Results 1 to 9 of 9
  1. #1
    Silent's Avatar
    Join Date
    Jan 2015
    Gender
    male
    Location
    Melbourne, Australia
    Posts
    5,069
    Reputation
    2172
    Thanks
    8,472
    My Mood
    Bitchy

    Protection Class- Prevent Debuggers/Network Tampering tools

    This is a basic class to try prevent debuggers network tamping tools etc...




    Current Features:
    Debugger Prevernter.
    Anti VM.(VM-Ware, vBox, Sandboxie)


    Todo:
    Propper Anti debugger
    Anti WriteProcessMemory/ReadProcessMemory
    Anti Code Injection


    Why this? Honestly got no reason. This isn't that special. Only thing that took long was looking for debuggers by google. :|


    Credits:
    @GuruHax <- Anti vBox
    SandBoxie <- Couldn't find creator. I had stored it in a file from ages ago. Sorry finder


    Usage:
    Protection.StartProtection(); <-- Start Debugger Preventer
    Protection.CheckThreads <- It's a bool
    Protection.CheckProtection(); <- Checks the debugger preventer threads are running if not will close.
    Protection.IsVirtualState(); <- It's a bool


    Detectable Protesses:
    IDA
    WPE PRO
    The Wireshark Network Analyzer
    WinDbg
    OllyDbg
    Colasoft Capsa
    Microsoft Network Monitor
    Fiddler
    SmartSniff
    Immunity Debugger
    Process Explorer
    PE Tools
    AQtime
    DS-5 Debug
    Dbxtool
    Topaz
    FusionDebug
    NetBeans
    Rational Purify
    .NET Reflector
    Cheat Engine
    Sigma Engine

    Side Note:
    1) Some times the Protection.StartProtection fails to create both threads in time and causes close.
    2) The Threads.Sleep's Are configured to use as less ram/cpu as possible. Got a few people helping me to test them C:
    3) My spelling isn't the best, So sorry for that :P
    4) This was more or less made to slow crackers down.


    Last thing, If you get a chance to test this class can you leave a honest opinion on how it works.


    Thanks - Eithan

    VirusTotal Scan
    Metadefender Scan


    <b>Downloadable Files</b> Downloadable Files
    Last edited by Hugo Boss; 10-03-2016 at 01:21 PM. Reason: Adding virus scans
    Click Here to visit the official MPGH wiki! Keep up with the latest news and information on games and MPGH! To check out pages dedicated to games, see the links below!











    dd/mm/yyyy
    Member - 31/01/2015
    Premium - 12/09/2016
    Call of Duty minion - 05/11/2016 - 05/11/2019
    BattleOn minion - 28/02/2017 - 05/11/2019
    Battlefield minion - 30/05/2017 - 05/11/2019
    Other Semi-Popular First Person Shooter Hacks minion - 21/09/2017 - 17/09/2019
    Publicist - 07/11/2017 - 02/08/2018
    Cock Sucker - 01/12/2017 - Unknown
    Minion+ - 06/03/2018 - 05/11/2019
    Fortnite minion - 08/05/2018 - 05/11/2019
    Head Publicist - 08/10/2018 - 10/01/2020
    Developer Team - 26/10/2019 - 10/01/2020
    Former Staff - 10/01/2020



  2. The Following 2 Users Say Thank You to Silent For This Useful Post:

    ♪~ ᕕ(ᐛ)ᕗ (09-20-2017),Desolatio64 (09-28-2017)

  3. #2
    New's Avatar
    Join Date
    Jun 2014
    Gender
    male
    Location
    Location:
    Posts
    2,605
    Reputation
    386
    Thanks
    4,708
    My Mood
    Angelic
    Quote Originally Posted by eithan1231 View Post
    Detectable Protesses:
    IDA
    WPE PRO
    The Wireshark Network Analyzer
    WinDbg
    OllyDbg
    Colasoft Capsa
    Microsoft Network Monitor
    Fiddler
    SmartSniff
    Immunity Debugger
    Process Explorer
    PE Tools
    AQtime
    DS-5 Debug
    Dbxtool
    Topaz
    FusionDebug
    NetBeans
    Rational Purify
    .NET Reflector
    Cheat Engine
    Sigma Engine
    How does it detect processes? Process name or hash? Either ways can be changed, hash changes by updates (or just changing a random char in a random line in the hex code of the program, boom hash changed) and process name by changing the program name before running it.
    New

    Current Project:
    SimpleExaltHack

    Outdated stuff I made in the past:
    Famebot
    Clientless tradebot
    RotMG ping checker
    Zautonexus crack

  4. #3
    Silent's Avatar
    Join Date
    Jan 2015
    Gender
    male
    Location
    Melbourne, Australia
    Posts
    5,069
    Reputation
    2172
    Thanks
    8,472
    My Mood
    Bitchy
    Quote Originally Posted by PKTINOS View Post

