API Hook - WriteProcessMemory

OpenProcess

Hi man, is problem have more detail.

Global Model Image.
http://www.legion-of-terror.cl/download/temp/model.jpg

Detail :
This is the API OpenProcess or Class in .Net GetProcessID
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wcekernl/html/_wcesdk_win32_OpenProcess.asp

Cheat program use the API and use in parameter PID the Game in Memory.
Game is not .Net program, i not have source, only launch from .Net code.

Example : Game Pid is : 5675

When cheat program "program01.exe(pid 1234)" use the API then in parameters use the value 5675.

Example :

IDProcess = 5675
HandleWindow = OpenProcess(PROCESS_ALL_ACCESS,False,IDProcess);

For get value 5675 use others APIs :

IDProcess = FindWindow -> Get using Window Name -> "Game Window Name"
IDProcess = GetHProcExe -> Get using game.exe
IDProcess = GetWindowProcessID -> Get using Directly IDProcess -> PID the Game.exe

I not want stop this 3 methods, i need Stop OpenProcess where values will be passed.

After OpenProcess get Access to Game Process using parameter : PROCESS_ALL_ACCESS
Return HandleWindow and use after in API WriteProcessMemory
WriteProcessMemory(HandleWindow, Offset, Value, 1, 0&)

From my ".Net Program" i use PID 1234 "program01.exe" for Spy, Hook or Intercept if Use API OpenProcess.

When program01.exe was detected using the API OpenProcess then Log, Hook or Intercept the value in parameter used.

If value is IDProcess = 5675, then assume "program01.exe" is Cheat Program trying attack GAME Process.

After check program02.exe and detect not using API OpenProcess, skip for monitor others process.
 
Back
Top