_______________________________________
/*
Coded by : abujafar
Time/date : 13:43 08/09/2011
Example for : Point Blank Indonesia
*/
#include
#define PTR_THIS 0x5efc2c
#define PTR_MSGROOT 0x219e10
#define PTR_CALLER 0x5a680
DWORD dwModule = NULL;
typedef void (__thiscall *pMsgBox)(void*, /* this pointer */
char*, /* text*/
char*, /* caption */
int, /* type */
void*, /* own message root (callback)*/
void*, /* system message root */
int, /* unknown, biasanya value 10 (0xA) */
int, /* unknown, biasanya value 1 (true?) */
int); /* unknown, biasanya value 1 (true?) */
/*
untuk parameter 'type':
0x10001 = ok only (force exit)
0x10002 = ok (exit) + cancel
0x10004 = no button (wait msgbox)
0x20001 = ok only (no exit)
0x20002 = ok (exit) + cancel
0x20004 = no button (wait msgbox)
*/
bool bInit = false;
pMsgBox _MsgBox;
void* pThis;
void* pProc;
void DoMsgBox() {
if(!bInit) {
pThis = (void*)*(DWORD*)(dwModule+PTR_THIS);
pProc = (void*)(dwModule+PTR_MSGROOT);
_MsgBox = (pMsgBox)(dwModule+PTR_CALLER);
bInit = true;
}
_MsgBox(pThis,
"Hello nyit-nyit...\nThis is MessageBox from your pwnd function.\n\nabujafar@nyit-nyit",
"Pwnd",
0x20001,
pProc,
0,
0xA,
1,
1);
}
void MainThread() {
while(!dwModule) {
dwModule = (DWORD)GetModuleHandle("PointBlank.i3Exec");
Sleep(100);
}
while(1) {
if(GetAsyncKeyState(VK_F1)&1) {
DoMsgBox();
}
Sleep(10);
}
}
BOOL WINAPI DllMain(HMODULE hDll, DWORD dwReason, LPVOID lpReserved) {
switch(dwReason) {
case DLL_PROCESS_ATTACH:
DisableThreadLibraryCalls(hDll);
CreateThread(0, 0, (LPTHREAD_START_ROUTINE)MainThread, 0, 0, 0);
break;
case DLL_PROCESS_DETACH:
FreeLibrary(hDll);
break;
}
return true;
}
c : abu jafar N3
0 komentar:
Posting Komentar