Thread: tehe

Results 1 to 15 of 15
  1. #1
    XarutoUsoCrack's Avatar
    Join Date
    Apr 2011
    Gender
    male
    Location
    CFAL Honra & Glória Server
    Posts
    1,087
    Reputation
    51
    Thanks
    2,543
    My Mood
    Relaxed

    tehe

    Soo, Extreme Injector v1.2 -> All PE Hiding, All Dll Scrambling, Manual Map = No Detect ?

    Sure ?

    Injected .DLL whit Makecert -> Using these Method's -> Xtrap Error v8000 Abnormal Acess Memory, Tool Name: blank.

    This method is already catched, our guys doing something wrong.

  2. #2
    sobasoba13's Avatar
    Join Date
    Jun 2012
    Gender
    male
    Location
    So Far Away
    Posts
    1,145
    Reputation
    23
    Thanks
    1,607
    My Mood
    Relaxed
    What ? xD ...
    Crossfire Projects
    Made 21 Feature (Memory Hack)
    Respect List
    @ComboDance
    @mamo007
    @GaaD
    @Olwayy
    @Biesi
    @iSmexy
    @derh.acker
    @Brimir
    @steveroseik
    @Hero
    @Temperrr
    @Rullez
    PressIF I Helped

  3. #3
    XarutoUsoCrack's Avatar
    Join Date
    Apr 2011
    Gender
    male
    Location
    CFAL Honra & Glória Server
    Posts
    1,087
    Reputation
    51
    Thanks
    2,543
    My Mood
    Relaxed
    Quote Originally Posted by sobasoba13 View Post
    What ? xD ...

  4. #4
    sobasoba13's Avatar
    Join Date
    Jun 2012
    Gender
    male
    Location
    So Far Away
    Posts
    1,145
    Reputation
    23
    Thanks
    1,607
    My Mood
    Relaxed
    Quote Originally Posted by XarutoUsoCrack View Post
    your words are not clear xD
    Crossfire Projects
    Made 21 Feature (Memory Hack)
    Respect List
    @ComboDance
    @mamo007
    @GaaD
    @Olwayy
    @Biesi
    @iSmexy
    @derh.acker
    @Brimir
    @steveroseik
    @Hero
    @Temperrr
    @Rullez
    PressIF I Helped

  5. #5
    XarutoUsoCrack's Avatar
    Join Date
    Apr 2011
    Gender
    male
    Location
    CFAL Honra & Glória Server
    Posts
    1,087
    Reputation
    51
    Thanks
    2,543
    My Mood
    Relaxed
    manual map inject -> xtrap
    everything is xtrap today.

  6. #6
    sobasoba13's Avatar
    Join Date
    Jun 2012
    Gender
    male
    Location
    So Far Away
    Posts
    1,145
    Reputation
    23
    Thanks
    1,607
    My Mood
    Relaxed
    Quote Originally Posted by XarutoUsoCrack View Post
    manual map inject -> xtrap
    everything is xtrap today.
    manual map is working fine with me
    try to make your own injector cuz Extreme Injector is buggy a little
    Crossfire Projects
    Made 21 Feature (Memory Hack)
    Respect List
    @ComboDance
    @mamo007
    @GaaD
    @Olwayy
    @Biesi
    @iSmexy
    @derh.acker
    @Brimir
    @steveroseik
    @Hero
    @Temperrr
    @Rullez
    PressIF I Helped

  7. #7

  8. #8
    XarutoUsoCrack's Avatar
    Join Date
    Apr 2011
    Gender
    male
    Location
    CFAL Honra & Glória Server
    Posts
    1,087
    Reputation
    51
    Thanks
    2,543
    My Mood
    Relaxed
    well, anyway, if i create a _beginthreadex it geet's unhooked for some reason, and CreateThread is my only solution, but it gives this xtrap message, soo...

