XIGNCODE 3

[dabieell12]

Hello! I have 1 question!
How can i find the pointer of XIGNCODE 3 in AVA.exe cheat engine?
I found an way to search in ava with cheat engine...

[HOOSIER]

Hello! I have 1 question!
How can i find the pointer of XIGNCODE 3 in AVA.exe cheat engine?
I found an way to search in ava with cheat engine...

Btw the to bypass xingcode which does not work at this time . You have to use two programs one is olly bdg and the other is pe tools to make a dump of ava . you make the dump then you find the xingcode value with olly . Then you code a console app in c# to bypass xingcode .

[dabieell12]

i know that i need ollydbg and petools ...i dumped ava...but i didn't found xigncode value... -.-

[HOOSIER]

This value will lead you to the correct area to do the text search for xingcode and xem . (0x0041CBF0)
Below is code for the console application to bypass xingcode you just need to update the value above when you find it . It will be the second xem from the top .

So to be clear open your bumped AVA with olly hit control g enter the value (0x0041CBF0). When that search is done right click and (search for all text strings . This will open a new window . In that window find the second xem from the top . Then replace the value in the code i provided . You're welcome though the heart beat should be still up so you will get kicked within 5 minutes (Disconnected)

You will look for the vale 55 right above 8BEC
[IMG][/IMG]

Code:

#include <Windows.h>
#include <iostream>
#include <tlhelp32.h>
#include <stdio.h>

using namespace std;

DWORD GetProcessId(const TCHAR* lpProcessName)
{
DWORD dwProcessId = 0;

PROCESSENTRY32 entry;
entry.dwSize = sizeof(PROCESSENTRY32);

HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);

if (snapshot != INVALID_HANDLE_VALUE)
{
if (Process32First(snapshot, &entry))
{
do
{
if (_wcsicmp(entry.szExeFile, lpProcessName) == 0)
{
dwProcessId = entry.th32ProcessID;
break;
}
} while (Process32Next(snapshot, &entry));
}

CloseHandle(snapshot);
}

return dwProcessId;
}

void suspend(DWORD processId)
{
HANDLE hThreadSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);

THREADENTRY32 threadEntry; 
threadEntry.dwSize = sizeof(THREADENTRY32);

if (hThreadSnapshot != INVALID_HANDLE_VALUE)
{
if (Thread32First(hThreadSnapshot, &threadEntry))
{
do
{
if (threadEntry.th32OwnerProcessID == processId)
{
HANDLE hThread = OpenThread(THREAD_ALL_ACCESS, FALSE, threadEntry.th32ThreadID);

if (hThread)
{
SuspendThread(hThread);
CloseHandle(hThread);
}

}
} while (Thread32Next(hThreadSnapshot, &threadEntry));
}

CloseHandle(hThreadSnapshot);
}
}

int main(int argc, TCHAR* argv[])
{
HANDLE h = GetStdHandle( STD_OUTPUT_HANDLE );
SetConsoleTextAttribute(h,FOREGROUND_RED | FOREGROUND_INTENSITY );

SetConsoleTitle(TEXT("MPGH  Xigncode  Bypass"));



cout << "XingCode3 ByPass for AVA" << endl;

DWORD dwProcessId;

while (!(dwProcessId = GetProcessId(TEXT("AVA.exe")))) 
Sleep(1);


cout << "Searching for Xingcode!" << endl;

SetConsoleTextAttribute(h,FOREGROUND_GREEN | FOREGROUND_INTENSITY );

HANDLE hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION, FALSE, dwProcessId);

if (hProcess)
{
cout << "Xingcode is Located..." << endl;

SetConsoleTextAttribute(h,FOREGROUND_RED | FOREGROUND_INTENSITY );


const DWORD dwLocationOfFunction = 0x0041CBF0; //Update this value 

INT Offsets;
BYTE FirstByte;



DWORD dwOldProtection;

while (!ReadProcessMemory(hProcess, (LPVOID)dwLocationOfFunction, &FirstByte, sizeof(FirstByte), NULL) || FirstByte !=  0x55 )
{
if (GetLastError() == ERROR_ACCESS_DENIED)
cout << "ERROR_ACCESS_DENIED" << endl;

Sleep(1);
}



//cout << "Bypassing Xingcode" << endl;


SetConsoleTextAttribute(h,FOREGROUND_GREEN | FOREGROUND_INTENSITY );

const BYTE ByteToWrite = 0xc3;



BOOL bSuccess = VirtualProtectEx(hProcess, (LPVOID)dwLocationOfFunction, sizeof(FirstByte), PAGE_EXECUTE_READWRITE, &dwOldProtection);

if (bSuccess)
bSuccess = WriteProcessMemory(hProcess, (LPVOID)dwLocationOfFunction, &ByteToWrite, sizeof(ByteToWrite), NULL);

CloseHandle(hProcess);


if (bSuccess)

	

    cout << "Xingcode Bypassed Successfully... Have Fun... " << endl;

    
  }   



  cin.get(); 
  return 0;

}

- - - Updated - - -

If you have success with the bypass i can also help you with pointers in ava its pretty easy .

[dabieell12]

Thanks!

I will do my best...i'm new in programming...

[HOOSIER]

Thanks!

I will do my best...i'm new in programming...

Again most likely they have the heartbeat still in effect they did just before this latest update. I need to continue my c++ so i can make an sdk hack which is the only way at this time . I am working lots of overtime and just have not has the time to study . If you are serious about hacking c++ is a must learn , you should learn it . The new boston on you tube has a videos on learning the basics of it . Oh and post if you manage to find that value and update the code .

[dabieell12]

AVA dumped have some errors and i couldn't find the value...first i need to solve the errors...if i find xigncode i will tell you...

[HOOSIER]

AVA dumped have some errors and i couldn't find the value...first i need to solve the errors...if i find xigncode i will tell you...

I posted how to locate it . Open the ava dump with olly (As admin) Hit control+g enter the value i provided . This will place you into the correct memory region . Then right click and search all known text strings and enter the word xem . This will list all know text strings for xem . Pick the second from the top and select the address for the value of 55 . I hope this makes sense to you . Btw if this is hard for you you have a ways to go yet learn c++

[dabieell12]

I found the value and update it in source code , but in project are some errors...I don't know how to solve them so I sent you the error box to tell me what i have to do to solve it:
Error C2664 'int _wcsicmp(const wchar_t *,const wchar_t *)': cannot convert argument 1 from 'CHAR [260]' to 'const wchar_t *' AvA Bypass V0.1.0 c:\users\grecu\documents\visual studio 2015\projects\ava bypass v0.1.0\ava bypass v0.1.0\source.cpp 23

Error (active) argument of type "CHAR *" is incompatible with parameter of type "const wchar_t *" AvA Bypass V0.1.0 c:\Users\grecu\Documents\Visual Studio 2015\Projects\AvA Bypass V0.1.0\AvA Bypass V0.1.0\Source.cpp 23

Error (active) argument of type "const TCHAR *" is incompatible with parameter of type "const wchar_t *" AvA Bypass V0.1.0 c:\Users\grecu\Documents\Visual Studio 2015\Projects\AvA Bypass V0.1.0\AvA Bypass V0.1.0\Source.cpp 23

Error C1075 the left brace '{' was unmatched at the end of the file AvA Bypass V0.1.0 c:\users\grecu\documents\visual studio 2015\projects\ava bypass v0.1.0\ava bypass v0.1.0\source.cpp 69

[HOOSIER]

I found the value and update it in source code , but in project are some errors...I don't know how to solve them so I sent you the error box to tell me what i have to do to solve it:
Error C2664 'int _wcsicmp(const wchar_t *,const wchar_t *)': cannot convert argument 1 from 'CHAR [260]' to 'const wchar_t *' AvA Bypass V0.1.0 c:\users\grecu\documents\visual studio 2015\projects\ava bypass v0.1.0\ava bypass v0.1.0\source.cpp 23

Error (active) argument of type "CHAR *" is incompatible with parameter of type "const wchar_t *" AvA Bypass V0.1.0 c:\Users\grecu\Documents\Visual Studio 2015\Projects\AvA Bypass V0.1.0\AvA Bypass V0.1.0\Source.cpp 23

Error (active) argument of type "const TCHAR *" is incompatible with parameter of type "const wchar_t *" AvA Bypass V0.1.0 c:\Users\grecu\Documents\Visual Studio 2015\Projects\AvA Bypass V0.1.0\AvA Bypass V0.1.0\Source.cpp 23

Error C1075 the left brace '{' was unmatched at the end of the file AvA Bypass V0.1.0 c:\users\grecu\documents\visual studio 2015\projects\ava bypass v0.1.0\ava bypass v0.1.0\source.cpp 69

Yeah my bad i did a bad copy paste of the code . At the end of the code it looks like this .


}



cin.get();
return 0;

it should look like this .


}



cin.get();
return 0;
}

When you have added that brace to the end of the code (}) mouse over console application 4 on the right side and right click it . this will open a window select the bottom option ( Properties) this will open a new window then select (configuration properties )
Now where it says charachter set change that to use Unicode character set . That will fix the tchar error the other was a missing brace at the end of the code .
You really need to learn c++ as these are very simple issues you should be able to solve .

[dabieell12]

Yeah...I successfully build and run the application, but xigncode detects it(maybe the value of xem that i replaced is not the right one)...The bypass says that it bypass xigncode...I will look again for the value.
If you want i will give you the project to see if i missed something .

[HOOSIER]

When you have the right value the little box in the lower right for xingcode will not be there .

- - - Updated - - -

BTW you have to run it as administrator .

[dabieell12]

Man...I tryed a lot to get the right value...but i didn't find the right 1...I just don't know what to do...I tryed with dumped ava...and i tryed with normal ava...I JUST DON'T KNOW WHAT TO DOOOOOOOOOOOOOOOOOOOOOOO...HELP ME PLSSSSSSS -.-

[killuminati111]

If you have success with the bypass i can also help you with pointers in ava its pretty easy .

If its so easy how come there are any for months ?

[HOOSIER]

If its so easy how come there are any for months ?

This way is easy but like i said the heart beats is up so to make a hack like the uav you need an sdk . Which means you have to generate one and i am not that good .