nightysday
01-15-2016, 08:41 AM
void hahahahah we will do it(HANDLE hProcess)
{
DWORD dwVirtualProtect = (DWORD)VirtualProtect;
PBYTE pVirtualProtect = (PBYTE)dwVirtualProtect;
char buffRead[5];
bool bHooked = false;
while (!bHooked)
{
ReadProcessMemory(hProcess, (LPVOID)dwVirtualProtect, (LPVOID)buffRead, 5, NULL);
for (int i = 0; i < 5; i++)
{
if (buffRead[i] != pVirtualProtect[i])
{
bHooked = true;
}
}
Sleep(50);
}
WriteProcessMemory(hProcess, (LPVOID)dwVirtualProtect, (LPCVOID)pVirtualProtect, 5, NULL);
HMODULE hNtdll = GetModuleHandle("ntdll.dll");
DWORD dwNtProtectVirtualMemory = (DWORD)GetProcAddress(hNtdll, "NtProtectVirtualMemory");
PBYTE pNtProtectVirtualMemory = (PBYTE)dwNtProtectVirtualMemory;
bHooked = false;
while (!bHooked)
{
ReadProcessMemory(hProcess, (LPVOID)dwNtProtectVirtualMemory, (LPVOID)buffRead, 5, NULL);
for (int i = 0; i < 5; i++)
{
if (buffRead[i] != pNtProtectVirtualMemory[i])
{
bHooked = true;
}
}
Sleep(50);
}
WriteProcessMemory(hProcess, (LPVOID)dwNtProtectVirtualMemory, (LPCVOID)pNtProtectVirtualMemory, 5, NULL);
DWORD dwNtOpenFile = (DWORD)GetProcAddress(hNtdll, "NtOpenFile");
PBYTE pNtOpenFile = (PBYTE)dwNtOpenFile;
bHooked = false;
while (!bHooked)
{
ReadProcessMemory(hProcess, (LPVOID)pNtOpenFile, (LPVOID)buffRead, 5, NULL);
for (int i = 0; i < 5; i++)
{
if (buffRead[i] != pNtOpenFile[i])
{
bHooked = true;
}
}
Sleep(50);
}
WriteProcessMemory(hProcess, (LPVOID)pNtOpenFile, (LPCVOID)pNtOpenFile, 5, NULL);
}
Call it from your loader, pass a HANDLE with both READ and WRITE memory permissions to it.
{
DWORD dwVirtualProtect = (DWORD)VirtualProtect;
PBYTE pVirtualProtect = (PBYTE)dwVirtualProtect;
char buffRead[5];
bool bHooked = false;
while (!bHooked)
{
ReadProcessMemory(hProcess, (LPVOID)dwVirtualProtect, (LPVOID)buffRead, 5, NULL);
for (int i = 0; i < 5; i++)
{
if (buffRead[i] != pVirtualProtect[i])
{
bHooked = true;
}
}
Sleep(50);
}
WriteProcessMemory(hProcess, (LPVOID)dwVirtualProtect, (LPCVOID)pVirtualProtect, 5, NULL);
HMODULE hNtdll = GetModuleHandle("ntdll.dll");
DWORD dwNtProtectVirtualMemory = (DWORD)GetProcAddress(hNtdll, "NtProtectVirtualMemory");
PBYTE pNtProtectVirtualMemory = (PBYTE)dwNtProtectVirtualMemory;
bHooked = false;
while (!bHooked)
{
ReadProcessMemory(hProcess, (LPVOID)dwNtProtectVirtualMemory, (LPVOID)buffRead, 5, NULL);
for (int i = 0; i < 5; i++)
{
if (buffRead[i] != pNtProtectVirtualMemory[i])
{
bHooked = true;
}
}
Sleep(50);
}
WriteProcessMemory(hProcess, (LPVOID)dwNtProtectVirtualMemory, (LPCVOID)pNtProtectVirtualMemory, 5, NULL);
DWORD dwNtOpenFile = (DWORD)GetProcAddress(hNtdll, "NtOpenFile");
PBYTE pNtOpenFile = (PBYTE)dwNtOpenFile;
bHooked = false;
while (!bHooked)
{
ReadProcessMemory(hProcess, (LPVOID)pNtOpenFile, (LPVOID)buffRead, 5, NULL);
for (int i = 0; i < 5; i++)
{
if (buffRead[i] != pNtOpenFile[i])
{
bHooked = true;
}
}
Sleep(50);
}
WriteProcessMemory(hProcess, (LPVOID)pNtOpenFile, (LPCVOID)pNtOpenFile, 5, NULL);
}
Call it from your loader, pass a HANDLE with both READ and WRITE memory permissions to it.