Page 1 of 2 12 LastLast
Results 1 to 10 of 14
  1. #1
    Dwar
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Posts
    2,222
    Thanks Thanks Given 
    211
    Thanks Thanks Received 
    2,230
    Thanked in
    292 Posts
    Rep Power
    10

    [C++] How to get a correct Window Handle

    Since windows has some unorthodox methods for getting certain requirements.
     #include <windows.h> 

    DWORD WINAPI Thread( LPVOID )
    {
    HWND hWnd;

    for( ;; )
    {
    DWORD a;
    GetWindowThreadProcessId( ( hWnd = GetActiveWindow() ), &a );

    if ( ( a != GetCurrentProcessId() ) )
    {
    hWnd = NULL;
    continue;
    }
    }
    return NULL;
    }

    BOOL WINAPI DllMain( HMODULE hModule, DWORD Reason, LPVOID lpvReserved )
    {
    if( Reason == DLL_PROCESS_ATTACH )
    CreateThread( NULL, 0, Thread, NULL, NULL, 0 );

    return TRUE;
    }

    This is good for injecting into dynamic processes without the worry of Class Names, Window names, or Preset ID's.

    This also avoids the problem with using GetActiveWindow Alone since it gets the window currently being used whether it is another program or the desktop.
    Author: SEGnosis
    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

  2. #2
    gosicks
    gosicks is offline
    New member
    Join Date
    2010 Oct
    Posts
    31
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    and how get module handle in game.exe???

  3. #3
    remka
    remka is offline
    Member-in-training remka's Avatar
    Join Date
    2010 Oct
    Location
    Moscow
    Posts
    161
    Thanks Thanks Given 
    17
    Thanks Thanks Received 
    31
    Thanked in
    6 Posts
    Rep Power
    15

    Smile

    C#
    Process[] processes = Process.GetProcesses();

    foreach( Process process in processes )
    {
    try
    {
    if( process.ProcessName.ToUpper() == "launch".ToUpper() )
    {
    War = process;
    break;
    }
    }
    catch( Exception )
    {
    }
    }
    if( War == null )
    {
    Console.WriteLine( "Error" );
    return;
    }
    Console.WriteLine( "Success - PID = " + War.Id.ToString() + "\n" );
    foreach( ProcessModule mod in War.Modules )
    {
    try
    {
    if( mod.ModuleName.ToUpper() == "GameModule.dll".ToUpper() )
    {
    Dance = mod;
    break;
    }
    }
    catch( Exception )
    {
    }
    }
    if( Dance == null )
    {
    Console.WriteLine( "Error" );
    return;
    }

  4. #4
    codeprada
    codeprada is offline
    New member codeprada's Avatar
    Join Date
    2010 Dec
    Posts
    7
    Thanks Thanks Given 
    1
    Thanks Thanks Received 
    1
    Thanked in
    1 Post
    Rep Power
    0
    i found this way to work for me so i'm just sharing

    Code:
    BOOL CALLBACK WinEnum(HWND hwnd, LPARAM lParam)
    {
    	if (hwnd == NULL) 
    		MessageBox(HWND_DESKTOP, T("Error getting window"), NULL, MB_OK);
    	else 
    	{
    		//your code here
    
    	}
    
    	return TRUE;
    }
    
    DWORD WINAPI thread(LPVOID)
    {
            HWND hwnd;
    	EnumWindows(WinEnum, GetCurrentProcessId());
    
    	oWndProc = SetWindowLong(hwnd, GWL_WNDPROC, (long)nWndProc); 
    	
    	return TRUE;
    
    }
    
    BOOL APIENTRY DllMain( HMODULE hModule,
                           DWORD  ul_reason_for_call,
                           LPVOID lpReserved
    					 )
    {
    	switch (ul_reason_for_call)
    	{
    	case DLL_PROCESS_ATTACH:
    		{
    			CreateThread(NULL, 0, hack, 0, 0, &threadID);			
    		}
    		break;
    	case DLL_THREAD_ATTACH:
    	case DLL_THREAD_DETACH:
    	case DLL_PROCESS_DETACH:
    		break;
    	}
    	return TRUE;
    }

  5. #5
    remka
    remka is offline
    Member-in-training remka's Avatar
    Join Date
    2010 Oct
    Location
    Moscow
    Posts
    161
    Thanks Thanks Given 
    17
    Thanks Thanks Received 
    31
    Thanked in
    6 Posts
    Rep Power
    15
    Quote Originally Posted by codeprada View Post
    i found this way to work for me so i'm just sharing

