[Release] Advanced hooking

Page 6 of 13

07/11/2011 22:50 pro4never#76

So I was trying to figure out why my old PacketHooker test wasn't working and noticed something interesting....

After a decent amount of debugging and bashing my head against the wall i found out that it's not able to attach to the process (but being as the exceptions are all handled so nicely it doesn't complain).

For my client selector I have a simple PopulateClientList() which runs through each process on the computer, checks if it's a conquer process and if so tries to pull a client name from it.

I've tried ReadString as well as using ReadByteArray and ofc cause I cant attach it doesn't work (with trying to attach or not)

Anything I'm missing? I know it worked the first time I tested all this out.

Code:

 foreach (Process theprocess in processlist)
                    {
                        if (theprocess.ProcessName == "Conquer")
                        {
                            Console.WriteLine("Process name found with: " + theprocess.ProcessName);
                            Console.WriteLine("Attached successfully? " + new Debuggee(theprocess.Id).AttachDebugger());
                        }
                    }

Always says false when I'm trying to attach debugger.

07/12/2011 10:44 KraHen#77

It might be something trivial but is the process` name Conquer? Didn`t really start the client for a while.

07/12/2011 14:58 pro4never#78

Hawtness already showed me the issue.

Run as administrator if you wanna mess with memory ahaha.

Because I was just debugging it from inside vs i wasn't running it as admin which causes it to not be able to hook into most processes successfully.

07/12/2011 15:48 xmen01235#79

Quote:
Originally Posted by pro4never
So I was trying to figure out why my old PacketHooker test wasn't working and noticed something interesting....

After a decent amount of debugging and bashing my head against the wall i found out that it's not able to attach to the process (but being as the exceptions are all handled so nicely it doesn't complain).

For my client selector I have a simple PopulateClientList() which runs through each process on the computer, checks if it's a conquer process and if so tries to pull a client name from it.

I've tried ReadString as well as using ReadByteArray and ofc cause I cant attach it doesn't work (with trying to attach or not)

Anything I'm missing? I know it worked the first time I tested all this out.
Code:
 foreach (Process theprocess in processlist)
                    {
                        if (theprocess.ProcessName == "Conquer")
                        {
                            Console.WriteLine("Process name found with: " + theprocess.ProcessName);
                            Console.WriteLine("Attached successfully? " + new Debuggee(theprocess.Id).AttachDebugger());
                        }
                    }
Always says false when I'm trying to attach debugger.

Try running on as admin.

07/12/2011 22:36 Jonny999#80

Quote:

Originally Posted by IAmHawtness

Oh yeah, RecvPacketAddress = &H6E01B7

Have i ever mentioned, you have a radiant glow of sexyness?

07/12/2011 23:51 IAmHawtness#81

Quote:

Originally Posted by Jonny999

Have i ever mentioned, you have a radiant glow of sexyness?

Why thank you, handsome

07/15/2011 09:28 Belth#82

What's the best way to detect when the client disconnects?

07/15/2011 15:53 IAmHawtness#83

Quote:

Originally Posted by Belth

What's the best way to detect when the client disconnects?

[Only registered and activated users can see links. Click Here To Register...]

This requires that you log in through the bot though so that it can capture when WS2_32.connect gets called.

Edit:
Another option is to just hook the MessageBoxA function in user32.dll and check if the message box is saying "Error: Disconnected with the game server" :p

07/19/2011 15:55 Cyanogen#84

Just a thought here, since my proxy dosn't use hooking (it uses loopbacks), I've never really looked into it. But, if I'm not mistaken, doesn't the client use a Mutex to check for already running clients in order to limit it to 3? Most tuts on making multi-clients that I have read seem to be to do with that. Seeing as hexing the client is now more dangerous than it used to be, wouldn't it be possible to hook CreateMutexA, intercept the multi-client mutex check, change the name of the mutex to something random, call the original CreateMutexA and return the HANDLE to the client. Would that allow multi clienting with an unmodified client?

07/19/2011 18:17 IAmHawtness#85

Quote:

Originally Posted by Cyanogen

Just a thought here, since my proxy dosn't use hooking (it uses loopbacks), I've never really looked into it. But, if I'm not mistaken, doesn't the client use a Mutex to check for already running clients in order to limit it to 3? Most tuts on making multi-clients that I have read seem to be to do with that. Seeing as hexing the client is now more dangerous than it used to be, wouldn't it be possible to hook CreateMutexA, intercept the multi-client mutex check, change the name of the mutex to something random, call the original CreateMutexA and return the HANDLE to the client. Would that allow multi clienting with an unmodified client?

Yes it would, in fact I once released a versionless multi-client here that did exactly that :)

07/19/2011 18:52 Cyanogen#86

Does it still work?

07/19/2011 18:59 IAmHawtness#87

Quote:

Originally Posted by Cyanogen

Does it still work?

Yeah it does :)

07/23/2011 22:10 PKDemon#88

how do you find the send and recv address thorugh memory so you could be able to make a bot for liek a pserver or something

07/23/2011 22:37 phize#89

You trace it from winsock api calls with a debugger.

07/24/2011 05:21 PKDemon#90

Quote:

Originally Posted by Synsia

You trace it from winsock api calls with a debugger.

never used a debugger before :-s

Page 6 of 13

« First

Last »