[Release]Xtrap bypass

~~mes10~~ · 05/30/2010, 00:00

Simply compile in C++ as a DLL and inject.

Source:
Code:

/************************************************** *******************
** XTrap Bypass **
************************************************** ********************
** Hacking Detected **
** ---------------- **
** 00435FA6 EB 35 All referenced text string, 'Hacking detected' **
** One line, up, change JNZ to JMP **
** 0043CE36 EB 35 All referenced text string, 'Hacking detected' **
** One line, up, change JNZ to JMP **
** 0043DCF0 EB 35 All referenced text string, 'Hacking detected' **
** One line, up, change JNZ to JMP **
** 0043DCD1 EB 1F All referenced text string, 'Hacking detected' **
** Jump #1 change JNZ to JMP **
** 0043DCE9 EB 07 All referenced text string, 'Hacking detected' **
** Jump #2 change JNZ to JMP **
** **
** IsDebuggerPresent **
** ----------------- **
** 00499517 90 Go to IsDebuggerPresent, do down and NOP first JNZ **
** **
** ZCheckHackProcess **
** ----------------- **
** 00441E35 EB 34 All referenced text string, 'Hacking Detected' **
** go up till start of function (PUSH -1), **
** go to the local call, under it theres a **
** TEST AL,AL, go down one more line, (JNZ) change **
** it to JMP (Do this for all 3 'Hacking Detected' **
** 00441E62 EB 2C **
** 00441EBD EB 09 **
** **
** Abnormal Behavior **
** ----------------- **
** 00440353 E9 8A 00 00 00 All referenced text strings, **
** 'An abnormal behavior is detected.', **
** go up 2 lines, change the JE to JMP **
************************************************** *******************/

#include <windows.h>

#define HackDetect1 0x00435FA6
BYTE HD1[] = {0xEB, 0x35};
#define HackDetect2 0x0043CE36
BYTE HD2[] = {0xEB, 0x35};
#define HackDetect3 0x0043DCF0
BYTE HD3[] = {0xEB, 0x35};
#define HackDetect4 0x0043DCD1
BYTE HD4[] = {0xEB, 0x1F};
#define HackDetect5 0x0043DCE9
BYTE HD5[] = {0xEB, 0x07};
#define IsDebuggerPresent 0x00499517
BYTE IDP[] = {0x90};
#define ZCheckHackProcess1 0x00441E35
BYTE ZCHP1[] = {0xEB, 0x34};
#define ZCheckHackProcess2 0x00441E62
BYTE ZCHP2[] = {0xEB, 0x2C};
#define ZCheckHackProcess3 0x00441EBD
BYTE ZCHP3[] = {0xEB, 0x09};
#define AbnormalBehavior 0x00440353
BYTE AB[] = {0xE9, 0x8A, 0x00, 0x00, 0x00};

//Write To Memory
DWORD OldProtection;
void WriteToMemory(DWORD Offset, DWORD Pointer, DWORD Length){
VirtualProtect((void *)Offset, Length, PAGE_EXECUTE_READWRITE, &OldProtection);
RtlMoveMemory((void *)Offset, (const void*)Pointer, Length);
VirtualProtect((void *)Offset, Length, OldProtection, &OldProtection);
}
void ModifyMemory( BYTE *Offset, BYTE *ByteArray, DWORD Length){
for(DWORD i = 0; i < Length; i++)
WriteToMemory((DWORD)Offset + i, (DWORD)ByteArray + i, 1);
}

void Bypass()
{
ModifyMemory((BYTE*)HackDetect1, HD1, 2);
ModifyMemory((BYTE*)HackDetect2, HD2, 2);
//ModifyMemory((BYTE*)HackDetect3, HD3, 2);
ModifyMemory((BYTE*)HackDetect4, HD4, 2);
ModifyMemory((BYTE*)HackDetect5, HD5, 2);
//ModifyMemory((BYTE*)IsDebuggerPresent, IDP, 1);
//ModifyMemory((BYTE*)ZCheckHackProcess1, ZCHP1, 2);
//ModifyMemory((BYTE*)ZCheckHackProcess2, ZCHP2, 2);
//ModifyMemory((BYTE*)ZCheckHackProcess3, ZCHP3, 2);
ModifyMemory((BYTE*)AbnormalBehavior, AB, 5);
}

bool APIENTRY DllMain(HMODULE hModule, DWORD dwReason, LPVOID lpvReserved){
if(dwReason == DLL_PROCESS_ATTACH){
DisableThreadLibraryCalls(hModule);
Bypass();
return true;
}
return true;
}

Don't ask how to compile it. If you can't compile it you don't deserve it.
Works for all versions of xtrap to date.

Edit: Posted in the wrong section..Someone can move it if needed =)

~~Gee.~~ · 05/30/2010, 00:01

First

Thanks I will try to make a bypass out of it!

~~FrEakY.~~ · 05/30/2010, 00:02

This is a trainer ?

PHP Code:



/Write To Memory
DWORD OldProtection;
void WriteToMemory(DWORD Offset, DWORD Pointer, DWORD Length){
VirtualProtect((void *)Offset, Length, PAGE_EXECUTE_READWRITE, &OldProtection);
RtlMoveMemory((void *)Offset, (const void*)Pointer, Length);
VirtualProtect((void *)Offset, Length, OldProtection, &OldProtection);
}
void ModifyMemory( BYTE *Offset, BYTE *ByteArray, DWORD Length){
for(DWORD i = 0; i < Length; i++)
WriteToMemory((DWORD)Offset + i, (DWORD)ByteArray + i, 1);
}

~~zimti3~~ · 05/30/2010, 00:07

Nice Nice aba kannste ma sagen wozu ein bypass

THANKS

Smincke2 · 05/30/2010, 00:10

Würdes du das bitte rausnehmen die fixxen es sonst bald

~~Gee.~~ · 05/30/2010, 00:13

Is it IN C++?

~~mes10~~ · 05/30/2010, 00:14

it is

Steevie · 05/30/2010, 00:15

Quote:

Originally Posted by Gee.

Is it IN C++?

Quote:

Originally Posted by mes10

Simply compile in C++ as a DLL and inject.

Yes

romskidd · 05/30/2010, 00:16

I will try it later, but thanks !

~~FrEakY.~~ · 05/30/2010, 00:17

I don't think, this is a bypass, it's a Trainer...

~~Gee.~~ · 05/30/2010, 00:22

Ok I Put it in Dll. Form injected but cheat engine is still detected -_- haha that rhymes

"Ok I Put it in Dll. Form injected "
"but cheat engine is still detected"

~~FrEakY.~~ · 05/30/2010, 00:23

Sure..cuz it's just a lil Trainer omfg

~~Gee.~~ · 05/30/2010, 00:26

Quote:

Originally Posted by FrEakY.

Sure..cuz it's just a lil Trainer omfg

Teh.....

~~FrEakY.~~ · 05/30/2010, 00:29

Quote:

Originally Posted by Gee.

Know nothing about hacking -_-

^^this

~~Epitaph_Haseo~~ · 05/30/2010, 00:29

Da steht doch, was das macht... Ich probiers einfach mal aus...
Kompiliert ist schon, nurnoch Testen ^^
€: Okay, wieso stellt man soetwas rein, ohne es zu testen? Irgendwie macht das sogar Sinn, dass es nicht funtzt...
(Ich sollte erst den SC lesen, dann compilieren xD)