-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathinit.lua
More file actions
40 lines (28 loc) · 1.41 KB
/
init.lua
File metadata and controls
40 lines (28 loc) · 1.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
local ffi = require "ffi"
local kernel32 = ffi.load "kernel32"
local user32 = ffi.load "user32"
ffi.cdef "void *FindWindowA(const char *, const char *)"
ffi.cdef "bool GetWindowThreadProcessId(void *, uint32_t *)"
ffi.cdef "void *OpenProcess(uint32_t, bool, uint32_t)"
ffi.cdef "void CloseHandle(void *)"
ffi.cdef "void *GetModuleHandleA(const char *)"
ffi.cdef "void *GetProcAddress(void *, const char *)"
ffi.cdef "void *VirtualAllocEx(void *, void *, uint32_t, uint32_t, uint32_t)"
ffi.cdef "void VirtualFreeEx(void *, void *, uint32_t, uint32_t)"
ffi.cdef "void *CreateRemoteThread(void *, void *, uint32_t, void *, void *, uint32_t, uint32_t *)"
local processid = ffi.new( "uint32_t[?]", 1 )
user32.GetWindowThreadProcessId( user32.FindWindowA( "Valve001", nil ), processid )
local game = ffi.gc( kernel32.OpenProcess( 0x043a, false, processid[0] ), kernel32.CloseHandle )
local ret = 0
if tonumber( ffi.cast( "intptr_t", game ) ) ~= 0 then
local kernel32_ptr = kernel32.GetModuleHandleA( "kernel32.dll" )
local lla_ptr = kernel32.GetProcAddress( kernel32_ptr, "LoadLibraryA" )
local garbage = kernel32.VirtualAllocEx( game, nil, 0x0100, 0x3000, 4 )
kernel32.CreateRemoteThread( game, nil, 0, garbage, garbage, 0, nil )
kernel32.VirtualFreeEx( game, garbage, 0, 0xc000 )
else
print("Could not find Valve001")
ret=1
end
kernel32.CloseHandle( ffi.gc( game, nil ) )
return ret