├── Minecraft hacks
    └── Forge
    │   ├── 1.12.2
    │       └── ForgeWurst.jar
    │   ├── 1.5.2
    │       └── EasyCheat.jar
    │   ├── 1.6.4
    │       └── EasyCheat.jar
    │   └── 1.7.10
    │       ├── CheatingEssentials.jar
    │       ├── EHacks_Pro_v4.1.9.jar
    │       ├── EasyCheat.jar
    │       └── xenobyte_1.0.58.jar
├── README.md
├── logo.png
└── src
    ├── cheat.cpp
    ├── cheat.h
    ├── dllmain.cpp
    ├── utils.cpp
    └── utils.h


/Minecraft hacks/Forge/1.12.2/ForgeWurst.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TheQmaks/JavaInjector/412273857c5e922198e650351cc7a29dcee4fccf/Minecraft hacks/Forge/1.12.2/ForgeWurst.jar


--------------------------------------------------------------------------------
/Minecraft hacks/Forge/1.5.2/EasyCheat.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TheQmaks/JavaInjector/412273857c5e922198e650351cc7a29dcee4fccf/Minecraft hacks/Forge/1.5.2/EasyCheat.jar


--------------------------------------------------------------------------------
/Minecraft hacks/Forge/1.6.4/EasyCheat.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TheQmaks/JavaInjector/412273857c5e922198e650351cc7a29dcee4fccf/Minecraft hacks/Forge/1.6.4/EasyCheat.jar


--------------------------------------------------------------------------------
/Minecraft hacks/Forge/1.7.10/CheatingEssentials.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TheQmaks/JavaInjector/412273857c5e922198e650351cc7a29dcee4fccf/Minecraft hacks/Forge/1.7.10/CheatingEssentials.jar


--------------------------------------------------------------------------------
/Minecraft hacks/Forge/1.7.10/EHacks_Pro_v4.1.9.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TheQmaks/JavaInjector/412273857c5e922198e650351cc7a29dcee4fccf/Minecraft hacks/Forge/1.7.10/EHacks_Pro_v4.1.9.jar


--------------------------------------------------------------------------------
/Minecraft hacks/Forge/1.7.10/EasyCheat.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TheQmaks/JavaInjector/412273857c5e922198e650351cc7a29dcee4fccf/Minecraft hacks/Forge/1.7.10/EasyCheat.jar


--------------------------------------------------------------------------------
/Minecraft hacks/Forge/1.7.10/xenobyte_1.0.58.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TheQmaks/JavaInjector/412273857c5e922198e650351cc7a29dcee4fccf/Minecraft hacks/Forge/1.7.10/xenobyte_1.0.58.jar


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | <p align="center">
 2 |   <img src="https://github.com/TheQmaks/JavaInjector/blob/master/logo.png">
 3 |   
 4 |   <a href="https://github.com/TheQmaks/JavaInjector/releases">
 5 |     <img src="https://img.shields.io/github/v/release/TheQmaks/JavaInjector?style=for-the-badge"><!--
 6 |     --><img src="https://img.shields.io/github/downloads/TheQmaks/JavaInjector/total?style=for-the-badge">
 7 |   </a>
 8 | </p>
 9 | 
10 | This tool inject your jar file and allocates object of class, which name must be written in zip comment.
11 | Entry point of your main-class will be constructor.
12 | After building you classes, you should put them into archive using WinRAR of other archivator which can change archive comment.
13 | You should write main class in comment as single line.
14 | Example:
15 | Put class with name "Main" inside package "test", constructor will be your entry-point, e.g
16 | "public Main() { Your awesome code }", so you should set comment in your archive with classes to "test.Main" without quotes. 
17 | 


--------------------------------------------------------------------------------
/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TheQmaks/JavaInjector/412273857c5e922198e650351cc7a29dcee4fccf/logo.png


