Results 1 to 2 of 2

Thread: Antihack Module

  1. #1

    Thread Starter
    New Member
    Join Date
    Jul 2010
    Posts
    1

    Antihack Module

    Today i have started to make simple antihack module that scans process memory and search for signature.. but i have error that i canot solve.
    Code:
    Error	1	Value of type '1-dimensional array of Byte' cannot be converted to 'System.IntPtr'.	d:\Visual Studio 2008\Projects\Launcher Client\Launcher Client\Antihack.vb	34
    Source:
    Code:
    1. Imports System.Runtime.InteropServices
    2. Module Antihack
    3.     Dim MAX_DUMPS As Integer = 2
    4.     Dim MAX_DUMP_SIZE As Integer = 32
    5.     Declare Function ReadProcessMemory Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Integer, <MarshalAs(UnmanagedType.AsAny)> ByVal lpBaseAddress As Object, <MarshalAs(UnmanagedType.AsAny)> ByRef lpBuffer As Object, ByVal nSize As Integer, ByRef lpNumberOfBytesWritten As Integer) As Integer
    6.     [B]Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (ByVal pDst As IntPtr, ByVal pSrc As String, ByVal ByteLen As Long)[/B]
    7.  
    8.     ' Dim Offsets(MAX_DUMPS) As Integer = {"0x4C8259"}
    9.  
    10.     Public Sub SystemProcessScan()
    11.         Dim psList() As Process
    12.         Try
    13.             psList = Process.GetProcesses()
    14.  
    15.             For Each p As Process In psList
    16.                 If (Scan(p.Id) > 0) Then
    17.                     MsgBox("Found hack software in your system.\n\nHint: Close all illegal programs and run application again.", "Software guard")
    18.                     CloseProc("MU")
    19.                 End If
    20.  
    21.             Next p
    22.  
    23.         Catch ex As Exception
    24.             MsgBox(ex.Message)
    25.         End Try
    26.     End Sub
    27.  
    28.     Public Function Scan(ByVal hProcess As Int32)
    29.         Dim Buf(MAX_DUMP_SIZE) As Byte
    30.         Dim BytesRead As Int32 = 0
    31.         Dim B = Convert.ToByte(Buf)
    32.         For Int As Integer = 0 To MAX_DUMPS
    33.             ReadProcessMemory(hProcess, "Offset", Buf, System.Runtime.InteropServices.Marshal.SizeOf(Buf), BytesRead)
    34.            [B] If CopyMemory(Buf, "32byte DUMP", MAX_DUMP_SIZE) = 0 Then
    35.                 Return 1
    36.             End If[/B]
    37.         Next
    38.         Return 0
    39.     End Function
    40.  
    41.     Function CloseProc(ByVal sProcName As String) As String
    42.         Dim Proc() As Process = Process.GetProcessesByName(sProcName)
    43.         Try
    44.             Proc(0).Kill()
    45.             Return "Process killed"
    46.         Catch
    47.             Return "Can't find process"
    48.         End Try
    49.     End Function
    50. End Module

  2. #2
    PowerPoster techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,687

    Re: Antihack Module

    Well, it should be obvious... the signature of the function is looking for an integer pointer... .and you're passing it an array of bytes... which isn't an intPtr...

    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width