Đây là open Source phát triển Anti Hack với file DLL, cái này ai rành lập trình thì xem make cho anh em dùng. Không thì download file đính kèm bên dưới về test thử nhé ! Giải nén chép vào Clien.
This bytes is from version of Catastrophe 0.1, but there are the new version of Catastrophe with other bytes...
So there is offsets with bytes for New version of Catastrophe v1.2
Update 1 :
Works fine, but only if programm runs before the main. There maybe a problem with WPE Pro, because you can run it after the main.exe...
Here is function that will do check all time when main.exe started
And in
add this
Update 2 : WpePro 0.9x Protection
Update 3 : WPePro 1.3 Protection
Update 4 : Speed Gear 5
Update 5 : Uo Pilot
Credits(Added by iBimbom ToMMeG, correct them if they're wrong):
f1x - Original .DLL
ToMMeG - Developing to prevent more hacks.
levinthan9 - for giving list of hacks
- Code:
{0x4C8259, {0xA1, 0x38, 0xBD, 0x4C, 0x00, 0x8B, 0x00, 0x8B, 0x4D, 0xFC, 0xBA, 0xC0, 0x82, 0x4C, 0x00, 0xE8, 0x1F, 0xF1, 0xFF, 0xFF, 0x33, 0xDB, 0xE8, 0xF8, 0xBE, 0xF3, 0xFF, 0x33, 0xC0, 0x5A, 0x59, 0x59}}, //Catastrophe
{0x4C5F31, {0x7C, 0x23, 0x8B, 0x45, 0xFC, 0x80, 0x38, 0xC1, 0x75, 0x1B, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x02, 0xF3, 0x75, 0x12, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x03, 0x00, 0x75, 0x09, 0x8B, 0x45, 0xFC, 0x80}}
// Catastrophe
This bytes is from version of Catastrophe 0.1, but there are the new version of Catastrophe with other bytes...
So there is offsets with bytes for New version of Catastrophe v1.2
- Code:
{0x4CCB71, {0xA1, 0x40, 0xFD, 0x4C, 0x00, 0x8B, 0x00, 0x8B, 0x4D, 0xFC, 0xBA, 0xD8, 0xCB, 0x4C, 0x00, 0xE8, 0xAB, 0xF2, 0xFF, 0xFF, 0x33, 0xDB, 0xE8, 0xE0, 0x75, 0xF3, 0xFF, 0x33, 0xC0, 0x5A, 0x59, 0x59}}, // Catastrophe v1.2
{0x4CA831, {0x89, 0x55, 0xFC, 0x8B, 0x45, 0xFC, 0xE8, 0xC8, 0xA3, 0xF3, 0xFF, 0x33, 0xC0, 0x55, 0x68, 0x96, 0xA8, 0x4C, 0x00, 0x64, 0xFF, 0x30, 0x64, 0x89, 0x20, 0x8B, 0x45, 0xFC, 0xE8, 0xC2, 0xA1, 0xF3}} // Catastrophe v1.2
Update 1 :
Works fine, but only if programm runs before the main. There maybe a problem with WPE Pro, because you can run it after the main.exe...
Here is function that will do check all time when main.exe started
- Code:
void MainThread()
{
again:
SystemProcessesScan();
Sleep(50);
goto again;
}
And in
- Code:
extern "C" __declspec(dllexport) void Main() {
add this
- Code:
CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(MainThread),NULL,0,0);
Update 2 : WpePro 0.9x Protection
- Code:
{0x44E08C, {0x64, 0x89, 0x25, 0x00, 0x00, 0x00, 0x00, 0x83, 0xEC, 0x58, 0x53, 0x56, 0x57, 0x89, 0x65, 0xE8, 0xFF, 0x15, 0x04, 0xF4, 0x48, 0x00, 0x33, 0xD2, 0x8A, 0xD4, 0x89, 0x15, 0xD8, 0x0A, 0x4D, 0x00}}, // WPePro 0.9x
{0x4851C2, {0x75, 0x1C, 0x53, 0x8B, 0xCE, 0xFF, 0x75, 0xE4, 0xFF, 0x75, 0xE0, 0x57, 0xE8, 0x90, 0x01, 0xFE, 0xFF, 0xEB, 0x0B, 0x53, 0x57, 0xFF, 0x76, 0x1C, 0xFF, 0x15, 0x9C, 0xF5, 0x48, 0x00, 0x8B, 0x86}} // WPePro 0.9x
Update 3 : WPePro 1.3 Protection
- Code:
{0x4307BE, {0x75, 0x0A, 0x6A, 0x1C, 0xE8, 0x49, 0x01, 0x00, 0x00, 0x83, 0xC4, 0x04, 0xE8, 0xB1, 0x30, 0x00, 0x00, 0x85, 0xC0, 0x75, 0x0A, 0x6A, 0x10, 0xE8, 0x36, 0x01, 0x00, 0x00, 0x83, 0xC4, 0x04, 0xC7}}, // WPePro 1.3
{0x44397B, {0x75, 0x07, 0x8B, 0xCF, 0xE8, 0xF8, 0xF2, 0xFF, 0xFF, 0x5F, 0x5E, 0xC2, 0x08, 0x00, 0x53, 0x56, 0x8B, 0x74, 0x24, 0x0C, 0x57, 0xFF, 0x76, 0x04, 0xFF, 0x15, 0xC4, 0x9B, 0x49, 0x00, 0x8B, 0xD8}} // WPePro 1.3
Update 4 : Speed Gear 5
- Code:
{0x40970E, {0x68, 0xB4, 0x98, 0x40, 0x00, 0x64, 0xA1, 0x00, 0x00, 0x00, 0x00, 0x50, 0x64, 0x89, 0x25, 0x00, 0x00, 0x00, 0x00, 0x83, 0xEC, 0x68, 0x53, 0x56, 0x57, 0x89, 0x65, 0xE8, 0x33, 0xDB, 0x89, 0x5D}}, // Speed Gear 5
Update 5 : Uo Pilot
- Code:
{0x12C5B8, {0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11, 0xDB, 0x72, 0xED, 0xB8, 0x01, 0x00, 0x00, 0x00, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11, 0xDB, 0x11, 0xC0, 0x01, 0xDB, 0x73}} // UoPilot
Credits(Added by iBimbom ToMMeG, correct them if they're wrong):
f1x - Original .DLL
ToMMeG - Developing to prevent more hacks.
levinthan9 - for giving list of hacks