Page 1 of 2 12 LastLast
Results 1 to 15 of 28
  1. #1
    Decoder back's Avatar
    Join Date
    Oct 2010
    Gender
    male
    Posts
    197
    Reputation
    28
    Thanks
    112

    [Discussion] continuing GodHack2

    Okay guys , i decided to make that topic to talk about VIP hacks .


    how you guys protect your VIP hack ?
    - Guidtech
    -loader
    - etc..

    like god hack2 said

    i have made loaders before
    where you just login with the forum info and then use the hack no GUID included.
    and i know that you must download the file from the server to your harddrive for your loader to inject it, so hows your dll hidden?

    And how it will be later ?

    tell your opnion , what is the most popular and secure protection to VIP hacks ?

  2. The Following User Says Thank You to Decoder back For This Useful Post:

    GodHack2 (01-14-2011)

  3. #2
    GodHack2's Avatar
    Join Date
    May 2010
    Gender
    male
    Posts
    645
    Reputation
    38
    Thanks
    762
    My Mood
    Amused
    well you don't have to say VIP everywhere cause people will freak out
    but thanks for making a new thread for my post





    beat this bitches ^^^^^^^

    Current Stats : Bored :/


    Respect list :
    Crash !
    Gordon'
    Markoj

  4. #3
    topblast's Avatar
    Join Date
    Mar 2010
    Gender
    male
    Location
    Far from around you Programmer: C++ | VB | C# | JAVA
    Posts
    3,607
    Reputation
    149
    Thanks
    4,922
    My Mood
    Cool
    Well lets do IDEAS :


    As i said Mine hides the dll into an Encrypted File format that reads the file and Inject that file into a process, I also used this Feature in the advance injector i am making. I find that u no longer have to do the Copy to random location thing. It is always a Random location.

    This File format can contain almost anything from the File name and version to the Last Process injected into and how many times.

    since it is saved as an array of bytes opening with notepad will not really work and it is converted into string to process the data then to convert the String back into a Byte Array to the the (Hack file in byte array) then output to a random location and inject from that location all without damaging the dll

    The downside to this is the File Format of the DLL can be in ur application but i didnt do it to do that. The reason for this is the Code Decompilers who look at ur code and get the dll. With getting the DLL from an online server the info is held in a structure. Then we output the DLL to any random location and inject.

    The Loader will NEVER really have any REAL location the DLL will go, it will have a fix location to ur site but to Decrypt that and go into every step as i did it is annoying it even made my head hurt recoding it.

    HMM now that i think about it u can embed the DLL into the loader i mean the structure IS able to convert from both byte arrays and string arrays.


    Thats only the part about ur DLL not being to be found. What about the LOGIN really i dont like my current login systems and i am not good with SQL
    I just like programming, that is all.

    Current Stuff:

    • GPU Programmer (Cuda)
    • Client/Server (Cloud Server)
    • Mobile App Development

  5. The Following User Says Thank You to topblast For This Useful Post:

    GodHack2 (01-14-2011)

  6. #4
    Decoder back's Avatar
    Join Date
    Oct 2010
    Gender
    male
    Posts
    197
    Reputation
    28
    Thanks
    112
    Quote Originally Posted by topblast View Post
    Well lets do IDEAS :


    As i said Mine hides the dll into an Encrypted File format that reads the file and Inject that file into a process, I also used this Feature in the advance injector i am making. I find that u no longer have to do the Copy to random location thing. It is always a Random location.

    This File format can contain almost anything from the File name and version to the Last Process injected into and how many times.

    since it is saved as an array of bytes opening with notepad will not really work and it is converted into string to process the data then to convert the String back into a Byte Array to the the (Hack file in byte array) then output to a random location and inject from that location all without damaging the dll

    The downside to this is the File Format of the DLL can be in ur application but i didnt do it to do that. The reason for this is the Code Decompilers who look at ur code and get the dll. With getting the DLL from an online server the info is held in a structure. Then we output the DLL to any random location and inject.

    The Loader will NEVER really have any REAL location the DLL will go, it will have a fix location to ur site but to Decrypt that and go into every step as i did it is annoying it even made my head hurt recoding it.

    HMM now that i think about it u can embed the DLL into the loader i mean the structure IS able to convert from both byte arrays and string arrays.


    Thats only the part about ur DLL not being to be found. What about the LOGIN really i dont like my current login systems and i am not good with SQL
    simply , with sql you can use the table and make it into a process and i did sql classes , so sql is not hard to work , the most harddest language to work to me is : ASM

    how about the process of your hack when you say it

    This File format can contain almost anything from the File name and version to the Last Process injected into and how many times.
    you mean what your process make a file format what can contain anything from any file or something ?

    and can inject into a process how many times he wants ?

    or am i wrong ?

    i don't think so , because someone can do reverse engineer into it .

    then ....
    Last edited by Decoder back; 01-14-2011 at 11:23 PM.

  7. #5
    GodHack2's Avatar
    Join Date
    May 2010
    Gender
    male
    Posts
    645
    Reputation
    38
    Thanks
    762
    My Mood
    Amused
    Quote Originally Posted by topblast View Post

    Thats only the part about ur DLL not being to be found. What about the LOGIN really i dont like my current login systems and i am not good with SQL
    The login is done either by the sql or by using the webpage elements(doesn't require access to any sql tables)

    just make a new webbrowser
    [php] this->webBrowser1->Document->GetElementById("vb_login_username")->SetAttribute("value", textBox1->Text);
    this->webBrowser1->Document->GetElementById("vb_login_password")->SetAttribute("value", textBox2->Text);
    this->webBrowser1->Document->GetElementById("cookieuser")->SetAttribute("value", "0");
    this->webBrowser1->Document->GetElementById("cookieuser")->Focus();

    SendKeys::Send("{TAB}");
    SendKeys::Send("{Enter}");[/php]

    and then to check if he has logged in correctly

    [php]if (this->richTextBox1->Text->Contains("Thank you for logging in")do your stuff...[/php]
    and if he didn't enter it correctly
    [php]if(this->richTextBox1->Text->Contains("invalid")) exit the application [/php]

    edit forgot to say that the richtextbox is the webbrowser's page document text
    and this way works on vb forums only because of the elements names u can download google chrome and use its firebug to see the elements for other types of boards

    share share share
    Last edited by GodHack2; 01-14-2011 at 11:51 PM.





    beat this bitches ^^^^^^^

    Current Stats : Bored :/


    Respect list :
    Crash !
    Gordon'
    Markoj

  8. #6
    topblast's Avatar
    Join Date
    Mar 2010
    Gender
    male
    Location
    Far from around you Programmer: C++ | VB | C# | JAVA
    Posts
    3,607
    Reputation
    149
    Thanks
    4,922
    My Mood
    Cool
    Quote Originally Posted by Decoder back View Post
    simply , with sql you can use the table and make it into a process and i did sql classes , so sql is not hard to work , the most harddest language to work to me is : ASM

    how about the process of your hack when you say it



    you mean what your process make a file format what can contain anything from any file or something ?

    and can inject into a process how many times he wants ?

    or am i wrong ?

    i don't think so , because someone can do reverse engineer into it .

    then ....
    No what i mean if what i said.

    I can SAVE the Last Process injected into.
    I can SAVE the number of time u injected the file.
    And my DLL have a STRUCTURE that holds all the info then output it.


    Quote Originally Posted by GodHack2 View Post
    The login is done either by the sql or by using the webpage elements(doesn't require access to any sql tables)

    just make a new webbrowser
    [php] this->webBrowser1->Document->GetElementById("vb_login_username")->SetAttribute("value", textBox1->Text);
    this->webBrowser1->Document->GetElementById("vb_login_password")->SetAttribute("value", textBox2->Text);
    this->webBrowser1->Document->GetElementById("cookieuser")->SetAttribute("value", "0");
    this->webBrowser1->Document->GetElementById("cookieuser")->Focus();

    SendKeys::Send("{TAB}");
    SendKeys::Send("{Enter}");[/php]

    and then to check if he has logged in correctly

    [php]if (this->richTextBox1->Text->Contains("Thank you for logging in")do your stuff...[/php]
    and if he didn't enter it correctly
    [php]if(this->richTextBox1->Text->Contains("invalid")) exit the application [/php]

    edit forgot to say that the richtextbox is the webbrowser's page document text
    and this way works on vb forums only because of the elements names u can download google chrome and use its firebug to see the elements for other types of boards

    share share share
    How will I know if the user is VIP/payed for special membership or something.
    I just like programming, that is all.

    Current Stuff:

    • GPU Programmer (Cuda)
    • Client/Server (Cloud Server)
    • Mobile App Development

  9. #7
    GodHack2's Avatar
    Join Date
    May 2010
    Gender
    male
    Posts
    645
    Reputation
    38
    Thanks
    762
    My Mood
    Amused
    Quote Originally Posted by topblast View Post


    No what i mean if what i said.

    I can SAVE the Last Process injected into.
    I can SAVE the number of time u injected the file.
    And my DLL have a STRUCTURE that holds all the info then output it.




    How will I know if the user is VIP/payed for special membership or something.
    that would totally depend on your site
    if you have a plugin that shall make the member page url yoursite.com/ members(or we)/username
    so then you can just direct a webbrowser to that page with the usernametextbox as the "username"in the url and read the string that is between [php]</h1> <h2>[/php] and [php]</h2> </td> </tr>[/php](this depend on your user page ) in your richtextbox (web page's source).
    like for example here at mpgh if you go to my userpage and read the string that is between </h1> <h2> and </h2> </td> </tr> the output will be "Expert Member" which is not allowed to use the hack

    but hey there are lots of easier ways to do it through sql tables so u might wana look through that
    Last edited by GodHack2; 01-15-2011 at 12:20 AM.





    beat this bitches ^^^^^^^

    Current Stats : Bored :/


    Respect list :
    Crash !
    Gordon'
    Markoj

  10. #8
    flameswor10's Avatar
    Join Date
    Jul 2009
    Gender
    male
    Posts
    12,528
    Reputation
    981
    Thanks
    10,404
    My Mood
    In Love
    I can make a simple loader for you
    No I do not make game hacks anymore, please stop asking.


    Been MPGH Minion: 6 July 2011 - 1 August 2012

  11. #9
    Gordon`'s Avatar
    Join Date
    Dec 2007
    Gender
    male
    Posts
    283
    Reputation
    24
    Thanks
    325
    Then we output the DLL to any random location and inject.
    why is there an encryption anyway when its useless? i mean the dll has to be decrypted for injecting. not really safe


  12. #10
    dean-wingess's Avatar
    Join Date
    Jan 2009
    Gender
    male
    Posts
    409
    Reputation
    29
    Thanks
    212
    My Mood
    Stressed
    1. Protection:


    Crypted GUID list on my server.
    GUID: USERNAME:
    23523 Halalala
    33345id Olalala

    for example.
    It's cryted, my Guidtech.cpp contains a simple function to uncrypt it.
    After Uncrypting it loops through the list and checks the GUID's, if yours isn't there it won't create the threads in Dll main and Exit the process.

    2. Protection:

    A loader coded in VisualBasic, 3 embedded dlls (Warrock Private, Bad Company 2 Private, Combat Arms Private)
    You can load 1 of them and inject it.
    How it updates?
    It checking the md5 of the dlls and then it compares it to md5 of the dlls on the server.
    If they aren't the same its downloading and replacing them.

    Isn't that easy?

    Edit: How to crack it?
    Break in the Loader, check for the ftp links, download the dlls..
    Muhaha and now?
    There's still GUID, UPX, Winlicense.
    First of all try to unpack it then remove the drive 32 from Winlicense and then search through 7300 lines of ASM and addresses.
    Before you start doing this it would be easier coding your own hack.
    Last edited by dean-wingess; 01-15-2011 at 02:46 AM.
    [YOUTUBE]e89lqiE0wi0[/YOUTUBE]

  13. #11
    freedompeace's Avatar
    Join Date
    Jul 2010
    Gender
    female
    Posts
    3,035
    Reputation
    340
    Thanks
    2,784
    My Mood
    Sad
    This is one funny thread

    These are good ideas, but there are problems which need to be addressed (below).

    If you want an entirely secure system, you're going to have to implement all these ideas into one, plus checks on hooks that may endanger your hack's security, as well as having as little usage of the file system as possible.

    Quote Originally Posted by topblast View Post
    Well lets do IDEAS :


    As i said Mine hides the dll into an Encrypted File format that reads the file and Inject that file into a process, I also used this Feature in the advance injector i am making. I find that u no longer have to do the Copy to random location thing. It is always a Random location.

    This File format can contain almost anything from the File name and version to the Last Process injected into and how many times.

    since it is saved as an array of bytes opening with notepad will not really work and it is converted into string to process the data then to convert the String back into a Byte Array to the the (Hack file in byte array) then output to a random location and inject from that location all without damaging the dll

    The downside to this is the File Format of the DLL can be in ur application but i didnt do it to do that. The reason for this is the Code Decompilers who look at ur code and get the dll. With getting the DLL from an online server the info is held in a structure. Then we output the DLL to any random location and inject.

    The Loader will NEVER really have any REAL location the DLL will go, it will have a fix location to ur site but to Decrypt that and go into every step as i did it is annoying it even made my head hurt recoding it.

    HMM now that i think about it u can embed the DLL into the loader i mean the structure IS able to convert from both byte arrays and string arrays.


    Thats only the part about ur DLL not being to be found. What about the LOGIN really i dont like my current login systems and i am not good with SQL
    What's the use of encryption if your client has the key-pair that your server has? It can be easily extracted ):

    Furthermore, you're dealing with the filesystem. Plenty of hooks to monitor the fs

    Quote Originally Posted by GodHack2 View Post
    The login is done either by the sql or by using the webpage elements(doesn't require access to any sql tables)

    just make a new webbrowser
    [php] this->webBrowser1->Document->GetElementById("vb_login_username")->SetAttribute("value", textBox1->Text);
    this->webBrowser1->Document->GetElementById("vb_login_password")->SetAttribute("value", textBox2->Text);
    this->webBrowser1->Document->GetElementById("cookieuser")->SetAttribute("value", "0");
    this->webBrowser1->Document->GetElementById("cookieuser")->Focus();

    SendKeys::Send("{TAB}");
    SendKeys::Send("{Enter}");[/php]

    and then to check if he has logged in correctly

    [php]if (this->richTextBox1->Text->Contains("Thank you for logging in")do your stuff...[/php]
    and if he didn't enter it correctly
    [php]if(this->richTextBox1->Text->Contains("invalid")) exit the application [/php]

    edit forgot to say that the richtextbox is the webbrowser's page document text
    and this way works on vb forums only because of the elements names u can download google chrome and use its firebug to see the elements for other types of boards

    share share share
    network sniffing... yay. internet explorer, bigger yay.

  14. #12
    supercarz1991's Avatar
    Join Date
    Jul 2010
    Gender
    male
    Location
    North of Hell, South of Heaven
    Posts
    6,067
    Reputation
    323
    Thanks
    3,320
    My Mood
    Doh
    Id like to know how GA's loader works...I tried to crack it once...scanned my whole c drive as soon as it downloaded and was ready fir injection....there were no new files on my computer before injection or after

  15. #13
    freedompeace's Avatar
    Join Date
    Jul 2010
    Gender
    female
    Posts
    3,035
    Reputation
    340
    Thanks
    2,784
    My Mood
    Sad
    Quote Originally Posted by supercarz1991 View Post
    Id like to know how GA's loader works...I tried to crack it once...scanned my whole c drive as soon as it downloaded and was ready fir injection....there were no new files on my computer before injection or after
    GA?

    (fill)

  16. #14
    kotentopf's Avatar
    Join Date
    Nov 2009
    Gender
    male
    Posts
    602
    Reputation
    26
    Thanks
    251
    at the point protection:
    create a thread with a while loop

    if getmodulehandle("OLLYDBG.exe")
    TerminateProcess(GetCurrentProcess(),1337);

    u can add more files. U can also use some findwindow's
    The Internet SHOULD Be Illegal

    When you say
    "Java is a great programming language because it works on all platforms"
    it is just like
    "anal sex is great because it works on all genders"

    Are YOU a Troll?

  17. #15
    topblast's Avatar
    Join Date
    Mar 2010
    Gender
    male
    Location
    Far from around you Programmer: C++ | VB | C# | JAVA
    Posts
    3,607
    Reputation
    149
    Thanks
    4,922
    My Mood
    Cool
    Wel the encryption is different. I encrypt for the safety of the DLL and i been using it in CA, never been detected. Also as it was said before Finding the site that holds the File can be traced. This format need you to convert the file then upload it. And i was bored and was working with encryption the time i made it. But the Decryption is Done before u inject

    Login(if true)->Download/GET->Decrypt->Store in structure->Start timer->If TRUE and ready to inject->Get Original file(Decompress)->Byte to file to Random location->Inject from that location.

    Close loader.
    I just like programming, that is all.

    Current Stuff:

    • GPU Programmer (Cuda)
    • Client/Server (Cloud Server)
    • Mobile App Development

Page 1 of 2 12 LastLast