Как сделать чит в ЕХЕ и как сделать инжектор

ПЕРВАЯ ТЕМА


1.) Скачиваем Microsoft Visual Basic 2008 Express , или Microsoft Visual Basic 2010 Express
2.) Создайте новый проект : Windows Forms Application (В видео показано как Создать!)
3.) Создайте:

5 Buttons
2 Radiobuttons
5 Labels
1 Listboxes
1 Timers
1 OpenFileDialog
1 Checkbox
1 Textbox

4.)Переименовываем:

Button1 = "Открыть DLL"
Button2 = "Удалить"
Button3 = "Удалить всё"
Button4 = "Инжект"
Button5 = "Выход"
RadioButton1 = "Ручное"
RadioButton2 = "Автоматическое"
Label1 = “Процесс.exe: "
Label2 = " Waiting for Program to Start...”
Label3 = "После внедрения:”
Label4 = "Добавить DLL:”
Label5 = “Режим:"
CheckBox1 = "Закрыть инжектор"
TextBox1 = Не нужно не чего тут переименновывать!
OpenFileDialog1 = “OpenFile”

5.)Вставляем код:
Правой кнопкой жмём вставить код и вставляем код ,Сначала удаляем прошлый код и вставляем
новый наш

Public Class Form1
Private TargetProcessHandle As Integer
Private pfnStartAddr As Integer
Private pszLibFileRemote As String
Private TargetBufferSize As Integer

Public Const PROCESS_VM_READ = &H10
Public Const TH32CS_SNAPPROCESS = &H2
Public Const MEM_COMMIT = 4096
Public Const PAGE_READWRITE = 4
Public Const PROCESS_CREATE_THREAD = (&H2)
Public Const PROCESS_VM_OPERATION = (&H8)
Public Const PROCESS_VM_WRITE = (&H20)
Dim DLLFileName As String
Public Declare Function ReadProcessMemory Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpBaseAddress As Integer, _
ByVal lpBuffer As String, _
ByVal nSize As Integer, _
ByRef lpNumberOfBytesWritten As Integer) As Integer

Public Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" ( _
ByVal lpLibFileName As String) As Integer

Public Declare Function VirtualAllocEx Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpAddress As Integer, _
ByVal dwSize As Integer, _
ByVal flAllocationType As Integer, _
ByVal flProtect As Integer) As Integer

Public Declare Function WriteProcessMemory Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpBaseAddress As Integer, _
ByVal lpBuffer As String, _
ByVal nSize As Integer, _
ByRef lpNumberOfBytesWritten As Integer) As Integer

Public Declare Function GetProcAddress Lib "kernel32" ( _
ByVal hModule As Integer, ByVal lpProcName As String) As Integer

Private Declare Function GetModuleHandle Lib "Kernel32" Alias "GetModuleHandleA" ( _
ByVal lpModuleName As String) As Integer

Public Declare Function CreateRemoteThread Lib "kernel32" ( _
ByVal hProcess As Integer, _
ByVal lpThreadAttributes As Integer, _
ByVal dwStackSize As Integer, _
ByVal lpStartAddress As Integer, _
ByVal lpParameter As Integer, _
ByVal dwCreationFlags As Integer, _
ByRef lpThreadId As Integer) As Integer

Public Declare Function OpenProcess Lib "kernel32" ( _
ByVal dwDesiredAccess As Integer, _
ByVal bInheritHandle As Integer, _
ByVal dwProcessId As Integer) As Integer

Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" ( _
ByVal lpClassName As String, _
ByVal lpWindowName As String) As Integer

Private Declare Function CloseHandle Lib "kernel32" Alias "CloseHandleA" ( _
ByVal hObject As Integer) As Integer


