LOADER#include <windows.h>
#include <stdio.h>
#include <iostream.h>
#include <tlhelp32.h>
#define GAME "hl.exe"
#define DLL "Hook.dll"
bool ok;
int main()
{
int a;
HANDLE hAndle;
PROCESSENTRY32 pe;
pe.dwSize = sizeof(PROCESSENTRY32);
while(!ok)
{
HANDLE hAndle=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if(Process32First(hAndle,&pe))
{
do
{
HANDLE hTemp=OpenProcess(PROCESS_ALL_ACCESS, 0, pe.th32ProcessID);
if(hTemp)
{
if( strcmpi(pe.szExeFile, GAME) == 0)
{
hAndle = OpenProcess(PROCESS_ALL_ACCESS, FALSE,pe.th32ProcessID);
LPVOID lpRemoteAddress=VirtualAllocEx(hAndle,NULL,strlen(DLL),MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE);
WriteProcessMemory(hAndle, lpRemoteAddress, (LPVOID)DLL, strlen(DLL), NULL);
CreateRemoteThread(hAndle, NULL, 0,(LPTHREAD_START_ROUTINE)GetProcAddress(GetModuleHandle("Kernel32"), "LoadLibraryA"), lpRemoteAddress, 0, NULL);
ok=true;
break;
}
CloseHandle(hTemp);
}
}
while(Process32Next(hAndle, &pe));
}
}
return 0;
}
DLL__stdcall DllMain(HANDLE handle,DWORD message,LPVOID lpReservd)
{
switch(message)
{
case DLL_PROCESS_ATTACH:
DisableThreadLibraryCalls((HMODULE)handle);
MessageBox(NULL,"TEST","TEST",MB_OK);
//real_glBegin=(FUNC_GLBEGIN)DetourFunction((PBYTE)DetourFindFunction("OpenGL32","glBegin"),(PBYTE)myGlBegin);
//real_glViewport=(FUNC_GLVIEWPORT)DetourFunction((PBYTE)DetourFindFunction("OpenGL32","glViewport"),(PBYTE)myGlViewport);
break;
}
return TRUE;
}
#include "stdafx.h"
#include "DigiHook.h"
#include "psapi.h"
#include <windows.h>
#include <Tlhelp32.h>
#include <detours.h>
#include <string.h>
#define end1 '\n'
#ifdef _DEBUG
#define new DEBUG_NEW
#endif
CWinApp theApp;
using namespace std;
// you need psapi.lib, and detours.lib
BOOL InjectIntoProcess(TCHAR* szExeName, TCHAR* szDllName);
int _tmain(int argc, TCHAR* argv[], TCHAR* envp[])
{
int nRetCode = 0;
// initialize MFC and print and error on failure
if (!AfxWinInit(::GetModuleHandle(NULL), NULL, ::GetCommandLine(), 0))
{
// TODO: change error code to suit your needs
_tprintf(_T("Fatal Error: MFC initialization failed\n"));
nRetCode = 1;
}
else
{
int hooked = FALSE;
cout << "Waiting to inject ..." << end1;
while (!hooked)
{
if (InjectIntoProcess( _T( "hl2.exe" ), _T( "digihook.dll" ) ) )
{
hooked = TRUE;
cout << "HL2 successfully hooked!";
}
Sleep(100);
}
cin.get();
}
return nRetCode;
}
BOOL InjectIntoProcess(TCHAR* szExeName, TCHAR* szDllName)
{
TCHAR szProcessName[MAX_PATH];
TCHAR szDllNameAndPath[MAX_PATH];
DWORD aProcesses[1024], cb, cProcesses;
HANDLE hProcess = NULL;
HMODULE hMod = NULL;
UINT i = 0;
// Get the full path to the DLL for later use
GetCurrentDirectory(MAX_PATH, szDllNameAndPath);
wcscat_s(szDllNameAndPath, _T("\\"));
wcscat_s(szDllNameAndPath, szDllName);
// Get the list of process identifiers
if(!EnumProcesses(aProcesses, sizeof(aProcesses), &cb))
return FALSE;
// Calculate how many process identifiers were returned
cProcesses = cb / sizeof(DWORD);
// Get the name and process identifier for each process
for(i = 0; i < cProcesses; i++)
{
hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, aProcesses[i]);
if(hProcess)
{
if(EnumProcessModules(hProcess, &hMod, sizeof(hMod), &cb))
{
GetModuleBaseNameW(hProcess, hMod, szProcessName, sizeof(szProcessName)/sizeof(TCHAR));
}
if(wcscmp(wcslwr(szProcessName), szExeName) == 0)
{
// We found the process, inject our DLL
if(DetourContinueProcessWithDllW(hProcess, szDllNameAndPath))
{
return TRUE;
}
}
}
CloseHandle(hProcess);
}
return FALSE;
}
este es un code de un loader, lo traje de un foro de programación sobre half life y otros, hay más codes, este lo hizo un tal sinner.