[juan81]

hello,

i have some little problem here.

Code: Select all

Procedure WMPos(T:pointer;Isi:array of byte;Jum:DWORD);
var i:byte;
    oldprotection:cardinal;
begin
  if IsBadWritePtr(T,jum)=false then
   begin
//     showmessage(inttohex(DWORD(T),4));
     VirtualProtect(T,jum,PAGE_EXECUTE_READWRITE, OldProtection);
     for i := 0 to jum-1 do
     begin
        pbyte(Dword(T)+i)^:=isi[i];
     end;
     VirtualProtect(T,jum,OldProtection,  OldProtection);
   end;
end;

how to make it writeable in T, because i remark isBadWritePtr is AccessViolation... that code for some game with hackshield protect.. but i think it's not kernelmode because i use old .exe can change in address T...
sorry my newbie question..
regard,

[EP_X0FF]

If the application is run under a debugger and the process does not have write access to all bytes in the specified memory range, the function causes a first chance STATUS_ACCESS_VIOLATION exception. The debugger can be configured to break for this condition. After resuming process execution in the debugger, the function continues as usual and returns a nonzero value. This behavior is by design and serves as a debugging aid.

[juan81]

it is not debugger mode but dll injected. i have tried with kernel detective change that value, it's work and no erorr found... but hackshield detect kerneldetective driver >,,<

area 00000000-7FFFFFFF and memory region at dll not main program...

i have tried with old exe it's fine can change everywhere... >,<

how to change memory STATUS_ACCESS_VIOLATION in user mode?

[Vrtule]

Hm, I somewhat don't understand what is goin on. Or what you are trying to achieve.

[juan81]

that procedure i want to call in a game in my dll injected...

Code: Select all

   wmpos(Pointer($444444),[$90,$90],2); // <- i call from my dll just nop JE short 
  

virtualprotect not hook kernel mode in hackshield i have saw it because i use old application did'nt show an error...

isbadwriteptr always false, if i mark
virtualprotect is not fail but i change value to $90 access violation...

how to change on that memory $444444 in user mode..

[EP_X0FF]

What is the memory region this (base address, size)? And what's it's protection?

[Fyyre]

hackshield sucks. just disable before it loads, problem solve self. communicate with gameserver easily emulated...

that procedure i want to call in a game in my dll injected...

Code: Select all

   wmpos(Pointer($444444),[$90,$90],2); // <- i call from my dll just nop JE short 
  

virtualprotect not hook kernel mode in hackshield i have saw it because i use old application did'nt show an error...

isbadwriteptr always false, if i mark
virtualprotect is not fail but i change value to $90 access violation...

how to change on that memory $444444 in user mode..

[juan81]

i have solutions without disable hackshield.. thx for replay..
ok i will learn about communicate with server... for disable it, it's long ago succesfully but for communicate >,< just really hard bit ^^ >,.<..

[juan81]

What is the memory region this (base address, size)? And what's it's protection?

03453450 size only 2.. i don't know my IsBadWritePtr always true on that address.. i force virtualprotect and change it to $90 $90 = Nop Access Violation >,<

[EP_X0FF]

03453450 size only 2..

This can't be region _base_ and region size. Get a memory map and look which region owns 03453450.