xTrap detects my own hack

[h3llb0y2012]

I've just made my first hack, which contains only one functionality (seeing ghost).
When I inject the dll with the injector I get this message:


idk what's wrong, but here's the code for the hack:

Code:

#include<windows.h>
       
       

#define Player	0xBBEA98
#define ghost1	0x88
#define ghost2	0x8C
#define ghost3	0x90
       
   
       
DWORD WINAPI Hack(LPVOID)
{
       
while(1)
{
DWORD Chell     = (DWORD)GetModuleHandleA("Chell.dll"); 
DWORD pPlayer = *(DWORD*)(Chell + Player); 
if (pPlayer)
{
*(float*)(pPlayer + ghost1) = (float)1.0f;
*(float*)(pPlayer + ghost2) = (float)1.0f;
*(float*)(pPlayer + ghost3) = (float)1.0f;
}
       
Sleep(100); 
}
}
       
bool Check() 
{
if(GetModuleHandleA("Chell.dll")!= NULL)
return 1;
return 0;
}
       
DWORD WINAPI Start(LPVOID)
{
while(!Check()) Sleep(200);
CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)Hack, NULL, NULL, NULL);
return 0;
}
 
BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved )
{
DisableThreadLibraryCalls(hDll);
CreateThread(0,0,(LPTHREAD_START_ROUTINE)Start,0,0,0);
   return 1;
}

Please help me ASAP!

[Royce]

The code is probably detected

[h3llb0y2012]

So? What's the solution for this? How to make it undetected?

[Royce]

To be honest I don't know, you have to ask a coder

[Takari]

So? What's the solution for this? How to make it undetected?

You need to know C++ .

Too be honest , I think the thread with the addresses I gave you is outdated .
Did Z8Games update Cross Fire this week , because they are a week old ?

[Royce]

You need to know C++ .

Well this ofcouse, where did you get that code from anyways?

[Ryuesi]

The code Detected and old
Learn first C++

[Royce]

The code Detected and old
Learn first C++

See, so yeah learn c++ and then go to the cf source code section

[Pingo]

You need to know C++ .

Too be honest , I think the thread with the addresses I gave you is outdated .
Did Z8Games update Cross Fire this week , because they are a week old ?

They still look good to me. Unless CF updated this morning.
Yesterday those were good.

@h3llb0y2012
I dont know exactly how its detecting but i can explain alittle from debugging a base i was making.

If the thread never finishes, xtrap detects it somehow. No idea how, im gonna research this alittle.
Your loop while(1) keeps the thread from returning and keeping it open so you can write hacks.
A normal thread will close once all the code is executed otherwise, hense the loop.

If you remove the loop, you can inject and run code BUT since cshell gets loaded after you inject, any code you have in the thread
never gets written because you cant write to a module that isnt loaded.

I'v been messing with a C++ base too so dont feel bad, everyone is in the same boat.

[Biesi]

Don't use DEBUG use RELEASE .. if this doesn't work it's detected

/Closed.