|
You last visited: Today at 02:12
Advertisement
[Release]Xtrap bypass
Discussion on [Release]Xtrap bypass within the S4 League Hacks, Bots, Cheats & Exploits forum part of the S4 League category.
05/30/2010, 00:00
|
#1
|
elite*gold: 0
Join Date: Nov 2009
Posts: 74
Received Thanks: 27
|
[Release]Xtrap bypass
Simply compile in C++ as a DLL and inject.
Source:
Code:
/************************************************** *******************
** XTrap Bypass **
************************************************** ********************
** Hacking Detected **
** ---------------- **
** 00435FA6 EB 35 All referenced text string, 'Hacking detected' **
** One line, up, change JNZ to JMP **
** 0043CE36 EB 35 All referenced text string, 'Hacking detected' **
** One line, up, change JNZ to JMP **
** 0043DCF0 EB 35 All referenced text string, 'Hacking detected' **
** One line, up, change JNZ to JMP **
** 0043DCD1 EB 1F All referenced text string, 'Hacking detected' **
** Jump #1 change JNZ to JMP **
** 0043DCE9 EB 07 All referenced text string, 'Hacking detected' **
** Jump #2 change JNZ to JMP **
** **
** IsDebuggerPresent **
** ----------------- **
** 00499517 90 Go to IsDebuggerPresent, do down and NOP first JNZ **
** **
** ZCheckHackProcess **
** ----------------- **
** 00441E35 EB 34 All referenced text string, 'Hacking Detected' **
** go up till start of function (PUSH -1), **
** go to the local call, under it theres a **
** TEST AL,AL, go down one more line, (JNZ) change **
** it to JMP (Do this for all 3 'Hacking Detected' **
** 00441E62 EB 2C **
** 00441EBD EB 09 **
** **
** Abnormal Behavior **
** ----------------- **
** 00440353 E9 8A 00 00 00 All referenced text strings, **
** 'An abnormal behavior is detected.', **
** go up 2 lines, change the JE to JMP **
************************************************** *******************/
#include <windows.h>
#define HackDetect1 0x00435FA6
BYTE HD1[] = {0xEB, 0x35};
#define HackDetect2 0x0043CE36
BYTE HD2[] = {0xEB, 0x35};
#define HackDetect3 0x0043DCF0
BYTE HD3[] = {0xEB, 0x35};
#define HackDetect4 0x0043DCD1
BYTE HD4[] = {0xEB, 0x1F};
#define HackDetect5 0x0043DCE9
BYTE HD5[] = {0xEB, 0x07};
#define IsDebuggerPresent 0x00499517
BYTE IDP[] = {0x90};
#define ZCheckHackProcess1 0x00441E35
BYTE ZCHP1[] = {0xEB, 0x34};
#define ZCheckHackProcess2 0x00441E62
BYTE ZCHP2[] = {0xEB, 0x2C};
#define ZCheckHackProcess3 0x00441EBD
BYTE ZCHP3[] = {0xEB, 0x09};
#define AbnormalBehavior 0x00440353
BYTE AB[] = {0xE9, 0x8A, 0x00, 0x00, 0x00};
//Write To Memory
DWORD OldProtection;
void WriteToMemory(DWORD Offset, DWORD Pointer, DWORD Length){
VirtualProtect((void *)Offset, Length, PAGE_EXECUTE_READWRITE, &OldProtection);
RtlMoveMemory((void *)Offset, (const void*)Pointer, Length);
VirtualProtect((void *)Offset, Length, OldProtection, &OldProtection);
}
void ModifyMemory( BYTE *Offset, BYTE *ByteArray, DWORD Length){
for(DWORD i = 0; i < Length; i++)
WriteToMemory((DWORD)Offset + i, (DWORD)ByteArray + i, 1);
}
void Bypass()
{
ModifyMemory((BYTE*)HackDetect1, HD1, 2);
ModifyMemory((BYTE*)HackDetect2, HD2, 2);
//ModifyMemory((BYTE*)HackDetect3, HD3, 2);
ModifyMemory((BYTE*)HackDetect4, HD4, 2);
ModifyMemory((BYTE*)HackDetect5, HD5, 2);
//ModifyMemory((BYTE*)IsDebuggerPresent, IDP, 1);
//ModifyMemory((BYTE*)ZCheckHackProcess1, ZCHP1, 2);
//ModifyMemory((BYTE*)ZCheckHackProcess2, ZCHP2, 2);
//ModifyMemory((BYTE*)ZCheckHackProcess3, ZCHP3, 2);
ModifyMemory((BYTE*)AbnormalBehavior, AB, 5);
}
bool APIENTRY DllMain(HMODULE hModule, DWORD dwReason, LPVOID lpvReserved){
if(dwReason == DLL_PROCESS_ATTACH){
DisableThreadLibraryCalls(hModule);
Bypass();
return true;
}
return true;
}
Don't ask how to compile it. If you can't compile it you don't deserve it.
Works for all versions of xtrap to date.
Edit: Posted in the wrong section..Someone can move it if needed =)
|
|
|
05/30/2010, 00:01
|
#2
|
elite*gold: 0
Join Date: May 2010
Posts: 28
Received Thanks: 50
|
First Thanks I will try to make a bypass out of it!
|
|
|
05/30/2010, 00:02
|
#3
|
elite*gold: 60
Join Date: Jun 2009
Posts: 717
Received Thanks: 431
|
This is a trainer ?
PHP Code:
/Write To Memory DWORD OldProtection; void WriteToMemory(DWORD Offset, DWORD Pointer, DWORD Length){ VirtualProtect((void *)Offset, Length, PAGE_EXECUTE_READWRITE, &OldProtection); RtlMoveMemory((void *)Offset, (const void*)Pointer, Length); VirtualProtect((void *)Offset, Length, OldProtection, &OldProtection); } void ModifyMemory( BYTE *Offset, BYTE *ByteArray, DWORD Length){ for(DWORD i = 0; i < Length; i++) WriteToMemory((DWORD)Offset + i, (DWORD)ByteArray + i, 1); }
|
|
|
05/30/2010, 00:07
|
#4
|
elite*gold: 0
Join Date: Oct 2009
Posts: 29
Received Thanks: 43
|
Nice Nice aba kannste ma sagen wozu ein bypass
THANKS
|
|
|
05/30/2010, 00:10
|
#5
|
elite*gold: 0
Join Date: Jul 2009
Posts: 184
Received Thanks: 299
|
Würdes du das bitte rausnehmen die fixxen es sonst bald
|
|
|
05/30/2010, 00:13
|
#6
|
elite*gold: 0
Join Date: May 2010
Posts: 28
Received Thanks: 50
|
Is it IN C++?
|
|
|
05/30/2010, 00:14
|
#7
|
elite*gold: 0
Join Date: Nov 2009
Posts: 74
Received Thanks: 27
|
it is
|
|
|
05/30/2010, 00:15
|
#8
|
elite*gold: 23
Join Date: May 2010
Posts: 1,551
Received Thanks: 246
|
Quote:
Originally Posted by Gee.
Is it IN C++?
|
Quote:
Originally Posted by mes10
Simply compile in C++ as a DLL and inject.
|
Yes
|
|
|
05/30/2010, 00:16
|
#9
|
elite*gold: 0
Join Date: Apr 2010
Posts: 181
Received Thanks: 211
|
I will try it later, but thanks !
|
|
|
05/30/2010, 00:17
|
#10
|
elite*gold: 60
Join Date: Jun 2009
Posts: 717
Received Thanks: 431
|
I don't think, this is a bypass, it's a Trainer...
|
|
|
05/30/2010, 00:22
|
#11
|
elite*gold: 0
Join Date: May 2010
Posts: 28
Received Thanks: 50
|
Ok I Put it in Dll. Form injected but cheat engine is still detected -_- haha that rhymes
"Ok I Put it in Dll. Form injected "
"but cheat engine is still detected"
|
|
|
05/30/2010, 00:23
|
#12
|
elite*gold: 60
Join Date: Jun 2009
Posts: 717
Received Thanks: 431
|
Sure..cuz it's just a lil Trainer omfg
|
|
|
05/30/2010, 00:26
|
#13
|
elite*gold: 0
Join Date: May 2010
Posts: 28
Received Thanks: 50
|
Quote:
Originally Posted by FrEakY.
Sure..cuz it's just a lil Trainer omfg
|
Teh.....
|
|
|
05/30/2010, 00:29
|
#14
|
elite*gold: 60
Join Date: Jun 2009
Posts: 717
Received Thanks: 431
|
Quote:
Originally Posted by Gee.
Know nothing about hacking -_-
|
^^this
|
|
|
05/30/2010, 00:29
|
#15
|
elite*gold: 0
Join Date: Jul 2009
Posts: 557
Received Thanks: 164
|
Da steht doch, was das macht... Ich probiers einfach mal aus...
Kompiliert ist schon, nurnoch Testen ^^
€: Okay, wieso stellt man soetwas rein, ohne es zu testen? Irgendwie macht das sogar Sinn, dass es nicht funtzt...
(Ich sollte erst den SC lesen, dann compilieren xD)
|
|
|
|
|
Similar Threads
|
[Release] XtrapBanish - Cabal Xtrap Bypass
05/25/2012 - Cabal Hacks, Bots, Cheats, Exploits & Macros - 1155 Replies
Hi. I've coded a generic bypass for Xtrap applied to different Cabal clients.
The bypass will disable Xtrap completely allowing you to use debuggers and memory editors etc on the client code.
This is not bypassing nProtect GameGuard!
Won't work for servers using the "heartbeat" packet (official, like CabalBrazil).
This is a dead project, I don't plan to update this in the future, if a server got TDP.dll it prevents the use of this application.
|
[Release] Xtrap Bypass Edits
06/23/2008 - GunZ - 0 Replies
Xtrap files has changes.There is file added in the xtrap files and place it on C:Program Files/MAIET/Gunz/ and when you play gunz,when you use lawnmover or flipmower,sometimes the last xtrap will pop up when u playing alots of hack and things will go pop up message(xtrap error) but now it does not really if you hack much but when u press last attacker when nobody attack you sure u will get xtrap thingy
|
All times are GMT +2. The time now is 02:12.
|
|