I have the code, I just want to know the address of the xigncode3 is inside AVA.exe and needs decompiling or disassembly to give the eddress of the code? I will give the code here is in C++, it is for ava.exe, I will change to KO/exe but the NEW address which has also comment it is from decompiling/disassembly; :
Code:
#include <Windows.h>#include <iostream>#include <tlhelp32.h>#include <stdio.h>using namespace std;DWORD GetProcessId(const TCHAR* lpProcessName){ DWORD dwProcessId = 0; PROCESSENTRY32 entry; entry.dwSize = sizeof(PROCESSENTRY32); HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL); if (snapshot != INVALID_HANDLE_VALUE) { if (Process32First(snapshot, &entry)) { do { if (_wcsicmp(entry.szExeFile, lpProcessName) == 0) { dwProcessId = entry.th32ProcessID; break; } } while (Process32Next(snapshot, &entry)); } CloseHandle(snapshot); } return dwProcessId;}void suspend(DWORD processId){ HANDLE hThreadSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0); THREADENTRY32 threadEntry; threadEntry.dwSize = sizeof(THREADENTRY32); if (hThreadSnapshot != INVALID_HANDLE_VALUE) { if (Thread32First(hThreadSnapshot, &threadEntry)) { do { if (threadEntry.th32OwnerProcessID == processId) { HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, threadEntry.th32ThreadID); if (hThread) { SuspendThread(hThread); CloseHandle(hThread); } } } while (Thread32Next(hThreadSnapshot, &threadEntry)); } CloseHandle(hThreadSnapshot); }}int main(int argc, TCHAR* argv[]){ SetConsoleTitle(TEXT("MPGH Riddick AVA Xigncode3 Bypass")); cout << "Searching for AVA..." << endl; DWORD dwProcessId; while (!(dwProcessId = GetProcessId(TEXT("AVA.exe"))))/ Sleep(1); cout << "We've found AVA!" << endl; HANDLE hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION, FALSE, dwProcessId); if (hProcess) { cout << "Trying to get in..." << endl; const DWORD dwLocationOfFunction = 0x429570; (This is the old Xigncode3 address, and you'll need to find the new one) BYTE FirstByte; DWORD dwOldProtection; while (!ReadProcessMemory(hProcess, (LPVOID)dwLocationOfFunction, &FirstByte, sizeof(FirstByte), NULL) || FirstByte != 0x55) { if (GetLastError() == ERROR_ACCESS_DENIED) cout << "ERROR_ACCESS_DENIED" << endl; Sleep(1); } cout << "Killing Xigncode3" << endl; const BYTE ByteToWrite = 0xC3; BOOL bSuccess = VirtualProtectEx(hProcess, (LPVOID)dwLocationOfFunction, sizeof(FirstByte), PAGE_EXECUTE_READWRITE, &dwOldProtection); if (bSuccess) bSuccess = WriteProcessMemory(hProcess, (LPVOID)dwLocationOfFunction, &ByteToWrite, sizeof(ByteToWrite), NULL); CloseHandle(hProcess); if (bSuccess) cout << "Bypassed by MPGH Riddick Haxor" << endl; } cin.get(); return 0;}
and the comment from user (and credits to) : Агент WHO I thing decompile it and to "Bypassed by MPGH Riddick Haxor"
comment "You will need to find the new Xigncode address with Cheat Engine for it to work!"
If you find the way to find address with cheat engine pm me or post here.
- - - Updated - - -

Originally Posted by
heiron70
re si ptogrammatistis eimai exo ton kodika se c++. to dword address of xigncode in cheat engine? me hex editor? otan trexei to xign sti memory to address? me to cheat engine den asxolithika poli pos tha "fortoso" to xigncode sto ce afou to mplokarei? mono ton tropo thelo oxi na to kanei kaneis kai gia knight online giati oxi?
Kyriakos
- - - Updated - - -
translate, I am a programmer myself just want to know the xigncode3 address that says the comment it is a dword, which address in cheat engine, I didn't use cheat engine, if I load ce with xign will detect it, maybe means the xigncode3 bypass console application in cheat engine? I dont want to code for me just a tutorial or tip about the dword address.
a nai ava hacks sorry