-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmem.cpp
93 lines (72 loc) · 2.15 KB
/
mem.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
#include "pch.h"
#include "mem.h"
void mem::PatchEx(BYTE* dst, BYTE* src, unsigned int size, HANDLE hProcess)
{
DWORD oldproction;
VirtualProtectEx(hProcess, dst, size, PAGE_EXECUTE_READWRITE, &oldproction);
WriteProcessMemory(hProcess, dst, src, size, nullptr);
VirtualProtectEx(hProcess, dst, size, oldproction, &oldproction);
}
void mem::NopEx(BYTE* dst, unsigned int size, HANDLE hProcess)
{
BYTE* nopArray = new BYTE[size];
memset(nopArray, 0x90, size);
PatchEx(dst, nopArray, size, hProcess);
delete[] nopArray;
}
uintptr_t mem::FindDMAAdy(HANDLE hProc, uintptr_t ptr, std::vector<unsigned int>offsets)
{
uintptr_t addr = ptr;
for (unsigned int i = 0; i < offsets.size(); i++)
{
ReadProcessMemory(hProc, (BYTE*)addr, &addr, sizeof(addr), nullptr);
addr += offsets[i];
}
return addr;
}
void mem::Patch(BYTE* dst, BYTE* src, unsigned int size)
{
DWORD oldproction;
VirtualProtect(dst, size, PAGE_EXECUTE_READWRITE, &oldproction);
memcpy(dst, src, size);
VirtualProtect(dst, size, oldproction, &oldproction);
}
void mem::Nop(BYTE* dst, unsigned int size)
{
BYTE* nopArray = new BYTE[size];
memset(nopArray, 0x90, size);
Patch(dst, nopArray, size);
delete[] nopArray;
}
uintptr_t mem::FindDMAAdy(uintptr_t ptr, std::vector<unsigned int>offsets)
{
uintptr_t addr = ptr;
for (unsigned int i = 0; i < offsets.size(); i++)
{
addr = *(uintptr_t*)addr;
addr += offsets[i];
}
return addr;
}
bool mem::Detour32(BYTE* src, BYTE* dst, const uintptr_t len)
{
if (len < 5) return false;
DWORD curProction;
VirtualProtect(src, len, PAGE_EXECUTE_READWRITE, &curProction);
uintptr_t relativeAddress = dst - src - 5;
*src = 0xE9;
*(uintptr_t*)(src + 1) = relativeAddress;
VirtualProtect(src, len, curProction, &curProction);
return true;
}
BYTE* mem::TrampHook32(BYTE* src, BYTE* dst, const uintptr_t len)
{
if (len < 5) return 0;
BYTE* gateway = (BYTE*)VirtualAlloc(0, len, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
memcpy_s(gateway, len, src, len);
uintptr_t gatewayRelativeAddr = src - gateway - 5;
*(gateway + len) = 0xE9;
*(uintptr_t*)((uintptr_t)gateway + len + 1) = gatewayRelativeAddr;
Detour32(src, dst, len);
return gateway;
}