Mostrar Temas
Aca dejo el codigo:
Antihack.cpp
Código:
// ----------------------------------------------------
// Proyecto: AntiHack.cpp
// Fecha: 2009-09-25
//
// ----------------------------------------------------
#include "stdafx.h"
#include "Antihack.h"
#include <stdlib.h>
#include <windows.h>
#ifdef _MANAGED
#pragma managed(push, off)
#endif
ANITHACK_PROCDUMP g_ProcessesDumps[MAX_PROCESS_DUMP] = {
{0x4C8259, {0xA1, 0x38, 0xBD, 0x4C, 0x00, 0x8B, 0x00, 0x8B, 0x4D, 0xFC, 0xBA, 0xC0, 0x82, 0x4C, 0x00, 0xE8, 0x1F, 0xF1, 0xFF, 0xFF, 0x33, 0xDB, 0xE8, 0xF8, 0xBE, 0xF3, 0xFF, 0x33, 0xC0, 0x5A, 0x59, 0x59}}, // Catastrophe v0.1
{0x4C5F31, {0x7C, 0x23, 0x8B, 0x45, 0xFC, 0x80, 0x38, 0xC1, 0x75, 0x1B, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x02, 0xF3, 0x75, 0x12, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x03, 0x00, 0x75, 0x09, 0x8B, 0x45, 0xFC, 0x80}}, // Catastrophe v0.1
{0x4CCB71, {0xA1, 0x40, 0xFD, 0x4C, 0x00, 0x8B, 0x00, 0x8B, 0x4D, 0xFC, 0xBA, 0xD8, 0xCB, 0x4C, 0x00, 0xE8, 0xAB, 0xF2, 0xFF, 0xFF, 0x33, 0xDB, 0xE8, 0xE0, 0x75, 0xF3, 0xFF, 0x33, 0xC0, 0x5A, 0x59, 0x59}}, // Catastrophe v1.2
{0x4CA831, {0x89, 0x55, 0xFC, 0x8B, 0x45, 0xFC, 0xE8, 0xC8, 0xA3, 0xF3, 0xFF, 0x33, 0xC0, 0x55, 0x68, 0x96, 0xA8, 0x4C, 0x00, 0x64, 0xFF, 0x30, 0x64, 0x89, 0x20, 0x8B, 0x45, 0xFC, 0xE8, 0xC2, 0xA1, 0xF3}}, // Catastrophe v1.2
{0x44E08C, {0x64, 0x89, 0x25, 0x00, 0x00, 0x00, 0x00, 0x83, 0xEC, 0x58, 0x53, 0x56, 0x57, 0x89, 0x65, 0xE8, 0xFF, 0x15, 0x04, 0xF4, 0x48, 0x00, 0x33, 0xD2, 0x8A, 0xD4, 0x89, 0x15, 0xD8, 0x0A, 0x4D, 0x00}}, // WPePro 0.9x
{0x4851C2, {0x75, 0x1C, 0x53, 0x8B, 0xCE, 0xFF, 0x75, 0xE4, 0xFF, 0x75, 0xE0, 0x57, 0xE8, 0x90, 0x01, 0xFE, 0xFF, 0xEB, 0x0B, 0x53, 0x57, 0xFF, 0x76, 0x1C, 0xFF, 0x15, 0x9C, 0xF5, 0x48, 0x00, 0x8B, 0x86}}, // WPePro 0.9x
{0x4307BE, {0x75, 0x0A, 0x6A, 0x1C, 0xE8, 0x49, 0x01, 0x00, 0x00, 0x83, 0xC4, 0x04, 0xE8, 0xB1, 0x30, 0x00, 0x00, 0x85, 0xC0, 0x75, 0x0A, 0x6A, 0x10, 0xE8, 0x36, 0x01, 0x00, 0x00, 0x83, 0xC4, 0x04, 0xC7}}, // WPePro 1.3
{0x44397B, {0x75, 0x07, 0x8B, 0xCF, 0xE8, 0xF8, 0xF2, 0xFF, 0xFF, 0x5F, 0x5E, 0xC2, 0x08, 0x00, 0x53, 0x56, 0x8B, 0x74, 0x24, 0x0C, 0x57, 0xFF, 0x76, 0x04, 0xFF, 0x15, 0xC4, 0x9B, 0x49, 0x00, 0x8B, 0xD8}}, // WPePro 1.3
{0x40970E, {0x68, 0xB4, 0x98, 0x40, 0x00, 0x64, 0xA1, 0x00, 0x00, 0x00, 0x00, 0x50, 0x64, 0x89, 0x25, 0x00, 0x00, 0x00, 0x00, 0x83, 0xEC, 0x68, 0x53, 0x56, 0x57, 0x89, 0x65, 0xE8, 0x33, 0xDB, 0x89, 0x5D}}, // Speed Gear 5
{0x12C5B8, {0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11, 0xDB, 0x72, 0xED, 0xB8, 0x01, 0x00, 0x00, 0x00, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11, 0xDB, 0x11, 0xC0, 0x01, 0xDB, 0x73}}, // UoPilot
