static void SetValuesToMax(OJProcess process, Dictionary <string, Signature> signatures) { foreach (string key in signatures.Keys) { WriteInt(process.Handle, signatures[key].Address, signatures[key].MaxValue); } }
static void PrintCurrentValues(OJProcess process, Dictionary <string, Signature> signatures) { foreach (string key in signatures.Keys) { int value; ReadInt(process.Handle, signatures[key].Address, out value); Console.WriteLine(key + ": " + value.ToString()); } }
static bool SignatureScan(OJProcess process, Signature signature) { bool canFind = true; MEMORY_BASIC_INFORMATION info; int MEM_COMMIT = 0x1000; int MEM_MAPPED = 0x40000; int MEM_PRIVATE = 0x20000; int MEM_IMAGE = 0x1000000; for (long currentAddress = (long)process.Base; VirtualQueryEx(process.Handle, (IntPtr)currentAddress, out info, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION))) == 28; currentAddress += (long)info.RegionSize) { if (info.State == MEM_COMMIT && (info.Type == MEM_MAPPED || info.Type == MEM_PRIVATE || info.Type == MEM_IMAGE)) { int bytesRead = 0; byte[] dump = new byte[(int)info.RegionSize]; ReadProcessMemory(process.Handle, (IntPtr)currentAddress, dump, (int)info.RegionSize, out bytesRead); Array.Resize(ref dump, bytesRead); if (bytesRead > 0) { int currentOffset = 0; while (currentOffset < bytesRead - signature.Length) { canFind = true; for (int i = 0; i < signature.Length - 1; i++) { if (signature.Mask[i] == 'x' && dump[currentOffset + i] != signature.Bytes[i]) { canFind = false; break; } } if (canFind) { signature.PointerAddress = (IntPtr)currentAddress + currentOffset + signature.ByteOffset; int offset; if (ReadInt(process.Handle, signature.PointerAddress, out offset)) { signature.Address = (IntPtr)offset; return(true); } return(false); } currentOffset++; } } } } return(false); }
static void SetValuesToMax(OJProcess process, Dictionary <string, Signature> signatures, Dictionary <string, StaticOffset> staticoffsets, int processbase) { foreach (string key in signatures.Keys) { WriteInt(process.Handle, signatures[key].Address, signatures[key].MaxValue); } foreach (string key in staticoffsets.Keys) { WriteInt(process.Handle, (IntPtr)(staticoffsets[key].Offset + processbase), staticoffsets[key].MaxValue); } }
static void PrintCurrentValues(OJProcess process, Dictionary <string, Signature> signatures, Dictionary <string, StaticOffset> staticoffsets, int processbase) { foreach (string key in signatures.Keys) { int value; ReadInt(process.Handle, signatures[key].Address, out value); Console.WriteLine(key + ": " + value.ToString()); } foreach (string key in staticoffsets.Keys) { int value; ReadInt(process.Handle, (IntPtr)(staticoffsets[key].Offset + processbase), out value); Console.WriteLine(key + ": " + value.ToString()); } }
static void Main(string[] args) { Console.Title = "999% Orange Juice ~ Tsuneko"; if (!File.Exists("conf.ini")) { Error("conf.ini file does not exist!"); } OJProcess OrangeJuice = new OJProcess(); OrangeJuice.Name = ""; OrangeJuice.Version = "Unknown Version"; OrangeJuice.Date = ""; Dictionary <string, Signature> signatures = new Dictionary <string, Signature>(); string[] lines = File.ReadAllLines("conf.ini"); string currentSection = "process"; foreach (string l in lines) { string line = string.Join("", l.Split(default(string[]), StringSplitOptions.RemoveEmptyEntries)); // remove all whitespace if (line.Length > 2) { if (line[0] == ';') { continue; } if (line[0] == '[' && line[line.Length - 1] == ']') { currentSection = line.Substring(1, line.Length - 2); } else if (line.Contains('=') && line.IndexOf('=') > 0 && line.IndexOf('=') < line.Length - 1) { string key = line.Substring(0, line.IndexOf('=')); string value = line.Substring(line.IndexOf('=') + 1, line.Length - line.IndexOf('=') - 1); if (currentSection == "process") { switch (key) { case "name": OrangeJuice.Name = value; break; case "version": OrangeJuice.Version = value; break; case "date": OrangeJuice.Date = value; break; } } else if (currentSection == "signatures") { Signature signature; if (TokenizeSignature(value, out signature)) { signatures[key] = signature; } } } } } // Check process configuration values if (OrangeJuice.Name == "") { Error("conf.ini does not contain process name"); } Console.Title = "999% Orange Juice [" + OrangeJuice.Version + "] ~ Tsuneko " + OrangeJuice.Date; // Wait for process Console.WriteLine("Waiting for process: " + OrangeJuice.Name + ".exe"); Process[] processes = Process.GetProcessesByName(OrangeJuice.Name); while (processes.Length == 0) // process does not exist { Thread.Sleep(200); processes = Process.GetProcessesByName(OrangeJuice.Name); } Console.Clear(); // Get handle to process int PROCESS_QUERY_INFORMATION = 0x0400; int PROCESS_VM_OPERATION = 0x0008; int PROCESS_VM_READ = 0x0010; int PROCESS_VM_WRITE = 0x0020; OrangeJuice.Handle = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, false, processes[0].Id); OrangeJuice.Base = (IntPtr)processes[0].MainModule.BaseAddress.ToInt32(); Console.WriteLine("Signatures:"); foreach (string key in signatures.Keys) { if (SignatureScan(OrangeJuice, signatures[key])) { Console.WriteLine(key + " - [" + OrangeJuice.Name + ".exe]+" + ((long)signatures[key].Address - (long)OrangeJuice.Base).ToString("X")); } else { signatures.Remove(key); } } if (signatures.Keys.Count == 0) { Error("No valid signatures"); } Console.WriteLine(); PrintCurrentValues(OrangeJuice, signatures); Console.WriteLine("\nIf these values are correct, press [Enter] to steal many stars"); ConsoleKey k = Console.ReadKey().Key; while (k != ConsoleKey.Enter) { if (k == ConsoleKey.Escape) { Environment.Exit(0); } k = Console.ReadKey().Key; } Console.Clear(); Console.WriteLine("Freezing Values. Press Ctrl+C to quit.\n"); SetValuesToMax(OrangeJuice, signatures); PrintCurrentValues(OrangeJuice, signatures); while (Process.GetProcessesByName(OrangeJuice.Name).Length > 0) { SetValuesToMax(OrangeJuice, signatures); Thread.Sleep(1000); } Environment.Exit(0); }