八达网

标题: . [打印本页]

---

作者: 朴善英    时间: 2007-12-22 13:45
标题: .

#include <windows.h>

int main()
{
    //Find wc3 windows
    HWND hwar3=::FindWindow(NULL,"Warcraft III");

    HANDLE hcurrent=GetCurrentProcess();
    HANDLE hToken;
    BOOL bret=OpenProcessToken(hcurrent,40,&hToken);
    LUID luid;
    bret=LookupPrivilegevalue(NULL,"SeDebugPrivilege",&luid);
    TOKEN_PRIVILEGES NewState,PreviousState;
    DWORD ReturnLength;
    NewState.PrivilegeCount =1;
    NewState.Privileges[0].Luid =luid;
    NewState.Privileges[0].Attributes=2;
    bret=AdjustTokenPrivileges(hToken,FALSE,&NewState,28,&PreviousState,&ReturnLength);

    DWORD PID, TID;
    TID = ::GetWindowThreadProcessId (hwar3, &PID);
    //Open wc3 process
    HANDLE hopen=OpenProcess( PROCESS_ALL_ACCESS|PROCESS_TERMINATE|PROCESS_VM_OPERATION|PROCESS_VM_READ|
                  PROCESS_VM_WRITE,FALSE,PID);


    //Write memory
    DWORD data=0x74;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F4069F0,&data,1,0);
    data=0x8B;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F406A0E,&data,1,0);
    data=0x09;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F406A0F,&data,1,0);
    data=0x90;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F406A10,&data,1,0);
    data=0x8B;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F406A13,&data,1,0);
    data=0x09;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F406A14,&data,1,0);
    data=0x90;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F406A15,&data,1,0);
    data=0x90;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F29FE20,&data,1,0);
    data=0x90;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F29FE21,&data,1,0);
    data=0x00;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F149198,&data,1,0);
    data=0x40;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F2A0803,&data,1,0);
    data=0x33;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F2A0804,&data,1,0);
    data=0xC0;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F2A0805,&data,1,0);
    data=0x42;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F2A0806,&data,1,0);
    data=0x33;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F2A0807,&data,1,0);
    data=0xD2;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F2A0808,&data,1,0);
    data=0xEB;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F14A0B4,&data,1,0);
    data=0xEB;
    bret=WriteProcessMemory(hopen,(LPVOID)0x6F2A0703,&data,1,0);

    //Close handle
    bret=CloseHandle(hopen);  
    return 0;
}

---

作者: YfFoReVEr    时间: 2007-12-22 13:46

---

作者: ministar    时间: 2007-12-22 13:47

---

欢迎光临 八达网 (https://www.8-da.com/)

Powered by Discuz! X2.5