--------------------------------------------------------------------------------
/src/cheat.cpp:
--------------------------------------------------------------------------------
  1 | #include <windows.h>
  2 | #include "jni.h"
  3 | #include "utils.h"
  4 | 
  5 | jstring getZipCommentFromBuffer(JNIEnv *env, jbyteArray buffer) {
  6 | 	byte endOfDirectoryFlag[] = { 0x50, 0x4b, 0x05, 0x06 };
  7 | 	int endLength = sizeof(endOfDirectoryFlag) / sizeof(byte);
  8 | 	int bufferLength = env->GetArrayLength(buffer);
  9 | 	jbyte *byteBuffer = env->GetByteArrayElements(buffer, false);
 10 | 
 11 | 	for (int i = bufferLength - endLength - 22; i >= 0; i--) {
 12 | 		boolean isEndOfDirectoryFlag = true;
 13 | 		for (int k = 0; k < endLength; k++) {
 14 | 			if (byteBuffer[i + k] != endOfDirectoryFlag[k]) {
 15 | 				isEndOfDirectoryFlag = false;
 16 | 				break;
 17 | 			}
 18 | 		}
 19 | 		if (isEndOfDirectoryFlag) {
 20 | 			int commentLen = byteBuffer[i + 20] + byteBuffer[i + 22] * 256;
 21 | 			int realLen = bufferLength - i - 22;
 22 | 			jclass String = env->FindClass("java/lang/String");
 23 | 			jmethodID Init = env->GetMethodID(String, "<init>", "([BII)V");
 24 | 			return (jstring)env->NewObject(String, Init, buffer, i + 22, min(commentLen, realLen));
 25 | 		}
 26 | 	}
 27 | 
 28 | 	return NULL;
 29 | }
 30 | 
 31 | typedef jobjectArray(JNICALL *JVM_GetAllThreads)(JNIEnv *env, jclass dummy);
 32 | 
 33 | void cheat(JNIEnv *jniEnv) {
 34 | 	jclass fileChooserCls = jniEnv->FindClass("javax/swing/JFileChooser");
 35 | 	jmethodID fileChooserInit = jniEnv->GetMethodID(fileChooserCls, "<init>", "()V");
 36 | 	jobject fileChooser = jniEnv->NewObject(fileChooserCls, fileChooserInit);
 37 | 
 38 | 	jmethodID setDialogTitle = jniEnv->GetMethodID(fileChooserCls, "setDialogTitle", "(Ljava/lang/String;)V");
 39 | 	jniEnv->CallVoidMethod(fileChooser, setDialogTitle, jniEnv->NewStringUTF("Select target file"));
 40 | 
 41 | 	jmethodID setAcceptAllFileFilterUsed = jniEnv->GetMethodID(fileChooserCls, "setAcceptAllFileFilterUsed", "(Z)V");
 42 | 	jniEnv->CallVoidMethod(fileChooser, setAcceptAllFileFilterUsed, false);
 43 | 
 44 | 	jclass String = jniEnv->FindClass("java/lang/String");
 45 | 	jobjectArray extensions = jniEnv->NewObjectArray(2, String, false);
 46 | 	jniEnv->SetObjectArrayElement(extensions, 0, jniEnv->NewStringUTF("zip"));
 47 | 	jniEnv->SetObjectArrayElement(extensions, 1, jniEnv->NewStringUTF("jar"));
 48 | 
 49 | 	jclass extFilterCls = jniEnv->FindClass("javax/swing/filechooser/FileNameExtensionFilter");
 50 | 	jmethodID extFilterInit = jniEnv->GetMethodID(extFilterCls, "<init>", "(Ljava/lang/String;[Ljava/lang/String;)V");
 51 | 	jobject filter = jniEnv->NewObject(extFilterCls, extFilterInit, jniEnv->NewStringUTF("ZIP or JAR file"), extensions);
 52 | 
 53 | 	jmethodID addChoosableFileFilter = jniEnv->GetMethodID(fileChooserCls, "addChoosableFileFilter", "(Ljavax/swing/filechooser/FileFilter;)V");
 54 | 	jniEnv->CallVoidMethod(fileChooser, addChoosableFileFilter, filter);
 55 | 
 56 | 	jclass fileCls = jniEnv->FindClass("java/io/File");
 57 | 	jmethodID initFileWithString = jniEnv->GetMethodID(fileCls, "<init>", "(Ljava/lang/String;)V");
 58 | 	jmethodID initFileWithTwoStrings = jniEnv->GetMethodID(fileCls, "<init>", "(Ljava/lang/String;Ljava/lang/String;)V");
 59 | 	jmethodID getParent = jniEnv->GetMethodID(fileCls, "getParent", "()Ljava/lang/String;");
 60 | 	jmethodID getAbsolutePath = jniEnv->GetMethodID(fileCls, "getAbsolutePath", "()Ljava/lang/String;");
 61 | 
 62 | 	jmethodID setCurrentDirectory = jniEnv->GetMethodID(fileChooserCls, "setCurrentDirectory", "(Ljava/io/File;)V");
 63 | 	jclass System = jniEnv->FindClass("java/lang/System");
 64 | 	jmethodID getProperty = jniEnv->GetStaticMethodID(System, "getProperty", "(Ljava/lang/String;)Ljava/lang/String;");
 65 | 	jobject Desktop = jniEnv->NewObject(fileCls, initFileWithTwoStrings, (jstring) jniEnv->CallStaticObjectMethod(System, getProperty, jniEnv->NewStringUTF("user.home")), jniEnv->NewStringUTF("Desktop"));
 66 | 	jniEnv->CallVoidMethod(fileChooser, setCurrentDirectory, Desktop);
 67 | 
 68 | 	jmethodID showDialog = jniEnv->GetMethodID(fileChooserCls, "showDialog", "(Ljava/awt/Component;Ljava/lang/String;)I");
 69 | 
 70 | 	TCHAR tempPath[MAX_PATH];
 71 | 	HMODULE hm = NULL;
 72 | 
 73 | 	GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS |
 74 | 		GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT,
 75 | 		(LPWSTR)&cheat, &hm);
 76 | 	GetModuleFileName(hm, tempPath, sizeof(tempPath));
 77 | 
 78 | 	char cPath[MAX_PATH];
 79 | 	wcstombs(cPath, tempPath, wcslen(tempPath) + 1);
 80 | 
 81 | 	jstring jPath = jniEnv->NewStringUTF(cPath);
 82 | 	jobject dllFile = jniEnv->NewObject(fileCls, initFileWithString, jPath);
 83 | 	jobject file = jniEnv->NewObject(fileCls, initFileWithTwoStrings, jniEnv->CallObjectMethod(dllFile, getParent), jniEnv->NewStringUTF("cheat.zip"));
 84 | 	jstring comment = NULL;
 85 | 	do {
 86 | 		if (!file) {
 87 | 			jint result = jniEnv->CallIntMethod(fileChooser, showDialog, NULL, jniEnv->NewStringUTF("Inject"));
 88 | 
 89 | 			//result == JFileChooser.APPROVE_OPTION
 90 | 			if (result == 0) {
 91 | 				jmethodID getSelectedFile = jniEnv->GetMethodID(fileChooserCls, "getSelectedFile", "()Ljava/io/File;");
 92 | 				file = jniEnv->CallObjectMethod(fileChooser, getSelectedFile);
 93 | 			} else {
 94 | 				return;
 95 | 			}
 96 | 		}
 97 | 
 98 | 		if (file) {
 99 | 			jmethodID existsMethod = jniEnv->GetMethodID(fileCls, "exists", "()Z");
100 | 			jboolean exists = jniEnv->CallBooleanMethod(file, existsMethod);
101 | 			if (!exists) {
102 | 				file = NULL;
103 | 			} else {
104 | 				jmethodID toPath = jniEnv->GetMethodID(fileCls, "toPath", "()Ljava/nio/file/Path;");
105 | 				jobject pathObj = jniEnv->CallObjectMethod(file, toPath);
106 | 				jclass Files = jniEnv->FindClass("java/nio/file/Files");
107 | 				jmethodID readAllBytes = jniEnv->GetStaticMethodID(Files, "readAllBytes", "(Ljava/nio/file/Path;)[B");
108 | 				jobject allBytes = jniEnv->CallStaticObjectMethod(Files, readAllBytes, pathObj);
109 | 
110 | 				if (!(comment = getZipCommentFromBuffer(jniEnv, (jbyteArray)allBytes))) {
111 | 					file = NULL;
112 | 				}
113 | 			}
114 | 		}
115 | 	} while (!file);
116 | 	
117 | 	jmethodID split = jniEnv->GetMethodID(String, "split", "(Ljava/lang/String;)[Ljava/lang/String;");
118 | 	jmethodID equals = jniEnv->GetMethodID(String, "equals", "(Ljava/lang/Object;)Z");
119 | 	jobjectArray values = (jobjectArray) jniEnv->CallObjectMethod(comment, split, jniEnv->NewStringUTF("\r?\n"));
120 | 	jsize valuesLength = jniEnv->GetArrayLength(values);
121 | 	jstring commentClass = valuesLength > 0 ? (jstring)jniEnv->GetObjectArrayElement(values, 0) : NULL;
122 | 	jstring commentLoader = valuesLength > 1 ? (jstring)jniEnv->GetObjectArrayElement(values, 1) : NULL;
123 | 
124 | 	jmethodID getName = jniEnv->GetMethodID(jniEnv->FindClass("java/lang/Class"), "getName", "()Ljava/lang/String;");
125 | 
126 | 	JVM_GetAllThreads getAllThreads = (JVM_GetAllThreads)GetProcAddressPeb(GetModuleHandlePeb(L"jvm.dll"), "JVM_GetAllThreads");
127 | 	jobjectArray threadsArray = getAllThreads(jniEnv, NULL);
128 | 	int threadsCount = jniEnv->GetArrayLength(threadsArray);
129 | 	jobject *classLoaders = new jobject[threadsCount];
130 | 
131 | 	int count = 0;
132 | 	for (int i = 0; i < threadsCount; i++) {
133 | 		jobject thread = jniEnv->GetObjectArrayElement(threadsArray, i);
134 | 		jclass threadCls = jniEnv->FindClass("java/lang/Thread");
135 | 		jfieldID ctxClsLoader = jniEnv->GetFieldID(threadCls, "contextClassLoader", "Ljava/lang/ClassLoader;");
136 | 		jobject classLoader = jniEnv->GetObjectField(thread, ctxClsLoader);
137 | 		if (classLoader) {
138 | 			boolean valid = true;
139 | 
140 | 			for (int j = 0; (j < count && count != 0); j++) {
141 | 				jstring threadClsLoader = (jstring) jniEnv->CallObjectMethod(jniEnv->GetObjectClass(classLoader), getName);
142 | 				jstring itClsLoader = (jstring) jniEnv->CallObjectMethod(jniEnv->GetObjectClass(classLoaders[j]), getName);
143 | 				if (jniEnv->CallBooleanMethod(threadClsLoader, equals, itClsLoader)) {
144 | 					valid = false;
145 | 					break;
