C# (CSharp) MwareHook DiasmHelper Exemples

Langage de programmation: C# (CSharp)

Espace de nommage/Pack: MwareHook

Class/Type: DiasmHelper

Exemples au hotexamples.com: 2

C# (CSharp) MwareHook DiasmHelper - 2 exemples trouvés. Ce sont les exemples réels les mieux notés de MwareHook.DiasmHelper extraits de projets open source. Vous pouvez noter les exemples pour nous aider à en améliorer la qualité.

Méthodes fréquemment utilisées

Afficher Cacher

Diassembly(2)

Méthodes fréquemment utilisées

Diassembly (2)

Associées

BroadphaseProxy

ApplicationPoolUtils

ComputerInfo

OpdsData

borrarRelaciones

btnet

ObjectUtility

MarkToDoItemAsCompleteModel

TimesheetForDay

FileTypeHelper

Related in langs

Reading (PHP)

MOXMAN_Util_NameValueCollection (PHP)

BUTTERFLY_8 (C++)

ni_GoToNode (C++)

GetBrandInterface (Go)

Node (Go)

WWXML (Java)

CIProperties (Java)

timeFun (Python)

json_response (Python)

Exemple #1

0

Afficher le fichier

public void Install() { if (Info == null) { var MainModule = Process.GetCurrentProcess().MainModule; foreach (var Module in Process.GetCurrentProcess().Modules.Cast <ProcessModule>()) { if (Module.ModuleName.ToLower().Trim() == "main.bin") { MainModule = Module;//SoftDenchi OEP } } var Exe = File.ReadAllBytes(Config.Default.GameExePath); fixed(void *pExe = &Exe[0]) { var SteamStub = new byte?[] { 0x2E, 0x62, 0x69, 0x6E, 0x64 }; for (int i = 0; i < Exe.Length; i++) { bool Protected = CheckPattern((byte *)pExe + i, SteamStub); if (Protected) { User.ShowMessageBox("This Game is protected with the Steam Stub DRM\nTo the Key Finder works you must crack it before.", "MwareKeyFinder - By Marcussacana", User.MBButtons.Ok, User.MBIcon.Error); break; } } } Info = ModuleInfo.GetCodeInfo(MainModule.BaseAddress.ToPointer()); if (!Scan(out Address)) { Log.Warning("Failed to find the KeyExpander Function, Trying WinMain Method..."); MInterceptor = new CreateMutexInterceptor(OnCreateMutexCalled); } else { Helper = new DiasmHelper(Address); var Instruction = Helper.Diassembly(); var KeyRegister = Instruction.MemoryBase.GetFullRegister32(); KInterceptor = new KeyInterceptor(Address, KeyRegister); KInterceptor.OnKeyIntercepted = OnKeyIntercepted; Log.Debug("Mware Key Interceptor Ready"); } } if (KInterceptor != null) { KInterceptor.Install(); } if (MInterceptor != null) { MInterceptor.Install(); } }

Exemple #2

0

Afficher le fichier

//Alternative (Less Stable) Key Find Method void OnCreateMutexCalled(uint Caller) { var pCaller = (void *)Caller; bool FromMainModule = Info.Value.AddressIsContained(pCaller); Log.Trace($"CreateMutex Called At: 0x{Caller:X8} ({(FromMainModule ? "Main Module" : "Secundary Module")})"); if (!FromMainModule) { return; } MInterceptor.Uninstall(); Helper = new DiasmHelper(pCaller); var List = new InstructionList(); bool InMissmatch = false; bool InEnd = false; int MovCount = 0; int Tries = 0; while (Tries <= 500) { Tries++; if (MovCount > 7) { InEnd = true; } var Instruction = Helper.Diassembly(); bool IsMov = Instruction.Code == Code.Mov_rm32_imm32; if (IsMov) { Log.Trace($"{Instruction} at ({Instruction.IP:X8})"); } if (IsMov) { MovCount++; } if (!IsMov) { if (InMissmatch) { MovCount = 0; InMissmatch = false; } else { InMissmatch = true; } } else { InMissmatch = false; } if (InEnd && !IsMov) { break; } if (!InEnd && IsMov) { List.Add(Instruction); } else if (!InEnd && !InMissmatch) { List.Clear(); } } if (Tries >= 500) { return; } byte[] KBuffer = new byte[0x20]; for (int i = 0; i < List.Count; i++) { BitConverter.GetBytes(List[i].Immediate32).CopyTo(KBuffer, i * 4); } OnKeyIntercepted(KBuffer); }