Okeh Langsung Aj Tutorial Membuat File DLL Yyy....
[size=12][size="6"]Kali ini saya mencoba menyampaikan tutorial membuat file DLL untuk keperluan game hacking dengan menggunakan Visual C++ 2008 Express secara sederhana, nah ikuti cara dibawah untuk Tutorial Membuat File DLL ini:( Jujur saja , karena selama inikan kita copas, nah tiada salahnya kita belajar membuatnya sendiri OK)
Adapun software yang diperlukan sebagai berikut, yang belum punya silakan download di mbah google banyak
* Visual C++ 2008 Express Edition (free)
* Injector (Bebas)
Adapun target game yang ada dalam tutorial ini adalah Point Blank, dengan contoh hack misi mayor.
Silakan ikuti langkah-langah di bawah ini:
1. Jalankan Visual C++ 2008 Express Edition, buat sebuah project dengan cara akses menu File – New – Project atau dengan menekan tombol CTRL + SHIFT + N.
2. Pada jendela New Project, pilih Empty Project
(1) pada bagian Templates, kemudian pada kolom Name masukkan nama project
(2) dan klik tombol OK
3. Project telah berhasil dibuat. Pada bagian Solution Explorer, klik kanan pada nama project
(1), kemudian pilih menu Properties
4. Jendela project properties akan tampil. Pada tree menu sebelah kiri, pilih Configuration Properties
(1), kemudian bagian opsi Project Defaults, ubah opsi Configuration Type menjadi Dynamic Library (.dll)
(2), kemudian tekan tombol OK
(3) untuk melakukan perubahan.
5. Pada jendela Add New Item yang tampil, pada bagian templates pilih C++ File (.cpp) (1), beri nama ‘Main.cpp’
(2) pada bagian kolom Name, kemudian tekan tombol OK
6. Sebuah file bernama ‘Main.cpp’ berhasil dibuat. Silakan masukkan kode-kode di bawah ini pada file tersebut, kemudian simpan (save).
7. Berikutnya adalah membuat sebuah file bernama Main.cpp untuk memasukkan kode-kode utama, dengan cara pilih direktori Source Files
(1) pada bagian Solution Explorer, kemudian klik menu Project – Add New Item
(2) atau dengan menekan tombol CTRL + SHIFT + A.
Coding :
#define _CRT_SECURE_NO_WARNINGS#include 3windows.h3 ganti 3 dengan <......... >
#include 3tlhelp32.h3 ganti 3 dengan <......... >
// definisikan variable dengan ‘window title’, ‘window classname’ dan modul
char *pProcessWindowTitle = “Point Blank”;
char *pProcessWindowClass = “I3VIEWER”;
char *pProcessModuleName = “PointBlank.i3Exec”;
// etc…
UINT_PTR uipUserRankValue = 35; // major?
UINT_PTR uipUserPointsValue = 999999; // OMG!
UINT_PTR uiptrFinalRank, uiptrFinalPoints;
bool isInitMmhMemory = true;
DWORD dwProcessID;
UINT_PTR uipMmhBaseAddress;
HANDLE hProcess;
DWORD GetModuleBase(LPSTR lpModuleName, DWORD dwProcessId)
{
MODULEENTRY32 lpModuleEntry = {0};
HANDLE hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);
if(!hSnapShot)
return NULL;
lpModuleEntry.dwSize = sizeof(lpModuleEntry);
BOOL bModule = Module32First( hSnapShot, &lpModuleEntry );
while(bModule)
{
if(!strcmp( lpModuleEntry.szModule, lpModuleName ) )
{
CloseHandle(hSnapShot);
return (DWORD)lpModuleEntry.modBaseAddr;
}
bModule = Module32Next( hSnapShot, &lpModuleEntry );
}
CloseHandle( hSnapShot );
return NULL;
}
// DeRef() = credit L. Spiro (MHS)
UINT_PTR DeRef( UINT_PTR _uiptrPointer ) {
UINT_PTR uiptrRet;
if (!::ReadProcessMemory(hProcess, reinterpret_cast(_uiptrPointer), &uiptrRet, sizeof(uiptrRet), NULL)) { return 0UL; }
return uiptrRet;
}
// inisialisasi proses
void InitApplicationProcess()
{
bool isFindWindow = true;
HWND hWnd = NULL;
while(isFindWindow)
{
if((hWnd = FindWindowA(pProcessWindowClass, pProcessWindowTitle)) != NULL) // jika window ditemukan
{
isFindWindow = false;
}
Sleep(500);
}
GetWindowThreadProcessId(hWnd, &dwProcessID);
hProcess = OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_INFORMATION, FALSE, dwProcessID);
}
void MajorMissionHack()
{
if(isInitMmhMemory)
{
uipMmhBaseAddress = GetModuleBase(pProcessModuleName, dwProcessID);
// misal: pointer yang didapat = PointBlank.i3Exec+00471234 dengan offset 0xA12, tuliskan seperti di bawah!
uiptrFinalRank = DeRef(uipMmhBaseAddress + 0x4XXXXX) + 0xXXX; // User rank pointer – masked, untuk address & offset-nya.
uiptrFinalPoints = DeRef(uipMmhBaseAddress + 0x4XXXXX) + 0xXXX; // User points pointer – masked, untuk address & offset-nya.
isInitMmhMemory = false;
}
// WriteProcessMemory pada pointer ‘rank’, berikan nilai uipUserRankValue (35)
::WriteProcessMemory(hProcess, reinterpret_cast(uiptrFinalRank), &uipUserRankValue, sizeof(uipUserRankValue), NULL);
// WriteProcessMemory pada pointer ‘points’, berikan nilai uipUserPointsValue (999999) LOL!
::WriteProcessMemory(hProcess, reinterpret_cast(uiptrFinalPoints), &uipUserPointsValue, sizeof(uipUserPointsValue), NULL);
}
void LovelyLoopy()
{
// ok, berikan salam dulu!
MessageBox(0, “DLL berhasil di-inject. Lanjutkan!”, “Hello World”, MB_OK + MB_ICONASTERISK);
InitApplicationProcess();
while(1) // loop selamanya
{
if(GetAsyncKeyState(VK_F12)&1) // jika F12 ditekan
{
MajorMissionHack(); // panggil fungsi ‘MajorMissionHack()’
Sleep(500);
}
Sleep(1);
}
}
BOOL WINAPI DllMain(HMODULE hDll, DWORD dwReason, LPVOID lpReserved)
{
DisableThreadLibraryCalls(hDll);
if(dwReason == DLL_PROCESS_ATTACH)
{
CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)LovelyLoopy, NULL, NULL, NULL);
}
else if(dwReason == DLL_PROCESS_DETACH)
{
CloseHandle(hProcess);
}
return TRUE;
}
8. Jika kode sudah disimpan (save), langkah berikutnya adalah membentuk file DLL-nya dengan cara klik menu Build
– Build Solution atau dengan menekan tombol F7.
9. Setelah proses build solution, pada jendela Output akan menampilkan hasil dari proses compile/build tersebut, jika tidak ada kesalahan (error) berarti kode-kode sudah benar dan file DLL sudah terbentuk. Jika ternyata ada kesalahan (error), silakan periksa langkah-langkah sebelumnya jika ada yang terlewatkan.
10. Kemudian buka direktori tempat project anda disimpan, dalam tutorial ini ane simpan di direktori D:\!PROJECTS!\SukaSukaEnte dan buka direktori yang bernama Debug di dalamnya (sesuaikan letak direktori anda).Bisa kita lihat ada beberapa file yang terbentuk, namun yang kita perlukan hanyalah file yang berekstensi .dll, karena file tersebut yang akan kita injeksikan ke proses program/game.
Agar tidak membingungkan, sekaligus ane copy-kan file injector-nya (x1nject.exe) ke direktori tersebut. gambar 10
11. Kemudian jalankan injector (x1nject.exe), ubah pada kolom ‘What to inject’ dengan nama proses program/game, (contoh: PointBlank.exe), pada bagian ‘Add to injection list’ tambahkan file .dll yang telah kita buat dengan menekan tombol Browse dan cari pada direktori Debug project kita. Gambar 11
12. Star PB, Berikutnya kita coba hack misi mayor yang telah kita buat
(lihat fungsi LovelyLoopy() dan MajorMissionHack() pada kode untuk lebih jelas),
dengan menekan tombol F12 pada keyboard
NB:
1. Untuk melihat penjelasan gambar ss silahkan cari link ini :
http://www.ziddu.com/download/11576996/gambarbelajardll.rar.html
2. Pointer & offset pada fungsi MajorMissionHack( ) sengaja tidak tampilkan atau cari sendiri sendiri, Silakan dimodifikasi jika ingin menambahkan fungsi-fungsi lainnya (unlimited ammo, grenade dsb).
3. Jika tidak bisa running (no action) di OS Windows XP, ternyata ada kesalahan pada argumen fungsi API OpenProcess()
silakan jika anda menggunakan OS Windows XP, ubah kode pada bagian:
hProcess=OpenProcess(PROCESS_ALL_ACCESS|PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_INFORMATION, FALSE, dwProcessID);
Menjadi >>
hProcess=OpenProcess(PROCESS_VM_OPERATION|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_QUERY_INFORMATION, FALSE, dwProcessID);
4.Marilah kita belajar bersamaArgumen PROCESS_ALL_ACCESS hanya bisa dilakukan di OS Vista dan Windows 7, sementara di Windows XP tidak bisa.
nah sekarang Tutorial Cara Membuat Injector yyy...
[attachment=2303:Tutorial-Cara-Membuat-Injector.jpg]
[attachment=2303:Tutorial-Cara-Membuat-Injector.jpg]
Alat yang diperlukan untuk Tutorial Cara Membuat Injector :
- Microsoft Visual Basic 6 (VB6), bisa portable atau instalable, Agan bisa cari google....
Lebih disarankan memakai instalable karena lebih komplit khususnya jika
lebih pengen serius mendalami vb6 karena komponennya lebih lengkap,
tetapi portable pun ngga masalah kalau cuman membuat injector yg ada pada simplequickinjector.
Langkah-Langkah Tutorial Cara Membuat Injector:
A. First Of All – Project
buka vb6, saat pertama kali dibuka atau dijalankan akan muncul kotak
dialog, salah satunya standard exe, pilih standard exe dan klik open,
secara tidak langsung membuat project baru dengan 1 form.
Option Explicit
'Win 2k, ME, XP
Private Const GWL_EXSTYLE As Long = (-20)
Private Const WS_EX_LAYERED As Long = &H80000
Private Const LWA_ALPHA As Long = &H2
Private winHwnd As Long
Private NamaDll As String
Private Declare Function GetWindowLongA Lib "USER32" (ByVal hwnd As Long, _
ByVal nIndex As Long) As Long
Private Declare Function SetWindowLongA Lib "USER32" (ByVal hwnd As Long, _
ByVal nIndex As Long, _
ByVal dwNewLong As Long) As Long
Private Declare Function SetLayeredWindowAttributes Lib "USER32" (ByVal hwnd As Long, _
ByVal crey As Byte, _
ByVal bAlpha As Byte, _
ByVal dwFlags As Long) As Long
Private Sub silakandiedit()
'—————————————————————
' silakan diedit bagian kode dibawah ini
'—————————————————————
Me.Caption = "isisesukamu" 'pengaturan caption atau nama injector
Opacity 150, Me 'pengaturan transparent form MinVal = 20: MaxVal = 255
NamaDll = App.Path & "" & "suntix.dll" 'isikan nama library, contoh: suntix.dll
FileTarget = "PointBlank.exe"
Timer1.Interval = 20 'interval untuk timer
'—————————————————————-
End Sub
'fungsi transparent form
Private Sub Opacity(Value As Byte, _
Frm As Form)
Dim MaxVal As Byte
Dim MinVal As Byte
On Error GoTo ErrorHandler
MinVal = 20
MaxVal = 255
If Value > MaxVal Then
Value = MaxVal
End If
If Value < MinVal Then
Value = MinVal
End If
SetWindowLongA Frm.hwnd, GWL_EXSTYLE, GetWindowLongA(Frm.hwnd, GWL_EXSTYLE) Or WS_EX_LAYERED
SetLayeredWindowAttributes Frm.hwnd, 0, Value, LWA_ALPHA
ErrorHandler:
Exit Sub
End Sub
Private Sub Form_Load()
App.TaskVisible = False 'hidden aplikasi dari window taskmanager terserah mau true/false
'tetapi tidak hidden di process
'perintah menghindari aplikasi dijalankan 2 kali
'pada saat yg bersamaan
'—————————————-
If App.PrevInstance Then
End
End If
'—————————————-
silakandiedit '–> memanggil perintah pada –>> Private Sub silakandiedit()
End Sub
Private Sub Timer1_Timer()
winHwnd = FindWindow(vbNullString, "HSUpdate") 'mencari jendela hsupdate
If Not winHwnd = 0 Then 'jika ditemukan
NTProcessList 'deteksi process pointblank
InjectExecute (NamaDll) 'inject library
End 'tutup otomatis injector
Else 'jika tidak
Label1.Caption = "Waiting NamaGame…" 'sabar menanti
End If
End Sub
Private Sub Form_QueryUnload(Cancel As Integer, UnloadMode As Integer)
OpenURL "http://www.blogkamu", Me.hwnd
End Sub
tahap selanjutnya buat 3 modul, ingat modul atau modules bukan class.
berinama modul pertama dengan nama modinjection, modul kedua dengan
nama modprocess, dan modul ketiga dengan nama modbrowser. tambahkan
kode2 berikut pada masing2 modul.
