Skip to content

Instantly share code, notes, and snippets.

@YaLTeR

YaLTeR/rage-autojump-hook.cpp

Created July 7, 2015 19:45
Show Gist options
  • Save YaLTeR/40b995c615f03a0edb30 to your computer and use it in GitHub Desktop.
Save YaLTeR/40b995c615f03a0edb30 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
rage-autojump-hook.cpp
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <process.h>
#include <Psapi.h>
#include <cstdint>
#include <string>
void Log(const std::string& str) {
WriteConsoleA(GetStdHandle(STD_OUTPUT_HANDLE), str.c_str(), str.length(), NULL, NULL);
}
void ReplaceBytes(void* addr, size_t length, const uint8_t* newBytes)
{
DWORD dwOldProtect;
auto result = VirtualProtect(addr, length, PAGE_EXECUTE_READWRITE, &dwOldProtect);
for (size_t i = 0; i < length; ++i)
*(reinterpret_cast<uint8_t*>(addr) + i) = newBytes[i];
// The first call might have failed, but the target might have still been accessible.
if (result)
VirtualProtect(addr, length, dwOldProtect, &dwOldProtect);
}
bool GetModuleInfo(void* moduleHandle, void** moduleBase, size_t* moduleSize)
{
if (!moduleHandle)
return false;
MODULEINFO Info;
GetModuleInformation(GetCurrentProcess(), reinterpret_cast<HMODULE>(moduleHandle), &Info, sizeof(Info));
if (moduleBase)
*moduleBase = Info.lpBaseOfDll;
if (moduleSize)
*moduleSize = (size_t)Info.SizeOfImage;
return true;
}
bool GetModuleInfo(const std::wstring& moduleName, void** moduleHandle, void** moduleBase, size_t* moduleSize)
{
HMODULE Handle = GetModuleHandleW(moduleName.c_str());
auto ret = GetModuleInfo(Handle, moduleBase, moduleSize);
if (ret && moduleHandle)
*moduleHandle = Handle;
return ret;
}
inline bool DataCompare(const uint8_t* data, const uint8_t* pattern, const char* mask)
{
for (; *mask != 0; ++data, ++pattern, ++mask)
if (*mask == 'x' && *data != *pattern)
return false;
return (*mask == 0);
}
void* FindPattern(const void* start, size_t length, const uint8_t* pattern, const char* mask)
{
auto maskLength = strlen(mask);
for (size_t i = 0; i <= length - maskLength; ++i)
{
auto addr = reinterpret_cast<const uint8_t*>(start) + i;
if (DataCompare(addr, pattern, mask))
return const_cast<void*>(reinterpret_cast<const void*>(addr));
}
return nullptr;
}
unsigned _stdcall MainThread(void*) {
AllocConsole();
Log("[H] Initializing the hook.\n");
void *handle, *base;
size_t size;
if (!GetModuleInfo(L"Rage64.exe", &handle, &base, &size)) {
Log("[H] Failed to get the module info.\n");
goto end;
}
auto p = FindPattern(base, size, reinterpret_cast<const uint8_t*>("\x40\x53\x48\x83\xEC\x30\x80\xB9\x18\x03\x00\x00\x0A\x48\x8B\xD9\x0F\x8C\xED\x00\x00\x00\x8B\x81\x44\x02\x00\x00\xA8\x10"), "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
if (!p) {
Log("[H] Failed to find the pattern.\n");
goto end;
}
ReplaceBytes(reinterpret_cast<void*>(reinterpret_cast<uintptr_t>(p) + 30), 6, reinterpret_cast<const uint8_t*>("\x90\x90\x90\x90\x90\x90"));
Log("[H] Success!\n");
end:
auto resume_event = OpenEventW(EVENT_MODIFY_STATE, FALSE, L"BunnymodXT-Injector");
if (resume_event != NULL) {
SetEvent(resume_event);
CloseHandle(resume_event);
Log("[H] Signaled the injector to resume the process.\n");
}
return 0;
}
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
) {
switch (ul_reason_for_call) {
case DLL_PROCESS_ATTACH:
_beginthreadex(NULL, 0, MainThread, NULL, 0, NULL);
break;
case DLL_PROCESS_DETACH:
FreeConsole();
break;
}
return TRUE;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment