Clever Geek Handbook

Create C ++ dll with inline assembly

What I am trying to do is make a C ++ dll file with a middle hook in it to watch when the value changes in play (Plants Vs Zombies). Now my problem is that inline assembly is included via header, when the DLL is built it gives an error
:-1: error: [release/PVZ_lib.o] Error 1

(PVZ_lib is the name of the cpp file where my main one is located)

I am using QT Creator as my IDE with MinGW 4.7 compiler.

Assembly header

#ifndef ASM_H
#define ASM_H
#include "addr.h"

DWORD scan      =0;
DWORD scanreg   =0;
DWORD scanptr;

void code(void){

    asm("ADD [EAX+0x5560],ECX");

    asm("MOV scanreg,ECX");

    asm("MOV ECX,[EAX+0x5560]");
    asm("CMP ECX,2706");
    asm("JLE SHORT PlantsVs.00430A9D");

    asm("jmp[scan]");


}

#endif // ASM_H

Functions

#include "addr.h"    

void addr::PlaceJMP(BYTE *Address,DWORD jumpto,DWORD lenght){
    DWORD dwoldprotect, dwbkup, dwreladdr;

    VirtualProtect(Address,lenght,PAGE_EXECUTE_READWRITE,&dwoldprotect);
    dwreladdr = (DWORD) (jumpto -(DWORD)Address) - 5;
    *Address  = 0xE9l;
    *((DWORD*)(Address+0x1))= dwreladdr;

    for(DWORD x=0x5;x<lenght;x++){
        *(Address+x)=0x90;
    }

    VirtualProtect(Address,lenght,dwoldprotect,&dwbkup);
}

MODULEINFO addr::GetModuleInfo(char *name){
    MODULEINFO modinfo={0};
    HMODULE hModule =GetModuleHandle(name);
    if(hModule == 0){
        return modinfo;
    }

    GetModuleInformation(GetCurrentProcess(),hModule, &modinfo,sizeof(MODULEINFO));
    return modinfo;
}

DWORD addr::FindPat(char *module,char *pattern,char *mask){
    MODULEINFO mInfo = GetModuleInfo(module);
    DWORD base =(DWORD)mInfo.lpBaseOfDll;
    DWORD size =(DWORD)mInfo.SizeOfImage;
    DWORD i;
    bool found = true;
    DWORD PatternLenght = (DWORD)strlen(mask);
    for(i=0;i<size-PatternLenght;i++){

        for(DWORD j=0;j<PatternLenght;j++){
            found &=mask[j] == '?' || pattern[j] == *(char*)(base+i+j);
        }
    }
    if(found){
        return base+i;
    }
    return NULL;
}

home

#include <iostream>
#include <windows.h>
#include <tlhelp32.h>
#include <psapi.h>
#include "addr.h"
#include "ASM.h"
addr stuff;

void initHooks(){

        DWORD find = stuff.FindPat("PlantsVsZombies.exe",
                                   "\x01\x88\x00\x00\x00\x00\x8B\x88\x00\x00\x00\x00\x81\xF9\x00\x00\x00\x00\x7E\x78",
                                   "xx????xx????xx????xx"
                                   );
    }

    DWORD WINAPI watch(){
        scanptr= scanreg;//+0x3C
        DWORD test=scanptr;

        for(;;Sleep(150)){
            if(scanptr!=test){
              test=scanptr;
                //addr.MsgBoxAddr(1);
            }
        }
    }

    BOOL WINAPI DLLMain(HINSTANCE hinstDLL,DWORD ftwReason,LPVOID lpReserved){
        initHooks();
        switch(ftwReason){
            case DLL_PROCESS_ATTACH:
            CreateThread(NULL,NULL,(LPTHREAD_START_ROUTINE)watch(),NULL,NULL,NULL);
            break;
        }

    return TRUE;
}

I've tried formatting assembler like this.

__declspec(naked) void code(void){

    __asm{
         //assembler
    }
}

in this format I get the following:

warning: attribute directive 'naked' ignored [-Wattributes] and multiple error: was not declared in this scope

Note. I am not familiar with plugging or inline assembly.

What I used to generate this code:

https://www.youtube.com/watch?v=A8PGxbu4EqQ

http://www.ibiblio.org/gferg/ldp/GCC-Inline-Assembly-HOWTO.html

+3


source to share


1 answer


I recommend that you use a tool like cheatEngine to find the address you want to connect and use the Visual Studio C ++ compiler for that.

#define SOME_OFFSET = 0x5560;

void __declspec(naked) _stdcall MyHack(){
   __asm{
     add [eax+SOME_OFFSET], ecx
     //other stuff...

  }

}


Also, whenever you inspect your code, watch how the jump is done in memory using CheatEngine.

0


source






More articles:


All Articles