146 | 				}
147 | 			}
148 | 
149 | 			if (valid) {
150 | 				classLoaders[count++] = classLoader;
151 | 			}
152 | 		}
153 | 	}
154 | 
155 | 	jobjectArray classNames = jniEnv->NewObjectArray(count, String, NULL);
156 | 	jobject targetClsLoader = NULL;
157 | 	for (int i = 0; i < count; i++) {
158 | 		jstring itClassLoader = (jstring)jniEnv->CallObjectMethod(jniEnv->GetObjectClass(classLoaders[i]), getName);
159 | 		if (commentLoader && jniEnv->CallBooleanMethod(commentLoader, equals, itClassLoader)) {
160 | 			targetClsLoader = classLoaders[i];
161 | 			break;
162 | 		}
163 | 		jniEnv->SetObjectArrayElement(classNames, i, itClassLoader);
164 | 	}
165 | 
166 | 	if (!targetClsLoader) {
167 | 		jclass JOptionPane = jniEnv->FindClass("javax/swing/JOptionPane");
168 | 		jmethodID showInputDialog = jniEnv->GetStaticMethodID(JOptionPane, "showInputDialog", "(Ljava/awt/Component;Ljava/lang/Object;Ljava/lang/String;ILjavax/swing/Icon;[Ljava/lang/Object;Ljava/lang/Object;)Ljava/lang/Object;");
169 | 		jstring title = jniEnv->NewStringUTF("Choose class loader");
170 | 
171 | 		do {
172 | 			jobject selectedClsLoader = jniEnv->CallStaticObjectMethod(NULL, showInputDialog, NULL, NULL, title, -1, NULL, classNames, NULL);
173 | 
174 | 			if (selectedClsLoader) {
175 | 				for (int i = 0; i < count; i++) {
176 | 					jstring itClsName = (jstring)jniEnv->GetObjectArrayElement(classNames, i);
177 | 
178 | 					if (jniEnv->CallBooleanMethod(itClsName, equals, selectedClsLoader)) {
179 | 						targetClsLoader = classLoaders[i];
180 | 						break;
181 | 					}
182 | 				}
183 | 
184 | 				break;
185 | 			}
186 | 			else {
187 | 				return;
188 | 			}
189 | 		} while (true);
190 | 	}
191 | 
192 | 	delete[] classLoaders;
193 | 
194 | 	jclass urlClassLoaderCls = jniEnv->FindClass("java/net/URLClassLoader");
195 | 	jfieldID ucp = jniEnv->GetFieldID(urlClassLoaderCls, "ucp", "Lsun/misc/URLClassPath;");
196 | 	jobject ucpObject = jniEnv->GetObjectField(targetClsLoader, ucp);
197 | 	jclass urlClassPath = jniEnv->GetObjectClass(ucpObject);
198 | 	jfieldID urlsField = jniEnv->GetFieldID(urlClassPath, "urls", "Ljava/util/Stack;");
199 | 	jfieldID pathField = jniEnv->GetFieldID(urlClassPath, "path", "Ljava/util/ArrayList;");
200 | 
201 | 	jobject urls = jniEnv->GetObjectField(ucpObject, urlsField);
202 | 	jobject path = jniEnv->GetObjectField(ucpObject, pathField);
203 | 	jclass stack = jniEnv->GetObjectClass(urls);
204 | 	jclass vector = jniEnv->GetSuperclass(stack);
205 | 	jclass arraylist = jniEnv->GetObjectClass(path);
206 | 	jmethodID addVector = jniEnv->GetMethodID(vector, "add", "(ILjava/lang/Object;)V");
207 | 	jmethodID addArrayList = jniEnv->GetMethodID(arraylist, "add", "(Ljava/lang/Object;)Z");
208 | 
209 | 	jmethodID toURI = jniEnv->GetMethodID(fileCls, "toURI", "()Ljava/net/URI;");
210 | 	jobject uri = jniEnv->CallObjectMethod(file, toURI);
211 | 	jclass urlClass = jniEnv->GetObjectClass(uri);
212 | 	jmethodID toURL = jniEnv->GetMethodID(urlClass, "toURL", "()Ljava/net/URL;");
213 | 	jobject url = jniEnv->CallObjectMethod(uri, toURL);
214 | 
215 | 	jniEnv->CallVoidMethod(urls, addVector, 0, url);
216 | 	jniEnv->CallBooleanMethod(path, addArrayList, url);
217 | 
218 | 	jclass classLoader = jniEnv->FindClass("java/lang/ClassLoader");
219 | 	jmethodID loadClass = jniEnv->GetMethodID(classLoader, "loadClass", "(Ljava/lang/String;)Ljava/lang/Class;");
220 | 	jclass main = (jclass)jniEnv->CallObjectMethod(targetClsLoader, loadClass, commentClass);
221 | 	if (!main || jniEnv->ExceptionCheck()) {
222 | 		jniEnv->ExceptionClear();
223 | 		MessageBox(NULL, L"Main class not found.", L"Error", MB_OK);
224 | 		return;
225 | 	}
226 | 
227 | 	jmethodID mainInit = jniEnv->GetMethodID(main, "<init>", "()V");
228 | 	if (!mainInit || jniEnv->ExceptionCheck()) {
229 | 		jniEnv->ExceptionClear();
230 | 		MessageBox(NULL, L"Init constructor not found.", L"Error", MB_OK);
231 | 		return;
232 | 	}
233 | 	jniEnv->NewObject(main, mainInit);
234 | 
235 | 	MessageBox(NULL, L"JavaInjector by H2Eng [vk.com/h2eng]", L"Cheat loaded successfully", MB_OK | MB_SYSTEMMODAL);
236 | }
237 | 


