[TUTORIAL] Creating a simple DLL Cheat/Hack

Page 8 of 11 « First 67 8 910 Last »
11/10/2011 02:43 hawkagent#106
I have not yet found a solution, but the weird thing is, my proxy dll DOES actually work on a less secured server, although the export is "DirectSoundCaptureCreate = ___E__0__@0" instead of "DirectSoundCaptureCreate".

I'm not sure how come this is. But I think im on to something here, a good guess would be kalsage is sensing this modified export, and refuses to import this. So I would like to remove the "= ___E__0__@0" from the exports, so it only exports "DirectSoundCaptureCreate". Is there a way to do this?
11/11/2011 13:14 RunzelEier#107
Try to compile it as a release.
There might be some problems with the debug version
11/12/2011 17:09 hawkagent#108
It was already in Release mode, but as the problem miraculously appeared, it disappeared when I changed the release output folder. Anyway I successfully proxy'd the dll, now on to hooking some functions :D
11/21/2011 09:19 SimSir#109
This is Virtual base adress? oR OEP?

PHP Code:
DWORD GetTargetThreadIDFromProcName(const char ProcName

   PROCESSENTRY32 pe
   HANDLE thSnapShot
   BOOL retvalProcFound false

   thSnapShot CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS0); 
   if(thSnapShot == INVALID_HANDLE_VALUE
   { 
      //MessageBox(NULL, "Error: Unable to create toolhelp snapshot!", "2MLoader", MB_OK); 
      printf("Error: Unable to create toolhelp snapshot!"); 
      return false
   } 

   pe.dwSize sizeof(PROCESSENTRY32); 
    
   retval Process32First(thSnapShot, &pe); 
   while(retval
   { 
      if(StrStrI(pe.szExeFileProcName)) 
      { 
         return pe.th32ProcessID
      } 
      retval Process32Next(thSnapShot, &pe); 
   } 
   return 0
}

int main(int argcchar argv[]) 
{
HANDLE Proc
DWORD pID GetTargetThreadIDFromProcName("engine.exe");
Proc OpenProcess(PROCESS_ALL_ACCESSFALSEpID);
MEMORY_BASIC_INFORMATION mInfo;
VirtualQueryEx(Proc,NULL,&mInfo,NULL);
std::cout <<"AllocationBase :"<< mInfo.AllocationBase << "\n";
    std::cout <<"AllocationProtect :" <<mInfo.AllocationProtect <<"\n";
    std::cout <<"BaseAddress :" << mInfo.BaseAddress <<"\n"//<---g_dwBasePointerAddress ? 
    std::cout <<"Protect :" <<mInfo.Protect << "\n";
    std::cout <<"RegionSize :" << mInfo.RegionSize << "\n";
    std::cout <<"State :" << mInfo.State <<"\n";
    std::cout <<"Type :" <<mInfo.Type << "\n";
CloseHandle(Proc); 
ineed some help ^^
11/21/2011 14:43 Thiesius#110
1] If the NULL is valid argument for second parameter, then I would say it will be Image Base - 0x400000.

2] It won't be OEP 100%, that's bullcrap.

3] HackShields hook returns Access Denied for OpenProcess, so unless you have a driver it won't work.

4] Thread ID != Process ID
11/21/2011 15:47 pleaX#111
It's better to create a process(engine.exe) & then inject your dll...
11/22/2011 08:31 SimSir#112
Quote:
Originally Posted by Thiesius View Post
1] If the NULL is valid argument for second parameter, then I would say it will be Image Base - 0x400000.

2] It won't be OEP 100%, that's bullcrap.

3] HackShields hook returns Access Denied for OpenProcess, so unless you have a driver it won't work.

4] Thread ID != Process ID
ty for reply.

GetTargetThreadIDFromProcName its my function name return PID.
11/29/2011 10:33 SimSir#113
Only int. server Good Luck :))

dbghelp.h

PHP Code:
#include <windows.h>
#define jnz 0x850F;


static DWORD g_dwBasePointerAddress     0x401000
static DWORDg_fileSecurityCheck       0;
static DWORDg_memorySecurityCheck     0
dbghelp.cpp

PHP Code:
    DWORD Address=0;
    DWORD dwBuffer jnz;
    
    g_fileSecurityCheck = &dwBuffer;
    g_memorySecurityCheck = &dwBuffer;
    
    //File Manipulation Check (Patch Je --> Jnz)
    AddressSearchPattern("50 FF 15 x x x x 8B 8D x x x x 89 8D x x x x 81 BD x x x x x x x x 0F 84 x x x x",g_dwBasePointerAddress,0x007fffff);
    MemCpyEx((LPVOID)(Address+29),(LPVOID)g_fileSecurityCheck2);

    
    //Memory Manipulation Check (Patch je--> Jnz)
    AddressSearchPattern("81 BD x x x x 05 07 01 00  0F 84 9D 01 00 00",g_dwBasePointerAddress,0x007fffff);
    MemCpyEx((LPVOID)(Address+10),(LPVOID)g_memorySecurityCheck2); 
12/30/2011 16:26 FrankHenk#114
I'm trying to create a dinput8.dll proxy using this tutorial (although not for Kal Online but for another game), however the LoadLibrary function doesn't seems to find my renamed original DLL (dinput8_.dll) and I thought this topic would be the best to post my question.

To try and find which causes that error I changed to code for loading the library to this:

Code:
		hL = LoadLibrary("dinput8_.dll");
		if (!hL) {
			char error[300];
			sprintf(error, "LoadLibrary failed >> %d",GetLastError());
			MessageBox(
				NULL,
				error,
				"Error",
				MB_OK
				);
				return false;
		};
The error message I get is "LoadLibrary failed >> 193", so LoadLibrary seems to fail with code 193, but I can't find what this error actually means, but on Google I found it could be either a damaged original DLL (I copied the original from System32, so It's probably not damaged) or the code being compiled for 64bit while it has to be 32bit and vice versa. I couldn't find any site though which came with a fix, so I was wondering if someone here knows how to fix this.

Maybe usefull to know:
I am working on a 64bit Windows 7 with Visual Studi 10, and the DLL is used in a 32bit game from 2004 .
01/18/2012 20:23 xNekro#115
€:Work Perfectly
Ty :D!
02/04/2012 04:57 dawly50#116
ever think done but at cheat setup i stoped can u help me plz and rly thx ^^
04/11/2012 09:30 g3orgi00#117
can i use another program other than microsoft visual studio?
04/11/2012 12:43 MoepMeep#118
You can use any C++-Compiler ;o
06/21/2012 12:25 Doctor2#119
I got an error: file manipulation detected

It happens when I press start on kalonline launcher ... any solutions? :)
09/10/2012 02:51 Sephit#120
im trying to ready all the post but i cant find any solution of my problem :( .
Im trying to learn but im stuck at step 4, it seems that "Wrappit.exe" it's wrong or corrupted somewhere cause when i typed "wrappit.exe ... .. . .. ." the command prompt says that "wrappit.exe" cant be recognized as an internal or external command

what can i do? :/
Page 8 of 11 « First 67 8 910 Last »