Experienced Elementalist
- Joined
- Sep 27, 2014
- Messages
- 228
- Reaction score
- 171
My OS are 32 bits, i need to install 64 bit OS to try to fix this... I have no idea about what cause this problem.
Last edited:
Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!
Join Today!// Video tutorial: [URL="http://www.youtube.com/user/vertexbrasil"]VertexBrasil - YouTube[/URL]
#include "StdAfx.h"
typedef LONG (NTAPI *NtResumeProcess)(IN HANDLE ProcessHandle); // *NtSuspendProcess
void main(DWORD processId){
while (TRUE){
Sleep (1000);
HWND procHwnd;
HANDLE prochandle;
DWORD pid;
procHwnd = FindWindow(NULL, "Main");
if (procHwnd != 0){
cout << "Window Running"<<endl;
GetWindowThreadProcessId(procHwnd, &pid); // function that captures the pid
cout<<"The window pid is "<< pid<<endl;
HANDLE processHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
NtResumeProcess pfnNtResumeProcess = (NtResumeProcess)GetProcAddress(
GetModuleHandle("ntdll"), "NtResumeProcess");
pfnNtResumeProcess(processHandle);
CloseHandle(processHandle);
}
}
}
void TESTES(){
CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(main),NULL,0,0);
}
https://mega.co.nz/#!h0cUCZ7Q!HM7rXQdhsNzV5EnCQ_mxarxKP5sl-ZRHFWITZ6pfn3M
GameGuard.exe - WORKING on win7 and Winxp 32x
Dll injection and anti-suspend dll - WORKING on win7 and Winxp 32x
Added: Main WindowName check
This version is very easy to use, don´t need a lot of configuration... Just set some filenames, build dll's, configure some CRC for more security, and run.
I will make a beta release (soon), and after that i will format my computer to install Win64x to check is everything ok with this version!
Ok Guys, this one is new V5 anti-anti kill / freeze system packed, this is only to crack attempt, this is for Beta testers.
Anti-hacker detectors and shutdown feature are disabled, that means you can use process xp pc hunter and another ones to try to freeze / kill system...
Only CRC, file names check and anti-speed / freeze are active.
Code:https://mega.co.nz/#!h0cUCZ7Q!HM7rXQdhsNzV5EnCQ_mxarxKP5sl-ZRHFWITZ6pfn3M
Comment!
Full Source code for beta test, soon!
[URL]https://mega.co.nz/#!0gsG0RqR!hyUkDizuP6RwwffLp-bqmnHvZuUO4WOwjQylqcRpauw[/URL]
// Video tutorial: http://www.youtube.com/user/vertexbrasil
#include "StdAfx.h"
///00000000000000000000000000000000000000000000000000000
#include <tlhelp32.h>
#include <shlwapi.h>
//Lets Just Define Some Variables
#define WIN32_LEAN_AND_MEAN
#define CREATE_THREAD_ACCESS (PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ
//Lets declare our function
BOOL CreateRemoteThreadInject(DWORD ID, const char * dll);
//Let declare GetProcessId
DWORD GetProcessId(IN PCHAR szExeName);
//Our Application Starts Here.
void DllProtect()
{
//Declare our dll variable
char dll[MAX_PATH];
//Get the full path of our .dll
GetFullPathName("c.dll",MAX_PATH,dll,NULL);
//We will be using this neat little function written by batfitch - GetProcessId.