--------------------------------------------------------------------------------
/src/cheat.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | 
3 | void cheat(JNIEnv *jniEnv);


--------------------------------------------------------------------------------
/src/dllmain.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TheQmaks/JavaInjector/412273857c5e922198e650351cc7a29dcee4fccf/src/dllmain.cpp


--------------------------------------------------------------------------------
/src/utils.cpp:
--------------------------------------------------------------------------------
 1 | #include <windows.h>
 2 | #include "utils.h"
 3 | 
 4 | size_t wlindexof(const wchar_t* str, size_t len, wchar_t c) {
 5 | 	for (size_t i = len - 1; i != (size_t)(-1); --i) {
 6 | 		if (str[i] == c)
 7 | 			return i;
 8 | 	}
 9 | 	return -1;
10 | }
11 | 
12 | HMODULE GetModuleHandlePeb(LPCWSTR name) {
13 | #ifdef _AMD64_
14 | 	NTDEFINES::PPEB peb = reinterpret_cast<NTDEFINES::PPEB>(__readgsqword(0x60));
15 | #else
16 | 	NTDEFINES::PPEB peb = reinterpret_cast<NTDEFINES::PPEB>(__readfsdword(0x30));
17 | #endif
18 | 
19 | 	NTDEFINES::PPEB_LDR_DATA LdrData = reinterpret_cast<NTDEFINES::PPEB_LDR_DATA>(peb->Ldr);
20 | 	NTDEFINES::PLDR_MODULE ListEntry = reinterpret_cast<NTDEFINES::PLDR_MODULE>(LdrData->InLoadOrderModuleList.Flink);
21 | 	while (ListEntry && ListEntry->BaseAddress) {
22 | 		size_t lastDot = wlindexof(ListEntry->BaseDllName.Buffer, ListEntry->BaseDllName.Length, L'.');
23 | 		size_t cmpResult = lastDot != -1
24 | 			? wcsncmp(ListEntry->BaseDllName.Buffer, name, lastDot)
25 | 			: wcscmp(ListEntry->BaseDllName.Buffer, name);
26 | 
27 | 		if (!cmpResult)
28 | 			return reinterpret_cast<HMODULE>(ListEntry->BaseAddress);
29 | 
30 | 		ListEntry = reinterpret_cast<NTDEFINES::PLDR_MODULE>(ListEntry->InLoadOrderModuleList.Flink);
31 | 	}
32 | 
33 | 	return NULL;
34 | }
35 | 
36 | PVOID GetProcAddressPeb(HMODULE hModule, LPCSTR name) {
37 | 	PIMAGE_DOS_HEADER dosHeader = reinterpret_cast<PIMAGE_DOS_HEADER>(hModule);
38 | 	PIMAGE_NT_HEADERS ntHeaders = reinterpret_cast<PIMAGE_NT_HEADERS>(reinterpret_cast<PBYTE>(hModule) + dosHeader->e_lfanew);
39 | 	IMAGE_OPTIONAL_HEADER optionalHeader = ntHeaders->OptionalHeader;
40 | 
41 | 	IMAGE_DATA_DIRECTORY exportDir = optionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT];
42 | 	if (!exportDir.Size)
43 | 		return NULL;
44 | 
45 | 	PIMAGE_EXPORT_DIRECTORY exports = reinterpret_cast<PIMAGE_EXPORT_DIRECTORY>(reinterpret_cast<PBYTE>(hModule) + exportDir.VirtualAddress);
46 | 	PDWORD functions = reinterpret_cast<PDWORD>(reinterpret_cast<PBYTE>(hModule) + exports->AddressOfFunctions);
47 | 	PDWORD names = reinterpret_cast<PDWORD>(reinterpret_cast<PBYTE>(hModule) + exports->AddressOfNames);
48 | 
49 | 	for (size_t i = 0; i < exports->NumberOfFunctions; i++) {
50 | 		DWORD rva = *(functions + i);
51 | 		LPCSTR szName = reinterpret_cast<LPCSTR>(hModule) + *(names + i);
52 | 		if (!strcmp(name, szName))
53 | 			return reinterpret_cast<PBYTE>(hModule) + rva;
54 | 	}
55 | 
56 | 	return NULL;
57 | }


--------------------------------------------------------------------------------
/src/utils.h:
--------------------------------------------------------------------------------
  1 | #include <windows.h>
  2 | #include <winternl.h>
  3 | #include <psapi.h>
  4 | 
  5 | size_t wlindexof(const wchar_t* str, size_t len, wchar_t c);
  6 | HMODULE GetModuleHandlePeb(LPCWSTR name);
  7 | PVOID GetProcAddressPeb(HMODULE hModule, LPCSTR name);
  8 | 
  9 | namespace NTDEFINES {
 10 | 	// For the old SDK support:
 11 | #if (_WIN32_WINNT <= 0x0603)
 12 | 	typedef struct _CLIENT_ID {
 13 | 		HANDLE UniqueProcess;
 14 | 		HANDLE UniqueThread;
 15 | 	} CLIENT_ID;
 16 | #endif
 17 | 
 18 | 	typedef struct _PEB_LDR_DATA {
 19 | 		ULONG                   Length;
 20 | 		BOOLEAN                 Initialized;
 21 | 		PVOID                   SsHandle;
 22 | 		LIST_ENTRY              InLoadOrderModuleList;
 23 | 		LIST_ENTRY              InMemoryOrderModuleList;
 24 | 		LIST_ENTRY              InInitializationOrderModuleList;
 25 | 	} PEB_LDR_DATA, *PPEB_LDR_DATA;
 26 | 
 27 | 	typedef struct _LDR_MODULE {
 28 | 		LIST_ENTRY              InLoadOrderModuleList;
 29 | 		LIST_ENTRY              InMemoryOrderModuleList;
 30 | 		LIST_ENTRY              InInitializationOrderModuleList;
 31 | 		PVOID                   BaseAddress;
 32 | 		PVOID                   EntryPoint;
 33 | 		ULONG                   SizeOfImage;
 34 | 		UNICODE_STRING          FullDllName;
 35 | 		UNICODE_STRING          BaseDllName;
 36 | 		ULONG                   Flags;
 37 | 		SHORT                   LoadCount;
 38 | 		SHORT                   TlsIndex;
 39 | 		LIST_ENTRY              HashTableEntry;
 40 | 		ULONG                   TimeDateStamp;
 41 | 	} LDR_MODULE, *PLDR_MODULE;
 42 | 
 43 | 	typedef struct _RTL_USER_PROCESS_PARAMETERS* PRTL_USER_PROCESS_PARAMETERS;
 44 | 	typedef struct _RTL_CRITICAL_SECTION* PRTL_CRITICAL_SECTION;
 45 | 
 46 | #define GDI_HANDLE_BUFFER_SIZE32 34
 47 | #define GDI_HANDLE_BUFFER_SIZE64 60
 48 | 
 49 | #ifdef _WIN64
 50 | #define GDI_HANDLE_BUFFER_SIZE GDI_HANDLE_BUFFER_SIZE64
 51 | #else
 52 | #define GDI_HANDLE_BUFFER_SIZE GDI_HANDLE_BUFFER_SIZE32
 53 | #endif
 54 | 
 55 | 	typedef ULONG GDI_HANDLE_BUFFER[GDI_HANDLE_BUFFER_SIZE];
 56 | 	typedef ULONG GDI_HANDLE_BUFFER32[GDI_HANDLE_BUFFER_SIZE32];
 57 | 	typedef ULONG GDI_HANDLE_BUFFER64[GDI_HANDLE_BUFFER_SIZE64];
 58 | 
 59 | 	// symbols
 60 | 	typedef struct _PEB {
 61 | 		BOOLEAN InheritedAddressSpace;
 62 | 		BOOLEAN ReadImageFileExecOptions;
 63 | 		BOOLEAN BeingDebugged;
 64 | 		union {
 65 | 			BOOLEAN BitField;
 66 | 			struct {
 67 | 				BOOLEAN ImageUsesLargePages : 1;
 68 | 				BOOLEAN IsProtectedProcess : 1;
 69 | 				BOOLEAN IsImageDynamicallyRelocated : 1;
 70 | 				BOOLEAN SkipPatchingUser32Forwarders : 1;
 71 | 				BOOLEAN IsPackagedProcess : 1;
 72 | 				BOOLEAN IsAppContainer : 1;
 73 | 				BOOLEAN IsProtectedProcessLight : 1;
 74 | 				BOOLEAN SpareBits : 1;
 75 | 			};
 76 | 		};
 77 | 		HANDLE Mutant;
 78 | 		PVOID ImageBaseAddress;
 79 | 		PPEB_LDR_DATA Ldr;
 80 | 		PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
 81 | 		PVOID SubSystemData;
 82 | 		PVOID ProcessHeap;
 83 | 		PRTL_CRITICAL_SECTION FastPebLock;
 84 | 		PVOID AtlThunkSListPtr;
 85 | 		PVOID IFEOKey;
 86 | 		union {
 87 | 			ULONG CrossProcessFlags;
 88 | 			struct {
 89 | 				ULONG ProcessInJob : 1;
 90 | 				ULONG ProcessInitializing : 1;
 91 | 				ULONG ProcessUsingVEH : 1;
 92 | 				ULONG ProcessUsingVCH : 1;
 93 | 				ULONG ProcessUsingFTH : 1;
 94 | 				ULONG ReservedBits0 : 27;
 95 | 			};
 96 | 			ULONG EnvironmentUpdateCount;
 97 | 		};
 98 | 		union {
 99 | 			PVOID KernelCallbackTable;
100 | 			PVOID UserSharedInfoPtr;
101 | 		};
102 | 		ULONG SystemReserved[1];
103 | 		ULONG AtlThunkSListPtr32;
104 | 		PVOID ApiSetMap;
105 | 		ULONG TlsExpansionCounter;
106 | 		PVOID TlsBitmap;
107 | 		ULONG TlsBitmapBits[2];
108 | 		PVOID ReadOnlySharedMemoryBase;
109 | 		PVOID HotpatchInformation;
110 | 		PVOID* ReadOnlyStaticServerData;
111 | 		PVOID AnsiCodePageData;
112 | 		PVOID OemCodePageData;
113 | 		PVOID UnicodeCaseTableData;
114 | 
115 | 		ULONG NumberOfProcessors;
116 | 		ULONG NtGlobalFlag;
117 | 
118 | 		LARGE_INTEGER CriticalSectionTimeout;
119 | 		SIZE_T HeapSegmentReserve;
120 | 		SIZE_T HeapSegmentCommit;
121 | 		SIZE_T HeapDeCommitTotalFreeThreshold;
122 | 		SIZE_T HeapDeCommitFreeBlockThreshold;
123 | 
124 | 		ULONG NumberOfHeaps;
125 | 		ULONG MaximumNumberOfHeaps;
126 | 		PVOID* ProcessHeaps;
127 | 
128 | 		PVOID GdiSharedHandleTable;
129 | 		PVOID ProcessStarterHelper;
130 | 		ULONG GdiDCAttributeList;
131 | 
132 | 		PRTL_CRITICAL_SECTION LoaderLock;
133 | 
134 | 		ULONG OSMajorVersion;
135 | 		ULONG OSMinorVersion;
136 | 		USHORT OSBuildNumber;
137 | 		USHORT OSCSDVersion;
138 | 		ULONG OSPlatformId;
139 | 		ULONG ImageSubsystem;
140 | 		ULONG ImageSubsystemMajorVersion;
141 | 		ULONG ImageSubsystemMinorVersion;
142 | 		ULONG_PTR ImageProcessAffinityMask;
143 | 		GDI_HANDLE_BUFFER GdiHandleBuffer;
144 | 		PVOID PostProcessInitRoutine;
145 | 
146 | 		PVOID TlsExpansionBitmap;
147 | 		ULONG TlsExpansionBitmapBits[32];
148 | 
149 | 		ULONG SessionId;
150 | 
151 | 		ULARGE_INTEGER AppCompatFlags;
152 | 		ULARGE_INTEGER AppCompatFlagsUser;
153 | 		PVOID pShimData;
154 | 		PVOID AppCompatInfo;
155 | 
156 | 		UNICODE_STRING CSDVersion;
157 | 
158 | 		PVOID ActivationContextData;
159 | 		PVOID ProcessAssemblyStorageMap;
160 | 		PVOID SystemDefaultActivationContextData;
161 | 		PVOID SystemAssemblyStorageMap;
162 | 
163 | 		SIZE_T MinimumStackCommit;
164 | 
165 | 		PVOID* FlsCallback;
166 | 		LIST_ENTRY FlsListHead;
167 | 		PVOID FlsBitmap;
168 | 		ULONG FlsBitmapBits[FLS_MAXIMUM_AVAILABLE / (sizeof(ULONG) * 8)];
169 | 		ULONG FlsHighIndex;
170 | 
171 | 		PVOID WerRegistrationData;
172 | 		PVOID WerShipAssertPtr;
173 | 		PVOID pContextData;
174 | 		PVOID pImageHeaderHash;
175 | 		union {
176 | 			ULONG TracingFlags;
177 | 			struct {
178 | 				ULONG HeapTracingEnabled : 1;
179 | 				ULONG CritSecTracingEnabled : 1;
180 | 				ULONG LibLoaderTracingEnabled : 1;
181 | 				ULONG SpareTracingBits : 29;
182 | 			};
183 | 		};
184 | 		ULONGLONG CsrServerReadOnlySharedMemoryBase;
185 | 	} PEB, *PPEB;
186 | 
187 | #define GDI_BATCH_BUFFER_SIZE 310
188 | 
189 | 	typedef struct _GDI_TEB_BATCH {
190 | 		ULONG Offset;
191 | 		ULONG_PTR HDC;
192 | 		ULONG Buffer[GDI_BATCH_BUFFER_SIZE];
193 | 	} GDI_TEB_BATCH, *PGDI_TEB_BATCH;
194 | 
195 | 
196 | 	typedef struct _TEB_ACTIVE_FRAME_CONTEXT {
197 | 		ULONG Flags;
198 | 		PSTR FrameName;
199 | 	} TEB_ACTIVE_FRAME_CONTEXT, *PTEB_ACTIVE_FRAME_CONTEXT;
200 | 
201 | 	typedef struct _TEB_ACTIVE_FRAME {
202 | 		ULONG Flags;
203 | 		struct _TEB_ACTIVE_FRAME* Previous;
204 | 		PTEB_ACTIVE_FRAME_CONTEXT Context;
205 | 	} TEB_ACTIVE_FRAME, *PTEB_ACTIVE_FRAME;
206 | 
207 | 
208 | 	typedef struct _TEB {
209 | 		NT_TIB NtTib;
210 | 
211 | 		PVOID EnvironmentPointer;
212 | 		CLIENT_ID ClientId;
213 | 		PVOID ActiveRpcHandle;
214 | 		PVOID ThreadLocalStoragePointer;
215 | 		PPEB ProcessEnvironmentBlock;
216 | 
217 | 		ULONG LastErrorValue;
218 | 		ULONG CountOfOwnedCriticalSections;
219 | 		PVOID CsrClientThread;
