楓之專業V115之無法用原因如下

in9955

[原創] 楓之專業無法使用原因　轉自http://a2337028.ikhost.tk/viewthread.php?tid=55&extra=page%3D1

楓之專業V115無法使用原因是....
真的被我猜中了...
無法過HS...注入器末更新....

在剛剛放學在浪漫找到煥大發的文了!
以下是給老鳥董製作外掛的人看的..

/* dr.cpp : Defines the entry point for the DLL application.
*****廣告網址!!!!請向板主檢舉!!!!*****: hi.baidu.com/maydayhuan
*/
#include "stdafx.h"
#include "resource.h"
#include "windows.h"
#include "tlhelp32.h"
#include "iostream.h"
#include "stdio.h"
struct debuger0{
DWORD addr;
DWORD dr;
DWORD caozuo;
};
LRESULT CALLBACK dlgx(HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam);
DWORD WINAPI ThreadProc( LPVOID lpParameter );
DWORD WINAPI debugProc( LPVOID lpParameter );
HINSTANCE hinst;
DWORD lst[100];
char mychar[50];
void ck(WORD wID, WORD wNF);
void* (__stdcall *AddVectoredExceptionHandlerx)(ULONG FirstHandler,void* VectoredHandler);
HANDLE (__stdcall *OpenThread)(DWORD dwDesiredAccess, BOOL bInheritHandle,DWORD dwThreadId);
debuger0 debuger1;
void RefreshThreadList (DWORD dwOwnerPID)
{
HANDLE hThreadSnap = NULL;
BOOL bRet = FALSE;
THREADENTRY32 te32 = {0};
int px=0;
// Take a snapshot of all threads currently in the system.
hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
//if (hThreadSnap == INVALID_HANDLE_VALUE)
// return ;
te32.dwSize = sizeof(THREADENTRY32);
if (Thread32First(hThreadSnap, &te32))
{
px=0;
do
{
if (te32.th32OwnerProcessID == dwOwnerPID&&dwOwnerPID!=0)
{
lst[px]=te32.th32ThreadID;
px++;
}
}
while (Thread32Next(hThreadSnap, &te32));
}
// OutputDebugString(":刷新线程");
CloseHandle (hThreadSnap);
}
BOOL APIENTRY DllMain( HINSTANCE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
CreateThread(NULL,255,ThreadProc,NULL,0,NULL);
hinst=hModule;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
void ck(HWND dlg,WORD id, WORD wm)
{
//////////////////////////////////////////////////////////////////////////
if(id==IDC_CHECK1)
{
if(IsDlgButtonChecked(dlg,id))
{
debuger1.addr=0x0095AFD3;
debuger1.caozuo=1;
debuger1.dr=0;
CreateThread(NULL,255,(LPTHREAD_START_ROUTINE)debugProc,NULL,0,NULL);
}else
{
debuger1.addr=0x0095AFD3;
debuger1.caozuo=0;
debuger1.dr=0;
CreateThread(NULL,255,(LPTHREAD_START_ROUTINE)debugProc,NULL,0,NULL);
}
}
//////////////////////////////////////////////////////////////////////////
}
LRESULT CALLBACK dlgx(HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam)
{
switch (message)
{
case WM_INITDIALOG:
return TRUE;
case WM_COMMAND:
WORD wID = LOWORD( wParam );
WORD wNF = HIWORD( wParam );
if(wID==IDCANCEL)
{
TerminateProcess(GetCurrentProcess(),0);
}
if(wNF=BST_CHECKED)
{
ck(hDlg,wID,wNF);
}
break;
}
return 0;
}
LONG WINAPI GPTUnhandledExceptionFilter(PEXCEPTION_POINTERS pExceptionInfo)
{
if(pExceptionInfo->ExceptionRecord->ExceptionCode==0x80000004)
{
if(pExceptionInfo->ExceptionRecord->ExceptionAddress==(PVOID)0x0095AFD3)
{
pExceptionInfo->ContextRecord->Eip=(DWORD)0x0095c475;
return EXCEPTION_CONTINUE_EXECUTION;
}
}
return EXCEPTION_CONTINUE_SEARCH ;
}
DWORD WINAPI ThreadProc(
LPVOID lpParameter // thread data
)
{
HINSTANCE slib=LoadLibrary("kernel32.dll");
*(FARPROC*) &AddVectoredExceptionHandlerx=GetProcAddress(slib,"AddVectoredExceptionHandler");
*(FARPROC*) &OpenThread=GetProcAddress(slib,"OpenThread");
AddVectoredExceptionHandlerx(1,GPTUnhandledExceptionFilter);
RefreshThreadList(GetCurrentProcessId());
//设置键盘钩子
DialogBox(hinst,(LPCTSTR)IDD_DIALOG1,NULL,(DLGPROC)dlgx);
return 1;
}
DWORD WINAPI debugProc(LPVOID lpParameter )
{
if(debuger1.caozuo==1)
{
//打开
RefreshThreadList(GetCurrentProcessId());
for(int i=0;i<100;i++)
{
if(lst==0)
{
break;
}
if(lst!=GetCurrentThreadId())
{
HANDLE thd=OpenThread(THREAD_ALL_ACCESS,true,lst);
SuspendThread(thd);
CONTEXT con;
con.ContextFlags=CONTEXT_CONTROL|CONTEXT_DEBUG_REGISTERS;
GetThreadContext(thd,&con);
if(debuger1.dr==0)
{
con.Dr0=debuger1.addr;
con.Dr7=con.Dr7|0x3;
}
if(debuger1.dr==1)
{
con.Dr1=debuger1.addr;
con.Dr7=con.Dr7|0xc;
}
if(debuger1.dr==2)
{
con.Dr2=debuger1.addr;
con.Dr7=con.Dr7|0x30;
}
if(debuger1.dr==3)
{
con.Dr3=debuger1.addr;
con.Dr7=con.Dr7|0xc0;
}
con.ContextFlags= CONTEXT_CONTROL|CONTEXT_DEBUG_REGISTERS;
SetThreadContext(thd,&con);
ResumeThread(thd);
}
}
}else
{
//关闭
//打开
RefreshThreadList(GetCurrentProcessId());
for(int i=0;i<100;i++)
{
if(lst==0)
{
break;
}
if(lst!=GetCurrentThreadId())
{
HANDLE thd=OpenThread(THREAD_ALL_ACCESS,true,lst);
SuspendThread(thd);
CONTEXT con;
con.ContextFlags=CONTEXT_CONTROL|CONTEXT_DEBUG_REGISTERS;
GetThreadContext(thd,&con);
if(debuger1.dr==0)
{
con.Dr0=debuger1.addr;
con.Dr7=con.Dr7&~0x3;
}
if(debuger1.dr==1)
{
con.Dr1=debuger1.addr;
con.Dr7=con.Dr7&~0xc;
}
if(debuger1.dr==2)
{
con.Dr2=debuger1.addr;
con.Dr7=con.Dr7&~0x30;
}
if(debuger1.dr==3)
{
con.Dr3=debuger1.addr;
con.Dr7=con.Dr7&~0xc0;
}
con.ContextFlags= CONTEXT_CONTROL|CONTEXT_DEBUG_REGISTERS;
SetThreadContext(thd,&con);
ResumeThread(thd);
}
}
}
debuger1.addr=0;
debuger1.caozuo=0;
debuger1.dr=0;
return true;
}

複製代碼

可過目前HS 設置硬件斷點 DR0-DR3。好了,該應對高考了。
嗯..想說點什麽呢，我估計ICS也差不多要拜拜了多個硬斷也無差.

以上是由浪漫流出
此由外掛天堂分享
我知道大家不懂我也不懂只知道過幾天就有外掛可以用了
因為這是新的注入器的dll.
友信去的自己慢慢研究吧~!

外掛天堂 - POST版權

外掛小黑哥該用戶已被刪除	外掛小黑哥 2010-5-15 09:24:31 提示: 作者被禁止或刪除內容自動屏蔽
外掛小黑哥該用戶已被刪除
	回覆使用道具舉報

外掛聯合國

[分享] 楓之專業V115之無法用原因如下

相關POST