DLL injection preventer

Question

0.00/5 (No votes)

See more:

hi everyone, i'm wondering how can i intercept a dll injection? I want this for blocking game cheat.So if u can help me with some code, how to do this write a post.
Thanx in advance.

Posted 17-Jul-11 1:15am

Mr.B0ne

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Espen Harlinn · Accepted Answer · 2011-07-17T02:10:00

Solution 2

Nothing short of a rootkit can prevent a programmer from loading dll's into another process on his machine - and a good programmer can circumvent that too.

I'm fairly certain that this is not the best way to solve your problem. If this is for an online solution, cheating should be prevented by the server, not by the client.

Best regards
Espen Harlinn

Posted 17-Jul-11 2:10am

Espen Harlinn

Comments

thatraja 17-Jul-11 8:40am

True fact, 5!

Espen Harlinn 17-Jul-11 8:42am

Thank you, thatraja :)

Mr.B0ne 17-Jul-11 14:10pm

Ok Esper, but this is possible to prevent cheaters inject on games the hacks, and i saw that my Kaspersly firewall don't alow this cheats to be injected.Like i said
it's posible but i don't know where to start.

Espen Harlinn 17-Jul-11 14:37pm

As long as I have administrative rights, I'm fairly certain that I could load a dll into just about any process, including the kernel. I would also be able to monitor and alter any communication between a process on my computer and a server. To prevent cheating you will have to run some part of your game outside my reach. I'm not saying that it would be trivial, only that I can do it if I'm motivated enough.

Mr.B0ne 17-Jul-11 16:28pm

Yeah, but this program that i want i want to be like sxe-injected client/server aplication , end without this aplication not to be able to play.I guess u understand, and if u load a process in game the program will exit you're game or restart with a message.It is posible, like my Kaspersky is do this i mean is blocking every dll to be injected like i saw, i can't play with cheats if i have the kaspersky firewall on.Can u help me to do this?

Sergey Alexandrovich Kryukov 18-Jul-11 3:50am

Agree, a 5.
--SA

Espen Harlinn 18-Jul-11 6:16am

Thank you, SAKryukov!

Mr.B0ne 18-Jul-11 6:53am

Ok Espen, thank you for nothing.

«_Superman_» · Accepted Answer · 2011-07-17T03:14:00

Solution 3

I'm just thinking aloud here.
How about getting all code segments and doing a checksum or checking all code segment sizes.

Posted 17-Jul-11 3:14am

«_Superman_»

Updated 17-Jul-11 3:15am

v2

Comments

Espen Harlinn 17-Jul-11 9:23am

You're thinking about continously scanning the process for loaded dll's - then analyze each of them? If you could get it to work, I'd guess that would be fairly likely to fail at the next Windows update ... while probably not impossible - I'd guess you'll run up a fair maintenance bill ... still interesting thought. If you could sell the concept, you'll make a bundle on support - so my 5

«_Superman_» 17-Jul-11 9:25am

:o)

Mohibur Rashid 17-Jul-11 11:17am

Interestingly,

If you want to verify something you will have to have an standard to verify.

That you if you want to verify a string you must have to compare it with other string. got the point?

By the way, when you say cheating in game.. i am not a game developer, but i am sure that developer create cheating point intentionally for testing. and the trainer that crack the runtime issues like "Cash", "Character health" etc, they are not injected into dll, they run independently and change the specific memory.,

Mr.B0ne 17-Jul-11 14:13pm

I want to prevent the user to inject a dll in a specfic process.Just intercept that process and block it, and after that restart the specific aplication.
I don't know how to make this happen so that is why i came to this comunity like a saw so many tutorials/source code here.Thanx everyone for trying to help me, but i still wait for a way to do what i want.

Mohibur Rashid 17-Jul-11 23:00pm

Do you have the injected process already? or are you talking about future?

Mr.B0ne 18-Jul-11 6:51am

Most cheats inject a process in the hl.exe whatever.That i want to prevent to be happened.Get it?