# *_* coding: euc_kr_*_
# Pinball Game Hit Point Cheat

import sys
try:
   import wmi
except:
   print "[-]python wmi module needed"
   print "Download:  http://tgolden.sc.sabren.com/python/wmi.html"
   sys.exit(1)

try:
   import win32process
except:
   print "[-]python pywin32 module needed"
   print "Download:  http://sourceforge.net/projects/pywin32/"
   sys.exit(1)

try:
   from ctypes import *
except:
   print "[-]python ctypes module needed"
   print "ctypes is a Python module allowing to create and manipulate C data types in Python."
   print "These can then be passed to C-functions loaded from dynamic link libraries."
   print "Download:  http://sourceforge.net/projects/ctypes/"
   sys.exit(1)

c = wmi.WMI()
for process in c.Win32_Process(name="pinball.exe"):
   hProc = windll.kernel32.OpenProcess(0x1F0FFF, False, process.ProcessId) 
   buffer = create_string_buffer("\xE9\x1F\x0E\x01\x00\x90\x90\x90\x90\x90")
   windll.kernel32.WriteProcessMemory(hProc, 0x0101757C, byref(buffer), 10, 0)
   buffer = c_char('\x7E')
   windll.kernel32.WriteProcessMemory(hProc, 0x01017586, byref(buffer), 1, 0)
   buffer = create_string_buffer("\x01\x30\x81\x00\x00\x50\x00\x00\x8B\x10\x3B\xD0\x90\x90\x90\x90\xE9\xD1\xF1\xFE\xFF")
   windll.kernel32.WriteProcessMemory(hProc, 0x010283A0, byref(buffer), 21, 0)
   print "PinBall.exe CodeCave Successful... at 0x010283A0"

# tagging
# Pinball CodeCave
# ÄÚµåijÀ̺ê, ÄÚµåÄÉÀ̺ê
# SECTION .text Blank Space
# Win32 process Find