Esempio n. 1
0
        public static void Start()
        {
            while (true)
            {
                Thread.Sleep(1);

                if (!Properties.Settings.Default.bhop)
                {
                    continue;
                }
                if (!LocalPlayer.InGame)
                {
                    continue;
                }
                if (LocalPlayer.Health <= 0)
                {
                    continue;
                }
                if (LocalPlayer.Speed <= 0)
                {
                    continue;
                }

                Vector3 oldAngle = LocalPlayer.ViewAngle;

                while ((DllImport.GetAsyncKeyState(0x20) & 0x8000) != 0)
                {
                    Thread.Sleep(1);

                    if (Properties.Settings.Default.autostrafe)
                    {
                        strafe = true;
                        Vector3 cuurentAngle = LocalPlayer.ViewAngle;
                        if (cuurentAngle.y > oldAngle.y)
                        {
                            LocalPlayer.MoveLeft();
                        }
                        else if (cuurentAngle.y < oldAngle.y)
                        {
                            LocalPlayer.MoveRight();
                        }
                    }

                    if (LocalPlayer.Flags == 257 || LocalPlayer.Flags == 263)
                    {
                        if (rnd.Next(100) < Properties.Settings.Default.bhopChoke)
                        {
                            Thread.Sleep(20);
                        }
                        LocalPlayer.Jump();
                    }
                    oldAngle = LocalPlayer.ViewAngle;
                }
                if (strafe)
                {
                    LocalPlayer.MoveClearY();
                    strafe = false;
                }
            }
        }
Esempio n. 2
0
        public static void Start()
        {
            while (Properties.Settings.Default.aimbot)
            {
                Thread.Sleep(1);

                if (!LocalPlayer.InGame)
                {
                    continue;
                }
                if (LocalPlayer.Health <= 0)
                {
                    continue;
                }
                if (LocalPlayer.Dormant)
                {
                    continue;
                }
                if (!((DllImport.GetAsyncKeyState(0x01) & 0x8000) != 0))
                {
                    continue;
                }

                Entity target = BestFOV(Properties.Settings.Default.fov, Properties.Settings.Default.boneid);

                if (target.Index == -1)
                {
                    continue;
                }

                LocalPlayer.ViewAngle = NormalizedAngle(Smooth(LocalPlayer.ViewAngle, RSC(CalcAngle(LocalPlayer.ViewPosition, target.BonePosition(Properties.Settings.Default.boneid)))));
            }
        }
Esempio n. 3
0
        public IntPtr DXScreen()
        {
            var MEmus = DllImport.GetAllChildrenWindowHandles(IntPtr.Zero, "Qt5QWindowIcon", null, 10);

            if (MEmus != null && MEmus.Count > 0)
            {
                foreach (var memu in MEmus)
                {
                    IntPtr MEmu = memu;
                    if (DllImport.GetAllChildrenWindowHandles(MEmu, "Qt5QWindowIcon", null, 5).Count < 1)
                    {
                        MEmu = DllImport.GetParent(MEmu);
                    }
                    var MainWindowWindow = DllImport.FindWindowEx(MEmu, IntPtr.Zero, null, "MainWindowWindow");
                    if (MainWindowWindow != null && MainWindowWindow != IntPtr.Zero)
                    {
                        var CenterWidgetWindow = DllImport.FindWindowEx(MainWindowWindow, IntPtr.Zero, null, "CenterWidgetWindow");
                        if (CenterWidgetWindow != null && CenterWidgetWindow != IntPtr.Zero)
                        {
                            var RenderWindowWindow = DllImport.FindWindowEx(CenterWidgetWindow, IntPtr.Zero, null, "RenderWindowWindow");
                            if (RenderWindowWindow != null && RenderWindowWindow != IntPtr.Zero)
                            {
                                var sub = DllImport.FindWindowEx(RenderWindowWindow, IntPtr.Zero, null, "sub");
                                if (sub != null && sub != IntPtr.Zero)
                                {
                                    return(sub);
                                }
                            }
                        }
                    }
                }
            }

            return(IntPtr.Zero);
        }
    [PlatformSpecific(TestPlatforms.Windows)] // ThreadPoolBoundHandle.BindHandle is not supported on Unix
    public unsafe void SingleOperationOverSingleHandle()
    {
        const int DATA_SIZE = 2;

        SafeHandle            handle      = HandleFactory.CreateAsyncFileHandleForWrite(Path.Combine(TestDirectory, @"SingleOverlappedOverSingleHandle.tmp"));
        ThreadPoolBoundHandle boundHandle = ThreadPoolBoundHandle.BindHandle(handle);

        OverlappedContext result = new OverlappedContext();

        byte[] data = new byte[DATA_SIZE];
        data[0] = (byte)'A';
        data[1] = (byte)'B';

        NativeOverlapped *overlapped = boundHandle.AllocateNativeOverlapped(OnOverlappedOperationCompleted, result, data);

        fixed(byte *p = data)
        {
            int retval = DllImport.WriteFile(boundHandle.Handle, p, DATA_SIZE, IntPtr.Zero, overlapped);

            if (retval == 0)
            {
                Assert.Equal(DllImport.ERROR_IO_PENDING, Marshal.GetLastWin32Error());
            }

            // Wait for overlapped operation to complete
            result.Event.WaitOne();
        }

        boundHandle.FreeNativeOverlapped(overlapped);
        boundHandle.Dispose();
        handle.Dispose();

        Assert.Equal(0, result.ErrorCode);
        Assert.Equal(DATA_SIZE, result.BytesWritten);
    }
Esempio n. 5
0
        public static void Start()
        {
            while (true)
            {
                Thread.Sleep(50);

                if (!Properties.Settings.Default.doorspammer)
                {
                    continue;
                }
                if (!LocalPlayer.InGame)
                {
                    continue;
                }
                if (LocalPlayer.Health <= 0)
                {
                    continue;
                }

                while ((DllImport.GetAsyncKeyState(Properties.Hotkey.Default.doorspammerKey) & 0x8000) != 0)
                {
                    LocalPlayer.Use = 5;
                    Thread.Sleep(13);
                    LocalPlayer.Use = 4;
                    Thread.Sleep(13);
                }
            }
        }
Esempio n. 6
0
        public static void Start()
        {
            while (true)
            {
                Thread.Sleep(50);

                if (!Properties.Settings.Default.doorspammer)
                {
                    continue;
                }
                if (!LocalPlayer.InGame)
                {
                    continue;
                }
                if (LocalPlayer.Health <= 0)
                {
                    continue;
                }

                while ((DllImport.GetAsyncKeyState(Properties.Hotkey.Default.doorspammerKey) & 0x8000) != 0)
                {
                    ClientCMD.Exec("+use");  // I did not add this to LocalPlayer to avoid delay. But i dont try, maybe this will not happen lol
                    Thread.Sleep(15);
                    ClientCMD.Exec("-use");
                    Thread.Sleep(15);
                }
            }
        }
        public static void Start() //disabled
        {
            while (true)
            {
                Thread.Sleep(1);

                if (!Properties.Settings.Default.runboostbot)
                {
                    continue;
                }

                if (!LocalPlayer.InGame)
                {
                    continue;
                }

                if (LocalPlayer.Health <= 0)
                {
                    continue;
                }

                if (LocalPlayer.Dormant)
                {
                    continue;
                }

                Entity target = null;

                while ((DllImport.GetAsyncKeyState(Properties.Hotkey.Default.runboostbotKey) & 0x8000) != 0)
                {
                    Thread.Sleep(1);

                    if (target == null)
                    {
                        target = Aimbot.BestDistance();
                    }

                    boosting = true;

                    Vector3 position = target.Position;

                    if (target.Speed <= 0)
                    {
                        LocalPlayer.MoveClearX();
                    }
                    else
                    {
                        LocalPlayer.ViewAngleY = Aimbot.NormalizedAngle(Aimbot.CalcAngle(LocalPlayer.ViewPosition, position)).y;

                        LocalPlayer.MoveForward();
                    }
                }

                if (boosting)
                {
                    LocalPlayer.MoveClearX();
                    boosting = false;
                }
            }
        }
Esempio n. 8
0
    private static unsafe Win32Handle CreateHandle(bool async, string fileName)
    {
        Win32Handle handle;
#if !uap
        handle = DllImport.CreateFile(
            fileName,
            DllImport.FileAccess.GenericWrite,
            DllImport.FileShare.Write,
            IntPtr.Zero,
            DllImport.CreationDisposition.CreateAlways,
            async ? DllImport.FileAttributes.Overlapped : DllImport.FileAttributes.Normal,
            IntPtr.Zero);
#else
        var p = new DllImport.CREATEFILE2_EXTENDED_PARAMETERS();
        p.dwSize = (uint)sizeof(DllImport.CREATEFILE2_EXTENDED_PARAMETERS);
        p.dwFileAttributes = DllImport.FileAttributes.Normal;
        p.dwFileFlags = async ? DllImport.FileAttributes.Overlapped : DllImport.FileAttributes.Normal;
        p.dwSecurityQosFlags = (uint)0;
        p.lpSecurityAttributes = IntPtr.Zero;
        p.hTemplateFile = IntPtr.Zero;
        handle = DllImport.CreateFile2(
            fileName,
            DllImport.FileAccess.GenericWrite,
            DllImport.FileShare.Write,
            DllImport.CreationDisposition.CreateAlways,
            &p);
#endif

        if (!handle.IsInvalid)
        {
            return handle;
        }

        int errorCode = Marshal.GetLastWin32Error();
        string filePath = Path.GetFullPath(fileName);
        string message =
            $"CreateFile or CreateFile2 failed (error code {errorCode}): {new Win32Exception(errorCode).Message}{Environment.NewLine}" +
            $"    File name: {fileName}{Environment.NewLine}" +
            $"    File path: {filePath}{Environment.NewLine}";
        if (Directory.Exists(Path.GetDirectoryName(filePath)))
        {
            try
            {
                File.WriteAllText(filePath, string.Empty);
                message += "    Successfully wrote to the file.";
            }
            catch (Exception ex)
            {
                message += $"    Failed to write to the file: {ex}";
            }
        }
        else
        {
            message += $"    Directory does not exist.";
        }

        throw new IOException(message);
    }
Esempio n. 9
0
 private static IntPtr SetHook(LowLevelKeyboardProc proc)
 {
     using (Process curProcess = Process.GetCurrentProcess())
         using (ProcessModule curModule = curProcess.MainModule)
         {
             return(DllImport.SetWindowsHookEx((IntPtr)Consts.WH_KEYBOARD_LL, proc,
                                               DllImport.GetModuleHandle(curModule.ModuleName), 0));
         }
 }
Esempio n. 10
0
        private static IntPtr HookCallback(int nCode, IntPtr wParam, IntPtr lParam)
        {
            if (nCode >= 0 && wParam == (IntPtr)Consts.WM_KEYDOWN)
            {
                int Code = Marshal.ReadInt32(lParam);
            }

            return(DllImport.CallNextHookEx(hookId, nCode, wParam, lParam));
        }
    [PlatformSpecific(TestPlatforms.Windows)] // ThreadPoolBoundHandle.BindHandle is not supported on Unix
    public unsafe void MultipleOperationsOverSingleHandle()
    {
        const int DATA_SIZE = 2;

        SafeHandle            handle      = HandleFactory.CreateAsyncFileHandleForWrite(Path.Combine(TestDirectory, @"MultipleOperationsOverSingleHandle.tmp"));
        ThreadPoolBoundHandle boundHandle = ThreadPoolBoundHandle.BindHandle(handle);

        OverlappedContext result1 = new OverlappedContext();
        OverlappedContext result2 = new OverlappedContext();

        byte[] data1 = new byte[DATA_SIZE];
        data1[0] = (byte)'A';
        data1[1] = (byte)'B';


        byte[] data2 = new byte[DATA_SIZE];
        data2[0] = (byte)'C';
        data2[1] = (byte)'D';

        NativeOverlapped *overlapped1 = boundHandle.AllocateNativeOverlapped(OnOverlappedOperationCompleted, result1, data1);
        NativeOverlapped *overlapped2 = boundHandle.AllocateNativeOverlapped(OnOverlappedOperationCompleted, result2, data2);

        fixed(byte *p1 = data1, p2 = data2)
        {
            int retval = DllImport.WriteFile(boundHandle.Handle, p1, DATA_SIZE, IntPtr.Zero, overlapped1);

            if (retval == 0)
            {
                Assert.Equal(DllImport.ERROR_IO_PENDING, Marshal.GetLastWin32Error());
            }


            // Start the offset after the above write, so that it doesn't overwrite the previous write
            overlapped2->OffsetLow = DATA_SIZE;
            retval = DllImport.WriteFile(boundHandle.Handle, p2, DATA_SIZE, IntPtr.Zero, overlapped2);

            if (retval == 0)
            {
                Assert.Equal(DllImport.ERROR_IO_PENDING, Marshal.GetLastWin32Error());
            }

            // Wait for overlapped operations to complete
            WaitHandle.WaitAll(new WaitHandle[] { result1.Event, result2.Event });
        }

        boundHandle.FreeNativeOverlapped(overlapped1);
        boundHandle.FreeNativeOverlapped(overlapped2);
        boundHandle.Dispose();
        handle.Dispose();

        Assert.Equal(0, result1.ErrorCode);
        Assert.Equal(0, result2.ErrorCode);
        Assert.Equal(DATA_SIZE, result1.BytesWritten);
        Assert.Equal(DATA_SIZE, result2.BytesWritten);
    }
Esempio n. 12
0
        private void IS3MainWindow_Loaded(object sender, RoutedEventArgs e)
        {
            DllImport.LoadExtension();
            // DllImport.LoadTools();



            this.WindowState = WindowState.Maximized;
            //pageTransitionControl.ShowPage(new LoginPageForMon() { IS3MainWindow=this});
            //pageTransitionControl.ShowPage(new ProjectListPage() { IS3MainWindow = this });
        }
Esempio n. 13
0
 private static void CurrentDomain_UnhandledException(object sender, UnhandledExceptionEventArgs e)
 {
     if (Variables.Proc != null)
     {
         DllImport.SetParent(Variables.Proc.MainWindowHandle, IntPtr.Zero);
         DllImport.MoveWindow(Variables.Proc.MainWindowHandle, PrivateVariable.Instance.EmuDefaultLocation.X, PrivateVariable.Instance.EmuDefaultLocation.Y, 0, 0, true);
     }
     Debug_.WriteLine(e.ExceptionObject.ToString());
     File.WriteAllText("error.log", e.ExceptionObject.ToString());
     MessageBox.Show(e.ExceptionObject.ToString());
     Environment.Exit(0);
 }
Esempio n. 14
0
 private static void Application_ThreadException(object sender, System.Threading.ThreadExceptionEventArgs e)
 {
     if (Variables.Proc != null)
     {
         DllImport.SetParent(Variables.Proc.MainWindowHandle, IntPtr.Zero);
         DllImport.MoveWindow(Variables.Proc.MainWindowHandle, PrivateVariable.Instance.EmuDefaultLocation.X, PrivateVariable.Instance.EmuDefaultLocation.Y, 0, 0, true);
     }
     Debug_.WriteLine(e.Exception + " At: " + e.Exception.Source + " At: " + e.Exception.TargetSite);
     File.WriteAllText("error.log", e.Exception.ToString());
     MessageBox.Show(e.Exception.Message.ToString());
     Environment.Exit(0);
 }
Esempio n. 15
0
    [PlatformSpecific(TestPlatforms.Windows)] // ThreadPoolBoundHandle.BindHandle is not supported on Unix
    public unsafe void FlowsAsyncLocalsToCallback_PreAllocatedOverlapped(bool shouldFlow)
    {
        // Makes sure that we flow async locals to callback

        const int DATA_SIZE = 2;

        SafeHandle            handle      = HandleFactory.CreateAsyncFileHandleForWrite(Path.Combine(TestDirectory, @"AsyncLocal.tmp"));
        ThreadPoolBoundHandle boundHandle = ThreadPoolBoundHandle.BindHandle(handle);

        OverlappedContext context = new OverlappedContext();

        byte[] data = new byte[DATA_SIZE];

        AsyncLocal <int> asyncLocal = new AsyncLocal <int>();

        asyncLocal.Value = 10;

        int?result = null;
        IOCompletionCallback callback = (_, __, ___) => {
            result = asyncLocal.Value;
            OnOverlappedOperationCompleted(_, __, ___);
        };

        using (PreAllocatedOverlapped preAlloc = shouldFlow ?
                                                 new PreAllocatedOverlapped(callback, context, data) :
                                                 PreAllocatedOverlapped.UnsafeCreate(callback, context, data))
        {
            NativeOverlapped *overlapped = boundHandle.AllocateNativeOverlapped(preAlloc);

            fixed(byte *p = data)
            {
                int retval = DllImport.WriteFile(boundHandle.Handle, p, DATA_SIZE, IntPtr.Zero, overlapped);

                if (retval == 0)
                {
                    Assert.Equal(DllImport.ERROR_IO_PENDING, Marshal.GetLastPInvokeError());
                }

                // Wait for overlapped operation to complete
                context.Event.WaitOne();
            }

            boundHandle.FreeNativeOverlapped(overlapped);
        }

        boundHandle.Dispose();
        handle.Dispose();

        Assert.Equal(
            shouldFlow ? 10 : 0,
            result);
    }
Esempio n. 16
0
        public static void Start()
        {
            while (true)
            {
                Thread.Sleep(10);

                if (!Properties.Settings.Default.perfectnade)
                {
                    continue;
                }

                if (!LocalPlayer.InGame)
                {
                    continue;
                }

                if (LocalPlayer.Health <= 0)
                {
                    continue;
                }

                if (LocalPlayer.ViewAngle.x != -89)
                {
                    continue;
                }

                if (LocalPlayer.ActiveWeapon != 44)
                {
                    continue;
                }

                if (LocalPlayer.Speed > 3)
                {
                    continue;
                }

                if ((DllImport.GetAsyncKeyState(0x02) & 0x8000) != 0)
                {
                    Thread.Sleep(800);
                    if (!((DllImport.GetAsyncKeyState(0x02) & 0x8000) != 0))
                    {
                        continue;
                    }

                    ClientCMD.Exec("+attack");
                    Thread.Sleep(80);
                    ClientCMD.Exec("-attack2");
                    Thread.Sleep(1);
                    ClientCMD.Exec("-attack");
                }
            }
        }
Esempio n. 17
0
        public IntPtr DXScreen()
        {
            var ScreenBoardClassWindow = DllImport.FindWindowEx(Variables.Proc.Handle, IntPtr.Zero, "Qt5QWindowIcon", "ScreenBoardClassWindow");

            if (ScreenBoardClassWindow != null)
            {
                var sub = DllImport.FindWindowEx(ScreenBoardClassWindow, IntPtr.Zero, "subWin", "sub");
                if (sub != null)
                {
                    return(sub);
                }
            }
            return(IntPtr.Zero);
        }
Esempio n. 18
0
 public void ConnectEmulator()
 {
     string[] MEmu = { "MEmu", "逍遥模拟器" };
     foreach (var p in Process.GetProcessesByName("MEmu"))
     {
         Debug_.WriteLine(p.MainWindowTitle);
         if (MEmu.Contains(p.MainWindowTitle))
         {
             IntPtr handle = DllImport.FindWindowEx(p.MainWindowHandle, IntPtr.Zero, string.Empty, string.Empty);
             Variables.Proc = p;
             Variables.ScriptLog("Emulator ID: " + p.Id, Color.DarkGreen);
             break;
         }
     }
 }
Esempio n. 19
0
        public void ConnectEmulator()
        {
            IntPtr handle = DllImport.FindWindow("CHWindow", "iTools 安卓模拟器");

            if (handle != null)
            {
                foreach (Process p in Process.GetProcessesByName("iToolsAVM"))
                {
                    if (p.MainWindowHandle == handle)
                    {
                        Variables.Proc = p;
                        break;
                    }
                }
            }
        }
Esempio n. 20
0
    private static unsafe Win32Handle CreateHandle(bool async, string fileName)
    {
        Win32Handle handle = DllImport.CreateFile(
            fileName,
            DllImport.FileAccess.GenericWrite,
            DllImport.FileShare.Write,
            IntPtr.Zero,
            DllImport.CreationDisposition.CreateAlways,
            async ? DllImport.FileAttributes.Overlapped : DllImport.FileAttributes.Normal,
            IntPtr.Zero);

        if (!handle.IsInvalid)
        {
            return(handle);
        }

        int    errorCode = Marshal.GetLastWin32Error();
        string filePath  = Path.GetFullPath(fileName);
        string message   =
            $"CreateFile or CreateFile2 failed (error code {errorCode}): {new Win32Exception(errorCode).Message}{Environment.NewLine}" +
            $"    File name: {fileName}{Environment.NewLine}" +
            $"    File path: {filePath}{Environment.NewLine}";

        if (Directory.Exists(Path.GetDirectoryName(filePath)))
        {
            try
            {
                File.WriteAllText(filePath, string.Empty);
                message += "    Successfully wrote to the file.";
            }
            catch (Exception ex)
            {
                message += $"    Failed to write to the file: {ex}";
            }
        }
        else
        {
            message += $"    Directory does not exist.";
        }

        throw new IOException(message);
    }
Esempio n. 21
0
    private static unsafe Win32Handle CreateHandle(bool async, string fileName = null)
    {
#if !uap
        // Assume the current directory is writable
        return(DllImport.CreateFile(fileName ?? @"Overlapped.tmp", DllImport.FileAccess.GenericWrite, DllImport.FileShare.Write, IntPtr.Zero, DllImport.CreationDisposition.CreateAlways, async ? DllImport.FileAttributes.Overlapped : DllImport.FileAttributes.Normal, IntPtr.Zero));
#else
        var p = new DllImport.CREATEFILE2_EXTENDED_PARAMETERS();
        p.dwSize               = (uint)sizeof(DllImport.CREATEFILE2_EXTENDED_PARAMETERS);
        p.dwFileAttributes     = DllImport.FileAttributes.Normal;
        p.dwFileFlags          = async ? DllImport.FileAttributes.Overlapped : DllImport.FileAttributes.Normal;
        p.dwSecurityQosFlags   = (uint)0;
        p.lpSecurityAttributes = IntPtr.Zero;
        p.hTemplateFile        = IntPtr.Zero;
        return(DllImport.CreateFile2(
                   fileName ?? @"Overlapped.tmp",
                   DllImport.FileAccess.GenericWrite,
                   DllImport.FileShare.Write,
                   DllImport.CreationDisposition.CreateAlways,
                   &p));
#endif
    }
Esempio n. 22
0
        public static void SetWakeTimer(DateTime nextwake)
        {
            long duetime = nextwake.ToFileTime();

            using (SafeWaitHandle handle = CreateWaitableTimer(IntPtr.Zero, true, "VCBot"))
            {
                if (SetWaitableTimer(handle, ref duetime, 0, IntPtr.Zero, IntPtr.Zero, true))
                {
                    Sleep();
                    using (EventWaitHandle wh = new EventWaitHandle(false, EventResetMode.AutoReset))
                    {
                        wh.SafeWaitHandle = handle;
                        wh.WaitOne();
                    }
                }
                else
                {
                    throw new Win32Exception(Marshal.GetLastWin32Error());
                }
            }
            DllImport.mouse_event(DllImport.MOUSEEVENTF_MOVE, 0, 1, 0, 0);
        }
Esempio n. 23
0
        public static void Exec(string szCmd, bool highPriority = false)
        {
            if (Address == IntPtr.Zero)
            {
                Allocator Alloc = new Allocator();
                Address = Alloc.Alloc(Size);
                if (Address == IntPtr.Zero)
                {
                    return;
                }
            }
            if (szCmd.Length > 255)
            {
                szCmd = szCmd.Substring(0, 255);
            }

            var szCmd_bytes = Encoding.UTF8.GetBytes(szCmd + "\0");

            Memory.WriteProcessMemory(Memory.pHandle, Address, szCmd_bytes, szCmd_bytes.Length, 0);
            IntPtr Thread = DllImport.CreateRemoteThread(Memory.pHandle, (IntPtr)null, IntPtr.Zero, new IntPtr(Memory.Engine + CalcedOffsets.ClientCMD), Address, 0, (IntPtr)null);

            DllImport.CloseHandle(Thread);
            DllImport.WaitForSingleObject(Thread, 0xFFFFFFFF);
        }
Esempio n. 24
0
        /// <summary>
        /// Background processing of a single PE file.
        /// It can be lengthy since there are disk access (and misses).
        /// </summary>
        /// <param name="NewTreeContexts"> This variable is passed as reference to be updated since this function is run in a separate thread. </param>
        /// <param name="newPe"> Current PE file analyzed </param>
        private void ProcessPe(Dictionary <string, ImportContext> NewTreeContexts, PE newPe)
        {
            List <PeImportDll> PeImports = newPe.GetImports();

            Environment.SpecialFolder WindowsSystemFolder = (this.Pe.IsWow64Dll()) ?
                                                            Environment.SpecialFolder.SystemX86 :
                                                            Environment.SpecialFolder.System;
            string User32Filepath  = Path.Combine(Environment.GetFolderPath(WindowsSystemFolder), "user32.dll");
            string MsCoreeFilepath = Path.Combine(Environment.GetFolderPath(WindowsSystemFolder), "mscoree.dll");

            foreach (PeImportDll DllImport in PeImports)
            {
                ImportContext ImportModule = new ImportContext();
                ImportModule.PeFilePath       = null;
                ImportModule.PeProperties     = null;
                ImportModule.ModuleName       = DllImport.Name;
                ImportModule.ApiSetModuleName = null;
                ImportModule.Flags            = 0;
                if (DllImport.IsDelayLoad())
                {
                    ImportModule.Flags |= ModuleFlag.DelayLoad;
                }

                if (NewTreeContexts.ContainsKey(DllImport.Name))
                {
                    continue;
                }

                // Find Dll in "paths"
                Tuple <ModuleSearchStrategy, PE> ResolvedModule = BinaryCache.ResolveModule(this.Pe, DllImport.Name, this.SxsEntriesCache);
                ImportModule.ModuleLocation = ResolvedModule.Item1;
                if (ImportModule.ModuleLocation != ModuleSearchStrategy.NOT_FOUND)
                {
                    ImportModule.PeProperties = ResolvedModule.Item2;
                    ImportModule.PeFilePath   = ResolvedModule.Item2.Filepath;
                }

                // special case for apiset schema
                ImportModule.IsApiSet = (ImportModule.ModuleLocation == ModuleSearchStrategy.ApiSetSchema);
                if (ImportModule.IsApiSet)
                {
                    ImportModule.ApiSetModuleName = BinaryCache.LookupApiSetLibrary(DllImport.Name);
                }

                // add warning for appv isv applications
                if (String.Compare(DllImport.Name, "AppvIsvSubsystems32.dll", StringComparison.OrdinalIgnoreCase) == 0 ||
                    String.Compare(DllImport.Name, "AppvIsvSubsystems64.dll", StringComparison.OrdinalIgnoreCase) == 0)
                {
                    if (!this._DisplayWarning)
                    {
                        MessageBoxResult result = MessageBox.Show(
                            "This binary use the App-V containerization technology which fiddle with search directories and PATH env in ways Dependencies can't handle.\n\nFollowing results are probably not quite exact.",
                            "App-V ISV disclaimer"
                            );

                        this._DisplayWarning = true; // prevent the same warning window to popup several times
                    }
                }

                NewTreeContexts.Add(DllImport.Name, ImportModule);


                // AppInitDlls are triggered by user32.dll, so if the binary does not import user32.dll they are not loaded.
                if (ImportModule.PeFilePath == User32Filepath)
                {
                    string AppInitRegistryKey = (this.Pe.IsWow64Dll()) ?
                                                "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows NT\\CurrentVersion\\Windows" :
                                                "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows";

                    int    LoadAppInitDlls = (int)Registry.GetValue(AppInitRegistryKey, "LoadAppInit_DLLs", 0);
                    string AppInitDlls     = (string)Registry.GetValue(AppInitRegistryKey, "AppInit_DLLs", "");

                    if ((LoadAppInitDlls != 0) && (AppInitDlls != ""))
                    {
                        // Extremely crude parser. TODO : Add support for quotes wrapped paths with spaces
                        foreach (var AppInitDll in AppInitDlls.Split(' '))
                        {
                            Debug.WriteLine("AppInit loading " + AppInitDll);

                            // Do not process twice the same imported module
                            if (null != PeImports.Find(module => module.Name == AppInitDll))
                            {
                                continue;
                            }