    How does it detect processes? Process name or hash? Either ways can be changed, hash changes by updates (or just changing a random char in a random line in the hex code of the program, boom hash changed) and process name by changing the program name before running it.
    Detects windows title.
    I was going to make it detect the main module name but I didn't want to install every program and get the module name :C

    And when you say hash do you mean the file location hash? If so. That's stupid and would take up a lot more ram then what you need.
    Click Here to visit the official MPGH wiki! Keep up with the latest news and information on games and MPGH! To check out pages dedicated to games, see the links below!











    dd/mm/yyyy
    Member - 31/01/2015
    Premium - 12/09/2016
    Call of Duty minion - 05/11/2016 - 05/11/2019
    BattleOn minion - 28/02/2017 - 05/11/2019
    Battlefield minion - 30/05/2017 - 05/11/2019
    Other Semi-Popular First Person Shooter Hacks minion - 21/09/2017 - 17/09/2019
    Publicist - 07/11/2017 - 02/08/2018
    Cock Sucker - 01/12/2017 - Unknown
    Minion+ - 06/03/2018 - 05/11/2019
    Fortnite minion - 08/05/2018 - 05/11/2019
    Head Publicist - 08/10/2018 - 10/01/2020
    Developer Team - 26/10/2019 - 10/01/2020
    Former Staff - 10/01/2020



  5. #4
    New's Avatar
    Join Date
    Jun 2014
    Gender
    male
    Location
    Location:
    Posts
    2,605
    Reputation
    386
    Thanks
    4,708
    My Mood
    Angelic
    Quote Originally Posted by eithan1231 View Post
    And when you say hash do you mean the file location hash? If so. That's stupid and would take up a lot more ram then what you need.
    What are you talking about.. you disable the debugger after it is displayed since you said you detect the windows title... which is inconvinient on its own.. + hashing doesnt take up ram.

    Ever heard of signature-based detection?
    New

    Current Project:
    SimpleExaltHack

    Outdated stuff I made in the past:
    Famebot
    Clientless tradebot
    RotMG ping checker
    Zautonexus crack

  6. #5
    Silent's Avatar
    Join Date
    Jan 2015
    Gender
    male
    Location
    Melbourne, Australia
    Posts
    5,069
    Reputation
    2172
    Thanks
    8,472
    My Mood
    Bitchy
    Quote Originally Posted by PKTINOS View Post
    + hashing doesnt take up ram.
    Storing the binary your going to hash in memory does. And doing that constantly.... weow. RIP ram.


    Quote Originally Posted by PKTINOS View Post

    Ever heard of signature-based detection?
    Yes. But going and looking for a unique sig for each program would take time. AND Scanning for that sig would use a fair bit of CPU


    Quote Originally Posted by PKTINOS View Post
    you disable the debugger after it is displayed
    What if it's ran as admin and your program is user mode. You can't suspend all the threads. Only option you got is to exit.


    Quote Originally Posted by PKTINOS View Post
    which is inconvinient on its own
    No.
    Click Here to visit the official MPGH wiki! Keep up with the latest news and information on games and MPGH! To check out pages dedicated to games, see the links below!











    dd/mm/yyyy
    Member - 31/01/2015
    Premium - 12/09/2016
    Call of Duty minion - 05/11/2016 - 05/11/2019
    BattleOn minion - 28/02/2017 - 05/11/2019
    Battlefield minion - 30/05/2017 - 05/11/2019
    Other Semi-Popular First Person Shooter Hacks minion - 21/09/2017 - 17/09/2019
    Publicist - 07/11/2017 - 02/08/2018
    Cock Sucker - 01/12/2017 - Unknown
    Minion+ - 06/03/2018 - 05/11/2019
    Fortnite minion - 08/05/2018 - 05/11/2019
    Head Publicist - 08/10/2018 - 10/01/2020
    Developer Team - 26/10/2019 - 10/01/2020
    Former Staff - 10/01/2020



  7. #6
    New's Avatar
    Join Date
    Jun 2014
    Gender
    male
    Location
    Location:
    Posts
    2,605
    Reputation
    386
    Thanks
    4,708
    My Mood
    Angelic
    Quote Originally Posted by eithan1231 View Post
    Yes. But going and looking for a unique sig for each program would take time. AND Scanning for that sig would use a fair bit of CPU
    That's how antiviruses scan small files in real time, I don't see them exhausting my CPU. Plus they have to compare thousands of signatures, and yet you get virtually no delay when opening them.


    - - - Updated - - -

    And you only have to compare less than a hundred.
    New

    Current Project:
    SimpleExaltHack

    Outdated stuff I made in the past:
    Famebot
    Clientless tradebot
    RotMG ping checker
    Zautonexus crack

  8. #7
    Silent's Avatar
    Join Date
    Jan 2015
    Gender
    male
    Location
    Melbourne, Australia
    Posts
    5,069
    Reputation
    2172
    Thanks
    8,472
    My Mood
    Bitchy
    Quote Originally Posted by PKTINOS View Post

    That's how antiviruses scan small files in real time, I don't see them exhausting my CPU. Plus they have to compare thousands of signatures, and yet you get virtually no delay when opening them.


    - - - Updated - - -

    And you only have to compare less than a hundred.
    Well. If I where to make a efficient program that scans sigs I would still need to get them sigs. Witch I'm amusing would take a fair bit of time.

    And I event posted on the thread saying "This was more or less made to slow crackers down." implying it's not meant to stop them. Just waist there time as I'm sure anyone with a brain could bypass this without any troubles.
    Click Here to visit the official MPGH wiki! Keep up with the latest news and information on games and MPGH! To check out pages dedicated to games, see the links below!











    dd/mm/yyyy
    Member - 31/01/2015
    Premium - 12/09/2016
    Call of Duty minion - 05/11/2016 - 05/11/2019
    BattleOn minion - 28/02/2017 - 05/11/2019
    Battlefield minion - 30/05/2017 - 05/11/2019
    Other Semi-Popular First Person Shooter Hacks minion - 21/09/2017 - 17/09/2019
    Publicist - 07/11/2017 - 02/08/2018
    Cock Sucker - 01/12/2017 - Unknown
    Minion+ - 06/03/2018 - 05/11/2019
    Fortnite minion - 08/05/2018 - 05/11/2019
    Head Publicist - 08/10/2018 - 10/01/2020
    Developer Team - 26/10/2019 - 10/01/2020
    Former Staff - 10/01/2020



  9. #8
    Hugo Boss's Avatar
    Join Date
    Oct 2011
    Gender
    male
    Posts
    28,764
    Reputation
    4790
    Thanks
    5,902
    My Mood
    Angelic
    /Approved .

     
    Super User since 08-29-2017
    Global Moderator from 10-02-2016 - 08-29-2017
    Premium Seller since 11-16-2016
    Moderator from 09-24-2015 - 01-09-2016
    Alliance of Valiant Arms Minion from 11-12-2015 - 01-09-2016
    Market place Minion from 09-24-2015 - 01-09-2016
    Crossfire Minion from 09-11-2015 - 01-09-2016

    Middleman from 07-07-2015 - 01-09-2016
    Market Place Minion from 03-03-2014 - 08-01-2014
    Middleman from 01-30-2014 - 08-01-2014
    Moderator from 03-29-2013 - 04-04-2013
    Market Place Minion from 03-07-2013 - 04-04-2013
    Premium Member since 01-25-2013
    Middleman from 12-04-2012 - 04-04-2013
    Registered since 10-9-2011

  10. #9
    Silent's Avatar
    Join Date
    Jan 2015
    Gender
    male
    Location
    Melbourne, Australia
    Posts
    5,069
    Reputation
    2172
    Thanks
    8,472
    My Mood
    Bitchy
    Quote Originally Posted by Hugo Boss View Post
    /Approved .
    This the first thing you approved while being GM? :P
    Click Here to visit the official MPGH wiki! Keep up with the latest news and information on games and MPGH! To check out pages dedicated to games, see the links below!











    dd/mm/yyyy
    Member - 31/01/2015
    Premium - 12/09/2016
    Call of Duty minion - 05/11/2016 - 05/11/2019
    BattleOn minion - 28/02/2017 - 05/11/2019
    Battlefield minion - 30/05/2017 - 05/11/2019
    Other Semi-Popular First Person Shooter Hacks minion - 21/09/2017 - 17/09/2019
    Publicist - 07/11/2017 - 02/08/2018
    Cock Sucker - 01/12/2017 - Unknown
    Minion+ - 06/03/2018 - 05/11/2019
    Fortnite minion - 08/05/2018 - 05/11/2019
    Head Publicist - 08/10/2018 - 10/01/2020
    Developer Team - 26/10/2019 - 10/01/2020
    Former Staff - 10/01/2020



Similar Threads

  1. Replies: 11
    Last Post: 02-18-2015, 08:54 AM
  2. Prevent Debugger
    By cornettojr in forum Blackshot Help
    Replies: 3
    Last Post: 12-08-2013, 02:19 AM
  3. [Release] MPGH Multi-Tool | (HWID PROTECTION) (USER FRIENDLY)
    By HiddenoO in forum Combat Arms Spammers, Injectors and Multi Tools
    Replies: 39
    Last Post: 06-24-2012, 10:46 AM
  4. [Patched] Paul's Rs Tool V1.1 [PASSWORD PROTECTED]
    By Paul in forum Runescape Hacks / Bots
    Replies: 4
    Last Post: 08-31-2011, 02:25 AM
  5. [Release] tool class
    By Crash in forum Combat Arms Hack Coding / Programming / Source Code
    Replies: 44
    Last Post: 01-06-2011, 06:24 PM