"Funname:%s\tAbli:%d\tFunAddr:0x%p", funcName, freeVarsCnt, f);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return MLnewclosure(v, f, freeVarsCnt);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-02-13 19:54:59 +08:00
|
|
|
|
static SqPushStringFunc* MLSqPushString = NULL;
|
2022-02-10 14:14:08 +08:00
|
|
|
|
|
|
|
|
|
|
uint32_t NewPushString(uint32_t v, wchar_t* f, int freeVarsCnt)
|
|
|
|
|
|
{
|
|
|
|
|
|
std::cout << std::endl;
|
|
|
|
|
|
|
|
|
|
|
|
wprintf(L"Funname:%s\tAbli:%d\tFunAddr:0x%p", f, freeVarsCnt, f);
|
|
|
|
|
|
|
|
|
|
|
|
return MLSqPushString(v, f, freeVarsCnt);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-03-06 09:47:55 +08:00
|
|
|
|
|
2022-03-06 15:00:59 +08:00
|
|
|
|
|
|
|
|
|
|
|
2022-03-06 20:11:13 +08:00
|
|
|
|
RecvPacks Cbuffer;
|
|
|
|
|
|
void Tihuan(int a1,int a2, int a3 ,int a4 ,int a5 , unsigned int a6)
|
2022-03-06 09:47:55 +08:00
|
|
|
|
{
|
2022-03-06 20:11:13 +08:00
|
|
|
|
|
2022-03-06 15:00:59 +08:00
|
|
|
|
std::cout << a1 << std::endl;
|
2022-03-06 09:47:55 +08:00
|
|
|
|
std::cout << a2 << std::endl;
|
|
|
|
|
|
std::cout << a3 << std::endl;
|
|
|
|
|
|
std::cout << a4 << std::endl;
|
|
|
|
|
|
std::cout << a5 << std::endl;
|
|
|
|
|
|
std::cout << a6 << std::endl;
|
2022-03-06 15:00:59 +08:00
|
|
|
|
|
|
|
|
|
|
|
2022-03-06 09:47:55 +08:00
|
|
|
|
}
|
2022-02-10 14:14:08 +08:00
|
|
|
|
|
|
|
|
|
|
|
2022-02-26 19:07:14 +08:00
|
|
|
|
|
2022-02-10 14:14:08 +08:00
|
|
|
|
int HOOK()
|
|
|
|
|
|
{
|
|
|
|
|
|
std::cout << u8"开始hook" << std::endl;
|
|
|
|
|
|
|
2022-03-06 09:47:55 +08:00
|
|
|
|
if (MH_Initialize() != MH_OK)//初始化Hook
|
|
|
|
|
|
{
|
|
|
|
|
|
return 1;
|
|
|
|
|
|
}
|
2022-02-26 19:07:14 +08:00
|
|
|
|
|
2022-03-06 15:00:59 +08:00
|
|
|
|
if (MH_CreateHook((void*)0x1128910, &Tihuan,
|
2022-03-06 09:47:55 +08:00
|
|
|
|
reinterpret_cast<void**>(&Cbuffer)) != MH_OK)
|
2022-02-10 14:14:08 +08:00
|
|
|
|
{
|
|
|
|
|
|
return 2;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Enable the hook for MessageBoxW.
|
2022-03-06 15:00:59 +08:00
|
|
|
|
if (MH_EnableHook((void*)0x1128910) != MH_OK)
|
2022-02-10 14:14:08 +08:00
|
|
|
|
{
|
|
|
|
|
|
return 3;
|
|
|
|
|
|
}
|
2022-03-06 09:47:55 +08:00
|
|
|
|
|
2022-02-10 14:14:08 +08:00
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
|
if (MH_CreateHook((void*)0x1358A60, &NewClosure,
|
|
|
|
|
|
reinterpret_cast<void**>(&MLnewclosure)) != MH_OK)
|
|
|
|
|
|
{
|
|
|
|
|
|
return 2;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Enable the hook for MessageBoxW.
|
|
|
|
|
|
if (MH_EnableHook((void*)0x1358A60) != MH_OK)
|
|
|
|
|
|
{
|
|
|
|
|
|
return 3;
|
|
|
|
|
|
}
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2022-02-14 23:35:11 +08:00
|
|
|
|
|
|
|
|
|
|
|
2022-02-06 11:33:52 +08:00
|
|
|
|
void testcall()
|
|
|
|
|
|
{
|
2022-02-26 19:07:14 +08:00
|
|
|
|
|
2022-02-06 11:33:52 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-02-10 14:14:08 +08:00
|
|
|
|
void LenheartThread(void)
|
2022-02-03 22:25:03 +08:00
|
|
|
|
{
|
2022-02-07 03:31:00 +08:00
|
|
|
|
// 下方写全局变量
|
|
|
|
|
|
static int Nut头地址;
|
|
|
|
|
|
static int 属性头地址;
|
|
|
|
|
|
static int 可开始执行判断;
|
|
|
|
|
|
|
2022-02-10 14:14:08 +08:00
|
|
|
|
|
2022-02-03 19:20:05 +08:00
|
|
|
|
while (true)
|
|
|
|
|
|
{
|
2022-02-10 14:14:08 +08:00
|
|
|
|
Sleep(10);
|
2022-02-03 22:25:03 +08:00
|
|
|
|
|
|
|
|
|
|
if (GetHook(0x1A5FB4C, "0x14+0x28+") == 6)可开始执行判断 = 1;
|
|
|
|
|
|
if (可开始执行判断 == 1)
|
|
|
|
|
|
{
|
2022-02-10 14:14:08 +08:00
|
|
|
|
RegisterNut();
|
|
|
|
|
|
|
2022-02-03 22:25:03 +08:00
|
|
|
|
while (true)
|
|
|
|
|
|
{
|
|
|
|
|
|
Sleep(10);
|
|
|
|
|
|
|
|
|
|
|
|
if (GetExeNutWrtNum(61) != 0 && Nut头地址 == 0)Nut头地址 = GetExeNutWrtNum(61);
|
|
|
|
|
|
//if (GetExeNutWrtNum(61 != 0))属性头地址 = GetExeNutWrtNum(61);
|
|
|
|
|
|
if (GetExeNutWrtNum(0) == 666)
|
|
|
|
|
|
{
|
|
|
|
|
|
std::cout << u8"写成功" << std::endl;;
|
2022-02-06 11:33:52 +08:00
|
|
|
|
testcall();
|
2022-02-03 22:25:03 +08:00
|
|
|
|
SetExeNutWrtNum(0, 0);
|
2022-02-07 03:31:00 +08:00
|
|
|
|
SetNutArrNum(Nut头地址 , 20, 0);
|
2022-02-03 22:25:03 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2022-02-03 19:20:05 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2022-03-06 20:11:13 +08:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2022-03-07 13:50:29 +08:00
|
|
|
|
#include "inlinehook.h"
|
2022-03-06 20:11:13 +08:00
|
|
|
|
|
2022-03-07 13:50:29 +08:00
|
|
|
|
inlinehook* TEA = nullptr;
|
|
|
|
|
|
inlinehook* TEB = nullptr;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void JMPre(int address)
|
|
|
|
|
|
{
|
|
|
|
|
|
_asm
|
|
|
|
|
|
{
|
|
|
|
|
|
pop ebp
|
|
|
|
|
|
add esp, 0x00000004
|
|
|
|
|
|
ret
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void qubb(int a1,int a2,int a3)
|
|
|
|
|
|
{
|
|
|
|
|
|
_asm
|
|
|
|
|
|
{
|
|
|
|
|
|
push esi
|
|
|
|
|
|
push edi
|
|
|
|
|
|
pushfd
|
|
|
|
|
|
cld
|
|
|
|
|
|
mov ecx, dword ptr[ebp + 0x10]
|
|
|
|
|
|
mov esi, dword ptr[ebp + 0x0c]
|
|
|
|
|
|
mov edi, dword ptr[ebp + 0x08]
|
|
|
|
|
|
rep movsb
|
|
|
|
|
|
popfd
|
|
|
|
|
|
pop edi
|
|
|
|
|
|
pop esi
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void datec()
|
|
|
|
|
|
{
|
|
|
|
|
|
int ptrd;
|
|
|
|
|
|
int packtype;
|
|
|
|
|
|
int packlen;
|
|
|
|
|
|
|
|
|
|
|
|
ptrd = 0;
|
|
|
|
|
|
_asm
|
|
|
|
|
|
{
|
|
|
|
|
|
mov dword ptr[ebp - 0x04], ebx
|
|
|
|
|
|
}
|
|
|
|
|
|
//packtype = *(int*)(ptrd + 1);
|
|
|
|
|
|
qubb(packtype,ptrd + 1, 2);
|
|
|
|
|
|
qubb(packlen,ptrd + 3, 2);
|
|
|
|
|
|
//packlen = *(int*)(ptrd + 3);
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void hookadd()
|
|
|
|
|
|
{
|
|
|
|
|
|
_asm
|
|
|
|
|
|
{
|
|
|
|
|
|
pushad
|
|
|
|
|
|
pushfd
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
datec();
|
|
|
|
|
|
|
|
|
|
|
|
_asm
|
|
|
|
|
|
{
|
|
|
|
|
|
popfd
|
|
|
|
|
|
popad
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
_asm
|
|
|
|
|
|
{
|
|
|
|
|
|
mov ecx, dword ptr[ebp - 0x0000012c]
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
JMPre(7333970);
|
|
|
|
|
|
}
|
2022-03-06 20:11:13 +08:00
|
|
|
|
|
|
|
|
|
|
DWORD WINAPI MyThreadProc2(LPVOID pParam)
|
|
|
|
|
|
{
|
2022-03-07 13:50:29 +08:00
|
|
|
|
std::cout << u8"开始HOOK" << std::endl;
|
|
|
|
|
|
TEA = new inlinehook(0x6FE84C, (int)hookadd);
|
|
|
|
|
|
//修改地址
|
|
|
|
|
|
TEA->Motify_address();
|
2022-03-06 20:11:13 +08:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2022-02-03 19:20:05 +08:00
|
|
|
|
__declspec(dllexport) void Lenheart()
|
|
|
|
|
|
{
|
|
|
|
|
|
DWORD threadID;
|
2022-02-10 14:14:08 +08:00
|
|
|
|
CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)LenheartThread, NULL, 0, &threadID);
|
2022-03-06 20:11:13 +08:00
|
|
|
|
|
|
|
|
|
|
DWORD dwThreadId;
|
|
|
|
|
|
HANDLE myThread2 = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)MyThreadProc2, NULL, 0, &dwThreadId);
|
2022-02-03 19:20:05 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
BOOL APIENTRY DllMain( HMODULE hModule,
|
|
|
|
|
|
DWORD ul_reason_for_call,
|
|
|
|
|
|
LPVOID lpReserved
|
|
|
|
|
|
)
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
switch (ul_reason_for_call)
|
|
|
|
|
|
{
|
|
|
|
|
|
case DLL_PROCESS_ATTACH:
|
2022-03-06 20:11:13 +08:00
|
|
|
|
//HOOK();
|
2022-02-03 19:20:05 +08:00
|
|
|
|
Lenheart();
|
2022-02-10 14:14:08 +08:00
|
|
|
|
break;
|
2022-02-03 19:20:05 +08:00
|
|
|
|
case DLL_THREAD_ATTACH:
|
|
|
|
|
|
case DLL_THREAD_DETACH:
|
|
|
|
|
|
case DLL_PROCESS_DETACH:
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
return TRUE;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
