Saturday, April 11, 2009

Offsets 

#include 
#include 
using namespace std;

void EnableDebugPriv()
{
   HANDLE hToken;
   LUID sedebugnameValue;
   TOKEN_PRIVILEGES tkp;

   if ( ! OpenProcessToken(GetCurrentProcess(),
       TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ) )
       return;
   if ( ! LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &sedebugnameValue ) ){
       CloseHandle( hToken );
       return;
   }
   tkp.PrivilegeCount = 1;
   tkp.Privileges[0].Luid = sedebugnameValue;
   tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
   if ( ! AdjustTokenPrivileges( hToken, FALSE, &tkp, sizeof tkp, NULL, NULL ) )
       CloseHandle( hToken );
}

void main()
{
   cout << "Offset Reader v1.0 by sd333221 loaded!" << endl << endl;

   EnableDebugPriv();
   DWORD buf = 0;
   DWORD pid = 0;
   bool bChange = false;
   HWND WarWindow = FindWindow(NULL, "Warcraft III");

   GetWindowThreadProcessId(WarWindow, &pid);

   HANDLE Process = OpenProcess(PROCESS_VM_READ, false, pid);

   BYTE * codeSec        = (BYTE*)LocalAlloc(0,0x070000);
   BYTE * gameSec        = (BYTE*)LocalAlloc(0,0x924000);
   BYTE * codeSecAfter = (BYTE*)LocalAlloc(0,0x070000);
   BYTE * gameSecAfter = (BYTE*)LocalAlloc(0,0x924000);

   ZeroMemory(codeSec,        0x070000);
   ZeroMemory(gameSec,        0x924000);
   ZeroMemory(codeSecAfter,0x070000);
   ZeroMemory(gameSecAfter,0x924000);

   ReadProcessMemory(Process,(LPCVOID)0x00400000,codeSec,0x055000,&buf);
   ReadProcessMemory(Process,(LPCVOID)0x6f000000,gameSec,0x85C000,&buf);

   cout << "Reading done!! Make your changes..." << endl;
   system("Pause");

   cout << "Looking for changes... " << endl;

   ReadProcessMemory(Process,(LPCVOID)0x00400000,codeSecAfter,0x055000,&buf);
   ReadProcessMemory(Process,(LPCVOID)0x6f000000,gameSecAfter,0x85C000,&buf);

   //Searching Changes
   for(int i = 0; i < 0x070000; ++i)
   {
       if(codeSec[i] != codeSecAfter[i])
       {
           unsigned int oldbyte = codeSec[i], newbyte = codeSecAfter[i];

           bChange = true;
           cout << "Change detected at: 0x" << hex << i + 0x00400000 << "! ( 0x" << hex << oldbyte << " is now 0x" << hex << newbyte << " )" << endl;
       }
   }

   for(int i = 0; i < 0x924000; ++i)
   {
       if(gameSec[i] != gameSecAfter[i])
       {
           unsigned int oldbyte = codeSec[i], newbyte = codeSecAfter[i];

           bChange = true;
           cout << "Change detected at: 0x" << hex << i + 0x6f000000 << "! ( 0x" << hex << oldbyte << " is now 0x" << hex << newbyte << " )" << endl;
       }
   }

   if(!bChange)
   {
       cout << "No changed detected!" << endl;
   }
   cout << endl << "Finished!" << endl;

   LocalFree(codeSec);
   LocalFree(gameSec);
   LocalFree(codeSecAfter);
   LocalFree(gameSecAfter);

   system("Pause");

}
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)