Results 1 to 6 of 6
  1. #1
    gosicks
    gosicks is offline
    New member
    Join Date
    2010 Oct
    Posts
    31
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0

    [help] making dll injection

    I have some problem with this code...
    the problem is hackshield was detected this hook method...
    any other alternative to hook memory read/write???

    I got this code from MHS forum and cheat forum in indonesia

    [syntax]#define _CRT_SECURE_NO_WARNINGS
    #include <windows.h>
    #include <tlhelp32.h>

    char *pProcessWindowTitle = "Point Blank"; //game 1 FPS in Indonesia
    char *pProcessWindowClass = "I3VIEWER";
    char *pProcessModuleName = "PointBlank.i3Exec";//module


    UINT_PTR uipUserRankValue = 35;
    UINT_PTR uipUserPointsValue = 999999; //value

    UINT_PTR uiptrFinalRank, uiptrFinalPoints;

    bool isInitMmhMemory = true;

    DWORD dwProcessID;
    UINT_PTR uipMmhBaseAddress;
    HANDLE hProcess;

    DWORD GetModuleBase(LPSTR lpModuleName, DWORD dwProcessId)
    {
    MODULEENTRY32 lpModuleEntry = {0};
    HANDLE hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);

    if(!hSnapShot)
    return NULL;
    lpModuleEntry.dwSize = sizeof(lpModuleEntry);
    BOOL bModule = Module32First( hSnapShot, &lpModuleEntry );
    while(bModule)
    {
    if(!strcmp( lpModuleEntry.szModule, lpModuleName ) )
    {
    CloseHandle(hSnapShot);
    return (DWORD)lpModuleEntry.modBaseAddr;
    }
    bModule = Module32Next( hSnapShot, &lpModuleEntry );
    }
    CloseHandle( hSnapShot );
    return NULL;
    }

    // DeRef() = credit L. Spiro (MHS)
    UINT_PTR DeRef( UINT_PTR _uiptrPointer ) {
    UINT_PTR uiptrRet;
    if (!::ReadProcessMemory(hProcess, reinterpret_cast<LPVOID>(_uiptrPointer), &uiptrRet, sizeof(uiptrRet), NULL)) { return 0UL; }
    return uiptrRet;
    }

    // inisialisasi proses
    void InitApplicationProcess()
    {
    bool isFindWindow = true;
    HWND hWnd = NULL;

    while(isFindWindow)
    {
    if((hWnd = FindWindowA(pProcessWindowClass, pProcessWindowTitle)) != NULL) // jika window ditemukan
    {
    isFindWindow = false;
    }
    Sleep(500);
    }

    GetWindowThreadProcessId(hWnd, &dwProcessID);
    hProcess = //OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATIO N|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_I NFORMATION, FALSE, dwProcessID);//vista
    hProcess = OpenProcess(PROCESS_VM_OPERATION|PROCESS_VM_READ|P ROCESS_VM_WRITE|PROCESS_QUERY_INFORMATION, FALSE, dwProcessID);//xp
    }

    void MajorMissionHack()
    {
    if(isInitMmhMemory)
    {
    uipMmhBaseAddress = GetModuleBase(pProcessModuleName, dwProcessID);

    uiptrFinalRank = DeRef(uipMmhBaseAddress + 0x491E7C) + 0xA9D; // User rank pointer
    uiptrFinalPoints = DeRef(uipMmhBaseAddress + 0x491E7C) + 0xAA1; // User points pointer
    isInitMmhMemory = false;
    }

    ::WriteProcessMemory(hProcess, reinterpret_cast<LPVOID>(uiptrFinalRank), &uipUserRankValue, sizeof(uipUserRankValue), NULL);
    ::WriteProcessMemory(hProcess, reinterpret_cast<LPVOID>(uiptrFinalPoints), &uipUserPointsValue, sizeof(uipUserPointsValue), NULL);
    }

    void LovelyLoopy()
    {
    MessageBox(0, "Injection Success...!", "Hello World", MB_OK + MB_ICONASTERISK);

    InitApplicationProcess();

    while(1)
    {
    if(GetAsyncKeyState(VK_F12)&1)
    {
    MajorMissionHack();
    Sleep(500);
    }

    Sleep(1);
    }
    }

    BOOL WINAPI DllMain(HMODULE hDll, DWORD dwReason, LPVOID lpReserved)
    {
    DisableThreadLibraryCalls(hDll);

    if(dwReason == DLL_PROCESS_ATTACH)
    {
    CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)LovelyLoopy, NULL, NULL, NULL);
    }
    else if(dwReason == DLL_PROCESS_DETACH)
    {
    CloseHandle(hProcess);
    }

    return TRUE;
    }[/syntax]

    maybe hackshield already know this characteristic.....
    i need other methods to write memory process.....

  2. #2
    Dwar
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Posts
    2,222
    Thanks Thanks Given 
    211
    Thanks Thanks Received 
    2,230
    Thanked in
    292 Posts
    Rep Power
    10

    Re: [help] making dll injection

    gosicks
    Are you trying to inject dll into running process?
    You can't read or write to the process memory secured by HackShield.
    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

  3. #3
    gosicks
    gosicks is offline
    New member
    Join Date
    2010 Oct
    Posts
    31
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0

    Re: [help] making dll injection

    so....what i can do to hack this game??
    this game not allowed window mode...
    i just want make some trainer,
    this game only can hack with remote desktop. with winhex engine...it not simple and need long time for editing memory process...

  4. #4
    Dwar
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Posts
    2,222
    Thanks Thanks Given 
    211
    Thanks Thanks Received 
    2,230
    Thanked in
    292 Posts
    Rep Power
    10

    Re: [help] making dll injection

    gosicks
    Inject your dll before HS. Also you can use codecave methods (modify client exe)
    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

  5. #5
    gosicks
    gosicks is offline
    New member
    Join Date
    2010 Oct
    Posts
    31
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0

    Re: [help] making dll injection

    this module cannot extracted by ollydbg...this pack using themida or something...
    i just want to learn writing memory without handle the module...is that possible??

  6. #6
    Dwar
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Posts
    2,222
    Thanks Thanks Given 
    211
    Thanks Thanks Received 
    2,230
    Thanked in
    292 Posts
    Rep Power
    10

    Re: [help] making dll injection

    gosicks
    read tutorial about patching packed app
    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •