sesuai dengan topiknya kali ini kita akan membahas source code bypass hackshield lostsaga 2015,.. ini merupakan update terbaru. Silahkan cek Source Code Berikut!
void MemWrite(LPVOID pxAddress,PBYTE code,int size)
{
unsigned long Protection;
VirtualProtect((LPVOID)pxAddress,size,PAGE_READWRITE,&Protection);
memcpy((LPVOID)pxAddress,(const LPVOID )code,size);
VirtualProtect((LPVOID)pxAddress,size,Protection,0);
}
void Bypass(void)
{
DWORD hEhSvc = 0;
do {
hEhSvc =(DWORD)GetModuleHandleA("EhSvc.dll");
Sleep(100);
} while(!hEhSvc);
if(hEhSvc > 0)
{
// EHSvc.dll: Version 5.6.31.424
MemWrite((LPVOID)(hEhSvc+0x0AB90),(PBYTE)"\xC2\x04\x00",3);
MemWrite((LPVOID)(hEhSvc+0x0AC28),(PBYTE)"\x74",1);
MemWrite((LPVOID)(hEhSvc+0x3667D),(PBYTE)"\x90\x90",2);
MemWrite((LPVOID)(hEhSvc+0x44C3F),(PBYTE)"\x31",1);
MemWrite((LPVOID)(hEhSvc+0x47D2E),(PBYTE)"\x31",1);
MemWrite((LPVOID)(hEhSvc+0x47DA2),(PBYTE)"\x90\x90",2);
MemWrite((LPVOID)(hEhSvc+0x93780),(PBYTE)"\xC3",1);
MemWrite((LPVOID)(hEhSvc+0xB5C85),(PBYTE)"\x90\x90\x90\x90\x90\x90",6);
MemWrite((LPVOID)(hEhSvc+0xB6C04),(PBYTE)"\x03\xD2",2);
// WarRock.exe Europe: Date 08/January/2014
MemWrite((LPVOID)(0x51D257),(PBYTE)"\xEB",1);
MemWrite((LPVOID)(0x5E587A),(PBYTE)"\xC3",1);
}
}
BOOL WINAPI DllMain(HMODULE hDll,DWORD dwReason,LPVOID lpReserved)
{
if(dwReason==DLL_PROCESS_ATTACH)
{
CreateThread(0,0,(LPTHREAD_START_ROUTINE)Bypass,0,0,0);
CreateThread(0,0,(LPTHREAD_START_ROUTINE)HackHere,0,0,0);
}
return TRUE;
}
No comments:
Post a Comment