void DumpCdKeys() { var si = new STARTUP_INFO(); si.dwFlags = 1; var success = CreateProcess(installDir.Text + "Game.exe", " -w -ns", IntPtr.Zero, IntPtr.Zero, false, 4, IntPtr.Zero, installDir.Text, ref si, out PROCESS_INFORMATION pi); var tempD2 = Process.GetProcesses().ToList().FirstOrDefault(p => p.Id == pi.dwProcessId); WriteProcessMemory(tempD2.Handle, (IntPtr)0x400000 + 0xF562A, new Byte[] { 0xDB }, 1, 0); // replace (test eax, eax) with (test ebx, ebx), same window check ResumeThread(pi.hThread); tempD2.WaitForInputIdle(); var thread = CreateRemoteThread(tempD2.Handle, IntPtr.Zero, 0, (IntPtr)0x5234D0, IntPtr.Zero, 0, IntPtr.Zero); WaitForSingleObject(thread, 5000); var moduleBase = (IntPtr)0x400000; // startedProcess.MainModule.BaseAddress doesn't work in suspended since crt/app isn't loaded yet? var buffer = new Byte[26]; ReadProcessMemory(pi.hProcess, moduleBase + 0x482744, buffer, 4, 0); ReadProcessMemory(pi.hProcess, (IntPtr)BitConverter.ToInt32(buffer, 0), buffer, 26, 0); ClassicCdKey = classicCdKey.Text = Encoding.UTF8.GetString(buffer); ReadProcessMemory(pi.hProcess, moduleBase + 0x48274C, buffer, 4, 0); ReadProcessMemory(pi.hProcess, (IntPtr)BitConverter.ToInt32(buffer, 0), buffer, 26, 0); XpakCdKey = xpakCdKey.Text = Encoding.UTF8.GetString(buffer); tempD2.Kill(); }
void launchButton_Click(object sender, EventArgs e) { var si = new STARTUP_INFO(); var args = " -w"; if (sound.Checked) { args += " -ns"; } var success = CreateProcess(installDir.Text + "Game.exe", args, IntPtr.Zero, IntPtr.Zero, false, 4, IntPtr.Zero, installDir.Text, ref si, out PROCESS_INFORMATION pi); var d2 = Process.GetProcesses().ToList().FirstOrDefault(p => p.Id == pi.dwProcessId); var procHandle = pi.hProcess; // OpenProcess(0x001F0FFF, false, startedProcess.Id); var moduleBase = (IntPtr)0x400000; // startedProcess.MainModule.BaseAddress doesn't work in suspended since crt/app isn't loaded yet? if (multi.Checked) { WriteProcessMemory(procHandle, moduleBase + 0xF562A, new Byte[] { 0xDB }, 1, 0); // replace (test eax, eax) with (test ebx, ebx), same window check } if (sleepy.Checked) { WriteProcessMemory(procHandle, moduleBase + 0x51C31, new Byte[] { 0x90, 0x90 }, 2, 0); } WriteProcessMemory(procHandle, moduleBase + 0x11FE3B, new Byte[] { 0x90, 0x90, 0x90, 0x90, 0x90, 0x90 }, 6, 0); // remove extrawork if (resolutionBox.Text != "800x600") { SetResolution(procHandle, moduleBase); } ResumeThread(pi.hThread); d2.WaitForInputIdle(); if (fullscreen.Checked) { int style = GetWindowLong(d2.MainWindowHandle, -16); SetWindowLong(d2.MainWindowHandle, -16, (style & ~(0x00c00000))); SetWindowPos(d2.MainWindowHandle, 0, 0, 0, Resolution.Width, Resolution.Height, 0); } if (ClassicCdKey != classicCdKey.Text || XpakCdKey != xpakCdKey.Text) { UpdateCdKey(procHandle, moduleBase, classicCdKey.Text, xpakCdKey.Text); } EnableCustomCheckRevision(d2, procHandle); var dll = Resources.D2Mods; if (File.Exists("D2Mods.dll")) { dll = File.ReadAllBytes(@"D2Mods.dll"); } if (mapHack.Checked) { var mm = new ManualMapInjection.Injection.ManualMapInjector(d2); mm.Inject(dll, procHandle); } CloseHandle(procHandle); }
