Skip to content

Instantly share code, notes, and snippets.

@notmike101

notmike101/patch.cpp

Created November 10, 2015 19:47
Show Gist options
  • Save notmike101/1e18403d41a1fd0e2963 to your computer and use it in GitHub Desktop.
Save notmike101/1e18403d41a1fd0e2963 to your computer and use it in GitHub Desktop.
Download ZIP
FileProtector Program Patch
Raw
patch.cpp
/*
FileProtector Crypter Patch
Created by _DeNy
3/20/2013
*/
#include <windows.h>
#include <stdio.h>
#include <time.h>
#include <iostream>
#include <fstream>
#include <string>
#include <WinSock.h>
#include "detours/detours.h"
#pragma comment(lib,"ws2_32.lib")
#pragma comment(lib,"detours.lib")
#pragma comment(lib,"User32.lib")
#pragma comment(lib,"Kernel32.lib")
// Global Stuff
BOOL hCheckingHwid = FALSE;
BOOL hHooked = FALSE;
BOOL hCheckingVersion = FALSE;
// Functions to be Hooked/Detoured
int (WINAPI *Real_send)(SOCKET a0, const char* a1, int a2, int a3) = send;
int (WINAPI *Real_recv)(SOCKET a0, char* a1, int a2, int a3) = recv;
DWORD (WINAPI *Real_GetFileAttributesW)(LPCWSTR a1) = GetFileAttributesW;
DWORD (WINAPI *Real_GetFileAttributesA)(LPCSTR a1) = GetFileAttributesA;
HANDLE (WINAPI *Real_FindFirstFileW)(LPCWSTR a1, LPWIN32_FIND_DATAW a2) = FindFirstFileW;
HANDLE (WINAPI *Real_FindFirstFileA)(LPCSTR a1, LPWIN32_FIND_DATAA a2) = FindFirstFileA;
// Functions to replace hooked/detoured functions
int (WINAPI New_Send)( SOCKET s, const char* buf, int len, int flags );
int (WINAPI New_Recv)( SOCKET s, char *buf, int len, int flags );
DWORD (WINAPI New_GetFileAttributesW)(LPCWSTR lpFileName);
DWORD (WINAPI New_GetFileAttributesA)(LPCSTR lpFileName);
HANDLE (WINAPI New_FindFirstFileW)(LPCWSTR lpFileName, LPWIN32_FIND_DATAW lpFindFileData);
HANDLE (WINAPI New_FindFirstFileA)(LPCSTR lpFileName, LPWIN32_FIND_DATAA lpFindFileData);
char *HWID() {
char hwid[255];
std::string line;
std::ifstream hwidFile("hwid.dat");
if(hwidFile.is_open()) {
std::getline(hwidFile,line);
}
hwidFile.close();
sprintf(hwid,"%s",line);
return hwid;
}
int GoodLoad() {
int error = 0;
std::ifstream hwidFile("hwid.dat");
if(!hwidFile.is_open())
error = 1;
return error;
}
bool detourFunctions(HINSTANCE &hinstDLL) {
DisableThreadLibraryCalls(hinstDLL);
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)Real_send,New_Send);
if(DetourTransactionCommit() != NO_ERROR) {
return false;
}
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)Real_recv,New_Recv);
if(DetourTransactionCommit() != NO_ERROR) {
return false;
}
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)Real_GetFileAttributesW,New_GetFileAttributesW);
if(DetourTransactionCommit() != NO_ERROR) {
return false;
}
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)Real_GetFileAttributesA,New_GetFileAttributesA);
if(DetourTransactionCommit() != NO_ERROR) {
return false;
}
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)Real_FindFirstFileW,New_FindFirstFileW);
if(DetourTransactionCommit() != NO_ERROR) {
return false;
}
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach(&(PVOID&)Real_FindFirstFileA,New_FindFirstFileA);
if(DetourTransactionCommit() != NO_ERROR) {
return false;
}
return true;
}
// Entry Point
// Just setting up everything
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason,LPVOID lpReserved) {
if (dwReason == DLL_PROCESS_ATTACH && hHooked == false) {
hHooked = true;
MessageBox(NULL, "Patch loaded","Denial Patcher", MB_OK);
if(GoodLoad() == 0) {
if(!detourFunctions(hinstDLL))
MessageBox(NULL, "An error occured. Please report 0x01 to _DeNy","Denial Patcher", MB_OK);
} else if(GoodLoad() == 1) {
MessageBox(NULL, "Error: 0x03\n\nhwid.dat does not exist.","Denial Patcher", MB_OK);
exit(0x03);
} else if(GoodLoad() == 2) {
