Code:
bool CustomWPM(HANDLE hProcess, LPVOID lpBaseAddress, byte* lpBuffer, char* mask)
{
DWORD dwOldProtectionState;
DWORD dummy;
BOOL result = FALSE;
DWORD Addr = (DWORD)lpBaseAddress;
for (; *mask; mask++, lpBuffer++, Addr++)
{
if (*mask == 'x')
{
if (VirtualProtectEx(hProcess, (LPVOID)Addr, 1, PAGE_READWRITE, &dwOldProtectionState) == TRUE)
{
result = WriteProcessMemory(hProcess, (LPVOID)Addr, &*lpBuffer, 1, NULL);
VirtualProtectEx(hProcess, (LPVOID)Addr, 1, dwOldProtectionState, &dummy);
}
}
}
return result;
}
bool DataCompare(byte* pData, byte* pattern, char* mask)
{
for (; *mask; mask++, pattern++, pData++)
{
if (*mask == 'x' && *pData != *pattern)
return false;
}
return true;
}
vector<DWORD> FindPattern(HANDLE hProcess, DWORD addr, DWORD length, byte* pattern, char* mask)
{
MEMORY_BASIC_INFORMATION mbi = { 0 };
DWORD offset = 0;
DWORD dwTemp;
vector<DWORD> Enderecos;
while (offset < length)
{
VirtualQueryEx(hProcess, (LPCVOID)(addr + offset), &mbi, sizeof(MEMORY_BASIC_INFORMATION));
if (mbi.Type == MEM_PRIVATE && (mbi.State != MEM_RESERVE))
{
byte* buffer = new byte[mbi.RegionSize];
ReadProcessMemory(hProcess, mbi.BaseAddress, buffer, mbi.RegionSize, NULL);
for (unsigned int i = 0; i < mbi.RegionSize; i++)
{
if (DataCompare(buffer + i, pattern, mask))
{
dwTemp = (DWORD)mbi.BaseAddress + i;
Enderecos.push_back(dwTemp);
}
}
delete[] buffer;
}
offset += mbi.RegionSize;
}
return Enderecos;
}
DWORD GetBaseAddr(DWORD id)
{
MODULEINFO modinfo = { 0 };
GetModuleInformation((HANDLE)id, GetModuleHandle(NULL), &modinfo, sizeof(MODULEINFO));
return (DWORD)modinfo.lpBaseOfDll;
}
Addresses = FindPattern(hProcess, BaseAddr, 0x7FFFFFFF, (PBYTE)"\x03\x3A\x00\x00\x00\x00\xD0\x00\x00\x00\x00\x28\x00\x00\x00\x00", "xx????x????x????");
if (Addresses.size() != NULL)//AntiFix
{
DWORD Addr;
for (unsigned int a = 0; a < Addresses.size(); a++)
{
Addr = Addresses[a];
CustomWPM(hProcess, (LPVOID)Addr, (PBYTE)"\x2A\x3A\x00\x00\x00\x00\xD0\x00\x00\x00\x00\x28\x00\x00\x00\x00", "xx????x????x????");
}
Addresses.clear();
}