private static extern bool CreateProcessAsUser( IntPtr token, string applicationName, string commandLine, IntPtr processAttributes, IntPtr threadAttributes, bool inheritHandles, CreateProcessFlags creationFlags, IntPtr environment, string currentDirectory, ref STARTUP_INFO startupInfo, out PROCESS_INFORMATION processInformation);
private static extern bool CreateProcessW( [MarshalAs(UnmanagedType.LPWStr)] string lpApplicationName, [MarshalAs(UnmanagedType.LPWStr)] StringBuilder lpCommandLine, nint lpProcessAttributes, nint lpThreadAttributes, [MarshalAs(UnmanagedType.Bool)] bool bInheritHandles, uint dwCreationFlags, [MarshalAs(UnmanagedType.LPWStr)] string?lpEnvironment, [MarshalAs(UnmanagedType.LPWStr)] string?lpCurrentDirectory, ref STARTUP_INFO lpStartupInfo, ref PROCESS_INFORMATION lpProcessInformation );
internal static extern bool CreateProcess ( string lpApplicationName, string lpCommandLine, ref SECURITY_ATTRIBUTES lpProcessAttributes, ref SECURITY_ATTRIBUTES lpThreadAttributes, [In, MarshalAs(UnmanagedType.Bool)] bool bInheritHandles, uint dwCreationFlags, IntPtr lpEnvironment, string lpCurrentDirectory, [In] ref STARTUP_INFO lpStartupInfo, out PROCESS_INFORMATION lpProcessInformation );
/// <summary> /// Spawn a new process. /// </summary> public ChildProcess Spawn() { unsafe { var startInfo = new STARTUP_INFO { cb = (uint)sizeof(STARTUP_INFO), }; var procInfo = new PROCESS_INFORMATION(); var env = m_environments.ToString(); var success = CreateProcessW( m_program, m_commandLine,
void launchButton_Click(object sender, EventArgs e) { var si = new STARTUP_INFO(); var args = " -w"; if (sound.Checked) { args += " -ns"; } var success = CreateProcess(installDir.Text + "Game.exe", args, IntPtr.Zero, IntPtr.Zero, false, 4, IntPtr.Zero, installDir.Text, ref si, out PROCESS_INFORMATION pi); var d2 = Process.GetProcesses().ToList().FirstOrDefault(p => p.Id == pi.dwProcessId); var procHandle = pi.hProcess; // OpenProcess(0x001F0FFF, false, startedProcess.Id); var moduleBase = (IntPtr)0x400000; // startedProcess.MainModule.BaseAddress doesn't work in suspended since crt/app isn't loaded yet? if (multi.Checked) { WriteProcessMemory(procHandle, moduleBase + 0xF562A, new Byte[] { 0xDB }, 1, 0); // replace (test eax, eax) with (test ebx, ebx), same window check } if (sleepy.Checked) { WriteProcessMemory(procHandle, moduleBase + 0x51C31, new Byte[] { 0x90, 0x90 }, 2, 0); } if (sleepy.Checked) { WriteProcessMemory(procHandle, moduleBase + 0x51C40, new Byte[] { 0x90, 0x90 }, 2, 0); //You are missing the 2nd fix for CPU infinite loop bug fix. This is based off the https://d2mods.info/forum/viewtopic.php?t=62140 } WriteProcessMemory(procHandle, moduleBase + 0x11FE3B, new Byte[] { 0x90, 0x90, 0x90, 0x90, 0x90, 0x90 }, 6, 0); // remove extrawork if (resolutionBox.Text != "800x600") { SetResolution(procHandle, moduleBase); } ResumeThread(pi.hThread); d2.WaitForInputIdle(); if (fullscreen.Checked) { int style = GetWindowLong(d2.MainWindowHandle, -16); SetWindowLong(d2.MainWindowHandle, -16, (style & ~(0x00c00000))); SetWindowPos(d2.MainWindowHandle, 0, 0, 0, Resolution.Width, Resolution.Height, 0); } if (ClassicCdKey != classicCdKey.Text || XpakCdKey != xpakCdKey.Text) { UpdateCdKey(procHandle, moduleBase, classicCdKey.Text, xpakCdKey.Text); } //EnableCustomCheckRevision(d2, procHandle); CloseHandle(procHandle); }
void launchButton_Click(object sender, EventArgs e) { var si = new STARTUP_INFO(); var args = " -w"; if (sound.Checked) { args += " -ns"; } var success = CreateProcess(installDir.Text + "Game.exe", args, IntPtr.Zero, IntPtr.Zero, false, 4, IntPtr.Zero, installDir.Text, ref si, out PROCESS_INFORMATION pi); var d2 = Process.GetProcesses().ToList().FirstOrDefault(p => p.Id == pi.dwProcessId); var procHandle = pi.hProcess; // OpenProcess(0x001F0FFF, false, startedProcess.Id); var moduleBase = (IntPtr)0x400000; // startedProcess.MainModule.BaseAddress doesn't work in suspended since crt/app isn't loaded yet? if (multi.Checked) { WriteProcessMemory(procHandle, moduleBase + 0xF562A, new Byte[] { 0xDB }, 1, 0); // replace (test eax, eax) with (test ebx, ebx), same window check } if (sleepy.Checked) { WriteProcessMemory(procHandle, moduleBase + 0x51C31, new Byte[] { 0x90, 0x90 }, 2, 0); } WriteProcessMemory(procHandle, moduleBase + 0x11FE3B, new Byte[] { 0x90, 0x90, 0x90, 0x90, 0x90, 0x90 }, 6, 0); // remove extrawork if (highRes.Checked) { ChangeTo1080(procHandle, moduleBase); } ResumeThread(pi.hThread); d2.WaitForInputIdle(); if (highRes.Checked) { int style = GetWindowLong(d2.MainWindowHandle, -16); SetWindowLong(d2.MainWindowHandle, -16, (style & ~(0x00c00000))); SetWindowPos(d2.MainWindowHandle, 0, 0, 0, 1920, 1080, 0); } if (ClassicCdKey != classicCdKey.Text || XpakCdKey != xpakCdKey.Text) { UpdateCdKey(procHandle, moduleBase, classicCdKey.Text, xpakCdKey.Text); } CloseHandle(procHandle); }
/// <summary> /// Launches a process for the current user. /// This code will only work when running in a windows service running as LocalSystem /// with the SE_TCB_NAME privilege. /// </summary> /// <returns>True on successful process start</returns> public bool RunAs(string processName, string args) { IntPtr environment = IntPtr.Zero; IntPtr duplicate = IntPtr.Zero; if (this.token == IntPtr.Zero) { return(false); } try { if (DuplicateTokenEx( this.token, DuplicateTokenFlags, IntPtr.Zero, SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation, TokenPrimary, out duplicate)) { if (CreateEnvironmentBlock(ref environment, duplicate, false)) { STARTUP_INFO info = new STARTUP_INFO(); info.Length = Marshal.SizeOf(typeof(STARTUP_INFO)); PROCESS_INFORMATION procInfo = new PROCESS_INFORMATION(); if (CreateProcessAsUser( duplicate, null, string.Format("\"{0}\" {1}", processName, args), IntPtr.Zero, IntPtr.Zero, inheritHandles: false, creationFlags: CreateProcessFlags.CREATE_NO_WINDOW | CreateProcessFlags.CREATE_UNICODE_ENVIRONMENT, environment: environment, currentDirectory: null, startupInfo: ref info, processInformation: out procInfo)) { try { this.tracer.RelatedInfo("Started process '{0} {1}' with Id {2}", processName, args, procInfo.ProcessId); } finally { CloseHandle(procInfo.ProcessHandle); CloseHandle(procInfo.ThreadHandle); } return(true); } else { TraceWin32Error(this.tracer, "Unable to start process."); } } else { TraceWin32Error(this.tracer, "Unable to set child process environment block."); } } else { TraceWin32Error(this.tracer, "Unable to duplicate user token."); } } finally { if (environment != IntPtr.Zero) { DestroyEnvironmentBlock(environment); } if (duplicate != IntPtr.Zero) { CloseHandle(duplicate); } } return(false); }
