Support Forums

Support Forums > Categories > Coding Support Forums > Visual Basic and the .NET Framework > [TUT] Make Your Modules UndetecteD! [VB.net]
Full Version: [TUT] Make Your Modules UndetecteD! [VB.net]
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

ThePrinCe

05-28-2011, 05:49 AM
[TUT] How To Undetect Your MOdules [VB.net]


Let's Take These strings and will edit all together:
Code:
GetWindowThreadProcessId
OpenProcess
WriteProcessMemory
CloseHandle
FindWindow
GetKeyPress
ReadProcessMem
WriteAByte
WriteAnInt
WriteALong
ReadAByte
ReadAnInt
ReadALong
ReadAFloat
WriteAFloat
hWnd
pid
phandle

Note: If you don't have all of the strings as shown, Then just edit the ones you do have.

Ok so these are some of the parts that need editing :
Code:
Public Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hWnd As Long, lpdwProcessId As Long) As Long
Public Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Public Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Public Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal Classname As String, ByVal WindowName As String) AsLong
Public Declare Function GetKeyPress Lib "user32" Alias "GetAsyncKeyState" (ByVal key As Long) As Integer
Public Declare Function ReadProcessMem Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, ByRef lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As

Lets start with the first line:
Code:
Public Declare Function  GetWindowThreadProcessId Lib "user32" (ByVal hWnd As Long, lpdwProcessId As Long) As Long

After "user32" paste this code:
Code:
Alias "GetWindowThreadProcessId"

the function name and your code will look like this:
Code:
Public Declare Function [color=#FF0000]GWTPId [/color]Lib "user32" Alias "GetWindowThreadProcessId"(ByVal hWnd As Long, lpdwProcessId As Long) As Long

Do the exact same method with the following strings:
Code:
OpenProcess
WriteProcessMemory
CloseHandle

But not these ones:
Code:
FindWindow
GetKeyPress
ReadProcessMem

Because they already have the Alias parts added in their line of code so you would just edit the function names.

I Hope It Will help Smile.

Filefinder

05-31-2011, 12:05 PM
I already know this i don't see why none posted this yet but great job.

cOld fus1on

06-01-2011, 07:01 AM
Nice tutorial, east to understand!
Thanks for sharing.
Support Forums > Categories > Coding Support Forums > Visual Basic and the .NET Framework > [TUT] Make Your Modules UndetecteD! [VB.net]