{0x5AA16C, {0xE8, 0x13, 0x40, 0xFF, 0xFF, 0xE8, 0x86, 0x2C, 0xFC, 0xFF, 0x8B, 0x03, 0xBA, 0xD4, 0xA2, 0x5A, 0x00, 0xE8, 0xC2, 0x98, 0xEE, 0xFF, 0x8B, 0x03, 0x83, 0xC0, 0x50, 0xBA, 0xF0, 0xA2, 0x5A, 0x00}}, // Cheat Engine 5.3
{0x4CBE2B, {0x8D, 0x55, 0xF0, 0xB9, 0x04, 0x00, 0x00, 0x00, 0x8B, 0xC7, 0xE8, 0x02, 0x15, 0xF5, 0xFF, 0x8B, 0x55, 0xF0, 0x8B, 0xC3, 0xE8, 0x8C, 0xF7, 0xFD, 0xFF, 0x8D, 0x55, 0xF0, 0xB9, 0x04, 0x00, 0x00}}, // Cheat Engine 5.5
{0x401350, {0xEB, 0x10, 0x66, 0x62, 0x3A, 0x43, 0x2B, 0x2B, 0x48, 0x4F, 0x4F, 0x4B, 0x90, 0xE9, 0x98, 0xC0, 0x47, 0x00, 0xA1, 0x8B, 0xC0, 0x47, 0x00, 0xC1, 0xE0, 0x02, 0xA3, 0x8F, 0xC0, 0x47, 0x00, 0x52}}, //WildProxy v0.3
{0x401401, {0xE8, 0xB6, 0xFF, 0xFF, 0xFF, 0x50, 0x50, 0xFF, 0x35, 0x8B, 0xC0, 0x47, 0x00, 0xE8, 0xAD, 0x54, 0x07, 0x00, 0xFF, 0x35, 0x8B, 0xC0, 0x47, 0x00, 0xE8, 0xB6, 0x54, 0x07, 0x00, 0x5F, 0xC3, 0xB9}}, //WildProxy v0.3
{0x401320, {0xEB, 0x10, 0x66, 0x62, 0x3A, 0x43, 0x2B, 0x2B, 0x48, 0x4F, 0x4F, 0x4B, 0x90, 0xE9, 0x98, 0x20, 0x47, 0x00, 0xA1, 0x8B, 0x20, 0x47, 0x00, 0xC1, 0xE0, 0x02, 0xA3, 0x8F, 0x20, 0x47, 0x00, 0x52}}, //WildProxy v0.2
{0x4013B0, {0xE8, 0xD7, 0xFF, 0xFF, 0xFF, 0xB9, 0xB4, 0x00, 0x00, 0x00, 0x51, 0x6A, 0x08, 0xE8, 0xF4, 0x00, 0x07, 0x00, 0x50, 0xE8, 0x60, 0x01, 0x07, 0x00, 0x0B, 0xC0, 0x75, 0x0A, 0xB8, 0xFD, 0x00, 0x00}}, //WildProxy v0.2
{0x401320, {0xEB, 0x10, 0x66, 0x62, 0x3A, 0x43, 0x2B, 0x2B, 0x48, 0x4F, 0x4F, 0x4B, 0x90, 0xE9, 0x98, 0x90, 0x46, 0x00, 0xA1, 0x8B, 0x90, 0x46, 0x00, 0xC1, 0xE0, 0x02, 0xA3, 0x8F, 0x90, 0x46, 0x00, 0x52}}, //WildProxy v0.1
{0x4013F9, {0xE8, 0x1A, 0x21, 0x06, 0x00, 0xA3, 0x8B, 0x90, 0x46, 0x00, 0x83, 0xF8, 0x00, 0x73, 0x91, 0xB8, 0xFC, 0x00, 0x00, 0x00, 0xE8, 0x7A, 0xFF, 0xFF, 0xFF, 0xC3, 0x83, 0x3D, 0x8B, 0x90, 0x46, 0x00}}, //WildProxy v0.1
{0x512134, {0x75, 0x05, 0x8A, 0x16, 0x46, 0x12, 0xD2, 0x73, 0xEA, 0x02, 0xD2, 0x75, 0x05, 0x8A, 0x16, 0x46, 0x12, 0xD2, 0x73, 0x4F, 0x33, 0xC0, 0x02, 0xD2, 0x75, 0x05, 0x8A, 0x16, 0x46, 0x12, 0xD2, 0x0F}}, //WildProxy v1.0 Public
{0x512014, {0xB8, 0x00, 0x00, 0x00, 0x00, 0x60, 0x0B, 0xC0, 0x74, 0x68, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x58, 0x05, 0x53, 0x00, 0x00, 0x00, 0x80, 0x38, 0xE9, 0x75, 0x13, 0x61, 0xEB, 0x45, 0xDB, 0x2D, 0x37}}, //WildProxy v1.0 Public
{0x40E04E, {0x53, 0x68, 0x61, 0x64, 0x6F, 0x77, 0x42, 0x65, 0x61, 0x73, 0x74, 0x2E, 0x41, 0x53, 0x41, 0x46, 0x2D, 0x46, 0x32, 0x31, 0x34, 0x39, 0x42, 0x33, 0x31, 0x35, 0x35, 0x5C, 0x4D, 0x79, 0x20, 0x44}}, //Speed Hack Simplifier 1.3 Test
{0x401414, {0x68, 0xA4, 0x22, 0x40, 0x00, 0xE8, 0xEE, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x8E, 0xF7, 0x08}}, //99.62t Speed Hack
{0x401E04, {0x68, 0x28, 0x20, 0x41, 0x00, 0xE8, 0xEE, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xE3, 0x90, 0x67, 0x9A}}, //SpotHack 1.1
{0x454181, {0xBE, 0x00, 0x90, 0x43, 0x00, 0x8D, 0xBE, 0x00, 0x80, 0xFC, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB, 0x75}}, //MJB Perfect DL Bot
{0x40C0B0, {0x70, 0x6C, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x5C, 0x6F, 0x62, 0x6A, 0x5C, 0x52, 0x65, 0x6C, 0x65, 0x61, 0x73, 0x65, 0x5C, 0x53, 0x70, 0x65, 0x65, 0x64, 0x20, 0x48, 0x61, 0x63}}, //Speed Hack Simplifier 1.1
{0x59F001, {0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x50, 0x51, 0xEB, 0x0F, 0xB9, 0xEB, 0x0F, 0xB8, 0xEB, 0x07, 0xB9, 0xEB, 0x0F, 0x90, 0xEB, 0x08, 0xFD, 0xEB, 0x0B, 0xF2, 0xEB, 0xF5, 0xEB, 0xF6, 0xF2, 0xEB}}, //HahaMu 1.16
{0x5674D4, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xEC, 0x53, 0x33, 0xC0, 0x89, 0x45, 0xEC, 0xB8, 0x2C, 0x70, 0x56, 0x00, 0xE8, 0xC6, 0xFA, 0xE9, 0xFF, 0x8B, 0x1D, 0x98, 0xD8, 0x56, 0x00, 0x33, 0xC0, 0x55, 0x68}}, //Cheat Engine 5.0
{0x574EC0, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xEC, 0x53, 0x33, 0xC0, 0x89, 0x45, 0xEC, 0xB8, 0xE0, 0x49, 0x57, 0x00, 0xE8, 0xCE, 0x20, 0xE9, 0xFF, 0x8B, 0x1D, 0xF8, 0xB8, 0x57, 0x00, 0x33, 0xC0, 0x55, 0x68}}, //Cheat Engine 5.1.1
{0x591F94, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xEC, 0x53, 0x33, 0xC0, 0x89, 0x45, 0xEC, 0xB8, 0x5C, 0x1A, 0x59, 0x00, 0xE8, 0x26, 0x50, 0xE7, 0xFF, 0x8B, 0x1D, 0x20, 0x89, 0x59, 0x00, 0x33, 0xC0, 0x55, 0x68}}, //Cheat Engine 5.2
{0x5CF354, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xEC, 0x53, 0x33, 0xC0, 0x89, 0x45, 0xEC, 0xB8, 0x44, 0xED, 0x5C, 0x00, 0xE8, 0x62, 0x7E, 0xE3, 0xFF, 0x8B, 0x1D, 0xD4, 0x5A, 0x5D, 0x00, 0x33, 0xC0, 0x55, 0x68}}, //Cheat Engine 5.4
{0x40FBB6, {0x55, 0x8B, 0xEC, 0x6A, 0xFF, 0x68, 0x48, 0x3D, 0x41, 0x00, 0x68, 0x3C, 0xFD, 0x40, 0x00, 0x64, 0xA1, 0x00, 0x00, 0x00, 0x00, 0x50, 0x64, 0x89, 0x25, 0x00, 0x00, 0x00, 0x00, 0x83, 0xEC, 0x68}}, //Game Speed Changer
{0x438510, {0x60, 0xBE, 0x00, 0x20, 0x42, 0x00, 0x8D, 0xBE, 0x00, 0xF0, 0xFD, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB}}, //eXpLoRer
{0x4BCFA4, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xF0, 0x53, 0x56, 0x57, 0xB8, 0xC4, 0xCC, 0x4B, 0x00, 0xE8, 0xB1, 0x9B, 0xF4, 0xFF, 0x8B, 0x3D, 0xB0, 0x03, 0x4C, 0x00, 0x68, 0xDC, 0xD0, 0x4B, 0x00, 0x6A, 0x04}}, //Xelerator 1.4
{0x473BBC, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xF4, 0xB8, 0x04, 0x3A, 0x47, 0x00, 0xE8, 0xE0, 0x26, 0xF9, 0xFF, 0xA1, 0x1C, 0x5C, 0x47, 0x00, 0x8B, 0x00, 0xE8, 0x04, 0xBE, 0xFC, 0xFF, 0x8B, 0x0D, 0xE4, 0x5C}}, //Capotecheat(deltacholl)
{0x55DE8C, {0x87, 0xDE, 0xF7, 0xFA, 0x9F, 0xCA, 0x05, 0x5D, 0x83, 0x67, 0x02, 0x86, 0x59, 0xBF, 0xF1, 0xB6, 0x5B, 0x1F, 0x04, 0x6E, 0x79, 0x00, 0x18, 0x57, 0x8A, 0xD0, 0xA6, 0xFA, 0x8E, 0x5A, 0xE0, 0xD8}}, //Cheat4Fun v0.9 Beta
{0x4217E0, {0x60, 0xBE, 0x00, 0xD0, 0x41, 0x00, 0x8D, 0xBE, 0x00, 0x40, 0xFE, 0xFF, 0x57, 0xEB, 0x0B, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11}}, //!xSpeed.net3
{0x493C90, {0x60, 0xBE, 0x00, 0xC0, 0x45, 0x00, 0x8D, 0xBE, 0x00, 0x50, 0xFA, 0xFF, 0x57, 0xEB, 0x0B, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11}}, //AutoBuff D-C
{0x4320F0, {0x53, 0x00, 0x5F, 0x00, 0x56, 0x00, 0x45, 0x00, 0x52, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4F, 0x00, 0x4E, 0x00, 0x5F, 0x00, 0x49, 0x00, 0x4E, 0x00, 0x46, 0x00, 0x4F, 0x00, 0x00, 0x00, 0x00, 0x00}}, //Cheat Happens v3.9b1
{0x4340F0, {0x53, 0x00, 0x5F, 0x00, 0x56, 0x00, 0x45, 0x00, 0x52, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4F, 0x00, 0x4E, 0x00, 0x5F, 0x00, 0x49, 0x00, 0x4E, 0x00, 0x46, 0x00, 0x4F, 0x00, 0x00, 0x00, 0x00, 0x00}}, //Cheat Happens v3.95b1/b2
{0x4360F0, {0x53, 0x00, 0x5F, 0x00, 0x56, 0x00, 0x45, 0x00, 0x52, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4F, 0x00, 0x4E, 0x00, 0x5F, 0x00, 0x49, 0x00, 0x4E, 0x00, 0x46, 0x00, 0x4F, 0x00, 0x00, 0x00, 0x00, 0x00}}, //Cheat Happens v3.95b3
{0x440020, {0x5F, 0xE4, 0xAD, 0x60, 0x36, 0x56, 0x43, 0x4D, 0x92, 0xBD, 0xC8, 0x6F, 0xF8, 0xDE, 0xE1, 0xBD, 0x01, 0x00, 0x00, 0x00, 0x46, 0x3A, 0x5C, 0x44, 0x6F, 0x63, 0x75, 0x6D, 0x65, 0x6E, 0x74, 0x73}}, //Cheat Happens v3.96b2
{0x416014, {0xB8, 0x00, 0x00, 0x00, 0x00, 0x60, 0x0B, 0xC0, 0x74, 0x68, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x58, 0x05, 0x53, 0x00, 0x00, 0x00, 0x80, 0x38, 0xE9, 0x75, 0x13, 0x61, 0xEB, 0x45, 0xDB, 0x2D, 0x37}}, //HastyMu v0.2
{0xAF4014, {0xB8, 0x00, 0x00, 0x00, 0x00, 0x60, 0x0B, 0xC0, 0x74, 0x68, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x58, 0x05, 0x53, 0x00, 0x00, 0x00, 0x80, 0x38, 0xE9, 0x75, 0x13, 0x61, 0xEB, 0x45, 0xDB, 0x2D, 0x37}}, //FunnyZhyper v5
{0x48C000, {0xFC, 0xCF, 0xAB, 0xE7, 0x6D, 0x3A, 0x89, 0xBC, 0xB2, 0x9F, 0x73, 0x23, 0xA8, 0xFE, 0xB6, 0x49, 0x5D, 0x39, 0x5D, 0x8A, 0xCB, 0x63, 0x8D, 0xEA, 0x7D, 0x2B, 0x5F, 0xC3, 0xB1, 0xE9, 0x83, 0x29}}, //Lipsum v2
{0x4380F0, {0x53, 0x00, 0x5F, 0x00, 0x56, 0x00, 0x45, 0x00, 0x52, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4F, 0x00, 0x4E, 0x00, 0x5F, 0x00, 0x49, 0x00, 0x4E, 0x00, 0x46, 0x00, 0x4F, 0x00, 0x00, 0x00, 0x00, 0x00}}, //MuPie v2 Beta
