Projektdateien hinzufügen.

EscapeTheBackroomsGUiTest/SigScan/memhack.cpp

@@ -0,0 +1,42 @@
+#include "memhack.h"
+
+//internal patch
+void Patch(char* dst, char* src, unsigned int size)
+{
+	DWORD oldprotect;
+	VirtualProtect(dst, size, PAGE_READWRITE, &oldprotect);
+	memcpy(dst, src, size);
+	VirtualProtect(dst, size, oldprotect, &oldprotect);
+}
+
+//external
+void PatchEx(char* dst, char* src, unsigned int size, HANDLE hProcess)
+{
+	DWORD oldprotect;
+	VirtualProtectEx(hProcess, dst, size, PAGE_READWRITE, &oldprotect);
+	WriteProcessMemory(hProcess, dst, src, size, NULL);
+	VirtualProtectEx(hProcess, dst, size, oldprotect, &oldprotect);
+}
+
+//Internal Nop
+void Nop(char* dst, unsigned int size)
+{
+	DWORD oldprotect;
+	VirtualProtect(dst, size, PAGE_READWRITE, &oldprotect);
+	memset(dst, 0x90, size);
+	VirtualProtect(dst, size, oldprotect, &oldprotect);
+}
+
+
+//External
+void NopEx(char* dst, unsigned int size, HANDLE hProcess)
+{
+	byte* nopArray = new byte[size];
+	memset(nopArray, 0x90, size);
+
+	DWORD oldprotect;
+	VirtualProtectEx(hProcess, dst, size, PAGE_READWRITE, &oldprotect);
+	WriteProcessMemory(hProcess, dst, nopArray, size, NULL);
+	VirtualProtectEx(hProcess, dst, size, oldprotect, &oldprotect);
+	delete[] nopArray;
+}

EscapeTheBackroomsGUiTest/SigScan/memhack.h

@@ -0,0 +1,14 @@
+#pragma once
+#include <Windows.h>
+
+//internal patch
+void Patch(char* dst, char* src, unsigned int size);
+
+//external
+void PatchEx(char* dst, char* src, unsigned int size, HANDLE hProcess);
+
+//Internal Nop
+void Nop(char* dst, unsigned int size);
+
+//External
+void NopEx(char* dst, unsigned int size, HANDLE hProcess);

EscapeTheBackroomsGUiTest/SigScan/patternscan.h

@@ -0,0 +1,42 @@
+#pragma once
+#include <Windows.h>
+#include <TlHelp32.h>
+#include "processtools.h"
+
+namespace Pattern
+{
+	//Split combo pattern into mask/pattern
+	void Parse(char* combo, char* pattern, char* mask);
+
+	namespace In
+	{
+		//Internal Pattern Scan
+		char* Scan(char* pattern, char* mask, char* begin, unsigned int size);
+
+		char* Mod(char *combopattern, Module*  module);
+
+		char* AllMods(char* combopattern);
+
+		char* Proc(char* combopattern);
+	}
+
+	namespace Ex
+	{
+		//External Wrapper
+		char* Scan(char* pattern, char* mask, char* begin, char* end, Process* process);
+
+		//Scan just a module
+		char* Mod(char* pattern, char* mask, Module* module);
+		//Overloaded Function for combopattern
+		char* Mod(char* combopattern, Module* module);
+
+		//Scan all modules from process
+		char* AllMods(char* pattern, char* mask, Process* process);
+		//Overloaded Function for combopattern
+		char* AllMods(char* combopattern, Process* process);
+
+		//Scan entire process
+		char* Proc(char* combopattern, Process* process);
+
+	}
+}