MessageBox(NULL, "Error: 0x04\n\nFPPatcher.dll does not exist","Denial Patcher", MB_OK);
exit(0x04);
}
}
return true;
}
// Replacement for socket send
int (WINAPI New_Send)(SOCKET s, const char *buf, int len, int flags) {
if(strstr(buf, "/fileprotector/paid/users.txt") != NULL) {
hCheckingHwid = TRUE;
return len;
} else if(strstr(buf, "/fileprotector/paid/Version.ini") != NULL) {
hCheckingVersion = TRUE;
return len;
} else {
return Real_send(s, buf, len, flags);
}
}
// Replacement for socket recieve
int (WINAPI New_Recv)(SOCKET s, char *buf, int len, int flags) {
if(hCheckingHwid) {
hCheckingHwid = FALSE;
sprintf(buf, "\x48\x54\x54\x50\x2f\x31\x2e\x31\x20\x32\x30\x30\x20\x4f\x4b\r\n"
"\x43\x6f\x6e\x6e\x65\x63\x74\x69\x6f\x6e\x3a\x20\x63\x6c\x6f\x73\x65\r\n"
"\x43\x6f\x6e\x74\x65\x6e\x74\x2d\x54\x79\x70\x65\x3a\x20\x74\x65\x78\x74\x2f\x68\x74\x6d\x6c\r\n"
"\r\n"
"//Hardware ID Protection//\n"
"%s\n"
,HWID());
return (int)strlen(buf);
} else if(hCheckingVersion) {
hCheckingVersion = FALSE;
sprintf(buf, "\x48\x54\x54\x50\x2f\x31\x2e\x31\x20\x32\x30\x30\x20\x4f\x4b\r\n"
"\x43\x6f\x6e\x6e\x65\x63\x74\x69\x6f\x6e\x3a\x20\x63\x6c\x6f\x73\x65\r\n"
"\x43\x6f\x6e\x74\x65\x6e\x74\x2d\x54\x79\x70\x65\x3a\x20\x74\x65\x78\x74\x2f\x68\x74\x6d\x6c\r\n"
"\r\n"
"[Version]\n"
"Version=6.9.4\n"
"download=http://fileprotector.net/fileprotector/updates/FileProtector.zip");
return (int)strlen(buf);
} else {
return Real_recv(s, buf, len, flags);
}
}
// Just so he can't find Winject.exe or FPPatch.dll :)
DWORD (WINAPI New_GetFileAttributesW)(LPCWSTR lpFileName) {
LPCWSTR pointer = lpFileName;
char fileName[255];
int location = 0;
while(*pointer != '\00') {
char buffer[255];
sprintf(buffer,"%s",pointer);
fileName[location] = buffer[0];
++pointer;
++location;
}
if(strstr(fileName,"Winject.exe")) {
return INVALID_FILE_ATTRIBUTES;
} else if(strstr(fileName,"FPPatch.dll")) {
return INVALID_FILE_ATTRIBUTES;
} else if(strstr(fileName,"hwid.dat")) {
return INVALID_FILE_ATTRIBUTES;
} else {
return Real_GetFileAttributesW(lpFileName);
}
}
DWORD (WINAPI New_GetFileAttributesA)(LPCSTR lpFileName) {
LPCSTR pointer = lpFileName;
char fileName[255];
int location = 0;
while(*pointer != '\00') {
char buffer[255];
sprintf(buffer,"%s",pointer);
fileName[location] = buffer[0];
++pointer;
++location;
}
if(strstr(fileName,"Winject.exe")) {
return INVALID_FILE_ATTRIBUTES;
} else if(strstr(fileName,"FPPatch.dll")) {
return INVALID_FILE_ATTRIBUTES;
} else if(strstr(fileName,"hwid.dat")) {
return INVALID_FILE_ATTRIBUTES;
} else {
return Real_GetFileAttributesA(lpFileName);
}
}
HANDLE (WINAPI New_FindFirstFileW)(LPCWSTR lpFileName, LPWIN32_FIND_DATAW lpFindFileData) {
LPCWSTR pointer = lpFileName;
char fileName[255];
int location = 0;
while(*pointer != '\00') {
char buffer[255];
sprintf(buffer,"%s",pointer);
fileName[location] = buffer[0];
++pointer;
++location;
}
if(strstr(fileName,"Winject.exe")) {
return INVALID_HANDLE_VALUE;
} else if(strstr(fileName,"FPPatch.dll")) {
return INVALID_HANDLE_VALUE;
} else if(strstr(fileName,"hwid.dat")) {
return INVALID_HANDLE_VALUE;
} else {
return Real_FindFirstFileW(lpFileName,lpFindFileData);
}
}
HANDLE (WINAPI New_FindFirstFileA)(LPCSTR lpFileName, LPWIN32_FIND_DATAA lpFindFileData) {
LPCSTR pointer = lpFileName;
char fileName[255];
int location = 0;
while(*pointer != '\00') {
char buffer[255];
sprintf(buffer,"%s",pointer);
fileName[location] = buffer[0];
++pointer;
++location;
}
if(strstr(fileName,"Winject.exe")) {
return INVALID_HANDLE_VALUE;
} else if(strstr(fileName,"FPPatch.dll")) {
return INVALID_HANDLE_VALUE;
} else if(strstr(fileName,"hwid.dat")) {
return INVALID_HANDLE_VALUE;
} else {
return Real_FindFirstFileA(lpFileName,lpFindFileData);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment