Steve8x
-
Posts
181 -
Joined
-
Last visited
Posts posted by Steve8x
-
-
did both before i posted. it doesnt goto screensaver. it just goes back to the login.
Well I think I have a solution for you, although its a little unorthodox I think it will work!
Basically the idea is this. Every few minutes an app I made uses SendInput to simulate you pressing a key on your keyboard. This should keep Vista from locking you out. Since the gamepad button pressing doesn't register as keys being pressed. But your keyboard does!
So all you need to do is provide the key you want pressed, currently (a-z) only... and how many minutes between pressing the key.
Both parameters are optional but if they aren't provided the default values are used. default character is a, default time is 3 minutes...
So how long about does it take for it to lock you out? if 5 minutes I would do 4, etc... What is a key that is unused by your game? pick one that is unused so that the key being pressed every few minutes does not effect your gameplay.
So say your 'A' key is being used for a button in the game you won't want to use that. There are several ways of passing my app parameters. But here's probably the easiest one that you'll want to use.
Usage: GameHelper [-c character] [-m minutes]
Create a batch file (.bat/.cmd) in the same folder as "GameHelper.exe"
it should contain something like this:
GameHelper -c h -m 4
where "h" is the character it will type every "4" minutes!
change it to a character unused and a time which it will type the character before you get locked out!
As a test you could open up notepad and run Game Helper with -m 0 and character doesn't matter
Then set notepad as your active window, if you see the character constantly being written into the notepad window you can know that it will work! (I've only tested this on XP, not Vista)
Source Code And Binary: (the executable is in the release folder)
http://popeax.com/download/apps/GameHelper.zip
[GameHelper.cpp]
#include "GameHelper.h" char characterx = 'a'; // default character int minutesx = 3; // default minutes int main(int NumParams, char* Params[]) { system("color 0A"); SetConsoleTitleA("Game Helper! - Made For RogueHart"); printf("Annoyed with Vista locking you out of your game every few minutes?\n"); printf("Well thats why Game Helper is here to help you get your game on and keep it on!\n"); printf("Here's how to use:\n"); printf("GameHelper [-c character] [-m minutes]\n"); printf("ex. GameHelper -c r -m 4"); printf("\nWhere as 'R' will be the key pressed every '4' minutes :P"); for(int i = 1; i < NumParams; i++) { if(strcmp(Params[i], "-c") == 0) { characterx = *Params[i+1]; } if(strcmp(Params[i], "-m") == 0) { minutesx = atoi(Params[i+1]); } } for(;; Sleep(10)) { ticks++; if(ticks == 100) { ticks = 0; seconds++; } if(seconds == 60) { seconds = 0; minutes++; } if(minutes == minutesx) { minutes = 0; SendKey((UCHAR)VkKeyScanA(characterx)); } } return 0; } void SendKey(BYTE vKey) { INPUT* Input = new INPUT; ZeroMemory(Input, sizeof(Input)); Input->type = INPUT_KEYBOARD; Input->ki.dwFlags = KEYEVENTF_EXTENDEDKEY; Input->ki.wVk = vKey; SendInput(1, Input, sizeof(INPUT)); delete Input; }Its worth a shot :)
-
I like the becks oktoberfest but not the original :P
Anyway I really didn't mind the becks advertisements! not at all !
-
Yes you can!!
I have done so with my U3 drive.
It has backtrack 3 bootable, where as If I plug it into a computer(thats capable of booting from USB) and turn on the computer, and select boot from USB on the boot menu (after pressing the right key usually F12) it will boot up backtrack 3 instead of the host OS.
Also if I plug my device into any Windows XP machine my custom ISO will autorun my app. (it doesn't work on vista though)
So yes its possible to make your drive bootable, and still have your U3 autorun intact for windows machines...
With backtrack 3 its simple to set the drive up to boot, follow the instructions. Just make sure you change the MBR of your USB drive not anything else!!
-
Version 2.1 is now released... I divided the project up into separate files and used include guards in my headers! ;)
It should now go along with C++ standards...
And I must say I like it better this way :)
Also it just might work on Vista now that I've improved the code as well...
@CrashAndDie:
Yes I was aware I was using old fashioned C-Style casts.
I find this easier to write
foo = (bar*)foobar;
than
foo = reinterpret_cast<bar*>foobar;
I will use the newer casts though. But newer C++ casts basically do the same thing a C casts?, just if problems arise in your app, if you used the C++ casts, those problems would be easier to find.
Check out my new project organization:
[root@127.0.0.1] $ ls BitstreamFont.h M'SpaceJuke.h VeraMono.ttf EasyControls.cpp M'SpaceJuke.vcproj base64.cpp EasyControls.h M'SpaceJuke.vcproj base64.h EasySockets.cpp Release mspace.ico EasySockets.h StrFunctions.cpp resource.h M'SpaceJuke.cpp StrFunctions.h rsrc.rc [Thu Oct 30 - 01:08:48] ~/My Documents/Visual Studio 2008/Projects/M'SpaceJuke/M'SpaceJuke
I am still using char* however... but only because I can't seem to figure out, or find anywhere on the web that says how to read a file into a std::string, or recieve a buffer from winsock in a std::string
for example, if I'm reading a file normally I do it like so:
DWORD fileSize = 0; char* filebuffer = new char[1000]; FILE* f = fopen("somefile.txt", "rb"); fileSize = GetFileSize(f); fread(filebuffer, fileSize, 1, f);now say I didn't want to use char* and wanted to use std::string instead? I could create an std::string from the char* but that would defy the point. I would still be using char* to read the file!! And it would be wasteful having two things of the same in memory at once... (although you could free the memory for the char* but still)
So is it even possible to read from a file into a std::string?
-
Does anybody know if most firewalls block tcp by default?
I was wondering if it might be a possibility for transferring switchblade logs.
Thanks.
Hardware firewalls block all incoming connections by default.. You specify what incoming ports you want open to what computers are running servers(port forwarding)
Software firewalls are what you have to worry about... They block outgoing connections as well!
Sending email is a no no as most anti-virus / software firewalls detect it and show the contents of the email being sent and to allow it or not.
FTP? nah you don't want to embed your login and password into a program...
So what is a good way thats undetectable and will work even if both software and hardware firewalls are in place?
HTTP POST.
Even if you have a software and hardware firewall, chances are you aren't going to block port 80 outgoing. Its needed for basic web functionality. You wouldn't be able to browse the web if it was blocked.
All thats required is a free web host which offers php + mysql. You have a program read the log file and post the data to a server sided php script. The script then inserts the data into the database ;)
You probably haven't seen it since its on the low on the second page now.
http://hak5.org/forums/index.php?showtopic=9644
Its almost guaranteed that port 80 is open, and its the most undetectable method. Therefore I think it's the best way
-
I personally like eBay, except for the stupid bots that go around and bid on stuff that just jacks up the prices.
bots? no way.. There are instances when people team up and like say your my friend and you have an ebay account too. And I told you to bid on my item to make it go higher... Those happenings do get figured out by ebay though, when a person is always bidding on a certain persons items...
But bots? I mean who would use their account in some bot program? to randomly bid on items?? I surely wouldn't! what would bidding on random items do for me? nothing just leave me with a bunch of junk I wouldn't want if the auctions won!
When you bid on an item you are binded to paying for it if you are the winner! If there were any people using "bots" they would be kicked off of ebay pretty quickly after having many non paying bidder complaints, and they would not gain anything by it either! So I don't understand why you would say "bots"
-
I'm pretty sure it's legal to make one backup, but not to download other copies of the game.
Sure ya can... As long as you own a copy of the original game (the same game your downloading) its fine! CD's get scratched! we all know that. Its normal wear and tear. If a CD gets too scratched up it no longer works good anymore! Maybe not at all! This is why you should make a backup before it gets scratched. Keep the original new and with no scratches and play with the copy. When the copy is scratched to hell, then make another one with the original
:P Its a way to protect your purchase of the game!
-
Well you should setup an SSH server on your box at home, so that way you could have all your traffic secured! Your bypassing the filter in place, but still a sniffer could see all your packets in plain text! your not doing it safely! That would also kill 2 birds with one stone because then since your ssh'd into your box and tunneling your traffic, you could also run the shutdown command from bash/command prompt!
I recommend MobaSSH as I like it the best... Make sure to portforward ;)
setting up the SSH tunnel is easy, I'll help you if you can't quite grasp it...
For a temporary solution as thegubble suggested, copy a php file to your web server(yet another reason you should have SSH setup so you could remotely manage your webserver securely[sFTP/SCP]) which will execute the shutdown command on your machine at home.
Here's an example script I just wrote. Basically it shows you an Admin Login form when you first go to it! You'll have to supply the username and password stored in this file correctly to actually log in. The default is "root" and "1234", so change that and remember it! You'll need that info to shutdown your PC...
Once you type your login info and submit it. The username and the password are hashed together with SHA1, the generated hash is then compared to the valid login hash. If they match then you typed your password correct and you can continue!
After being logged in you'll see the page looks like this:
It has the auto-filled shutdown command about the way you'd want it! you can tweak it a little if desired before hitting Execute!. You could actually run another command to... but be careful, commands that don't finish immediately lag the script. Don't try to run GUI apps at all!
<?php $Self = $_SERVER['PHP_SELF']; if(isset($_GET['reset'])) //Delete the cookie, effectively logging you out... { $blank = ""; setcookie("shutdownaccess", $blank, time()-300); echo "<meta http-equiv='refresh' content='0;url=$Self'>"; } if(isset($_POST['auth'])) { $user = $_POST['user']; $pass = $_POST['pword']; $logininfo = "$user-$pass"; //store the username + password cookie as a SHA1 hash so they aren't in plaintext! $loginhash = SHA1($logininfo); setcookie("shutdownaccess", $loginhash, time()+300); // 300 seconds = 5 minutes echo "<meta http-equiv='refresh' content='0;url=$Self'>"; } ?> <html> <head> <title>Remote Shutdown Of My PC :)</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <center> <?php //change these!! //you will need this info to login $USER = "root"; $PASSWORD = "1234"; //if no cookie is set, then show the login page if(!isset($_COOKIE['shutdownaccess'])) { echo "<h1> Admin Login: </h1>"; echo "<p><form method='post' action='$Self'>"; echo "<table border='2' cellspacing='2' cellpadding='0'><tr>"; echo "<td>Username: </td><td> <input name='user' type='text' id='user'> </td> </tr>"; echo "<td>Password: </td><td> <input name='pword' type='password' id='pword'></td></tr> </table>"; echo "<p> <input type='submit' name='auth' id='auth' value='Login'>"; echo "</form>"; die(); } else { //otherwise validate the username and password stored in the cookie! $loginhash = $_COOKIE['shutdownaccess']; $validlogin = "$USER-$PASSWORD"; $validloginhash = SHA1($validlogin); if($validloginhash != $loginhash) { echo "<h2>INVALID HASH!</h2><h3>$loginhash</h3>"; echo "Bad Username Or Password!<p>"; echo "<a href=\"$Self?reset=1\"> Try Again </a>"; exit(); } if(isset($_POST['execute'])) { $cmdline = $_POST['cmdline']; system($cmdline); } echo "<a href=\"$Self?reset=1\"> Logout </a>"; echo "<h1> Remote Shutdown </h1>"; echo "<form method='post' action='$Self'>"; echo "<input type='text' name='cmdline' value='shutdown -s -t 1 -c \"Shutting Down!\" -f' size='50'><p>"; echo "<input type='submit' name='execute' value='Execute!'>"; echo "</form>"; } ?> -
I thought olly only decompiled code to assembly. It can decompile to C++? PLEASE Let me know how or PM me link to a tutorial. thanks
No olly doesn't "decompile"... it disassembles! Its a disassembler/debugger. It's impossible to go from a compiled executable back to the source code of which it was compiled in...
If it was coded in pure assembly though to begin with, then looking at it in olly will be like looking at the source code :P
-
Thanks for all the help! It's working great.
Now I'm having problems with strings... I was going to do all the string manipulation inside the lf2.exe, but I figured since I'm already using a dll it'd probably be better to do it there.
Sadly c++ doesn't play nice with strings like java ( or c#).
In java I could probably do :
{ GetWindowTextA(hModName, ModName, 260); *(BYTE*)0x459F78 = 0x00; String Load = "\\mods\" + ModName "\\cfg.txt"; ShowWindow(hwnd, SW_HIDE); }Now I've been trying to do this for ages in c++ with no success.
I tried all these weird things with buffers and sprintf (I'm guessing I was creating an array of chars to hold a string), that failed horribly.
Then I tried to use #include <string> , which I'm guessing is the class that deals with strings in c++ and tries to make it easier. I did get the program to compile but it would just crash when it got to the part where it had to manipulate the string.
Hopefully this is some simple thing that I'm missing, since when I was reading up on GetWindowTextA I saw it returned the length of the string or something... Really confused me.
Help anyone!
Well you could use the string class, but you don't have to!
what you could do is either use strcat to connect the strings together into 1 string! or you could use sprintf to format the string the way you'd want it! sprintf is the better method! I use sprintf all the time its a very useful function!
Basically it formats data(integers, floating point variables, strings, etc) into a string...
%s means string, %i means integer, %f means float...
heres a reference: http://www.cplusplus.com/reference/clibrar...io/sprintf.html
you should be able to figure out how the function works!
Here's an example app I made which demonstrates its usage...
http://www.mediafire.com/file/rmn4u10jzay/...inipulation.zip
You type something when it prompts you for a mod name, then it formats it into the string using sprintf, and also does the second way of attaching the strings with strcat.
#include <windows.h> #include <stdio.h> char* ModName = new char[260]; char* output = new char[260]; char* output2 = new char[260]; int main() { SetConsoleTitleA("C++ String Formatting Example"); system("color 0A"); printf("Enter Mod Name: "); gets(ModName); //sprintf formats different types of data into a null terminated c string //%s means you want to format a string in there, %i means format an integer, etc... //sprintf is for any type of app, it stores the output in a string :P sprintf(output, "\\mods\\%s\\cfg.txt", ModName); //printf is for console apps writing to the console window //printf("Formatted Path: \\mods\\%s\\cfg.txt", ModName); printf("\n\nFormatted Path: %s\n\n", output); //strcat attaches the second string at the end of the first string //start out with something in the string like so... strcpy(output2, "\\mods\\"); //now attach the ModName strcat(output2, ModName); //and attach the last part strcat(output2, "\\cfg.txt"); printf("Formatted Path 2nd: %s\n\n", output2); printf("\n\nAs you can see, both methods result in the same final string;)\n"); system("pause"); delete[] ModName; delete[] output; delete[] output2; return 0; } -
right click your project
click properties
click the C/C++
then click Code Generagation
then find Runtime Library choose Multithreaded
this will make it not dependent on dlls
and will make it very portable
i hope this is what you meant
I too share the same frustration as Reflux! That apps created in VC++ 2008 are dependent on the 2008 package when they really shouldn't be! You could code the same app in Dev C++ and it wouldn't have the dependency!
Why can't I find a "C/C++" or "Runtime Library" on my project properties?
I checked the whole tree view! Can't locate it!
Does it matter that my app is a Win32 GUI app? It shouldn't!!!!
This is the only thing holding me back from using VC++ instead of Dev! I like VC++ more than Dev, but I don't like using it with the dependency!
EDIT: ok I found the "C/C++" now! You have to add at least 1 .cpp source file to your project (I had just created a new project and hadn't done so yet)
However I'm still unsure if this is really the way to not become dependent on the package anymore!
I was going to change it to multi-threaded however, it was already selected! and dropping down the list to see the choices, there is only multi-threaded choices! ??
EDIT: OK i've just created a test console app which just prints something to the console when ran from cmd.exe... I build it as a release build changing the option to (multi-threaded /MT) the program successfully ran and spat out some text on a computer which does not have VC++ 2008 package installed or VC++ it self...
changing the options to (multi-threaded DLL /MD) made it not work! instead it said this program could not be executed! or something like that!
So thanks mouse! it really does work :P
-
I got it to work using my method !
My code is probably crap, but yeah... I tried to get the window to close after you press okay... Sadly it didn't work for me.
Heres the download (includes the compiled dll and the modified exe needed to make it work):
I've played around with it and yeah your method is better. Because you don't have to mess around with coordinates, the game tells you whether the option was clicked or not! And it even makes that cool noise when you click it unlike my workaround...
Your code was not terrible, not at all and you had it almost right!
