buzz44 Posted July 6, 2005 Share Posted July 6, 2005 (edited) expandcollapse popup#include <windows.h> #include <iostream.h> int main() { DWORD pid; DWORD bytes; HANDLE _handle; DWORD off1=0x6FC11024; BYTE ofw1[9]={0x66,0x83,0xF9,0x2D,0x90,0x74,0x2F,0xEB,0xDB}; DWORD off2=0x6FC11008; BYTE ofw2[8]={0x66,0x89,0x0E,0xE9,0x9E,0x04,0,0}; DWORD off3=0x6FC1105A; BYTE ofw3[8]={0xE9,0xC5,0x09,0,0}; DWORD off4=0x6FC11A24; BYTE ofw4[12]={0x66,0xB9,0xFF,0,0x66,0x89,0x0E,0xE9,0x7E,0xFA,0xFF,0xFF}; DWORD off5=0x6FC114AB; BYTE ofw5[3]={0xEB,0x2B,0x90}; DWORD off6=0x6FC114D8; BYTE ofw6[5]={0xE9,0x47,0xFB,0xFF,0xFF}; HWND window=FindWindow("class",NULL); GetWindowThreadProcessId(window,&pid); _handle=OpenProcess(PROCESS_ALL_ACCESS, 0, pid); WriteProcessMemory(_handle,(void*)off1,(void*)&ofw1,9,&bytes); WriteProcessMemory(_handle,(void*)off2,(void*)&ofw2,8,&bytes); WriteProcessMemory(_handle,(void*)off3,(void*)&ofw3,8,&bytes); WriteProcessMemory(_handle,(void*)off4,(void*)&ofw4,12,&bytes); WriteProcessMemory(_handle,(void*)off5,(void*)&ofw5,3,&bytes); WriteProcessMemory(_handle,(void*)off6,(void*)&ofw6,5,&bytes); return 0; } I think it's C or C++? I really have no idea lol. But could someone please get me started or point me to the correct functions in AutoIt. Thanks. Edited July 6, 2005 by Burrup qq Link to comment Share on other sites More sharing options...
w0uter Posted July 6, 2005 Share Posted July 6, 2005 maby my memory functions will get your started a bit ? feel free to grab it from my sig. My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll Link to comment Share on other sites More sharing options...
buzz44 Posted July 6, 2005 Author Share Posted July 6, 2005 (edited) Thanks w0uter, I figured I would need to use some kind of memory function's such as your's . Would you happen to know what language it is? Edited July 6, 2005 by Burrup qq Link to comment Share on other sites More sharing options...
w0uter Posted July 6, 2005 Share Posted July 6, 2005 AFAIK its C++ but i dont know that far My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll Link to comment Share on other sites More sharing options...
MSLx Fanboy Posted July 6, 2005 Share Posted July 6, 2005 C uses stdio.h, C++ uses iostream.h I'm going to put 100 on C++ Writing AutoIt scripts since _DateAdd("d", -2, _NowCalcDate()) Link to comment Share on other sites More sharing options...
buzz44 Posted July 6, 2005 Author Share Posted July 6, 2005 Thanks, I still have no idea how to convert it to AutoIt though. qq Link to comment Share on other sites More sharing options...
w0uter Posted July 6, 2005 Share Posted July 6, 2005 (edited) what does it do ? if i like the awnser ill try to do it cuz im not running commands that might mess up windows. nor can i ever check if it was correct EDIT: got this far but i am scared to continue without me knowing what it will do. Dim $pid; Dim $bytes; Dim $_handle; Dim $off1 = 0x6FC11024; Dim $ofw1[9] = [0x66, 0x83, 0xF9, 0x2D, 0x90, 0x74, 0x2F, 0xEB, 0xDB]; Dim $off2 = 0x6FC11008; Dim $ofw2[8] = [0x66, 0x89, 0x0E, 0xE9, 0x9E, 0x04, 0, 0]; Dim $off3 = 0x6FC1105A; Dim $ofw3[8] = [0xE9, 0xC5, 0x09, 0, 0]; Dim $off4 = 0x6FC11A24; Dim $ofw4[12] = [0x66, 0xB9, 0xFF, 0, 0x66, 0x89, 0x0E, 0xE9, 0x7E, 0xFA, 0xFF, 0xFF]; Dim $off5 = 0x6FC114AB; Dim $ofw5[3] = [0xEB, 0x2B, 0x90]; Dim $off6 = 0x6FC114D8; Dim $ofw6[5] = [0xE9, 0x47, 0xFB, 0xFF, 0xFF]; Dim $v_Struct1 = DllStructCreate ('str') DllStructSetData($v_Struct1, 1, "class") Dim $window = DllCall('user32.dll', 'hwnd', 'FindWindow', 'ptr', DllStructGetPtr ($v_Struct1, 1), 'str', '') $window = $window[0] DllStructDelete ($v_Struct1) Dim $v_Struct2 = DllStructCreate ('dword') DllCall('user32.dll', 'int', 'GetWindowThreadProcessId', 'hwnd', $window, 'ptr', DllStructGetPtr ($v_Struct2, 1)) $pid = DllStructGetData ($v_Struct2, 1) DllStructDelete ($v_Struct2) $_handle = DllCall("kernel32.dll", 'int', 'OpenProcess', 'int', 0x20 + 0x8, 'int', 0, 'int', $pid) $_handle = $_handle[0] Edited July 6, 2005 by w0uter My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll Link to comment Share on other sites More sharing options...
buzz44 Posted July 6, 2005 Author Share Posted July 6, 2005 (edited) Thanks. Well I don't know the specific details about what it does but it change's the "-" character (hyphen/dash) to be interpreted as "ÿ" (Alt + 0255) for a certain window specified by it's class name. Edited July 7, 2005 by Burrup qq Link to comment Share on other sites More sharing options...
w0uter Posted July 13, 2005 Share Posted July 13, 2005 (edited) on writing i get: ERROR_INVALID_ADDRESS 487 Attempt to access invalid address. expandcollapse popupDim $pid; Dim $bytes; Dim $_handle; Dim $off1 = 0x6FC11024; Dim $ofw1[9] = [0x66, 0x83, 0xF9, 0x2D, 0x90, 0x74, 0x2F, 0xEB, 0xDB]; Dim $off2 = 0x6FC11008; Dim $ofw2[8] = [0x66, 0x89, 0x0E, 0xE9, 0x9E, 0x04, 0, 0]; Dim $off3 = 0x6FC1105A; Dim $ofw3[8] = [0xE9, 0xC5, 0x09, 0, 0]; Dim $off4 = 0x6FC11A24; Dim $ofw4[12] = [0x66, 0xB9, 0xFF, 0, 0x66, 0x89, 0x0E, 0xE9, 0x7E, 0xFA, 0xFF, 0xFF]; Dim $off5 = 0x6FC114AB; Dim $ofw5[3] = [0xEB, 0x2B, 0x90]; Dim $off6 = 0x6FC114D8; Dim $ofw6[5] = [0xE9, 0x47, 0xFB, 0xFF, 0xFF]; Dim $v_Struct1 = DllStructCreate ('str') DllStructSetData($v_Struct1, 1, "Notepad") Dim $window = DllCall('user32.dll', 'hwnd', 'FindWindow', 'ptr', DllStructGetPtr ($v_Struct1, 1), 'str', '') $window = $window[0] DllStructDelete ($v_Struct1) Dim $v_Struct2 = DllStructCreate ('dword') DllCall('user32.dll', 'int', 'GetWindowThreadProcessId', 'hwnd', $window, 'ptr', DllStructGetPtr ($v_Struct2, 1)) $pid = DllStructGetData ($v_Struct2, 1) $pid = 2664 DllStructDelete ($v_Struct2) $_handle = DllCall("kernel32.dll", 'int', 'OpenProcess', 'int', 0x20 + 0x8, 'int', 0, 'int', $pid) $_handle = $_handle[0] $v_callStruct = DllStructCreate('byte[9]') For $i = 0 to 8 DllStructSetData($v_callStruct, 1, $ofw1[$i], $i) Next DllCall('kernel32.dll', 'int', 'WriteProcessMemory', 'int', $_handle, 'int', $off1, 'ptr', DllStructGetPtr($v_callStruct, 1), 'int', 9, 'int', ''); $var = DllCall('kernel32.dll', 'int', 'GetLastError') ConsoleWrite($var[0] & @LF) #cs WriteProcessMemory (_handle, (void *) off2, (void *) & ofw2, 8, &bytes); WriteProcessMemory (_handle, (void *) off3, (void *) & ofw3, 8, &bytes); WriteProcessMemory (_handle, (void *) off4, (void *) & ofw4, 12, &bytes); WriteProcessMemory (_handle, (void *) off5, (void *) & ofw5, 3, &bytes); WriteProcessMemory (_handle, (void *) off6, (void *) & ofw6, 5, &bytes); Return 0; } its verry ugly; inefficent; getting the PID doesnt work. but could you test it with the app you want. (just look up the pid in taskmngr.exe and enter it at line 32) Edited July 13, 2005 by w0uter My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll Link to comment Share on other sites More sharing options...
