// // created by AheadLib // github:https://github.com/strivexjun/AheadLib-x86-x64 // #include #include #pragma comment( lib, "Shlwapi.lib") #pragma comment(linker, "/EXPORT:GetFileVersionInfoA=AheadLib_GetFileVersionInfoA,@1") #pragma comment(linker, "/EXPORT:GetFileVersionInfoByHandle=AheadLib_GetFileVersionInfoByHandle,@2") #pragma comment(linker, "/EXPORT:GetFileVersionInfoExA=AheadLib_GetFileVersionInfoExA,@3") #pragma comment(linker, "/EXPORT:GetFileVersionInfoExW=AheadLib_GetFileVersionInfoExW,@4") #pragma comment(linker, "/EXPORT:GetFileVersionInfoSizeA=AheadLib_GetFileVersionInfoSizeA,@5") #pragma comment(linker, "/EXPORT:GetFileVersionInfoSizeExA=AheadLib_GetFileVersionInfoSizeExA,@6") #pragma comment(linker, "/EXPORT:GetFileVersionInfoSizeExW=AheadLib_GetFileVersionInfoSizeExW,@7") #pragma comment(linker, "/EXPORT:GetFileVersionInfoSizeW=AheadLib_GetFileVersionInfoSizeW,@8") #pragma comment(linker, "/EXPORT:GetFileVersionInfoW=AheadLib_GetFileVersionInfoW,@9") #pragma comment(linker, "/EXPORT:VerFindFileA=AheadLib_VerFindFileA,@10") #pragma comment(linker, "/EXPORT:VerFindFileW=AheadLib_VerFindFileW,@11") #pragma comment(linker, "/EXPORT:VerInstallFileA=AheadLib_VerInstallFileA,@12") #pragma comment(linker, "/EXPORT:VerInstallFileW=AheadLib_VerInstallFileW,@13") #pragma comment(linker, "/EXPORT:VerLanguageNameA=KERNEL32.VerLanguageNameA,@14") #pragma comment(linker, "/EXPORT:VerLanguageNameW=KERNEL32.VerLanguageNameW,@15") #pragma comment(linker, "/EXPORT:VerQueryValueA=AheadLib_VerQueryValueA,@16") #pragma comment(linker, "/EXPORT:VerQueryValueW=AheadLib_VerQueryValueW,@17") extern "C" { PVOID pfnAheadLib_GetFileVersionInfoA; PVOID pfnAheadLib_GetFileVersionInfoByHandle; PVOID pfnAheadLib_GetFileVersionInfoExA; PVOID pfnAheadLib_GetFileVersionInfoExW; PVOID pfnAheadLib_GetFileVersionInfoSizeA; PVOID pfnAheadLib_GetFileVersionInfoSizeExA; PVOID pfnAheadLib_GetFileVersionInfoSizeExW; PVOID pfnAheadLib_GetFileVersionInfoSizeW; PVOID pfnAheadLib_GetFileVersionInfoW; PVOID pfnAheadLib_VerFindFileA; PVOID pfnAheadLib_VerFindFileW; PVOID pfnAheadLib_VerInstallFileA; PVOID pfnAheadLib_VerInstallFileW; PVOID pfnAheadLib_VerQueryValueA; PVOID pfnAheadLib_VerQueryValueW; } static HMODULE g_OldModule = NULL; VOID WINAPI Free() { if (g_OldModule) { FreeLibrary(g_OldModule); } } BOOL WINAPI Load() { TCHAR tzPath[MAX_PATH]; TCHAR tzTemp[MAX_PATH * 2]; // // 这里是否从系统目录或当前目录加载原始DLL // //GetModuleFileName(NULL,tzPath,MAX_PATH); //获取本目录下的 //PathRemoveFileSpec(tzPath); GetSystemDirectory(tzPath, MAX_PATH); //默认获取系统目录的 lstrcat(tzPath, TEXT("\\version.dll")); g_OldModule = LoadLibrary(tzPath); if (g_OldModule == NULL) { wsprintf(tzTemp, TEXT("无法找到模块 %s,程序无法正常运行"), tzPath); MessageBox(NULL, tzTemp, TEXT("AheadLib"), MB_ICONSTOP); } return (g_OldModule != NULL); } FARPROC WINAPI GetAddress(PCSTR pszProcName) { FARPROC fpAddress; CHAR szProcName[64]; TCHAR tzTemp[MAX_PATH]; fpAddress = GetProcAddress(g_OldModule, pszProcName); if (fpAddress == NULL) { if (HIWORD(pszProcName) == 0) { wsprintfA(szProcName, "#%d", pszProcName); pszProcName = szProcName; } wsprintf(tzTemp, TEXT("无法找到函数 %hs,程序无法正常运行"), pszProcName); MessageBox(NULL, tzTemp, TEXT("AheadLib"), MB_ICONSTOP); ExitProcess(-2); } return fpAddress; } BOOL WINAPI Init() { pfnAheadLib_GetFileVersionInfoA = GetAddress("GetFileVersionInfoA"); pfnAheadLib_GetFileVersionInfoByHandle = GetAddress("GetFileVersionInfoByHandle"); pfnAheadLib_GetFileVersionInfoExA = GetAddress("GetFileVersionInfoExA"); pfnAheadLib_GetFileVersionInfoExW = GetAddress("GetFileVersionInfoExW"); pfnAheadLib_GetFileVersionInfoSizeA = GetAddress("GetFileVersionInfoSizeA"); pfnAheadLib_GetFileVersionInfoSizeExA = GetAddress("GetFileVersionInfoSizeExA"); pfnAheadLib_GetFileVersionInfoSizeExW = GetAddress("GetFileVersionInfoSizeExW"); pfnAheadLib_GetFileVersionInfoSizeW = GetAddress("GetFileVersionInfoSizeW"); pfnAheadLib_GetFileVersionInfoW = GetAddress("GetFileVersionInfoW"); pfnAheadLib_VerFindFileA = GetAddress("VerFindFileA"); pfnAheadLib_VerFindFileW = GetAddress("VerFindFileW"); pfnAheadLib_VerInstallFileA = GetAddress("VerInstallFileA"); pfnAheadLib_VerInstallFileW = GetAddress("VerInstallFileW"); pfnAheadLib_VerQueryValueA = GetAddress("VerQueryValueA"); pfnAheadLib_VerQueryValueW = GetAddress("VerQueryValueW"); return TRUE; } DWORD WINAPI ThreadProc(LPVOID lpThreadParameter) { HANDLE hProcess; PVOID addr1 = reinterpret_cast(0x00401000); BYTE data1[] = { 0x90, 0x90, 0x90, 0x90 }; // // 绕过VMP3.x 的内存保护 // hProcess = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, FALSE, GetCurrentProcessId()); if (hProcess) { WriteProcessMemory(hProcess, addr1, data1, sizeof(data1), NULL); CloseHandle(hProcess); } return 0; } BOOL APIENTRY VersionHijack_DllMain(HMODULE hModule, DWORD dwReason, PVOID pvReserved) { if (dwReason == DLL_PROCESS_ATTACH) { DisableThreadLibraryCalls(hModule); if (Load() && Init()) { TCHAR szAppName[MAX_PATH] = TEXT("cs2.exe");//请修改宿主进程名 TCHAR szCurName[MAX_PATH]; GetModuleFileName(NULL, szCurName, MAX_PATH); PathStripPath(szCurName); //是否判断宿主进程名 if (StrCmpI(szCurName, szAppName) == 0) { //启动补丁线程或者其他操作 HANDLE hThread = CreateThread(NULL, NULL, ThreadProc, NULL, NULL, NULL); if (hThread) { CloseHandle(hThread); } } } } else if (dwReason == DLL_PROCESS_DETACH) { Free(); } return TRUE; }