1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68
|
#include <windows.h>
#include <tchar.h>
#include <stdio.h>
#include <psapi.h>
#include <commctrl.h>
#include <Winuser.h>
void main( )
{
HWND hWnd; // Strucure pour l'handle de la fenetre
DWORD processID; // Dword du PID
HMODULE hMods[1024];
HANDLE hProcess;
DWORD cbNeeded;
unsigned int i;
char *dll = "iecustom.dll"; // Module a patcher
char *hTitle = "Internet Explorer 7 Beta 2 Setup"; // Titre de la fenetre....
hWnd = FindWindow(NULL, hTitle); // Recupere l'handle de la fenetre...
GetWindowThreadProcessId(hWnd,&processID); // Recupere le PID en fonction de l'handle...
printf( "\nWindow ID: %u\n", hWnd );
// Print the process identifier.
printf( "\nProcess ID: %u\n", processID );
// Get a list of all the modules in this process.
hProcess = OpenProcess( PROCESS_QUERY_INFORMATION |
PROCESS_VM_READ,
FALSE, processID );
if (NULL == hProcess)
return;
if( EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbNeeded))
{
for ( i = 0; i < (cbNeeded / sizeof(HMODULE)); i++ ) // Pour chaque modules...
{
TCHAR szModName[MAX_PATH];
if ( GetModuleBaseName( hProcess, hMods[i], szModName, sizeof(szModName)/sizeof(TCHAR)))
{
// Print the module name and handle value.
if (strcmp(szModName,dll) == 0) // Si le module est bien le bon...
{
_tprintf( TEXT("Found : \t%s (0x%08X)\n"), szModName, hMods[i] ); // On l'affiche & on patche.
DWORD address = 0xC825AB; // Offset a patcher
unsigned char patch[1] = {0xEB}; // Byte a remplacer (jmp)
if( WriteProcessMemory (hMods[i],(void*)address, &patch, sizeof(patch), NULL)) {
printf( "\nWell done"); }
break; // On arrete la boucle...
}
}
}
}
CloseHandle( hProcess );
} |
Partager