C++実装-フィーチャーコード遍歴
13686 ワード
#include
#include
#include
union Base
{
DWORD address;
BYTE data[4];
};
/************************************************************************/
/* :
/* :process
/* :markCode ,
/* : , :1
/* :findMode , , :1
/* 0: ( )
/* 1: ( )
/* :offset , :
/************************************************************************/
DWORD ScanAddress(HANDLE process, char *markCode,
DWORD distinct = 1, DWORD findMode = 1,
LPDWORD offset = NULL)
{
//
const DWORD beginAddr = 0x00400000;
//
const DWORD endAddr = 0x7FFFFFFF;
//
const DWORD pageSize = 4096;
//////////////////////// /////////////////////
//
if (strlen(markCode) % 2 != 0) return 0;
//
int len = strlen(markCode) / 2;
// byte
BYTE *m_code = new BYTE[len];
for (int i = 0; i < len; i++){
char c[] = {markCode[i*2], markCode[i*2+1], '\0'};
*m_code = (BYTE)::strtol(c, NULL, 16);
}
///////////////////////// /////////////////////
BOOL _break = FALSE;
//
int curPage = 0;
int curIndex = 0;
Base base;
// 4096
BYTE page[pageSize];
DWORD tmpAddr = beginAddr;
while (tmpAddr <= endAddr - len){
::ReadProcessMemory(process, (LPCVOID)tmpAddr, &page, pageSize, 0);
//
for (int i = 0; i < pageSize; i++){
for (int j = 0; j < len; j++){
//
if (m_code[j] != page[i + j])break;
//
if (j == len - 1){
_break = TRUE;
if (!findMode){
curIndex = i;
base.data[0] = page[curIndex-distinct-4];
base.data[1] = page[curIndex-distinct-3];
base.data[2] = page[curIndex-distinct-2];
base.data[3] = page[curIndex-distinct-1];
}else{
curIndex = i + j;
base.data[0] = page[curIndex+distinct+1];
base.data[1] = page[curIndex+distinct+2];
base.data[2] = page[curIndex+distinct+3];
base.data[3] = page[curIndex+distinct+4];
}
break;
}
}
if (_break) break;
}
if (_break) break;
curPage++;
tmpAddr += pageSize;
}
if(offset != NULL){
*offset = curPage * pageSize + curIndex + beginAddr;
}
return base.address;
}
/************************************************************************/
/* : call
/* :process
/* :markCode ,
/* : , :1
/* :findMode , , :1
/* 0:
/* 1:
/************************************************************************/
DWORD ScanCall(HANDLE process, char *markCode,
DWORD distinct = 1, DWORD findMode = 1)
{
DWORD offset;
DWORD call = ScanAddress(process, markCode, distinct, findMode, &offset);
call += offset;
if(findMode) call = call + 5 + distinct;
else call = call - distinct;
return call;
}
-------------------------------------------------------------------------------------
:
-------------------------------------------------------------------------------------
int main(int argc, char* argv[])
{
HWND hGame = ::FindWindow("DxFirst", NULL); //
if(hGame == NULL) return FALSE;
DWORD processId;
HANDLE process;
::GetWindowThreadProcessId(hGame, &processId);
process = ::OpenProcess(PROCESS_ALL_ACCESS, false, processId);
//83C404C3CCCCA1 1
//C3CCCCCCCCCCCCCCCCCCCC8B442404A3ECA72001 0
//5557535152C6400801E8 1 call
//
DWORD addr = ScanAddress(process, "83C404C3CCCCA1");
printf(" :%X
",addr);
//
DWORD addr = ScanAddress(process, "C3CCCCCCCCCCCCCCCCCCCC8B442404A3ECA72001", 3, 0);
printf(" :%X
",addr);
DWORD call = ScanCall(process, "5557535152C6400801E8");
printf("call :%X
",call);
::CloseHandle(process);
return 0;
} 転載先:https://www.cnblogs.com/LyShark/p/9051744.html