public override bool CheckAddress() { int adr = Address; WinApi.PROCESS_INFORMATION pi = new WinApi.PROCESS_INFORMATION(); WinApi.STARTUPINFO si = new WinApi.STARTUPINFO(); string path = Util.GlobalVars.FullPath; string arguments = ""; WinApi.CreateProcess(path, " " + arguments, IntPtr.Zero, IntPtr.Zero, false, WinApi.CREATE_SUSPENDED, IntPtr.Zero, System.IO.Path.GetDirectoryName(path), ref si, out pi); IntPtr handle = WinApi.OpenProcess(WinApi.PROCESS_ALL_ACCESS, 0, pi.dwProcessId); Process p = Process.GetProcessById(Convert.ToInt32(pi.dwProcessId)); MemoryReader Writer = new MemoryReader(p); Writer.WriteByte(adr, 0xEB);// write jmp short WinApi.ResumeThread(pi.hThread); p.WaitForInputIdle(); Writer.WriteByte(Address, 0x75);// write jnz short WinApi.CloseHandle(handle); WinApi.CloseHandle(pi.hProcess); WinApi.CloseHandle(pi.hThread); if (p.MainWindowTitle == "Tibia Error") { return(false); } return(true); }
public override bool CheckAddress() { int adr = Address; WinApi.PROCESS_INFORMATION pi = new WinApi.PROCESS_INFORMATION(); WinApi.STARTUPINFO si = new WinApi.STARTUPINFO(); string path = Util.GlobalVars.FullPath; string arguments = ""; WinApi.CreateProcess(path, " " + arguments, IntPtr.Zero, IntPtr.Zero, false, WinApi.CREATE_SUSPENDED, IntPtr.Zero, System.IO.Path.GetDirectoryName(path), ref si, out pi); IntPtr handle = WinApi.OpenProcess(WinApi.PROCESS_ALL_ACCESS, 0, pi.dwProcessId); Process p = Process.GetProcessById(Convert.ToInt32(pi.dwProcessId)); MemoryReader Writer = new MemoryReader(p); Writer.WriteByte(adr, 0xEB);// write jmp short WinApi.ResumeThread(pi.hThread); p.WaitForInputIdle(); Writer.WriteByte(Address, 0x75);// write jnz short WinApi.CloseHandle(handle); WinApi.CloseHandle(pi.hProcess); WinApi.CloseHandle(pi.hThread); if (p.MainWindowTitle == "Tibia Error") { return false; } return true; }
public static Client OpenMC(string path, string arguments) { var fileVersion = FileVersionInfo.GetVersionInfo(path).FileVersion; var version = ClientVersion.GetFromFileVersion(fileVersion); if (version == null) { throw new Exception("The version " + fileVersion + " is not supported."); } WinApi.PROCESS_INFORMATION pi = new WinApi.PROCESS_INFORMATION(); WinApi.STARTUPINFO si = new WinApi.STARTUPINFO(); if (arguments == null) { arguments = ""; } WinApi.CreateProcess(path, " " + arguments, IntPtr.Zero, IntPtr.Zero, false, WinApi.CREATE_SUSPENDED, IntPtr.Zero, Path.GetDirectoryName(path), ref si, out pi); Process p = Process.GetProcessById(Convert.ToInt32(pi.dwProcessId)); var client = new Client(p, version, Path.GetDirectoryName(path)); Memory.WriteByte(client.ProcessHandle, client.MemoryAddresses.ClientMultiClient, client.MemoryAddresses.ClientMultiClientJMP); WinApi.ResumeThread(pi.hThread); p.WaitForInputIdle(); Memory.WriteByte(client.ProcessHandle, client.MemoryAddresses.ClientMultiClient, client.MemoryAddresses.ClientMultiClientJNZ); WinApi.CloseHandle(pi.hProcess); WinApi.CloseHandle(pi.hThread); return(client); }
public static Client OpenMC(string path, string arguments) { var fileVersion = FileVersionInfo.GetVersionInfo(path).FileVersion; var version = ClientVersion.GetFromFileVersion(fileVersion); if (version == null) throw new Exception("The version " + fileVersion + " is not supported."); WinApi.PROCESS_INFORMATION pi = new WinApi.PROCESS_INFORMATION(); WinApi.STARTUPINFO si = new WinApi.STARTUPINFO(); if (arguments == null) arguments = ""; WinApi.CreateProcess(path, " " + arguments, IntPtr.Zero, IntPtr.Zero, false, WinApi.CREATE_SUSPENDED, IntPtr.Zero, Path.GetDirectoryName(path), ref si, out pi); Process p = Process.GetProcessById(Convert.ToInt32(pi.dwProcessId)); var client = new Client(p, version, Path.GetDirectoryName(path)); Memory.WriteByte(client.ProcessHandle, client.MemoryAddresses.ClientMultiClient, client.MemoryAddresses.ClientMultiClientJMP); WinApi.ResumeThread(pi.hThread); p.WaitForInputIdle(); Memory.WriteByte(client.ProcessHandle, client.MemoryAddresses.ClientMultiClient, client.MemoryAddresses.ClientMultiClientJNZ); WinApi.CloseHandle(pi.hProcess); WinApi.CloseHandle(pi.hThread); return client; }