                            if (NewTreeContexts.ContainsKey(AppInitDll))
                            {
                                continue;
                            }

                            ImportContext AppInitImportModule = new ImportContext();
                            AppInitImportModule.PeFilePath       = null;
                            AppInitImportModule.PeProperties     = null;
                            AppInitImportModule.ModuleName       = AppInitDll;
                            AppInitImportModule.ApiSetModuleName = null;
                            AppInitImportModule.Flags            = 0;
                            AppInitImportModule.ModuleLocation   = ModuleSearchStrategy.AppInitDLL;



                            Tuple <ModuleSearchStrategy, PE> ResolvedAppInitModule = BinaryCache.ResolveModule(this.Pe, AppInitDll, this.SxsEntriesCache);
                            if (ResolvedAppInitModule.Item1 != ModuleSearchStrategy.NOT_FOUND)
                            {
                                AppInitImportModule.PeProperties = ResolvedAppInitModule.Item2;
                                AppInitImportModule.PeFilePath   = ResolvedAppInitModule.Item2.Filepath;
                            }

                            NewTreeContexts.Add(AppInitDll, AppInitImportModule);
                        }
                    }
                }


                // if mscoree.dll is imported, it means the module is a C# assembly, and we can use Mono.Cecil to enumerate its references
                if (ImportModule.PeFilePath == MsCoreeFilepath)
                {
                    var resolver = new DefaultAssemblyResolver();
                    resolver.AddSearchDirectory(RootFolder);

                    AssemblyDefinition PeAssembly = AssemblyDefinition.ReadAssembly(newPe.Filepath);

                    foreach (var module in PeAssembly.Modules)
                    {
                        // Process CLR referenced assemblies
                        foreach (var assembly in module.AssemblyReferences)
                        {
                            AssemblyDefinition definition = resolver.Resolve(assembly);

                            foreach (var AssemblyModule in definition.Modules)
                            {
                                Debug.WriteLine("Referenced Assembling loading " + AssemblyModule.Name + " : " + AssemblyModule.FileName);

                                // Do not process twice the same imported module
                                if (null != PeImports.Find(mod => mod.Name == Path.GetFileName(AssemblyModule.FileName)))
                                {
                                    continue;
                                }

                                ImportContext AppInitImportModule = new ImportContext();
                                AppInitImportModule.PeFilePath       = null;
                                AppInitImportModule.PeProperties     = null;
                                AppInitImportModule.ModuleName       = Path.GetFileName(AssemblyModule.FileName);
                                AppInitImportModule.ApiSetModuleName = null;
                                AppInitImportModule.Flags            = ModuleFlag.ClrReference;
                                AppInitImportModule.ModuleLocation   = ModuleSearchStrategy.ClrAssembly;

                                Tuple <ModuleSearchStrategy, PE> ResolvedAppInitModule = BinaryCache.ResolveModule(this.Pe, AssemblyModule.FileName, this.SxsEntriesCache);
                                if (ResolvedAppInitModule.Item1 != ModuleSearchStrategy.NOT_FOUND)
                                {
                                    AppInitImportModule.PeProperties = ResolvedAppInitModule.Item2;
                                    AppInitImportModule.PeFilePath   = ResolvedAppInitModule.Item2.Filepath;
                                }

                                if (!NewTreeContexts.ContainsKey(AppInitImportModule.ModuleName))
                                {
                                    NewTreeContexts.Add(AppInitImportModule.ModuleName, AppInitImportModule);
                                }
                            }
                        }

                        // Process unmanaged dlls for native calls
                        foreach (var UnmanagedModule in module.ModuleReferences)
                        {
                            // some clr dll have a reference to an "empty" dll
                            if (UnmanagedModule.Name.Length == 0)
                            {
                                continue;
                            }

                            Debug.WriteLine("Referenced module loading " + UnmanagedModule.Name);

                            // Do not process twice the same imported module
                            if (null != PeImports.Find(m => m.Name == UnmanagedModule.Name))
                            {
                                continue;
                            }



                            ImportContext AppInitImportModule = new ImportContext();
                            AppInitImportModule.PeFilePath       = null;
                            AppInitImportModule.PeProperties     = null;
                            AppInitImportModule.ModuleName       = UnmanagedModule.Name;
                            AppInitImportModule.ApiSetModuleName = null;
                            AppInitImportModule.Flags            = ModuleFlag.ClrReference;
                            AppInitImportModule.ModuleLocation   = ModuleSearchStrategy.ClrAssembly;

                            Tuple <ModuleSearchStrategy, PE> ResolvedAppInitModule = BinaryCache.ResolveModule(this.Pe, UnmanagedModule.Name, this.SxsEntriesCache);
                            if (ResolvedAppInitModule.Item1 != ModuleSearchStrategy.NOT_FOUND)
                            {
                                AppInitImportModule.PeProperties = ResolvedAppInitModule.Item2;
                                AppInitImportModule.PeFilePath   = ResolvedAppInitModule.Item2.Filepath;
                            }

                            if (!NewTreeContexts.ContainsKey(AppInitImportModule.ModuleName))
                            {
                                NewTreeContexts.Add(AppInitImportModule.ModuleName, AppInitImportModule);
                            }
                        }
                    }
                }
            }
        }
        public void SetImports(List <PeImportDll> Imports, PhSymbolProvider SymPrv, DependencyWindow Dependencies)
        {
            this.Items.Clear();

            foreach (PeImportDll DllImport in Imports)
            {
                PE     ModuleImport   = Dependencies.LoadImport(DllImport.Name, null, DllImport.IsDelayLoad());
                string ModuleFilepath = (ModuleImport != null) ? ModuleImport.Filepath : null;

                foreach (var Import in BinaryCache.LookupImports(DllImport, ModuleFilepath))
                {
                    this.Items.Add(new DisplayPeImport(Import.Item1, SymPrv, ModuleFilepath, Import.Item2));
                }
            }
        }
Esempio n. 26
0
        public static void Start2()
        {
            while (true)
            {
                Thread.Sleep(1);

                if (!Properties.Settings.Default.blockbot)
                {
                    continue;
                }

                if (!LocalPlayer.InGame)
                {
                    continue;
                }

                if (LocalPlayer.Health <= 0)
                {
                    continue;
                }

                Entity target = null;

                bool blocked = false;

                while ((DllImport.GetAsyncKeyState(Properties.Hotkey.Default.blockbotKey) & 0x8000) != 0)
                {
                    if (target == null)
                    {
                        target = Aimbot.BestDistance();
                        Memory.Write <int>(Memory.Client + signatures.dwForceRight, 5);
                        Memory.Write <int>(Memory.Client + signatures.dwForceForward, 5);
                        blocked = true;
                    }

                    if ((LocalPlayer.Position - target.BonePosition(8)).Length < 43)
                    {
                        Vector3 targetOrigin = target.Position + target.Velocity * trajFactor;
                        targetOrigin.z = 0;

                        Vector3 localOrigin = LocalPlayer.Position;
                        localOrigin.z = 0;

                        float distance = (targetOrigin - localOrigin).Length;
                        distance *= distanceFactor;

                        if (distance > 10)
                        {
                            distance = 10;
                        }

                        float angle = LocalPlayer.ViewAngle.y - Aimbot.CalcAngle(LocalPlayer.Position, target.Position).y + 360.0f;

                        LocalPlayer.SideSpeed    = (float)Math.Sin(angle * 0.0174533) * 45 * distance;
                        LocalPlayer.ForwardSpeed = (float)Math.Cos(angle * 0.0174533) * 45 * distance;
                    }
                    else
                    {
                        if ((DllImport.GetAsyncKeyState(0x57) & 0x8000) != 0)
                        {
                            LocalPlayer.ForwardSpeed = 450;
                        }
                        else
                        {
                            LocalPlayer.ForwardSpeed = 0;
                        }
                        Vector3 angle = Aimbot.CalcAngle(LocalPlayer.ViewPosition, target.Position);
                        angle.y -= LocalPlayer.ViewAngle.y;
                        angle    = Aimbot.NormalizedAngle(angle);

                        float sidemove = -angle.y * 25;

                        LocalPlayer.SideSpeed = sidemove > 450 ? 450 : sidemove < -450 ? -450 : sidemove;
                    }
                }

                if (blocked)
                {
                    Memory.Write <int>(Memory.Client + signatures.dwForceRight, 6);
                    Memory.Write <int>(Memory.Client + signatures.dwForceForward, 6);
                    LocalPlayer.SideSpeed    = 450;
                    LocalPlayer.ForwardSpeed = 450;
                }
            }
        }
Esempio n. 27
0
 protected override bool ReleaseHandle()
 {
     return(DllImport.CloseHandle(handle));
 }
    [PlatformSpecific(TestPlatforms.Windows)] // ThreadPoolBoundHandle.BindHandle is not supported on Unix
    public unsafe void MultipleOperationsOverMultipleHandles()
    {
        const int DATA_SIZE = 2;

        SafeHandle            handle1      = HandleFactory.CreateAsyncFileHandleForWrite(Path.Combine(TestDirectory, @"MultipleOperationsOverMultipleHandle1.tmp"));
        SafeHandle            handle2      = HandleFactory.CreateAsyncFileHandleForWrite(Path.Combine(TestDirectory, @"MultipleOperationsOverMultipleHandle2.tmp"));
        ThreadPoolBoundHandle boundHandle1 = ThreadPoolBoundHandle.BindHandle(handle1);
        ThreadPoolBoundHandle boundHandle2 = ThreadPoolBoundHandle.BindHandle(handle2);

        OverlappedContext result1 = new OverlappedContext();
        OverlappedContext result2 = new OverlappedContext();

        byte[] data1 = new byte[DATA_SIZE];
        data1[0] = (byte)'A';
        data1[1] = (byte)'B';


        byte[] data2 = new byte[DATA_SIZE];
        data2[0] = (byte)'C';
        data2[1] = (byte)'D';

        PreAllocatedOverlapped preAlloc1 = new PreAllocatedOverlapped(OnOverlappedOperationCompleted, result1, data1);
        PreAllocatedOverlapped preAlloc2 = new PreAllocatedOverlapped(OnOverlappedOperationCompleted, result2, data2);

        for (int i = 0; i < 10; i++)
        {
            NativeOverlapped *overlapped1 = boundHandle1.AllocateNativeOverlapped(preAlloc1);
            NativeOverlapped *overlapped2 = boundHandle2.AllocateNativeOverlapped(preAlloc2);

            fixed(byte *p1 = data1, p2 = data2)
            {
                int retval = DllImport.WriteFile(boundHandle1.Handle, p1, DATA_SIZE, IntPtr.Zero, overlapped1);

                if (retval == 0)
                {
                    Assert.Equal(DllImport.ERROR_IO_PENDING, Marshal.GetLastWin32Error());
                }


                retval = DllImport.WriteFile(boundHandle2.Handle, p2, DATA_SIZE, IntPtr.Zero, overlapped2);

                if (retval == 0)
                {
                    Assert.Equal(DllImport.ERROR_IO_PENDING, Marshal.GetLastWin32Error());
                }

                // Wait for overlapped operations to complete
                WaitHandle.WaitAll(new WaitHandle[] { result1.Event, result2.Event });
            }

            boundHandle1.FreeNativeOverlapped(overlapped1);
            boundHandle2.FreeNativeOverlapped(overlapped2);

            result1.Event.Reset();
            result2.Event.Reset();

            Assert.Equal(0, result1.ErrorCode);
            Assert.Equal(0, result2.ErrorCode);
            Assert.Equal(DATA_SIZE, result1.BytesWritten);
            Assert.Equal(DATA_SIZE, result2.BytesWritten);
        }

        boundHandle1.Dispose();
        boundHandle2.Dispose();
        preAlloc1.Dispose();
        preAlloc2.Dispose();
        handle1.Dispose();
        handle2.Dispose();
    }
        /// <summary>
        /// Background processing of a single PE file.
        /// It can be lengthy since there are disk access (and misses).
        /// </summary>
        /// <param name="NewTreeContexts"> This variable is passed as reference to be updated since this function is run in a separate thread. </param>
        /// <param name="newPe"> Current PE file analyzed </param>
        private void ProcessPe(List <ImportContext> NewTreeContexts, PE newPe)
        {
            List <PeImportDll> PeImports = newPe.GetImports();

            Environment.SpecialFolder WindowsSystemFolder = (this.Pe.IsWow64Dll()) ?
                                                            Environment.SpecialFolder.SystemX86 :
                                                            Environment.SpecialFolder.System;
            string User32Filepath = Path.Combine(Environment.GetFolderPath(WindowsSystemFolder), "user32.dll");

            foreach (PeImportDll DllImport in PeImports)
            {
                ImportContext ImportModule = new ImportContext();
                ImportModule.PeFilePath        = null;
                ImportModule.PeProperties      = null;
                ImportModule.ModuleName        = DllImport.Name;
                ImportModule.ApiSetModuleName  = null;
                ImportModule.IsDelayLoadImport = DllImport.IsDelayLoad();


                // Find Dll in "paths"
                Tuple <ModuleSearchStrategy, PE> ResolvedModule = BinaryCache.ResolveModule(this.Pe, DllImport.Name, this.SxsEntriesCache);
                ImportModule.ModuleLocation = ResolvedModule.Item1;
                if (ImportModule.ModuleLocation != ModuleSearchStrategy.NOT_FOUND)
                {
                    ImportModule.PeProperties = ResolvedModule.Item2;
                    ImportModule.PeFilePath   = ResolvedModule.Item2.Filepath;
                }

                // special case for apiset schema
                ImportModule.IsApiSet = (ImportModule.ModuleLocation == ModuleSearchStrategy.ApiSetSchema);
                if (ImportModule.IsApiSet)
                {
                    ImportModule.ApiSetModuleName = BinaryCache.LookupApiSetLibrary(DllImport.Name);
                }

                // add warning for appv isv applications
                if (String.Compare(DllImport.Name, "AppvIsvSubsystems32.dll", StringComparison.OrdinalIgnoreCase) == 0 ||
                    String.Compare(DllImport.Name, "AppvIsvSubsystems64.dll", StringComparison.OrdinalIgnoreCase) == 0)
                {
                    if (!this._DisplayWarning)
                    {
                        MessageBoxResult result = MessageBox.Show(
                            "This binary use the App-V containerization technology which fiddle with search directories and PATH env in ways Dependencies can't handle.\n\nFollowing results are probably not quite exact.",
                            "App-V ISV disclaimer"
                            );

                        this._DisplayWarning = true; // prevent the same warning window to popup several times
                    }
                }

                NewTreeContexts.Add(ImportModule);


                // AppInitDlls are triggered by user32.dll, so if the binary does not import user32.dll they are not loaded.
                if (ImportModule.PeFilePath == User32Filepath)
                {
                    string AppInitRegistryKey = (this.Pe.IsWow64Dll()) ?
                                                "HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows NT\\CurrentVersion\\Windows" :
                                                "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows";

                    int    LoadAppInitDlls = (int)Registry.GetValue(AppInitRegistryKey, "LoadAppInit_DLLs", 0);
                    string AppInitDlls     = (string)Registry.GetValue(AppInitRegistryKey, "AppInit_DLLs", "");

                    if ((LoadAppInitDlls != 0) && (AppInitDlls != ""))
                    {
                        // Extremely crude parser. TODO : Add support for quotes wrapped paths with spaces
                        foreach (var AppInitDll in AppInitDlls.Split(' '))
                        {
                            Debug.WriteLine("AppInit loading " + AppInitDll);

                            ImportContext AppInitImportModule = new ImportContext();
                            AppInitImportModule.PeFilePath        = null;
                            AppInitImportModule.PeProperties      = null;
                            AppInitImportModule.ModuleName        = AppInitDll;
                            AppInitImportModule.ApiSetModuleName  = null;
                            AppInitImportModule.IsDelayLoadImport = false;
                            AppInitImportModule.ModuleLocation    = ModuleSearchStrategy.AppInitDLL;

                            Tuple <ModuleSearchStrategy, PE> ResolvedAppInitModule = BinaryCache.ResolveModule(this.Pe, AppInitDll, this.SxsEntriesCache);
                            if (ResolvedAppInitModule.Item1 != ModuleSearchStrategy.NOT_FOUND)
                            {
                                AppInitImportModule.PeProperties = ResolvedAppInitModule.Item2;
                                AppInitImportModule.PeFilePath   = ResolvedAppInitModule.Item2.Filepath;
                            }

                            NewTreeContexts.Add(AppInitImportModule);
                        }
                    }
                }
            }
        }
Esempio n. 30
0
 public void CloseWithoutDisposing()
 {
     DllImport.CloseHandle(handle);
 }
Esempio n. 31
0
 public static DateTime FILETIMEToDateTime( DllImport.FILETIME fileTime, bool utc )
 {
     UInt64 high = ( (UInt64)( fileTime.dwHighDateTime ) );
     UInt64 shiftedHigh = ( high & 0xFFFFFFFF ) << 32;
     UInt64 low = (UInt64)( fileTime.dwLowDateTime & ( 0xFFFFFFFF ) );
     long final = (long)( low | shiftedHigh );
     return utc ? DateTime.FromFileTimeUtc( final ) : DateTime.FromFileTime( final );
 }