There were a couple issues with what you did. First by trapping the game in an infinite loop
with this assembly code here:
0044645B C605 789F4500 >MOV BYTE PTR DS:[459F78],1 \\ moves 1 to 459F78 (just a random place i choose) 00446462 803D 789F4500 >CMP BYTE PTR DS:[459F78],1 \\ checks if 459F78 = 1 00446469 ^74 F7 JE SHORT mod_load.00446462 \\ jumps back to the cmp above if it is 1(basically an infinite loop) 0044646B ^E9 9418FEFF JMP mod_load.00427D04 \\ jumps out of the codecave to the rest of the code
Now the game is frozen, trying to do anything in the game it will not respond. The mod loader window however works, but also because that value 459F78 is equal to 1 this code in the dll will run constantly as well...
if(*(BYTE*)0x459F78 == 1) { RelocateWindow(250, 200); ShowWindow(hwnd, SW_SHOW); Sleep(250); }so it will be kind of annoying the window constantly being moved and unhidden every 250 milliseconds. If the user wanted to cancel loading a mod he would not be able to! and the game would be frozen until he either loaded a mod or ended task on the game! I don't think that's how you'd want it!
So to prevent the game locking up, and the mod loader window from being unable to close it
You simply change that if so that it sets that address 0x459F78 back to zero :P
so here's the new code:
void MouseClickHandler() { for(;; Sleep(10)) // indefinate loop, so you need at least a sleep(10) in there for anti-lag since were using getasnyckeystate { if(*(BYTE*)0x459F78 == 0x01) { //set it back to zero so the game doesn't freeze in that infinite loop you made! //and so this "if" isn't always true other wise it will keep showing the window and moving it *(BYTE*)0x459F78 = 0x00; RelocateWindow(250, 200); ShowWindow(hwnd, SW_SHOW); Sleep(250); } } }Now adding that 1 simple line there without changing anything else, solves both issues! The game no longer locks up, and the window can be closed by hitting [X], and it wont show up again unless load mod is clicked once again.
Now making the window hide when the "OK" button is pressed is easy too!
heres what you had:
case WM_COMMAND: if(wParam == 420) { GetWindowTextA(hModName, ModName, 260); *(BYTE*)0x459F78 = 0x00; WM_CLOSE; }first off you can remove the "*(BYTE*)0x459F78 = 0x00;" line because by this time it is already zero... when the user clicked the load mod button it set this address's value to 1 as a trigger. The dll is constantly checking for it to be 1 so when it is, it triggers the show window code and then sets it back to zero to reset it so it can do the same thing over...
Next you had it somewhat close
WM_CLOSE
but you CAN'T just write that, its a window message! You CAN send it to the mod loader window with...
SendMessage(hwnd, WM_CLOSE, 0, 0);
hwnd being the window handle of the mod loader window
but take a peak in the code under WM_CLOSE
case WM_CLOSE: //if the user hits [X] to close the window just hide it instead of destroy it! ShowWindow(hwnd, SW_HIDE); RelocateWindow(250, 200); break;
this is the line which hides the window:
ShowWindow(hwnd, SW_HIDE);
So you could use either one, both will call ShowWindow either directly or indirectly it doesn't matter :P
So modify the code like so, and you'll result in a dll like this:
http://www.mediafire.com/file/a4lirhmzmdy/ModLF2_GOOD.zip
test it out :P i think that's how you wanted it. I made no modifications to your exe only the dll!
-
I think I found a way to get this to work.
00446438 393D 80754500 CMP DWORD PTR DS:[457580],EDI \\ check if mouse is clicked 0044643E ^0F85 C018FEFF JNZ mod_load.00427D04 \\ if not clicked then just skip all this code 00446444 391D 60D04400 CMP DWORD PTR DS:[44D060],EBX \\ I'm guessing another check if mouse is clicked 0044644A ^0F85 B418FEFF JNZ mod_load.00427D04 \\ if not clicked this skip all this code 00446450 53 PUSH EBX \\ sound stuff 00446451 B9 10564500 MOV ECX,mod_load.00455610 \\ sound stuff 00446456 E8 D5B5FBFF CALL mod_load.00401A30 \\ sound stuff 0044645B C605 789F4500 >MOV BYTE PTR DS:[459F78],1 \\ moves 1 to 459F78 (just a random place i choose) 00446462 803D 789F4500 >CMP BYTE PTR DS:[459F78],1 \\ checks if 459F78 = 1 00446469 ^74 F7 JE SHORT mod_load.00446462 \\ jumps back to the cmp above if it is 1(basically an infinite loop) 0044646B ^E9 9418FEFF JMP mod_load.00427D04 \\ jumps out of the codecave to the rest of the code
The idea is the dll will constantly check 459F78 to see if it is 1, if it is then the dialog box will appear. After the user presses the okay button it it will write 0 to 459F78 (which will then stop the loop so little fighter can keep running normally).
Now the only problem is I don't know how to read the memory using a dll. I remember there was a windows api to do such a thing (I believe it was something like ReadProcessMemory), but will that work inside a dll? And isn't there a better to do it (since the dll should be sharing the applications memory, I'm guessing the api isn't needed ).
Edit : Ouch, looks like we were both typing at the same time :P . Your solution looks better than mine. Thank you for all the help man. I'll try and get this all working :D
Well actually yours is better if its the right place that checks whether the mouse is clicked on your load mod option! I'll tinker with it to see if I can get your method to work! 2 ways is better than 1 way ;)
Yeah when your inside a process's address space either from within a dll or just plain inside of it (where your modifying the exe just like your doing) You could use readprocessmemory but since you don't need to its best not to use it!
Instead deal directly with the memory!
ReadProcessMemory just reads a process's memory and copies it into a buffer of your choice! but you already have your boolean value stored in a buffer (a 1 byte buffer lol)
459F78
you deal with memory exactly how your doing it!
in assembly:
MOV BYTE PTR [459F78], 1
in c++:
*(BYTE*)0x459F78 = 1;
in assembly:
CMP BYTE PTR [459F78], 1
JE mouseclicked
JNE mousenotclicked
in c++:
if(*(BYTE*)0x459F78 == 1)
{
goto mouseclicked;
}
else
{
goto mousenotclicked;
}
Putting This: (BYTE*)
means that you want to treat what you put after it as a pointer to a byte(1byte/8bits)...
Putting This: (DWORD*)
means you want to treat whats after as a pointer to a DWORD(4bytes/32bits)
There is also (WORD*)
so writing this
(BYTE*)0x459F78
means your casting 459F78 as a pointer to a byte. you could cast it as a WORD if you wanted to modify two bytes at that address instead of one, or a dword to modify 4 bytes.
to modify whats at that address though since we are dealing with a pointer here, you have to dereference it!
thats where the star * comes into play
put it before the cast
so
*(BYTE*)0x459F78 = 0x01;
means we are changing the byte pointed to by address 0x459F78 to binary 01
I think you'll figure it out just look at some of the code and it'll make sense :P
Thats what coding is about really, just moving little bits and bytes around... You can't move more than 32 bits at once (well at least in the 32bit world) You can however move them around one after another in like a loop :P
what I mean by that is say for example you wanted to clear a 1000 byte block of memory (and lets pretend functions to do so didnt exist)
you'd have to make your own function... you can't just write 1 instruction which will zero out the 1000 bytes. Since you can only work with a max of 32 bits (4 bytes) at a time...
here's what I came up with. use it like "ClearMemory(pointertomemtoerase, sizeofmemtoerase);"
it starts zeroing out the memory 4 bytes at a time so long as there are 4 or more bytes left to zero out! then once theirs less than 4 bytes it just finishes it off with 1 byte at a time... So which way is faster? zeroing out all the bytes 1 byte at a time? or zeroing it out 4 bytes at a time until you can't anymore? I'll let you decide :P
void ClearMemory(void* memblock, DWORD blocksize) { DWORD i = 0; DWORD bytesleft = 0; while(i < blocksize) { bytesleft = blocksize - i; if(bytesleft >= 4) { *(DWORD*)&memblock[i] = 0; i += 4; } else { *(BYTE*)&memblock[i] = 0; i++; } } } -
Hi steve8x. I have already added the option to the menu with a bit of exe hacking (sorry if I haven't made that clear before). Heres the exe you can see it for your self.
http://www.mediafire.com/?oeejw9tdjqz
(Nothing actually happens when you press Load Mod, didn't have the time to code that bit yet but it is easy enough) My poorly written code starts at 00446334.
I'm quite proficient in dissembling/debugging/cracking (what ever you feel like calling it). I've never used the LoadLibaryA api though, but I kind of get how it works.
Everything is starting to look good now, the only problem I see is how will the dll know when the button is pressed? If it was an export function all I'd have to do is type "CALL ADDRESS" in the part of the code which deals with what happens when the button is clicked.
There is also another really small disadvantage to using your method, since it runs in a seperate thread, lf2 will keep running while you are suppoused to enter the mod name. Not to much of an issue though, I have an idea on how to get around that (involves an infinite loop until the mod is entered :D ).
PS: Thanks for being so helpful! Last time I was doing this no one even bothered to (probably should of asked on the hak5 forums :P ).
Edit: Yes, this thread has lots of awesome code in it which I might reuse for other things (with credit of course :P).
How will the dll know when the button is pressed? well I don't know where in the game code gets executed when you click the load mod option... But I have thought of a work around!
Basically when the mouse is clicked, you get the mouse pointers coordinates, then convert them to the coordinates relevant to the games window, then if they are within a certain boundary (the load mod option) unhide the window! if not do nothing! All of this is done from within the dll...
I've changed the dll's source code so it no longer has a hotkeyhandler (for the f12 press) but instead has a mouse click handler!
There is also another really small disadvantage to using your method, since it runs in a seperate thread, lf2 will keep running while you are suppoused to enter the mod name. Not to much of an issue though, I have an idea on how to get around that (involves an infinite loop until the mod is entered :D ).I don't get what you mean really... How is that a disadvantage? Doesn't the game have to be running for you to load a mod for it? Even your load mod option on the menu is only clickable if the game is running lol... The game should be kept running (unless it has to quit to load a mod? is that the case? if so you'll have to make a seperate module then! [an exe] since once you terminate lf2 your dll will be ejected! and any threads it had running will be terminated :P)
Anyway check my previous post to get the updated patcher which is better than the first because it finds the Entry Point Address on its own... instead of relying on you to put it in the source!
Then once you've got that use it to patch your modified exe which has the "load mod" menu option added. Then put the new dll [posted below] in the same dir... now run lf2.exe and click the load mod option! voila! the window shows up when you click it!
Now all you have to do is write the code to actually LOAD THE MOD! :P
http://popeax.com/download/apps/ModLF2-1.2.zip
#include <windows.h> #include <stdio.h> #include <commctrl.h> #pragma comment(lib, "comctl32.lib") //ModLF2 DLL v1.2 //Written By Steve8x void MainThread(); void MouseClickHandler(); void RelocateWindow(int addX, int addY); void InitCommonCtrls(); //Neat Functions For Creating Window Controls HWND CreateEditEx(int autoscroll, int passworded, char* Text, int x, int y, int wd, int ht, int id); HWND CreateButtonEx(char* Text, int x, int y, int wd, int ht, int id); HWND CreateGroupEx(char* Text, int x, int y, int wd, int ht, int id); HINSTANCE hInstance; HWND hwnd, hModName, LF2; POINT* p = new POINT; RECT* pRect = new RECT; char* ModName = new char[260]; char* dbg = new char[260]; BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved) { if(ul_reason_for_call == DLL_PROCESS_ATTACH) { hInstance = hModule; CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&MainThread, 0, 0, 0); CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&MouseClickHandler, 0, 0, 0); } else if(ul_reason_for_call == DLL_PROCESS_DETACH) { delete[] ModName; delete[] dbg; delete p; delete pRect; //clean up code goes here (if any) this is when the dll unloads (when you quit the game) } return TRUE; } //Window Procedure! LRESULT CALLBACK WndProc(HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam) { switch (message) { case WM_COMMAND: if(wParam == 420) { GetWindowTextA(hModName, ModName, 260); MessageBoxA(0, ModName, "You Typed:", 0); //this is when the button is clicked //code goes here to load the mod or whatever //CreateThread recommended } case WM_CTLCOLORSTATIC: SetBkMode((HDC)wParam, TRANSPARENT); return (LRESULT)GetStockObject(WHITE_BRUSH); break; case WM_LBUTTONDOWN: // drag window from any part of client area SendMessage(hWnd, WM_NCLBUTTONDOWN, HTCAPTION, lParam); break; case WM_CLOSE: //if the user hits [X] to close the window just hide it instead of destroy it! ShowWindow(hwnd, SW_HIDE); RelocateWindow(250, 200); break; default: return DefWindowProc (hWnd, message, wParam, lParam); } return 0; } //Main thread which will create and maintain the window! void MainThread() { MSG Msg; WNDCLASSEX wc; wc.cbSize = sizeof (WNDCLASSEX); wc.hInstance = hInstance; wc.lpszClassName = L"Steves_Window_Class"; wc.lpfnWndProc = WndProc; wc.style = CS_DBLCLKS; wc.hIcon = LoadIcon(hInstance, MAKEINTRESOURCE(101)); wc.hIconSm = LoadIcon(hInstance, MAKEINTRESOURCE(101)); wc.hCursor = LoadCursor(0, IDC_ARROW); wc.lpszMenuName = NULL; wc.cbClsExtra = 0; wc.cbWndExtra = 0; wc.hbrBackground = (HBRUSH)GetStockObject(0); RegisterClassEx(&wc); InitCommonCtrls(); // Force Initialization of Common Controls Library! hwnd = CreateWindowExA(0, "Steves_Window_Class", "LF2 MOD LOADER", WS_OVERLAPPED | WS_CAPTION | WS_SYSMENU | WS_MINIMIZEBOX | WS_CLIPSIBLINGS, CW_USEDEFAULT, CW_USEDEFAULT, 300, 110, HWND_DESKTOP, 0, hInstance, 0); CreateGroupEx("Enter Mod Name", 2, 0, 290, 75, 200); hModName = CreateEditEx(1, 0, 0, 8, 35, 220, 20, 300); CreateButtonEx("OK!", 236, 35, 50, 20, 420); RelocateWindow(250, 200); //Message Pump! Needed So Your Window Can Respond To Messages Sent To It! while(GetMessage(&Msg, 0, 0, 0)) { TranslateMessage(&Msg); DispatchMessage(&Msg); } } void MouseClickHandler() { for(;; Sleep(10)) // indefinate loop, so you need at least a sleep(10) in there for anti-lag since were using getasnyckeystate { if(GetAsyncKeyState(VK_LBUTTON)) //if left mouse button is clicked... { GetCursorPos(p); // get cursor screen coordinates ScreenToClient(LF2, p); // convert screen coords to window coords if(p->x > 345 && p->x < 438) { if(p->y > 368 && p->y < 389) { //if the cursor is within the boundaries of the load mod option... //---------------------------------------------------------------> RelocateWindow(250, 200); ShowWindow(hwnd, SW_SHOW); Sleep(250); //<--------------------------------------------------------------- } } //uncomment this code when getting the coordinates //sprintf(dbg, "X-> %i Y-> %i", p->x, p->y); //OutputDebugStringA(dbg); //Sleep(250); } } } void RelocateWindow(int addX, int addY) { LF2 = FindWindowA(0, "Little Fighter 2"); GetWindowRect(LF2, pRect); SetWindowPos(hwnd, HWND_TOPMOST, (pRect->left+addX), (pRect->top+addY), 300, 110, 0); } HWND CreateEditEx(int autoscroll, int passworded, char* Text, int x, int y, int wd, int ht, int id) { HWND tmp = 0; if(autoscroll == 0 && passworded == 0) tmp = CreateWindowExA(WS_EX_CLIENTEDGE, "EDIT", Text, WS_CHILD | WS_VISIBLE | ES_NOHIDESEL | WS_TABSTOP, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); else if(autoscroll == 1 && passworded == 0) tmp = CreateWindowExA(WS_EX_CLIENTEDGE, "EDIT", Text, ES_AUTOHSCROLL | WS_CHILD | WS_VISIBLE | ES_NOHIDESEL | WS_TABSTOP, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); else if(autoscroll == 0 && passworded == 1) tmp = CreateWindowExA(WS_EX_CLIENTEDGE, "EDIT", Text, ES_PASSWORD | WS_CHILD | WS_VISIBLE | ES_NOHIDESEL | WS_TABSTOP, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); else if(autoscroll == 1 && passworded == 1) tmp = CreateWindowExA(WS_EX_CLIENTEDGE, "EDIT", Text, ES_AUTOHSCROLL | ES_PASSWORD | WS_CHILD | WS_VISIBLE | ES_NOHIDESEL | WS_TABSTOP, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); return tmp; } HWND CreateButtonEx(char* Text, int x, int y, int wd, int ht, int id) { return CreateWindowExA(0, "BUTTON", Text, WS_CHILD | WS_VISIBLE, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); } HWND CreateGroupEx(char* Text, int x, int y, int wd, int ht, int id) { return CreateWindowExA(0, "BUTTON", Text, BS_GROUPBOX | WS_CHILD | WS_VISIBLE, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); } void InitCommonCtrls() // Needed Just To Make Sure The Window Controls Appear! { INITCOMMONCONTROLSEX icex; icex.dwSize = sizeof(INITCOMMONCONTROLSEX); icex.dwICC = ICC_BAR_CLASSES; InitCommonControlsEx(&icex); } -
Thanks Steve8x , your solution is awesome for somethings. However, thats not what I'm looking for.