Dim ExeName As String = IO.Path.GetFileNameWithoutExtension(Application.ExecutablePath)
Private Sub Inject()
On Error GoTo 1 ' If error occurs, app will close without any error messages
Timer1.Stop()
Dim TargetProcess As Process() = Process.GetProcessesByName(TextBox1.Text)
TargetProcessHandle = OpenProcess(PROCESS_CREATE_THREAD Or PROCESS_VM_OPERATION Or PROCESS_VM_WRITE, False, TargetProcess(0).Id)
pszLibFileRemote = OpenFileDialog1.FileName
pfnStartAddr = GetProcAddress(GetModuleHandle("Kernel32"), "LoadLibraryA")
TargetBufferSize = 1 + Len(pszLibFileRemote)
Dim Rtn As Integer
Dim LoadLibParamAdr As Integer
LoadLibParamAdr = VirtualAllocEx(TargetProcessHandle, 0, TargetBufferSize, MEM_COMMIT, PAGE_READWRITE)
Rtn = WriteProcessMemory(TargetProcessHandle, LoadLibParamAdr, pszLibFileRemote, TargetBufferSize, 0)
CreateRemoteThread(TargetProcessHandle, 0, 0, pfnStartAddr, LoadLibParamAdr, 0, 0)
CloseHandle(TargetProcessHandle)
1: Me.Show()
End Sub

Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
DLL.Name = "DLL"
Button1.Text = "Открыть DLL"
Label2.Text = "Waiting for Program to Start..."
Timer1.Interval = 50
Timer1.Start()
End Sub

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
OpenFileDialog1.Filter = "DLL (*.dll) |*.dll"
OpenFileDialog1.ShowDialog()
End Sub

Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
For i As Integer = (DLL.SelectedItems.Count - 1) To 0 Step -1
DLL.Items.Remove(DLL.SelectedItems(i))
Next
End Sub

Private Sub Button3_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button3.Click
DLL.Items.Clear()
End Sub

Private Sub Button4_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button4.Click
If IO.File.Exists(OpenFileDialog1.FileName) Then
Dim TargetProcess As Process() = Process.GetProcessesByName(TextBox1.Text)
If TargetProcess.Length = 0 Then

Me.Label2.Text = ("Waiting for " + TextBox1.Text + ".exe")
Else
Timer1.Stop()
Me.Label2.Text = "Successfully Injected!"
Call Inject()
If CheckBox1.Checked = True Then
End
Else
End If
End If
Else
End If

End Sub

Private Sub Button5_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button5.Click
Me.Close()
End Sub

Private Sub RadioButton1_CheckedChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles RadioButton1.CheckedChanged
Button4.Enabled = True
Timer1.Enabled = False
End Sub

Private Sub RadioButton2_CheckedChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles RadioButton2.CheckedChanged
Button4.Enabled = False
Timer1.Enabled = True
End Sub

Private Sub Timer1_Tick(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Timer1.Tick
If IO.File.Exists(OpenFileDialog1.FileName) Then
Dim TargetProcess As Process() = Process.GetProcessesByName(TextBox1.Text)
If TargetProcess.Length = 0 Then

Me.Label2.Text = ("Waiting for " + TextBox1.Text + ".exe")
Else
Timer1.Stop()
Me.Label2.Text = "Successfully Injected!"
Call Inject()
If CheckBox1.Checked = True Then
End
Else
End If
End If
Else
End If
End Sub

Private Sub OpenFileDialog1_FileOk(ByVal sender As System.Object, ByVal e As System.ComponentModel.CancelEventArgs) Handles OpenFileDialog1.FileOk
Dim FileName As String
FileName = OpenFileDialog1.FileName.Substring(OpenFileDialog1.FileName.LastIndexOf("\"))
Dim DllFileName As String = FileName.Replace("\", "")
Me.DLL.Items.Add(DllFileName)
End Sub
End Class

Вставляем картинку, значёк.


7.)Выделяем “Автоматическое”и”Закрыть инжектор”и ставим False где написано “Checked”
Нажимаем на Плей
8.)Сохраняем!
Сохраняем

ВОТ ВИДЕО 2 ЧАСТИ:
1 часть:
2 часть:

ВТОРАЯ ТЕМА

Краткая заметка о том, как сделать свой чит в ЕХЕ-формате без всякид Dll и инжекторов. Статья для тех, кто шарит, ничего готового я давать не буду.
Опустим глупые предисловия и прочую шелуху. У вас есть чит в Dll, и вы хотите запихнуть его в ЕХЕ, чтобы было как у меня к примеру.

1)Создаем проект на шарпе. Делаем красивую мордашку ему, расставляем кнопки и надписи.
2)Заходим в свойства проекта.


3)Переходим во вкладку ресурсы.


4)Перетаскиваем в белую область ваш чит. В моем случае это minizm.dll
5) В коде обьявим переменную, которая будет содержать путь до файла и его имя.

string dll_name = Environment.GetFolderPath(Environment.SpecialFolder.InternetCache) + "\\fgghrr.dll";

Этим кодом мы указываем что dll будет распакована в папке, где хранится интернет кэш, и будет иметь имя fgghrr.dll
6)Распаковываем нашу dll

FileStream fs = new FileStream(dll_name, FileMode.Create);
fs.Write(Properties.Resources.minizm, 0, Properties.Resources.minizm.Length);
fs.Close();

7)Ждем появления процесса игры.
8)Ижектируем DLL. Вот пример функции инжекта найденной в инете.

public static bool InjectDLL(Process process, String strDLLName)
{
IntPtr hProcess = OpenProcess(ProcessAccessFlags.All, false, process.Id);
if (hProcess == null)
{
return false;
}
IntPtr bytesout;

// Length of string containing the DLL file name +1 byte padding
Int32 LenWrite = strDLLName.Length + 1;
// Allocate memory within the virtual address space of the target process
IntPtr AllocMem = (IntPtr)VirtualAllocEx(hProcess, (IntPtr)null, (uint)LenWrite, 0x3000, (uint)Protection.PAGE_READWRITE); //allocation pour WriteProcessMemory
uint tmp;
VirtualProtect(AllocMem, (uint)LenWrite, (uint)Protection.PAGE_READWRITE, out tmp);
// Write DLL file name to allocated memory in target process
WriteProcessMemory(hProcess, AllocMem, strDLLName, (UIntPtr)LenWrite, out bytesout);
// Function pointer "Injector"
UIntPtr Injector = (UIntPtr)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");

if (Injector == null)
{
MessageBox.Show(" Injector Error! \n ");
// return failed
return false;
}

// Create thread in target process, and store handle in hThread

UIntPtr tmpptr;
IntPtr hThread = (IntPtr)CreateRemoteThread(hProcess, (IntPtr)null, 0, Injector, AllocMem, 0, out tmpptr);

// Make sure thread handle is valid
if (hThread == null)
{
//incorrect thread handle ... return failed
// MessageBox.Show(" hThread [ 1 ] Error! \n ");
return false;
}
// Time-out is 10 seconds...
int Result = WaitForSingleObject(hThread, 3000);
// Check whether thread timed out...
if (Result == 0x00000080L || Result == 0x00000102L || Result == 0xFFFFFFFF)
{
/* Thread timed out... */
// MessageBox.Show(" hThread [ 2 ] Error! \n ");
// Make sure thread handle is valid before closing... prevents crashes.
if (hThread != null)
{
//Close thread in target process
CloseHandle(hThread);
}
return false;
}
// Sleep thread for 1 second
System.Threading.Thread.Sleep(100);
// Clear up allocated space ( Allocmem )
VirtualFreeEx(hProcess, AllocMem, (UIntPtr)0, 0x8000);
// Make sure thread handle is valid before closing... prevents crashes.
if (hThread != null)
{
//Close thread in target process
CloseHandle(hThread);
}
CloseHandle(hProcess);
// return succeeded
return true;
}


На этом пока все. Удачного компилирования!!!

КОМУ НЕ ЖАЛКО СТАВЬТЕ СЯПКУ ДЛЯ ВАС СТАРАЛСЯ

 

норм все падробно спс