signature_scanner source code for this can anybody help me chack this by Jabberwock

**kenjifurry** · 12-05-2016

Code:
#pragma once
#include <windows.h>
#include <psapi.h>
#pragma comment(lib, "psapi.lib")
#include <stdio.h>

// Usage: unsigned long address = signature_scanner->search("3AB2DFAB????????3FBACD300200A1XXXXXXXXB1C 4DA");
// X is the address
// ? is a wildcard

class signature_scanner
{
private:
unsigned long BaseAddress;
unsigned long ModuleSize;

public:
signature_scanner()
{
//SYSTEM_INFO info;
//GetSystemInfo(&info);
//this->BaseAddress = (unsigned long)info.lpMinimumApplicationAddress;

// Could be injected earlier than expected

while (!(this->BaseAddress = (unsigned long)GetModuleHandle(NULL)))
Sleep(100);

// Getting size of image

MODULEINFO modinfo;

while (!GetModuleInformation(GetCurrentProcess(), GetModuleHandle(NULL), &modinfo, sizeof(MODULEINFO)))
Sleep(100);

this->ModuleSize = modinfo.SizeOfImage;

// Wait for the application to finish loading

MEMORY_BASIC_INFORMATION meminfo;

while (true)
{
if (VirtualQuery((void*)this->ModuleSize, &meminfo, sizeof(MEMORY_BASIC_INFORMATION)))
if (!(meminfo.Protect &PAGE_EXECUTE_WRITECOPY))
break;

Sleep(100);
}
}

unsigned long search(const char* string, unsigned short offset=0)
{
unsigned int p_length = strlen(string);// Pattern's length

if (p_length % 2 != 0 || p_length < 2 || !this->BaseAddress || !this->ModuleSize) return NULL;// Invalid operation

unsigned short length = p_length / 2;// Number of bytes

// The buffer is storing the real bytes' values after parsing the string
unsigned char* buffer = new unsigned char[length];
SecureZeroMemory(buffer, length);

// Copy of string

char* pattern = new char[p_length+1];// +1 for the null terminated string
ZeroMemory(pattern, p_length+1);
strcpy_s(pattern, p_length+1, string);
_strupr_s(pattern, p_length+1);

// Set vars

unsigned char f_byte;
unsigned char s_byte;

// Parsing of string

for (unsigned short z = 0; z < length; z++)
{
f_byte = pattern[z*2];// First byte
s_byte = pattern[(z*2)+1];// Second byte

if ( ( (f_byte <= 'F' && f_byte >= 'A') || (f_byte <= '9' && f_byte >= '0') ) && ( (s_byte <= 'F' && s_byte >= 'A') || (s_byte <= '9' && s_byte >= '0') ) )
{
if (f_byte <= '9') buffer[z] += f_byte - '0';
else buffer[z] += f_byte - 'A' + 10;
buffer[z] *= 16;
if (s_byte <= '9') buffer[z] += s_byte - '0';
else buffer[z] += s_byte - 'A' + 10;
}
else if (f_byte == 'X' || s_byte == 'X') buffer[z] = 'X';
else buffer[z] = '?';// Wildcard
}

// Remove buffer

delete[] pattern;

// Start searching

unsigned short x;
unsigned long i = this->BaseAddress;
MEMORY_BASIC_INFORMATION meminfo;
unsigned long EOR;

while (i < this->ModuleSize)
{
VirtualQuery((void*)i, &meminfo, sizeof(MEMORY_BASIC_INFORMATION));

if (!(meminfo.Protect &PAGE_EXECUTE_READWRITE))// Good for AVA for now
{// !(meminfo.Protect &(PAGE_READWRITE | PAGE_WRITECOPY | PAGE_EXECUTE_READWRITE | PAGE_EXECUTE_WRITECOPY)) || !(meminfo.State &MEM_COMMIT)
i += meminfo.RegionSize;
continue;
}

EOR = i + meminfo.RegionSize;

for (; i < EOR; i++)
{
for (x = 0; x < length; x++)
if (buffer[x] != ((unsigned char*)i)[x] && buffer[x] != '?' && buffer[x] != 'X')
break;

if (x == length)
{
delete[] buffer;
const char* s_offset = strstr(string, "X");

if (s_offset != NULL)
return *(unsigned long*)&((unsigned char*)i)[length - strlen(s_offset) / 2];
else
return *(unsigned long*)&((unsigned char*)i)[length + offset];
}
}
}

// Didn't find anything

delete[] buffer;
return NULL;
}
};

**killerleong** · 12-05-2016

very crazy thanks nice nice nice

**Minerva** · 12-05-2016

Hi @kenjifurry
Honestly, you need improving your english and try be more especific in your question, bcuz, you keep making threads about random source codes, I guess that you dont have a minimum knowledge for at less ask something about programming.

So, be more precise when asking, showing errors, bugs or detailing what you dont know, and then maybe some programmers will help you.

**RuShi** · 12-05-2016

What do you want to check? This is not complete source.