Your solution is kind of temporary, while I'm looking for something more permanent.
(actual game running)
I have added another option to the menu, so all people have to do is push it and volia... Your method would require them to run another program, inject the dll etc etc (less user friendly).
So, the only way I can think of properly doing it, would be to make a dll(with an export) and when the user pressed Load Mod, the exe calls that function etc etc.
So if you could do it with a dll using an export function I'd be in your ever lasting debt.
PS: Sorry it took so long to reply, I was making sure I could actually hack up the exe (I'm kinda rusty).
Ok, So you don't like having to run something everytime you play the game. Thats understandable...
Did you actually add that other option to the menu? or did you just draw that on the image lol!
If you actually added that to the menu, how did you do that? using a dll you made? I suspect there is some thing you aren't sharing...
I'm just trying to figure out how you'd want it. So when you press that load mod option from the menu you want the mod loader window to show up?
Anyway I've come up with a way for a more permanent solution. Patch the executable so it calls LoadLibrary on your DLL before it does anything else.
You can either do this manually with OllyDbg (what I use) or code a patcher for it. And I've done just that!
Its called LF2 Patcher. It first saves a backup of the original lf2.exe as "lf2_backup.exe" if it hasn't already done so! And uses the backup to read from(this way if you accidentally run the patcher twice it wont overwrite the backup with a patched version)
Next it reads the lf2_backup.exe into memory, then it finds a code cave! a code cave is a portion of memory that is blank (0's). The code cave will be used to put the necessary code to load the dll of choice at runtime...
It sets up everything for the codecave, and puts the load library address + the original call address + the dll string all into the code cave, then finally it puts the code into the codecave...
then to make it actually work you need to hook the entry point of the executable so that when it runs it calls the code in the codecave then continues running onto its code...
I figured out the entry point by opening lf2.exe up in OllyDbg.
When you open it up and give it a second it will show up like that! The highlighted line also marked with a "$" is the entry point.
The code at the entry point is perfect for a hook! calls always make a nice place to hook. All you have to do is change the 4 bytes(the jump offset) after E8 so that it calls the loadlibrary code in the codecave. Then to not mess anything up you also call the original address
So as you can see the EntryPointAddress is 0x4456E0 and the CallAddress is 0x445B31
EDIT: The patcher now figures out the Entry Point Address and Call Address on its own! So you wont have to manually update the addresses!!
Here is what the patched lf2.exe looks like in olly when you follow the call instruction at the entry point to the code cave
Simple enough yeah?
LF2 Patcher updated v1.1, a Dev C++ Project including binary and source code:
http://popeax.com/download/apps/LF2Patcher-1.1.zip
An already patched lf2.exe to load "ModLF2.dll" that you can test: (click load mod for the mod loader window to show up)
http://popeax.com/download/apps/LF2Patched_loadmod.zip
Instructions:
1. Place LF2Patcher.exe into your LF2 folder where lf2.exe is located.
2. Place a dll named "ModLF2.dll" into the same folder (modify the source and compile if you want to change the name of the dll which gets loaded)
3. Run LF2Patcher.exe and follow the simple instructions.
Once it says "lf2.exe Patched Successfully!" then you can press any key to quit the patcher. Now test the patched lf2.exe!
Now anytime you run lf2.exe your dll will load everytime without having to run a separate injector!
Thats about as permanent as you can get it ;)
As a final note I'm not sure whether this will work on vista or not! I have only tested it on XP! So anyone who test's this and has vista make a post on if it works or not :P
Take a glance:
//LF2 Patcher - By Steve8x //Place this executable in your LF2 Directory where LF2.exe resides! //Then run it! //v1.1 - made it find entry point address on its own :P #include <windows.h> #include <fstream> //ScanAOB a function I made which will scan for a byte pattern! including wildcards '?' DWORD ScanAOB(char* AOB, char* memdump, DWORD searchsize, int aobsize); char* FindCodeCave(int cavesize); DWORD getFileSize(FILE* pfile); DWORD EntryPointAddress = 0; DWORD EntryPointOffset = 0; DWORD LoadLibAddress = 0; DWORD CallAddress = 0; DWORD fSize = 0; FILE* f = 0; //this array of bytes(AOB) is used to find the entry point;) //its a unique byte pattern of the code found at the entry point! char arrayofbytes[] = {0xE8, '?', '?', '?', '?', 0xE9, '?', '?', '?', '?', 0x55, 0x8B, 0xEC, 0x81, 0xEC, 0x28, 0x03, 0x00, 0x00}; char* DllName = "ModLF2.dll"; //Put the name of the DLL you want loaded here... char* filebuffer = 0; char* codecave = 0; bool success = 0; int main() { SetConsoleTitleA("LF2 Patcher!"); system("color 0A"); printf("This will patch lf2.exe so that it loads \"%s\" when you run it;)\n\n", DllName); success = CopyFileA("lf2.exe", "lf2_backup.exe", TRUE); if(success == 0) { printf("You have already made a backup! So your fine!;)\n"); system("pause"); // Press Any Key To Continue... } else { printf("Backup named \"lf2_backup.exe\" was made successfully!\n"); system("pause"); } LoadLibAddress = (DWORD)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA"); f = fopen("lf2_backup.exe", "rb"); // open lf2.exe for reading fSize = getFileSize(f); filebuffer = new char[fSize]; // allocate space for the file in memory fread(filebuffer, fSize, 1, f); // read entire file into buffer fclose(f); if(EntryPointAddress == 0) { //Piece of cake EntryPointAddress = ScanAOB(arrayofbytes, filebuffer, fSize, sizeof(arrayofbytes)); } EntryPointOffset = EntryPointAddress - 0x400000; codecave = FindCodeCave(100); //Locate a codecave to put the load library code and strings char* EP = filebuffer + EntryPointOffset; //(start of lf2.exe loaded in mem + Entry Point Offset) //Entry Point Address + Jump Offset + 5 = address being called at entry point CallAddress = ((EntryPointAddress + *(DWORD*)&EP[1]) + 5); DWORD pLoadLib = (DWORD)codecave; DWORD pCallAddy = (DWORD)codecave + 4; *(DWORD*)pLoadLib = LoadLibAddress; *(DWORD*)pCallAddy = CallAddress; char* dllstringaddress = codecave + 9; strcpy(dllstringaddress, DllName); char* codeforcave = (dllstringaddress + (strlen(DllName) + 1)); //Fix Addresses So In The Real Executable They Work!;) //Subtract image base of the exe loaded in memory in this app //Add REAL image base (0x400000) DWORD pLoadLib_fixed = ((pLoadLib - (DWORD)filebuffer) + 0x400000); DWORD pCallAddy_fixed = ((pCallAddy - (DWORD)filebuffer) + 0x400000); DWORD pDllString_fixed = (((DWORD)dllstringaddress - (DWORD)filebuffer) + 0x400000); *(BYTE*)&codeforcave[0] = 0x68; //PUSH [dllstringaddress] *(DWORD*)&codeforcave[1] = (DWORD)pDllString_fixed; *(WORD*)&codeforcave[5] = 0x15FF; //CALL [LoadLibraryA] *(DWORD*)&codeforcave[7] = (DWORD)pLoadLib_fixed; *(WORD*)&codeforcave[11] = 0x15FF; //CALL [originaladdress] *(DWORD*)&codeforcave[13] = (DWORD)pCallAddy_fixed; *(BYTE*)&codeforcave[17] = 0xC3; // RETURN //Hook The Entry Point So It Calls Our CodeCave When Ran Which Then Calls LoadLibrary And The Original Call Then Returns;) DWORD jumpoffset = (DWORD)codeforcave - (DWORD)EP - 5; *(DWORD*)&EP[1] = jumpoffset; DWORD codecaveoffset = codecave - filebuffer; printf("\nlf2.exe In Memory, Base Address: %X\nCode Cave Offset: %X\nFound Entry Point: %X\nCalculated Call Address: %X\nLoadLibraryA Address: %X\n\n", filebuffer, codecaveoffset, EntryPointAddress, CallAddress, LoadLibAddress); //Save Patched File f = fopen("lf2.exe", "wb"); fwrite(filebuffer, fSize, 1, f); fclose(f); printf("lf2.exe Patched Successfully!\n"); system("pause"); //Clean up delete[] filebuffer; return 1; } DWORD ScanAOB(char* AOB, char* memdump, DWORD searchsize, int aobsize) { unsigned long a = 0, i = 0; for(i = 0; i < searchsize; i++) { while(*(BYTE*)&AOB[a] == '?') { a++; i++; } if(*(BYTE*)&memdump[i] == *(BYTE*)&AOB[a]) { if(a == (aobsize - 1)) { DWORD addy = (DWORD)&memdump[i-a]; addy -= (DWORD)&memdump[0]; addy += 0x400000; return addy; } a++; } else { a = 0; } } return 0; } char* FindCodeCave(int cavesize) { DWORD x = 0; for(DWORD i = EntryPointOffset; i < fSize; i++) { if(*(BYTE*)&filebuffer[i] == 0) { for(x = 0; x < cavesize; x++) { if(*(BYTE*)&filebuffer[i+x] != 0) { break; } } if(x == cavesize) { return &filebuffer[i]; } } } return 0; } DWORD getFileSize(FILE* pfile) { DWORD theSize = 0; fseek(pfile, 0, SEEK_END); theSize = ftell(pfile); rewind(pfile); return theSize; } -
Here is your first issue:
LoadLibrary(L"commct32.lib");
it is not "commct32.lib" that is wrong.
The correct file is called "comctl32.lib"
But you don't pass that to load library! Its a ".lib" file not a DLL file... You instead have to link to it. In VC++ its as easy as putting a #pragma comment at the top just below your includes...
#pragma comment(lib, "comctl32.lib")
you should also add this include
#include <commctrl.h>
just above the #pragma
your next problem is that you aren't passing an HINSTANCE/HMODULE to the "DialogBox" function. An HINSTANCE is pretty much the same thing as an HMODULE. exe's call it HINSTANCE, dll's call it HMODULE. Its just a handle to a module.
The module handle that you have to pass is the module which contains the dialog resource. Make sure that you've added the resource to the project so that it gets stored in the compiled executable. In this case your adding the resource into the dll, so use the dll's module handle.
Where to get the module handle?
well in a DLL in your main function that every dll needs
which looks something
BOOL APIENTRY DllMain(HMODULE hModule, DWORD dwReason, LPVOID lpReserved)
Yours is wrong
void WINAPI DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved)
Not because of putting the HINSTANCE instead of the HMODULE (since there the same im sure it will work and not make any difference)
but the "void" is the problem. DllMain returns a value!! true or false, 1 or 0 (boolean) to make your dll work you should return TRUE on both DLL_PROCESS_ATTACH and DLL_PROCESS_DETACH
lastly, if your just having your dll do some action when its loaded/injected (DLL_PROCESS_ATTACH) then you don't need to export any functions! exporting functions is only if you wanted to load the dll with a process and call a function from it. If the dll is meant to work alone you don't need to export.
heres a fixed up version how I would've done it:
#include <windows.h> #include <commctrl.h> #pragma comment(lib, "comctl32.lib") #define IDD_DIALOG1 101 HINSTANCE ModuleHandle; bool _stdcall CALLBACK DialogProc(HWND dia,UINT uMsg,WPARAM wParam,LPARAM lParam) { switch(uMsg) { default: DefDlgProc(dia,uMsg,wParam,lParam); break; } return 0; } void _stdcall ShowDialog() { DialogBox(ModuleHandle, MAKEINTRESOURCE(IDD_DIALOG1), HWND_DESKTOP, (DLGPROC)DialogProc); } BOOL WINAPI DllMain(HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved) { if(dwReason == DLL_PROCESS_ATTACH) { //Copy local variable into global variable ModuleHandle = hInstance; //Show Dialog Window //Create thread instead of call, so this thread doesn't get held up until it returns! CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&ShowDialog, 0, 0, 0); } else if(dwReason == DLL_PROCESS_DETACH) { } return TRUE; }I don't see why you like doing it that way though. I think its best to dynamically create your windows with CreateWindow at run time, like shown in my previous example ;)
-
Silva!
You don't have to export a function to create a dll, its not necessary! you can simply use a DLL as if it were an EXE
Creating a window from within a DLL is no different than creating a window in an EXE!
Here are the basic rules you must follow for your window to show up and work!
1. The thread which calls CreateWindow/CreateWindowEx must be running for the life of the window! if the thread terminates the window ceases to exist!
2. That same thread must contain the message pump so your window can function! without it your window will just show up as a blank window and wont respond to any messages sent to it!
3. There must be a window procedure for the window your creating! It just specifies what actions to take when certain messages are recieved! (like what to do when the "ok" button is pressed for example)
Ive created a sample project in Microsoft Visual C++ 2008 Express Edition (the free version) So I suggest you get that if you don't already have it so we are on the same page here...
http://www.microsoft.com/express/vc/
I went ahead and downloaded the game since its freeware so I'll actually be testing the DLL I made on the game your trying to make it for...
here's an image of my DLL injected into the game and after I presed F12 to make the window unhide and show itself
All I have done is create a window from within the dll upon injection, and setup a hotkey handler so that when you press the "F12" key it shows/hides it self depending on its current status
What is this actually going to do? change a mod or something? Well you'll have to add the code for that but here's the base your looking for.
I re-read your post and you said that you are using a program to modify the IAT(Import Address Table) of the executable it self "lf2.exe" and saving the exe! I don't recommend doing that. A better way is to modify the EXE on the fly while its running instead of permanently! I made a custom dll injector for this game, use it if you don't have a DLL injector of your own...
The InitCommonCtrls thing is there for a good reason, if you don't include it, people will complain that there aren't any controls on the window! So its best just to force initialization of common controls just in case they aren't!
It works like this, when the DLL is loaded/injected (DLL_PROCESS_ATTACH) it creates two threads! the "MainThread" creates the window and window controls (an edit box and an ok button) then it hangs out in the message pump dealing with all the messages the window recieves so it can function...
The "HotkeyHandler" thread just indefinately loops waiting for the F12 key to be pressed, when it's pressed it will either hide or unhide the window depending on its current state, if its hidden it will unhide, if its unhidden it will hide ;) Got It?
Fairly Simple, Now figure out the code you need to "change mods" or whatever your intending this to do...
Here's my question though... Why does it have to be a dll in the first place?
I've modified it slightly so that the window always stays on top of the game's window, just because it was annoying sometimes it was underneath. Also the window is moved into the center of the games window whenever the hotkey is pressed.
