Looking for experienced help to collaborate on xingcode bypass

[HOOSIER]

I am looking for some help if you know your way around olly dbg and wanna help let me know . I am pretty close but i am tired and have been at this for a while now . I am serious and only will want one experienced person to help . Coding would be a plus . If i find it first i will share with you . And i do think i am very close and will point you in the correct place to look .

Mention me or message me thanks .

[IMG][/IMG]

[metroplayer]

I am looking for some help if you know your way around olly dbg and wanna help let me know . I am pretty close but i am tired and have been at this for a while now . I am serious and only will want one experienced person to help . Coding would be a plus . If i find it first i will share with you . And i do think i am very close and will point you in the correct place to look .

Mention me or message me thanks .

[IMG][/IMG]

You want bypass coding?

Code:

#include <Windows.h>
#include <iostream>
#include <tlhelp32.h>
#include <stdio.h>

using namespace std;

DWORD GetProcessId(const TCHAR* lpProcessName)
{
	DWORD dwProcessId = 0;

	PROCESSENTRY32 entry;
	entry.dwSize = sizeof(PROCESSENTRY32);

	HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);

	if (snapshot != INVALID_HANDLE_VALUE)
	{
		if (Process32First(snapshot, &entry))
		{
			do
			{
				if (_wcsicmp(entry.szExeFile, lpProcessName) == 0)
				{
					dwProcessId = entry.th32ProcessID;
					break;
				}
			} while (Process32Next(snapshot, &entry));
		}

		CloseHandle(snapshot);
	}

	return dwProcessId;
}

void suspend(DWORD processId)
{
	HANDLE hThreadSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);

	THREADENTRY32 threadEntry; 
	threadEntry.dwSize = sizeof(THREADENTRY32);

	if (hThreadSnapshot != INVALID_HANDLE_VALUE)
	{
		if (Thread32First(hThreadSnapshot, &threadEntry))
		{
			do
			{
				if (threadEntry.th32OwnerProcessID == processId)
				{
					HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, threadEntry.th32ThreadID);// maybe we required too many accesses THREAD_ALL_ACCESS, or maybe we didnt raise the process's priviliges

					if (hThread)
					{
						SuspendThread(hThread);
						CloseHandle(hThread);
					}

				}
			} while (Thread32Next(hThreadSnapshot, &threadEntry));
		}

		CloseHandle(hThreadSnapshot);
	}
}

int main(int argc, TCHAR* argv[])
{
	

	SetConsoleTitle(TEXT("AVA Xigncode3 Bypass"));

	cout << "Searching for AVA..." << endl;

	DWORD dwProcessId;

	while (!(dwProcessId = GetProcessId(TEXT("AVA.exe"))))/
		Sleep(1);


	cout << "We've found AVA!" << endl;

	

	HANDLE hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION, FALSE, dwProcessId);

	if (hProcess)
	{
		cout << "Trying to get in..." << endl;

		

		const DWORD dwLocationOfFunction =  0x429570; (This is the old address)

		BYTE FirstByte;

		

		DWORD dwOldProtection;

		while (!ReadProcessMemory(hProcess, (LPVOID)dwLocationOfFunction, &FirstByte, sizeof(FirstByte), NULL) || FirstByte != 0x55)
		{
			if (GetLastError() == ERROR_ACCESS_DENIED)
				cout << "ERROR_ACCESS_DENIED" << endl;

			Sleep(1);
		}

		

		cout << "Killing Xigncode3" << endl;

		const BYTE ByteToWrite = 0xC3;

		

		BOOL bSuccess = VirtualProtectEx(hProcess, (LPVOID)dwLocationOfFunction, sizeof(FirstByte), PAGE_EXECUTE_READWRITE, &dwOldProtection);

		if (bSuccess)
			bSuccess = WriteProcessMemory(hProcess, (LPVOID)dwLocationOfFunction, &ByteToWrite, sizeof(ByteToWrite), NULL);

		CloseHandle(hProcess);


		if (bSuccess)
			cout << "Bypassed by Haxor" << endl;

	}


	cin.get();

	return 0;
}

It may help you a bit but its the old way and not a scan method.

[HOOSIER]

Nice now i just need to show them how to use it