[i2-Dev] Crossfire Xtrap Bypass + [SOURCE CODE]

[I2espect]

It's a full Xtrap bypass ..
you can use Cheat Engine / WPE / Any Injector [ Manual Map Or Normal ]
BUT u can still get BANNED by using some patched dll(s) ..
but CE works fine .. Programmed For [NA] Version Only !
ENJOY ..

Download from attachments.

Virus Scan :

It's not PACKED / ENCRYPTED !
if u don't believe me ,, don't use it
Have Fun ..

Source Code :

Code:

#include <Windows.h>
#include <tlhelp32.h>
#include "detours.h"
#include <process.h> 
#include <wchar.h>
#include <stdlib.h>
#include "tchar.h"
#include "stdio.h"
#include "psapi.h"
#include <string>
#include <iostream>
#include <fstream>
using namespace std;
LPCTSTR lpFile_XTRAP;
// Values
typedef HMODULE (WINAPI *tLoadLibraryA)(LPCTSTR);
typedef HMODULE (WINAPI *tLoadLibraryExA)(LPCTSTR, HANDLE, DWORD);
typedef BOOL (WINAPI *tTerminateProcess)(HANDLE, UINT);
typedef VOID (WINAPI *tExitProcess)(UINT);
// Original Functions
tLoadLibraryA m_LoadLibraryAOrig = nullptr;
tLoadLibraryExA m_LoadLibraryExAOrig = nullptr;
tTerminateProcess m_TerminateProcessOrig = nullptr;
tExitProcess m_ExitProcessOrig = nullptr;
// Hooked LoadLibraryA
static HMODULE WINAPI HookedLoadLibraryA(LPCTSTR lpFileName)
{
	//cout << "LoadLibraryA : [" << lpFileName << "]" << endl;
	if(string(lpFileName).find("XTrapVa.dll") != string::npos)
	{
	lpFile_XTRAP = lpFileName;
	cout << "Blocked LoadLibraryA [" << lpFileName << "]" << endl;
	return (HMODULE)0xA0B1C2D3;
	}
	return m_LoadLibraryAOrig(lpFileName);
}
// Hooked LoadLibraryExA
static HMODULE WINAPI HookedLoadLibraryExA(LPCTSTR lpFileName, HANDLE hHandle, DWORD uk1)
{
	cout << "LoadLibraryExA : [" << lpFileName << "]" << endl;
	if(string(lpFileName).find("XTrapVa.dll") != string::npos)
	{
	cout << "Blocked LoadLibraryExA [" << lpFileName << "]" << endl;
	return (HMODULE)0xA0B1C2D3;
	}
	return m_LoadLibraryExAOrig(lpFileName, hHandle, uk1);
}
// Hooked ExitProcess
static BOOL WINAPI HookedTerminateProcess(HANDLE hProcess, UINT uExitCode)
{
	cout << "TerminateProcess Was Blocked" << endl;
	return false;
}
// Hooked ExitProcess
static VOID WINAPI HookedExitProcess(UINT uExitCode)
{
	cout << "ExitProcess Was Blocked : ExitCode = " << uExitCode << endl;
	return ;
}
// GetLastError String
// Main Function
void I2()
{
	AllocConsole();
	freopen("CONIN$", "r", stdin);
	freopen("CONOUT$", "w", stdout);

	DWORD TerminateProcessAddy = (DWORD)GetProcAddress(GetModuleHandle("Kernel32.dll"), "TerminateProcess");
	DWORD ExitProcessAddy = (DWORD)GetProcAddress(GetModuleHandle("Kernel32.dll"), "ExitProcess");	
	DWORD PostQuitMessageAddy = (DWORD)GetProcAddress(GetModuleHandle("User32.dll"), "PostQuitMessage");	
	DWORD LoadLibraryAAddy = (DWORD)GetProcAddress(GetModuleHandle("Kernel32.dll"), "LoadLibraryA");
	DWORD LoadLibraryExAAddy = (DWORD)GetProcAddress(GetModuleHandle("Kernel32.dll"), "LoadLibraryExA");

	cout << "TerminateProcess Addy : " << hex << uppercase << TerminateProcessAddy << endl;
	cout << "ExitProcess Addy : " << hex << uppercase << ExitProcessAddy << endl;

	m_ExitProcessOrig = (tExitProcess)DetourFunction((BYTE*)ExitProcessAddy, (BYTE*)HookedExitProcess);
	cout << " >> Detoured TerminateProcess : [" << hex << uppercase << ExitProcessAddy << "]" << endl;
	m_TerminateProcessOrig = (tTerminateProcess)DetourFunction((BYTE*)TerminateProcessAddy, (BYTE*)HookedTerminateProcess);
	cout << " >> Detoured ExitProcess : [" << hex << uppercase << TerminateProcessAddy << "]" << endl;
	m_LoadLibraryAOrig = (tLoadLibraryA)DetourFunction((BYTE*)LoadLibraryAAddy, (BYTE*)HookedLoadLibraryA);
	cout << " >> Detoured LoadLibraryA : [" << hex << uppercase << LoadLibraryAAddy << "]" << endl;
	/*m_LoadLibraryExAOrig = (tLoadLibraryExA)DetourFunction((BYTE*)LoadLibraryExAAddy, (BYTE*)HookedLoadLibraryExA);
	cout << " >> Detoured LoadLibraryExA : [" << hex << uppercase << LoadLibraryExAAddy << "]" << endl;*/
	//
	return;
	HMODULE XtrapVaDll = m_LoadLibraryAOrig("XTrapVa.dll");
	if(XtrapVaDll != NULL)
	{
		FreeLibraryAndExitThread(XtrapVaDll, 0);
		cout << "Just Free Library XTrapVa.dll" << endl;
	}
	else { cout << "XTrapVa.dll Wasn't Found ..." << endl; }
	return;
}
// Dll Main
extern "C" __declspec(dllexport)BOOL WINAPI DllMain (HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{
	switch (fdwReason)
	{
	case DLL_PROCESS_ATTACH:
		DisableThreadLibraryCalls(hinstDLL);
		CreateThread(0, 0, (LPTHREAD_START_ROUTINE)I2, 0, 0, 0);
		break;
	}
	return true;
}

Bye

[noname001]

testing .. antivirus found nothing malwarebytes and avast

edit: does not work on EU.
edit: it works on darkcf private server

[I2espect]

Quote:

Originally Posted by noname001

testing .. antivirus found nothing malwarebytes and avast

as i said , i didn't pack it

#Added Source Code !

[berkaysensizz]

NA work ?

[SuperMan1231234]

How do I use it ?

[I2espect]

WTF ,,, full xtrap bypass in the second page with only 4 replies !

[polendown]

is this patched now?

[hacknack]

how to use it ?

[I2espect]

Quote:

Originally Posted by hacknack

how to use it ?

download, run as admin, open crossfire !

[kroliczek15]

How to work? Im have windows 7 64bit ? I have that error dll: api-ms-win-crt-stdio-l1-1-0.dll
Help me please

[Ricks13]

i think its keylogger no one test this bypass to admin and mod please aprove or test this bypass before use the other member

[amrkezma1]

when i download 503 service unavailable ?

[Mr.Havoc]

it's not working bro on crossfire EU

[inmyeyesurdead]

hi hope someone can teach me how to use this by pass TIA

[sasawater]

شكرا على المجهود