[Java] JNI Hacking Interface

[bulk_4me]

Well, yeah I found my code. Please keep in mind that I just did it for that workshop and it's far from perfect, maybe I'll update this as a Java iNHALE template.

You have the basic stuff, OpenProcess finds a window either by ClassName or WindowName and returns the processHandle to you.

Refer to the MSDN WriteProcessMemory documentation for information on the return values of this function. Additionally you should only write n bytes where n%2 == 0. The same goes for ReadProcessMemory you should only read n bytes where n%2 == 0. I may or may not improve this interface in the future, mainly because the use of chars was a nasty fix and I had little time to implement this. (chars are unsigned in Java) :p

Main.java

Code:

/**
 * [descripción]
 * Creado el 2/11/2005 @ 11:47:58 AM
 *
 * @author 
 * @version %I%, %G%
 */
public class Main {

    public static void main(String[] args) {
    
        System.out.println();

        Process process = new Process(null, "MSN Messenger");

        // WriteProcessMemory
        if ( process.getpHandle() != 0 ) {
            System.out.println("MSN Messenger encontrado!");
            process.WriteProcessMemory(0x5070ED, new char[] {0x77EB});
        }
        else {
            System.out.println("Error: MSN Messenger no econtrado!.");
        }
    }

Process.java

Code:

/**
 * [descripción]
 * Creado el 31/10/2005 @ 09:46:47 PM
 *
 * @author 
 * @version %I%, %G%
 */
public class Process {
    private int pHandle;
    private static String NULL = "";

    private native int OpenProcess(String lpClassName, String lpWindowName);
    private native int WriteProcessMemory(int pHandle, int lpBaseAddress, char[] lpBuffer);
    private native char[] ReadProcessMemory(int pHandle, int lpBaseAddress, int nSize);

    static {
        System.loadLibrary("SandBox");
    }

    public Process() {
    }

    public Process(int pHandle) {
        this.pHandle = pHandle;
    }

    public Process(String lpClassName, String lpWindowName) {
        this.pHandle = OpenProcess(lpClassName == null ? NULL : lpClassName, lpWindowName == null ? NULL : lpWindowName);
    }

    public int getpHandle() {
        return pHandle;
    }

    public void setpHandle(int pHandle) {
        this.pHandle = pHandle;
    }

    public void setpHandle(String lpClassName, String lpWindowName) {
        this.pHandle = OpenProcess(lpClassName == null ? NULL : lpClassName, lpWindowName == null ? NULL : lpWindowName);
    }

    public int WriteProcessMemory(int lpBaseAddress, char[] lpBuffer) {
        return WriteProcessMemory(pHandle, lpBaseAddress, lpBuffer);
    }

    public char[] ReadProcessMemory(int lpBaseAddress, int nSize) {
        return ReadProcessMemory(pHandle, lpBaseAddress, nSize);
    }
}

SandBox.DLL

[kds]

Ah, if only I could remember back to last school year when I was working with Java JNI. Good job bulk.

[bulk_4me]

You mentioned something about a joystick interface.

[arpsmack]

/me gives mad props to bulk

Enjoy the props, they are extra mad.

[kds]

You mentioned something about a joystick interface.

Yeah, we were using JNI to interact with the serial port and joystick.

[Pwnd]

Oo, please do improve. Dude, I'll try and help. Thing is, I don't know anything about process modifying/hacking/whatever. I've been going along with Java though. I'm not to bad at that :D I'm very unfamiliar with JNI though, for now.

[JavaFreak]

I'm also trying to hack with java using the win32 api. The JNI is cumbursome and requires a steep learning curve, which is what java is NOT about. Though one day I want to be able to work with JNI inside out, let me offer a slightly easier approach. Use jawin, a java/win32 interop project. Google it or go to their homepage at http://jawinproject.sourceforge.net/. I have not done much with it yet as I have to concern myself with other matters that are more important to my job (Like higher level stuff that people who use java only cares about). Remember, Sun designed java to be platform independent and relatively easy to use, JNI breaks both paradigm so support for it is not widely available. I honestly wish Sun would implement a wrapper package (maybe something like javax.win32 and each sub package each has DLL as a static library), it would definitely make hacking in java a lot easier. I'm very interested in this topic, if you guys discover more about JNI and hacking please post it here

[Totte_ch]

I'm intressted of this...
...but the link is broken!
Please insert a new link, send the dll-file to me or message me

[bulk_4me]

I restored the file. Try again.

[Totte_ch]

Thank you

Do you know how to hack Brood War? I understand that I must use WriteProcessMemory, but how??
What means lpBaseAddress and what means with lpBuffer??

Code:

public int WriteProcessMemory(int lpBaseAddress, char[] lpBuffer)

Thanks for help

[bulk_4me]

Address is target address when you want to start writing data, lpBuffer is an array of bytes you want to write to that address this example will not work with Broodwar unless you patch it to enable OpenProcess.