Memory Hacking Software

[Synsia]

I was wondering how this function in MHS actually works. It executes my injected code without issues, but when I attempt this with my own code, the target process either crashes or just exits.

I'm trying call a game function that is responsible for sending packets, and, for that I allocate memory in the process for my buffer, write to it, allocate and write my code, execute code with CreateRemoteThread and finally freeing. I've already used this method in a different game and it worked flawlessly.

Care to enlighten me?

[L. Spiro]

MHS uses an injected DLL.
It sends the address of the function it wishes to call and all of the call parameters, including the actual function parameters, the call type, etc., to a function in the DLL which then calls the desired function in the desired manner, pushing the correct number of parameters onto the stack, popping them off in the case of __cdecl, etc.

In order to guarantee stability, it calls the desired function within a try/catch block, so no matter what happens the target process will not crash.

MHS source code is available in the General section of this forum.


L. Spiro

[Synsia]

Alright, thanks.

I haven't been able to track down the cause of the crashes yet, though for some reason it works if I call the function from an injected DLL using inline asm (not using an EH).