2022-02-03 19:20:05 +08:00
|
|
|
|
// dllmain.cpp : 定义 DLL 应用程序的入口点。
|
|
|
|
|
|
#include "pch.h"
|
|
|
|
|
|
#include <iostream>
|
|
|
|
|
|
#include <Windows.h>
|
2022-02-03 22:25:03 +08:00
|
|
|
|
#include <string>
|
2022-02-03 19:20:05 +08:00
|
|
|
|
|
|
|
|
|
|
|
2022-02-03 22:25:03 +08:00
|
|
|
|
int Nut头地址;
|
|
|
|
|
|
int 属性头地址;
|
|
|
|
|
|
int 可开始执行判断;
|
2022-02-03 19:20:05 +08:00
|
|
|
|
|
2022-02-06 11:33:52 +08:00
|
|
|
|
/*
|
|
|
|
|
|
typedef int func(int a,class b);
|
2022-02-04 21:33:44 +08:00
|
|
|
|
func* f = (func*)0x1127D60;
|
2022-02-06 11:33:52 +08:00
|
|
|
|
*/
|
2022-02-03 19:20:05 +08:00
|
|
|
|
|
|
|
|
|
|
|
2022-02-03 22:25:03 +08:00
|
|
|
|
|
|
|
|
|
|
//获取EXE使用头 号位数据
|
2022-02-03 19:20:05 +08:00
|
|
|
|
int GetExeNutWrtNum(int Pos)
|
|
|
|
|
|
{
|
|
|
|
|
|
int num = *(int*)(0x40079F + (Pos * 4));
|
|
|
|
|
|
return num;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-02-03 22:25:03 +08:00
|
|
|
|
//写EXE使用头 号位数据
|
|
|
|
|
|
void SetExeNutWrtNum(int Pos , int num)
|
|
|
|
|
|
{
|
|
|
|
|
|
int *p = (int*)(0x40079F + (Pos * 4));
|
|
|
|
|
|
*p = num;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//获取Nut头 号位数据
|
|
|
|
|
|
int GetNutArrNum(int Pos)
|
|
|
|
|
|
{
|
|
|
|
|
|
int num = *(int*)(Nut头地址 + (Pos * 8));
|
|
|
|
|
|
return num;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//写Nut头 号位数据
|
|
|
|
|
|
void SetNutArrNum(int Pos, int num)
|
|
|
|
|
|
{
|
|
|
|
|
|
int* p = (int*)(Nut头地址 + (Pos * 8));
|
|
|
|
|
|
*p = num;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//读内存偏移地址
|
|
|
|
|
|
int GetHook(int Addr , std::string 地址)
|
2022-02-03 19:20:05 +08:00
|
|
|
|
{
|
2022-02-03 22:25:03 +08:00
|
|
|
|
size_t pos = 地址.find("+");
|
|
|
|
|
|
size_t size = 地址.size();
|
|
|
|
|
|
int GetHookArr[] = { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 };
|
|
|
|
|
|
int i = 0;
|
|
|
|
|
|
|
|
|
|
|
|
while (pos != std::string::npos)
|
|
|
|
|
|
{
|
|
|
|
|
|
std::string x = 地址.substr(0, pos);
|
|
|
|
|
|
GetHookArr[i] = stoi(x, 0, 16);
|
|
|
|
|
|
i++;
|
|
|
|
|
|
地址 = 地址.substr(pos + 1, size);
|
|
|
|
|
|
pos = 地址.find("+");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
int num;
|
|
|
|
|
|
num = *(int*)(Addr);
|
2022-02-03 19:20:05 +08:00
|
|
|
|
|
2022-02-03 22:25:03 +08:00
|
|
|
|
if (num != 0)
|
|
|
|
|
|
{
|
|
|
|
|
|
for (int z = 0; z < i; z++)
|
|
|
|
|
|
{
|
|
|
|
|
|
num = *(int*)(num + GetHookArr[z]);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return num;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-02-06 11:33:52 +08:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
typedef DWORD funa();
|
|
|
|
|
|
funa* a = (funa*)0x1127EC0;
|
|
|
|
|
|
|
|
|
|
|
|
typedef DWORD testc;
|
|
|
|
|
|
testc* tc = (testc*)0x1AEB6E4;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
typedef int(__fastcall* sendp)(DWORD thisc, int de, int a);
|
|
|
|
|
|
sendp psendp = (sendp)0x1127D60;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void testcall()
|
|
|
|
|
|
{
|
|
|
|
|
|
psendp(*tc, 0, 0x2D);
|
|
|
|
|
|
a();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2022-02-03 22:25:03 +08:00
|
|
|
|
void ThreadFun(void)
|
|
|
|
|
|
{
|
2022-02-03 19:20:05 +08:00
|
|
|
|
while (true)
|
|
|
|
|
|
{
|
2022-02-03 22:25:03 +08:00
|
|
|
|
Sleep(500);
|
|
|
|
|
|
|
|
|
|
|
|
if (GetHook(0x1A5FB4C, "0x14+0x28+") == 6)可开始执行判断 = 1;
|
|
|
|
|
|
if (可开始执行判断 == 1)
|
|
|
|
|
|
{
|
|
|
|
|
|
while (true)
|
|
|
|
|
|
{
|
|
|
|
|
|
Sleep(10);
|
|
|
|
|
|
|
|
|
|
|
|
if (GetExeNutWrtNum(61) != 0 && Nut头地址 == 0)Nut头地址 = GetExeNutWrtNum(61);
|
|
|
|
|
|
//if (GetExeNutWrtNum(61 != 0))属性头地址 = GetExeNutWrtNum(61);
|
|
|
|
|
|
|
|
|
|
|
|
//std::cout << GetExeNutWrtNum(0) << std::endl;;
|
|
|
|
|
|
if (GetExeNutWrtNum(0) == 666)
|
|
|
|
|
|
{
|
|
|
|
|
|
std::cout << u8"写成功" << std::endl;;
|
2022-02-06 11:33:52 +08:00
|
|
|
|
testcall();
|
2022-02-03 22:25:03 +08:00
|
|
|
|
SetExeNutWrtNum(0, 0);
|
|
|
|
|
|
SetNutArrNum(20, 0);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2022-02-03 19:20:05 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
__declspec(dllexport) void Lenheart()
|
|
|
|
|
|
{
|
|
|
|
|
|
DWORD threadID;
|
|
|
|
|
|
CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)ThreadFun, NULL, 0, &threadID);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
BOOL APIENTRY DllMain( HMODULE hModule,
|
|
|
|
|
|
DWORD ul_reason_for_call,
|
|
|
|
|
|
LPVOID lpReserved
|
|
|
|
|
|
)
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
switch (ul_reason_for_call)
|
|
|
|
|
|
{
|
|
|
|
|
|
case DLL_PROCESS_ATTACH:
|
|
|
|
|
|
//int i = f(60,80);
|
|
|
|
|
|
//std::cout << "12132132" << std::endl;
|
|
|
|
|
|
Lenheart();
|
|
|
|
|
|
case DLL_THREAD_ATTACH:
|
|
|
|
|
|
case DLL_THREAD_DETACH:
|
|
|
|
|
|
case DLL_PROCESS_DETACH:
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
return TRUE;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
