[C++] Pressing F-keys in the background.

05/17/2009 16:28 clintonselke#1
Good day fokes, the following might be interesting to anyone wanting to make a background autopotter, xp skill leveler or something.

PHP Code:
void CCO2Functions::triggerFKey(uint32_t num)
{
/*
CPU Disasm
Address   Hex dump             Command                                            Comments
0048921D  |.  A1 B0915D00      MOV EAX,DWORD PTR DS:[5D91B0]
00489222  |.  56               PUSH ESI                                           ; /Arg1
00489223  |.  8D88 089C0800    LEA ECX,[EAX+89C08]                                ; |
00489229  |.  E8 0762FFFF      CALL 0047F435                                      ; \Conquer.0047F435
0048922E  |.  8B0D B4915D00    MOV ECX,DWORD PTR DS:[5D91B4]
00489234  |.  C1E0 08          SHL EAX,8
00489237  |.  0BC7             OR EAX,EDI
00489239  |.  50               PUSH EAX                                           ; /Arg1
0048923A  |.  E8 0B7F0000      CALL 0049114A                                      ; \Conquer.0049114A
*/
    char opcode[] =
    "\x60"                     //  0: PUSH AD
    "\xBF\x00\x00\x00\x00"     //  1: MOV EDI, num
    "\x89\xFE"                 // MOV ESI, EDI
    "\x4E"                     // DEC ESI
    "\xA1\xB0\x91\x5D\x00"     // MOV EAX, DWORD PTR DS:[0x005D91B0]
    "\x56"                     // PUSH ESI
    "\x8D\x88\x08\x9C\x08\x00" // LEA ECX,[EAX+0x00089C08]
    "\xB8\x35\xF4\x47\x00"     // MOV EAX, 0x0047F435
    "\xFF\xD0"                 // CALL EAX
    "\x8B\x0D\xB4\x91\x5D\x00" // MOV ECX, DWORD PTR DS:[0x005D91B4]
    "\xC1\xE0\x08"             // SHL EAX, 8
    "\x0B\xC7"                 // OR EAX, EDI
    "\x50"                     // PUSH EAX
    "\xB8\x4A\x11\x49\x00"     // MOV EAX, 0x0049114A
    "\xFF\xD0"                 // CALL EAX
    "\x61"                     // POP AD
    "\xC3";                    // RET

    opcode[2] = ((char*)&num)[0];
    opcode[3] = ((char*)&num)[1];
    opcode[4] = ((char*)&num)[2];
    opcode[5] = ((char*)&num)[3];

    execute((void*)opcodesizeof(opcode));
}

uint32_t CCO2Functions::execute(voidopcodeuint32_t size)
{
    voidremoteMem VirtualAllocEx(hProcess0sizeMEM_COMMITPAGE_EXECUTE_READWRITE);
    if (remoteMem == NULL) { return 0; }
    if (!WriteProcessMemory(hProcessremoteMemopcodesize0)) {
        VirtualFreeEx(hProcessremoteMem0MEM_RELEASE);
        return 0;
    }
    HANDLE hThread CreateRemoteThread(hProcess065536, (LPTHREAD_START_ROUTINE)remoteMem000);
    if (!hThread) {
        VirtualFreeEx(hProcessremoteMem0MEM_RELEASE);
        return 0;
    }
    while (WaitForSingleObject(hThread1000) != WAIT_OBJECT_0) {}
    uint32_t retval;
    GetExitCodeThread(hThread, (DWORD*)&retval);
    VirtualFreeEx(hProcessremoteMem0MEM_RELEASE);
    CloseHandle(hThread);
    return retval;

void CCO2Functions::triggerFKey(uint32_t num) <-- in this function num is the f-key number ranging from 1 to 10.

Enjoy :p
05/17/2009 21:01 griswald#2
oo thanks, if i made an autopotter, and wanted to give source so everyone can see. would you mind if i gave them the CCO2Functions.h and cpp or you want me to not release that?


~griwald
05/17/2009 21:32 clintonselke#3
Quote:
Originally Posted by griswald View Post
oo thanks, if i made an autopotter, and wanted to give source so everyone can see. would you mind if i gave them the CCO2Functions.h and cpp or you want me to not release that?


~griwald
Sure, be my guest. :p
05/18/2009 11:26 ace_heart#4
gratz i try it and give u results