unknowncheats uc-forum.com ucdownloads ucdownloads.com

Go Back   UC-Tutorials - Multiplayer Game Hacking and Cheat Tutorials > Programming > Assembly
Reload this Page Hiding File
- Sponsored Advertisement -
http://www.myfpscheats.com/


Reply
 
Thread Tools Display Modes
  #1  
Old 03-20-2010, 08:42 PM
learn_more learn_more is offline
Member
  
Join Date: Feb 2010
Posts: 59
Default Hiding File
by Max_Power

You need to know how to do the hooking, but here are the function replacements:

Code:
MyFindFirstFileA proc lpFileName:DWORD,lpFindFileData:DWORD
	LOCAL hSearch:DWORD

	;Get the first file
	push lpFindFileData
	push lpFileName
	call nOrigFFFA

	mov hSearch,eax
	
	mov ebx,lpFindFileData
	assume ebx:ptr WIN32_FIND_DATA
	
	;If the file name is the name of the file
        ;we are trying to hide then use FindNextFile
        ;to return the next file and skip this one.
        lea eax,[ebx].cFileName
	invoke lstrcmpi,ADDR szHide,eax
	assume ebx:Nothing
	.IF eax==0 && hSearch!=INVALID_HANDLE_VALUE
		push lpFindFileData
		push hSearch
		call nOrigFNFA
	.ENDIF
	
	mov eax,hSearch
	ret
MyFindFirstFileA endp

MyFindNextFileA proc hFindFile:DWORD,lpFindFileData:DWORD
	LOCAL dwRet:DWORD
	
	push lpFindFileData
	push hFindFile
	call nOrigFNFA
	
	mov dwRet,eax
	
	mov ebx,lpFindFileData
	assume ebx:ptr WIN32_FIND_DATA
	
	lea eax,[ebx].cFileName
	invoke lstrcmpi,ADDR szHide,eax
	assume ebx:Nothing
	.IF eax==0
		push lpFindFileData
		push hFindFile
		call nOrigFNFA 
		
		mov dwRet,eax
	.ENDIF
		
	mov eax,dwRet
	ret
MyFindNextFileA endp

MyFindFirstFileW proc lpFileName:DWORD,lpFindFileData:DWORD
	LOCAL hSearch:DWORD
	LOCAL szFile[255]:BYTE

	push lpFindFileData
	push lpFileName
	call nOrigFFFW

	mov hSearch,eax
	
	mov ebx,lpFindFileData
	assume ebx:ptr WIN32_FIND_DATA
	
        lea edx,[ebx].cFileName
        invoke	WideCharToMultiByte,CP_ACP,0,edx,-1,ADDR szFile,255,0,0
	invoke lstrcmpi,ADDR szHide,ADDR szFile
	assume ebx:Nothing
	.IF eax==0 && hSearch!=INVALID_HANDLE_VALUE
		push lpFindFileData
		push hSearch
		call nOrigFNFW
	.ENDIF
	
	mov eax,hSearch
	ret
MyFindFirstFileW endp

MyFindNextFileW proc hFindFile:DWORD,lpFindFileData:DWORD
	LOCAL dwRet:DWORD
	LOCAL szFile[255]:BYTE
	
	push lpFindFileData
	push hFindFile
	call nOrigFNFW
	
	mov dwRet,eax
	
	mov ebx,lpFindFileData
	assume ebx:ptr WIN32_FIND_DATA
	
	lea edx,[ebx].cFileName
	invoke WideCharToMultiByte,CP_ACP,0,edx,-1,ADDR szFile,255,0,0
	invoke lstrcmpi,ADDR szHide,ADDR szFile
	assume ebx:Nothing
	.IF eax==0
		push lpFindFileData
		push hFindFile
		call nOrigFNFW
		
		mov dwRet,eax
	.ENDIF
		
	mov eax,dwRet
	ret
MyFindNextFileW endp
There is a bug in this code I am having trouble seeing if someone could logic check me. It crashes randomly unlike my C++ version.

EDIT: Found the problem. You need to preserve the ebx register for the multibyte functions and ebx and edx for the wide ones. Do this by using the uses keyword after Proc.
Last edited by learn_more; 03-20-2010 at 09:12 PM.
Reply With Quote
Reply

  • Submit Thread to Digg
  • Submit Thread to del.icio.us
  • Submit Thread to StumbleUpon
  • Submit Thread to Google
  • Submit Thread to Facebook
  • Submit Thread to My Yahoo!
  • Submit Thread to MySpace
  • Submit Thread to Twitter
  • Submit Thread to Reddit

Tags
file, hiding

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT. The time now is 02:18 PM.

Contact Us - Archive