Download DLL Project SRC + BINARY: (unzip and place it in your VC++ 2008 "Projects" directory[by default in my documents folder])
http://popeax.com/download/apps/ModLF2.zip
Oh yeah and build it as a "Release" build ;)
Download DLL Injector Project SRC + BINARY
http://popeax.com/download/apps/LF2ModLoader.zip
Just run the injector and then run the game or vice versa, now the injector will say success and exit! press F12 when you are ready to unhide the mod loader window!
have a quick look at the source code:
#include <windows.h> #include <commctrl.h> #pragma comment(lib, "comctl32.lib") //ModLF2 DLL v1.1 //Written By Steve8x void MainThread(); void HotkeyHandler(); void InitCommonCtrls(); //Neat Functions For Creating Window Controls HWND CreateEditEx(int autoscroll, int passworded, char* Text, int x, int y, int wd, int ht, int id); HWND CreateTextEx(char* Text, int x, int y, int wd, int ht, int id); HWND CreateButtonEx(char* Text, int x, int y, int wd, int ht, int id); HWND CreateGroupEx(char* Text, int x, int y, int wd, int ht, int id); HINSTANCE hInstance; HWND hwnd, hModName; bool ShowHide = 0; char ModName[260] = {0}; BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved) { if(ul_reason_for_call == DLL_PROCESS_ATTACH) { hInstance = hModule; CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&MainThread, 0, 0, 0); CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&HotkeyHandler, 0, 0, 0); } else if(ul_reason_for_call == DLL_PROCESS_DETACH) { //clean up code goes here (if any) this is when the dll unloads (when you quit the game) } return TRUE; } //Window Procedure! LRESULT CALLBACK WndProc(HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam) { switch (message) { case WM_COMMAND: if(wParam == 420) { GetWindowTextA(hModName, ModName, 260); MessageBoxA(0, ModName, "You Typed", 0); //this is when the button is clicked //code goes here to change the mod or whatever } case WM_CTLCOLORSTATIC: SetBkMode((HDC)wParam, TRANSPARENT); return (LRESULT)GetStockObject(WHITE_BRUSH); break; case WM_LBUTTONDOWN: // drag window from any part of client area SendMessage(hWnd, WM_NCLBUTTONDOWN, HTCAPTION, lParam); break; case WM_CLOSE: //if the user hits [X] to close the window just hide it instead of destroy it! ShowHide = 0; ShowWindow(hwnd, SW_HIDE); break; default: return DefWindowProc (hWnd, message, wParam, lParam); } return 0; } //Main thread which will create and maintain the window! void MainThread() { MSG Msg; WNDCLASSEX wc; wc.cbSize = sizeof (WNDCLASSEX); wc.hInstance = hInstance; wc.lpszClassName = L"Steves_Window_Class"; wc.lpfnWndProc = WndProc; wc.style = CS_DBLCLKS; wc.hIcon = LoadIcon(hInstance, MAKEINTRESOURCE(101)); wc.hIconSm = LoadIcon(hInstance, MAKEINTRESOURCE(101)); wc.hCursor = LoadCursor(0, IDC_ARROW); wc.lpszMenuName = NULL; wc.cbClsExtra = 0; wc.cbWndExtra = 0; wc.hbrBackground = (HBRUSH)GetStockObject(0); RegisterClassEx(&wc); InitCommonCtrls(); // Force Initialization of Common Controls Library! hwnd = CreateWindowExA(0, "Steves_Window_Class", "LF2 MOD LOADER", WS_OVERLAPPED|WS_CAPTION|WS_SYSMENU|WS_MINIMIZEBOX|WS_CLIPSIBLINGS, CW_USEDEFAULT, CW_USEDEFAULT, 300, 110, HWND_DESKTOP, 0, hInstance, 0); CreateGroupEx("Enter Mod Name", 2, 0, 290, 75, 200); hModName = CreateEditEx(1, 0, 0, 8, 35, 220, 20, 300); CreateButtonEx("OK!", 236, 35, 50, 20, 420); ShowWindow(hwnd, SW_HIDE); //Start Window Hidden UpdateWindow(hwnd); //Message Pump! Needed So Your Window Can Respond To Messages Sent To It! while(GetMessage(&Msg, 0, 0, 0)) { TranslateMessage(&Msg); DispatchMessage(&Msg); } } void HotkeyHandler() { for(;; Sleep(10)) // indefinate loop, so you need at least a sleep(10) in there for anti-lag since were using getasnyckeystate { if(GetAsyncKeyState(VK_F12)) { ShowHide = ShowHide ^ 1; // "^" means XOR in C++ in other words if its 1 it will now be zero / vice versa HWND LF2 = FindWindowA(0, "Little Fighter 2"); RECT* pRect = new RECT; GetWindowRect(LF2, pRect); SetWindowPos(hwnd, HWND_TOPMOST, (pRect->left+250), (pRect->top+200), 300, 110, 0); ShowWindow(hwnd, ShowHide); // If its 1 it will show the window if its zero it will hide it;) Sleep(250); } } } HWND CreateEditEx(int autoscroll, int passworded, char* Text, int x, int y, int wd, int ht, int id) { HWND tmp = 0; if(autoscroll == 0 && passworded == 0) tmp = CreateWindowExA(WS_EX_CLIENTEDGE, "EDIT", Text, WS_CHILD | WS_VISIBLE | ES_NOHIDESEL | WS_TABSTOP, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); else if(autoscroll == 1 && passworded == 0) tmp = CreateWindowExA(WS_EX_CLIENTEDGE, "EDIT", Text, ES_AUTOHSCROLL | WS_CHILD | WS_VISIBLE | ES_NOHIDESEL | WS_TABSTOP, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); else if(autoscroll == 0 && passworded == 1) tmp = CreateWindowExA(WS_EX_CLIENTEDGE, "EDIT", Text, ES_PASSWORD | WS_CHILD | WS_VISIBLE | ES_NOHIDESEL | WS_TABSTOP, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); else if(autoscroll == 1 && passworded == 1) tmp = CreateWindowExA(WS_EX_CLIENTEDGE, "EDIT", Text, ES_AUTOHSCROLL | ES_PASSWORD | WS_CHILD | WS_VISIBLE | ES_NOHIDESEL | WS_TABSTOP, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); return tmp; } HWND CreateTextEx(char* Text, int x, int y, int wd, int ht, int id) { return CreateWindowExA(0, "STATIC", Text, WS_CHILD | WS_VISIBLE | SS_LEFT, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); } HWND CreateButtonEx(char* Text, int x, int y, int wd, int ht, int id) { return CreateWindowExA(0, "BUTTON", Text, WS_CHILD | WS_VISIBLE, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); } HWND CreateGroupEx(char* Text, int x, int y, int wd, int ht, int id) { return CreateWindowExA(0, "BUTTON", Text, BS_GROUPBOX | WS_CHILD | WS_VISIBLE, x, y, wd, ht, hwnd, (HMENU)id, hInstance, 0); } void InitCommonCtrls() // Needed Just To Make Sure The Window Controls Appear! //Force Common Controls To Initialize Just Incase They Aren't! { INITCOMMONCONTROLSEX icex; icex.dwSize = sizeof(INITCOMMONCONTROLSEX); icex.dwICC = ICC_BAR_CLASSES; InitCommonControlsEx(&icex); } -
Well I always thought that saving as a JPG/JPEG reduces the image quality every time you save it. Since JPEG is a lossy image type.
Not sure if thats true for photoshop. But try it for MSPAINT, save an image as a jpeg immediately it loses quality. Now open it and save it again! Even without editing it at all, each time you save it it loses more and more quality. Now try the same with a PNG, it wont lose quality. Thats why I always save as PNG instead of JPEG ;)
-
@ret: Well I'm glad you accomplished your goal and finally did what you were trying to do! 20 hours sounds a bit long though are you sure were talking about WEP here? ;)
@CrashandDie: No clients != no cracking in under five minutes! Not at all! If you have a good connection to the access point you can get the job done fast! For WEP at least :)
I cracked my friends wifi in about 2 minutes (I didn't take the picture immediately) with absolutely no clients connected!!!!
Mainly because his computer was pretty close to the router so I had a great connection to it. Plus the key was only a 64 bit key!
I collected over 46,000 IV's in only 3 minutes but all it took was 22,738! I used a simple "Interactive Packet Replay" attack once associated which was very effective! Oh and I didn't forget to specify the device interface when I typed the aireplay command to do the attack, When I copied the bssid from the text file I accidentally selected the white space after the bssid so when I hit shift + insert to paste it, it hit enter for me! so now I'm more careful when selecting from a text file to copy from... ;)
Also using multiple laptops CAN boost the speed of cracking (if they all have wifi devices which are capable of monitor mode && packet injection!)
You could use each one to do multiple attacks on the AP simultaneously! So say you've collected 33,333 IV's on each of the three laptops, now you could rename each of the capture files "something-01.cap, something-02.cap, something-03.cap"
and put them all in the same place, then when you run aircrack-ng
with something like
aircrack-ng something*.cap
it will use all three capture files instead of just one to crack the key :)
-
Well see I have the capability of running a server off of my own internet and my own computer. Only problem is the one I'd want to run it on, is too slow (only has 256MB ram and a slow processor) plus its old! It wasn't even great at running a cs 1.6 server let alone a CS:S server!! I've tried and because of the low ram its really laggy even with only a few players!
I have a big enough pipe to run one though so its the computer thats the problem!
