Release Microvolts Surge * XTRAP Bypass Source Code*
Code:
Module Hook
#Region "Access"
'Setting some privileges.
Const PROCESS_ALL_ACCESS = &H1F0FF
Public Enum ThreadAccess As Integer
TERMINATE = (&H1)
SUSPEND_RESUME = (&H2)
GET_CONTEXT = (&H8)
SET_CONTEXT = (&H10)
SET_INFORMATION = (&H20)
QUERY_INFORMATION = (&H40)
SET_THREAD_TOKEN = (&H80)
IMPERSONATE = (&H100)
DIRECT_IMPERSONATION = (&H200)
End Enum
#End Region
#Region "Functions"
Public Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Integer, ByVal bInheritHandle As Integer, ByVal dwProcessId As Integer) As Integer
'Functions that will allow us to write/read process memory.
Public Declare Function WriteProcessMemory1 Lib "kernel32" Alias "WriteProcessMemory" (ByVal hProcess As Integer, ByVal lpBaseAddress As Integer, ByRef lpBuffer As Integer, ByVal nSize As Integer, ByRef lpNumberOfBytesWritten As Integer) As Integer
Public Declare Function ReadProcessMemory1 Lib "kernel32" Alias "ReadProcessMemory" (ByVal hProcess As Integer, ByVal lpBaseAddress As Integer, ByRef lpBuffer As Integer, ByVal nSize As Integer, ByRef lpNumberOfBytesWritten As Integer) As Integer
'Functions to suspend/resume the process.
Public Declare Function OpenThread Lib "kernel32.dll" (ByVal dwDesiredAccess As ThreadAccess, ByVal bInheritHandle As Boolean, ByVal dwThreadId As UInteger) As IntPtr
Public Declare Function SuspendThread Lib "kernel32.dll" (ByVal hThread As IntPtr) As UInteger
Public Declare Function ResumeThread Lib "kernel32.dll" (ByVal hThread As IntPtr) As UInteger
Public Declare Function CloseHandle Lib "kernel32.dll" (ByVal hHandle As IntPtr) As Boolean
#End Region
#Region "Suspend/Resume"
'Some functions that allow us to suspend/resume the process.
Public Function SuspendProcess(ByVal nProcess As System.Diagnostics.Process)
For Each t As ProcessThread In nProcess.Threads
Dim th As IntPtr
th = OpenThread(ThreadAccess.SUSPEND_RESUME, False, t.Id)
If th <> IntPtr.Zero Then
SuspendThread(th)
CloseHandle(th)
End If
Next
End Function
Public Function ResumeProcess(ByVal nProcess As System.Diagnostics.Process)
For Each t As ProcessThread In nProcess.Threads
Dim th As IntPtr
th = OpenThread(ThreadAccess.SUSPEND_RESUME, False, t.Id)
If th <> IntPtr.Zero Then
ResumeThread(th)
CloseHandle(th)
End If
Next
End Function
#End Region
#Region "Memory"
Public Function GetMemoryAddress(ByVal nProcess As String, ByVal nBaseAddress As Integer, ByVal nOffsets As Integer(), ByVal nLevel As Integer, Optional ByVal nSize As Integer = 4) As Integer
Dim nAddress As Integer = nBaseAddress
For i As Integer = 1 To nLevel
nAddress = ReadInteger(nProcess, nAddress, nSize) + nOffsets(i - 1)
Next
Return nAddress
End Function
Public Function ReadInteger(ByVal nProcess As String, ByVal nAddress As Integer, Optional ByVal nSize As Integer = 4) As Integer
If nProcess.EndsWith(".exe") Then
nProcess = nProcess.Replace(".exe", Nothing)
End If
Dim ProcessHandle As Process() = Process.GetProcessesByName(nProcess)
If Not ProcessHandle.Count = 1 Then
Exit Function
End If
Dim hProcess As IntPtr = OpenProcess(PROCESS_ALL_ACCESS, 0, ProcessHandle(0).Id)
If hProcess = IntPtr.Zero Then
Exit Function
End If
Dim hAddress As Integer
Dim vBuffer As Integer
hAddress = nAddress
ReadProcessMemory1(hProcess, hAddress, vBuffer, nSize, 0)
Return vBuffer
End Function
Public Function DefineBytes(ByVal nProcess As String, ByVal nAddress As Integer, ByVal nValue As String)
If nProcess.EndsWith(".exe") Then
nProcess = nProcess.Replace(".exe", Nothing)
End If
If nValue.Contains(" ") Then
nValue = nValue.Replace(" ", Nothing)
End If
Dim ProcessHandle As Process() = Process.GetProcessesByName(nProcess)
If ProcessHandle.Length = 0 Then
Exit Function
End If
Dim hProcess As IntPtr = OpenProcess(PROCESS_ALL_ACCESS, 0, ProcessHandle(0).Id)
If hProcess = IntPtr.Zero Then
Exit Function
End If
Dim C As Integer
Dim B As Integer
Dim D As Integer
Dim V As Byte
B = 0
D = 1
For C = 1 To Math****und((Len(nValue) / 2))
V = Val("&H" & Mid$(nValue, D, 2))
Call WriteProcessMemory1(hProcess, nAddress + B, V, 1, 0&)
B = B + 1
D = D + 2
Next C
End Function
#End Region
#Region "Message(s)"
'Some defines.