EscapeTheBackroomsGUiTest/SigScan/patterscan.cpp

@@ -0,0 +1,171 @@
+#include "patternscan.h"
+
+//Split combo pattern into mask/pattern
+void Pattern::Parse(char* combo, char* pattern, char* mask)
+{
+	unsigned int patternLen = (strlen(combo) + 1) / 3;
+
+	for (unsigned int i = 0; i < strlen(combo); i++)
+	{
+		if (combo[i] == ' ')
+		{
+			continue;
+		}
+
+		else if (combo[i] == '?')
+		{
+			mask[(i + 1) / 3] = '?';
+			i += 2;
+		}
+
+		else
+		{
+			char byte = (char)strtol(&combo[i], 0, 16);
+			pattern[(i + 1) / 3] = byte;
+			mask[(i + 1) / 3] = 'x';
+			i += 2;
+		}
+	}
+	pattern[patternLen] = '\0';
+	mask[patternLen] = '\0';
+}
+
+//Internal Pattern Scan
+char* Pattern::In::Scan(char* pattern, char* mask, char* begin, unsigned int size)
+{
+	unsigned int patternLength = strlen(pattern);
+
+	for (unsigned int i = 0; i < size - patternLength; i++)
+	{
+		bool found = true;
+		for (unsigned int j = 0; j < patternLength; j++)
+		{
+			if (mask[j] != '?' && pattern[j] !=*(begin + i + j))
+			{
+				found = false;
+				break;
+			}
+		}
+		if (found)
+		{
+			return (begin + i);
+		}
+	}
+	return nullptr;
+}
+
+char* Pattern::In::Mod(char *combopattern, Module* module)
+{
+
+
+}
+
+char* Pattern::In::AllMods(char* combopattern)
+{
+
+}
+
+char* Pattern::In::Proc(char* combopattern)
+{
+
+}
+
+//External Wrapper
+char* Pattern::Ex::Scan(char* pattern, char* mask, char* begin, char* end, Process* process)
+{
+	char* currentChunk = begin;
+	SIZE_T bytesRead;
+
+	while (currentChunk < end)
+	{
+		char buffer[4096]; //char * buffer[4096];?
+
+		DWORD oldprotect;
+		VirtualProtectEx(process->handle, currentChunk, sizeof(buffer), PROCESS_VM_READ, &oldprotect);
+		ReadProcessMemory(process->handle, currentChunk, &buffer, sizeof(buffer), &bytesRead);
+		VirtualProtectEx(process->handle, currentChunk, sizeof(buffer), oldprotect, NULL);
+
+		if (bytesRead == 0)
+		{
+			return nullptr;
+		}
+
+		char* internalAddress = In::Scan(pattern, mask, (char*)&buffer, bytesRead);
+
+		if (internalAddress != nullptr)
+		{
+			//calculate from internal to external
+			uintptr_t offsetFromBuffer = internalAddress - (char*)&buffer;
+			return (currentChunk + offsetFromBuffer);
+		}
+		else
+		{
+			//advance to next chunk
+			currentChunk = currentChunk + bytesRead;
+		}
+	}
+	return nullptr;
+}
+
+//Module wrapper for external pattern scan
+char* Pattern::Ex::Mod(char* pattern, char* mask, Module* module)
+{
+	return Scan(pattern, mask, (char*)module->modBaseAddr, (char*)module->modBaseAddr + module->modBaseSize, module->process);
+}
+
+//loops through all modules and scans them
+char* Pattern::Ex::AllMods(char* pattern, char* mask, Process* process)
+{
+	MODULEENTRY32 modEntry = { 0 };
+	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, process->th32ProcessID);
+	if (hSnapshot != INVALID_HANDLE_VALUE)
+	{
+		modEntry.dwSize = sizeof(MODULEENTRY32);
+		if (Module32First(hSnapshot, &modEntry))
+		{
+			do
+			{
+				char* patternAddress = In::Scan(pattern, mask, (char*)modEntry.modBaseAddr, modEntry.dwSize);
+				if (patternAddress != nullptr)
+				{
+					CloseHandle(hSnapshot);
+					return patternAddress;
+				}
+			} while (Module32Next(hSnapshot, &modEntry));
+		}
+		CloseHandle(hSnapshot);
+	}
+	return nullptr;
+}
+
+//Combo External Module
+char* Pattern::Ex::Mod(char* combopattern, Module* module)
+{
+	unsigned int patternLen = ((strlen(combopattern) + 1) / 3) + 1;
+	char* pattern = new char[patternLen];
+	char* mask = new char[patternLen];
+
+	Parse(combopattern, pattern, mask);
+
+	char* match = Pattern::Ex::Mod(pattern, mask, module);
+	
+	delete[] pattern;
+	delete[] mask;
+	return match;
+}
+
+//Combo External Process
+char* Pattern::Ex::AllMods(char* combopattern, Process* process)
+{
+	unsigned int patternLen = ((strlen(combopattern) + 1) / 3) + 1;
+	char* pattern = new char[patternLen];
+	char* mask = new char[patternLen];
+
+	Parse(combopattern, pattern, mask);
+
+	char* match = AllMods(pattern, mask, process);
+
+	delete[] pattern;
+	delete[] mask;
+	return match;
+}