    Code:
    BOOL CALLBACK WinEnum(HWND hwnd, LPARAM lParam)
    {
    	if (hwnd == NULL) 
    		MessageBox(HWND_DESKTOP, T("Error getting window"), NULL, MB_OK);
    	else 
    	{
    		//your code here
    
    	}
    
    	return TRUE;
    }
    
    DWORD WINAPI thread(LPVOID)
    {
            HWND hwnd;
    	EnumWindows(WinEnum, GetCurrentProcessId());
    
    	oWndProc = SetWindowLong(hwnd, GWL_WNDPROC, (long)nWndProc); 
    	
    	return TRUE;
    
    }
    
    BOOL APIENTRY DllMain( HMODULE hModule,
                           DWORD  ul_reason_for_call,
                           LPVOID lpReserved
    					 )
    {
    	switch (ul_reason_for_call)
    	{
    	case DLL_PROCESS_ATTACH:
    		{
    			CreateThread(NULL, 0, hack, 0, 0, &threadID);			
    		}
    		break;
    	case DLL_THREAD_ATTACH:
    	case DLL_THREAD_DETACH:
    	case DLL_PROCESS_DETACH:
    		break;
    	}
    	return TRUE;
    }
    Oo OoOoOOoOOOO

    DWORD FindProcessId(const std::wstring& processName)
    {
    PROCESSENTRY32 processInfo;
    processInfo.dwSize = sizeof(processInfo);

    HANDLE processesSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
    if ( processesSnapshot == INVALID_HANDLE_VALUE )
    return 0;

    Process32First(processesSnapshot, &processInfo);
    if ( !processName.compare(processInfo.szExeFile) )
    {
    CloseHandle(processesSnapshot);
    return processInfo.th32ProcessID;
    }

    while ( Process32Next(processesSnapshot, &processInfo) )
    {
    if ( !processName.compare(processInfo.szExeFile) )
    {
    CloseHandle(processesSnapshot);
    return processInfo.th32ProcessID;
    }
    }

    CloseHandle(processesSnapshot);
    return 0;
    }
    DWORD getModuleBaseAddress(TCHAR * lpsBaseName, DWORD offset, HANDLE hProcess)
    {
    HMODULE hMods[1024];
    DWORD cbNeeded;
    if( EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbNeeded) )
    {
    for(unsigned int i=0; i < (cbNeeded / sizeof(HMODULE) );i++)
    {
    TCHAR szModName[200];

    if(GetModuleBaseName(hProcess, hMods[i], szModName, sizeof(szModName) / sizeof(TCHAR)))
    {
    if(_tcscmp(lpsBaseName,szModName) == 0)
    {
    return (DWORD)hMods[i] + offset;
    }
    }
    }
    }
    }
    DWORD proc_id = FindProcessId(L"Game.exe");

    HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, proc_id);
    DWORD BaseAddr = getModuleBaseAddress(L"GameModule.dll", 0, hProcess);
    Last edited by remka; 2010-12-13 at 05:10 PM.

  6. #6
    gosicks
    gosicks is offline
    New member
    Join Date
    2010 Oct
    Posts
    31
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    this is for console??? how about in dll??
    i try this and got error....hahhahahha sori i'm very nob...tnx for answering
    i am use msvc++ 2008

    Code:
    #include <windows.h>
    #define BASE_PLAYER			0x4C7FC0
    #define OFS_RANK            0xAA5
     
    DWORD WINAPI Thread( LPVOID )
    {
        HWND hWnd;
     
        for( ;; )
        {
            DWORD a;
            GetWindowThreadProcessId( ( hWnd = GetActiveWindow() ), &a );
     
            if ( ( a != GetCurrentProcessId() ) )
            {
                hWnd = NULL;
                continue;
            }
        }
        return NULL;
    }
    DWORD getModuleBaseAddress(TCHAR * lpsBaseName, DWORD offset, HANDLE hProcess)
    {
      HMODULE hMods[1024];
      DWORD cbNeeded;
      if( EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbNeeded) )
      {
        for(unsigned int i=0; i < (cbNeeded / sizeof(HMODULE) );i++)
        {
          TCHAR szModName[200];
     
          if(GetModuleBaseName(hProcess, hMods[i], szModName, sizeof(szModName) / sizeof(TCHAR)))
          {
            if(_tcscmp(lpsBaseName,szModName) == 0)
            {
              return (DWORD)hMods[i] + offset;
            }
          }
        }
      }
    }
     DWORD proc_id = FindProcessId(L"Game.exe");
     
         HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, proc_id);
         DWORD BaseAddr = getModuleBaseAddress(L"GameModule.dll", 0, hProcess);
     
    BOOL WriteMemory( DWORD dwAddress, const void* cpvPatch, DWORD dwSize )
    {
    DWORD dwProtect;
    
    if( VirtualProtect( (void*)dwAddress, dwSize, PAGE_READWRITE, &dwProtect ) ) //Unprotect the memory
    memcpy( (void*)dwAddress, cpvPatch, dwSize ); //Write our patch
    else
    return false; //Failed to unprotect, so return false..
    
    return VirtualProtect( (void*)dwAddress, dwSize, dwProtect, new DWORD ); //Reprotect the memory
    }
    DWORD WINAPI HackGame(LPVOID param)
    {
    	while (1) {
    			if (GetAsyncKeyState(VK_F12)&1) {
    				DWORD BaseAddr = 0;
    				WriteMemory(GetCurrentProcess(), (LPCVOID) (dwBaseAddr + BASE_PLAYER), &dwBase, sizeof(dwBase), NULL);
    				MEMwrite((void *)(dwBaseAddr + OFS_RANK),(void*)(PBYTE)"\x32",1);
    				beep (500,100);
    				}
    				Sleep (10);
    			}
    			return (0);
    	
    	}
    
    BOOL WINAPI DllMain( HMODULE hModule, DWORD Reason, LPVOID lpvReserved )
    {
        if( Reason == DLL_PROCESS_ATTACH )
            CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)HackGame,              NULL, NULL, NULL);
          
        return TRUE;
    }

  7. #7
    codeprada
    codeprada is offline
    New member codeprada's Avatar
    Join Date
    2010 Dec
    Posts
    7
    Thanks Thanks Given 
    1
    Thanks Thanks Received 
    1
    Thanked in
    1 Post
    Rep Power
    0
    Quote Originally Posted by gosicks View Post
    this is for console??? how about in dll??
    i try this and got error....hahhahahha sori i'm very nob...tnx for answering
    i am use msvc++ 2008
    and the error was?
    You could never break my stride, you never slowed the momentum at any moment I'm bout to blow, you'll never take my pride

  8. #8
    gosicks
    gosicks is offline
    New member
    Join Date
    2010 Oct
    Posts
    31
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    Code:
    1>------ Build started: Project: test1, Configuration: Release Win32 ------
    1>Compiling...
    1>mainhack.cpp
    1>.\mainhack.cpp(26) : error C3861: 'EnumProcessModules': identifier not found
    1>.\mainhack.cpp(32) : error C3861: 'GetModuleBaseName': identifier not found
    1>.\mainhack.cpp(34) : error C3861: '_tcscmp': identifier not found
    1>.\mainhack.cpp(42) : error C3861: 'FindProcessId': identifier not found
    1>.\mainhack.cpp(45) : error C2664: 'getModuleBaseAddress' : cannot convert parameter 1 from 'const wchar_t [15]' to 'TCHAR *'
    1>        Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
    1>.\mainhack.cpp(63) : error C2065: 'dwBaseAddr' : undeclared identifier
    1>.\mainhack.cpp(63) : error C2065: 'dwBase' : undeclared identifier
    1>.\mainhack.cpp(63) : error C2065: 'dwBase' : undeclared identifier
    1>.\mainhack.cpp(63) : error C2070: ''unknown-type'': illegal sizeof operand
    1>.\mainhack.cpp(64) : error C2296: '+' : illegal, left operand has type 'DWORD (__cdecl *)(TCHAR *,DWORD,HANDLE)'
    1>.\mainhack.cpp(64) : error C3861: 'MEMwrite': identifier not found
    1>.\mainhack.cpp(65) : error C3861: 'beep': identifier not found
    1>Build log was saved at "file://e:\PROJECT\PROGRAMERCITY\test1\Release\BuildLog.htm"
    1>test1 - 12 error(s), 0 warning(s)
    ========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ==========
    my case in game is get modulbase like process id game.exe >>game.dll+base address + offset and add value

