 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
 Posted: Mon Jan 04, 2010 8:17 pm Post subject: Vista Sucks |
 |
|
| Code: |
#include <windows.h>
#include <iostream>
#include <string>
using namespace std;
void main()
{
string DllPath = "C:\\Users\\Al - Homedawy\\Documents\\Visual Studio 2008\\Projects\\Memory Engine (Dll)\\Debug\\Memory Engine (Dll).dll";
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
if (OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
{
LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tkp.Privileges[0].Luid);
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, 0, &tkp, sizeof(tkp), NULL, NULL);
}
HWND hWnd = FindWindowA(NULL, "Untitled - Notepad");
DWORD pID;
GetWindowThreadProcessId(hWnd, &pID);
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pID);
LPVOID Address = VirtualAllocEx(hProcess, NULL, strlen(DllPath.c_str()), MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE);
if (!Address)
{
cout << "Error - Address" << endl;
}
SIZE_T BytesWritten;
WriteProcessMemory(hProcess, Address, DllPath.c_str(), strlen(DllPath.c_str()), &BytesWritten);
LPVOID LoadLibraryAddress = (LPVOID) GetProcAddress(GetModuleHandleA("kernel32.dll"), "LoadLibraryA");
if (!CreateRemoteThread(hProcess, NULL, NULL, (LPTHREAD_START_ROUTINE) LoadLibraryAddress, (LPVOID) Address, NULL, NULL))
{
cout << "FAIL" << endl;
}
cout << Address << endl;
cin.get();
}
|
CreateRemoteThread() is blocked for security purposes, I open my processes tokens in order to get privilegdes AND ran my program as Administrator, nothing, this is bullshit.
Why the fuck would Microsoft make a fucking API that we won't be able to use?
|
|
| Back to top |
|
 |
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Mon Jan 04, 2010 8:25 pm Post subject: |
|
|
It's not blocked.. You're making the childish mistake of being like 'OMG THE COMPILER/LANGUAGE/OS IS BROKEN'
Do some debugging. Check return addresses as the documentation tells you to.
See if you actually got that token. And make sure you're running that program as admin.
|
|
| Back to top |
|
|
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
| Posted: Mon Jan 04, 2010 9:09 pm Post subject: |
|
|
Did all that, never worked.
Whatever, there are other methods such as CodeCave, SetWindowsHookEx, IAT, etc.
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Mon Jan 04, 2010 9:12 pm Post subject: |
|
|
| It's not frigging hooked or blocked. My injector works perfectly and that uses CreateRemoteThread().
|
|
| Back to top |
|
|
Noz3001
I'm a spammer
 Reputation: 26
Joined: 29 May 2006
Posts: 6220
Location: /dev/null
|
| Posted: Mon Jan 04, 2010 9:40 pm Post subject: |
|
|
Could be other problems.
Hardcoded path, x64 notepad?
|
|
| Back to top |
|
|
hcavolsdsadgadsg
I'm a spammer
![]() Reputation: 26
Joined: 11 Jun 2007
Posts: 5801
|
| Posted: Mon Jan 04, 2010 9:54 pm Post subject: |
|
|
VS has an awesome debugger, use it. I hope you're doing more than just letting it run and seeing if it prints FAIL.
Also gj with the void main().
|
|
| Back to top |
|
|
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
| Posted: Mon Jan 04, 2010 10:23 pm Post subject: |
|
|
@Slugsnack Exactly, thats what I was thinking, its either hooked or blocked. But the real question is, why would Microsoft make a API and block it? What are you gunna earn from that bull?
@slovach Thanks, I am trying to debug things around but I can't see a problem in my code
@Noz3001 Tried it on pinball too, failed.
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Mon Jan 04, 2010 10:28 pm Post subject: |
|
|
| iPromise wrote: | @Slugsnack Exactly, thats what I was thinking, its either hooked or blocked. But the real question is, why would Microsoft make a API and block it? What are you gunna earn from that bull?
@slovach Thanks, I am trying to debug things around but I can't see a problem in my code
@Noz3001 Tried it on pinball too, failed. |
WTFFFF i just said the exact opposite !!!
|
|
| Back to top |
|
|
smartz993
I post too much
 Reputation: 2
Joined: 20 Jun 2006
Posts: 2013
Location: USA
|
| Posted: Mon Jan 04, 2010 10:29 pm Post subject: |
|
|
| iPromise wrote: | @Slugsnack Exactly, thats what I was thinking, its either hooked or blocked. But the real question is, why would Microsoft make a API and block it? What are you gunna earn from that bull?
@slovach Thanks, I am trying to debug things around but I can't see a problem in my code
@Noz3001 Tried it on pinball too, failed. |
Do you listen to advice when it's given to you?
Slugsnack clearly told you it is not hooked or blocked by the fucking company that makes the OS.
Make your path 'C:\\test.dll' instead of that long fucking thing.
|
|
| Back to top |
|
|
igoticecream
Grandmaster Cheater Supreme
 Reputation: 0
Joined: 23 Apr 2006
Posts: 1807
Location: 0x00400000
|
| Posted: Tue Jan 05, 2010 6:54 am Post subject: |
|
|
| iPromise wrote: | Did all that, never worked.
Whatever, there are other methods such as CodeCave, SetWindowsHookEx, IAT, etc. |
no you didn't, use GetLastError() and check the returned integer here http://msdn.microsoft.com/en-us/library/ms681381%28VS.85%29.aspx
_________________
+~ |
|
| Back to top |
|
|
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
| Posted: Tue Jan 05, 2010 6:20 pm Post subject: |
|
|
| Code: |
#include <windows.h>
#include <iostream>
#include <string>
using namespace std;
void main()
{
string DllPath = "C:\\Users\\Al - Homedawy\\Documents\\Visual Studio 2008\\Projects\\Memory Engine (Dll)\\Debug\\Memory Engine (Dll).dll";
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
if (OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
{
LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tkp.Privileges[0].Luid);
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges(hToken, 0, &tkp, sizeof(tkp), NULL, NULL);
}
HWND hWnd = FindWindowA(NULL, "Untitled - Notepad");
DWORD pID;
GetWindowThreadProcessId(hWnd, &pID);
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pID);
DllPath += '\0';
LPVOID Address = VirtualAllocEx(hProcess, NULL, DllPath.size(), MEM_COMMIT, PAGE_READWRITE);
if (!Address)
{
cout << "Error: " << GetLastError() << endl;
}
DWORD BytesWritten;
WriteProcessMemory(hProcess, Address, DllPath.c_str(), DllPath.size(), &BytesWritten);
FARPROC LoadLibraryAddress = GetProcAddress(GetModuleHandleA("kernel32.dll"), "LoadLibraryA");
if (!LoadLibraryAddress)
{
cout << "Failed to get LoadLibraryA!" << endl;
}
HANDLE hThread = CreateRemoteThread(hProcess, NULL, 0, (LPTHREAD_START_ROUTINE) LoadLibraryAddress, Address, 0, NULL);
if (hThread)
{
cout << "Error: " << GetLastError() << endl;
}
cout << "Address: " << Address << endl;
cout << "Thread: " << hThread << endl;
cin.get();
}
|
I dont get any errors, but whenever I cout my Thread, its NULL.
I've tried debugging through it, no luck, I can't seem to find any errors that would screw things up.
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Tue Jan 05, 2010 6:27 pm Post subject: |
|
|
| your virtualallocex() fails
|
|
| Back to top |
|
|
hcavolsdsadgadsg
I'm a spammer
![]() Reputation: 26
Joined: 11 Jun 2007
Posts: 5801
|
| Posted: Tue Jan 05, 2010 7:26 pm Post subject: |
|
|
| hi guys i use void main()
|
|
| Back to top |
|
|
lurc
Grandmaster Cheater Supreme
 Reputation: 2
Joined: 13 Nov 2006
Posts: 1900
|
| Posted: Tue Jan 05, 2010 7:43 pm Post subject: |
|
|
| slovach wrote: | | hi guys i use void main() |
lol
just wait until Irwin gets in here and starts up on this... is he even still here?
_________________
|
|
| Back to top |
|
|
iPromise
Grandmaster Cheater
![]() Reputation: -1
Joined: 27 Jun 2009
Posts: 529
Location: Canada
|
| Posted: Tue Jan 05, 2010 7:55 pm Post subject: |
|
|
| Slugsnack wrote: | | your virtualallocex() fails |
It works fine, I double checked with CE, its the file path is written to the address. Its CreateRemoteThread() thats the problem.
I also changed it to this
| Code: |
VirtualAllocEx(hProcess, NULL, DllPath.size(), MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE);
|
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
