[Source] Item Creator

Quote:

Originally Posted by vaynz There are many different ways of detecting this specific injector. [Only registered and activated users can see links. Click Here To Register...] Since all strings are not encrypted (in runtime ofc.) anti-cheats can easily detect it by scanning for these strings. They probably do this by performing a binary search for the string in ASCII (multi-byte) and UNICODE (wide-char) character sets. E.g. they scan for the window title, which doesn't even need a binary search, but just a simple call to FindWindow. Okay, so they may scan the mapped executable for all strings concerning this specific injector. To bypass that you can hex-edit the executable on disk and replace the strings with some random ones. If they are encrypted on disk and then get decrypted in memory, you can assume it is using a packer/protector. If that's the case you either need to somehow unpack it or search and edit the strings in memory. Now, the second method of detecting: They make unique code signatures of this injector and then scan for them in runtime. If you have the source you could easily change some compiler settings and recompile. Otherwise it will be really hard to bypass this, then I'd recommend to use another injector or bypass XC('s pattern scan) lul. Third method: There are anti-cheats that keep track of all opened handles relating to the protected client. So, they may keep a white-list of opened handles. Then it loops through the list of opened handles (probably via a driver) in a rather big time interval. And if it has found that process `Injector.exe` is maintaining a handle to the client process, it just crashes (or terminates which is easier to bypass) the client by executing an exception. I hope I could help :) + I hope it is clear that you should not attempt to make it undetected but get another injector or code your own.

Quote:

Originally Posted by vaynz There are many different ways of detecting this specific injector. [Only registered and activated users can see links. Click Here To Register...] Since all strings are not encrypted (in runtime ofc.) anti-cheats can easily detect it by scanning for these strings. They probably do this by performing a binary search for the string in ASCII (multi-byte) and UNICODE (wide-char) character sets. E.g. they scan for the window title, which doesn't even need a binary search, but just a simple call to FindWindow. Okay, so they may scan the mapped executable for all strings concerning this specific injector. To bypass that you can hex-edit the executable on disk and replace the strings with some random ones. If they are encrypted on disk and then get decrypted in memory, you can assume it is using a packer/protector. If that's the case you either need to somehow unpack it or search and edit the strings in memory. Now, the second method of detecting: They make unique code signatures of this injector and then scan for them in runtime. If you have the source you could easily change some compiler settings and recompile. Otherwise it will be really hard to bypass this, then I'd recommend to use another injector or bypass XC('s pattern scan) lul. Third method: There are anti-cheats that keep track of all opened handles relating to the protected client. So, they may keep a white-list of opened handles. Then it loops through the list of opened handles (probably via a driver) in a rather big time interval. And if it has found that process `Injector.exe` is maintaining a handle to the client process, it just crashes (or terminates which is easier to bypass) the client by executing an exception. I hope I could help :) + I hope it is clear that you should not attempt to make it undetected but get another injector or code your own.

Quote:

Originally Posted by ~kau~ HOW TO DOWNLOAD????????

Quote:

Originally Posted by FazeDaFapper Press thanks and sing the "my little purple black ding dong" song