ThaylorMello
28/04/2018, 09:12 AM
Informações Sobre a Source :
hi
here is working MuGuard..
main file MuGaurd.cpp :: Credits to me (leo123)
PHP Code:
#include "stdafx.h"
#include "define.h"
#include "cFile.h"
#include "AntiHack.h"
cFile MyFile;
void ChangeSerial()
{
memset(&Main_Serial[0],0x00,16); // the max is 16 i think =/
memcpy(&Main_Serial[0],MySerial,strlen(MySerial));
}
void FindHacks()
{
ChangeSerial(); // Rum time changeing of serial
bool State = MyFile.iCheckFileSize("Data\\Player\\Player.bmd",sizePlayerBMD);
if(State == false)
{
MessageBoxA(FindWindowA(0,"MU"),"We are sorry, but a hack or cheat or other 3rd tool has been detected","MuGuard V1.0 by leo123",0);
ExitProcess(1);
}
SystemProcessesScan();
Sleep(3000);
FindHacks();
}
void Setup()
{
ChangeSerial();
if(FindWindow(0,"MU") > 0)
{
WinExec("taskkill /IM main.exe",5);
Sleep(200);
ExitProcess(0);
}
SystemProcessesScan();
bool State = MyFile.iCheckFileSize("Data\\Player\\Player.bmd",sizePlayerBMD);
if(State == false)
{
MessageBoxA(0,"We are sorry, but a hack or cheat or other 3rd tool has been detected","MuGuard V1.0 by leo123",0);
ExitProcess(0);
}
char* Temp = GetCommandLine();
if(Temp[9] != 0x63)
{
MessageBoxA(0,"Please use lancher.","MuGuard V1.0 by leo123",0);
ExitProcess(0);
}
#ifdef premu
__asm
{
Mov Edi,0x0073BD18
Jmp Edi
}
#endif
SystemProcessesScan();
DWORD MyId;
CreateThread(NULL,NULL,(LPTHREAD_START_ROUTINE)Fin dHacks,NULL,0,&MyId);
}
extern "C" __declspec (dllexport) void __cdecl Loaded()
{
DWORD OldProtect;
if(VirtualProtect(LPVOID(0x401000),0x7C2FFF,PAGE_E XECUTE_READWRITE,&OldProtect))
{
Setup();
}
else
{
MessageBoxA(NULL,"Unable to initialize the MuGuard.dll","PRE DLL",MB_OK);
ExitProcess(0);
}
}
BOOL APIENTRY DllMain( HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
return TRUE;
}
AntiHack.cpp :: Credits F1x ( i add some exitprocess fix)
// ----------------------------------------------------
// Nazwa pliku: AntiHack.cpp
// Data utworzenia: 2008-06-26
[Only registered and activated users can see links]
// ----------------------------------------------------
#include "stdafx.h"
#include "AntiHack.h"
#include <windows.h>
#include <tlhelp32.h>
#include <stdlib.h>
ANITHACK_PROCDUMP g_ProcessesDumps[MAX_PROCESS_DUMP] = {
{0x4C8259, {0xA1, 0x38, 0xBD, 0x4C, 0x00, 0x8B, 0x00, 0x8B, 0x4D, 0xFC, 0xBA, 0xC0, 0x82, 0x4C, 0x00, 0xE8, 0x1F, 0xF1, 0xFF, 0xFF, 0x33, 0xDB, 0xE8, 0xF8, 0xBE, 0xF3, 0xFF, 0x33, 0xC0, 0x5A, 0x59, 0x59}}, //Catastrophe
{0x4018bb, {0x74 ,0x3F ,0x0F ,0xB6 ,0x45 ,0xEC ,0x0F ,0xB6 ,0x9D ,0x74 ,0xFF ,0xFF ,0xFF ,0x39 ,0xD8 ,0x75 ,0x30 ,0x6A ,0x01 ,0x6A ,0x39 ,0x68 ,0xD4 ,0x75 ,0x40 ,0x00 ,0xE8 ,0x96 ,0x08 ,0x00 ,0x00 ,0x50}}, // Hasty MU
{0x4C5F31, {0x7C, 0x23, 0x8B, 0x45, 0xFC, 0x80, 0x38, 0xC1, 0x75, 0x1B, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x02, 0xF3, 0x75, 0x12, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x03, 0x00, 0x75, 0x09, 0x8B, 0x45, 0xFC, 0x80}}, // Catastrophe
};
void SystemProcessesScan()
{
HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if(hProcessSnap != INVALID_HANDLE_VALUE)
{
PROCESSENTRY32 pe32;
pe32.dwSize = sizeof(PROCESSENTRY32);
if(Process32First(hProcessSnap, &pe32))
{
do
{
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
if(hProcess != NULL)
{
if(ScanProcessMemory(hProcess))
{
MessageBoxA(FindWindowA(0,"MU"), "Found hack software in your system.\n\nHint: Close all illegal programs and run application again.", "leo123 MuGuard v1.0", MB_OK | MB_ICONSTOP);
ExitProcess(1);
}
}
}
