Bypass Xigncode

[asscold]

Who can share me with their Xigncode bypass source code?, I am making SF2 bypass but can't find anything, Please PM me or leave a reply, or PM for add on Skype, Steam, etc...

[asqapro]

Code:

#define WINVER 0x0500
#include <iostream>
#include <windows.h>

using namespace std;

BOOL EnableDebugPrivilege(BOOL bEnable) //gives you debug priv, usually not needed, but it fixed a problem for me
{
    HANDLE hToken = NULL;
    LUID luid;

    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken)) return FALSE;
    if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid)) return FALSE;

    TOKEN_PRIVILEGES tokenPriv;
    tokenPriv.PrivilegeCount = 1;
    tokenPriv.Privileges[0].Luid = luid;
    tokenPriv.Privileges[0].Attributes = bEnable ? SE_PRIVILEGE_ENABLED : 0;

    if (!AdjustTokenPrivileges(hToken, FALSE, &tokenPriv, sizeof(TOKEN_PRIVILEGES), NULL, NULL)) return FALSE;

    return TRUE;
}

int main()
{
    HWND ava_wind;
    string windowName = "Alliance of Valiant Arms";
    cout << "Waiting for AVA..." << endl;
    while(true){
        ava_wind = FindWindow(NULL, windowName.c_str());
        if(ava_wind != 0){
            break;
        }
        Sleep(1);
    }
    /*TCHAR title[500];
    while(true){
        ava_wind = GetForegroundWindow();
        if(GetWindowText(ava_wind, title, 500)+1 == 25){ //this checks the length of the window name
            break;
        }
        Sleep(1);
    }*/
    EnableDebugPrivilege(true);
    DWORD* process_ID = new DWORD;
    GetWindowThreadProcessId(ava_wind, process_ID);
    HANDLE hProcess = OpenProcess(PROCESS_VM_OPERATION|PROCESS_VM_WRITE|PROCESS_VM_READ, FALSE, *process_ID);
    if(!hProcess){
        cout << GetLastError() << endl;
        cout << "Could not open the process!" << endl;
    }
    else{
        if(VirtualAllocEx(hProcess, NULL, 1, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE) != NULL){}
        else{
            cout << "VirtualAllocEx Failed" << endl;
            cout << GetLastError() << endl; //get what error it returned
        }
        int newdata = 0xC3; //RETN in asm
        DWORD newdatasize = sizeof(newdata);
        if(WriteProcessMemory(hProcess, (LPVOID)0x041000, &newdata, newdatasize, NULL)){ //wrong address
            cout << "XIGNCode Bypassed" << endl;
        }
        else{
            cout << GetLastError() << endl;
            cout << "Error cannot WriteProcessMemory!" << endl;
        }
        CloseHandle(hProcess);
    }
    Sleep(10000);
  	return 0;
}

Poorly commented, badly put together, but it works. I'm too lazy to make it "right" because it's not that important to me. The important parts (that actually bypass) are VirtualAllocEX and WriteProcessMemory.

[R3DDOT]

Who can share me with their Xigncode bypass source code?, I am making SF2 bypass but can't find anything, Please PM me or leave a reply, or PM for add on Skype, Steam, etc...

XINGCODE in AVA acts a lot different from XINGCODE in SF2. Trust me.

Code:

#define WINVER 0x0500
#include <iostream>
#include <windows.h>

using namespace std;

BOOL EnableDebugPrivilege(BOOL bEnable) //gives you debug priv, usually not needed, but it fixed a problem for me
{
    HANDLE hToken = NULL;
    LUID luid;

    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken)) return FALSE;
    if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &luid)) return FALSE;

    TOKEN_PRIVILEGES tokenPriv;
    tokenPriv.PrivilegeCount = 1;
    tokenPriv.Privileges[0].Luid = luid;
    tokenPriv.Privileges[0].Attributes = bEnable ? SE_PRIVILEGE_ENABLED : 0;

    if (!AdjustTokenPrivileges(hToken, FALSE, &tokenPriv, sizeof(TOKEN_PRIVILEGES), NULL, NULL)) return FALSE;

    return TRUE;
}

int main()
{
    HWND ava_wind;
    string windowName = "Alliance of Valiant Arms";
    cout << "Waiting for AVA..." << endl;
    while(true){
        ava_wind = FindWindow(NULL, windowName.c_str());
        if(ava_wind != 0){
            break;
        }
        Sleep(1);
    }
    /*TCHAR title[500];
    while(true){
        ava_wind = GetForegroundWindow();
        if(GetWindowText(ava_wind, title, 500)+1 == 25){ //this checks the length of the window name
            break;
        }
        Sleep(1);
    }*/
    EnableDebugPrivilege(true);
    DWORD* process_ID = new DWORD;
    GetWindowThreadProcessId(ava_wind, process_ID);
    HANDLE hProcess = OpenProcess(PROCESS_VM_OPERATION|PROCESS_VM_WRITE|PROCESS_VM_READ, FALSE, *process_ID);
    if(!hProcess){
        cout << GetLastError() << endl;
        cout << "Could not open the process!" << endl;
    }
    else{
        if(VirtualAllocEx(hProcess, NULL, 1, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE) != NULL){}
        else{
            cout << "VirtualAllocEx Failed" << endl;
            cout << GetLastError() << endl; //get what error it returned
        }
        int newdata = 0xC3; //RETN in asm
        DWORD newdatasize = sizeof(newdata);
        if(WriteProcessMemory(hProcess, (LPVOID)0x041000, &newdata, newdatasize, NULL)){ //wrong address
            cout << "XIGNCode Bypassed" << endl;
        }
        else{
            cout << GetLastError() << endl;
            cout << "Error cannot WriteProcessMemory!" << endl;
        }
        CloseHandle(hProcess);
    }
    Sleep(10000);
  	return 0;
}

Poorly commented, badly put together, but it works. I'm too lazy to make it "right" because it's not that important to me. The important parts (that actually bypass) are VirtualAllocEX and WriteProcessMemory.

xd n00b.

Btw since AVA.exe is actually packed, you should wait until *(BYTE*)XINGCODE_addr == 0x55 then you edit it to 0xC3.
Anyway as long as it works..

[asqapro]

Btw since AVA.exe is actually packed, you should wait until *(BYTE*)XINGCODE_addr == 0x55 then you edit it to 0xC3.
Anyway as long as it works..

I had that at one point, but ever since I removed it, works fine. I think it might be because by the time I get the window handle, the game is already unpacked.

[ccman32]

Did any of you guys ever hear of patterns? All i see are static offsets, static offsets and even more static offsets. None of these crap source codes will ever survive for more than one update.

[asqapro]

Did any of you guys ever hear of patterns? All i see are static offsets, static offsets and even more static offsets. None of these crap source codes will ever survive for more than one update.

I have a sig scan, but I wouldn't post it here and I don't include it in my releases cause then no one else gets a chance to release their bypass.

[R3DDOT]

Did any of you guys ever hear of patterns? All i see are static offsets, static offsets and even more static offsets. None of these crap source codes will ever survive for more than one update.

You are right, but he posted code for external memory editing. Making external pattern scanning is probably the dumbest thing ever.

It takes miliseconds to check each individual address, and when checking +100k addresses, it takes too long.
Alternatively, pattern scanning via shared memory is A LOT faster.

You are right, it's the only way to go, but I'd rather get the address using an addylogger, and update the address on my console bypass.

[zZzeta/S]

You are right, but he posted code for external memory editing. Making external pattern scanning is probably the dumbest thing ever.

It takes miliseconds to check each individual address, and when checking +100k addresses, it takes too long.
Alternatively, pattern scanning via shared memory is A LOT faster.

You are right, it's the only way to go, but I'd rather get the address using an addylogger, and update the address on my console bypass.

Lol wat? Just read the whole code section at once, scan it in your local process, translate the file address to a rva and patch it. Takes a few milliseconds and doesnt require global memory...

[00qwe]

i think if you can bypass it once, you can always bypass XIGNCODE ... ANY update do can easy YOU WILL 'ALWAYS BYPASS !!

[louisp14]

i think if you can bypass it once, you can always bypass XIGNCODE ... ANY update do can easy YOU WILL 'ALWAYS BYPASS !!

nope, it doesn't work like this. You have to bypass xigncode every time you open AVA

[ccman32]

i think if you can bypass it once, you can always bypass XIGNCODE ... ANY update do can easy YOU WILL 'ALWAYS BYPASS !!

You think bullshit

[VANK0]

i made ava bypass but i cant upload it -.-
stay tuned ...

[asqapro]

i made ava bypass but i cant upload it -.-
stay tuned ...

Heartbeat is back, no point in bypassing.

[kyriakos70]

Hi,
I want an xign bypass for knight online to use cheat engine, I found some code but says it needs a NEW dword xign address, how can I find this address hexeditor or some other?

Thank you
Kyriakos

[kyriakos70]

I have the code, I just want to know the address of the xigncode3 is inside AVA.exe and needs decompiling or disassembly to give the eddress of the code? I will give the code here is in C++, it is for ava.exe, I will change to KO/exe but the NEW address which has also comment it is from decompiling/disassembly; :

Code:

#include <Windows.h>#include <iostream>#include <tlhelp32.h>#include <stdio.h>using namespace std;DWORD GetProcessId(const TCHAR* lpProcessName){	DWORD dwProcessId = 0;	PROCESSENTRY32 entry;	entry.dwSize = sizeof(PROCESSENTRY32);	HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);	if (snapshot != INVALID_HANDLE_VALUE)	{		if (Process32First(snapshot, &entry))		{			do			{				if (_wcsicmp(entry.szExeFile, lpProcessName) == 0)				{					dwProcessId = entry.th32ProcessID;					break;				}			} while (Process32Next(snapshot, &entry));		}		CloseHandle(snapshot);	}	return dwProcessId;}void suspend(DWORD processId){	HANDLE hThreadSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);	THREADENTRY32 threadEntry; 	threadEntry.dwSize = sizeof(THREADENTRY32);	if (hThreadSnapshot != INVALID_HANDLE_VALUE)	{		if (Thread32First(hThreadSnapshot, &threadEntry))		{			do			{				if (threadEntry.th32OwnerProcessID == processId)				{					HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, threadEntry.th32ThreadID);					if (hThread)					{						SuspendThread(hThread);						CloseHandle(hThread);					}				}			} while (Thread32Next(hThreadSnapshot, &threadEntry));		}		CloseHandle(hThreadSnapshot);	}}int main(int argc, TCHAR* argv[]){		SetConsoleTitle(TEXT("MPGH Riddick AVA Xigncode3 Bypass"));	cout << "Searching for AVA..." << endl;	DWORD dwProcessId;	while (!(dwProcessId = GetProcessId(TEXT("AVA.exe"))))/		Sleep(1);	cout << "We've found AVA!" << endl;		HANDLE hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION, FALSE, dwProcessId);	if (hProcess)	{		cout << "Trying to get in..." << endl;				const DWORD dwLocationOfFunction =  0x429570; (This is the old Xigncode3 address, and you'll need to find the new one)		BYTE FirstByte;				DWORD dwOldProtection;		while (!ReadProcessMemory(hProcess, (LPVOID)dwLocationOfFunction, &FirstByte, sizeof(FirstByte), NULL) || FirstByte != 0x55)		{			if (GetLastError() == ERROR_ACCESS_DENIED)				cout << "ERROR_ACCESS_DENIED" << endl;			Sleep(1);		}				cout << "Killing Xigncode3" << endl;		const BYTE ByteToWrite = 0xC3;				BOOL bSuccess = VirtualProtectEx(hProcess, (LPVOID)dwLocationOfFunction, sizeof(FirstByte), PAGE_EXECUTE_READWRITE, &dwOldProtection);		if (bSuccess)			bSuccess = WriteProcessMemory(hProcess, (LPVOID)dwLocationOfFunction, &ByteToWrite, sizeof(ByteToWrite), NULL);		CloseHandle(hProcess);		if (bSuccess)			cout << "Bypassed by MPGH Riddick Haxor" << endl;	}	cin.get();	return 0;}

and the comment from user (and credits to) : Агент WHO I thing decompile it and to "Bypassed by MPGH Riddick Haxor"
comment "You will need to find the new Xigncode address with Cheat Engine for it to work!"
If you find the way to find address with cheat engine pm me or post here.

- - - Updated - - -

re si ptogrammatistis eimai exo ton kodika se c++. to dword address of xigncode in cheat engine? me hex editor? otan trexei to xign sti memory to address? me to cheat engine den asxolithika poli pos tha "fortoso" to xigncode sto ce afou to mplokarei? mono ton tropo thelo oxi na to kanei kaneis kai gia knight online giati oxi?

Kyriakos

- - - Updated - - -

translate, I am a programmer myself just want to know the xigncode3 address that says the comment it is a dword, which address in cheat engine, I didn't use cheat engine, if I load ce with xign will detect it, maybe means the xigncode3 bypass console application in cheat engine? I dont want to code for me just a tutorial or tip about the dword address.
a nai ava hacks sorry