/// <summary> /// Starts the main debug loop, optionally creating a process from the supplied file path. /// </summary> /// <param name="arguments">An optional set of arguments that dictate how an executable is debugged.</param> private void StartDebugLoop(object arguments = null) { string filePath; string parameters; if (arguments == null) { filePath = string.Empty; parameters = string.Empty; } else if (arguments is DebugLoopArguments) { DebugLoopArguments dla = (DebugLoopArguments)arguments; filePath = dla.FilePath; parameters = dla.Parameters; } else { filePath = string.Empty; parameters = string.Empty; } if (arguments == null) { if (!this.IsOpen) { return; } if (!WinApi.DebugActiveProcess((uint)this.PID)) { #if DEBUG this.Status.Log("Cannot debug. Error: " + Marshal.GetLastWin32Error(), Logger.Level.HIGH); #endif return; } else if (!WinApi.DebugSetProcessKillOnExit(false)) { #if DEBUG this.Status.Log("Cannot exit cleanly in the future.", Logger.Level.MEDIUM); #endif } else { this.allowedToDebug = true; this.threadMayExit = false; } WinApi.ThreadAccess thread_rights = WinApi.ThreadAccess.SET_CONTEXT | WinApi.ThreadAccess.GET_CONTEXT | WinApi.ThreadAccess.SUSPEND_RESUME; IntPtr threadHandle = WinApi.OpenThread(thread_rights, false, (uint)this.ThreadID); WinApi.CONTEXT cx = new WinApi.CONTEXT(); cx.ContextFlags = WinApi.CONTEXT_FLAGS.DEBUG_REGISTERS; WinApi.GetThreadContext(threadHandle, ref cx); cx.ContextFlags = WinApi.CONTEXT_FLAGS.DEBUG_REGISTERS; cx.Dr7 = (uint)(Debugger.DRegSettings.reg0w | Debugger.DRegSettings.reg0len4 | Debugger.DRegSettings.reg0set); bool stc = WinApi.SetThreadContext(threadHandle, ref cx); WinApi.CloseHandle(threadHandle); this.SetDebuggerArchitecture(); this.DebugLoop(); return; } else { if (!SysInteractor.IsInitialized) { SysInteractor.Init(); } bool res = false; string application = filePath; string commandLine = string.Empty; if (!string.IsNullOrEmpty(parameters)) { commandLine = '"' + filePath + "\" " + parameters; } WinApi.PROCESS_INFORMATION procInfo = new WinApi.PROCESS_INFORMATION(); WinApi.STARTUPINFO startupInfo = new WinApi.STARTUPINFO(); WinApi.SECURITY_ATTRIBUTES processSecurity = new WinApi.SECURITY_ATTRIBUTES(); WinApi.SECURITY_ATTRIBUTES threadSecurity = new WinApi.SECURITY_ATTRIBUTES(); processSecurity.nLength = Marshal.SizeOf(processSecurity); threadSecurity.nLength = Marshal.SizeOf(threadSecurity); // Open the process. res = WinApi.CreateProcess( application, commandLine, ref processSecurity, ref threadSecurity, false, (uint)WinApi.ProcessCreationFlags.DEBUG_PROCESS, IntPtr.Zero, null, ref startupInfo, out procInfo); if (!res) { return; } this.ProcHandle = procInfo.hProcess; if (this.ProcHandle != null) { try { this.Proc = System.Diagnostics.Process.GetProcessById(procInfo.dwProcessId); } catch (ArgumentException) { WinApi.CloseHandle(this.ProcHandle); return; } if (!WinApi.DebugSetProcessKillOnExit(false)) { #if DEBUG this.Status.Log("Cannot exit cleanly in the future.", Logger.Level.MEDIUM); #endif } else { this.allowedToDebug = true; this.threadMayExit = false; } this.SetDebuggerArchitecture(); this.DebugLoop(); return; } this.Status.Log("Unable to open the target process.", Logger.Level.HIGH); } }