So we resume from part one of our Internal DLL injection AOB scan tutorial and code our Sig Scan in C++.
We can then use this DLL, inject it into the process and have infinity health by changing the way the game works.Part 1: https://www.youtube.com/watch?v=gfXGwua_2yM

Source code for this tutorial: https://pastebin.com/D7WLUBNa
DLL Injector used: https://www.unknowncheats.me/forum/pc-software/105007-gameowner-simple-undetected-dll-injector.html

 

Code:
#include <Windows.h>
#include <iostream>
#include <tlhelp32.h>
#include <Psapi.h>

using namespace std;

char module[] = “server.dll”;
char sig[] = “\x89\x37\x5F\xB8\x00\x00\x00\x00”;
char mask[] = “xxxx????”;
char nopOppCode[] = “\x90\x90\x90”;

MODULEINFO GetModuleInfo(char *szModule)
{
MODULEINFO modinfo{ 0 };
HMODULE hModule = GetModuleHandle(szModule);
if (hModule == 0)
return modinfo;
GetModuleInformation(GetCurrentProcess(), hModule, &modinfo, sizeof(MODULEINFO));
return modinfo;
}

void WriteToMemory(uintptr_t addressToWrite, char* valueToWrite, int byteNum)
{
unsigned long OldProtection;
VirtualProtect((LPVOID)(addressToWrite), byteNum, PAGE_EXECUTE_READWRITE, &OldProtection);
memcpy((LPVOID)addressToWrite, valueToWrite, byteNum);
VirtualProtect((LPVOID)(addressToWrite), byteNum, OldProtection, NULL);
}

DWORD FindPattern(char *module, char *pattern, char *mask)
{
MODULEINFO mInfo = GetModuleInfo(module);
DWORD base = (DWORD)mInfo.lpBaseOfDll;
DWORD size = (DWORD)mInfo.SizeOfImage;

DWORD patternLength = (DWORD)strlen(mask);

for (DWORD i = 0; i < size – patternLength; i++)
{
bool found = true;
for (DWORD j = 0; j < patternLength; j++)
{
found &= mask[j] == ‘?’ || pattern[j] == *(char*)(base + i + j);
}
if (found)
{
return base + i;
}
}

return NULL;
}

void startDLL()
{
DWORD foundAddy = FindPattern(module, sig, mask);
WriteToMemory(foundAddy, nopOppCode, 1);
}

BOOL WINAPI DllMain(
HINSTANCE hinstDLL,
DWORD fwdReason,
LPVOID lpReserved)
{
switch (fwdReason)
{
case DLL_PROCESS_ATTACH:
MessageBoxA(NULL, “Good to Go”, “”, 0);
startDLL();
break;
}
return TRUE;
}