Untuk Kode Injekson
Option Explicit
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, _
ByVal lpProcName As String) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long
Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, _
lpAddress As Any, _
ByVal dwSize As Long, _
ByVal fAllocType As Long, _
flProtect As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, _
ByVal lpBaseAddress As Any, _
lpBuffer As Any, _
ByVal nSize As Long, _
lpNumberOfBytesWritten As Long) As Long
Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal ProcessHandle As Long, _
lpThreadAttributes As Long, _
ByVal dwStackSize As Long, _
ByVal lpStartAddress As Any, _
ByVal lpParameter As Any, _
ByVal dwCreationFlags As Long, _
lpThreadID As Long) As Long
Private Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long)
Public Sub InjectDll(DllPath As String, _
ProsH As Long)
Dim DLLVirtLoc As Long
Dim DllLength As Long
Dim inject As Long
Dim LibAddress As Long
Dim CreateThread As Long
Dim ThreadID As Long
Dim Bla As VbMsgBoxResult
g_loadlibary:
LibAddress = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA")
If LibAddress = 0 Then
Bla = MsgBox("Can't find LoadLibrary API from kernel32.dll", vbYesNo, "ERROR")
If Bla = vbYes Then
GoTo g_loadlibary
Else 'NOT BLA…
Exit Sub
End If
End If
g_virutalallocex:
DllLength = Len(DllPath)
DLLVirtLoc = VirtualAllocEx(ProsH, 0, DllLength, &H1000, ByVal &H4)
If DLLVirtLoc = 0 Then
Bla = MsgBox("VirtualAllocEx API failed! – try again?", vbYesNo, "ERROR")
If Bla = vbYes Then
GoTo g_virutalallocex
Else 'NOT BLA…
Exit Sub
End If
End If
g_writepmemory:
inject = WriteProcessMemory(ProsH, ByVal DLLVirtLoc, ByVal DllPath, DllLength, vbNull)
If inject = 0 Then
Bla = MsgBox("Failed to Write DLL to Process! – try again?", vbYesNo, "ERROR")
If Bla = vbYes Then
GoTo g_writepmemory
Else 'NOT BLA…
Exit Sub
End If
End If
g_creatthread:
CreateThread = CreateRemoteThread(ProsH, ByVal 0, 0, ByVal LibAddress, ByVal DLLVirtLoc, 0, ThreadID)
If CreateThread = 0 Then
Bla = MsgBox("Failed to Create Thead! – try again?", vbYesNo, "ERROR")
If Bla = vbYes Then
GoTo g_creatthread
Else 'NOT BLA…
Exit Sub
End If
End If
MsgBox "Dll Injection Successful!", vbInformation, "Success"
End Sub
Public Sub InjectExecute(ByVal sFlDLL As String)
Dim lProcInject As Long
lProcInject = OpenProcess(PROCESS_ALL_ACCESS, 0, IdTargetOne)
If lProcInject > "0" Then
Call InjectDll(sFlDLL, lProcInject)
End If
Call CloseHandle(lProcInject)
End Sub
untuk kode untuk modprocess
Option Explicit
Public FileTarget As String
Public sFlDLL As String
Public IdTargetOne As Long
Private Const TH32CS_SNAPHEAPLIST As Long = &H1
Private Const TH32CS_SNAPPROCESS As Long = &H2
Private Const TH32CS_SNAPTHREAD As Long = &H4
Private Const TH32CS_SNAPMODULE As Long = &H8
Private Const TH32CS_SNAPALL As Double = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE)
Private Const MAX_PATH As Integer = 260
Public Const PROCESS_ALL_ACCESS As Long = &H1F0FFF
Private Type PROCESSENTRY32
dwSize As Long
cntUsage As Long
th32ProcessID As Long
th32DefaultHeapID As Long
th32ModuleID As Long
cntThreads As Long
th32ParentProcessID As Long
pcPriClassBase As Long
dwFlags As Long
szExeFile As String * MAX_PATH
End Type
Private Type MODULEENTRY32
dwSize As Long
th32ModuleID As Long
th32ProcessID As Long
GlblcntUsage As Long
ProccntUsage As Long
modBaseAddr As Long
modBaseSize As Long
hModule As Long
szModule As String * 256
szExePath As String * 260
End Type
Private Type THREADENTRY32
dwSize As Long
cntUsage As Long
th32ThreadID As Long
th32OwnerProcessID As Long
tpBasePri As Long
tpDeltaPri As Long
dwFlags As Long
End Type
Private Const THREAD_SUSPEND_RESUME As Long = &H2
Private hThread As Long
Private Declare Function CreateToolhelp32Snapshot Lib “kernel32″ (ByVal lFlags As Long, _
ByVal lProcessID As Long) As Long
Private Declare Function Module32First Lib “kernel32″ (ByVal hSnapShot As Long, _
uProcess As MODULEENTRY32) As Long
Private Declare Function lstrlen Lib “kernel32″ Alias “lstrlenA” (ByVal lpString As String) As Long
Private Declare Function GetFileTitle Lib “COMDLG32.DLL” Alias “GetFileTitleA” (ByVal lpszFile As String, _
ByVal lpszTitle As String, _
ByVal cbBuf As Integer) As Integer
Private Declare Function Thread32First Lib “kernel32.dll” (ByVal hSnapShot As Long, _
ByRef lpte As THREADENTRY32) As Boolean
Private Declare Function Thread32Next Lib “kernel32.dll” (ByVal hSnapShot As Long, _
ByRef lpte As THREADENTRY32) As Boolean
Public Declare Function OpenProcess Lib “kernel32″ (ByVal dwDesiredAccess As Long, _
ByVal bInheritHandle As Long, _
ByVal dwProcessId As Long) As Long
Private Declare Function TerminateProcess Lib “kernel32″ (ByVal hProcess As Long, _
ByVal uExitCode As Long) As Long
Public Declare Function FindWindow Lib “USER32″ Alias “FindWindowA” (ByVal Classname As String, _
ByVal WindowName As String) As Long
Private Declare Function PostMessage Lib “USER32″ Alias “PostMessageA” (ByVal hwnd As Long, _
ByVal wMsg As Long, _
ByVal wParam As Long, _
lParam As Any) As Long
Private Declare Function Process32First Lib “kernel32″ (ByVal hSnapShot As Long, _
uProcess As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib “kernel32″ (ByVal hSnapShot As Long, _
uProcess As PROCESSENTRY32) As Long
Public Declare Function CloseHandle Lib “kernel32″ (ByVal hObject As Long) As Long
Private Declare Function OpenThread Lib “kernel32.dll” (ByVal dwDesiredAccess As Long, _
ByVal bInheritHandle As Boolean, _
ByVal dwThreadId As Long) As Long
Private Declare Function ResumeThread Lib “kernel32.dll” (ByVal hThread As Long) As Long
Private Declare Function SuspendThread Lib “kernel32.dll” (ByVal hThread As Long) As Long
Public Function NTProcessList() As Long
Dim FileName As String
Dim ExePath As String
Dim hProcSnap As Long
Dim hModuleSnap As Long
Dim lProc As Long
Dim uProcess As PROCESSENTRY32
Dim uModule As MODULEENTRY32
On Error Resume Next
hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0&)
uProcess.dwSize = Len(uProcess)
lProc = Process32First(hProcSnap, uProcess)
Do While lProc
If uProcess.th32ProcessID <> 0 Then
hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, uProcess.th32ProcessID)
uModule.dwSize = Len(uModule)
Module32First hModuleSnap, uModule
If hModuleSnap > 0 Then
ExePath = StripNulls(uModule.szExePath)
FileName = GetFName(ExePath)
If FileTarget = FileName Then
IdTargetOne = uProcess.th32ProcessID
End If
End If
End If
lProc = Process32Next(hProcSnap, uProcess)
Loop
Call CloseHandle(hProcSnap)
Call CloseHandle(lProc)
On Error GoTo 0
End Function
Private Function StripNulls(ByVal sStr As String) As String
StripNulls = Left$(sStr, lstrlen(sStr))
End Function
Public Function GetFName(fn) As String
Dim f%, n%
GetFName = fn
f% = InStr(fn, “\”)
Do While f%
n% = f%
f% = InStr(n% + 1, fn, “\”)
Loop
If n% > 0 Then GetFName = Mid$(fn, n% + 1)
End Function
Private Function Thread32Enum(ByRef Thread() As THREADENTRY32, _
ByVal lProcessID As Long) As Long
Dim THREADENTRY32 As THREADENTRY32
Dim hThreadSnap As Long
Dim lThread As Long
On Error Resume Next
ReDim Thread(0) As THREADENTRY32
hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, lProcessID)
THREADENTRY32.dwSize = Len(THREADENTRY32)
If Thread32First(hThreadSnap, THREADENTRY32) = False Then
Thread32Enum = -1
Exit Function
Else
ReDim Thread(lThread) As THREADENTRY32
Thread(lThread) = THREADENTRY32
End If
Do
If Thread32Next(hThreadSnap, THREADENTRY32) = False Then
Exit Do
Else
lThread = lThread + 1
ReDim Preserve Thread(lThread)
Thread(lThread) = THREADENTRY32
End If
Loop
Thread32Enum = lThread
Call CloseHandle(hThreadSnap)
On Error GoTo 0
End Function
untuk kode untuk modbrowser
‘modul buka browser
Public Declare Function ShellExecute Lib “shell32.dll” Alias “ShellExecuteA” _
(ByVal hwnd As Long, _
ByVal lpOperation As String, _
ByVal lpFile As String, _
ByVal lpParameters As String, _
ByVal lpDirectory As String, _
ByVal nShowCmd As Long) As Long
Public Sub OpenURL(situs As String, sourceHWND As Long)
Call ShellExecute(sourceHWND, vbNullString, situs, vbNullString, vbNullString, 1)
End Sub
Nah tinggal agan memngembangkanya …dan tinggal masukan dllnya,
nah sekarang Tutorial Cara Bikin Trainer Sendiri
[attachment=2304:Bikin-Trainer-Blog.jpg]
siapin bahan bangunan y....
1.Buka dulu Cheat Engine 5.6.1
2.Buka PB
3.Star PB
4 Suspended dengan Cheat Engine 5.6.1
Kalau Agan belum tahu Cara Suspended Cheat Engine 5.6.1 bisa belajar
5.alt-tab y yg workk...
[attachment=2305.jpg]
setelah itu cari alamat ini
Spoiler http://www.ziddu.com...rainer.rar.html
- Microsoft Visual Basic 6 (VB6), bisa portable atau instalable, Agan bisa cari google....
Lebih disarankan memakai instalable karena lebih komplit khususnya jika
lebih pengen serius mendalami vb6 karena komponennya lebih lengkap,
tetapi portable pun ngga masalah kalau cuman membuat injector yg ada pada simplequickinjector.
Langkah-Langkah Tutorial Cara Membuat Injector:
A. First Of All – Project
buka vb6, saat pertama kali dibuka atau dijalankan akan muncul kotak
dialog, salah satunya standard exe, pilih standard exe dan klik open,
secara tidak langsung membuat project baru dengan 1 form.
Option Explicit
'Win 2k, ME, XP
Private Const GWL_EXSTYLE As Long = (-20)
Private Const WS_EX_LAYERED As Long = &H80000
Private Const LWA_ALPHA As Long = &H2
Private winHwnd As Long
Private NamaDll As String
Private Declare Function GetWindowLongA Lib "USER32" (ByVal hwnd As Long, _
ByVal nIndex As Long) As Long
Private Declare Function SetWindowLongA Lib "USER32" (ByVal hwnd As Long, _
ByVal nIndex As Long, _
ByVal dwNewLong As Long) As Long
Private Declare Function SetLayeredWindowAttributes Lib "USER32" (ByVal hwnd As Long, _
ByVal crey As Byte, _
ByVal bAlpha As Byte, _
ByVal dwFlags As Long) As Long
Private Sub silakandiedit()
'—————————————————————
' silakan diedit bagian kode dibawah ini
'—————————————————————
Me.Caption = "isisesukamu" 'pengaturan caption atau nama injector
Opacity 150, Me 'pengaturan transparent form MinVal = 20: MaxVal = 255
NamaDll = App.Path & "" & "suntix.dll" 'isikan nama library, contoh: suntix.dll
FileTarget = "PointBlank.exe"
Timer1.Interval = 20 'interval untuk timer
'—————————————————————-
End Sub
'fungsi transparent form
Private Sub Opacity(Value As Byte, _
Frm As Form)
Dim MaxVal As Byte
Dim MinVal As Byte
On Error GoTo ErrorHandler
MinVal = 20
MaxVal = 255
If Value > MaxVal Then
Value = MaxVal
End If
If Value < MinVal Then
Value = MinVal
End If
SetWindowLongA Frm.hwnd, GWL_EXSTYLE, GetWindowLongA(Frm.hwnd, GWL_EXSTYLE) Or WS_EX_LAYERED
SetLayeredWindowAttributes Frm.hwnd, 0, Value, LWA_ALPHA
ErrorHandler:
Exit Sub
End Sub
Private Sub Form_Load()
App.TaskVisible = False 'hidden aplikasi dari window taskmanager terserah mau true/false
'tetapi tidak hidden di process
'perintah menghindari aplikasi dijalankan 2 kali
'pada saat yg bersamaan
'—————————————-
If App.PrevInstance Then
End
End If
'—————————————-
silakandiedit '–> memanggil perintah pada –>> Private Sub silakandiedit()
End Sub
Private Sub Timer1_Timer()
winHwnd = FindWindow(vbNullString, "HSUpdate") 'mencari jendela hsupdate
If Not winHwnd = 0 Then 'jika ditemukan
NTProcessList 'deteksi process pointblank
InjectExecute (NamaDll) 'inject library
End 'tutup otomatis injector
Else 'jika tidak
Label1.Caption = "Waiting NamaGame…" 'sabar menanti
End If
End Sub
Private Sub Form_QueryUnload(Cancel As Integer, UnloadMode As Integer)
OpenURL "http://www.blogkamu", Me.hwnd
End Sub
tahap selanjutnya buat 3 modul, ingat modul atau modules bukan class.
berinama modul pertama dengan nama modinjection, modul kedua dengan
nama modprocess, dan modul ketiga dengan nama modbrowser. tambahkan
kode2 berikut pada masing2 modul.
Untuk Kode Injekson
Option Explicit
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, _
ByVal lpProcName As String) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long
Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, _
lpAddress As Any, _
ByVal dwSize As Long, _
ByVal fAllocType As Long, _
flProtect As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, _
ByVal lpBaseAddress As Any, _
lpBuffer As Any, _
ByVal nSize As Long, _
lpNumberOfBytesWritten As Long) As Long
Private Declare Function CreateRemoteThread Lib "kernel32" (ByVal ProcessHandle As Long, _
lpThreadAttributes As Long, _
ByVal dwStackSize As Long, _
ByVal lpStartAddress As Any, _
ByVal lpParameter As Any, _
ByVal dwCreationFlags As Long, _
lpThreadID As Long) As Long
Private Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long)
Public Sub InjectDll(DllPath As String, _
ProsH As Long)
Dim DLLVirtLoc As Long
Dim DllLength As Long
Dim inject As Long
Dim LibAddress As Long
Dim CreateThread As Long
Dim ThreadID As Long
Dim Bla As VbMsgBoxResult
g_loadlibary:
LibAddress = GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA")
If LibAddress = 0 Then
Bla = MsgBox("Can't find LoadLibrary API from kernel32.dll", vbYesNo, "ERROR")
If Bla = vbYes Then
GoTo g_loadlibary
Else 'NOT BLA…
Exit Sub
End If
End If
g_virutalallocex:
DllLength = Len(DllPath)
DLLVirtLoc = VirtualAllocEx(ProsH, 0, DllLength, &H1000, ByVal &H4)
If DLLVirtLoc = 0 Then
Bla = MsgBox("VirtualAllocEx API failed! – try again?", vbYesNo, "ERROR")
If Bla = vbYes Then
GoTo g_virutalallocex
Else 'NOT BLA…
Exit Sub
End If
End If
g_writepmemory:
inject = WriteProcessMemory(ProsH, ByVal DLLVirtLoc, ByVal DllPath, DllLength, vbNull)
If inject = 0 Then
Bla = MsgBox("Failed to Write DLL to Process! – try again?", vbYesNo, "ERROR")
If Bla = vbYes Then
GoTo g_writepmemory
Else 'NOT BLA…
Exit Sub
End If
End If
g_creatthread:
CreateThread = CreateRemoteThread(ProsH, ByVal 0, 0, ByVal LibAddress, ByVal DLLVirtLoc, 0, ThreadID)
If CreateThread = 0 Then
Bla = MsgBox("Failed to Create Thead! – try again?", vbYesNo, "ERROR")
If Bla = vbYes Then
GoTo g_creatthread
Else 'NOT BLA…
Exit Sub
End If
End If
MsgBox "Dll Injection Successful!", vbInformation, "Success"
End Sub
Public Sub InjectExecute(ByVal sFlDLL As String)
Dim lProcInject As Long
lProcInject = OpenProcess(PROCESS_ALL_ACCESS, 0, IdTargetOne)
If lProcInject > "0" Then
Call InjectDll(sFlDLL, lProcInject)
End If
Call CloseHandle(lProcInject)
End Sub
untuk kode untuk modprocess
Option Explicit
Public FileTarget As String
Public sFlDLL As String
Public IdTargetOne As Long
Private Const TH32CS_SNAPHEAPLIST As Long = &H1
Private Const TH32CS_SNAPPROCESS As Long = &H2
Private Const TH32CS_SNAPTHREAD As Long = &H4
Private Const TH32CS_SNAPMODULE As Long = &H8
Private Const TH32CS_SNAPALL As Double = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE)
Private Const MAX_PATH As Integer = 260
Public Const PROCESS_ALL_ACCESS As Long = &H1F0FFF
Private Type PROCESSENTRY32
dwSize As Long
cntUsage As Long
th32ProcessID As Long
th32DefaultHeapID As Long
th32ModuleID As Long
cntThreads As Long
th32ParentProcessID As Long
pcPriClassBase As Long
dwFlags As Long
szExeFile As String * MAX_PATH
End Type
Private Type MODULEENTRY32
dwSize As Long
th32ModuleID As Long
th32ProcessID As Long
GlblcntUsage As Long
ProccntUsage As Long
modBaseAddr As Long
modBaseSize As Long
hModule As Long
szModule As String * 256
szExePath As String * 260
End Type
Private Type THREADENTRY32
dwSize As Long
cntUsage As Long
th32ThreadID As Long
th32OwnerProcessID As Long
tpBasePri As Long
tpDeltaPri As Long
dwFlags As Long
End Type
Private Const THREAD_SUSPEND_RESUME As Long = &H2
Private hThread As Long
Private Declare Function CreateToolhelp32Snapshot Lib “kernel32″ (ByVal lFlags As Long, _
ByVal lProcessID As Long) As Long
Private Declare Function Module32First Lib “kernel32″ (ByVal hSnapShot As Long, _
uProcess As MODULEENTRY32) As Long
Private Declare Function lstrlen Lib “kernel32″ Alias “lstrlenA” (ByVal lpString As String) As Long
Private Declare Function GetFileTitle Lib “COMDLG32.DLL” Alias “GetFileTitleA” (ByVal lpszFile As String, _
ByVal lpszTitle As String, _
ByVal cbBuf As Integer) As Integer
Private Declare Function Thread32First Lib “kernel32.dll” (ByVal hSnapShot As Long, _
ByRef lpte As THREADENTRY32) As Boolean
Private Declare Function Thread32Next Lib “kernel32.dll” (ByVal hSnapShot As Long, _
ByRef lpte As THREADENTRY32) As Boolean
Public Declare Function OpenProcess Lib “kernel32″ (ByVal dwDesiredAccess As Long, _
ByVal bInheritHandle As Long, _
ByVal dwProcessId As Long) As Long
Private Declare Function TerminateProcess Lib “kernel32″ (ByVal hProcess As Long, _
ByVal uExitCode As Long) As Long
Public Declare Function FindWindow Lib “USER32″ Alias “FindWindowA” (ByVal Classname As String, _
ByVal WindowName As String) As Long
Private Declare Function PostMessage Lib “USER32″ Alias “PostMessageA” (ByVal hwnd As Long, _
ByVal wMsg As Long, _
ByVal wParam As Long, _
lParam As Any) As Long
Private Declare Function Process32First Lib “kernel32″ (ByVal hSnapShot As Long, _
uProcess As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib “kernel32″ (ByVal hSnapShot As Long, _
uProcess As PROCESSENTRY32) As Long
Public Declare Function CloseHandle Lib “kernel32″ (ByVal hObject As Long) As Long
Private Declare Function OpenThread Lib “kernel32.dll” (ByVal dwDesiredAccess As Long, _
ByVal bInheritHandle As Boolean, _
ByVal dwThreadId As Long) As Long
Private Declare Function ResumeThread Lib “kernel32.dll” (ByVal hThread As Long) As Long
Private Declare Function SuspendThread Lib “kernel32.dll” (ByVal hThread As Long) As Long
Public Function NTProcessList() As Long
Dim FileName As String
Dim ExePath As String
Dim hProcSnap As Long
Dim hModuleSnap As Long
Dim lProc As Long
Dim uProcess As PROCESSENTRY32
Dim uModule As MODULEENTRY32
On Error Resume Next
hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0&)
uProcess.dwSize = Len(uProcess)
lProc = Process32First(hProcSnap, uProcess)
Do While lProc
If uProcess.th32ProcessID <> 0 Then
hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPALL, uProcess.th32ProcessID)
uModule.dwSize = Len(uModule)
Module32First hModuleSnap, uModule
If hModuleSnap > 0 Then
ExePath = StripNulls(uModule.szExePath)
FileName = GetFName(ExePath)
If FileTarget = FileName Then
IdTargetOne = uProcess.th32ProcessID
End If
End If
End If
lProc = Process32Next(hProcSnap, uProcess)
Loop
Call CloseHandle(hProcSnap)
Call CloseHandle(lProc)
On Error GoTo 0
End Function
Private Function StripNulls(ByVal sStr As String) As String
StripNulls = Left$(sStr, lstrlen(sStr))
End Function
Public Function GetFName(fn) As String
Dim f%, n%
GetFName = fn
f% = InStr(fn, “\”)
Do While f%
n% = f%
f% = InStr(n% + 1, fn, “\”)
Loop
If n% > 0 Then GetFName = Mid$(fn, n% + 1)
End Function
Private Function Thread32Enum(ByRef Thread() As THREADENTRY32, _
ByVal lProcessID As Long) As Long
Dim THREADENTRY32 As THREADENTRY32
Dim hThreadSnap As Long
Dim lThread As Long
On Error Resume Next
ReDim Thread(0) As THREADENTRY32
hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, lProcessID)
THREADENTRY32.dwSize = Len(THREADENTRY32)
If Thread32First(hThreadSnap, THREADENTRY32) = False Then
Thread32Enum = -1
Exit Function
Else
ReDim Thread(lThread) As THREADENTRY32
Thread(lThread) = THREADENTRY32
End If
Do
If Thread32Next(hThreadSnap, THREADENTRY32) = False Then
Exit Do
Else
lThread = lThread + 1
ReDim Preserve Thread(lThread)
Thread(lThread) = THREADENTRY32
End If
Loop
Thread32Enum = lThread
Call CloseHandle(hThreadSnap)
On Error GoTo 0
End Function
untuk kode untuk modbrowser
‘modul buka browser
Public Declare Function ShellExecute Lib “shell32.dll” Alias “ShellExecuteA” _
(ByVal hwnd As Long, _
ByVal lpOperation As String, _
ByVal lpFile As String, _
ByVal lpParameters As String, _
ByVal lpDirectory As String, _
ByVal nShowCmd As Long) As Long
Public Sub OpenURL(situs As String, sourceHWND As Long)
Call ShellExecute(sourceHWND, vbNullString, situs, vbNullString, vbNullString, 1)
End Sub
Nah tinggal agan memngembangkanya …dan tinggal masukan dllnya,
nah sekarang Tutorial Cara Bikin Trainer Sendiri
[attachment=2304:Bikin-Trainer-Blog.jpg]
siapin bahan bangunan y....
1.Buka dulu Cheat Engine 5.6.1
2.Buka PB
3.Star PB
4 Suspended dengan Cheat Engine 5.6.1
Kalau Agan belum tahu Cara Suspended Cheat Engine 5.6.1 bisa belajar
5.alt-tab y yg workk...
[attachment=2305.jpg]
setelah itu cari alamat ini
Spoiler http://www.ziddu.com...rainer.rar.html
Sumber:Poin blue™
gan tutor injectornya gak jelas
BalasHapusCoba lihat gan di youtube.com
BalasHapusda bnyak kok video'a...