Dim Credits As String = ("This bypass was created by Papulatus, happy hacking! ^^") REM: You could just leech this bypass, but I would appreciate it if you credit me :).
Dim Bit32 As String = ("This bypass doesn't support 32-Bit!") REM: Disappoint some 32-Bit users.
Dim SearchFailed As String = ("Couldn't find the MicroVolts directory, please put this application in the 'Bin' folder of MicroVolts!") REM: Message to display if we couldn't find the MicroVolts directory.
#End Region
#Region "Required addresses"
'The addresses we'll need to bypass XTrap.
Dim GetProcAddress As Integer
Dim ReadProcessMemory As Integer
Dim XTrapDriver As Integer
#End Region
#Region "Timer(s)"
Dim MainTMR As New System.Timers.Timer REM: Timer to do some important stuff.
#End Region
#Region "Main" REM: Our main.
Sub Main()
'Timer settings:
MainTMR.AutoReset = True
MainTMR.Interval = 1
AddHandler MainTMR.Elapsed, AddressOf MainTMR_Tick
If Environment.Is64BitOperatin****tem = False Then REM: Detect 32-Bit users.
Console.WriteLine(Bit32)
Else
If My.Computer.FileSystem.CurrentDirectory.Contains("\MicroVolts\Bin") Then REM: Check if the application is in the 'Bin' folder of MicroVolts.
Console.WriteLine(Credits)
My.Computer.FileSystem.CurrentDirectory = My.Computer.FileSystem.CurrentDirectory.Replace("\Bin", Nothing) REM: Set current directory.
Process.Start("Bin\MicroVolts.exe")
MainTMR.Start()
Else
If My.Computer.FileSystem.DirectoryExists("C:\Program Files\MicroVolts\") Then
Console.WriteLine(Credits)
My.Computer.FileSystem.CurrentDirectory = ("C:\Program Files\MicroVolts\") REM: Set current directory.
Process.Start("Bin\MicroVolts.exe")
MainTMR.Start()
ElseIf My.Computer.FileSystem.DirectoryExists("C:\Program Files (x86)\MicroVolts\") Then
Console.WriteLine(Credits)
My.Computer.FileSystem.CurrentDirectory = ("C:\Program Files (x86)\MicroVolts\") REM: Set current directory.
Process.Start("Bin\MicroVolts.exe")
MainTMR.Start()
ElseIf My.Computer.FileSystem.DirectoryExists("C:\Archivos de Programa\MicroVolts\") Then
Console.WriteLine(Credits)
My.Computer.FileSystem.CurrentDirectory = ("C:\Archivos de Programa\MicroVolts\") REM: Set current directory.
Process.Start("Bin\MicroVolts.exe")
MainTMR.Start()
ElseIf My.Computer.FileSystem.DirectoryExists("C:\Archivos de Programa (x86)\MicroVolts\") Then
Console.WriteLine(Credits)
My.Computer.FileSystem.CurrentDirectory = ("C:\Archivos de Programa (x86)\MicroVolts\") REM: Set current directory.
Process.Start("Bin\MicroVolts.exe")
MainTMR.Start()
ElseIf My.Computer.FileSystem.DirectoryExists("C:\MicroVolts\") Then
Console.WriteLine(Credits)
My.Computer.FileSystem.CurrentDirectory = ("C:\MicroVolts\") REM: Set current directory.
Process.Start("Bin\MicroVolts.exe")
MainTMR.Start()
ElseIf My.Computer.FileSystem.DirectoryExists("D:\MicroVolts\") Then
Console.WriteLine(Credits)
My.Computer.FileSystem.CurrentDirectory = ("D:\MicroVolts\") REM: Set current directory.
Process.Start("Bin\MicroVolts.exe")
MainTMR.Start()
ElseIf My.Computer.FileSystem.DirectoryExists("D:\Program Files\MicroVolts\") Then
Console.WriteLine(Credits)
My.Computer.FileSystem.CurrentDirectory = ("D:\Program Files\MicroVolts\") REM: Set current directory.
Process.Start("Bin\MicroVolts.exe")
MainTMR.Start()
ElseIf My.Computer.FileSystem.DirectoryExists("D:\Program Files (x86)\MicroVolts\") Then
Console.WriteLine(Credits)
My.Computer.FileSystem.CurrentDirectory = ("D:\Program Files (x86)\MicroVolts\") REM: Set current directory.
Process.Start("Bin\MicroVolts.exe")
MainTMR.Start()
ElseIf My.Computer.FileSystem.DirectoryExists("D:\Archivos de Programa\MicroVolts\") Then
Console.WriteLine(Credits)
My.Computer.FileSystem.CurrentDirectory = ("D:\Archivos de Programa\MicroVolts\") REM: Set current directory.
Process.Start("Bin\MicroVolts.exe")
MainTMR.Start()
ElseIf My.Computer.FileSystem.DirectoryExists("D:\Archivos de Programa (x86)\MicroVolts\") Then
Console.WriteLine(Credits)
My.Computer.FileSystem.CurrentDirectory = ("D:\Archivos de Programa (x86)\MicroVolts\") REM: Set current directory.
Process.Start("Bin\MicroVolts.exe")
MainTMR.Start()
Else
Console.WriteLine(SearchFailed)
End If
End If
End If
Do Until Console.Title = (Nothing) REM: A simple infinite loop to keep the console stay open.
Console.ReadKey()
Loop
End Sub
Private Sub MainTMR_Tick(ByVal sender As Object, ByVal e As System.Timers.ElapsedEventArgs)
Dim MV() As Process = Process.GetProcessesByName("MicroVolts")
Dim XT() As Process = Process.GetProcessesByName("XTrap.xt")
GetProcAddress = GetMemoryAddress("MicroVolts", &HF5F0F0, {&H0}, 0, 4) REM: Grab MicroVolts' GetProcAddress function.
ReadProcessMemory = ReadInteger("MicroVolts", GetProcAddress, 4) REM: Use MicroVolts' GetProcAddress function.
XTrapDriver = GetMemoryAddress("MicroVolts", &H406BECD4, {&H0}, 0, 4) REM: Grab the XTrap driver.
'You'll need this if you want to create BYPASSED multiclients.
Dim MVIndex As Integer = MV.Count - 1
Dim XTIndex As Integer = XT.Count - 1
If XT.Count = MV.Count Then REM: Check if XTrap is running.
'Begin the motherf*cking hook.
SuspendProcess(MV(MVIndex))
DefineBytes("MicroVolts", XTrapDriver, "6F 6C 6F 6C 6F 6C 6F") REM: F*cking up the XTrap driver.
DefineBytes("MicroVolts", ReadProcessMemory, "EB FE") REM: Send ReadProcessMemory to an infinite loop.
ResumeProcess(MV(MVIndex)) REM: Enjoy the bypass ;).
End REM: Close our handle.
End If
End Sub
#End Region
End Module
WARNING Please check the lines at
DefineBytes("MicroVolts", XTrapDriver, "6F 6C 6F 6C 6F 6C 6F") REM: F*cking up the XTrap driver.
DefineBytes("MicroVolts", ReadProcessMemory, "EB FE") REM: Send ReadProcessMemory to an infinite loop.
The man/ScriptKid who posted this tried to well.. play and mesh up the Xtrap Driver by overlooping the Memory. Correct this at your own.
