public void SetUpCodeCave() { CodeCaveHelper cv = new CodeCaveHelper(); //Let's get some space for our codecave origanGetNextPacket = memRead.GetCallFunction(Addresses.MyAddresses.GetnextPacket.Address); CodeCaveAdr = WinApi.VirtualAllocEx(TibiaHandle, IntPtr.Zero, 1024, WinApi.AllocationType.Commit | WinApi.AllocationType.Reserve, WinApi.MemoryProtection.ExecuteReadWrite); GotPacketAdr = WinApi.VirtualAllocEx(TibiaHandle, IntPtr.Zero, 1, WinApi.AllocationType.Commit | WinApi.AllocationType.Reserve, WinApi.MemoryProtection.ExecuteReadWrite); memRead.WriteByte(GotPacketAdr.ToInt32(), 0); cv.AddLine((byte)0xE8); cv.AddInt(((int)origanGetNextPacket - (CodeCaveAdr.ToInt32()) - 5)); // calls getnextPacket cv.AddLine((byte)0x8b, (byte)0xd8); // store eax cv.AddLine((byte)0xc7, (byte)0x05, (UInt32)GotPacketAdr.ToInt32(), (UInt32)0x00000001); //sets gotpacket to 1 cv.AddLine((byte)0x90); cv.AddLine((byte)0xA1, (UInt32)GotPacketAdr.ToInt32()); cv.AddLine((byte)0x83, (byte)0xF8, (byte)1); cv.AddLine((byte)0x74, (byte)0xF6); cv.AddLine((byte)0x8b, (byte)0xC3); cv.AddLine((byte)0xC3); System.Windows.Forms.Clipboard.SetText(CodeCaveAdr.ToString("X")); memRead.WriteBytes(CodeCaveAdr.ToInt32(), cv.Data, (uint)cv.Data.Length); Thread t = new Thread(new ThreadStart(ReadingPacket)); running = true; t.Start(); ReplaceCode(); }
private void ReplaceCode() { CodeCaveHelper cv = new CodeCaveHelper(); cv.AddLine((byte)0xE8); cv.AddInt(((int)(CodeCaveAdr.ToInt32() - Addresses.MyAddresses.GetnextPacket.Address) - 5)); memRead.WriteBytes(Addresses.MyAddresses.GetnextPacket.Address, cv.Data, (uint)cv.Data.Length); }
private void ReplaceCode() { CodeCaveHelper cv = new CodeCaveHelper(); OrigalBytes = memRead.ReadBytes(Addresses.MyAddresses.SendPacket.Address, 5); cv.AddLine((byte)0xE9); cv.AddInt(((int)(CodeCaveAdr.ToInt32() - Addresses.MyAddresses.SendPacket.Address - 5))); memRead.WriteBytes(Addresses.MyAddresses.SendPacket.Address, cv.Data, (uint)cv.Data.Length); Addresses.MyAddresses.SendPacket.Address = NewSendAddress.ToInt32(); }
public void CleanUp() { if (running == false) { return; } running = false; CodeCaveHelper cv = new CodeCaveHelper(); cv.AddLine((byte)0xE8); cv.AddInt(((int)(origanGetNextPacket - Addresses.MyAddresses.GetnextPacket.Address) - 5)); memRead.WriteBytes(Addresses.MyAddresses.GetnextPacket.Address, cv.Data, (uint)cv.Data.Length); memRead.WriteByte(GotPacketAdr.ToInt32(), 0); WinApi.VirtualFreeEx(TibiaHandle, CodeCaveAdr, 1024, WinApi.AllocationType.Release); WinApi.VirtualFreeEx(TibiaHandle, GotPacketAdr, 1, WinApi.AllocationType.Release); }
public void SetUpCodeCave() { CodeCaveHelper cv = new CodeCaveHelper(); //Let's get some space for our codecave CodeCaveAdr = WinApi.VirtualAllocEx(TibiaHandle, IntPtr.Zero, 1024, WinApi.AllocationType.Commit | WinApi.AllocationType.Reserve, WinApi.MemoryProtection.ExecuteReadWrite); GotPacketAdr = WinApi.VirtualAllocEx(TibiaHandle, IntPtr.Zero, 1, WinApi.AllocationType.Commit | WinApi.AllocationType.Reserve, WinApi.MemoryProtection.ExecuteReadWrite); Addresses.MyAddresses.IgnoreReadClientPacketAddress = GotPacketAdr.ToInt32(); OrigalBytes = memRead.ReadBytes(Addresses.MyAddresses.SendPacket.Address, 5); NewSendAddress = CodeCaveAdr + 0x19; memRead.WriteByte(GotPacketAdr.ToInt32(), 0); cv.AddLine((byte)0x8b, (byte)0xd8); // store eax cv.AddLine((byte)0xc7, (byte)0x05, (UInt32)GotPacketAdr.ToInt32(), (UInt32)0x00000001); //sets gotpacket to 1 cv.AddLine((byte)0x90); cv.AddLine((byte)0xA1, (UInt32)GotPacketAdr.ToInt32()); cv.AddLine((byte)0x83, (byte)0xF8, (byte)1); cv.AddLine((byte)0x74, (byte)0xF6); cv.AddLine((byte)0x8b, (byte)0xC3); cv.AddBytes(OrigalBytes);// reads the orginall 5 bytes before we jumb back cv.AddLine((byte)0xE8); cv.AddInt(((int)Addresses.MyAddresses.SendPacket.Address - (CodeCaveAdr.ToInt32())) - cv.Data.Length + 1); // calls getnextPacke cv.AddLine((byte)0xC3); memRead.WriteBytes(CodeCaveAdr.ToInt32(), cv.Data, (uint)cv.Data.Length); Thread t = new Thread(new ThreadStart(ReadingPacket)); running = true; t.Start(); ReplaceCode(); IsRunning = true; System.Windows.Forms.Clipboard.SetText(GotPacketAdr.ToString("X")); System.Windows.Forms.MessageBox.Show(GotPacketAdr.ToString("X")); }