[TUT] Make Your Modules UndetecteD! [VB.net]

[TUT] Make Your Modules UndetecteD! [VB.net] - Printable Version

+- Support Forums (https://www.supportforums.net)
+-- Forum: Categories (https://www.supportforums.net/forumdisplay.php?fid=87)
+--- Forum: Coding Support Forums (https://www.supportforums.net/forumdisplay.php?fid=18)
+---- Forum: Visual Basic and the .NET Framework (https://www.supportforums.net/forumdisplay.php?fid=19)
+---- Thread: [TUT] Make Your Modules UndetecteD! [VB.net] (/showthread.php?tid=19054)

[TUT] Make Your Modules UndetecteD! [VB.net] - ThePrinCe - 05-28-2011

[TUT] How To Undetect Your MOdules [VB.net]

Let's Take These strings and will edit all together:

Code:
GetWindowThreadProcessId

OpenProcess

WriteProcessMemory

CloseHandle

FindWindow

GetKeyPress

ReadProcessMem

WriteAByte

WriteAnInt

WriteALong

ReadAByte

ReadAnInt

ReadALong

ReadAFloat

WriteAFloat

hWnd

pid

phandle

Note: If you don't have all of the strings as shown, Then just edit the ones you do have.

Ok so these are some of the parts that need editing :

Code:
Public Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hWnd As Long, lpdwProcessId As Long) As Long

Public Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long

Public Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long

Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long

Public Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal Classname As String, ByVal WindowName As String) AsLong

Public Declare Function GetKeyPress Lib "user32" Alias "GetAsyncKeyState" (ByVal key As Long) As Integer

Public Declare Function ReadProcessMem Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, ByRef lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As

Lets start with the first line:

Code:
Public Declare Function  GetWindowThreadProcessId Lib "user32" (ByVal hWnd As Long, lpdwProcessId As Long) As Long

After "user32" paste this code:

Code:
Alias "GetWindowThreadProcessId"

the function name and your code will look like this:

Code:
Public Declare Function [color=#FF0000]GWTPId [/color]Lib "user32" Alias "GetWindowThreadProcessId"(ByVal hWnd As Long, lpdwProcessId As Long) As Long

Do the exact same method with the following strings:

Code:
OpenProcess

WriteProcessMemory

CloseHandle

But not these ones:

Code:
FindWindow

GetKeyPress

ReadProcessMem

Because they already have the Alias parts added in their line of code so you would just edit the function names.

I Hope It Will help Smile

RE: [TUT] Make Your Modules UndetecteD! [VB.net] - Filefinder - 05-31-2011

I already know this i don't see why none posted this yet but great job.

RE: [TUT] Make Your Modules UndetecteD! [VB.net] - cOld fus1on - 06-01-2011

Nice tutorial, east to understand!
Thanks for sharing.