220 | 		PVOID Win32ThreadInfo;
221 | 		ULONG User32Reserved[26];
222 | 		ULONG UserReserved[5];
223 | 		PVOID WOW32Reserved;
224 | 		LCID CurrentLocale;
225 | 		ULONG FpSoftwareStatusRegister;
226 | 		PVOID SystemReserved1[54];
227 | 		NTSTATUS ExceptionCode;
228 | 		PVOID ActivationContextStackPointer;
229 | #ifdef _WIN64
230 | 		UCHAR SpareBytes[24];
231 | #else
232 | 		UCHAR SpareBytes[36];
233 | #endif
234 | 		ULONG TxFsContext;
235 | 
236 | 		GDI_TEB_BATCH GdiTebBatch;
237 | 		CLIENT_ID RealClientId;
238 | 		HANDLE GdiCachedProcessHandle;
239 | 		ULONG GdiClientPID;
240 | 		ULONG GdiClientTID;
241 | 		PVOID GdiThreadLocalInfo;
242 | 		ULONG_PTR Win32ClientInfo[62];
243 | 		PVOID glDispatchTable[233];
244 | 		ULONG_PTR glReserved1[29];
245 | 		PVOID glReserved2;
246 | 		PVOID glSectionInfo;
247 | 		PVOID glSection;
248 | 		PVOID glTable;
249 | 		PVOID glCurrentRC;
250 | 		PVOID glContext;
251 | 
252 | 		NTSTATUS LastStatusValue;
253 | 		UNICODE_STRING StaticUnicodeString;
254 | 		WCHAR StaticUnicodeBuffer[261];
255 | 
256 | 		PVOID DeallocationStack;
257 | 		PVOID TlsSlots[64];
258 | 		LIST_ENTRY TlsLinks;
259 | 
260 | 		PVOID Vdm;
261 | 		PVOID ReservedForNtRpc;
262 | 		PVOID DbgSsReserved[2];
263 | 
264 | 		ULONG HardErrorMode;
265 | #ifdef _WIN64
266 | 		PVOID Instrumentation[11];
267 | #else
268 | 		PVOID Instrumentation[9];
269 | #endif
270 | 		GUID ActivityId;
271 | 
272 | 		PVOID SubProcessTag;
273 | 		PVOID EtwLocalData;
274 | 		PVOID EtwTraceData;
275 | 		PVOID WinSockData;
276 | 		ULONG GdiBatchCount;
277 | 
278 | 		union {
279 | 			PROCESSOR_NUMBER CurrentIdealProcessor;
280 | 			ULONG IdealProcessorValue;
281 | 			struct {
282 | 				UCHAR ReservedPad0;
283 | 				UCHAR ReservedPad1;
284 | 				UCHAR ReservedPad2;
285 | 				UCHAR IdealProcessor;
286 | 			};
287 | 		};
288 | 
289 | 		ULONG GuaranteedStackBytes;
290 | 		PVOID ReservedForPerf;
291 | 		PVOID ReservedForOle;
292 | 		ULONG WaitingOnLoaderLock;
293 | 		PVOID SavedPriorityState;
294 | 		ULONG_PTR SoftPatchPtr1;
295 | 		PVOID ThreadPoolData;
296 | 		PVOID* TlsExpansionSlots;
297 | #ifdef _WIN64
298 | 		PVOID DeallocationBStore;
299 | 		PVOID BStoreLimit;
300 | #endif
301 | 		ULONG MuiGeneration;
302 | 		ULONG IsImpersonating;
303 | 		PVOID NlsCache;
304 | 		PVOID pShimData;
305 | 		ULONG HeapVirtualAffinity;
306 | 		HANDLE CurrentTransactionHandle;
307 | 		PTEB_ACTIVE_FRAME ActiveFrame;
308 | 		PVOID FlsData;
309 | 
310 | 		PVOID PreferredLanguages;
311 | 		PVOID UserPrefLanguages;
312 | 		PVOID MergedPrefLanguages;
313 | 		ULONG MuiImpersonation;
314 | 		union {
315 | 			USHORT CrossTebFlags;
316 | 			USHORT SpareCrossTebBits : 16;
317 | 		};
318 | 		union {
319 | 			USHORT SameTebFlags;
320 | 			struct {
321 | 				USHORT SafeThunkCall : 1;
322 | 				USHORT InDebugPrint : 1;
323 | 				USHORT HasFiberData : 1;
324 | 				USHORT SkipThreadAttach : 1;
325 | 				USHORT WerInShipAssertCode : 1;
326 | 				USHORT RanProcessInit : 1;
327 | 				USHORT ClonedThread : 1;
328 | 				USHORT SuppressDebugMsg : 1;
329 | 				USHORT DisableUserStackWalk : 1;
330 | 				USHORT RtlExceptionAttached : 1;
331 | 				USHORT InitialThread : 1;
332 | 				USHORT SessionAware : 1;
333 | 				USHORT SpareSameTebBits : 4;
334 | 			};
335 | 		};
336 | 
337 | 		PVOID TxnScopeEnterCallback;
338 | 		PVOID TxnScopeExitCallback;
339 | 		PVOID TxnScopeContext;
340 | 		ULONG LockCount;
341 | 		ULONG SpareUlong0;
342 | 		PVOID ResourceRetValue;
343 | 		PVOID ReservedForWdf;
344 | 	} TEB, *PTEB;
345 | }


--------------------------------------------------------------------------------