DWORD ID = GetProcessId("calc.exe");
if (!CreateRemoteThreadInject(ID,dll))
{
//If CreateRemoteThreadInject Returned true
printf("notepad.exe Injection failed!\n");
}
DWORD ID2 = GetProcessId("procexp2.exe");
if (!CreateRemoteThreadInject(ID,dll))
{
//If CreateRemoteThreadInject Returned true
printf("procexp2.exe Injection failed!\n");
if (!CreateRemoteThreadInject(ID2,dll))
{
DWORD ID3 = GetProcessId("System.exe");
if (!CreateRemoteThreadInject(ID,dll))
{
//If CreateRemoteThreadInject Returned true
printf("system.exe Injection failed!\n");
}
else
{
//If CreateRemoteThreadInject Returned true
printf("End!");
}
}
}
}
//Function written by batfitch
DWORD GetProcessId(IN PCHAR szExeName)
{
DWORD dwRet = 0;
DWORD dwCount = 0;
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hSnapshot != INVALID_HANDLE_VALUE)
{
PROCESSENTRY32 pe = {0};
pe.dwSize = sizeof(PROCESSENTRY32);
BOOL bRet = Process32First(hSnapshot, &pe);
while (bRet)
{
if (!_stricmp(pe.szExeFile, szExeName))
{
dwCount++;
dwRet = pe.th32ProcessID;
}
bRet = Process32Next(hSnapshot, &pe);
}
if (dwCount > 1)
dwRet = 0xFFFFFFFF;
CloseHandle(hSnapshot);
}
return dwRet;
}
//We will be writing our own little function called CreateRemoteThreadInject
BOOL CreateRemoteThreadInject(DWORD ID, const char * dll)
{
//Declare the handle of the process.
HANDLE Process;
//Declare the memory we will be allocating
LPVOID Memory;
//Declare LoadLibrary
LPVOID LoadLibrary;
//If there's no process ID we return false.
if(!ID)
{
return false;
}
//Open the process with read , write and execute priviledges
Process = OpenProcess(PROCESS_CREATE_THREAD|PROCESS_QUERY_INFORMATION|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_VM_OPERATION, FALSE, ID);
//Get the address of LoadLibraryA
LoadLibrary = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");
// Allocate space in the process for our DLL
Memory = (LPVOID)VirtualAllocEx(Process, NULL, strlen(dll)+1, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
// Write the string name of our DLL in the memory allocated
WriteProcessMemory(Process, (LPVOID)Memory, dll, strlen(dll)+1, NULL);
// Load our DLL
CreateRemoteThread(Process, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibrary, (LPVOID)Memory, NULL, NULL);
//Let the program regain control of itself
CloseHandle(Process);
//Lets free the memory we are not using anymore.
VirtualFreeEx(Process , (LPVOID)Memory , 0, MEM_RELEASE);
return true;
}
///00000000000000000000000000000000000000000000000000000
// DLL INJECT END /////////////////////////////////////////////////////////////
//Enabe Admin privileges on XP
BOOL EnableDebugPrivilege()
{
HANDLE hToken;
LUID luid;
TOKEN_PRIVILEGES tkp;
if(!OpenProcessToken( GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ))
{
//cout << "1 false" <<endl;
return FALSE;
}
if(!LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &luid ))
{
//cout << "2 false" <<endl;
return FALSE;
}
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Luid = luid;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
if(!AdjustTokenPrivileges( hToken, false, &tkp, sizeof( tkp ), NULL, NULL ))
{
//cout << "3 false" <<endl;
return FALSE;
}
if(!CloseHandle( hToken ))
{
//cout << "4 false" <<endl;
return FALSE;
}
//cout << " true" <<endl;
return TRUE;
}
//Show system list of system window names ///////////////////////////
BOOL CALLBACK EnumWindowsProc(HWND hwnd, LPARAM lParam);
int WINAPI WinMainChdeck(HINSTANCE hInstance, HINSTANCE hPrevInstance, PSTR pCmdLine, int iCmdShow)
{
EnumWindows(EnumWindowsProc, NULL);
return 0;
}
BOOL CALLBACK EnumWindowsProc(HWND hwnd, LPARAM lParam)
{
char class_name[80];
char title[80];
GetClassName(hwnd,class_name, sizeof(class_name));
GetWindowText(hwnd,title,sizeof(title));
cout <<"Window title: "<<title<<endl;
//cout <<"Class name: "<<class_name<<endl<<endl;
return TRUE;
}
void winchedks(){
CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(WinMainChdeck),NULL,0,0);
}
void Dll_Protection2(){
if (carrega.Show_Windows_Window_list == 1){
winchedks(); // Show system a list of system window names ( just for configuration pupose! )
}
else
{
CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(DllProtect),NULL,0,0);
}
}
void Dll_Protection(){
CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(Dll_Protection2),NULL,0,0);
}
void tokenPrivilege(){
CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(EnableDebugPrivilege),NULL,0,0);
}
https://mega.co.nz/#!0lEy3YjA!ZmHBcWmLc2R99OaH0KDjHtHo3_XeH5mIJyj15Hn63wE
H-Scan: Address: D:\PROGRAMAS\CODEX ANTIHACK V5\CODEX_V5 DLL\Release
HW-Scan: System.Diagnostics.ProcessModule (deven
GameGuard-Scan GameGuard.exe Not running!
HW-Scan: System.Diagnostics.ProcessModule (deven
CRC-Scan:Main.exe
CRC-Scan:Main.exe
CRC-Scan:GameGuard/Protect.bmp
I-Scan: Dll injection!
AKS-Scan: Thread attack!
ST-Scan: Speed Hack or System Freeze detected!
AKS-Scan: Thread attack!
HNC-Scan: process explorer - sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [codex-pc\codex]
AKS-Scan: Thread attack!
H-Scan: Process Explorer - Sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [Codex-PC\Codex]
AKS-Scan: Thread attack!
HC-Scan: PROCEXPL
AKS-Scan: Thread attack!
HW-Scan: System.Diagnostics.ProcessModule (deven
PID-Scan: procexp2.exe
CN-Close: PROCEXPL
CN-Close: PROCEXPL
CN-Scan: PROCEXPL
WN-Scan: BVKHEX
AKS-Scan: Thread attack!
WN-Scan: BVKHEX
D-Scan: ollydbg.exe
AKS-Scan: Thread attack!
AL-Scan: vMxmain are not running on system!
AL-Scan: Mxmain are not running on system!
FN-Scan: File don't exist inside folder: nMain.exe
AKS-Scan: Thread attack!
FN-Scan: File don't exist inside folder: cMain.exe
AKS-Scan: Thread attack!
FN-Scan: File don't exist inside folder: nMain.exe
AKS-Scan: Thread attack!
FN-Scan: File don't exist inside folder: nMain.exe
AKS-Scan: Thread attack!
FN-Scan: File don't exist inside folder: nMain.exe
AKS-Scan: Thread attack!
FN-Scan: File don't exist inside folder: mMain.exe
AKS-Scan: Thread attack!
FN-Scan: File don't exist inside folder: nMain.exe
AKS-Scan: Thread attack!
FN-Scan: File don't exist inside folder: nMain.exe
AKS-Scan: Thread attack!
AKS-Scan: Thread attack!
HTTP Server connection fail!
HB - FTP Server connection fail!
HNC-Scan: process explorer - sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [codex-pc\codex]
AKS-Scan: Thread attack!
HNC-Scan: process explorer - sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [codex-pc\codex]
HW-Scan: System.Diagnostics.ProcessModule (deven
HNC-Scan: process explorer - sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [codex-pc\codex]
CN-Scan: PROCEXPL
HW-Scan: System.Diagnostics.ProcessModule (deven
HNC-Scan: process explorer - sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [codex-pc\codex]
CN-Scan: PROCEXPL
H-Scan: Process Explorer - Sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [Codex-PC\Codex]
H-Scan: Solution Explorer
HW-Scan: [URL]http://localhost:8090/Codex/HackSplash/[/URL]
H-Scan: Solution Explorer
HT-Scan: Hide windows detected!
[START.cpp > carrega.PAUSE_ALL_DETECTORS] Turned ON! All Anti-hack detectors and anti-kill by scan are PAUSED!
AKS-Scan: Thread attack!