Memory Hacking Software

Hi L. Spiro, Thanks for Great Work!
The Self Modifyng of this soft is great ^^

I'm started in forum now.
and i'm here for my frist sugestion...

Is This:

-Unhook Api calls in Kernel mode. (Like SDDT Restore)

For example, xTRAP hook apis call for block some funntions in system.
For exemplo Keyboard events in user32, libs.
U Can Unhook this calls, int ring0, using one DRIVER/Rootkit. its great.
A Have code examples IF u need. only PM.

Thakns for great work!

MHS already gives you the tools you need to find and remove hooks.
The hooked SSDT/SDT functions are shown for you in the Disassembler Helper window and scripts can be used to restore them and any other hooks in place.


L. Spiro

Thanks!
I Go read about the scripts.

I'm seeing WriteVirtualMemory, and ReadVirtualMemory hooked....
This is probably used by MHS....
It Hooks if before anti-cheat try to hook?
If Yes, can u say to me a list of hooked by MHS and when?

ps: only for don't unhook wrong calls... =P

MHS does not hook anything.
Any hooks you see are caused by other software.


Use ReadLocalMemory() and WriteLocalMemory() to read and write kernel RAM without being stopped by anti-cheat hooks.


L. Spiro

Great.
I Have one exemple of script code to unhook calls of anti-cheats?

Currently, i'm trying to use one SendKeys() Function with XTRAP opened.
I Cant unpack it, my asm knowledge is low to unpack themida ¬¬
Trying to Bypass hooks. for exemple to use this funciton.
If u have one script code exemple to uses as referente will be welcome

^^

There is a script in the help file that lists all hooks outside of the SSDT/SDT.

Once you find a hook, either in the SSDT/SDT using the Disassembler or anywhere else in kernel using the script, you can make note of the actual bytes that should be there when the hook does not exist.

You can patch the hook by writing the original bytes over the hook.
There is no need for an example for this. It is a simple WriteLocalMemory() call.


L. Spiro

Great, problem solved!
I can do this now.



TY