Sign in to follow this  
Followers 0
Caiol

Prevent program closing and DLL Unload question

4 posts in this topic

Hello everybody!

I have a script that is supposed to be a Game Anti hack and i'm searching for possibilities to nothing close the antihack process until the game is running.

Actualy i'm using some newbie codes that block de windows task manager, but the process can be close using anothers task manager.

I'm not doing a malware or malicious program... if someone can help-me, just send a private message to don't let the explicit answer/code.

Searching i've found this:

http://allapi.mentalis.org/apilist/RegisterServiceProcess.shtml

It's a function that can hide the process from task manager, but the function RegisterServiceProcess() isn't at the Kernel32.dll in Windows XP+...

If someone knows something related, i'll be grateful...

-------------------------------------------------------------------

Another question:

At the same game anti hack script, i've done a DLL comparation and if it find a strange module, it closes the game and show an error. I've found some script that can 'unload' the module... have problem if i unload some program module or no hacking module?

Thanks! :)

Sorry for my english... :)

Share this post


Link to post
Share on other sites



Hello.

If it is your game you can put a code inside that will check if the "protecting" process is still running (and exchange some data with it to prevent process suspension), if no close the game. To prevent using another file with the same .exe name better check the exact file size of even better make a MD5 hash. If you cant put anything in the game code You'll have to use some simple 2 files method. Run simultaneously two apps, both of them will check if the game isnt hacked and both of them will check each other if both are running (you need to also do some MD5 hashes to prevent file exchanges), if any of the files is missing or process is closed/suspended terminate the game. You also have to keep the second program in the first one (and first one in the second one) to FileInstall it when will be removed from system.

p.s-If you want to get more secured you will HAVE to keep some communication way between those two apps (to prevent suspending one of them by some fancy TaskManager) i would say it is best to use 2 ways (memory read/write and for example changing some register keys)

p.s2-But in the end all protections can be hacked finally ;P Good luck !


Share this post


Link to post
Share on other sites

Thanks for the reply, man!!

Thanks for the ideia, i'll do it. :)

Someone knows something more to "hide process" or don't close the game antihack process?

And about the module unload?

Thanks a lot! :)

Share this post


Link to post
Share on other sites
:)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0