Thread: Need help with my code

  1. #1
    Registered User
    Join Date
    Jul 2007
    Posts
    61

    Need help with my code

    Code:
    // AntiHack.cpp : Defines the entry point for the DLL application.
    // Created by brietje698
    
    //Definition
    #define Box(a,b) MessageBox(0,a,b,MB_OK);
    
    //Include Files
    #include "stdafx.h"
    #include <windows.h>
    #include <stdio.h>
    #include <stdlib.h>
    #include <string>
    
    //MBox Definition
    #define LTITLE "AntiHack"
    void MBox(const char* lpcContents, const char* lpcTitle){
    	MessageBox(0, lpcContents, lpcTitle, 0);
    }
    
    
    //Main loop
    void Main(){
    	while(true){
    		Sleep(30000);
    		if(IsDebuggerPresent()) {
    			TerminateProcess(GetCurrentProcess(), 1);
    		}
    		if(0x90 == *(unsigned char*)0x0046D11E) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0046D01C) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0040E574) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0041006D) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004791BE) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047A6A8) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047A6B0) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047A6B8) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00478BBD) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004D7A85) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004D7DDB) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00463600) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004CB4FD) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047DA6B) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0049607A) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00496087) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00496094) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0046F091) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004C9BE4) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00477B88) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00477FE5) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00478041) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0049E943) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004709AC) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00479143) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00479192) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047919C) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004791BC) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00584851) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0058485C) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004A6C9D) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00479048) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00479051) {
    			Sleep(10000);
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047905C) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00475AE1) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004CAE87) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00528461) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00408EC8) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00408E88) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047A6D8) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047A88A) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047A892) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047A89F) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00497380) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0046DD6C) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047926E) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047D1D2) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047D262) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047DAEF) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047ADA9) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047ADAE) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047ADB4) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0046DCD2) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0046DCDE) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0049738E) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004055C4) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0046CBC9) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004F2073) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004F2075) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004F207F) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00490E51) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004790EE) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00476CC0) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004750A4) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x00476CE1) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004771CB) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x004774DC) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    		if(0x90 == *(unsigned char*)0x0047667D) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    
    	}
    }
    For some reason only
    Code:
    if(0x90 == *(unsigned char*)0x0046D11E) {
    			TerminateProcess(GetCurrentProcess(), 0);
    		}
    is working, whenever i nop another address it doesn't terminate..
    Anyone can help me fix this?

  2. #2
    Registered User
    Join Date
    Dec 2006
    Location
    Scranton, Pa
    Posts
    252
    Perhaps it's all the 'ifs'. Try using if for the first if, then else if, else if, et cetera up to the last argument, then end with else.

    Probably not it, but I've run into some undefined behaviour using multiple if statements.

  3. #3
    Kernel hacker
    Join Date
    Jul 2007
    Location
    Farncombe, Surrey, England
    Posts
    15,677
    Perhaps you may want to consider a different approach: Use an array of addresses you want to monitor - that way you only need ONE if-statement and a for-loop.

    That makes the code easy to read and easy-to-read code is much easier to "help" with.

    I would also expect that if those are single NOP instructions, you are not likely to get hacked there. Someone hacking the code needs a block of NOP's to do anything useful. If you have blocks but only check one of the NOP's, what is there to prevent someone from using the other ones in the block?

    --
    Mats

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Extended ASCII Characters in an RTF Control
    By JustMax in forum C Programming
    Replies: 18
    Last Post: 04-03-2009, 08:20 PM
  2. Enforcing Machine Code Restrictions?
    By SMurf in forum Tech Board
    Replies: 21
    Last Post: 03-30-2009, 07:34 AM
  3. Obfuscated Code Contest
    By Stack Overflow in forum Contests Board
    Replies: 51
    Last Post: 01-21-2005, 04:17 PM
  4. Interface Question
    By smog890 in forum C Programming
    Replies: 11
    Last Post: 06-03-2002, 05:06 PM
  5. Replies: 0
    Last Post: 02-21-2002, 06:05 PM