|
It took me going home last night and clearing my head. When I came in today, I started walking through all the memory allocation in that process. I found a copy/paste error that was corrupting the heap.
|
|
|
|
|
I have defined a managed C++ project to call into an unmanaged MFC project. The MFC project builds successfully. However, the build of the managed project fails because the linker cannot resolve the external symbols for the methods defined in the unmanaged class. Attached is the class definition for the managed class:
public __gc class MTracker
{
public:
MTracker(Control* pControl,Control* cControl)
{
m_CTracker = new CComTrackerApp();
IntPtr pPtr = pControl->Handle;
IntPtr cPtr = cControl->Handle;
HWND pHwnd = (HWND)pPtr.ToPointer();
HWND cHwnd = (HWND)cPtr.ToPointer();
m_CTracker->Create(pHwnd,cHwnd);
}
protected:
void Dispose(bool b)
{
MTracker::Dispose(b);
if (m_CTracker != NULL)
{
delete m_CTracker;
m_CTracker = NULL;
}
}
private:
CComTrackerApp* m_CTracker;
};
The CCOMTrackerAPP class is defined in the MFC project. The linker cannot resolve the addresses for CComTracker::CComTracker() or CComTracker::Create(HWND pHwnd,HWND cHwnd). Any suggestions would be appreciated.
|
|
|
|
|
Hello
I need integrate me own topics into MSDN (Document Explorer). Does anybody have any ideas about how this could be done&
|
|
|
|
|
|
whats the best way to create random numbers in C++ so that everytime u call it, it gives you a differnet number?
int code =0,i=0;
srand(time(NULL));
code = rand()%10; // I want the number to be between 1 and 10
cout<
|
|
|
|
|
Only seed the random number generator once. Then call rand() over and over.
Christian
I have drunk the cool-aid and found it wan and bitter. - Chris Maunder
|
|
|
|
|
The problem is that you are calling seed() multiple times.
John
|
|
|
|
|
Hi everybody.
I don't understand these functions and MSDN doesn't help me.
¿When does the framework invoke them?. ¿Wich parameters does it pass in each invocation context?
¿What's the meaning of these parameters and it possible values?
Maybe that's too general for a good explanation, but if only i could get into some good article or tutorial...
Thanks
|
|
|
|
|
Hey guys... It's me again.
I'm looking for the Windows SDK and DDK for AMD64 platform.
MSDN search didn't find anything although AMD already wrote an article about a beta version of them IN OCTOBER '03.
Any ideas?
Don't try it, just do it!
|
|
|
|
|
The only thing I have found on this subject is that compiler support for AMD64 is in VC8 beta.
[EDIT]
As many companies are writing drivers for AMD64 the DDK must have been released in some fassion...
[/EDIT]
John
|
|
|
|
|
|
OK, I'm tryin to make a cheat-program wich should be able to bypass an anti-cheatprogram. I have the source code but I dont know wich lines I can edit to make it able to bypass it and still work correctly...
This is the file which should be edited:
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <stdio.h>
#include "apihijack.h"
// This function must be __cdecl!!!
void __cdecl DelayLoadProfileDLL_UpdateCount( PVOID dummy );
PIMAGE_IMPORT_DESCRIPTOR g_pFirstImportDesc;
//===========================================================================
// Given an HMODULE, returns a pointer to the PE header
PIMAGE_NT_HEADERS PEHeaderFromHModule(HMODULE hModule)
{
PIMAGE_NT_HEADERS pNTHeader = 0;
if (hModule == NULL)
return pNTHeader;
__try
{
if (PIMAGE_DOS_HEADER(hModule)->e_magic != IMAGE_DOS_SIGNATURE)
__leave;
pNTHeader = PIMAGE_NT_HEADERS(PBYTE(hModule)
+ PIMAGE_DOS_HEADER(hModule)->e_lfanew);
if (pNTHeader->Signature != IMAGE_NT_SIGNATURE)
pNTHeader = 0;
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
}
return pNTHeader;
}
//===========================================================================
// Builds stubs for and redirects the IAT for one DLL (pImportDesc)
bool RedirectIAT(SDLLHook* DLLHook, PIMAGE_IMPORT_DESCRIPTOR pImportDesc, PVOID pBaseLoadAddr)
{
PIMAGE_THUNK_DATA pIAT; // Ptr to import address table
PIMAGE_THUNK_DATA pINT; // Ptr to import names table
PIMAGE_THUNK_DATA pIteratingIAT;
// Figure out which OS platform we're on
OSVERSIONINFO osvi;
osvi.dwOSVersionInfoSize = sizeof(osvi);
GetVersionEx(&osvi);
// If no import names table, we can't redirect this, so bail
if (pImportDesc->OriginalFirstThunk == 0)
return false;
pIAT = MakePtr(PIMAGE_THUNK_DATA, pBaseLoadAddr, pImportDesc->FirstThunk);
pINT = MakePtr(PIMAGE_THUNK_DATA, pBaseLoadAddr, pImportDesc->OriginalFirstThunk);
// Count how many entries there are in this IAT. Array is 0 terminated
pIteratingIAT = pIAT;
unsigned cFuncs = 0;
while (pIteratingIAT->u1.Function)
{
cFuncs++;
pIteratingIAT++;
}
if (cFuncs == 0) // If no imported functions, we're done!
return false;
// These next few lines ensure that we'll be able to modify the IAT,
// which is often in a read-only section in the EXE.
DWORD flOldProtect, flNewProtect, flDontCare;
MEMORY_BASIC_INFORMATION mbi;
// Get the current protection attributes
VirtualQuery(pIAT, &mbi, sizeof(mbi));
// remove ReadOnly and ExecuteRead attributes, add on ReadWrite flag
flNewProtect = mbi.Protect;
flNewProtect &= ~(PAGE_READONLY | PAGE_EXECUTE_READ);
flNewProtect |= (PAGE_READWRITE);
if (!VirtualProtect(pIAT, (sizeof(PVOID) * cFuncs), flNewProtect, &flOldProtect))
{
return false;
}
// If the Default hook is enabled, build an array of redirection stubs in the processes memory.
DLPD_IAT_STUB * pStubs = 0;
// Scan through the IAT, completing the stubs and redirecting the IAT
// entries to point to the stubs
pIteratingIAT = pIAT;
while (pIteratingIAT->u1.Function)
{
void* HookFn = 0; // Set to either the SFunctionHook or pStubs.
if (!IMAGE_SNAP_BY_ORDINAL(pINT->u1.Ordinal)) // import by name
{
PIMAGE_IMPORT_BY_NAME pImportName = MakePtr(PIMAGE_IMPORT_BY_NAME, pBaseLoadAddr, pINT->u1.AddressOfData);
// Iterate through the hook functions, searching for this import.
SFunctionHook* FHook = DLLHook->Functions;
while (FHook->Name)
{
if (lstrcmpi(FHook->Name, (char*)pImportName->Name) == 0)
{
// Save the old function in the SFunctionHook structure and get the new one.
FHook->OrigFn = (void*)pIteratingIAT->u1.Function;
HookFn = FHook->HookFn;
break;
}
FHook++;
}
}
// Replace the IAT function pointer if we have a hook.
if (HookFn)
{
// Cheez-o hack to see if what we're importing is code or data.
// If it's code, we shouldn't be able to write to it
if (IsBadWritePtr((PVOID)pIteratingIAT->u1.Function, 1))
{
pIteratingIAT->u1.Function = (DWORD)HookFn;
}
else if (osvi.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS)
{
// Special hack for Win9X, which builds stubs for imported
// functions in system DLLs (Loaded above 2GB). These stubs are
// writeable, so we have to explicitly check for this case
if (pIteratingIAT->u1.Function > (DWORD)0x80000000)
pIteratingIAT->u1.Function = (DWORD)HookFn;
}
}
if (DLLHook->UseDefault)
pStubs++; // Advance to next stub
pIteratingIAT++; // Advance to next IAT entry
pINT++; // Advance to next INT entry
}
// Put the page attributes back the way they were.
VirtualProtect(pIAT, (sizeof(PVOID) * cFuncs), flOldProtect, &flDontCare);
return true;
}
//===========================================================================
// Builds stubs for and redirects the IAT for one DLL (pImportDesc)
bool UnRedirectIAT(SDLLHook* DLLHook, PIMAGE_IMPORT_DESCRIPTOR pImportDesc, PVOID pBaseLoadAddr)
{
PIMAGE_THUNK_DATA pIAT; // Ptr to import address table
PIMAGE_THUNK_DATA pINT; // Ptr to import names table
PIMAGE_THUNK_DATA pIteratingIAT;
// Figure out which OS platform we're on
OSVERSIONINFO osvi;
osvi.dwOSVersionInfoSize = sizeof(osvi);
GetVersionEx(&osvi);
// If no import names table, we can't redirect this, so bail
if (pImportDesc->OriginalFirstThunk == 0)
return false;
pIAT = MakePtr(PIMAGE_THUNK_DATA, pBaseLoadAddr, pImportDesc->FirstThunk);
pINT = MakePtr(PIMAGE_THUNK_DATA, pBaseLoadAddr, pImportDesc->OriginalFirstThunk);
// Count how many entries there are in this IAT. Array is 0 terminated
pIteratingIAT = pIAT;
unsigned cFuncs = 0;
while (pIteratingIAT->u1.Function)
{
cFuncs++;
pIteratingIAT++;
}
if (cFuncs == 0) // If no imported functions, we're done!
return false;
// These next few lines ensure that we'll be able to modify the IAT,
// which is often in a read-only section in the EXE.
DWORD flOldProtect, flNewProtect, flDontCare;
MEMORY_BASIC_INFORMATION mbi;
// Get the current protection attributes
VirtualQuery(pIAT, &mbi, sizeof(mbi));
// remove ReadOnly and ExecuteRead attributes, add on ReadWrite flag
flNewProtect = mbi.Protect;
flNewProtect &= ~(PAGE_READONLY | PAGE_EXECUTE_READ);
flNewProtect |= (PAGE_READWRITE);
if (!VirtualProtect(pIAT, (sizeof(PVOID) * cFuncs), flNewProtect, &flOldProtect))
{
return false;
}
// If the Default hook is enabled, build an array of redirection stubs in the processes memory.
DLPD_IAT_STUB * pStubs = 0;
// Scan through the IAT, completing the stubs and redirecting the IAT
// entries to point to the stubs
pIteratingIAT = pIAT;
while (pIteratingIAT->u1.Function)
{
void* HookFn = 0; // Set to either the SFunctionHook or pStubs.
if (!IMAGE_SNAP_BY_ORDINAL(pINT->u1.Ordinal)) // import by name
{
PIMAGE_IMPORT_BY_NAME pImportName = MakePtr(PIMAGE_IMPORT_BY_NAME, pBaseLoadAddr, pINT->u1.AddressOfData);
// Iterate through the hook functions, searching for this import.
SFunctionHook* FHook = DLLHook->Functions;
while (FHook->Name)
{
if (lstrcmpi(FHook->Name, (char*)pImportName->Name) == 0)
{
HookFn = FHook->OrigFn;
break;
}
FHook++;
}
}
// Replace the IAT function pointer if we have a hook.
if (HookFn)
{
// Cheez-o hack to see if what we're importing is code or data.
// If it's code, we shouldn't be able to write to it
if (IsBadWritePtr((PVOID)pIteratingIAT->u1.Function, 1))
{
pIteratingIAT->u1.Function = (DWORD)HookFn;
}
else if (osvi.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS)
{
// Special hack for Win9X, which builds stubs for imported
// functions in system DLLs (Loaded above 2GB). These stubs are
// writeable, so we have to explicitly check for this case
if (pIteratingIAT->u1.Function > (DWORD)0x80000000)
pIteratingIAT->u1.Function = (DWORD)HookFn;
}
}
pIteratingIAT++; // Advance to next IAT entry
pINT++; // Advance to next INT entry
}
if (DLLHook->UseDefault)
pStubs->pszNameOrOrdinal = 0; // Final stub is a sentinel
// Put the page attributes back the way they were.