EscapeTheBackroomsGUiTest/SigScan/processtools.cpp

@@ -0,0 +1,102 @@
+#include "processtools.h"
+#include <stdlib.h>
+#include <tchar.h>
+
+//Convert char* to wchar_t*
+wchar_t* TO_WCHAR_T(char* string)
+{
+	unsigned int len = strlen(string) + 1;
+	wchar_t* wc_string = new wchar_t[len];
+	unsigned int numCharsRead;
+	mbstowcs_s(&numCharsRead, wc_string, len, string, _TRUNCATE);
+	return wc_string;
+}
+
+//Convert wchar_t* to char*
+char* TO_CHAR(wchar_t* string)
+{
+	unsigned int len = wcslen(string) + 1;
+	char* c_string = new char[len];
+	unsigned int numCharsRead;
+	wcstombs_s(&numCharsRead, c_string, len, string, _TRUNCATE);
+	return c_string;
+}
+
+//Get Process by name
+bool Process::Get(TCHAR* exeName, PROCESSENTRY32& procEntry)
+{
+	procEntry = { 0 };
+	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
+
+	if (hSnapshot)
+	{
+		procEntry.dwSize = sizeof(procEntry);
+
+		if (Process32First(hSnapshot, &procEntry))
+		{
+			do
+			{
+				if (!_tcscmp(procEntry.szExeFile, exeName))
+				{
+					CloseHandle(hSnapshot);
+					bValid = true;
+					return true;
+				}
+			} while (Process32Next(hSnapshot, &procEntry));
+		}
+	}
+	CloseHandle(hSnapshot);
+	return false;
+}
+
+Process::Process(TCHAR* exeName)
+{
+	this->name = exeName;
+	Get(exeName, *this);
+}
+
+bool Process::Attach()
+{
+	handle = OpenProcess(PROCESS_ALL_ACCESS, NULL, th32ProcessID);
+
+	if (handle)
+	{
+		return true;
+	}
+	else return false;
+}
+
+Module::Module(Process* process, TCHAR* moduleName)
+{
+	this->name = moduleName;
+	this->process = process;
+	Get(process, moduleName, *this);
+}
+
+bool Module::Get(Process* process, TCHAR* moduleName, MODULEENTRY32 &modEntry)
+{
+	modEntry = { 0 };
+
+	HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE | TH32CS_SNAPMODULE32, process->th32ProcessID);
+
+	if (hSnapshot != INVALID_HANDLE_VALUE)
+	{
+		modEntry.dwSize = sizeof(MODULEENTRY32);
+
+		if (Module32First(hSnapshot, &modEntry))
+		{
+			do
+			{
+				if (!_tcscmp(modEntry.szModule, moduleName))
+				{
+					CloseHandle(hSnapshot);
+					bValid = true;
+					return true;
+				}
+			} while (Module32Next(hSnapshot, &modEntry));
+		}
+		CloseHandle(hSnapshot);
+	}
+	bValid = false;
+	return false;
+}

EscapeTheBackroomsGUiTest/SigScan/processtools.h

@@ -0,0 +1,40 @@
+#pragma once
+#include <Windows.h>
+#include <TlHelp32.h>
+#include <vector>
+
+class Module;
+
+class Process : public PROCESSENTRY32
+{
+public:
+	TCHAR* name;
+	HANDLE handle = 0;
+	bool bValid = false;
+
+	//std::vector<Module>* modules;
+
+	Process(TCHAR* exeName);
+	bool Get(TCHAR* exeName, PROCESSENTRY32 &procEntry);
+	bool Attach();
+};
+
+class Module : public MODULEENTRY32
+{
+public:
+	TCHAR* name;
+	bool bValid = false;
+	Process * process;
+
+	Module(Process* process, TCHAR* moduleName);
+	bool Get(Process* process, TCHAR* moduleName, MODULEENTRY32 &modEntry);
+};
+
+
+//String conversion snippets
+
+//Convert char* to wchar_t*
+wchar_t* TO_WCHAR_T(char* string);
+
+//Convert wchar_t* to char*
+char* TO_CHAR(wchar_t* string);