A lot of people dont know how to get around xTrap allthough
its not that hard. If you use a general exe file it will detect
the open handles to the Last Chaos Process and wont allow
to acces it ( x84, not sure for x64 but acces should
also be denied ). Means you shouldnt be able to use
ReadProcessMemory / WriteProcessMemory and so on.
Even OpenProcess might be denied. However there is a simple
thing we can do to get around this, we use DLL Injection.
Actually the Gameclient is loading xTrap after Startup means it
wont be protected for the first seconds after its started. This means
we can simply use a DLL Injection, we just have to be fast enough
to get the Process Access required for the DLL Injection and than we
can work inside the Process of course and could for example use
memcpy instead of Read / WriteProcessMemory. There are of
course other DLL injection methods that should also work fine but
require a little more work. We could also edit the Client to load our
DLL of course. The xTrap detections are kinda weak unlike the hack
prevention and if you got some Coding / Reversing knowledge
those wont be a Problem for you.
regards
wurstbrot123
 |
