Today i have started to make simple antihack module that scans process memory and search for signature.. but i have error that i canot solve.
Source:Code:Error 1 Value of type '1-dimensional array of Byte' cannot be converted to 'System.IntPtr'. d:\Visual Studio 2008\Projects\Launcher Client\Launcher Client\Antihack.vb 34
Code:
Imports System.Runtime.InteropServices Module Antihack Dim MAX_DUMPS As Integer = 2 Dim MAX_DUMP_SIZE As Integer = 32 Declare Function ReadProcessMemory Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Integer, <MarshalAs(UnmanagedType.AsAny)> ByVal lpBaseAddress As Object, <MarshalAs(UnmanagedType.AsAny)> ByRef lpBuffer As Object, ByVal nSize As Integer, ByRef lpNumberOfBytesWritten As Integer) As Integer [B]Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" (ByVal pDst As IntPtr, ByVal pSrc As String, ByVal ByteLen As Long)[/B] ' Dim Offsets(MAX_DUMPS) As Integer = {"0x4C8259"} Public Sub SystemProcessScan() Dim psList() As Process Try psList = Process.GetProcesses() For Each p As Process In psList If (Scan(p.Id) > 0) Then MsgBox("Found hack software in your system.\n\nHint: Close all illegal programs and run application again.", "Software guard") CloseProc("MU") End If Next p Catch ex As Exception MsgBox(ex.Message) End Try End Sub Public Function Scan(ByVal hProcess As Int32) Dim Buf(MAX_DUMP_SIZE) As Byte Dim BytesRead As Int32 = 0 Dim B = Convert.ToByte(Buf) For Int As Integer = 0 To MAX_DUMPS ReadProcessMemory(hProcess, "Offset", Buf, System.Runtime.InteropServices.Marshal.SizeOf(Buf), BytesRead) [B] If CopyMemory(Buf, "32byte DUMP", MAX_DUMP_SIZE) = 0 Then Return 1 End If[/B] Next Return 0 End Function Function CloseProc(ByVal sProcName As String) As String Dim Proc() As Process = Process.GetProcessesByName(sProcName) Try Proc(0).Kill() Return "Process killed" Catch Return "Can't find process" End Try End Function End Module


Reply With Quote
