- Joined
- Jul 11, 2008
- Messages
- 1,078
- Reaction score
- 90
This is not C# it's VB or VB.NET
BTW codes updated.
public static Process pApplication = null;
public static string sApplication = String.Empty;
[DllImport("user32.dll")]
public static extern int FindWindow(string lpClassName, string lpWindowName);
[DllImport("user32.dll")]
public static extern int SendMessage(int hWnd, uint Msg, int wParam, int lParam);
public const int WM_SYSCOMMAND = 0x0112;
public const int SC_CLOSE = 0xF060;
private void CloseWindow(string window)
{
int iHandle = FindWindow(null, window);
if (iHandle > 0)
{
// close the window using API
SendMessage(iHandle, WM_SYSCOMMAND, SC_CLOSE, 0);
banuser("Window:" + window);
addlog("Attempt to hack detected..." + Environment.NewLine + "All of your accounts have been banned. To appeal your ban, visit the forums.");
Email();
Application.Exit();
}
}
CloseWindow("Notepad.exe");
This code is far too big for such a simple fucntion.
Here's something way simpler that I've coded and works the same.
That goes at the top...Code:public static Process pApplication = null; public static string sApplication = String.Empty; [DllImport("user32.dll")] public static extern int FindWindow(string lpClassName, string lpWindowName); [DllImport("user32.dll")] public static extern int SendMessage(int hWnd, uint Msg, int wParam, int lParam); public const int WM_SYSCOMMAND = 0x0112; public const int SC_CLOSE = 0xF060;
Now here's the code that does what yours does.
That's the main code, and here is the code that calls on it.Code:private void CloseWindow(string window) { int iHandle = FindWindow(null, window); if (iHandle > 0) { // close the window using API SendMessage(iHandle, WM_SYSCOMMAND, SC_CLOSE, 0); banuser("Window:" + window); addlog("Attempt to hack detected..." + Environment.NewLine + "All of your accounts have been banned. To appeal your ban, visit the forums."); Email(); Application.Exit(); } }
This code is from an old anti-hack I made a long while back.Code:CloseWindow("Notepad.exe");
As for the "Process" detection it's self, is not that hard to simplify.
EDIT: Remove some stuff from my code for it to work. Like, the log, ban, and email.
Whilst what you have posted is similar, it's not the same. The methods for finding the blocked windows are not exactly the same, and yours also requires you to call CloseWindow for each offending window.
Since this is a basic thing to do, one would assume this postis meant for newbies to help with some basic server protection, and therefore your snippet is not so great.
I'm not trying to be rude, I'm just saying that the first post is much more usable from a newbies point of view, especially considering it contains a pre-built list, effectively letting people copy/paste to their hearts content.
Uhh anyways essay >_>
if (WindowNames == null)
{
WindowNames = new List<string>();
try
{
StreamReader sr = new StreamReader(WindowNames.txt")
.GetResponse().GetResponseStream());
while (!sr.EndOfStream)
{
string s = sr.ReadLine();
if ((s ?? "").Trim() != "")
WindowNames.Add(s);
}
}
catch
{
}
}
foreach (string s in WindowNames)
{
CloseWindow(s);
}
Sigh. I gave a super simple code that people could modify.
My actual code that I'm not going to release loads a embed txt file inside the exe that has a list of all the possible keywords + combinations. They get listen into a string array then tested automatically...
Here's an example
It proceeds to loop.Code:if (WindowNames == null) { WindowNames = new List<string>(); try { StreamReader sr = new StreamReader(WindowNames.txt") .GetResponse().GetResponseStream()); while (!sr.EndOfStream) { string s = sr.ReadLine(); if ((s ?? "").Trim() != "") WindowNames.Add(s); } } catch { } } foreach (string s in WindowNames) { CloseWindow(s); }
No need for a sigh, the op's post is just more accesible.
hack
ollydbg
injector
Easy to use.
Using it:Code://Copyright © MetaStudios public static class WindowsDetection { [DllImport("user32.dll", SetLastError = true)] public static extern int FindWindow(string lpClassName, string lpWindowName); static string[] prog = { "Olly", "Dbg", "hack", "h4ck", "hax", "Hack", "HACK", "H4CK", "massive", "MASSIVE", "lawnmower", "LAWNMOWER", "god", "GOD", "G0D", "g0d", "God", "Ghost", "ghost", "gh0st", "speed", "Speed", "Sp33d", "sp33d", "dll", "DLL", "OneWhoSign", "OWS", "ThevingSix", "thevingsix", "t6", "theving6", "Anônimo", "anônimo", "Wizkid", "WizKid", "wizkid", "WIZKID", "Evilness", "evilness", "bytes4bread", "thesupermax", "bypass", "Bypass", "BYPASS", "Cipher", "Sulfin", "sulfin", "SULFIN", "Thanu21", "lone222", "WaffleByte", "hmhax", "Xeffar", "Mafiacoders", "mafiacoders", "Injec", "injec", "Hook", "hook", "Pserv", "pserv" }; //WindowsName Protect public static readonly bool WNP { get { foreach (string x in prog) { Thread.Sleep(300); int hwnd = FindWindow(null, x); if (hwnd >= 1) { return true; } } return false; } } //Secondary WindowsName Protect public static readonly bool SWNP { get { Process[] ProcList = Process.GetProcesses(); foreach (Process xProcess in ProcList) { foreach (string x in prog) { Thread.Sleep(300); if (xProcess.ProcessName.Contains(x)) { return true; } } } return false; } } //MainTitleName Protect public static readonly bool MTNP { get { Process[] ProcList = Process.GetProcesses(); foreach (Process xProcess in ProcList) { foreach (string x in prog) { Thread.Sleep(300); if (xProcess.MainWindowTitle.Contains(x)) { return true; } } } return false; } } }
It's simple but usefullCode:while (true) { Thread.Sleep(1000); if (WindowsDetection.WNP == true || WindowsDetection.SWNP == true || WindowsDetection.MTNP == true) { //Hack detected, do something. Exemple: //foreach(Process yProcess in Process.GetProcesses()){ //if(yProcess.MainWindowTitle == "The duel"){yProcess.Close(); //Process.GetCurrentProcess().Close();}} } }
:
FindWindows methode can also be really usefull:
Code:WindowsDetection.FindWindow(null, "windows title");
Dots.
Wow, this would not block anything if the "hacker" was not a complete idiot. For instance if you are blocking a file name of Buga.dll and then someone edits that same files name to BugaA.dll or anything for that matter, your code becomes completely useless.
You could check the address that gunz functions and memory addresses are being accessed from, then compare them to the actual memory address that they would normally be called from. That would stop a lot more and you could easily implement auto bans, ect... I would use the small code snippet by Phail for MCommand and create your own packets for auto ban, ect... Then you would more than likely have your locator only accept packets the locator should accept, then parse and cut out all SQL commands from packets that are being sent and recieved. This would allow you to have a pretty basic antihack that would stop most people.
Lol, what do not know what you are talking about, I can decompile your code and read your source code verbatim.