Results 1 to 5 of 5
  1. #1
    emoisback
    emoisback is offline
    Full member
    Join Date
    2011 Dec
    Location
    Indonesia there i'm
    Posts
    508
    Thanks
    83
    Thanked 244 Times in 68 Posts
    Rep Power
    7

    [Help] Unhooking

    i want to make some application that automatic unhook ..

    can someone tell me how to unhooking...i searching around the internet i cant found it.

    thx 4 help
    Last edited by emoisback; 2012-03-28 at 03:18 AM.
    Learn from PGC for Share on PGC..


    For another Stuff i have make try to find it [Please, register to view links]
    If i have help you, please thanks and respect ..

  2. #2
    h4x0r
    h4x0r is offline
    h4x0r's Avatar
    Join Date
    2011 Aug
    Location
    ..\root\home\pgc
    Posts
    826
    Thanks
    64
    Thanked 525 Times in 205 Posts
    Rep Power
    8
    What's the driver?

  3. #3
    emoisback
    emoisback is offline
    Full member
    Join Date
    2011 Dec
    Location
    Indonesia there i'm
    Posts
    508
    Thanks
    83
    Thanked 244 Times in 68 Posts
    Rep Power
    7
    ...i'am new in hooking and kernel system @[email protected]

    hmm...i unhook that for make searching address normal..if that address not unhook address memory will jump every second i dunno why....i try unhook one by one using antirootkit...

    and now i create a trainer that i need to make automaticly unhook that...

    if you can explain it...thx..

    ---------- Post added 2012-03-25 at 04:01 AM ---------- Previous post was 2012-03-20 at 05:04 AM ----------

    sorry for double posting but...
    anyone can teach me how to do this...

    i already confused..

    need to unhook and hooking another driver @[email protected]
    anyone..
    Last edited by emoisback; 2012-03-28 at 03:17 AM.
    Learn from PGC for Share on PGC..


    For another Stuff i have make try to find it [Please, register to view links]
    If i have help you, please thanks and respect ..

  4. #4
    The_USDL
    The_USDL is offline
    Senior Member The_USDL's Avatar
    Join Date
    2011 Oct
    Posts
    201
    Thanks
    24
    Thanked 538 Times in 47 Posts
    Rep Power
    0
    Code:
    DWORD EjectDll(DWORD processId, DWORD dll)
    {
        DWORD retcode;
        HMODULE kernel32Handle;
    
    
        // Get access to the process
        EnsureCloseHandle processHandle(OpenProcess(PROCESS_ALL_ACCESS, FALSE, processId));
        if (!processHandle)
        {
            throw runtime_error("Could not get process handle.");
        }
    
        // Get the address of the FreeLibrary function in kernel32.dll
        kernel32Handle = GetModuleHandle("kernel32.dll");
    
        if (!kernel32Handle)
        {
            throw runtime_error("Could not get Kernel32.dll handle.");
        }
    
    
        FARPROC pfreeLibrary = GetProcAddress(kernel32Handle, "FreeLibrary");
        PTHREAD_START_ROUTINE freeLibrary = reinterpret_cast<PTHREAD_START_ROUTINE>(pfreeLibrary);
        if (freeLibrary != NULL)
        {
            HANDLE remoteThreadHandle = CreateRemoteThread(processHandle, NULL, 0, (LPTHREAD_START_ROUTINE)freeLibrary, (void*)dll, 0, NULL);
            if (!remoteThreadHandle)
            {
                WaitForSingleObject(remoteThreadHandle, INFINITE);
                GetExitCodeThread(remoteThreadHandle, &retcode);
            }
            CloseHandle(remoteThreadHandle);
        }
    
        CloseHandle(kernel32Handle);
        return retcode;
    }
    This helps?

  5. #5
    emoisback
    emoisback is offline
    Full member
    Join Date
    2011 Dec
    Location
    Indonesia there i'm
    Posts
    508
    Thanks
    83
    Thanked 244 Times in 68 Posts
    Rep Power
    7
    I'l try it...
    Thx alot USDL, what language programming that u used..

    let me try to explain it so i understand how it work..



    Quote Originally Posted by The_USDL View Post
    / Get access to the process
    EnsureCloseHandle processHandle(OpenProcess(PROCESS_ALL_ACCESS, FALSE, processId));
    if (!processHandle)
    {
    throw runtime_error("Could not get process handle.");
    }
    That code for getting access to game process.


    Quote Originally Posted by The_USDL View Post
    // Get the address of the FreeLibrary function in kernel32.dll
    kernel32Handle = GetModuleHandle("kernel32.dll");

    if (!kernel32Handle)
    {
    throw runtime_error("Could not get Kernel32.dll handle.");
    }
    and this to get address of freelibrary..

    and can i ask something??..
    what is recode value that will return??..
    get address of freelibrary < this is that i need to change to myunhook file ??..


    hmm... i hope you can teach us about how to make something like this...
    your tutorial will be needed for junior programmer like me..
    thx a lot USDL, its will help me...
    Last edited by emoisback; 2012-03-28 at 03:17 AM.
    Learn from PGC for Share on PGC..


    For another Stuff i have make try to find it [Please, register to view links]
    If i have help you, please thanks and respect ..

Visitors found this page by searching for:

lt1054d32.sys

c unhook dllc unhooklt1054d32unhook c ejectdll(dword processid dword dll)unhook dll c how to unhook addressc how to unhook [c ]unhook dllc unhook gameunhooking dllc unhook applicationunhooking lt1054d32unhooking c

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •