Jump to content

[Help] Suspend Threads for addresses [Colors Default] ;D

magnuns2011
 Share

Recommended Posts

magnuns2011 Seeker

magnuns2011

Posted
Posted (edited)

I was trying to suspend the threads of an application, I get theProcess Explorer, and the source code I have is only possible byTID​​.

How do I suspend a Start Address?

Example:. (raidcall.exe! fcEXP +07852)

Application: Raidcall.exe

Raidcall and a program to communicate only through themicrophones of the Clans you guys can chat by typing itwithout getting up much easier communication

The change will only change for me.

The final script is Suspend Threads Audio Program, so I can injectmy Speex and make similar changes in Application "MorphoVox,"this is just one of the procedures, edit codec's I need to do to complete my work.

Thank you

Anyone can show you how to Suspend thread by Address (static) because TID is Dynamic.

I need to suspend instead of killing the threads that do not close the Application and execution of my DLL and run it.

The Print and my code below.

#NoTrayIcon[/font][/font][/color]
[color=#d3d3d3][font=helvetica, arial, sans-serif][font=arial, sans-serif]If ProcessExists("explorer.exe") Then
Else
If Not IsDeclared("iMsgBoxAnswer") Then Local $IMSGBOXANSWER
$IMSGBOXANSWER = MsgBox(16, "Erro!", "RaidCall no Have Fun!.", 7)
Select
  Case $IMSGBOXANSWER = -1
  Case Else
EndSelect
Exit
EndIf
If ProcessExists("raidcall.exe") Then
Else
If Not IsDeclared("iMsgBoxAnswer") Then Local $IMSGBOXANSWER
$IMSGBOXANSWER = MsgBox(16, "Erro!", "Functional Only on Windows!", 7)
Select
  Case $IMSGBOXANSWER = -1
  Case Else
EndSelect
Exit
EndIf
  ProcessExists("raidcall.exe")
_ThreadSuspend("raidcall.exe!fcEXP+0x07852")
_ThreadSuspend("rasman.dll!RasAddNotification+0x384")
_ThreadSuspend("mswsock.dll+0x6f14")
_ThreadSuspend("raidcall.exe+084ba3")
Func _ThreadResume($TID)
$Handle = DllCall("kernel32.dll","ptr", "OpenThread","dword", "0x0002","int", "0","dword",$TID)
$i_sucess = DllCall("kernel32.dll","dword","ResumeThread","ptr",$Handle[0])
DllCall("kernel32.dll", "ptr", "CloseHandle", "ptr", $Handle)
EndFunc
Func _ThreadSuspend($TID) ;<---What Command for Address???
    $Handle = DllCall("kernel32.dll","ptr", "OpenThread","dword", "0x0002","int", "0","dword",$TID)
    $i_sucess = DllCall("kernel32.dll","dword","SuspendThread","ptr",$Handle[0])
    DllCall("kernel32.dll", "ptr", "CloseHandle", "ptr", $Handle)
EndFunc
Exit[/font][/font][/color][color=#333333][font=helvetica, arial, sans-serif][font=arial, sans-serif]

Posted Image

Edited by magnuns2011
Valik Universalist

Valik

Posted
Posted

You just fucked up. When I lock a thread you do not create a brand new thread with the exact same content. In fact, that's against the rules. And you damn well don't use fucking stupid ass colors in the thread when that's the entire reason I locked your old thread.

You have a couple days to think about that. I don't know why I don't make it permanent because only colossally stupid people create a brand new thread right after a moderator closes the old one, but whatever.

Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...