public static extern bool CreateProcess(string ApplicationName, string CommandLine, IntPtr ProcessAttributes, IntPtr ThreadAttributes, bool InheritHandles, uint CreationFlags, IntPtr Environment, string CurrentDirectory, ref STARTUP_INFO StartupInfo, ref PROCESS_INFORMATION ProcessInformation);
[DllImport("kernel32.dll")] static extern Boolean CreateProcess(String lpApplicationName, String lpCommandLine, IntPtr lpProcessAttributes, IntPtr lpThreadAttributes, Boolean bInheritHandles, UInt32 dwCreationFlags, IntPtr lpEnvironment, String lpCurrentDirectory, ref STARTUP_INFO lpStartupInfo, out PROCESS_INFORMATION lpProcessInformation);
void launchButton_Click(object sender, EventArgs e) { var si = new STARTUP_INFO(); var args = " -w"; if (sound.Checked) { args += " -ns"; } var success = CreateProcess(installDir.Text + "Game.exe", args, IntPtr.Zero, IntPtr.Zero, false, 4, IntPtr.Zero, installDir.Text, ref si, out PROCESS_INFORMATION pi); var d2 = Process.GetProcesses().ToList().FirstOrDefault(p => p.Id == pi.dwProcessId); var procHandle = pi.hProcess; // OpenProcess(0x001F0FFF, false, startedProcess.Id); var moduleBase = (IntPtr)0x400000; // startedProcess.MainModule.BaseAddress doesn't work in suspended since crt/app isn't loaded yet? if (multi.Checked) { WriteProcessMemory(procHandle, moduleBase + 0xF562A, new Byte[] { 0xDB }, 1, 0); // replace (test eax, eax) with (test ebx, ebx), same window check } if (sleepy.Checked) { WriteProcessMemory(procHandle, moduleBase + 0x51C31, new Byte[] { 0x90, 0x90 }, 2, 0); } WriteProcessMemory(procHandle, moduleBase + 0x11FE3B, new Byte[] { 0x90, 0x90, 0x90, 0x90, 0x90, 0x90 }, 6, 0); // remove extrawork if (resolutionBox.Text != "800x600") { SetResolution(procHandle, moduleBase); } ResumeThread(pi.hThread); d2.WaitForInputIdle(); if (fullscreen.Checked) { int style = GetWindowLong(d2.MainWindowHandle, -16); SetWindowLong(d2.MainWindowHandle, -16, (style & ~(0x00c00000))); SetWindowPos(d2.MainWindowHandle, 0, 0, 0, Resolution.Width, Resolution.Height, 0); } if (ClassicCdKey != classicCdKey.Text || XpakCdKey != xpakCdKey.Text) { UpdateCdKey(procHandle, moduleBase, classicCdKey.Text, xpakCdKey.Text); } EnableCustomCheckRevision(d2, procHandle); //if (File.Exists("D2Mods.dll")) HardcodedDll.Bytes = File.ReadAllBytes(@"D2Mods.dll"); var createDllHardcode = false; if (createDllHardcode) { var sb = new StringBuilder(); sb.Append(@"using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; namespace D2Launcher { public static class HardcodedDll { public static Byte[] Bytes = new Byte[]{ "); var q = 0; sb.Append(String.Join(", ", HardcodedDll.Bytes.Select(b => (((++q % 16) == 0) ? "\n" : "") + "0x" + b.ToString("X")))); sb.Append(@"}; } } "); File.WriteAllText(@"..\D2Launcher\HardcodedDll.cs", sb.ToString()); } if (mapHack.Checked) { var mm = new ManualMapInjection.Injection.ManualMapInjector(d2); mm.Inject(HardcodedDll.Bytes, procHandle); } CloseHandle(procHandle); }
public static extern Boolean CreateProcessWithTokenW(IntPtr hToken, LOGON_FLAGS dwLogonFlags, string lpApplicationName, string lpCommandLine, CREATION_FLAGS dwCreationFlags, IntPtr lpEnvironment, string lpCurrentDirectory, [In] ref STARTUP_INFO lpStartupInfo, out PROCESS_INFORMATION lpProcessInformation);