Last active
April 29, 2022 04:40
-
-
Save typcn/9db39342334d1d2ba02b971ed0482435 to your computer and use it in GitHub Desktop.
A old overwatch hack crack... maybe work if you found the latest DLL....
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // olprk.cpp : Defines the entry point for the console application. | |
| // | |
| #include "stdafx.h" | |
| #include <Windows.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <signal.h> | |
| #include <stdint.h> | |
| #include <tchar.h> | |
| #include <time.h> | |
| #include <thread> | |
| void SignalHandler(int signal) | |
| { | |
| printf("Signal %d", signal); | |
| } | |
| int main() | |
| { | |
| typedef void(*SignalHandlerPointer)(int); | |
| SignalHandlerPointer previousHandler; | |
| previousHandler = signal(SIGSEGV, SignalHandler); | |
| srand(time(0)); | |
| printf("DON'T REDIST THIS BINARY !!!!\n"); | |
| printf("Loading DLL\n"); | |
| std::thread t1([]() { | |
| LoadLibrary(L"ow.dll"); | |
| }); | |
| t1.detach(); | |
| check:HANDLE hHandle = GetModuleHandle(L"ow.dll"); | |
| if (!hHandle) { | |
| goto check; | |
| } | |
| uint8_t *target_addr = (uint8_t *)hHandle + 0xC891; | |
| DWORD oldProtect = 0; | |
| DWORD oldProtect2 = 0; | |
| VirtualProtect(target_addr, 3000, PAGE_READWRITE, &oldProtect); | |
| // jump main function to our offset setting code | |
| uint8_t *jaddr = (uint8_t *)hHandle + 0xD383; | |
| jaddr[0] = 0xE9; | |
| jaddr[1] = 0x09; | |
| jaddr[2] = 0xF5; | |
| // mov rcx | |
| target_addr[0] = 0x48; | |
| target_addr[1] = 0xB9; | |
| uint8_t *offset_addr = target_addr + 2; | |
| uint64_t offset = 0xFFFFFFFFF; // The old one is not working anymore | |
| memcpy(offset_addr, &offset, 8); | |
| // nop | |
| target_addr[10] = 0x90; | |
| // After set offset , jmp to main function | |
| uint8_t *after_set_addr = (uint8_t *)hHandle + 0xC8A3; | |
| after_set_addr[0] = 0xE9; | |
| after_set_addr[1] = 0xFE; | |
| after_set_addr[2] = 0x0A; | |
| after_set_addr[3] = 0x00; | |
| after_set_addr[4] = 0x00; | |
| VirtualProtect(target_addr, 3000, oldProtect, &oldProtect2); | |
| uint8_t *winclassname = (uint8_t *)hHandle + 0x4BA210; | |
| VirtualProtect(winclassname, 100, PAGE_READWRITE, &oldProtect); | |
| memset(winclassname, 65 + (rand() % 56), 11); | |
| VirtualProtect(winclassname, 100, oldProtect, &oldProtect2); | |
| printf("Enabling ANTI-SCREENSHOT\n"); | |
| while (1) { | |
| HWND h = FindWindowA((LPCSTR)winclassname, (LPCSTR)winclassname); | |
| if (!h) { | |
| Sleep(500); | |
| continue; | |
| } | |
| SetWindowDisplayAffinity(h, WDA_MONITOR); | |
| printf("Enabled ANTI-SCREENSHOT\n"); | |
| break; | |
| } | |
| printf("PLEASE DON'T CLOSE THIS WINDOW\n"); | |
| printf("2016-9-5 BY TYPCN\n"); | |
| while (1) { | |
| Sleep(5000); | |
| } | |
| return 0; | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment