0

There's a commom cheat program for a game.

I can make a proxy directx dll and inject any code i want in it. should I scan the processlist and then try to find footprints?

someone point me in the direction of suitable heuristics?

y2k
  • 65,388
  • 27
  • 61
  • 86
  • I think this was done by putting d3d9.dll into your root? Just scan for it once in a while (while using a list of dll's that are fine) and throwing an error when it detects a proxy dll. – Floris Velleman May 26 '13 at 09:05
  • That would work but use more of the system machine than I would like to alter – y2k May 26 '13 at 19:00

1 Answers1

1

"Easiest" way to detect if it's a proxy or not would be to determine the path of the loaded d3d9.dll, calculate hash and compare it with stored hashes.

Andreas Hinderberger
  • 1,505
  • 23
  • 41