while(Process32Next(hProcessSnap, &pe32));
}
}
CloseHandle(hProcessSnap);
}
bool ScanProcessMemory(HANDLE hProcess)
{
for(int i = 0; i < MAX_PROCESS_DUMP; i++)
{
char aTmpBuffer[MAX_DUMP_SIZE];
SIZE_T aBytesRead = 0;
ReadProcessMemory(hProcess, (LPCVOID)g_ProcessesDumps[i].m_aOffset, (LPVOID)aTmpBuffer, sizeof(aTmpBuffer), &aBytesRead);
if(memcmp(aTmpBuffer, g_ProcessesDumps[i].m_aMemDump, MAX_DUMP_SIZE) == 0)
{
return true;
break;
}
}
return false;
}
AntiHack.h :: Credits F1x
// ----------------------------------------------------
// Nazwa pliku: AntiHack.cpp
// Data utworzenia: 2008-06-26
[Only registered and activated users can see links]
// ----------------------------------------------------
#ifndef PDC_ANTIHACK_H
#define PDC_ANTIHACK_H
#define MAX_DUMP_OFFSETS 3
#define MAX_DUMP_SIZE 32
#define MAX_PROCESS_DUMP 3
typedef struct ANITHACK_PROCDUMP {
unsigned int m_aOffset;
unsigned char m_aMemDump[MAX_DUMP_SIZE];
} *PANITHACK_PROCDUMP;
extern ANITHACK_PROCDUMP g_ProcessesDumps[MAX_PROCESS_DUMP];
void SystemProcessesScan();
bool ScanProcessMemory(HANDLE hProcess);
#endif //PDC_ANTIHACK_H
cFile.cpp :: Credits me (leo123) it class to work with files (check size)...
#include "Stdafx.h"
#include "cFile.h"
cFile::cFile() // constractor
{
}
int cFile::iGetFileSize(char* FileName)
{
HANDLE hFile = CreateFileA(FileName, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL, NULL);
return GetFileSize(hFile,NULL);
}
bool cFile::iCheckFileSize(char* cFile,int Size)
{
int iSize = this->iGetFileSize(cFile);
if(iSize == Size)
return true;
return false;
}
cFile::~cFile() // desratactor
{
}
cFile.h :: Credits me (leo123)
#include "Stdafx.h"
#ifndef cFile_H
#define cFile_H
class cFile
{
public:
cFile();
~cFile();
bool iCheckFileSize(char* cFile,int Size);
int iGetFileSize(char* FileName);
};
#endif
define.h
#include "Stdafx.h"
#define livemu
#ifdef premu
int sizePlayerBMD = 2662002;
#endif
#ifdef livemu
int sizePlayerBMD = 2414277;
DWORD *Main_Serial = (DWORD*)0x006B9284;
const char* MySerial = "00XXXXXXXXXXXXXX";
#endif
stdafx.h
// stdafx.h : include file for standard system include files,
// or project specific include files that are used frequently, but
// are changed infrequently
//
#if !defined(AFX_STDAFX_H__50DF9A22_ED87_4980_8F7D_DFF CFE6A44CB__INCLUDED_)
#define AFX_STDAFX_H__50DF9A22_ED87_4980_8F7D_DFFCFE6A44CB __INCLUDED_
#if _MSC_VER > 1000
#pragma once
#endif // _MSC_VER > 1000
// Insert your headers here
#define WIN32_LEAN_AND_MEAN // Exclude rarely-used stuff from Windows headers
#include <windows.h>
#include <cstdio>
// TODO: reference additional headers your program requires here
//{{AFX_INSERT_LOCATION}}
// Microsoft Visual C++ will insert additional declarations immediately before the previous line.
#endif // !defined(AFX_STDAFX_H__50DF9A22_ED87_4980_8F7D_DFF CFE6A44CB__INCLUDED_)
how add new hacks? just open with ollydbg some hack
go to some offset of the hack
then go to dump of the currect offset
copy the 32 bytes of the offset and add in AntiHack.cpp
[ offset] [ 32 bytes]
{0x4C5F31, {0x7C, 0x23, 0x8B, 0x45, 0xFC, 0x80, 0x38, 0xC1, 0x75, 0x1B, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x02, 0xF3, 0x75, 0x12, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x03, 0x00, 0x75, 0x09, 0x8B, 0x45, 0xFC, 0x80}}, // Catastrophe
and change in AntiHack.h
#define MAX_DUMP_OFFSETS 3
#define MAX_PROCESS_DUMP 3
to 4
if u add more then one hacks put 5.. etc..
Powered by vBulletin® Version 4.2.5 Copyright © 2024 vBulletin Solutions Inc. All rights reserved.