patate/ezfrags
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Initial commit of project structure, IDA database, the Tools, readme and license

Browse Source
This commit is contained in:
ALittlePatate
2021-12-18 13:02:24 +01:00
commit 0968b31444
40 changed files with 1232 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

165
Ezfrags/MemManager.cpp Normal file
View File

@@ -0,0 +1,165 @@
#include <iostream>
#include <thread>
#include <Windows.h>
#include <TlHelp32.h>
#include "MemManager.h"
namespace Mem {
inline MODULEENTRY32 get_module(const char* modName, DWORD proc_id) {
HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, proc_id);
if (hSnap != INVALID_HANDLE_VALUE) {
MODULEENTRY32 modEntry;
modEntry.dwSize = sizeof(modEntry);
if (Module32First(hSnap, &modEntry)) {
do {
if (!strcmp(modEntry.szModule, modName)) {
CloseHandle(hSnap);
return modEntry;
}
} while (Module32Next(hSnap, &modEntry));
}
}
MODULEENTRY32 module = { (DWORD)-1 };
return module;
}
inline void get_csgo() {
while (1) {
//Get a window handle to csgo
HWND hw_csgo = FindWindowA(NULL, "Counter-Strike: Global Offensive - Direct3D 9");
if (hw_csgo) {
csgo_found = true;
//Get csgo's process ID using the handle (No need to make some big function for procid like every other paster does)
GetWindowThreadProcessId(hw_csgo, &dw_process_id);
Mem::process_handle = OpenProcess(PROCESS_VM_READ | PROCESS_VM_OPERATION | PROCESS_VM_WRITE, false, dw_process_id);
break;
}
}
}
inline void get_client_base_address() {
while (1) {
Mem::dw_client_address = get_module("client.dll", dw_process_id);
Mem::client_bytes = new uint8_t[Mem::dw_client_address.modBaseSize]; //making a variable size of the module
Mem::client = (uintptr_t)dw_client_address.modBaseAddr;
if (Mem::client_bytes) {
client_dll_found = true;
break;
}
DWORD bytes_read;
ReadProcessMemory(process_handle, Mem::dw_client_address.modBaseAddr, Mem::client_bytes, Mem::dw_client_address.modBaseSize, &bytes_read); //reading the module and storing as bytes_read
if (bytes_read != Mem::dw_client_address.modBaseSize) throw; //checking that the size of bytes read is = to size of bytes in the module
delete[] Mem::client_bytes;
}
}
inline void get_engine_base_address() {
while (1) {
MODULEENTRY32 dw_engine_address = get_module("engine.dll", dw_process_id);
engine_bytes = new uint8_t[dw_engine_address.modBaseSize]; //making a variable size of the module
Mem::engine = (uintptr_t)dw_engine_address.modBaseAddr;
if (engine_bytes) {
engine_dll_found = true;
break;
}
DWORD bytes_read;
ReadProcessMemory(process_handle, dw_engine_address.modBaseAddr, engine_bytes, dw_engine_address.modBaseSize, &bytes_read); //reading the module and storing as bytes_read
if (bytes_read != dw_engine_address.modBaseSize) throw; //checking that the size of bytes read is = to size of bytes in the module
delete[] Mem::engine_bytes;
}
}
//https://github.com/Made0x0000000a/nyfox/blob/main/csgoCheat/patternscan.cpp
DWORD FindAddress(const wchar_t* moduleName, const char* pattern, const char* mask, const int offset=0, const int extra=0) {
const MODULEENTRY32 moduleEntry = Mem::dw_client_address;
const HANDLE hProcess = Mem::process_handle;
// No Module Entry found
if (!moduleEntry.th32ModuleID) {
return NULL;
}
// Module base address = scan starting point
uintptr_t base = (uintptr_t)moduleEntry.modBaseAddr;
// Size of Module = scan end point
uintptr_t size = base + moduleEntry.modBaseSize;
uintptr_t curChunk = base;
SIZE_T bytesRead;
DWORD res;
int res_plus_offset = 0;
while (curChunk < size) {
// Area to scan
char buffer[4096];
// Change read protection, raed memory and change read protection back to the original
DWORD oProtect;
VirtualProtectEx(hProcess, (LPVOID)curChunk, sizeof(buffer), PAGE_EXECUTE_READWRITE, &oProtect);
ReadProcessMemory(hProcess, (LPVOID)curChunk, &buffer, sizeof(buffer), &bytesRead);
VirtualProtectEx(hProcess, (LPVOID)curChunk, sizeof(buffer), oProtect, &oProtect);
// No bytes read
if (bytesRead == 0) {
return NULL;
}
DWORD internalAddr = Mem::FindPattern((char*)&buffer, bytesRead, pattern, mask);
if (internalAddr != NULL) {
// Calculate real address
uintptr_t offsetFromBuffer = (uintptr_t)internalAddr - (uintptr_t)&buffer;
res = (DWORD)(curChunk + offsetFromBuffer);
res_plus_offset = Mem::RPM<int>(res + offset); //Adding the offset
return res_plus_offset - (DWORD)Mem::dw_client_address.modBaseAddr + extra; //adding the extra
}
else {
// Next chunk
curChunk += bytesRead;
}
}
return NULL;
}
// Find matching pattern
DWORD FindPattern(char* base, size_t size, const char* pattern, const char* mask) {
size_t patternLen = strlen(mask);
for (DWORD i = 0; i < size - patternLen; i++) {
bool found = true;
for (DWORD j = 0; j < patternLen; j++) {
if (mask[j] != '?' && pattern[j] != *(base + i + j)) {
found = false;
break;
}
}
if (found) {
return (DWORD)(base + i);
}
}
return NULL;
}
template<typename T> T RPM(SIZE_T address) {
T buffer;
ReadProcessMemory(process_handle, (LPCVOID)address, &buffer, sizeof(T), NULL);
return buffer;
}
template<typename T> void WPM(SIZE_T address, T buffer) {
WriteProcessMemory(process_handle, (LPVOID)address, &buffer, sizeof(buffer), NULL);
}
}