program to detect h00ks/detours/hijacked functions

Recommended Posts

nuclear123    119
im curious as to how this can be done? say i wanted to make a program that will then scan for hooks made by a program! any advice/knowledge would be greatfull on where to start or how i could perform such a task!

hook/detour/hijacked function

Share on other sites
Anddos    588
I remember using a program called hook shark , search that on google

Share on other sites
Atrix256    539
it isn't exactly what you asked for, but a good way to detect if people are screwing with your memory is to have important variables defined in several places and make sure every so often that they are all equal to each other.

For instance you could have 3 variables holding the player's health, stored in different areas of memory.

Every time your program changed the health, it could change all 3 places.

Then, every so many game loops you could check that all 3 places match up to the same value.

To get trickier, you could do things like semi-encrypt the data in each place and "unencrypt" for the comparison. Just be careful that your "encryption" is reversable 100% of the way. If you divide a number by 2 to "encrypt" it, then later multiply it by 2 to see if it's the right number, you have lost data in the division, even with floating point numbers.

You might do something like this (assuming ints) for your 3 health variables.. (pseudocode)

Writing:

void SetHealth(int NewHealth){  Health = NewHealth;  SecureHealth1 = NewHealth + 20;  SecureHealth2 = NewHealth ^ 42;}

Verifying:

bool HealthHasBeenTamperedWith(void){  return (Health != SecureHealth1 - 20) || (Health != SecureHealth2 ^ 42);}

Doing this sort of thing can help thwart people who try to edit memory while the game is running to do cheats that way.

Share on other sites
nuclear123    119
thanks for the usefull insight :)! as for hookshark yes i've heard of this...i just doubt i have the sufficient knowledge to reverse it to understand how it works :(. If any others have advice/info plz let me know -thx