| View previous topic :: View next topic |
| Author |
Message |
kitterz
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 24 Dec 2007
Posts: 1268
|
 Posted: Thu Oct 09, 2008 7:47 pm Post subject: OpenProcess() Question. |
 |
|
I am doing an OpenProcess() to maplestory.exe when the starting ad shows up. It requires the process id.
However, when the game runs, it hides the process.
When this is the case, is the HANDLE returned by OpenProcess still valid?
Thanks.
_________________
|
|
| Back to top |
|
 |
kitterz
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 24 Dec 2007
Posts: 1268
|
| Posted: Thu Oct 09, 2008 8:24 pm Post subject: Re: OpenProcess() Question. |
|
|
| x0r wrote: | | kitterz wrote: | I am doing an OpenProcess() to maplestory.exe when the starting ad shows up. It requires the process id.
However, when the game runs, it hides the process.
When this is the case, is the HANDLE returned by OpenProcess still valid?
Thanks. |
The problem isn't the process being hidden, the main problem lies in GameGuard hooking the branching functions of OpenProcess. So even if you get the Process ID, it will be of no use since you can't open the process. |
Oh dam! Thanks for the help.
Even opening the process before gg initializes? And keeping an open thread/whatever in it? =/
_________________
|
|
| Back to top |
|
|
tombana
Master Cheater
![]() Reputation: 2
Joined: 14 Jun 2007
Posts: 456
Location: The Netherlands
|
| Posted: Fri Oct 10, 2008 2:06 am Post subject: |
|
|
| Even if the handle would be valid (I don't know if it is) it's of no use because you can't do anything with it. Like x0r mentioned, functions like Read/WriteProcessMemory and CreateRemoteThread are all hooked so you can't do anything interesting with your process handle.
|
|
| Back to top |
|
|
kitterz
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 24 Dec 2007
Posts: 1268
|
| Posted: Fri Oct 10, 2008 2:20 pm Post subject: |
|
|
| tombana wrote: | | Even if the handle would be valid (I don't know if it is) it's of no use because you can't do anything with it. Like x0r mentioned, functions like Read/WriteProcessMemory and CreateRemoteThread are all hooked so you can't do anything interesting with your process handle. |
Ahhh I got ya.
Thanks!
_________________
|
|
| Back to top |
|
|
dnsi0
I post too much
![]() Reputation: 0
Joined: 04 Jan 2007
Posts: 2674
|
| Posted: Fri Oct 10, 2008 3:23 pm Post subject: |
|
|
The ProcessID and ProcessHandle are valid. But when you call ReadProcessMemory or any of those functions with the ProcessHandle, GG intercepts it and tells u that the call failed (Which it really did cause gg intercepted)
So the way around that is. Some1 said something about making a new ntoskrl.exe or something. And use those exported funcs
|
|
| Back to top |
|
|
DeletedUser14087
I post too much
![]() Reputation: 2
Joined: 21 Jun 2006
Posts: 3069
|
| Posted: Sun Oct 12, 2008 6:56 am Post subject: |
|
|
| You can do anything to MapleStory.exe BEFORE GG is loaded (which is StartUpDlgClass), so do what you want.
|
|
| Back to top |
|
|
Synapse
Advanced Cheater
![]() Reputation: 0
Joined: 26 Oct 2005
Posts: 76
|
| Posted: Sun Oct 12, 2008 7:42 am Post subject: |
|
|
| Yes but even so, if you were to modify anything in the .code region, you'd still be tagged by the GG CRC check. So it's basically useless to change anything beforehand, it's really only useful for debugging/research purposes.
|
|
| Back to top |
|
|
DeletedUser14087
I post too much
![]() Reputation: 2
Joined: 21 Jun 2006
Posts: 3069
|
| Posted: Sun Oct 12, 2008 8:31 am Post subject: |
|
|
| Synapse wrote: | | Yes but even so, if you were to modify anything in the .code region, you'd still be tagged by the GG CRC check. So it's basically useless to change anything beforehand, it's really only useful for debugging/research purposes. |
yes.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
