2.klik file new > project > bagian general pilih empty dll > nama terserah
Spoiler
3.klik kanan project lu pilih properties ganti configuratin type dari exe ke Dynamic library
Spoiler
4.terus , klik project > add new item atau pencet CTRL+SHIFT+A pilih "C++ file(.cpp)"
5.kasih nama main.cpp
6.abis itu Copas :
Spoiler
#define _CRT_SECURE_NO_WARNINGS#include <windows.h> #include <tlhelp32.h> // definisikan variable dengan ‘window title’, ‘window classname’ dan modul char *pProcessWindowTitle = “Point Blank”; char *pProcessWindowClass = “I3VIEWER”; char *pProcessModuleName = “PointBlank.i3Exec”; // etc… UINT_PTR uipUserRankValue = 52; // GM :D UINT_PTR uipUserPointsValue = 999999; //xD! UINT_PTR uiptrFinalRank, uiptrFinalPoints; bool isInitMmhMemory = true; DWORD dwProcessID; UINT_PTR uipMmhBaseAddress; HANDLE hProcess; DWORD GetModuleBase(LPSTR lpModuleName, DWORD dwProcessId) { MODULEENTRY32 lpModuleEntry = {0}; HANDLE hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId); if(!hSnapShot) return NULL; lpModuleEntry.dwSize = sizeof(lpModuleEntry); BOOL bModule = Module32First( hSnapShot, &lpModuleEntry ); while(bModule) { if(!strcmp( lpModuleEntry.szModule, lpModuleName ) ) { CloseHandle(hSnapShot); return (DWORD)lpModuleEntry.modBaseAddr; } bModule = Module32Next( hSnapShot, &lpModuleEntry ); } CloseHandle( hSnapShot ); return NULL; } // DeRef() = credit L. Spiro (MHS) UINT_PTR DeRef( UINT_PTR _uiptrPointer ) { UINT_PTR uiptrRet; if (!::ReadProcessMemory(hProcess, reinterpret_cast(_uiptrPointer), &uiptrRet, sizeof(uiptrRet), NULL)) { return 0UL; } return uiptrRet; } // inisialisasi proses void InitApplicationProcess() { bool isFindWindow = true; HWND hWnd = NULL; while(isFindWindow) { if((hWnd = FindWindowA(pProcessWindowClass, pProcessWindowTitle)) != NULL) // jika window ditemukan { isFindWindow = false; } Sleep(500); } GetWindowThreadProcessId(hWnd, &dwProcessID); hProcess = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_INFORMATION, FALSE, dwProcessID); } void MajorMissionHack() { if(isInitMmhMemory) { uipMmhBaseAddress = GetModuleBase(pProcessModuleName, dwProcessID); // misal: pointer yang didapat = PointBlank.i3Exec+00471234 dengan offset 0xA12, tuliskan seperti di bawah! uiptrFinalRank = DeRef(uipMmhBaseAddress + 0x4XXXXX) + 0xXXX; // User rank pointer – masked, untuk address & offset-nya. uiptrFinalPoints = DeRef(uipMmhBaseAddress + 0x4XXXXX) + 0xXXX; // User points pointer – masked, untuk address & offset-nya. isInitMmhMemory = false; } // WriteProcessMemory pada pointer ‘rank’, berikan nilai uipUserRankValue (52) ::WriteProcessMemory(hProcess, reinterpret_cast(uiptrFinalRank), &uipUserRankValue, sizeof(uipUserRankValue), NULL); // WriteProcessMemory pada pointer ‘points’, berikan nilai uipUserPointsValue (999999) LOL! ::WriteProcessMemory(hProcess, reinterpret_cast(uiptrFinalPoints), &uipUserPointsValue, sizeof(uipUserPointsValue), NULL); } void LovelyLoopy() { // ok, berikan salam dulu! MessageBox(0, “DLL berhasil di-inject. Lanjutkan!”, “Sep!”, MB_OK + MB_ICONASTERISK); InitApplicationProcess(); while(1) // loop selamanya :D { if(GetAsyncKeyState(VK_F12)&1) // jika F12 ditekan { MajorMissionHack(); // panggil fungsi ‘MajorMissionHack()’ Sleep(500); } Sleep(1); } } BOOL WINAPI DllMain(HMODULE hDll, DWORD dwReason, LPVOID lpReserved) { DisableThreadLibraryCalls(hDll); if(dwReason == DLL_PROCESS_ATTACH) { CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)LovelyLoopy, NULL, NULL, NULL); } else if(dwReason == DLL_PROCESS_DETACH) { CloseHandle(hProcess); } return TRUE; }
7.klo dah di copas,klik build > build solution
8.klo g ada error apa", brarti suskses! klo masih, silahkan periksa
9.klo kaga bisa running (no action) di OS Windows XP, ternyata ada kesalahan pada argumen fungsi API OpenProcess()
ganti klo agan make OS Windows XP, ubah kode pada bagian:
Spoiler
hProcess=OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_INFORMATION, FALSE, dwProcessID);
^
|
v
hProcess=OpenProcess(PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_INFORMATION, FALSE, dwProcessID);
^
|
v
hProcess=OpenProcess(PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_INFORMATION, FALSE, dwProcessID);
10.dll siap inject . . . .
Tidak ada komentar:
Posting Komentar