Any Reason this might not be working

[why06]

So I was working on a bypass for Project Blackout's Hackshield. I'm trying to just stop if from being initialized, since the main executable has no protection I thought I would start with that. However I loaded PBlackout.exe up in Olly and noticed the addresses I coded to change, were not being changed at all. Is this just something with Olly, or is this code just wrong?

Code:

#include <windows.h>
BOOL WINAPI DllMain(HINSTANCE hInstDLL, DWORD fdwReason, LPVOID lpReserved)
{
	unsigned char* Patch1 = (unsigned char*)(LPVOID)0x402D5F;
	unsigned char* Patch2 = (unsigned char*)(LPVOID)0x402D66;
	unsigned char* Patch3 = (unsigned char*)(LPVOID)0x402DA2;
	DWORD* OldProtect = NULL;
	switch(fdwReason)
	{
		case DLL_PROCESS_ATTACH:
			
			while(!GetModuleHandleA("PBlackout.exe"))
			VirtualProtect((LPVOID)0x402D5F, 0x100, PAGE_EXECUTE_READWRITE, OldProtect);
			Patch1[0] = 0x90; Patch1[1] = 0x90; Patch1[2] = 0x90; Patch1[3] = 0x90; Patch1[4] = 0x90; //NOP call
			Patch2[0] = 0xEB; //Always jump
			Patch3[0] = 0xEB; //Always jump
			VirtualProtect((LPVOID)0x402D5F, 0x100, *OldProtect, NULL);
			break;

		case DLL_PROCESS_DETACH:
			break;
	}
	return true;
}

[Hell_Demon]

Did you attach olly before or after modifying it?

[why06]

well before because if If I did it after Themida would detect me, because it didn't work

[Hell_Demon]

__asm INT3; and use olly to see if it's writing properly or not?

[.::SCHiM::.]

well before because if If I did it after Themida would detect me, because it didn't work

Can you access the memory at all? Try checking your return values. Maybe the game has it's own SEH and windows will therefore not report any access violations.

[why06]

Thanks for the advice guys, I did the next best thing to an INT3, and set a MessageBox, which froze the program at Dll Entry, looks like I have an access violation, I wonder why though, since I used Virtual Protect.

EDIT: Okay looked over the API, loosk like Im using VP wrong my bad, seems like if you put a NULL value in for DWORD* for OldProtect the function fails. So I declared OldProtect like so: DWORD OldProtect; and am just referencing it now. I also fixed the second VirtualProtect too, lets see if this works now. =)

EDIT: Aww damn it was working, but something weird happened. The Patch Succeeded and everything, but then the DLL got a second DLL_ATTACH message, then Hackshield loaded up, maybe something detecting it idk...

[freedompeace]

Thanks for the advice guys, I did the next best thing to an INT3, and set a MessageBox, which froze the program at Dll Entry, looks like I have an access violation, I wonder why though, since I used Virtual Protect.

EDIT: Okay looked over the API, loosk like Im using VP wrong my bad, seems like if you put a NULL value in for DWORD* for OldProtect the function fails. So I declared OldProtect like so: DWORD OldProtect; and am just referencing it now. I also fixed the second VirtualProtect too, lets see if this works now. =)

EDIT: Aww damn it was working, but something weird happened. The Patch Succeeded and everything, but then the DLL got a second DLL_ATTACH message, then Hackshield loaded up, maybe something detecting it idk...

You get a DLL Attach message whenever a DLL is attached (loaded). You can use DisableThreadLibraryCalls() to disable these notifications to your module. I think that's the function name anyway.

[Hell_Demon]

You get a DLL Attach message whenever a DLL is attached (loaded). You can use DisableThreadLibraryCalls() to disable these notifications to your module. I think that's the function name anyway.

Yep, it is

DisableThreadLibraryCalls(hModule); where hModule is the HMODULE argument of DllMain