Código PHP:
{
Versão: v.1.0
Autor: z0pe
}
library Imperyus;
uses
SysUtils,
Classes,
Windows,
Dialogs,
TLHelp32,
PsAPI,
Messages;
{$R *.res}
//var ThreadID: Dword;
function FinalizarJogo(sFile: String): Boolean;
var
verSystem: TOSVersionInfo;
hdlSnap,hdlProcess: THandle;
bPath,bLoop: Bool;
peEntry: TProcessEntry32;
arrPid: Array [0..1023] of DWORD;
iC: DWord;
k,iCount: Integer;
arrModul: Array [0..299] of Char;
hdlModul: HMODULE;
begin
Result := False;
if ExtractFileName(sFile)=sFile then
bPath:=false
else
bPath:=true;
verSystem.dwOSVersionInfoSize:=SizeOf(TOSVersionInfo);
GetVersionEx(verSystem);
if verSystem.dwPlatformId=VER_PLATFORM_WIN32_WINDOWS then
begin
hdlSnap:=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
peEntry.dwSize:=Sizeof(peEntry);
bLoop:=Process32First(hdlSnap,peEntry);
while integer(bLoop)<>0 do
begin
if bPath then
begin
if CompareText(peEntry.szExeFile,sFile) = 0 then
begin
TerminateProcess(OpenProcess(PROCESS_TERMINATE,false,peEnt​ry.th32ProcessID), 0);
Result := True;
end;
end
else
begin
if CompareText(ExtractFileName(peEntry.szExeFile),sFile) = 0 then
begin
TerminateProcess(OpenProcess(PROCESS_TERMINATE,false,peEnt​ry.th32ProcessID), 0);
Result := True;
end;
end;
bLoop := Process32Next(hdlSnap,peEntry);
end;
CloseHandle(hdlSnap);
end
else
if verSystem.dwPlatformId=VER_PLATFORM_WIN32_NT then
begin
EnumProcesses(@arrPid,SizeOf(arrPid),iC);
iCount := iC div SizeOf(DWORD);
for k := 0 to Pred(iCount) do
begin
hdlProcess:=OpenProcess(PROCESS_QUERY_INFORMATION or PROCESS_VM_READ,false,arrPid [k]);
if (hdlProcess<>0) then
begin
EnumProcessModules(hdlProcess,@hdlModul,SizeOf(hdlModul),i​C);
GetModuleFilenameEx(hdlProcess,hdlModul,arrModul,SizeOf(ar​rModul));
if bPath then
begin
if CompareText(arrModul,sFile) = 0 then
begin
TerminateProcess(OpenProcess(PROCESS_TERMINATE or PROCESS_QUERY_INFORMATION,False,arrPid [k]), 0);
Result := True;
end;
end
else
begin
if CompareText(ExtractFileName(arrModul),sFile) = 0 then
begin
TerminateProcess(OpenProcess(PROCESS_TERMINATE or PROCESS_QUERY_INFORMATION,False,arrPid [k]), 0);
Result := True;
end;
end;
CloseHandle(hdlProcess);
end;
end;
end;
end;
function Hack(exeFileName: string): Boolean;
var
ContinueLoop: BOOL;
FSnapshotHandle: THandle;
FProcessEntry32: TProcessEntry32;
begin
FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
FProcessEntry32.dwSize := SizeOf(FProcessEntry32);
ContinueLoop := Process32First(FSnapshotHandle, FProcessEntry32);
Result := False;
while Integer(ContinueLoop) <> 0 do
begin
if ((UpperCase(ExtractFileName(FProcessEntry32.szExeFile)) =
UpperCase(ExeFileName)) or (UpperCase(FProcessEntry32.szExeFile) =
UpperCase(ExeFileName))) then
begin
Result := True;
end;
ContinueLoop := Process32Next(FSnapshotHandle, FProcessEntry32);
end;
CloseHandle(FSnapshotHandle);
end;
procedure Finalize2;
begin
if Hack('Main.exe') then
begin
FinalizarJogo('Main.exe');
end;
if Hack('Open.exe') then
begin
FinalizarJogo('Open.exe');
end;
end;
//end;
procedure AntHack;
var
ThreadID2, Programa : DWORD;
begin
Programa := FindWindow(nil,'Form1');
while Programa > 0 do
begin
Sleep(2000);
if (FindWindow('Window',nil) > 0) or (Hack('cheatengine-i386.exe')) then
begin
CreateThread(nil,ThreadID2,@Finalize2,nil,ThreadID2,ThreadID2);
break;
end;
Sleep(2000);
if (FindWindow(nil,'Cheat Engine 6.2') > 0) or (Hack('cheatengine-i386.exe')) then
begin
CreateThread(nil,ThreadID2,@Finalize2,nil,ThreadID2,ThreadID2);
Break;
end;
Sleep(2000);
if (FindWindow(nil,'Cheat Engine 6.1') > 0) or (Hack('cheatengine-i386.exe')) then
begin
CreateThread(nil,ThreadID2,@Finalize2,nil,ThreadID2,ThreadID2);
Break;
end;
Sleep(2000);
if (FindWindow(nil,'Cheat Engine 6.0') > 0) or (Hack('cheatengine-i386.exe')) then
begin
CreateThread(nil,ThreadID2,@Finalize2,nil,ThreadID2,ThreadID2);
Break;
end;
Sleep(2000);
if (FindWindow(nil,'Cheat Engine 5.6.1') > 0) or (Hack('cheatengine-i386.exe')) then
begin
CreateThread(nil,ThreadID2,@Finalize2,nil,ThreadID2,ThreadID2);
Break;
end;
Sleep(2000);
if (FindWindow('OLLYDBG',nil) > 0) or (Hack('OLLYDBG.EXE')) then
begin
CreateThread(nil,ThreadID2,@Finalize2,nil,ThreadID2,ThreadID2);
Break;
end;
Sleep(2000);
if (FindWindow(nil,'Autostart And Process Viewer:www.konrado.com') > 0) or (Hack('autostart_and_process_viewer.exe')) then
begin
CreateThread(nil,ThreadID2,@Finalize2,nil,ThreadID2,ThreadID2);
Break;
end;
Sleep(2000);
if (FindWindow('PROCEXPL',nil) > 0) or (Hack('Sigma Explorer.exe')) then
begin
CreateThread(nil,ThreadID2,@Finalize2,nil,ThreadID2,ThreadID2);
Break;
end;
end;
end;
procedure hook(target, newfunc:pointer);
var
jmpto:dword;
OldProtect: Cardinal; // old protect in memory
begin
jmpto:=dword(newfunc)-dword(target)-5;
VirtualProtect(target, 5, PAGE_EXECUTE_READWRITE, @OldProtect);
pbyte(target)^:=$e9;
pdword(dword(target)+1)^:=jmpto;
end;
var
ThreadID3: DWORD;
procedure myLdrLoadDll(PathToFile:PAnsiChar; Flags:variant; ModuleFileName:PAnsiChar; var ModuleHandle:THandle);
begin
CreateThread(nil,ThreadID3,@Finalize2,nil,ThreadID3,ThreadID3);
ModuleHandle:=0;
end;
procedure AntDLL;
var
Programa1 : DWORD;
begin
Programa1:= FindWindow(nil,'Main');
while Programa1 > 0 do
begin
Hook(GetProcAddress(GetModuleHandle('ntdll.dll'), 'LdrLoadDll'), @myLdrLoadDll);
Break;
end;
end;
var
ThreadID,ThreadID2:DWORD;
begin
CreateThread(nil,ThreadID2,@AntDLL,nil,ThreadID2,ThreadID2);
CreateThread(nil,ThreadID,@AntHack,nil,ThreadID,ThreadID);
end.
