google-site-verification: googlebaca44933768a824.html [C++]Useless Imports - Old Royal Hack Forum

Announcement

Collapse
No announcement yet.

[C++]Useless Imports

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    [C++]Useless Imports

    Code:
        HMODULE __stdcall LoadLibraryA(IN LPCSTR lpLibFileName)
    {
        HMODULE hModule = NULL;

        if( !lpLibFileName )
        {
            return hModule;
        }

        typedef NTSTATUS (__stdcall*o_LdrLoadDll)(PWSTR*,PDWORD,PUNICODE_STRING,HINSTANCE*);
        o_LdrLoadDll LdrLoadDll = NULL;

        HMODULE ntdll         = GetModuleHandleA("ntdll.dll");
        *(byte**)&LdrLoadDll = (byte*)GetProcAddress(ntdll,"LdrLoadDll");

        UNICODE_STRING damneddll;
        InitUnicodeString(&damneddll,lpLibFileName);

        if ( LdrLoadDll(NULL,NULL,&damneddll,&hModule) == STATUS_SUCCESS )
        {
            return hModule;
        }
        return NULL;
    }    
    HMODULE __stdcall LoadLibraryW(IN LPCWSTR lpLibFileName)
    {
        HMODULE hModule = NULL;

        if( !lpLibFileName )
        {
            return hModule;
        }

        typedef NTSTATUS (__stdcall*o_LdrLoadDll)(PWSTR*,PDWORD,PUNICODE_STRING,HINSTANCE*);
        o_LdrLoadDll LdrLoadDll = NULL;

        HMODULE ntdll         = GetModuleHandleA("ntdll.dll");
        *(byte**)&LdrLoadDll = (byte*)GetProcAddress(ntdll,"LdrLoadDll");

        UNICODE_STRING damneddll;
        InitUnicodeString(&damneddll,lpLibFileName);

        if ( LdrLoadDll(NULL,NULL,&damneddll,&hModule) == STATUS_SUCCESS )
        {
            return hModule;
        }
        return NULL;
    }
    BOOL __stdcall VirtualFree(IN LPVOID lpAddress,IN SIZE_T dwSize,IN DWORD dwFreeType)
    {
        NTSTATUS res = STATUS_UNSUCCESSFUL;
        res = NtFreeVirtualMemory(::GetCurrentProcess(),&lpAddress,&dwSize,dwFreeType); 
        return (res == STATUS_SUCCESS);
    }
    BOOL __stdcall VirtualFreeEx(IN HANDLE hProcess,IN LPVOID lpAddress,IN SIZE_T dwSize,IN DWORD dwFreeType)
    {
        NTSTATUS res = STATUS_UNSUCCESSFUL;
        res = NtFreeVirtualMemory(hProcess,&lpAddress,&dwSize,dwFreeType); 
        return (res == STATUS_SUCCESS);
    }
    BOOL __stdcall VirtualProtect(IN  LPVOID lpAddress,IN  SIZE_T dwSize,IN  DWORD flNewProtect,OUT PDWORD lpflOldProtect)
    {
        NTSTATUS res = STATUS_UNSUCCESSFUL;
        res = NtProtectVirtualMemory(::GetCurrentProcess(),&lpAddress,&dwSize,flNewProtect,lpflOldProtect);
        return (res == STATUS_SUCCESS);
    }
    BOOL __stdcall VirtualProtectEx(IN  HANDLE hProcess,IN  LPVOID lpAddress,IN  SIZE_T dwSize,IN  DWORD flNewProtect,OUT PDWORD lpflOldProtect)
    {
        NTSTATUS res = STATUS_UNSUCCESSFUL;
        res = NtProtectVirtualMemory(hProcess,&lpAddress,&dwSize,flNewProtect,lpflOldProtect);
        return (res == STATUS_SUCCESS);
    }
    SIZE_T __stdcall VirtualQuery(IN LPCVOID lpAddress,OUT PMEMORY_BASIC_INFORMATION lpBuffer,IN SIZE_T dwLength)
    {
        SIZE_T dwRetLenght;
        NTSTATUS res = STATUS_UNSUCCESSFUL;
        res = NtQueryVirtualMemory(::GetCurrentProcess(),&lpAddress,MemoryBasicInformation,lpBuffer,dwLength,&dwRetLenght);
        return dwRetLenght;
    }
    SIZE_T __stdcall VirtualQueryEx(IN HANDLE hProcess,IN LPCVOID lpAddress,OUT PMEMORY_BASIC_INFORMATION lpBuffer,IN SIZE_T dwLength)
    {
        SIZE_T dwRetLenght;
        NTSTATUS res = STATUS_UNSUCCESSFUL;
        res = NtQueryVirtualMemory(hProcess,&lpAddress,MemoryBasicInformation,lpBuffer,dwLength,&dwRetLenght);
        return dwRetLenght;
    }






    gibs coins @
    1KatP9B8KG7mvcoFhdLGua1isG88nYZE8C

    Tags: None
    #2
    Re: [C++]Useless Imports

    Bump of the year

    Code:
    __declspec ( naked )
HANDLE xGetCurrentProcess ( void )
{
	__asm
	{
		OR EAX, 0xFFFFFFFF
		RETN
	}
}

    Comment

      #3
      Re: [C++]Useless Imports

      Originally posted by sshare View Post
      Bump of the year

      Code:
      __declspec ( naked )
HANDLE xGetCurrentProcess ( void )
{
	__asm
	{
		OR EAX, 0xFFFFFFFF
		RETN
	}
}
      fucking dumb

      Code:
      #define PSEUDO_HANDLE -1

__forceinline HANDLE __stdcall GetCurrentProcess ( void ) // force inline tells the compiler this must be inlined
{
	return ( HANDLE )PSEUDO_HANDLE;
}

      Comment

      Previous template Next
      Working...
      X

      We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.

      By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.

      I Agree