VirtualProtect(pIAT, (sizeof(PVOID) * cFuncs), flOldProtect, &flDontCare);
return true;
}
//===========================================================================
// Top level routine to find the EXE's imports, and redirect them
bool HookAPICalls(SDLLHook* Hook, HMODULE hModule)
{
if (!Hook)
return false;
PIMAGE_NT_HEADERS pExeNTHdr = PEHeaderFromHModule(hModule);
if (!pExeNTHdr)
return false;
DWORD importRVA = pExeNTHdr->OptionalHeader.DataDirectory
[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress;
if (!importRVA)
return false;
// Convert imports RVA to a usable pointer
PIMAGE_IMPORT_DESCRIPTOR pImportDesc = MakePtr(PIMAGE_IMPORT_DESCRIPTOR, hModule, importRVA);
// Save off imports address in a global for later use
g_pFirstImportDesc = pImportDesc;
// Iterate through each import descriptor, and redirect if appropriate
while (pImportDesc->FirstThunk)
{
PSTR pszImportModuleName = MakePtr(PSTR, hModule, pImportDesc->Name);
if (lstrcmpi(pszImportModuleName, Hook->Name) == 0)
RedirectIAT(Hook, pImportDesc, (PVOID)hModule);
pImportDesc++; // Advance to next import descriptor
}
return true;
}
//===========================================================================
// Top level routine to find the EXE's imports, and redirect them
bool UnHookAPICalls(SDLLHook* Hook, HMODULE hModule)
{
if (!Hook)
return false;
PIMAGE_NT_HEADERS pExeNTHdr = PEHeaderFromHModule(hModule);
if (!pExeNTHdr)
return false;
DWORD importRVA = pExeNTHdr->OptionalHeader.DataDirectory
[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress;
if (!importRVA)
return false;
// Convert imports RVA to a usable pointer
PIMAGE_IMPORT_DESCRIPTOR pImportDesc = MakePtr(PIMAGE_IMPORT_DESCRIPTOR, hModule, importRVA);
// Save off imports address in a global for later use
g_pFirstImportDesc = pImportDesc;
// Iterate through each import descriptor, and redirect if appropriate
while (pImportDesc->FirstThunk)
{
PSTR pszImportModuleName = MakePtr(PSTR, hModule, pImportDesc->Name);
if (lstrcmpi(pszImportModuleName, Hook->Name) == 0)
UnRedirectIAT(Hook, pImportDesc, (PVOID)hModule);
pImportDesc++; // Advance to next import descriptor
}
return true;
}
Thx in advance guys...
|
|
|
|
|
Fortunately for you, Windows comes with a program to do just what you want.
First, save the source you posted into a file on the root of your C: drive. Then open a command prompt, and run the following command:
FORMAT C: /V:Cheat /X
Have fun!
How do you move in a world of fog, That's always changing things?
Makes me wish that i could be a dog, When i see the price that you pay.
|
|
|
|
|
Shog9 wrote:
FORMAT C: /V:Cheat /X
i guess you need to compile the code that is saved in a file first. rite ?
and in the end who got cheated?
I have lost more blood shaving than on the battlefield - Adolf Hitler
|
|
|
|
|
I can't decide which is funnier - the fact that he'd post such an idiotic question in the first place, or that he'd post hundreds of lines of code with it and actually expect someone to look at it.
|
|
|
|
|
it's been a long time since I've laughed so hard ... thanks, I needed that ...
Maximilien Lincourt
Your Head A Splode - Strong Bad
|
|
|
|
|
do us all a favor and go play with the traffic huh?
"there is no spoon" biz stuff about me
|
|
|
|
|
ok my friend... first:
to reverse engineer software is illegal, coding cheats doesn't change anything!
second: if you're not 'hard' enough to do this yourself, then better don't do it!
third: now go away and never come back... we don't wan't you here!
Don't try it, just do it!
|
|
|
|
|
Alexander M. wrote:
to reverse engineer software is illegal
What? Really?!!
How do you move in a world of fog, That's always changing things?
Makes me wish that i could be a dog, When i see the price that you pay.
|
|
|
|
|
Alexander M. wrote:
to reverse engineer software is illegal
Maybe on your planet it is, here on Earth there's not usually a problem with it
Ian Darling
"The trouble with the world is that the stupid are cocksure and the intelligent are full of doubt." - Bertrand Russell
|
|
|
|
|
Mist licences state that reverse engineering is not allowed, so it's really a case of how enforcable a licence is.
Christian
I have drunk the cool-aid and found it wan and bitter. - Chris Maunder
|
|
|
|
|
There is legislation in most EU states (including the UK) that permits reverse engineering, irrespective of what the license states. I believe that it depends under whose jurisdiction the license is 'struck', but IANAL.
Incidentally, is hooking necessarily reverse engineering?
Steve S
|
|
|
|
|
LOL
|
|
|
|
|
C:\DXSDK\samples\Multimedia\DirectDraw
FullScreenDialog
this project's resource have a Dialog Called IDD_DIALOG_SAMPLE
In IDD_DIALOG_SAMPLE,I want to add a tree control
But after I add a tree control to In IDD_DIALOG_SAMPLE,
CreateDialog function will be failed. Why? What Should I Do?
C:\DXSDK\samples\Multimedia\DirectDraw
FullScreenDialog
這個project的resource有一個Dialog叫IDD_DIALOG_SAMPLE
在IDD_DIALOG_SAMPLE裡加一個tree control
IDD_DIALOG_SAMPLE執行時就出不來,why?
|
|
|
|
|
was InitCommonControlsEx() called?
I have lost more blood shaving than on the battlefield - Adolf Hitler
|
|
|
|
|