The patching functions will write to memory.
NOTE: When VirtualProtectEx() is used a PAGE_GUARD gets triggered. If you need more stealth you will have to come up with your own method until I implement one.
Patch(): Writes given bytes to given address.- This function doesn't return anything.
hProcis a handle to a process.dstis an address in the target process to write to.bytesis data to be written by the function.sizeis how many bytes to write.
Nop(): Writes a specified number of NOP instructions at the given address.- This function doesn't return anything.
hProcis a handle to a process.dstis an address in the target process to write to.sizeis how many bytes/NOPs to write. (One NOP is one byte).
The process functions are used to gather information about processes, modules, etc.
GetProcID(): Retrieve an ID of a process given its name.- This function returns a DWORD containing a process ID.
procNameis a name of a process.
GetModule(): Retrieve a module given a process ID and the name of a module.- This function returns a MODULEENTRY32 structure.
procIDis a process ID.modNameis a name of a module.
The pattern scanning functions are used to scan for patterns within a process. Question marks in a mask will account for changes in a binary such as hard-coded addresses determined at runtime.
PatternScanModule(): Scans for a given pattern with given mask inside of a given module.- This function returns a void pointer (void*) which contains the address where a pattern was found.
hProcis a handle to a process.procNameis a name of a process.moduleis a name of a module.patternis a pattern to be searched for.maskis a mask for a pattern.
PatternScanProcess(): Scans for a given patter with a given mask in a given process passed via a process handle.hProcis a handle to a process.beginis a starting address of a region in memory to be scanned.endis an ending address of a region in memory to be scanned.patternis a pattern to be searched for.maskis a mask for the pattern.
PatternScan(): Scans given bytes for a given pattern. This is used byPatternScanProcess()andPatternScanModule()which pass a chunk of memory to this funciton to be scanned.basecontains a pointer to bytes to be scanned.sizeis a size of a buffer to be scanned.patternis a pattern to be searched for.maskis a mask for the pattern.
The auto functions are wrappers for common tasks so you don't have to write everything yourself constantly.
AutoWriteToAddress(): Writes given bytes to given address.procNameis a name of a process.dstis an address in the target process to write to.bytesis data to be written by the function.sizeis how many bytes to write.
AutoWriteToOffset(): Writes given bytes to a given offset from a base address.procNameis a name of a process.modNameis a name of a module.offsetoffset from an address to be written to.bytesis data to be written by the function.sizeis how many bytes to write.
AutoWriteToPattern: Writes given bytes to a given address found via a pattern scan.procNameis a name of a process.modNameis a name of a module.patternis a pattern to be searched for.maskis a mask for the pattern.bytesis data to be written by the function.sizeis how many bytes to write.