Skip to content
/ kbd_hookka Public

hook KeyboardClassServiceCallback to prevent messing up sistema

License

MIT license
18 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ClaudeoPK/kbd_hookka

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
hid_detecto
hid_detecto
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
hid_detecto.sln
hid_detecto.sln
 
 
show.gif
show.gif
 
 

Repository files navigation

Claudy

0xFFFFFFFF kbd_hookka

This PoC shows one of the simplest way to prevent HID input manipulation

0x0 EntryPoint

A few days ago I heard some poor RPG game is suffering from macro users and so on finally found the answer on the toilet. Most of them use Kernel-Based libraries to send HID input to Operating System. There are some filter drivers and more cheat-like drivers but this PoC aims them and it is good enough unless KPP(aka PatchGuard) turns his eyeball to kbdclass.sys in future.

0x1 Process

Find KeybardClassServiceCallback by scanning AOB pattern. Place inline hook to entry of KeyboardClassServiceCallback.

0x2 ToDO

Add getDriverObject(PVOID ReturnAddress)

About

hook KeyboardClassServiceCallback to prevent messing up sistema

Topics

anticheat antimalware

Resources

Readme

License

MIT license
Activity

Stars

18 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages