asmhack
06-13-2008, 12:48 PM
' open secure process example "pidfix" (warcraft 3 version)
' msvb6 syntax, x86-win32
' by asmhack
' asmhack@live.com
Option Explicit
Public Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Public Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
Public Declare Function GetCurrentProcess Lib "kernel32" () As Long
Public Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Public Declare Function LocalFree Lib "kernel32" (ByVal hMem As Long) As Long
Public Declare Function SetSecurityInfo Lib "advapi32" (ByVal Handle As Long, ByVal ObjectType As Long, ByVal SecurityInfo As Long, ppsidOwner As Long, ppsidGroup As Long, ppDacl As Any, ppSacl As Any) As Long
Public Declare Function GetSecurityInfo Lib "advapi32" (ByVal Handle As Long, ByVal ObjectType As Long, ByVal SecurityInfo As Long, ppsidOwner As Long, ppsidGroup As Long, ppDacl As Any, ppSacl As Any, ppSecurityDescriptor As Long) As Long
Public Const DACL_SECURITY_INFORMATION = 4
Public Const SE_KERNEL_OBJECT = 6
Public Const UNPROTECTED_DACL_SECURITY_INFORMATION = 128
Public Const WRITE_DAC = &H40000
Sub Main()
Dim hwnd As Long, pid As Long, temp As Long, dacl As Long, secu As Long, pro As Long
hwnd = FindWindow(vbNullString, "Warcraft III")
If hwnd = 0# Then MsgBox "warcraft 3 window not found": End
GetWindowThreadProcessId hwnd, pid
temp = GetSecurityInfo(GetCurrentProcess(), SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, 0#, 0#, dacl, 0#, secu)
If temp <> 0# Then MsgBox "get security info error": End
pro = OpenProcess(WRITE_DAC, 0#, pid)
If pro = 0# Then MsgBox "open process error": End
temp = SetSecurityInfo(pro, SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION Or UNPROTECTED_DACL_SECURITY_INFORMATION, 0#, 0#, ByVal dacl, 0#)
If temp <> 0# Then MsgBox "set security info error": End
CloseHandle pro
LocalFree secu
MsgBox "process fixed", , "aSMhack"
End Sub
' msvb6 syntax, x86-win32
' by asmhack
' asmhack@live.com
Option Explicit
Public Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Public Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long
Public Declare Function GetCurrentProcess Lib "kernel32" () As Long
Public Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Public Declare Function LocalFree Lib "kernel32" (ByVal hMem As Long) As Long
Public Declare Function SetSecurityInfo Lib "advapi32" (ByVal Handle As Long, ByVal ObjectType As Long, ByVal SecurityInfo As Long, ppsidOwner As Long, ppsidGroup As Long, ppDacl As Any, ppSacl As Any) As Long
Public Declare Function GetSecurityInfo Lib "advapi32" (ByVal Handle As Long, ByVal ObjectType As Long, ByVal SecurityInfo As Long, ppsidOwner As Long, ppsidGroup As Long, ppDacl As Any, ppSacl As Any, ppSecurityDescriptor As Long) As Long
Public Const DACL_SECURITY_INFORMATION = 4
Public Const SE_KERNEL_OBJECT = 6
Public Const UNPROTECTED_DACL_SECURITY_INFORMATION = 128
Public Const WRITE_DAC = &H40000
Sub Main()
Dim hwnd As Long, pid As Long, temp As Long, dacl As Long, secu As Long, pro As Long
hwnd = FindWindow(vbNullString, "Warcraft III")
If hwnd = 0# Then MsgBox "warcraft 3 window not found": End
GetWindowThreadProcessId hwnd, pid
temp = GetSecurityInfo(GetCurrentProcess(), SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, 0#, 0#, dacl, 0#, secu)
If temp <> 0# Then MsgBox "get security info error": End
pro = OpenProcess(WRITE_DAC, 0#, pid)
If pro = 0# Then MsgBox "open process error": End
temp = SetSecurityInfo(pro, SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION Or UNPROTECTED_DACL_SECURITY_INFORMATION, 0#, 0#, ByVal dacl, 0#)
If temp <> 0# Then MsgBox "set security info error": End
CloseHandle pro
LocalFree secu
MsgBox "process fixed", , "aSMhack"
End Sub