Excellzone

Forum and disscussions since 2010


You are not connected. Please login or register

View previous topic View next topic Go down Message [Page 1 of 1]

#1
Excell

avatar
Head Administer
Head Administer
**i did not make this, i do not own any of this!!**


Quote:


#define hs_jmp 0x63b31d
//needs to change (0x63b31d)


#define hs_jmp2 0x63b323
//needs to change (0x63b323)

typedef int (__cdecl *hs_getprocaddress_t)( int hmodule, int a2 );
typedef int (__stdcall *hackshieldcomm_t )( int, void*, void* );
typedef signed int (__stdcall *kickproc_t)( int a1, int a2, int a3 );

hs_getprocaddress_t phs_getprocaddress = null;
hackshieldcomm_t phackshieldcomm = null;
kickproc_t pkickproc = null;

signed int __stdcall new_kickproc( int a1, int a2, int a3 )
{
return 1;
}

int __stdcall new_hackshieldcomm( int hscommcode, void *param1, void *param2 )
{
if( hscommcode == 4 || hscommcode == 5 || hscommcode == 13 ) //kill!
{
if( hscommcode == 4 ) //replace kick proc
{
dword *dwparam1 = (dword *)param1;

pkickproc = (kickproc_t)*dwparam1;
*dwparam1 = (dword)new_kickproc;
}

int ireturn = phackshieldcomm( hscommcode, param1, param2 );

return 1;
}

int ireturn = phackshieldcomm( hscommcode, param1, param2 );

return ireturn;
}

void hookcommunication( exception_pointers* pexceptioninfo )
{
dword dwebp = pexceptioninfo->contextrecord->ebp;
dword dwparam2 = 0;

__asm
{
push eax;
push edx;
mov eax, dwebp;
mov edx, [eax+0xc];
mov dwparam2, edx;
pop edx;
pop eax;
}

if( dwparam2 == 0xa ) //this is the ordinal of some export...hmm..
{
phackshieldcomm = (hackshieldcomm_t)pexceptioninfo->contextrecord->eax;
pexceptioninfo->contextrecord->eax = (dword)new_hackshieldcomm;
}

pexceptioninfo->contextrecord->eip = hs_jmp2;

return;
}

pvoid pcontexthandler = null;

long winapi tgsexceptionhandler( exception_pointers* pexceptioninfo )
{
if( pexceptioninfo->exceptionrecord->exceptioncode != exception_single_step )
{
return exception_continue_search;
}

if( pexceptioninfo->exceptionrecord->exceptionaddress == (pvoid)hs_jmp )
{
hookcommunication( pexceptioninfo );
return exception_continue_execution;
}

return exception_continue_search;
}

void initcontexthook()
{
pcontexthandler = addvectoredexceptionhandler( 0x50be17, tgsexceptionhandler );

//needs to change (0x50be17)

context context;
context.contextflags = context_debug_registers;
getthreadcontext(getcurrentthread(), &context);
context.dr0 = hs_jmp;
context.dr7 = (1<<0)|(1<<2)|(1<<4)|(1<<6);
setthreadcontext(getcurrentthread(), &context);
}


Anyone who finds those 3 values (addresses) will be god.


edit: also the code needs to change a bit...














__________________

View user profile http://excellzone.mrforum.net

#2
fgw119

avatar
Level 2
Level 2
Can you tell me do you find the base address

View user profile

View previous topic View next topic Back to top Message [Page 1 of 1]


Permissions in this forum:
You cannot reply to topics in this forum