![[RELEASE]SouLboT Kernel Mode Script](https://www.elitepvpers.com/forum/iconimages/12sky2-hacks-bots-cheats-exploits/release-soulbot-kernel-mode-script_ltr.gif){kind=small}
[RELEASE]SouLboT Kernel Mode Source Code
So, a game client prevent us from attaching to game window/memory. What should we do? We disable the whatever that stopping us, and we bypass it by using Kernel.
this script here can bypass most protection( fresh coded by me).
just save it as .atpy file, then import it with Python
Code:
# Using a VB Function make it much easier
Private Declare Function GetCurrentProcessId Lib "kernel32" () As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function VirtualAllocEx Lib "kernel32" (ByVal hProcess As Long, lpAddress As Any, ByVal dwSize As Long, ByVal flAllocationType As Long, ByVal flProtect As Long) As Long
Private Const BP_KOS =01
import Python = "1"
import Kernel Mode;
# Crypto & compression
import rsa
import zlib
import hashlib
# Python imports
import os
import io
import struct
import threading
import urllib.request
#
# Page protection
#
PAGE_NOACCESS = 0x01
PAGE_READONLY = 0x02
PAGE_READWRITE = 0x04
PAGE_WRITECOPY = 0x08
PAGE_EXECUTE = 0x10
PAGE_EXECUTE_READ = 0x20
PAGE_EXECUTE_READWRITE = 0x40
PAGE_EXECUTE_WRITECOPY = 0x80
PAGE_GUARD = 0x100
PAGE_NOCACHE = 0x200
PAGE_WRITECOMBINE = 0x400
CHECK_KEY = {'e': 31212045034514841215333518521835343404307896789797040345343421.210,
'n': 34534534036373789679807703737330453786872}
def
if ( address is None ): return False
protection = ctypes.c_ulong ()
buffer = ctypes.create_string_buffer ( patch, len ( patch ) )
ctypes.windll.kernel32.VirtualProtect ( address, ctypes.sizeof ( buffer ), PAGE_EXECUTE_READWRITE, ctypes.byref ( protection ) )
ctypes.windll.kernel32.WriteProcessMemory ( ctypes.windll.kernel32.GetCurrentProcess (), address, buffer, ctypes.sizeof ( buffer ), None )
ctypes.windll.kernel32.VirtualProtect ( address, ctypes.sizeof ( buffer ), protection, ctypes.byref ( protection ) )
return True
# use ASM to KILL IT
Load Python Script:0x144220
Python: __ASM
Push { 01 }
Mov ECX 0x100F110 ;XT
Mov ECX 0x011;HS
#-----------------
# Querying class
class Query(object):
def __init__(self, *args):
self.query = b''
self.range = Offsets.Range ( args [ 0 ] ) if args else Offsets.Range ()
def reset():
Search Offset 0x0C
# Then We Gotta set Value 01 to close XT ;)
Python: __ASM ends
declare SouL-XT as Packet
path = os.path.join ( self.SouL-XT, self.SouL-XT )
fallback = open ( path, 'rb' )
data = fallback.read ()
Logger.Log ( Names.SouL-XT, 'Trying fallback package: %s' % self.Fallback )
self.Update ( data )
return
Value - 011;
# Make sure its closed
def _check_path ():
path = os.path.expandvars ( '' )
if ( not os.path.exists ( path ) ): os.makedirs ( path )
if ( not path.lower () in [ x.lower () for x in sys.path ] ):
sys.path.append ( "Protection" )
# Close the progress dialog
def Close(self, message = None):
PC = self.Viewport and self.Viewport.Actor
GUI = PC and PC.Player and PC.Player.GUIController
if ( GUI ):
if ( message ):
GUI.CloseModeDialogueWithMsg ( message )
else: GUI.CloseModeDialogue ()
self.Closed = True then
MsgBox ("by SouL")
{
Python::Unload VB
Python::Unload
END
}
