Anticheat - Page 2

Twilight Suzuka · 01-18-2006 , 13:49

Yes, yes, that is all well and good, but how do you prevent injection?

DPAKOH · 01-19-2006 , 10:12

I hook somy kernel mode functions which calls by all injectors.

Twilight Suzuka · 01-19-2006 , 13:10

What about indirect patching, hooking, and redirection of function calls?

DPAKOH · 01-21-2006 , 04:12

Yes, I use this methods how user-mode protection.

And one dummy problem: I can't change AMXX script parameters which sends by reference:

Module:

Code:

// native acprotection_get_status_ex(userid, &ac_mj_ver, &av_mn_ver)
static cell AMX_NATIVE_CALL acprotection_get_status_ex(AMX *amx, cell *params) 
{
	StatusInfo info;
	DBG_PRINT_MSG("acprotection_get_status_ex called for userid %u", params[1]);
	DWORD ret = GetStatusValueEx(params[1], &info);
	DBG_PRINT_MSG("acprotection_get_status_ex return 0x%X, mj: %u, mn: %u", ret, info.ac_mj_ver, info.ac_mn_ver);

	params[2] = 2;
	params[3] = 6;

	return ret;
}

Script:

Code:

new mj_ver, mn_ver, status
status = acprotection_get_status_ex(userid, mj_ver, mn_ver)
console_print(id,"PLAYER STATUS: name('%s'), status(%s), ver(%d.%d)", name, status_text, mj_ver, mn_ver)

And I always have ver(0.0).
What is it?

Freecode · 01-21-2006 , 15:37

pass them by reference not return

DPAKOH · 01-21-2006 , 15:58

I don't understand

Because I wrote this:

Code:

acprotection_get_status_ex(userid, &ac_mj_ver, &av_mn_ver)

Or I have big problems in english

Freecode · 01-21-2006 , 16:09

Code:

// native acprotection_get_status_ex(userid, &ac_mj_ver, &av_mn_ver)
static cell AMX_NATIVE_CALL acprotection_get_status_ex(AMX *amx, cell *params)
{
   StatusInfo info;
   DBG_PRINT_MSG("acprotection_get_status_ex called for userid %u", params[1]);
   DWORD ret = GetStatusValueEx(params[1], &info);
   DBG_PRINT_MSG("acprotection_get_status_ex return 0x%X, mj: %u, mn: %u", ret, info.ac_mj_ver, info.ac_mn_ver);
   
   cell *mj_ver = MF_GetAmxAddr(amx, params[2]);
   *mj_ver = info.ac_mj_ver; // or w/e u want to set the second arg
   
   cell *mn_ver = MF_GetAmxAddr(amx, params[3]);
   *mn_ver = info.ac_mn_ver; // or w/e u want to set the third arg

   return 1;
}

DPAKOH · 01-23-2006 , 13:49

Thank you.
And one question: AMXX Module "SOCKETS", function socket_open. There parametr which sends by reference saved as params[...] = ...; It's error? But sockets module work. +)

Freecode · 01-23-2006 , 14:26

shto?
skaji po ruckiy

DPAKOH · 01-23-2006 , 15:57

V module sockets, v funkcii socket_open est' parametr "error", kotoryi peredaetsa po ssylke. Tak vot chtob ustanovit' ego znachenie ispolzuetsa naprimer:

Code:

params[4] = 2;

A pochemu u nix eto rabotaet? I pochemu oni ne ispolzuut MF_GetAmxAddr?