FTBGUIDE

More Tutorials More Hacking
 
HomeHome  PortalPortal  CalendarCalendar  FAQFAQ  SearchSearch  MemberlistMemberlist  UsergroupsUsergroups  RegisterRegister  Log inLog in  
Log in
Username:
Password:
Log in automatically: 
:: I forgot my password
Astig FM
By: Jhun»

Share | 
 

 APi Bypass (Tool/Source)

Go down 
AuthorMessage
Jhun»
VIPMEMBER
VIPMEMBER
avatar

Posts : 65
AP : 19798
Join date : 28/02/2013

PostSubject: APi Bypass (Tool/Source)   Sat May 31, 2014 12:07 pm

Made this because some anti-cheat was hooking NtOpenProcess but not checking OpenProcess.

Bypasses OpenProcess and ReadProcessMemory.

Code:
#define RPM_TYPEDEF (BOOL (WINAPI *)(HANDLE,LPCVOID,LPVOID,SIZE_T,SIZE_T *))
BOOL (WINAPI* RealReadProcessMemory)(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize,SIZE_T *lpNumberOfBytesRead);
BOOL WINAPI ReadProcessMemoryBypass(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize,SIZE_T *lpNumberOfBytesRead)
{
   if(hProcess != GetCurrentProcess)
   {
      return RealReadProcessMemory(hProcess, lpBaseAddress, lpBuffer, nSize, lpNumberOfBytesRead);
   }

   if (((ULONG_PTR)lpBaseAddress + nSize) < (ULONG_PTR)lpBaseAddress || ((ULONG_PTR)lpBaseAddress + nSize) > 0x7FFFFFFF)
   {
      return NULL;
   }

   if (nSize > 0)
    {
      DWORD OriginalProtection = 0;

      if(!VirtualProtect((LPVOID)lpBaseAddress, nSize, PAGE_EXECUTE_READWRITE, &OriginalProtection))
         return NULL;

      memcpy(lpBuffer, lpBaseAddress, nSize);

      if(!VirtualProtect((LPVOID)lpBaseAddress, nSize, OriginalProtection, &OriginalProtection))
         return NULL;
    }

   return TRUE;
}

#define OPC_TYPEDEF (HANDLE (WINAPI *)(DWORD, BOOL, DWORD))
HANDLE (WINAPI* RealOpenProcess)(DWORD dwDemateedAccess, BOOL bInheritHandle,DWORD dwProcessId);
HANDLE WINAPI OpenProcessBypass(DWORD dwDemateedAccess, BOOL bInheritHandle,DWORD dwProcessId)
{
   if(dwProcessId != GetCurrentProcessId())
   {
      return RealOpenProcess(dwDemateedAccess, bInheritHandle, dwProcessId);
   }

   HANDLE hLocalProcessHandle = NULL;

   if(!DuplicateHandle(GetCurrentProcess(), GetCurrentThread(), GetCurrentProcess(), &hLocalProcessHandle, 0, TRUE, DUPLICATE_SAME_ACCESS))
      return NULL;

   return hLocalProcessHandle;

[color=#5a5a5a][size=18]Tool:



Download:[You must be registered and logged in to see this link.]
Credits : Shad0w
Back to top Go down
View user profile
 
APi Bypass (Tool/Source)
Back to top 
Page 1 of 1
 Similar topics
-
» TIp: Color correction tool in Vray sketchup

Permissions in this forum:You cannot reply to topics in this forum
FTBGUIDE :: MMO FPS Games :: Other MMOFPS (Tools, Tutorials,SourceCode)-
Jump to: