Senin, 29 Agustus 2011
0 [Source Code] Magnet + Ghost
#include <windows.h> #include <stdio.h> #include <stdlib.h> #include <shellapi.h> #define WIN32_LEAN_AND_MEAN#define _MAIN_H_ #define Ghost 0x3CDEA4 #define Magnet 0x3B4CCF LPTSTR ThePro = "PointBlank.i3exec"; DWORD dwBase,NextProtection,CheckProtection = 0; //========================================================// void InProtectAndModify(DWORD Offset, DWORD Pointer, DWORD Length){ VirtualProtect((void *)Offset, Length, PAGE_EXECUTE_READWRITE, &CheckProtection); RtlMoveMemory((void *)Offset, (const void*)Pointer, Length); VirtualProtect((void *)Offset, Length, CheckProtection, &CheckProtection); } void MEMhack (BYTE *Offset, BYTE *ByteArray, DWORD Length){ InProtectAndModify((DWORD)Offset , (DWORD)ByteArray , 1); } void AriProtection(void *adr, void *ptr, int size) { DWORD CheckProtection = NULL; VirtualProtect(adr,size,PAGE_EXECUTE_READWRITE, &NextProtection); RtlMoveMemory(adr,ptr,size); VirtualProtect(adr,size,NextProtection, &NextProtection); } int AriLog = 0; int __fastcall ProtectAri(void) { return 0; } DWORD WINAPI ThreadStarter(LPVOID param) { while (1) { ProtectAri(); ProtectAri(); ProtectAri(); ProtectAri(); ProtectAri(); ProtectAri(); ProtectAri(); ProtectAri(); ProtectAri(); ProtectAri(); //============================================================================// } if(GetAsyncKeyState(VK_F5)&1) { MessageBeep(0); DWORD PTR1 = (DWORD)GetModuleHandleA("PointBlank.i3exec") + Magnet; AriProtection((void*)(PTR1), (void*)(PBYTE)"x00\x00\x00\x00",4); } { if(GetAsyncKeyState(VK_F6)&1) { MessageBeep(0); DWORD PTR2 = (DWORD)GetModuleHandleA("PointBlank.i3exec") + Magnet; // magnt AriProtection((void*)(PTR2), (void*)(PBYTE)"\xFF\xFF\x79\x3C",4); } { } } Sleep (10); } if(GetAsyncKeyState(VK_F7)&1) { MessageBeep(0); DWORD dwBase = (DWORD)GetModuleHandleA("PointBlank.i3exec"); DWORD adrGhost = dwBase + (DWORD)Ghost; AriProtection((void*)(adrGhost),(void*)(PBYTE)"\x00\x00\x00\x00",4); } if(GetAsyncKeyState(VK_F8)&1) { MessageBeep(0); DWORD dwBase = (DWORD)GetModuleHandleA("PointBlank.i3exec"); DWORD adrGhost = dwBase + (DWORD)Ghost; AriProtection((void*)(adrGhost),(void*)(PBYTE)"\x42\x70\x44\x61",4); } Sleep(10); } return(0); } BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved ) { DisableThreadLibraryCalls(hDll); if (dwReason == DLL_PROCESS_ATTACH) { MessageBox (0,":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\nCreated By :\n[-] Chandielz Ft. Knoxsviles\nFacebook and YM :\n[-] Chandielz\nGreetz and Thankz To :\n[-] Rino Agunk\n[-] Felix Henrico\n[-] Semua yang mengajari ku sampai skarang ^_^\n:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\nNOT FOR SHARE PUBLIC !!!\n:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\nRelease 2 Agustus 2011\n::::::::::::::::::::::::::::::::::\nFeature nya cari sndiri\n:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\n[-] Visit and Follow : \n[-] http://www.knoxsvileshack.blogspot.com","©Chandielz™", MB_OK | MB_ICONINFORMATION); CreateThread(0, 0, (LPTHREAD_START_ROUTINE)ThreadStarter, 0, 0, 0); } return TRUE; }
Label:
Source Code