{0x401704, {0x68, 0x84, 0x24, 0x40, 0x00, 0xE8, 0xEE, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x72, 0x80, 0x61, 0xF6}}, //MuPie HG v2
{0x401B28, {0x68, 0xD8, 0x2A, 0x40, 0x00, 0xE8, 0xF0, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xB9, 0xE3, 0x0E, 0xC3}} //MuPie HG v3
};
using namespace std;
void CAntiHack::GetSystemProcessesList() {
HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if(hProcessSnap != INVALID_HANDLE_VALUE)
{
PROCESSENTRY32 pe32;
pe32.dwSize = sizeof(PROCESSENTRY32);
if(Process32First(hProcessSnap, &pe32))
{
do
{
m_lProcessesList.push_back(pe32);
}
while(Process32Next(hProcessSnap, &pe32));
}
}
CloseHandle(hProcessSnap);
}
bool CAntiHack::ScanProcessMemory(DWORD dwProcessId) {
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
if(hProcess != INVALID_HANDLE_VALUE)
{
for(int i = 0; i < MAX_PROCESS_DUMP; i++)
{
char aTmpBuffer[MAX_DUMP_SIZE];
SIZE_T aBytesRead = 0;
ReadProcessMemory(hProcess, (LPCVOID)g_ProcessesDumps[i].m_aOffset, (LPVOID)aTmpBuffer, sizeof(aTmpBuffer), &aBytesRead);
if(memcmp(aTmpBuffer, g_ProcessesDumps[i].m_aMemDump, MAX_DUMP_SIZE) == 0)
{
CloseHandle(hProcess);
return true;
break;
}
}
}
CloseHandle(hProcess);
return false;
}
int CAntiHack::CheckProcessName(char *sProcessName, char *sSrcProcessName) {
for(size_t i = 0; i < strlen(sProcessName); i++)
{
sProcessName[i] = (char)tolower(sProcessName[i]);
}
return strcmp(sProcessName, sSrcProcessName);
}
bool CAntiHack::CheckExplorerProcessDirectory(DWORD dwProcessId) {
HANDLE hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);
if(hModuleSnap != INVALID_HANDLE_VALUE)
{
MODULEENTRY32 me32;
me32.dwSize = sizeof(MODULEENTRY32);
if(Module32First(hModuleSnap, &me32))
{
me32.szExePath[strlen(me32.szExePath) - (strlen(SYSTEMSHELL_NAME) + 1)] = 0;
char sWindowsDirectory[MAX_PATH];
GetWindowsDirectory(sWindowsDirectory, MAX_PATH);
if(strcmp(me32.szExePath, sWindowsDirectory) == 0)
{
CloseHandle(hModuleSnap);
return true;
}
}
}
CloseHandle(hModuleSnap);
return false;
}
void CAntiHack::GetExplorerProcessId() {
for(list<PROCESSENTRY32>::iterator i = m_lProcessesList.begin(); i != m_lProcessesList.end(); i++)
{
if(CheckProcessName(i->szExeFile, SYSTEMSHELL_NAME) == 0)
{
if(CheckExplorerProcessDirectory(i->th32ProcessID))
{
m_dwExplorerProcessId = i->th32ProcessID;
return;
break;
}
}
}
m_dwExplorerProcessId = INVALID_PROCESSID;
}
// --- Interface ---
void CAntiHack::Startup() {
m_lProcessesList.clear();
GetSystemProcessesList();
GetExplorerProcessId();
if(m_lProcessesList.empty() || m_dwExplorerProcessId == INVALID_PROCESSID)
{
MessageBox(0, "No es posible ejecutar el sistema Anti-Hack.", "MuOnline Protect", MB_OK | MB_ICONSTOP);
