Created
November 21, 2016 19:35
-
-
Save dedmen/66379d8cc0b997218accf4dab1c2f82a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| void setAvatar(std::string path) { | |
| char buff[128]; | |
| typedef void*(__thiscall *makeQstring)(const char* buff, const char *some); | |
| HINSTANCE hGetProcIDDLL = GetModuleHandle(L"Qt5Core"); | |
| uintptr_t tsProc = (uintptr_t)GetModuleHandle(L"ts3client_win32.exe"); | |
| /* get pointer to the function in the dll*/ | |
| FARPROC lpfnGetProcessID = GetProcAddress(HMODULE(hGetProcIDDLL), "??0QString@@QAE@PBD@Z"); | |
| makeQstring makeString = (makeQstring) lpfnGetProcessID; | |
| auto str = makeString(buff, path.c_str()); | |
| auto pt = *((uintptr_t*) ((*((uintptr_t*) (0x97DE24-0xF0000+ tsProc))) + 4)); //pt is array of 16 elements. One element is different than others. | |
| uintptr_t foundAvManager = 0x0; | |
| for (int it = 0; it < 16; it++) { | |
| uintptr_t element = *((uintptr_t*)(pt + 0x4 * it)); | |
| int foundcount = 0; | |
| for (int i = 0; i < 16; i++) { | |
| uintptr_t element2 = *((uintptr_t*) (pt + 0x4 * i)); | |
| if (element2 == element) | |
| foundcount++; | |
| } | |
| if (foundcount == 1) { | |
| foundAvManager = element; | |
| break; | |
| } | |
| } | |
| if (!foundAvManager) return; | |
| auto avManager = *((uintptr_t*) (foundAvManager + 0x10));//0x30 corresponds to the element 0x30/4 that is different than the others | |
| typedef uintptr_t(__thiscall *setAvatar)(uintptr_t avatarManager, void* some, char some2); | |
| setAvatar setAv = (setAvatar) (0x002EF2C0-0xF0000 + tsProc); | |
| setAv(avManager, buff, 1); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment