Seaside/SpyCustom/PatternScan.cpp

76 lines
2.0 KiB
C++
Raw Normal View History

2021-06-16 18:43:45 +03:00
#include "PatternScan.hpp"
DWORD WaitOnModuleHandle(std::string moduleName)
{
DWORD ModuleHandle = NULL;
while (!ModuleHandle)
{
ModuleHandle = (DWORD)GetModuleHandle(moduleName.c_str());
if (!ModuleHandle)
Sleep(50);
}
return ModuleHandle;
}
DWORD FindPatternV2(std::string moduleName, std::string pattern)
{
const char* pat = pattern.c_str();
DWORD firstMatch = 0;
DWORD rangeStart = (DWORD)GetModuleHandleA(moduleName.c_str());
MODULEINFO miModInfo; GetModuleInformation(GetCurrentProcess(), (HMODULE)rangeStart, &miModInfo, sizeof(MODULEINFO));
DWORD rangeEnd = rangeStart + miModInfo.SizeOfImage;
for (DWORD pCur = rangeStart; pCur < rangeEnd; pCur++)
{
if (!*pat)
return firstMatch;
if (*(PBYTE)pat == '\?' || *(BYTE*)pCur == getByte(pat))
{
if (!firstMatch)
firstMatch = pCur;
if (!pat[2])
return firstMatch;
if (*(PWORD)pat == '\?\?' || *(PBYTE)pat != '\?')
pat += 3;
else
pat += 2;
}
else
{
pat = pattern.c_str();
firstMatch = 0;
}
}
return NULL;
}
bool bCompare(const BYTE* Data, const BYTE* Mask, const char* szMask)
{
for (; *szMask; ++szMask, ++Mask, ++Data)
{
if (*szMask == 'x' && *Mask != *Data)
{
return false;
}
}
return (*szMask) == 0;
}
DWORD FindPattern(std::string moduleName, BYTE* Mask, char* szMask)
{
DWORD Address = WaitOnModuleHandle(moduleName.c_str());
MODULEINFO ModInfo; GetModuleInformation(GetCurrentProcess(), (HMODULE)Address, &ModInfo, sizeof(MODULEINFO));
DWORD Length = ModInfo.SizeOfImage;
for (DWORD c = 0; c < Length; c += 1)
{
if (bCompare((BYTE*)(Address + c), Mask, szMask))
{
return (DWORD)(Address + c);
}
}
return 0;
}