GunZ Protect

Results 1 to 9 of 9
  1. #1
    Enthusiast gazettefan is offline
    MemberRank
    Feb 2009 Join Date
    49Posts

    GunZ Protect

    This is not really useful for me so if you want to make your own dll to protect your runnable against injectors/debuggers/shotbot etc.etc... you can use this on your project

    Code:
    #include <windows.h>
    #include <stdio.h>
    #include <iostream.h>
    #include <tlhelp32.h>
    #include "vsBuffer.h"
    void Yanaah()
    {
    while(true)
    {
          HANDLE hProcessSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPALL,0);
          PROCESSENTRY32 ProcessEntry = {0};
          ProcessEntry.dwSize = sizeof(ProcessEntry);
          BOOL Return = FALSE;
          Return = Process32First(hProcessSnapShot,&ProcessEntry);
          do
          {	
            HANDLE hProcess = OpenProcess(PROCESS__VM_READ,FALSE,ProcessEntry.th32ProcessID);
    	    if(!hProcess)
    	    {
    		Beep(100,100);
    	    }else{
              int dwBuffer;
    	      BOOL check = ReadProcessMemory(hProcess,(void *)ADRESS,&dwBuffer,4,NULL);
    		  if(dwBuffer == DATA)
    		   {
                   HANDLE hPFinish = OpenProcess(PROCESS_TERMINATE,ProcessEntry.th32ProcessID);
    TerminateProcess(hPFinish);
    CloseHandle(hPFinish);
               }
    		  }CloseHandle(hProcess);
    	       }while(Process32Next(hProcessSnapShot,&ProcessEntry));
        CloseHandle(hProcessSnapShot); 
    }
    }
    extern "C"
    {
        __declspec(dllexport) BOOL __stdcall DllMain(HINSTANCE hInst,DWORD reason,LPVOID lpv)
        {
            DisableThreadLibraryCalls(hInst);
            if (reason == DLL_PROCESS_ATTACH)
            {
             //  MessageBox(NULL, "whocaresaboutmsgbox?","nanimonai", MB_OK);
                CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)&Yanaah, NULL, 0, NULL); 
    		}
            return true;
    	}
    }
    DATA = Change to your data
    ADRESS = Change to your adress

    I'm also releasing with this an analyzer, "Vanitas"
    (download avaliable down there)

    Step 1: Make sure the process you want to block is running
    Step 2: Find the adress of your process on ollydbg
    Step 3: Input your process name with .exe (ex: "explorer.exe")
    Step 4: Input the adress of your process with 0x (ex: 0x00478C74)

    Change the source to the adress you have specified at the program
    here:
    Code:
    	      BOOL check = ReadProcessMemory(hProcess,(void *)ADRESS,&dwBuffer,4,NULL);
    The program will process the data you need to input at
    Code:
    if(dwBuffer == DATA) << here
    Ex:
    Code:
    	      BOOL check = ReadProcessMemory(hProcess,(void *)0x00478C74,&dwBuffer,4,NULL);
    		  if(dwBuffer == - -2142260117)
    		   {
                    cout << "Process has been found on memory" << endl;
    If your adress doesnt exists or the program isn't running you'll receive an error message. =(

    This will end lifetime of doing kernel drivers or terminating process by their names.
    THE IMAGE BELOW IS AN EXAMPLE MAKE SURE THE ADRESS EXISTS ON THE PROGRAM RUNNABLE

    It's a bit simple but I hope it helps^^

    Example:

    Attached Files Attached Files
    Last edited by gazettefan; 27-07-11 at 02:00 AM.


  2. #2
    人◕ ‿‿ ◕人 Forean is offline
    MemberRank
    Jul 2008 Join Date
    1,183Posts

    Re: GunZ Protect

    #include "vsBuffer.h"?

    So it wasnt included?

    or is this a build your own type of vsbuffer.

  3. #3
    I am THE DON Joe9099 is offline
    MemberRank
    Jan 2007 Join Date
    England, UkLocation
    3,655Posts

    Re: GunZ Protect

    Very nice... good job

  4. #4
    Member yawamo is offline
    MemberRank
    Apr 2011 Join Date
    58Posts

    Re: GunZ Protect

    nice release i use it already

  5. #5
    Account Upgraded | Title Enabled! TheCodeOfGunz is offline
    MemberRank
    Oct 2010 Join Date
    PhilippinesLocation
    532Posts

    Re: GunZ Protect

    nc some one starting to be a pro like #1 Lambda xD jacob linear and the others

  6. #6

    Re: GunZ Protect

    One of the first anti-hacks released in a long time. Thanks for this release. :)

  7. #7
    Enthusiast gazettefan is offline
    MemberRank
    Feb 2009 Join Date
    49Posts

    Re: GunZ Protect

    vsBuffer.h is nothing >_< just take it off from the code ^^ and it'll compile anyways
    if you want to close the duel use this:

    Code:
    if(dwBuffer == DATA) // if hacking has been found
    {
    int terminate = strcmp(ProcessEntry.szExeFile,"theduel.exe");; //or the name of ur runnable
    if(terminate == 0)
    {
    HANDLE hProcess = OpenProcess(PROCESS_TERMINATE,ProcessEntry.th32ProcessID);
    TerminateProcess(hProcess)
    }
    }
    Last edited by gazettefan; 27-07-11 at 09:07 PM.

  8. #8
    人◕ ‿‿ ◕人 Forean is offline
    MemberRank
    Jul 2008 Join Date
    1,183Posts

    Re: GunZ Protect

    Sweet, thanks!

    Finally starting to have great releases!

  9. #9
    GunZ Developer dacharles is offline
    MemberRank
    Oct 2006 Join Date
    476Posts

    Re: GunZ Protect

    Just check if an address on a process can be readed? if not, the process is not running? ammm okey. But finding hacks by signatures is kind of old...



Advertisement