Giriş yap
En iyi yollayıcılar
Hello EMO | ||||
EMO | ||||
eMoStyLe | ||||
BesimBICER | ||||
GameKinG | ||||
Crysis | ||||
~>!.DεvιLρяιεsт.!<~ | ||||
MeTaL | ||||
TrueCrime | ||||
djhayal3t |
Istatistikler
Toplam 203 kayıtlı kullanıcımız varSon kaydolan kullanıcımız: crayzboy76
Kullanıcılarımız toplam 1186 mesaj attılar bunda 862 konu
Arama
Sosyal yer imi
Sosyal bookmarking sitesinde Emo, Emo nedir, Emo resimleri, Emo Kıyafetleri, Emo Sözleri, Emo Oyunları, EmoTurkey, Emo Nickler, Emo Avatarları, Punk, Punk Resimleri, Punk Avatarları, Rock, Rock Resimleri, Rock Avatarları, Msn Nickleri, Msn Avatarları, Müzik adresi saklayın ve paylaşın
Sosyal bookmarking sitesinde EMO Style ForumPro - Hos Geldiniz adresi saklayın ve paylaşın
Kimler hatta?
Toplam 1 kullanıcı online :: 0 Kayıtlı, 0 Gizli ve 1 Misafir Yok
Sitede bugüne kadar en çok 217 kişi C.tesi Tem. 29, 2017 1:46 am tarihinde online oldu.
En son konular
Reklam
Improvements to GetProcAddress(), by: Darawk
1 sayfadaki 1 sayfası
Improvements to GetProcAddress(), by: Darawk
GetProcAddress2 is essentially identical to the windows API function GetProcAddress, with one key difference. GetProcAddress2 does not check to make sure the module handle that's passed to it is in the loaded modules list.
- Kod:
// GetProcAddress2 - by Darawk
// Featured @ www.RealmGX.com & www.Darawk.com
//
// GetProcAddress2 is essentially identical to the
// windows API function GetProcAddress, with one
// key difference. GetProcAddress2 does not check
// to make sure the module handle that's passed to
// it is in the loaded modules list. GetProcAddress2
// is designed to be used in conjunction with ManualMap
// or CloakDll. It allows you to access functions that
// have been exported from a dll loaded by ManualMap or
// cloaked by CloakDll. This functionality is necessary
// for plugin-based applications and late-binding functions.
#include <windows.h></windows.h>
#define IMAGE_DIRECTORY_ENTRY_EXPORT 0
// Pietrek's macro
//
// MakePtr is a macro that allows you to easily add to values (including
// pointers) together without dealing with C's pointer arithmetic. It
// essentially treats the last two parameters as DWORDs. The first
// parameter is used to typecast the result to the appropriate pointer type.
#define MakePtr( cast, ptr, addValue ) (cast)( (DWORD_PTR)(ptr) + (DWORD_PTR)(addValue))
// This one is mine, but obviously..."adapted" from matt's original idea =p
#define MakeDelta(cast, x, y) (cast) ( (DWORD_PTR)(x) - (DWORD_PTR)(y))
// My modified version of pietrek's function, to work with PE files that have
// already been mapped into memory.
LPVOID GetPtrFromRVA( DWORD, IMAGE_NT_HEADERS *, PBYTE, bool);
FARPROC GetProcAddress2(HMODULE hMod, char *func)
{
IMAGE_DOS_HEADER *dosHd;
IMAGE_NT_HEADERS *ntHd;
IMAGE_EXPORT_DIRECTORY *ied;
char **names;
unsigned short *ordinals;
FARPROC *funcs;
// Make sure we got a valid pointer
if(!hMod || hMod == INVALID_HANDLE_VALUE)
return NULL;
dosHd = (IMAGE_DOS_HEADER *)hMod;
// Verify the DOS header
if(dosHd->e_magic != IMAGE_DOS_SIGNATURE)
return NULL;
ntHd = MakePtr(IMAGE_NT_HEADERS *, hMod, dosHd->e_lfanew);
// Verify the NT header
if(ntHd->Signature != IMAGE_NT_SIGNATURE)
return NULL;
ied = (IMAGE_EXPORT_DIRECTORY *)GetPtrFromRVA((DWORD)(ntHd->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress),
ntHd,
(PBYTE)hMod, true);
names = (char **)GetPtrFromRVA(ied->AddressOfNames, ntHd, (PBYTE)hMod, true);
ordinals = (unsigned short *)GetPtrFromRVA(ied->AddressOfNameOrdinals, ntHd, (PBYTE)hMod, true);
funcs = (FARPROC *)GetPtrFromRVA(ied->AddressOfFunctions, ntHd, (PBYTE)hMod, true);
unsigned int i;
for(i = 0; i < ied->NumberOfNames; i++)
if(!stricmp((char *)GetPtrFromRVA((DWORD)names[i], ntHd, (PBYTE)hMod, true), func))
break;
if(i >= ied->NumberOfNames)
return NULL;
return MakePtr(FARPROC, hMod, funcs[ordinals[i]]);
}
// Matt Pietrek's function
PIMAGE_SECTION_HEADER GetEnclosingSectionHeader(DWORD rva, PIMAGE_NT_HEADERS pNTHeader)
{
PIMAGE_SECTION_HEADER section = IMAGE_FIRST_SECTION(pNTHeader);
unsigned int i;
for ( i = 0; i < pNTHeader->FileHeader.NumberOfSections; i++, section++ )
{
// This 3 line idiocy is because Watcom's linker actually sets the
// Misc.VirtualSize field to 0. (!!! - Retards....!!!)
DWORD size = section->Misc.VirtualSize;
if ( 0 == size )
size = section->SizeOfRawData;
// Is the RVA within this section?
if ( (rva >= section->VirtualAddress) &&
(rva < (section->VirtualAddress + size)))
return section;
}
return 0;
}
unsigned long GetMappedSectionOffset(IMAGE_NT_HEADERS *ntHd, IMAGE_SECTION_HEADER *seHd, void *base)
{
IMAGE_SECTION_HEADER *section = IMAGE_FIRST_SECTION(ntHd);
unsigned int i;
unsigned long offset = MakeDelta(unsigned long, section, base);
for(i = 0; i < ntHd->FileHeader.NumberOfSections; i++, section++)
{
if(section->Name == seHd->Name)
{
offset = MakeDelta(unsigned long, section->VirtualAddress, section->PointerToRawData);
break;
}
//offset += (section->SizeOfRawData > ntHd->OptionalHeader.SectionAlignment ?
// section->SizeOfRawData - ntHd->OptionalHeader.SectionAlignment :
// ntHd->OptionalHeader.SectionAlignment - section->SizeOfRawData);
}
return offset;
}
// This function is also Pietrek's
LPVOID GetPtrFromRVA( DWORD rva, IMAGE_NT_HEADERS *pNTHeader, PBYTE imageBase, bool mapped )
{
PIMAGE_SECTION_HEADER pSectionHdr;
INT delta;
unsigned long offset = 0;
pSectionHdr = GetEnclosingSectionHeader( rva, pNTHeader );
if(mapped)
offset = GetMappedSectionOffset(pNTHeader, pSectionHdr, imageBase);
if ( !pSectionHdr )
return 0;
delta = (INT)(pSectionHdr->VirtualAddress-pSectionHdr->PointerToRawData);
return (PVOID) ( imageBase + rva - delta + offset);
}
EMO- EMO Team
- Cinsiyet :
Burçlar :
Mesaj Sayısı : 184
Puan : 236893
Rep Puanı : 5
Doğum tarihi : 28/11/89
Kayıt tarihi : 18/05/11
Yaş : 34
Nerden : EMO world
İş/Hobiler : RCE Student / Game Hacking / Learn Beginner C#,C++,Delphi
Lakap : EMO
1 sayfadaki 1 sayfası
Bu forumun müsaadesi var:
Bu forumdaki mesajlara cevap veremezsiniz
Cuma Ağus. 29, 2014 8:33 am tarafından Hello EMO
» goldenchase.net maden yaparak para kazanma
Cuma Ağus. 29, 2014 8:18 am tarafından Hello EMO
» etichal hacker görsel egitim seti
Çarş. Ağus. 06, 2014 4:57 am tarafından Hello EMO
» KO TBL Source C#
Ptsi Ara. 09, 2013 6:36 am tarafından Hello EMO
» x86 Registers
C.tesi Ağus. 24, 2013 5:02 am tarafından Hello EMO
» [Tutorial] Pegando Address, Pointers de WYD
Çarş. Tem. 10, 2013 7:25 am tarafından Hello EMO
» [Tutorial] Pegando Address, Pointers de CS Metodo²
Çarş. Tem. 10, 2013 7:23 am tarafından Hello EMO
» [Tutorial] Aprendendo basico deASM OLLYDBG
Çarş. Tem. 10, 2013 7:22 am tarafından Hello EMO
» Basic C# DLL injector
Ptsi Tem. 08, 2013 7:48 am tarafından Hello EMO