This API hook plug-in allows you to check to see if your module is still compressed by PECompact2. This is helpful to aid in making sure that your executable hasn't been unpacked by a cracker.
The existence of the IsPacked API tells you that the module is still packed, so there is no reason to actually invoke the function. Simply resolving it through GetProcAddress is all you need to do.
v2.61+ update: Any ordinal or name can be supplied to GetProcAddress as long as the module handle is -1.
C++ example:
typedef DWORD (WINAPI *PFNPEC2_IsPacked)();
PFNPEC2_IsPacked
PEC2_IsPacked=(PFNPEC2_IsPacked)GetProcAddress((HMODULE)-1,"PEC2_IsPacked");
if(!PEC2_IsPacked)
{
printf("\n ! Could not find PEC2_IsPacked! Hook plug-in not
included?");
}
else
{
printf("\n PEC2_IsPacked returns: %d", PEC2_IsPacked());
}
VB Example:
Add to a module the following declaration:
In your form code you can add this function:
It will return True if your module is still compressed, or False if not.