• Amused
  • Angry
  • Annoyed
  • Awesome
  • Bemused
  • Cocky
  • Cool
  • Crazy
  • Crying
  • Down
  • Drunk
  • Embarrased
  • Enraged
  • Friendly
  • Geeky
  • Godly
  • Happy
  • Hateful
  • Hungry
  • Innocent
  • Meh
  • Piratey
  • Poorly
  • Sad
  • Secret
  • Shy
  • Sneaky
  • Tired
  • Wtf
  • At Work
  • CodenzHub
  • Coding
  • Deejaying
  • Donating
  • Drinking
  • Eating
  • Editing
  • Hacking
  • Hate Mailing
  • Jamin'
  • Lagging
  • Live Streaming
  • Lurking
  • No Status
  • Pawning
  • PC Gaming
  • PS Gaming
  • Raging
  • Reversing
  • Sleeping
  • Steam Gaming
  • Trolling
  • TwitchStreamer
  • Vodka!
  • Watching TV/Movie
  • Xbox Gaming
  • Youtuber
  • Zombies
  • Page 1 of 2 12 LastLast
    Results 1 to 10 of 13
    1. #1
      Respected Hacker
      Learning to hack games!
       
      Coding
       
      till0sch's Avatar
      Join Date
      Oct 2012
      Location
      Germany.
      Posts
      1,168
      Thanks (-->)
      179
      Thanks (<--)
      340

      [Help please] WriteProcessMemory hook

      Silent VPN
      Hey.


      I'm currently programming a WPM hook.

      Here is the code:


      Code:
      // dllmain.cpp : Defines the entry point for the DLL application.
      #include "stdafx.h"
      #include <iostream>
      #include <Windows.h>
      #include "detours.h"
      #include <sstream>      // std::stringstream, std::stringbuf
      #include <string>       // std::string
      #include <iostream>     // std::cout
      #include <sstream>      // std::stringstream, std::stringbuf
      #include <conio.h>
      
      using namespace std;
      
      typedef void ( APIENTRY *WriteProcessMemory_t )( _In_   HANDLE hProcess,
        _In_   LPVOID lpBaseAddress,
        _In_   LPCVOID lpBuffer,
        _In_   SIZE_T nSize,
        _Out_  SIZE_T *lpNumberOfBytesWritten );
      
      WriteProcessMemory_t pWriteProcessMemory = NULL;
      
      // Hooked WPM
      void APIENTRY Hooked_WPM(_In_   HANDLE hProcess,
        _In_   LPVOID lpBaseAddress,
        _In_   LPCVOID lpBuffer,
        _In_   SIZE_T nSize,
        _Out_  SIZE_T *lpNumberOfBytesWritten)
      {
      	(*pWriteProcessMemory) (hProcess,
         lpBaseAddress,
         lpBuffer,
        nSize,
        _Out_ lpNumberOfBytesWritten);
      
      }
      
      void *DetourFunc( BYTE *src, const BYTE *dst, const int len )
      {
      	BYTE *jmp = (BYTE*)malloc( len + 5 );
      	DWORD dwback;
      	VirtualProtect( src, len, PAGE_READWRITE, &dwback );
      	memcpy( jmp, src, len );
      	jmp += len;
      	jmp[0] = 0xE9;
      	*(DWORD*)( jmp + 1 ) = (DWORD)( src + len - jmp ) - 5;
      	src[0] = 0xE9;
      	*(DWORD*)( src + 1 ) = (DWORD)( dst - src ) - 5;
      	VirtualProtect( src, len, dwback, &dwback );
      	return ( jmp - len );
      }
      
      
      void HookWPM() // This hooks WPM
      {
      		HMODULE Kernel32 = GetModuleHandle("kernel32.dll");
      		pWriteProcessMemory = (WriteProcessMemory_t)DetourFunc( (LPBYTE)GetProcAddress(Kernel32, "WriteProcessMemory" ), (LPBYTE)&Hooked_WPM, 6); 
      }
      
      DWORD WINAPI dwMainThread( LPVOID )
      {	
      	HookWPM();
      	return TRUE;
      }
      
      BOOL APIENTRY DllMain( HMODULE hModule,
                             DWORD  ul_reason_for_call,
                             LPVOID lpReserved
      					 )
      {
      	switch (ul_reason_for_call)
      	{
      	case DLL_PROCESS_ATTACH:
      		{
      			CreateThread(0,0,dwMainThread,0,0,0);
      		}
      	case DLL_THREAD_ATTACH:
      	case DLL_THREAD_DETACH:
      	case DLL_PROCESS_DETACH:
      		break;
      	}
      	return TRUE;
      }


      The hook itself obviously works (MessageBox comes up when I code it in Hooked_WPM. But after that a message comes up with "... has stopped working". I can even read out the address where the process wrote sth. So I dont think something is wrong with the hook itself. But it obviously can't jump back to the original function.


      Would be glad for some suggestions or solutions

    2. #2
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      brinkz's Avatar
      Join Date
      Sep 2012
      Posts
      213
      Thanks (-->)
      5
      Thanks (<--)
      74
      Try it with a different detour function

    3. #3
      Respected Hacker
      Learning to hack games!
       
      Coding
       
      till0sch's Avatar
      Join Date
      Oct 2012
      Location
      Germany.
      Posts
      1,168
      Thanks (-->)
      179
      Thanks (<--)
      340
      Okay I will do that but the hook itself works..

    4. #4
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      brinkz's Avatar
      Join Date
      Sep 2012
      Posts
      213
      Thanks (-->)
      5
      Thanks (<--)
      74
      Tried exactly what you are doing (just changed the return data type of wpm to bool) and used my detours and everything worked well.

    5. #5
      Respected Hacker
      Learning to hack games!
       
      Coding
       
      till0sch's Avatar
      Join Date
      Oct 2012
      Location
      Germany.
      Posts
      1,168
      Thanks (-->)
      179
      Thanks (<--)
      340
      Quote Originally Posted by brinkz View Post
      Tried exactly what you are doing (just changed the return data type of wpm to bool) and used my detours and everything worked well.
      So like that?:

      bool APIENTRY Hooked_WPM(_In_ HANDLE hProcess, etc)

      and then return true; at the end of it after calling original WPM?

    6. #6
      Kim Kong Trasher
      I don't have status.
       
      Raging
       
      c5's Avatar
      Join Date
      Jul 2012
      Location
      Mankei Iland
      Posts
      1,221
      Thanks (-->)
      97
      Thanks (<--)
      492
      If you'd get rid of those _In_ & _Out_ annotations, your code would remain a bit more readable, no?

      And you can just return with a call to pointer
      [Help please] WriteProcessMemory hook

    7. #7
      Respected Hacker
      Learning to hack games!
       
      Coding
       
      till0sch's Avatar
      Join Date
      Oct 2012
      Location
      Germany.
      Posts
      1,168
      Thanks (-->)
      179
      Thanks (<--)
      340
      Quote Originally Posted by c5 View Post
      If you'd get rid of those _In_ & _Out_ annotations, your code would remain a bit more readable, no?

      And you can just return with a call to pointer
      Mh but how do I do that? I have to pass those parameters to the original function or not?

    8. #8
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      brinkz's Avatar
      Join Date
      Sep 2012
      Posts
      213
      Thanks (-->)
      5
      Thanks (<--)
      74
      yeah return pWriteProcessMemory (hProcess lpBaseAddress, lpBuffer,nSize, lpNumberOfBytesWritten);

    9. #9
      Respected Hacker
      Learning to hack games!
       
      Coding
       
      till0sch's Avatar
      Join Date
      Oct 2012
      Location
      Germany.
      Posts
      1,168
      Thanks (-->)
      179
      Thanks (<--)
      340
      Quote Originally Posted by brinkz View Post
      yeah return pWriteProcessMemory (hProcess lpBaseAddress, lpBuffer,nSize, lpNumberOfBytesWritten);
      Oh I what I did wrong here is only that I call the WPM not returning to it. Like this ?

      Code:
      bool APIENTRY Hooked_WPM(_In_   HANDLE hProcess,  _In_   LPVOID lpBaseAddress,  _In_   LPCVOID lpBuffer,  _In_   SIZE_T nSize,  _Out_  SIZE_T *lpNumberOfBytesWritten)
      {
      	return pWriteProcessMemory (hProcess lpBaseAddress, lpBuffer,nSize, lpNumberOfBytesWritten);
      }
      Last edited by till0sch; 04-15-2013 at 01:18 PM.

    10. #10
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      brinkz's Avatar
      Join Date
      Sep 2012
      Posts
      213
      Thanks (-->)
      5
      Thanks (<--)
      74
      Silent VPN
      Yeah this should work, if you add "," after hProcess ^^

    Page 1 of 2 12 LastLast

    Similar Game Hacker Threads

    1. [Tutorial] ReadProcessMemory and WriteProcessMemory
      By wtlyons in forum Game Hacking Tutorials
      Replies: 9
      Last Post: 08-08-2017, 11:43 AM
    2. [Help] DIRECT3D hook vs OPENGL hook
      By blergmasta in forum Direct-X, OpenGL
      Replies: 3
      Last Post: 03-25-2016, 10:18 PM
    3. [Help] [C++][Basic Trainer] WriteProcessMemory Question
      By arlight1 in forum GH Tutorials Help
      Replies: 3
      Last Post: 10-04-2015, 06:19 PM
    4. Setting mouse sensitivity via writeprocessmemory
      By Legolas The Destroyer in forum CS:GO Hacks Help
      Replies: 5
      Last Post: 06-17-2015, 01:24 PM
    5. [Help] Problems with read- /writeprocessmemory on multipointers
      By zepixx in forum GH Tutorials Help
      Replies: 16
      Last Post: 10-27-2014, 10:46 PM

    Tags for this Thread