Jump to content

Prevent program closing and DLL Unload question

Caiol

By Caiol,
in AutoIt General Help and Support

 Share

Recommended Posts

Caiol Seeker

Caiol

Posted
Posted

Hello everybody!

I have a script that is supposed to be a Game Anti hack and i'm searching for possibilities to nothing close the antihack process until the game is running.

Actualy i'm using some newbie codes that block de windows task manager, but the process can be close using anothers task manager.

I'm not doing a malware or malicious program... if someone can help-me, just send a private message to don't let the explicit answer/code.

Searching i've found this:

http://allapi.mentalis.org/apilist/RegisterServiceProcess.shtml

It's a function that can hide the process from task manager, but the function RegisterServiceProcess() isn't at the Kernel32.dll in Windows XP+...

If someone knows something related, i'll be grateful...

-------------------------------------------------------------------

Another question:

At the same game anti hack script, i've done a DLL comparation and if it find a strange module, it closes the game and show an error. I've found some script that can 'unload' the module... have problem if i unload some program module or no hacking module?

Thanks! :)

Sorry for my english... :)

Link to comment
Share on other sites
Uriziel01 Universalist

Uriziel01

Posted
Posted

Hello.

If it is your game you can put a code inside that will check if the "protecting" process is still running (and exchange some data with it to prevent process suspension), if no close the game. To prevent using another file with the same .exe name better check the exact file size of even better make a MD5 hash. If you cant put anything in the game code You'll have to use some simple 2 files method. Run simultaneously two apps, both of them will check if the game isnt hacked and both of them will check each other if both are running (you need to also do some MD5 hashes to prevent file exchanges), if any of the files is missing or process is closed/suspended terminate the game. You also have to keep the second program in the first one (and first one in the second one) to FileInstall it when will be removed from system.

p.s-If you want to get more secured you will HAVE to keep some communication way between those two apps (to prevent suspending one of them by some fancy TaskManager) i would say it is best to use 2 ways (memory read/write and for example changing some register keys)

p.s2-But in the end all protections can be hacked finally ;P Good luck !

Link to comment
Share on other sites
Caiol Seeker

Caiol

Posted
  • Author
Posted

Thanks for the reply, man!!

Thanks for the ideia, i'll do it. :)

Someone knows something more to "hide process" or don't close the game antihack process?

And about the module unload?

Thanks a lot! :)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...