Results 1 to 5 of 5
  1. #1
    emoisback
    emoisback is offline
    Full member
    Join Date
    2011 Dec
    Location
    Indonesia there i'm
    Posts
    508
    Thanks Thanks Given 
    83
    Thanks Thanks Received 
    244
    Thanked in
    68 Posts
    Rep Power
    13

    [Help] Unhooking

    i want to make some application that automatic unhook ..

    can someone tell me how to unhooking...i searching around the internet i cant found it.

    thx 4 help
    Last edited by emoisback; 2012-03-28 at 03:18 AM.
    Learn from PGC for Share on PGC..


    For another Stuff i have make try to find it [Please, register to view links]
    If i have help you, please thanks and respect ..

  2. #2
    h4x0r
    h4x0r is offline
    h4x0r's Avatar
    Join Date
    2011 Aug
    Location
    ..\root\home\pgc
    Posts
    826
    Thanks Thanks Given 
    64
    Thanks Thanks Received 
    525
    Thanked in
    205 Posts
    Rep Power
    14
    What's the driver?

  3. #3
    emoisback
    emoisback is offline
    Full member
    Join Date
    2011 Dec
    Location
    Indonesia there i'm
    Posts
    508
    Thanks Thanks Given 
    83
    Thanks Thanks Received 
    244
    Thanked in
    68 Posts
    Rep Power
    13
    ...i'am new in hooking and kernel system @_@..

    hmm...i unhook that for make searching address normal..if that address not unhook address memory will jump every second i dunno why....i try unhook one by one using antirootkit...

    and now i create a trainer that i need to make automaticly unhook that...

    if you can explain it...thx..

    ---------- Post added 2012-03-25 at 04:01 AM ---------- Previous post was 2012-03-20 at 05:04 AM ----------

    sorry for double posting but...
    anyone can teach me how to do this...

    i already confused..

    need to unhook and hooking another driver @_@..
    anyone..
    Last edited by emoisback; 2012-03-28 at 03:17 AM.
    Learn from PGC for Share on PGC..


    For another Stuff i have make try to find it [Please, register to view links]
    If i have help you, please thanks and respect ..

  4. #4
    The_USDL
    The_USDL is offline
    Senior Member The_USDL's Avatar
    Join Date
    2011 Oct
    Posts
    201
    Thanks Thanks Given 
    24
    Thanks Thanks Received 
    538
    Thanked in
    47 Posts
    Rep Power
    0
    Code:
    DWORD EjectDll(DWORD processId, DWORD dll)
    {
        DWORD retcode;
        HMODULE kernel32Handle;
    
    
        // Get access to the process
        EnsureCloseHandle processHandle(OpenProcess(PROCESS_ALL_ACCESS, FALSE, processId));
        if (!processHandle)
        {
            throw runtime_error("Could not get process handle.");
        }
    
        // Get the address of the FreeLibrary function in kernel32.dll
        kernel32Handle = GetModuleHandle("kernel32.dll");
    
        if (!kernel32Handle)
        {
            throw runtime_error("Could not get Kernel32.dll handle.");
        }
    
    
        FARPROC pfreeLibrary = GetProcAddress(kernel32Handle, "FreeLibrary");
        PTHREAD_START_ROUTINE freeLibrary = reinterpret_cast<PTHREAD_START_ROUTINE>(pfreeLibrary);
        if (freeLibrary != NULL)
        {
            HANDLE remoteThreadHandle = CreateRemoteThread(processHandle, NULL, 0, (LPTHREAD_START_ROUTINE)freeLibrary, (void*)dll, 0, NULL);
            if (!remoteThreadHandle)
            {
                WaitForSingleObject(remoteThreadHandle, INFINITE);
                GetExitCodeThread(remoteThreadHandle, &retcode);
            }
            CloseHandle(remoteThreadHandle);
        }
    
        CloseHandle(kernel32Handle);
        return retcode;
    }
    This helps?

  5. #5
    emoisback
    emoisback is offline
    Full member
    Join Date
    2011 Dec
    Location
    Indonesia there i'm
    Posts
    508
    Thanks Thanks Given 
    83
    Thanks Thanks Received 
    244
    Thanked in
    68 Posts
    Rep Power
    13
    I'l try it...
    Thx alot USDL, what language programming that u used..

    let me try to explain it so i understand how it work..



    Quote Originally Posted by The_USDL View Post
    / Get access to the process
    EnsureCloseHandle processHandle(OpenProcess(PROCESS_ALL_ACCESS, FALSE, processId));
    if (!processHandle)
    {
    throw runtime_error("Could not get process handle.");
    }
    That code for getting access to game process.


    Quote Originally Posted by The_USDL View Post
    // Get the address of the FreeLibrary function in kernel32.dll
    kernel32Handle = GetModuleHandle("kernel32.dll");

    if (!kernel32Handle)
    {
    throw runtime_error("Could not get Kernel32.dll handle.");
    }
    and this to get address of freelibrary..

    and can i ask something??..
    what is recode value that will return??..
    get address of freelibrary < this is that i need to change to myunhook file ??..


    hmm... i hope you can teach us about how to make something like this...
    your tutorial will be needed for junior programmer like me..
    thx a lot USDL, its will help me...
    Last edited by emoisback; 2012-03-28 at 03:17 AM.
    Learn from PGC for Share on PGC..


    For another Stuff i have make try to find it [Please, register to view links]
    If i have help you, please thanks and respect ..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •