#define _CRT_SECURE_NO_WARNINGS
#include <windows.h>
#include <tlhelp32.h>
// definisikan variable dengan 'window title', 'window classname' dan modul
char *pProcessWindowTitle = "Point Blank";
char *pProcessWindowClass = "I3VIEWER";
char *pProcessModuleName = "PointBlank.i3Exec";
// etc...
UINT_PTR uipUserRankValue = 53; // pangkat
UINT_PTR uipUserPointsValue = 1000000; // point
UINT_PTR uiptrFinalName1,uiptrFinalName2,uiptrFinalName3,ui ptrFinalName4,uiptrFinalName5,uiptrFinalRank,uiptr FinalPoints;
bool isInitMmhMemory = true;
DWORD dwProcessID;
UINT_PTR uipMmhBaseAddress;
HANDLE hProcess;
DWORD GetModuleBase(LPSTR lpModuleName, DWORD dwProcessId)
{
MODULEENTRY32 lpModuleEntry = {0};
HANDLE hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);
if(!hSnapShot)
return NULL;
lpModuleEntry.dwSize = sizeof(lpModuleEntry);
BOOL bModule = Module32First( hSnapShot, &lpModuleEntry );
while(bModule)
{
if(!strcmp( lpModuleEntry.szModule, lpModuleName ) )
{
CloseHandle(hSnapShot);
return (DWORD)lpModuleEntry.modBaseAddr;
}
bModule = Module32Next( hSnapShot, &lpModuleEntry );
}
CloseHandle( hSnapShot );
return NULL;
}
// DeRef() = credit L. Spiro (MHS)
UINT_PTR DeRef( UINT_PTR _uiptrPointer ) {
UINT_PTR uiptrRet;
if (!::ReadProcessMemory(hProcess, reinterpret_cast<LPVOID>(_uiptrPointer), &uiptrRet, sizeof(uiptrRet), NULL)) { return 0UL; }
return uiptrRet;
}
// inisialisasi proses
void InitApplicationProcess()
{
bool isFindWindow = true;
HWND hWnd = NULL;
while(isFindWindow)
{
if((hWnd = FindWindowA(pProcessWindowClass, pProcessWindowTitle)) != NULL) // jika window ditemukan
{
isFindWindow = true;
}
Sleep(100);
}
GetWindowThreadProcessId(hWnd, &dwProcessID);
hProcess = OpenProcess(PROCESS_VM_OPERATION|PROCESS_VM_READ|P ROCESS_VM_WRITE|PROCESS_QUERY_INFORMATION, FALSE, dwProcessID);
}
void MajorMissionHack()
{
if(isInitMmhMemory)
{
uipMmhBaseAddress = (DWORD)GetModuleHandle(pProcessModuleName);
// misal: pointer yang didapat = PointBlank.i3Exec+00471234 dengan offset 0xA12, tuliskan seperti di bawah!
uiptrFinalRank = DeRef(uipMmhBaseAddress + 0x491E7C) + 0xA9D; // User rank
uiptrFinalPoints = DeRef(uipMmhBaseAddress + 0x491E7C) + 0xAA1; // User points
// uiptrFinalSg = DeRef (uipMmhBaseAddress + 0x491E7C) + 0x7163;
isInitMmhMemory = true;
}
// WriteProcessMemory pada pointer 'rank',
::WriteProcessMemory(hProcess, reinterpret_cast<LPVOID>(uiptrFinalRank), &uipUserRankValue, sizeof(uipUserRankValue), NULL);
// WriteProcessMemory pada pointer 'points',
::WriteProcessMemory(hProcess, reinterpret_cast<LPVOID>(uiptrFinalPoints), &uipUserPointsValue, sizeof(uipUserPointsValue), NULL);
//::WriteProcessMemory(hProcess, reinterpret_cast<LPVOID>(uiptrFinalSg), &uipUserSgValue, sizeof(uipUserSgValue), NULL);
}
void LovelyLoopy()
{
InitApplicationProcess();
while(1) // loop selamanya
{
if(GetAsyncKeyState(VK_F12)&1)
{
MajorMissionHack();
MessageBeep(1);
Sleep(100);
}
Sleep(1);
}
}
BOOL WINAPI DllMain(HMODULE hDll, DWORD dwReason, LPVOID lpReserved)
{
DisableThreadLibraryCalls(hDll);
if(dwReason == DLL_PROCESS_ATTACH)
{
MessageBox(0, "Gunakan Dengan Bijak", "KiraF4", MB_OK + MB_ICONASTERISK);
CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)LovelyLoopy, NULL, NULL, NULL);
ShellExecute(NULL, "open", "http://indocheater.us",NULL,NULL,SW_SHOWNORMAL);
}
else if(dwReason == DLL_PROCESS_DETACH)
{
CloseHandle(hProcess);
Minggu, 02 Januari 2011
[TUTOR] CARA BUAT .DLL
0 komentar:
Posting Komentar