Even if we distanced from CF haxxoring, I'll give you guys a hand. Your concept is total bullshit.
Here, have one I quickly put together just now.
Code:
_____________________________________________________________________________
| HGWC.exe |
| |
| => Establishes connection to HGWC server |
| => Receives tons of CRCs of common 'bad tools' and detected hacks |
| => Validates integrity of .rez files with CRCs from server |
| => Receives the HGWC server-key passed as parameter to the game |
| - Key is sent in CF's login-packet |
| - Invalid key -> kick after server selection |
| => Launches the game process |
| => Keeps alive connection to HGWC server, regularly sends trivial heartbeat |
| packets |
| => Connection is encrypted with a static key, key is later changed to one |
| provided by the server |
| => Tunnels heartbeat-packets from XTrap.lib/XTrapVa.dll in CF process |
| => Protocol consists of ~ 35 server- and ~ 15 client-opcodes |
| => Sending incorrect response packets to the server results in a disconnect |
| => Manages bans of specific kinds (didn't dive into that further, emulated |
| whole HGWC/XT anyway, so didn't care about the banning stuff) |
|_____________________________________________________________________________|
|
|
v
_____________________________________________________________________________
| crossfire.exe |
| |
| => calls 4 (not sure, but I think it were 4) callbacks to assure XTrap.lib |
| is initialized correctly (in WinMain, post window creation, post login, |
| WndProc - nopping these prevents XT from loading, DC after ~2 min inc) |
| _____________ |
| | XTrap.lib | |
| => Establishes encrypted named pipe connection to HGWC |
| => Loads XTrapVa.dll |
| => XT-heartbeat packet generation |
| - 7 server-, 5 client packet types |
| - obfuscated opcodes |
| - static packet length (0x80 bytes) |
| - receives check requests from server, generates response data |
| validated by the server, so nopping does not help, as the server |
| expects correct data (checksums, for instance) |
| - on a special opcode, requests heartbeat data generated by XTrapVa.dll |
| => Statically linked into crossfire.exe |
| _____________ |
| | XTrapVa.dll | |
| => Generates a heartbeat data block validated by the server when asked |
| => Performs actual AC stuff (detour checks, ...) |
|_____________________________________________________________________________|
As you can see above, HGWC is not only a tiny part of the AC, but the main gateway between the XT-server and the XT-client, adding some additional functionality. The above 'diagram' is far from being complete. I don't want to provide stuff that kids can turn into an emulator, I just give skilled reversers a hand by showing them the main structure and give them a point to start. Whatever XTrap.xt does, it is not involved in heartbeat generation, so I didn't dive into that any further.
PS: Don't ask me stuff about ****, I won't tell you more than you probably already found out from public sources.
PS2: I typed that together in a few minutes, might add/correct some stuff later. I'm sure I missed something important.