The code is probably detected
I've just made my first hack, which contains only one functionality (seeing ghost).
When I inject the dll with the injector I get this message:
idk what's wrong, but here's the code for the hack:
Please help me ASAP!Code:#include<windows.h> #define Player 0xBBEA98 #define ghost1 0x88 #define ghost2 0x8C #define ghost3 0x90 DWORD WINAPI Hack(LPVOID) { while(1) { DWORD Chell = (DWORD)GetModuleHandleA("Chell.dll"); DWORD pPlayer = *(DWORD*)(Chell + Player); if (pPlayer) { *(float*)(pPlayer + ghost1) = (float)1.0f; *(float*)(pPlayer + ghost2) = (float)1.0f; *(float*)(pPlayer + ghost3) = (float)1.0f; } Sleep(100); } } bool Check() { if(GetModuleHandleA("Chell.dll")!= NULL) return 1; return 0; } DWORD WINAPI Start(LPVOID) { while(!Check()) Sleep(200); CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)Hack, NULL, NULL, NULL); return 0; } BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved ) { DisableThreadLibraryCalls(hDll); CreateThread(0,0,(LPTHREAD_START_ROUTINE)Start,0,0,0); return 1; }
The code is probably detected
So? What's the solution for this? How to make it undetected?
To be honest I don't know, you have to ask a coder
Last edited by Takari; 08-28-2012 at 04:48 AM.
[IMG]https://i1114.photobucke*****m/albums/k538/ImminentJM/takari.png[/IMG]
They still look good to me. Unless CF updated this morning.
Yesterday those were good.
@h3llb0y2012
I dont know exactly how its detecting but i can explain alittle from debugging a base i was making.
If the thread never finishes, xtrap detects it somehow. No idea how, im gonna research this alittle.
Your loop while(1) keeps the thread from returning and keeping it open so you can write hacks.
A normal thread will close once all the code is executed otherwise, hense the loop.
If you remove the loop, you can inject and run code BUT since cshell gets loaded after you inject, any code you have in the thread
never gets written because you cant write to a module that isnt loaded.
I'v been messing with a C++ base too so dont feel bad, everyone is in the same boat.
Don't use DEBUG use RELEASE .. if this doesn't work it's detected
/Closed.