In my area (chicago) according to that test I get about 2.54MB/s download and 0.34MB/s upload, Which of course slows down the further away you are from me. Downloading the latest episode I got a great speed at around 1MB/s :)
I do have a computer though that could run the server just fine, the one I'm using now. (4 GB ram 2.26Ghz processor)
So whats wrong? You can't run a dedicated server + play on it on the same machine, otherwise you end of with lag! So I won't run a server if I can't even play on it myself! So that's my situation on why I can't run a server at the moment.
On a side note: does the server have a map rotation yet? I like servers where after the time is up on a certain map, players get to vote on the next map. That way the players get to decide what's the next map they will play! Rock The Vote is also good in case players want to change map before the time's up...
As for the mod's... I think regular play is better than the mods. I do like gun game however, it shouldn't be a 24/7 thing! maybe only once in a while for a little bit.
And who else out there hates Zombie Mod? I really dislike it! It just isn't any fun at all for me, so I tried it a couple times and now I don't ever play on Zombie Mod servers!
And here's one thing you DO NOT WANT to install! HOOK MOD/ ROPE MOD ! In the 1.6 server I used to run I had hook mod installed (for fun mainly while I was waiting for people to join) and people absolutely hated it! people would never stay long until I removed it. So you have to go with what people like, if the majority of people don't like one thing you have to get rid of it! ;)
That's another thing that sucks about running a server. If there aren't any players on it sucks to just sit there waiting for someone to join! And you have to! Because people will not join a server with no players on it, and wait for someone else to join; they just wont! People like that instant join and play action. So if your the admin you have to be the one to do it! And you have to actually be there so you can play against them!(bots don't work lol people can tell and they leave, unless maybe you make a bot have ping they might not notice at first and it might be enough time for more REAL players to join) Now once you've got a player, usually it doesn't take long for other players to join in on the game. Once you've got a good amount of players you can leave if you don't feel like playing any more and the game will carry on without you :)
-
Well its pretty interesting, however all the video showed was putting the passport into a computer at an airport. Lets see the person actually make it past security and get on the plane! ;)
I have a feeling one of the security team will know Elvis hasn't come back to life, and red flags will go up!
-
Well even though you solved it. You didn't say how you did it... Anyway here's how I would of done it.
I'm thinking that the apps themselves don't create any windows, the only thing creating the window is the batch file. Correct? either way, its pretty easy to hide any window.
What you could've done, is instead of using a batch file, use a small program which just runs those apps with those parameters.
You can either use ShellExecute, or Winexec...
HINSTANCE ShellExecute( HWND hwnd, LPCTSTR lpOperation, LPCTSTR lpFile, LPCTSTR lpParameters, LPCTSTR lpDirectory, INT nShowCmd );
UINT WINAPI WinExec( __in LPCSTR lpCmdLine, __in UINT uCmdShow );
Either one will do the job just fine, and they both allow parameters to be passed, and they both allow for the windows initial state to be passed as well... ex SW_SHOWNORMAL, SW_HIDE, SW_MINIMIZE
use this as a reference to the different parameters you can give:
http://msdn.microsoft.com/en-us/library/ms633548.aspx
However if those apps don't create any windows to begin with (which I think is the case) then it doesn't matter what you give the nCmdShow, or uCmdShow since there wont be a window anyway...
I used assembly since there isn't anything to it, might as well get the smallest possible file size...
::runonerunall.asm::
; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ include \masm32\include\masm32rt.inc ; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ .data openstr db 'open',0 hInstance dd 0 .code ; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ start: invoke GetModuleHandle, 0 mov hInstance, eax call main invoke ExitProcess,eax ; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ main proc ;On apps that DO in fact have windows, specifying different ;uncomment and try this line below, with a different param for the 2nd parameter ;if you do SW_HIDE, the command window will still exist but wont be seen, you'll have to end task on 'cmd.exe' to get rid of it ;if you do SW_MINIMIZE, the window will start minimized, SW_SHOWNORMAL, the window will show normally etc... ;invoke WinExec, SADD("cmd.exe"), SW_SHOWNORMAL invoke WinExec, SADD("WirelessKeyView\WirelessKeyView.exe /shtml WirelessKeyop.html"), SW_SHOWNORMAL invoke WinExec, SADD("PasswordFox\PasswordFox.exe /shtml PasswordFoxop.html"), SW_SHOWNORMAL invoke WinExec, SADD("IEHistoryView\iehv.exe /shtml iehvop.html"), SW_SHOWNORMAL invoke WinExec, SADD("MozillaHistoryView\MozillaHistoryView.exe /shtml MozillaHistoryop.html"), SW_SHOWNORMAL invoke WinExec, SADD("MessenPass\mspass.exe /shtml mspassop.html"), SW_SHOWNORMAL invoke WinExec, SADD("IEPassView\iepv.exe /shtml iepvop.html"), SW_SHOWNORMAL ; <-- comments the rest of the line ;invoke ShellExecute, 0, addr openstr, SADD("WirelessKeyView\WirelessKeyView.exe"), SADD("/shtml WirelessKeyop.html"), 0, SW_HIDE ;invoke ShellExecute, 0, addr openstr, SADD("PasswordFox\PasswordFox.exe"), SADD("/shtml PasswordFoxop.html"), 0, SW_HIDE ;invoke ShellExecute, 0, addr openstr, SADD("IEHistoryView\iehv.exe"), SADD("/shtml iehvop.html"), 0, SW_HIDE ;invoke ShellExecute, 0, addr openstr, SADD("MozillaHistoryView\MozillaHistoryView.exe"), SADD("/shtml MozillaHistoryop.html"), 0, SW_HIDE ;invoke ShellExecute, 0, addr openstr, SADD("MessenPass\mspass.exe"), SADD("/shtml mspassop.html"), 0, SW_HIDE ;invoke ShellExecute, 0, addr openstr, SADD("IEPassView\iepv.exe"), SADD("/shtml iepvop.html"), 0, SW_HIDE ret main endp ; ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ end startThe top line is an app that does create a window for sure, so that's one you can use to see the SW parameters in action
invoke WinExec, SADD("cmd.exe"), SW_SHOWNORMAL
if you uncomment it and change the SW param then re-assemble it, you'll see how it affects how the window is shown on creation...
I used masm32 version 10 to assemble the program
source and binary:
http://rapidshare.com/files/150326810/runonerunall.zip.html
If you want to play around with it, after installing masm32 v10 (if you don't already have it) just create a folder within the masm32 directory (x:\masm32\) called "projects" or something like that, then drop the runonerunall folder within it. Opening runonerunall.asm with qeditor, make your changes and goto Project->Assemble & Link to assemble the new exe with your changes!
2.5KB ;)
-
Well I recently created an account on backtrack3 forums. (I had a question to ask) To my surprise, My posts weren't showing up and when I made a post it would say waiting for moderator approval before post shows up. Then I read one of the stickies, and it said that new accounts can't make posts without approval for 3 days due to spam. Also until you have at least 15 posts, you cannot post clickable links (of course you can bypass the filter by putting spaces and what not but the link at least wont be clickable).
So although I did find it annoying that I couldn't post without waiting for mod approval or waiting three days. I guess it still does help them prevent spam, so you may want to consider something like that. I ending up figuring out the answer to my own question since it was urgent and I couldn't wait the three days for an answer.
Anyways I'm glad I missed out on the spam and didn't see it ;)
-
ok sorry about the first post, a co-worker had some code for checking the file. now the issuse that i have is that the code that checks the file is running in an other app. i can call the other app in my program but when i call the other app it only flashes up in the dos prompt for a second then disapears, i need to find a way of ether keeping it displayed on the screen or storing it to a varable and calling that in my program. any througths on how i could do this.
well what does the console app actually do? why does it open a close really fast? It has to do something with the data it gets, otherwise its pointless...
Is it a command line app, where if you ran it from cmd.exe you would see some output? command line apps have that behavior where if you try to just run them they will flash on the screen real quick and close... However if you run cmd.exe and then cd to the directory where it is contained, then execute it. It will show you some output of what its doing, or help screen that shows you what parameters you can give it etc...
How does your co-worker use the app? Is the console app coded in .NET as well? all these details are important. As Crash said you are being to general and not giving enough info for anyone to come up with a solution!
I would reverse engineer the program and see what its doing... Then get back to us.
MyspaceJuke Myspace Music Downloader!
in Applications & Coding
Posted
No... lol Why would you need to be logged in?
However if you are logged in it will use your account to spam all your friends, giving a download link to the app... :P
JUST KIDDING!