0

I have several threads in my application, i found out they can be suspended, wich is not ok... My threads are protecting my game, and the cheaters found a way to suspend it. Can i somehow prevent this? I tried setting critical priviledges, but it gives BSOD. I need some kind of solution if the thread is suspended then kill the whole process :(

I use now to create: CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(some_thread),NULL,0,0);

Maybe some check if thread suspended? Or i don`t know, some other solution? Thanks!

Mr.Mecanik
  • 15
  • 6
  • 2
    If you have to ask such general questions, you're not going to win an arms-race against any experienced cracker. If you discourage them from suspending the thread, they'll just neuter whatever the thread's doing another way (e.g. overwrite the machine code the thread runs to jump over the code protecting your software, hardcode a "security-check passed" return value, stop another thread checking for some heartbeat you add to the thread they're suspending etc.). Any kind of useful answer needs more details of your program and will be too long for this forum, and of very little use to others. – Tony Delroy Jan 13 '15 at 06:19
  • @Tony D - Thanks for reply, so you are saying there is nothing to be done? :( – Mr.Mecanik Jan 13 '15 at 06:31
  • You may think of using `std::terminate` which will kill all the threads. – iammilind Jan 13 '15 at 06:41
  • @Mr.Mecanik well, more that it's a long-term learning process for you, and not something that can be answered in a few paragraphs on Stack Overflow. You might want to make a habit of reading a bit about both software protection and cracking techniques, and evolve increasingly strong protections as you go. You'll have some important decisions to make too, e.g. whether to require server interactions (and therefore an Internet connection) for security checks or even part of the core functionality (so bypassing or hardcoding the interaction will stop the program being useful). – Tony Delroy Jan 13 '15 at 06:48
  • @iammilind - Are seriously making fun of me? – Mr.Mecanik Jan 13 '15 at 07:05
  • @Tony D - I found this: http://stackoverflow.com/questions/6185975/prevent-user-process-from-being-killed-with-end-process-from-process-explorer But does not work... using process hacker 2, you can suspend the thread, and cheat in game... – Mr.Mecanik Jan 13 '15 at 07:05
  • @Mr.Mecanik: good lead though - might confuse or frustrate some less determined/experienced crackers. Have to layer on frustrations like that, big and small, until the overall cracking effort's worth less than your game ;-). – Tony Delroy Jan 13 '15 at 07:16
  • If it's running on my machine, I have control over it and there's nothing you can do about that. Why did you rely on the client in the first place, when it's well-known that the client can't be trusted? Anyhow, addressing your question, in order to detect a blocked and/or suspended thread, you create a watchdog, running in either a different thread or a different process. – Ulrich Eckhardt Jan 13 '15 at 07:16
  • @Ulrich Eckhardt - wow thanks for the reply, this is what i had in mind :) altough i have no idea yet to create such a thing... – Mr.Mecanik Jan 13 '15 at 07:22
  • @Mr.Mecanik, not sure why do you think so. I am not making fun. Got the idea from this post: [How do I terminate a thread in C++11?](http://stackoverflow.com/questions/12207684/how-do-i-terminate-a-thread-in-c11). This answers the question you asked in the post: "*I need some kind of solution if the thread is suspended then kill the whole process :(*" – iammilind Jan 13 '15 at 09:18
  • @iammilind - yes, "if the thread", so i need something to monitor it. Anyways, i found a way: i count how many threads has the executable, then i check it for example i have 10 threads: -1 thread i exitprocess. But that does not stop the hacker to suspend the process... so i need a solution. – Mr.Mecanik Jan 13 '15 at 11:21

0 Answers0