Boost logo

Boost :

From: Roland (roland.schwarz_at_[hidden])
Date: 2003-12-19 04:32:01


(Jeremy Maitin-Shepard <jbms_at_[hidden]>) wrote:

> Roland <roland.schwarz_at_[hidden]> writes:
>
> [snip]
>
> >> I believe a technique similar to this is used
> >> by various ``cheat''-prevention systems added to certain multiplayer
> >> games. This would have the advantage of not using a temporary file.
>
> > This would be great. Do you remember where you have seen this?
>
> I believe this technique is used by the Valve anti-cheat system included
> in Half-life, but the code for this program is not available obviously.
> However, this technique is also employed by programs designed to subvert
> this anti-cheat system, including programs such as the one called
> ``OGC.'' (ogc-cheats.com) Certain versions of this program were
> released under the GPL, although you might have trouble finding the
> source code. However, I believe this and related programs may be the
> best source of information on loading DLLs without calling
> LoadLibrary.

Are you sure? Isn't this topic more about "code-injection"?

>
> Additionally, the following articles might be of some use; if I find
> any others, I will let you know.
>
> http://codeguru.earthweb.com/dll/LoadDll.shtml
> http://www.codeguru.com/system/winspy.html
> http://www.internals.com/articles/apispy/apispy.htm

Thank you. I already found some similar ones. They are all about code-injection, and
how to run a thread in a different process space. But all rely on the LoadLibrary function
loading the DLL from the address space of filenames (the disk). :-(

So if you find something else, please let me know.

Roland


Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk