1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
#pragma once
#include <Windows.h>
//Thanks to Rake for his scanning code
class Utility
{
public:
static char* ScanBasic(char* pattern, char* mask, char* begin, uintptr_t size)
{
uintptr_t patternLen = strlen(mask);
//for (int i = 0; i < size - patternLen; i++)
for (int i = 0; i < size; i++)
{
bool found = true;
for (int j = 0; j < patternLen; j++)
{
if (mask[j] != '?' && pattern[j] != *(char*)((uintptr_t)begin + i + j))
{
found = false;
break;
}
}
if (found)
{
return (begin + i);
}
}
return nullptr;
}
static char* Scan(char* pattern, char* mask, char* begin, uintptr_t size)
{
char* match{ nullptr };
DWORD oldprotect = 0;
MEMORY_BASIC_INFORMATION mbi{};
for (char* curr = begin; curr < begin + size; curr += mbi.RegionSize)
{
if (!VirtualQuery(curr, &mbi, sizeof(mbi)) || mbi.State != MEM_COMMIT || mbi.Protect == PAGE_NOACCESS) continue;
if (VirtualProtect(mbi.BaseAddress, mbi.RegionSize, PAGE_EXECUTE_READWRITE, &oldprotect))
{
match = ScanBasic(pattern, mask, curr, mbi.RegionSize);
VirtualProtect(mbi.BaseAddress, mbi.RegionSize, oldprotect, &oldprotect);
if (match != nullptr)
{
break;
}
}
}
return match;
}
static char* ScanProc(char* pattern, char* mask)
{
unsigned long long int kernelMemory = (sizeof(char*) == 4) ? 0x80000000 : 0x800000000000;
return Scan(pattern, mask, 0x0, (uintptr_t)kernelMemory);
}
static void CopyToClipboard(uint64_t addy)
{
char szBuffer[2048];
sprintf_s(szBuffer, "0x%llx", addy);
const char* output = szBuffer;
const size_t len = strlen(output) + 1;
HGLOBAL hMem = GlobalAlloc(GMEM_MOVEABLE, len);
memcpy(GlobalLock(hMem), output, len);
GlobalUnlock(hMem);
OpenClipboard(0);
EmptyClipboard();
SetClipboardData(CF_TEXT, hMem);
CloseClipboard();
}
};
|