Any idea to create a new thread?

[LeYoHelix]

Hello everybody I'm back after a long time without programming and i wouldt try to create a hack ^^
But CreateThread is patched and detour FindWindow also. I've tried to manual map the DLL, but also xTrap.
I've tried CreateStealthThread, no xCrap but "Hacktool Detected"
Some idea to create a new thread without xcrap or "Hacktool Detected"?

LeYoHelix (previously CFHackerExtreme)

[Biesi]

You can either use _beginthreadex or hook a function (which is not creating a thread at all but enough to wait for the game to initialize)

 

Code:

void HookDispatchMessageA()
{
	DWORD dwAddressOfFunction = (DWORD)&DispatchMessageA;
	DWORD dwOldProtect = NULL;

	VirtualProtect(reinterpret_cast<void*>(dwAddressOfFunction), 5, PAGE_EXECUTE_READWRITE, &dwOldProtect);
	dwJumpBack = dwAddressOfFunction + 0x5;
	uint8_t bShellCode[] = "\xE9\x00\x00\x00\x00";
	*(DWORD*)(bShellCode + 0x1) = (DWORD)HookedDispatchMessageA - dwAddressOfFunction - 0x5;

	memcpy(reinterpret_cast<void*>(bDispatchMessageABackup), reinterpret_cast<void*>(dwAddressOfFunction), 5);
	memcpy(reinterpret_cast<void*>(dwAddressOfFunction), reinterpret_cast<void*>(bShellCode), 5);
	VirtualProtect(reinterpret_cast<void*>(dwAddressOfFunction), 5, dwOldProtect, NULL);
}

Code:

DWORD dwJumpBack = NULL;
_declspec(naked) void HookedDispatchMessageA()
{
	static bool bHookSetup = false;

	_asm
	{
		pushad
		pushfd
	}

	if (!bHookSetup && GetModuleHandle("CShell.dll") && GetModuleHandle("ClientFx.fxd"))
	{
		InitFlipScreenHook();
		bHookSetup = true;
	}

	_asm
	{
		popfd
		popad
		mov edi, edi
		push ebp
		mov ebp, esp
		jmp dwJumpBack
	}
}

[Nine11]

Do what biesi said. You can always use CreateThread, but you will need to exit your thread as soon as you are finished. For example, you can use CreateThread to call something that hooks endscene, a d3d function, then your base or what ever you need will be called from your detour hopefully. The only bad thing about this, is if your code takes alot of power to run, you will bog the thread down, that called your code. When I use endscene, I can go from a straight 60 fps to 40 fps sometimes lol

Edit: If your wondering why XTrap is detecting your hack minutes into the game, it is because it is scanning the games memory and threads, and doesn't do this until game has loaded. I'm guessing because they do not want your pc to lag even more while the game is loading.

[LeYoHelix]

Thank you Biesi & Nine11 I will try it!

[forlastpass]

1>------ Build started: Project: 1, Configuration: Release Win32 ------
1> 1.cpp
1>1.cpp(26): error C2065: 'dwJumpBack' : undeclared identifier
1>1.cpp(27): error C2065: 'uint8_t' : undeclared identifier
1>1.cpp(27): error C2146: syntax error : missing ';' before identifier 'bShellCode'
1>1.cpp(27): error C2065: 'bShellCode' : undeclared identifier
1>1.cpp(27): error C2059: syntax error : ']'
1>1.cpp(28): error C2065: 'bShellCode' : undeclared identifier
1>1.cpp(28): error C2065: 'HookedDispatchMessageA' : undeclared identifier
1>1.cpp(30): error C2065: 'bDispatchMessageABackup' : undeclared identifier
1>1.cpp(31): error C2065: 'bShellCode' : undeclared identifier
1>1.cpp(45): error C2664: 'HMODULE GetModuleHandleW(LPCWSTR)' : cannot convert argument 1 from 'const char [11]' to 'LPCWSTR'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>1.cpp(45): error C2664: 'HMODULE GetModuleHandleW(LPCWSTR)' : cannot convert argument 1 from 'const char [13]' to 'LPCWSTR'
1> Types pointed to are unrelated; conversion requires reinterpret_cast, C-style cast or function-style cast
1>1.cpp(47): error C3861: 'InitFlipScreenHook': identifier not found
========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ==========