'Edit by Xuan Hoai Public ProsH As Long Public process As String Public dllpath As String
Private Sub Form_Load() dllpath = App.Path + "\Wall.dll" process = "Crossfire.dat" Call FileExist(dllpath) Timer1.Interval = 500 LoadHidden = True End Sub
Private Sub Timer1_Click() ProsH = GetHProcExe(process) If ProsH > "0" Then Call InjectDll(dllpath, ProsH) MsgBox "Source Code By Xuan Hoai" End End If End Sub
Lưu ý: phải tạo 1 Timer nhé.
Tạo 3 Module:
Module1:
Code:
:
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal fAllocType As Long, FlProtect As Long) As Long Public Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal ProcessHandle As Long, lpThreadAttributes As Long, ByVal dwStackSize As Long, ByVal lpStartAddress As Any, ByVal lpParameter As Any, ByVal dwCreationFlags As Long, lpThreadID As Long) As Long Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long)
'The Injection Function Public Function InjectDll(dllpath As String, ProsH As Long) Dim DLLVirtLoc As Long, DllLength, Inject As Long, LibAddress As Long Dim CreateThread As Long, ThreadID As Long 'STEP 1 - The easy part...Putting the bitch in the process' memory 'Find a nice spot for your DLL to chill using VirtualAllocEx g_virutalallocex: DllLength = Len(dllpath) DLLVirtLoc = VirtualAllocEx(ProsH, ByVal 0, DllLength, &H1000, ByVal &H4) If DLLVirtLoc = 0 Then bla = MsgBox("VirtualAllocEx API failed! - try again?", vbYesNo, "ERROR") If bla = vbYes Then GoTo g_virutalallocex If bla = vbNo Then End
'Inject the Dll into that spot g_writepmemory: Inject = WriteProcessMemory(ProsH, DLLVirtLoc, ByVal dllpath, DllLength, vbNull) If Inject = 0 Then bla = MsgBox("Failed to Write DLL to Process! - try again?", vbYesNo, "ERROR") If bla = vbYes Then GoTo g_writepmemory If bla = vbNo Then End
'STEP 2 - Loading it in the process 'Just throwing our Dll into the process isnt going to do sth unless you 'Load it into the precess address using LoadLibrary. The LoadLibrary function 'maps the specified executable module into the address space of the 'calling process. You call LoadLibrary by using CreateRemoteThread to 'create a thread that runs in the address space of another process. 'First we find the LoadLibrary API function and store it g_loadlibary: LibAddress = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA") If LibAddress = 0 Then bla = MsgBox("Can't find LoadLibrary API from kernel32.dll", vbYesNo, "ERROR") If bla = vbYes Then GoTo g_loadlibary If bla = vbNo Then End 'We set a pointer to LoadLibrary(LibAddress) in our process, LoadLibrary then puts 'our Dll(DLLVirtLoc) into the process address. Easy enough right? g_creatthread: CreateThread = CreateRemoteThread(ProsH, vbNull, 0, LibAddress, DLLVirtLoc, 0, ThreadID) If CreateThread = 0 Then bla = MsgBox("Failed to Create Thead! - try again?", vbYesNo, "ERROR") If bla = vbYes Then GoTo g_creatthread If bla = vbNo Then End
End Function
Module2:
Code:
Public Function FileExist(FileName As String) As Boolean Dim found As String FileExist = False found = VBA.Dir(FileName) If Len(found) = 0 Then MsgBox "Khong the ket noi du lieu", vbCritical End End If End Function
Module3:
Code:
Public Const PROCESS_ALL_ACCESS As Long = &H1F0FFF
Option Explicit Public Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long Public Declare Function FindWindow Lib "USER32" Alias "FindWindowA" (ByVal Classname As String, ByVal WindowName As String) As Long Public Declare Function GetWindowThreadProcessId Lib "USER32" (ByVal hwnd As Long, lpdwProcessId As Long) As Long Private Declare Function CreateToolhelpSnapshot Lib "kernel32" Alias "CreateToolhelp32Snapshot" (ByVal lFlags As Long, ByVal lProcessID As Long) As Long Private Declare Function Process32First Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long Private Declare Sub CloseHandle Lib "kernel32" (ByVal hPass As Long)
Private Type PROCESSENTRY32 dwSize As Long cntUsage As Long th32ProcessID As Long th32DefaultHeapID As Long th32ModuleID As Long cntThreads As Long th32ParentProcessID As Long pcPriClassBase As Long dwFlags As Long szExeFile As String * 260 End Type
Public Function GetHProcExe(strExeName As String) As Long Dim hSnap As Long 'Create a snapshot of all of the processes, and information 'about them (saving the handle so we can iterate through the 'processes) hSnap = CreateToolhelpSnapshot(2, 0)
Dim peProcess As PROCESSENTRY32 peProcess.dwSize = LenB(peProcess)
Dim nProcess As Long nProcess = Process32First(hSnap, peProcess)
'Loop through the processes until we find the one we want 'and return its process handle Do While nProcess If StrComp(Trim$(peProcess.szExeFile), strExeName, vbTextCompare) _ = 0 Then GetHProcExe = OpenProcess(PROCESS_ALL_ACCESS, False, peProcess.th32ProcessID) Exit Function End If peProcess.szExeFile = vbNullString nProcess = Process32Next(hSnap, peProcess) Loop CloseHandle hSnap End Function
- Bây giờ để chạy được phải có file dll hack. ( tự kiếm nhé )
Copy đúng link dười đây gửi đến nick yahoo bạn bè!
Source Code wall hack CF mọi phiên bản
Trang 1 trong tổng số 1 trang
Bài viết cùng chuyên mục
Bài viết liên quan
* Bài viết sưu tầm nên ghi rõ nguồn (Sưu Tâm). * Không dùng những ngôn từ thiếu lịch sư.* Tránh spam nhầm những chủ đề không liên quan. * Bấm nút A/a bên góc phải nếu gặp vấn đề khi chèn hình vui. * Nếu thấy bài viết hay, hãy bấm nút Người viết.