ExitProcess(1);
}
}
void CAntiHack::SystemProcessesScan() {
for(std::list<PROCESSENTRY32>::iterator i = m_lProcessesList.begin(); i != m_lProcessesList.end(); i++)
{
if(ScanProcessMemory(i->th32ProcessID))
{
MessageBox(0, "Se ha detectado un programa ilegal es su sistema.\nPor favor cierre todos los programas ilegales y ejecue normalmente.", "MuOnline Protect", MB_OK | MB_ICONSTOP);
ShellExecute( NULL, "open", "http://mupaysandu.sytes.net/Cheat/index.php?Detected=", NULL, NULL, SW_SHOW );
ExitProcess(1);
}
}
}
void CAntiHack::CheckProcessOwner() {
for(std::list<PROCESSENTRY32>::iterator i = m_lProcessesList.begin(); i != m_lProcessesList.end(); i++)
{
if(i->th32ProcessID == GetCurrentProcessId())
{
if(i->th32ParentProcessID != m_dwExplorerProcessId)
{
MessageBox(0, "Use el Launcher.", "MuOnline Protect", MB_OK | MB_ICONSTOP);
ExitProcess(1);
}
}
}
}
void CAntiHack::Cleanup() {
m_lProcessesList.clear();
}
extern "C" __declspec (dllexport) void __cdecl Loaded()
{
}
BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved) {
CAntiHack AntiHackInstance;
AntiHackInstance.Startup();
AntiHackInstance.CheckProcessOwner();
AntiHackInstance.SystemProcessesScan();
AntiHackInstance.Cleanup();
return TRUE;
}
#ifdef _MANAGED
#pragma managed(pop)
#endif
Código:
// ----------------------------------------------------
// Proyecto: AntiHack.cpp
// Fecha: 2009-09-25
//
// ----------------------------------------------------
#ifndef ANTIHACK_ANTIHACK_H
#define ANTIHACK_ANTIHACK_H
#include <tlhelp32.h>
#include <windows.h>
#include <list>
#define MAX_DUMP_SIZE 32
#define MAX_PROCESS_DUMP 47
#define INVALID_PROCESSID 0
#define SYSTEMSHELL_NAME "explorer.exe"
typedef struct ANITHACK_PROCDUMP {
unsigned int m_aOffset;
unsigned char m_aMemDump[MAX_DUMP_SIZE];
} *PANITHACK_PROCDUMP;
extern ANITHACK_PROCDUMP g_ProcessesDumps[MAX_PROCESS_DUMP];
class CAntiHack {
public:
void Startup();
void SystemProcessesScan();
void CheckProcessOwner();
void Cleanup();
private:
void GetSystemProcessesList();
bool ScanProcessMemory(DWORD dwProcessId);
void GetExplorerProcessId();
int CheckProcessName(char *sProcessName, char *sSrcProcessName);
bool CheckExplorerProcessDirectory(DWORD dwProcessId);
DWORD m_dwExplorerProcessId;
std::list<PROCESSENTRY32> m_lProcessesList;
};
#endif //ANTIHACK_ANTIHACK_H
Código:
#pragma once
#ifndef WINVER
#define WINVER 0x0501
#endif
#ifndef _WIN32_WINNT
#define _WIN32_WINNT 0x0501
#endif
#ifndef _WIN32_WINDOWS
#define _WIN32_WINDOWS 0x0410
#endif
#ifndef _WIN32_IE
#define _WIN32_IE 0x0600
#endif
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
Código:
#include "stdafx.h"