#define WIN32_LEAN_AND_MEAN
#include <Windows.h>
#include <tlhelp32.h>
#include <wchar.h>
#include <cstdarg>
#include <cstdio>
#define EXPORT extern "C" __declspec(dllexport)
//STRUCTS
struct sCreateDialog
{
int style;
char titel[65];
char text[1000];
char button1[65];
char button2[65];
};
//GLOBALS
HANDLE g_hMod = NULL;
HANDLE g_hGTA = NULL;
DWORD g_dwGTAPID = 0;
//EXPORTS
EXPORT BOOL CreateDialog(int,char*,char*,char*,char*); //style,titel,text,button1,button2
EXPORT void CreateDialogEx(LPVOID);
//INTERNE FUNKTIONEN
BOOL ReadProcessMemoryPointer(HANDLE, LPCVOID, LPVOID,SIZE_T,SIZE_T *, int, ...);
BOOL WriteProcessMemoryPointer(HANDLE, LPVOID, LPCVOID,SIZE_T,SIZE_T *, int, ...);
HANDLE getProcHandle();
BOOL checkInjected();
BOOL Inject();
HANDLE getSampBase();
DWORD getPID();
//FUNKTIONEN
EXPORT BOOL CreateDialog(int style, char* titel, char* text, char* button1, char* button2)
{
if(!titel || !text || !button1 || !button2)
return FALSE;
if(style<0 || style>3 || strlen(titel)>64 || strlen(text)>999 || strlen(button1)>64 || strlen(button2)>64)
return FALSE;
sCreateDialog s;
s.style = style;
strcpy_s(s.titel,titel);
strcpy_s(s.text,text);
strcpy_s(s.button1,button1);
strcpy_s(s.button2,button2);
if(!checkInjected())
return FALSE;
HANDLE hProc = getProcHandle();
if(!hProc)
return FALSE;
LPVOID lpAddr = VirtualAllocEx(hProc, 0, sizeof(sCreateDialog), MEM_COMMIT|MEM_RESERVE, PAGE_EXECUTE_READWRITE);
if(!lpAddr)
{
return FALSE;
}
BOOL bSuccess = WriteProcessMemory(hProc, lpAddr, (LPVOID)&s, sizeof(sCreateDialog), 0);
if(!bSuccess)
{
return FALSE;
}
HANDLE hThread = CreateRemoteThread(hProc, 0, 0, (LPTHREAD_START_ROUTINE)GetProcAddress((HMODULE)g_hMod,"CreateDialogEx"), lpAddr, 0, 0);
if(!hThread)
{
return FALSE;
}
WaitForSingleObject(hThread,INFINITE);
CloseHandle(hThread);
VirtualFreeEx(hProc,lpAddr,sizeof(sCreateDialog),MEM_RELEASE);
return TRUE;
}
EXPORT void CreateDialogEx(LPVOID msg)
{
MessageBox(0,L"CreateDialogEx",0,MB_OK);
if(!msg)
return;
sCreateDialog* sptr = (sCreateDialog*)msg;
int style = sptr->style;
char* titel = sptr->titel;
char* text = sptr->text;
char* button1 = sptr->button1;
char* button2 = sptr->button2;
DWORD addr = (DWORD)GetModuleHandle(L"samp.dll");
if(!addr)
return;
DWORD dialogptr = addr + 0x2129F8;
DWORD func = addr + 0x806F0;
__asm
{
mov eax, dword ptr[dialogptr]
mov ecx, dword ptr[eax]
push 0
push button2
push button1
push text
push titel
push style;
push 0
call func
}
}
//////////////////////////////////////////////////////////
BOOL ReadProcessMemoryPointer(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer,SIZE_T nSize,SIZE_T *lpNumberOfBytesRead, int nOffsets, ...)
{
if(nOffsets == 0)
return ReadProcessMemory(hProcess,lpBaseAddress,lpBuffer,nSize,lpNumberOfBytesRead);
va_list arguments;
DWORD ptr = (DWORD)lpBaseAddress;
va_start(arguments, nOffsets);
for(int i=0;i<nOffsets;i++)
{
if( !ReadProcessMemory(hProcess,(LPVOID)ptr,&ptr,4,0) )
{
va_end(arguments);
return FALSE;
}
ptr += va_arg(arguments,DWORD);
}
va_end(arguments);
return ReadProcessMemory(hProcess,(LPVOID)ptr,lpBuffer,nSize,lpNumberOfBytesRead);
}
BOOL WriteProcessMemoryPointer(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer,SIZE_T nSize,SIZE_T *lpNumberOfBytesWritten, int nOffsets, ...)
{
if(nOffsets == 0)
return WriteProcessMemory(hProcess,lpBaseAddress,lpBuffer,nSize,lpNumberOfBytesWritten);
va_list arguments;
DWORD ptr = (DWORD)lpBaseAddress;
va_start(arguments, nOffsets);
for(int i=0;i<nOffsets;i++)
{
if( !ReadProcessMemory(hProcess,(LPVOID)ptr,&ptr,4,0) )
{
va_end(arguments);
return FALSE;
}
ptr += va_arg(arguments,DWORD);
}
va_end(arguments);
return WriteProcessMemory(hProcess,(LPVOID)ptr,lpBuffer,nSize,lpNumberOfBytesWritten);
}
DWORD getPID()
{
DWORD pid;
HWND hwnd = FindWindow(0,L"GTA:SA:MP");
if(!hwnd)
return 0;
GetWindowThreadProcessId(hwnd,&pid);
if(!pid)
return 0;
return pid;
}
HANDLE getProcHandle()
{
DWORD pid = getPID();
if(!pid)
{
if(g_hGTA) //kein prozess handle aber offen
{
CloseHandle(g_hGTA);
g_hGTA = NULL;
return NULL;
}
return NULL;
}
if(pid != g_dwGTAPID) //neuer Prozess
{
if(g_hGTA) // Handle noch offen
{
CloseHandle(g_hGTA);
HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pid);
g_hGTA = hProc;
return hProc;
}
else //beim starten oder so
{
HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS,FALSE,pid);
g_hGTA = hProc;
return hProc;
}
}
return g_hGTA;
}
HANDLE getSampBase()
{
DWORD dwPID = getPID();
if(!dwPID)
return NULL;
HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 me32;
// Take a snapshot of all modules in the specified process.
hModuleSnap = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwPID );
if( hModuleSnap == INVALID_HANDLE_VALUE )
{
return( 0 );
}
// Set the size of the structure before using it.
me32.dwSize = sizeof( MODULEENTRY32 );
// Retrieve information about the first module,
// and exit if unsuccessful
if( !Module32First( hModuleSnap, &me32 ) )
{
CloseHandle( hModuleSnap ); // clean the snapshot object
return( 0 );
}
// Now walk the module list of the process,
// and display information about each module
do
{
if(wcsstr(me32.szModule,L"samp.dll"))
{
CloseHandle( hModuleSnap );
return me32.hModule;
}
} while( Module32Next( hModuleSnap, &me32 ) );
CloseHandle( hModuleSnap );
return( 0 );
}
BOOL checkInjected()
{
DWORD dwPID = getPID();
if(!dwPID)
return FALSE;
WCHAR DllPath[MAX_PATH];
GetModuleFileName((HMODULE)g_hMod,DllPath,MAX_PATH);
WCHAR DllName[100];
_wsplitpath_s(DllPath,0,0,0,0,DllName,100,0,0);
HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
MODULEENTRY32 me32;
// Take a snapshot of all modules in the specified process.
hModuleSnap = CreateToolhelp32Snapshot( TH32CS_SNAPMODULE, dwPID );
if( hModuleSnap == INVALID_HANDLE_VALUE )
{
return( FALSE );
}
// Set the size of the structure before using it.
me32.dwSize = sizeof( MODULEENTRY32 );
// Retrieve information about the first module,
// and exit if unsuccessful
if( !Module32First( hModuleSnap, &me32 ) )
{
CloseHandle( hModuleSnap ); // clean the snapshot object
return( FALSE );
}
// Now walk the module list of the process,
// and display information about each module
do
{
if(wcsstr(me32.szModule,DllName))
{
CloseHandle( hModuleSnap );
return TRUE;
}
} while( Module32Next( hModuleSnap, &me32 ) );
CloseHandle( hModuleSnap );
return( Inject() );
}
BOOL Inject()
{
WCHAR DllPath[MAX_PATH];
GetModuleFileName((HMODULE)g_hMod,DllPath,MAX_PATH);
DWORD dwSize = (wcslen(DllPath)+1)*2;
HANDLE hProc = getProcHandle();
if(!hProc)
return FALSE;
LPVOID lpAddr = VirtualAllocEx(hProc, 0, dwSize, MEM_COMMIT|MEM_RESERVE, PAGE_EXECUTE_READWRITE);
if(!lpAddr)
{
return FALSE;
}
BOOL bSuccess = WriteProcessMemory(hProc, lpAddr, DllPath, dwSize, 0);
if(!bSuccess)
{
return FALSE;
}
HANDLE hThread = CreateRemoteThread(hProc, 0, 0, (LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle(L"kernel32.dll"),"LoadLibraryW"), lpAddr, 0, 0);
if(!hThread)
{
return FALSE;
}
WaitForSingleObject(hThread,INFINITE);
CloseHandle(hThread);
VirtualFreeEx(hProc,lpAddr,dwSize,MEM_RELEASE);
return TRUE;
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved)
{
if(ul_reason_for_call==DLL_PROCESS_ATTACH)
{
g_hMod = hModule;
DisableThreadLibraryCalls((HMODULE)hModule);
}
return TRUE;
}
Deutsch