  9. #9
    remka
    remka is offline
    Member-in-training remka's Avatar
    Join Date
    2010 Oct
    Location
    Moscow
    Posts
    161
    Thanks Thanks Given 
    17
    Thanks Thanks Received 
    31
    Thanked in
    6 Posts
    Rep Power
    15
    gosicks,
    you even wrote the program at least once?
    1) \mainhack.cpp(26) : error C3861: 'EnumProcessModules': identifier not found
    go to google.ru -> 'EnumProcessModules' -> get FIRST link msdn and read Header Psapi.h
    2) 'dwBaseAddr' : undeclared identifier - ??????
    DWORD dwBaseAddr = 0;

    **** ****!!!!
    ****ing roll to the world??

    #include "stdafx.h"
    #include <Windows.h>
    #include <Psapi.h>
    #include <string>
    #include <Tlhelp32.h>

    DWORD WINAPI Thread( LPVOID )
    {
    HWND hWnd;

    for( ;; )
    {
    DWORD a;
    GetWindowThreadProcessId( ( hWnd = GetActiveWindow() ), &a );

    if ( ( a != GetCurrentProcessId() ) )
    {
    hWnd = NULL;
    continue;
    }
    Sleep(0);
    }
    return NULL;
    }
    DWORD getModuleBaseAddress(TCHAR * lpsBaseName, DWORD offset, HANDLE hProcess)
    {
    HMODULE hMods[1024];
    DWORD cbNeeded;
    if( EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbNeeded) )
    {
    for(unsigned int i=0; i < (cbNeeded / sizeof(HMODULE) );i++)
    {
    TCHAR szModName[200];

    if(GetModuleBaseName(hProcess, hMods[i], szModName, sizeof(szModName) / sizeof(TCHAR)))
    {
    if(_tcscmp(lpsBaseName,szModName) == 0)
    {
    return (DWORD)hMods[i] + offset;
    }
    }
    }
    }
    }


    BOOL WriteMemory( DWORD dwAddress, const void* cpvPatch, DWORD dwSize )
    {
    DWORD dwProtect;

    if( VirtualProtect( (void*)dwAddress, dwSize, PAGE_READWRITE, &dwProtect ) ) //Unprotect the memory
    memcpy( (void*)dwAddress, cpvPatch, dwSize ); //Write our patch
    else
    return false; //Failed to unprotect, so return false..

    return VirtualProtect( (void*)dwAddress, dwSize, dwProtect, new DWORD ); //Reprotect the memory
    }

    DWORD FindProcessId(const std::wstring& processName)
    {
    PROCESSENTRY32 processInfo;
    processInfo.dwSize = sizeof(processInfo);

    HANDLE processesSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
    if ( processesSnapshot == INVALID_HANDLE_VALUE )
    return 0;

    Process32First(processesSnapshot, &processInfo);
    if ( !processName.compare(processInfo.szExeFile) )
    {
    CloseHandle(processesSnapshot);
    return processInfo.th32ProcessID;
    }

    while ( Process32Next(processesSnapshot, &processInfo) )
    {
    if ( !processName.compare(processInfo.szExeFile) )
    {
    CloseHandle(processesSnapshot);
    return processInfo.th32ProcessID;
    }
    }

    CloseHandle(processesSnapshot);
    return 0;
    }
    DWORD dwBaseAddr = 0;
    DWORD WINAPI HackGame(LPVOID param)
    {
    while (1) {
    if (GetAsyncKeyState(VK_F12)&1) {
    DWORD BaseAddr = 0;
    WriteMemory((DWORD)GetCurrentProcess(), (LPCVOID) (dwBaseAddr + BASE_PLAYER));
    MEMwrite((void *)(dwBaseAddr + OFS_RANK),(void*)(PBYTE)"\x32",1);
    beep (500,100);
    }
    Sleep (10);
    }
    return (0);

    }

    int _tmain(int argc, _TCHAR* argv[])
    {
    DWORD proc_id = FindProcessId(L"Game.exe");
    HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, proc_id);
    dwBaseAddr = getModuleBaseAddress(L"GameModule.dll", 0, hProcess);
    return 0;
    }

    Code shit!!!!!!!!!!!!!!!!!!!!!!
    Please write to the PM only at the right issues.
    or if you know what 0x90)))
    P.s.
    it's NOT NOP

  10. #10
    gosicks
    gosicks is offline
    New member
    Join Date
    2010 Oct
    Posts
    31
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    yea...yea...
    i'm very2 nob.....Was I wrong to want to learn? i just want understand what meaning that's code
    ok i am gonna be leecher....

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •