Register for your free account! | Forgot your password?

Go Back   elitepvpers Coders Den AutoIt
Creating processes with suspended flag Creating processes with suspended flag
You last visited: Today at 23:12

  • Please register to post and access all features, it's quick, easy and FREE!

Advertisement


Advertise with us!

Creating processes with suspended flag

Discussion on Creating processes with suspended flag within the AutoIt forum part of the Coders Den category.

Reply
 
Old   #1
 
[Beatrice]'s Avatar
 
elite*gold: LOCKED
The Black Market: 23/2/0
Join Date: Oct 2014
Posts: 1,258
Received Thanks: 12,469
Creating processes with suspended flag

Needed it for something, may be useful to someone.

Code:
#RequireAdmin
#include <MemoryConstants.au3>
#include <WinApi.au3>
#include <WinApiProc.au3>
#include <String.au3>
$tStartup = DllStructCreate($tagSTARTUPINFO)
$tProcess = DllStructCreate($tagPROCESS_INFORMATION)
$sAppName = FileOpenDialog("","","(*.exe)")
If $sAppName = "" Then Exit
$iDelay = InputBox("Delay","Delay between base checks","200")
If Not StringIsInt($iDelay) Then Exit
$aAppName = _StringBetween(StringReverse($sAppName),"","\")
$sProcessName = StringReverse($aAppName[0])
_WinAPI_CreateProcess("", $sAppName, 0, 0, 0, 0x00000004, 0, 0, DllStructGetPtr($tStartup), DllStructGetPtr($tProcess))
$iPID = DllStructGetData($tProcess, "ProcessID")
$hProcess = DllStructGetData($tProcess, "hProcess")
$hThread = DllStructGetData($tProcess, "hThread")
Do
	ResumeThread($hThread)
	Sleep($iDelay)
	SuspendThread($hThread)
	$dwBase = _MemoryModuleGetBaseAddress($iPID, $sProcessName)
Until $dwBase <> -1

Func ResumeThread($hThread)
	DllCall("Kernel32.dll", "int", "ResumeThread", "hwnd", $hThread)
EndFunc

Func SuspendThread($hThread)
	DllCall("Kernel32.dll", "int", "SuspendThread", "hwnd", $hThread)
EndFunc

Func _MemoryModuleGetBaseAddress($iPID, $sModule)
	If Not ProcessExists($iPID) Then Return SetError(1, 0, 0)
	If Not IsString($sModule) Then Return SetError(2, 0, 0)
	Local $PSAPI = DllOpen("psapi.dll")
	Local $hProcess
	Local $PERMISSION = BitOR(0x0002, 0x0400, 0x0008, 0x0010, 0x0020)
	If $iPID > 0 Then
		Local $hProcess = DllCall("kernel32.dll", "ptr", "OpenProcess", "dword", $PERMISSION, "int", 0, "dword", $iPID)
		If $hProcess[0] Then
			$hProcess = $hProcess[0]
		EndIf
	EndIf
	Local $Modules = DllStructCreate("ptr[1024]")
	Local $aCall = DllCall($PSAPI, "int", "EnumProcessModules", "ptr", $hProcess, "ptr", DllStructGetPtr($Modules), "dword", DllStructGetSize($Modules), "dword*", 0)
	If $aCall[4] > 0 Then
		Local $iModnum = $aCall[4] / 4
		Local $aTemp
		For $i = 1 To $iModnum
			$aTemp = DllCall($PSAPI, "dword", "GetModuleBaseNameW", "ptr", $hProcess, "ptr", Ptr(DllStructGetData($Modules, 1, $i)), "wstr", "", "dword", 260)
			If $aTemp[3] = $sModule Then
				DllClose($PSAPI)
				Return Ptr(DllStructGetData($Modules, 1, $i))
			EndIf
		Next
	Else
		Return -1
	EndIf
	DllClose($PSAPI)
	Return SetError(-1, 0, 0)
EndFunc
Attached Files
File Type: rar start suspended.rar (590.7 KB, 11 views)
[Beatrice] is offline  
Thanks
1 User
Reply

« AutoIT Subscript used on non accessible Variable | Autoit/Koda Tutorial! »

Similar Threads Similar Threads
[Buying] WTB FLAG OF WIN BOX OR HB Flag of Win
09/04/2017 - Dekaron Trading - 0 Replies
As title says i buy one of those the box or the HB wings. i can pay thru PayPal. PM me the skype.
[Selling] Verkaufe TCG-Item "OWN3D"-Flag / Flag of Ownership
12/16/2013 - World of Warcraft Trading - 20 Replies
Hey Leute, habe wieder ein paar Karten bekommen. Unter den Loots sind 2x die Flag of Ownership. http://ingame.ingame.de/pics/48210_530_397.jpg Preis: 1500 e*gold, 25€ / Stück Zahlungsmöglichkeiten: PayPal, Überweisung, E*Gold Auf Lager: 1
Creating an WSG flag pickup bot.
02/16/2006 - World of Warcraft - 1 Replies
I'm wondering why noone has tried to make a wsg flag pickup bot like the old counter-strike aimbots used to work? Replace the WSG flag textures and/or model with a full blue colored one (or similar) and simply make the mouse automaticly direct to it and click as soon as it appears? If lightning is an issue I'm sure there's a way to work around that, I've been trying 3DAnalyze with the option "disable lightning" wich has removed the transparancy from stealth (amongst other things).



All times are GMT +2. The time now is 23:12.

elitepvpers - play less, get more - Top

Powered by vBulletin®
Copyright ©2000 - 2026, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.

Support | Contact Us | FAQ | Advertising | Privacy Policy | Terms of Service | Abuse
Copyright ©2026 elitepvpers All Rights Reserved.