Code:

#pragma once
#include <windows.h>
#include <psapi.h>
#pragma comment(lib, "psapi.lib")
#include <stdio.h>

// Usage: unsigned long address = signature_scanner->search("3AB2DFAB????????3FBACD300200A1XXXXXXXXB1C4DA");
// X is the address
// ? is a wildcard

class signature_scanner
{
private:
	unsigned long BaseAddress;
	unsigned long ModuleSize;

public:
	signature_scanner()
	{
		//SYSTEM_INFO info;
		//GetSystemInfo(&info);
		//this->BaseAddress = (unsigned long)info.lpMinimumApplicationAddress;

		// Could be injected earlier than expected

		while (!(this->BaseAddress = (unsigned long)GetModuleHandle(NULL)))
			Sleep(100);

		// Getting size of image

		MODULEINFO modinfo;

		while (!GetModuleInformation(GetCurrentProcess(), GetModuleHandle(NULL), &modinfo, sizeof(MODULEINFO)))
			Sleep(100);

		this->ModuleSize = modinfo.SizeOfImage;

		// Wait for the application to finish loading

		MEMORY_BASIC_INFORMATION meminfo;

		while (true)
		{
			if (VirtualQuery((void*)this->ModuleSize, &meminfo, sizeof(MEMORY_BASIC_INFORMATION)))
				if (!(meminfo.Protect &PAGE_EXECUTE_WRITECOPY))
					break;

			Sleep(100);
		}
	}

	unsigned long search(const char* string, unsigned short offset=0)
	{
		unsigned int p_length = strlen(string);// Pattern's length

		if (p_length % 2 != 0 || p_length < 2 || !this->BaseAddress || !this->ModuleSize) return NULL;// Invalid operation

		unsigned short length = p_length / 2;// Number of bytes

		// The buffer is storing the real bytes' values after parsing the string
		unsigned char* buffer = new unsigned char[length];
		SecureZeroMemory(buffer, length);

		// Copy of string

		char* pattern = new char[p_length+1];// +1 for the null terminated string
		ZeroMemory(pattern, p_length+1);
		strcpy_s(pattern, p_length+1, string);
		_strupr_s(pattern, p_length+1);

		// Set vars

		unsigned char f_byte;
		unsigned char s_byte;

		// Parsing of string

		for (unsigned short z = 0; z < length; z++)
		{
			f_byte = pattern[z*2];// First byte
			s_byte = pattern[(z*2)+1];// Second byte

			if ( ( (f_byte <= 'F' && f_byte >= 'A') || (f_byte <= '9' && f_byte >= '0') ) && ( (s_byte <= 'F' && s_byte >= 'A') || (s_byte <= '9' && s_byte >= '0') ) )
			{
				if (f_byte <= '9') buffer[z] += f_byte - '0';
				else buffer[z] += f_byte - 'A' + 10;
				buffer[z] *= 16;
				if (s_byte <= '9') buffer[z] += s_byte - '0';
				else buffer[z] += s_byte - 'A' + 10;
			}
			else if (f_byte == 'X' || s_byte == 'X') buffer[z] = 'X';
			else buffer[z] = '?';// Wildcard
		}

		// Remove buffer

		delete[] pattern;

		// Start searching
		
		unsigned short x;
		unsigned long i = this->BaseAddress;
		MEMORY_BASIC_INFORMATION meminfo;
		unsigned long EOR;
		
		while (i < this->ModuleSize)
		{
			VirtualQuery((void*)i, &meminfo, sizeof(MEMORY_BASIC_INFORMATION));

			if (!(meminfo.Protect &PAGE_EXECUTE_READWRITE))//
			{ !(meminfo.Protect &(PAGE_READWRITE | PAGE_WRITECOPY | PAGE_EXECUTE_READWRITE | PAGE_EXECUTE_WRITECOPY)) || !(meminfo.State &MEM_COMMIT)
				i += meminfo.RegionSize;
				continue;
			}

			EOR = i + meminfo.RegionSize;

			for (; i < EOR; i++)
			{
				for (x = 0; x < length; x++)
					if (buffer[x] != ((unsigned char*)i)[x] && buffer[x] != '?' && buffer[x] != 'X')
						break;

				if (x == length)
				{
					delete[] buffer;
					const char* s_offset = strstr(string, "X");

					if (s_offset != NULL)
						return *(unsigned long*)&((unsigned char*)i)[length - strlen(s_offset) / 2];
					else
						return *(unsigned long*)&((unsigned char*)i)[length + offset];
				}
			}
		}
		
		// Didn't find anything

		delete[] buffer;
		return NULL;
	}
};

**kenjifurry** · 12-07-2016

@Luffy @Minerva /close

**Minerva** · 12-07-2016

Thread Closed as requested.
/Unresolved.

Thread: signature_scanner source code for this can anybody help me chack this by Jabberwock

Thread Tools

Display

signature_scanner source code for this can anybody help me chack this by Jabberwock

The Following 2 Users Say Thank You to kenjifurry For This Useful Post:

The Following User Says Thank You to Minerva For This Useful Post:

The Following User Says Thank You to kenjifurry For This Useful Post:

Similar Threads

[Help Request] Can anybody help me with this problem?

[Help Request] Can someone help me with this code

[Request] Can Someone Check This Source Code For 1hit ZM?

[Help Request] can anyone help me make this mod? for cleric

Source Codes For Coders (hope that help!!)