buzz44 Posted July 13, 2005 Author Share Posted July 13, 2005 Thanks w0uter but still not working, I don't get any error's but nothing appear's to change. $Pid now work's and I use 0xFFF instead of 0x20 + 0x8 for the OpenProcess call, 0xFFF meaning PROCESS_ALL_ACCESS. I also finished/added the last WriteProcessMemory call's. Does it look correct? Thanks again. CODEDim $pid; Dim $bytes; Dim $_handle; Dim $off1 = 0x6FC11024; Dim $ofw1[9] = [0x66, 0x83, 0xF9, 0x2D, 0x90, 0x74, 0x2F, 0xEB, 0xDB]; Dim $off2 = 0x6FC11008; Dim $ofw2[8] = [0x66, 0x89, 0x0E, 0xE9, 0x9E, 0x04, 0, 0]; Dim $off3 = 0x6FC1105A; Dim $ofw3[8] = [0xE9, 0xC5, 0x09, 0, 0]; Dim $off4 = 0x6FC11A24; Dim $ofw4[12] = [0x66, 0xB9, 0xFF, 0, 0x66, 0x89, 0x0E, 0xE9, 0x7E, 0xFA, 0xFF, 0xFF]; Dim $off5 = 0x6FC114AB; Dim $ofw5[3] = [0xEB, 0x2B, 0x90]; Dim $off6 = 0x6FC114D8; Dim $ofw6[5] = [0xE9, 0x47, 0xFB, 0xFF, 0xFF]; Dim $v_Struct1 = DllStructCreate ('str') DllStructSetData($v_Struct1, 1, "class") Dim $window = DllCall('user32.dll', 'hwnd', 'FindWindow', 'ptr', DllStructGetPtr ($v_Struct1, 1), 'str', '') $window = $window[0] DllStructDelete ($v_Struct1) Dim $v_Struct2 = DllStructCreate ('dword') DllCall('user32.dll', 'int', 'GetWindowThreadProcessId', 'hwnd', $window, 'ptr', DllStructGetPtr ($v_Struct2, 1)) $pid = DllStructGetData ($v_Struct2, 1) DllStructDelete ($v_Struct2) $_handle = DllCall("kernel32.dll", 'int', 'OpenProcess', 'int', 0xFFF, 'int', 0, 'int', $pid) $_handle = $_handle[0] $v_callStruct1 = DllStructCreate('byte[9]') $v_callStruct2 = DllStructCreate('byte[8]') $v_callStruct3 = DllStructCreate('byte[8]') $v_callStruct4 = DllStructCreate('byte[12]') $v_callStruct5 = DllStructCreate('byte[3]') $v_callStruct6 = DllStructCreate('byte[5]') For $i = 0 to 8 DllStructSetData($v_callStruct1, 1, $ofw1[$i], $i) Next For $i = 0 to 7 DllStructSetData($v_callStruct2, 1, $ofw2[$i], $i) DllStructSetData($v_callStruct3, 1, $ofw3[$i], $i) Next For $i = 0 to 11 DllStructSetData($v_callStruct4, 1, $ofw4[$i], $i) Next For $i = 0 to 2 DllStructSetData($v_callStruct5, 1, $ofw5[$i], $i) Next For $i = 0 to 4 DllStructSetData($v_callStruct6, 1, $ofw6[$i], $i) Next DllCall('kernel32.dll', 'int', 'WriteProcessMemory', 'int', $_handle, 'int', $off1, 'ptr', DllStructGetPtr($v_callStruct1, 1), 'int', 9, 'int', ''); DllCall('kernel32.dll', 'int', 'WriteProcessMemory', 'int', $_handle, 'int', $off2, 'ptr', DllStructGetPtr($v_callStruct2, 1), 'int', 8, 'int', ''); DllCall('kernel32.dll', 'int', 'WriteProcessMemory', 'int', $_handle, 'int', $off3, 'ptr', DllStructGetPtr($v_callStruct3, 1), 'int', 8, 'int', ''); DllCall('kernel32.dll', 'int', 'WriteProcessMemory', 'int', $_handle, 'int', $off4, 'ptr', DllStructGetPtr($v_callStruct4, 1), 'int', 12, 'int', ''); DllCall('kernel32.dll', 'int', 'WriteProcessMemory', 'int', $_handle, 'int', $off5, 'ptr', DllStructGetPtr($v_callStruct5, 1), 'int', 3, 'int', ''); DllCall('kernel32.dll', 'int', 'WriteProcessMemory', 'int', $_handle, 'int', $off6, 'ptr', DllStructGetPtr($v_callStruct6, 1), 'int', 5, 'int', ''); qq Link to comment Share on other sites More sharing options...
w0uter Posted July 13, 2005 Share Posted July 13, 2005 process_all_access aint needed btw IIRC its 0x1f0fff but like i sayd its inifficent. ill try to fix it up a bit. at first glance it looks nice. My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now