  9. #9
    I2espect's Avatar
    Join Date
    Aug 2013
    Gender
    male
    Location
    On Other Planet
    Posts
    641
    Reputation
    28
    Thanks
    870
    My Mood
    Devilish
    Quote Originally Posted by XarutoUsoCrack View Post
    well, anyway, if i create a _beginthreadex it geet's unhooked for some reason, and CreateThread is my only solution, but it gives this xtrap message, soo...
    I use createthread and it works !!!
    use it with a cert and manual mapping injector ,, it should works !!

  10. #10
    XarutoUsoCrack's Avatar
    Join Date
    Apr 2011
    Gender
    male
    Location
    CFAL Honra & Glória Server
    Posts
    1,087
    Reputation
    51
    Thanks
    2,543
    My Mood
    Relaxed
    Code:
    #include <Windows.h>
    
    DWORD WINAPI InfinityLoop ( LPVOID )
    {
    	while( true )
    	{
    
    	}
    	return false;
    }
    
    DWORD WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID ipvReason )
    {
    	switch( dwReason )
    	{
    	case 1:
    		DisableThreadLibraryCalls( hDll );
    		CreateThread( 0, 0, InfinityLoop, 0, 0, 0 );
    		break;
    	}
    
    	return 1;
    }
    Xtrap v8000 Detection No Tool Name, using PE Hiding, Scrambling and Manual Map & Makecert, injector: Extreme Injector v1.2

  11. #11
    sobasoba13's Avatar
    Join Date
    Jun 2012
    Gender
    male
    Location
    So Far Away
    Posts
    1,145
    Reputation
    23
    Thanks
    1,607
    My Mood
    Relaxed
    Code:
    BOOL WINAPI DllMain ( HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved )
    {
    	switch(dwReason) {
         case DLL_PROCESS_ATTACH: 
    		DisableThreadLibraryCalls(hinstDLL);
    		 CreateThread(NULL, NULL, (LPTHREAD_START_ROUTINE)Thread, hinstDLL, NULL, NULL); 
    		break;
    		  case DLL_PROCESS_DETACH: break;
                      case DLL_THREAD_ATTACH:  break;
    		  case DLL_THREAD_DETACH:  break;
    	}
    	return TRUE;
    }
    this is what i am using
    try it
    Crossfire Projects
    Made 21 Feature (Memory Hack)
    Respect List
    @ComboDance
    @mamo007
    @GaaD
    @Olwayy
    @Biesi
    @iSmexy
    @derh.acker
    @Brimir
    @steveroseik
    @Hero
    @Temperrr
    @Rullez
    PressIF I Helped

  12. #12
    I2espect's Avatar
    Join Date
    Aug 2013
    Gender
    male
    Location
    On Other Planet
    Posts
    641
    Reputation
    28
    Thanks
    870
    My Mood
    Devilish
    Quote Originally Posted by XarutoUsoCrack View Post
    Code:
    #include <Windows.h>
    
    DWORD WINAPI InfinityLoop ( LPVOID )
    {
    	while( true )
    	{
    
    	}
    	return false;
    }
    
    DWORD WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID ipvReason )
    {
    	switch( dwReason )
    	{
    	case 1:
    		DisableThreadLibraryCalls( hDll );
    		CreateThread( 0, 0, InfinityLoop, 0, 0, 0 );
    		break;
    	}
    
    	return 1;
    }
    Xtrap v8000 Detection No Tool Name, using PE Hiding, Scrambling and Manual Map & Makecert, injector: Extreme Injector v1.2
    Don't Use PE Hiding Nor Scrambling

  13. #13
    Biesi's Avatar
    Join Date
    Dec 2011
    Gender
    male
    Posts
    4,993
    Reputation
    374
    Thanks
    8,808
    My Mood
    Twisted
    That's what happens when I tell someone how I get my hack not being detected by XTrap..

  14. #14
    Ende!'s Avatar
    Join Date
    Feb 2010
    Gender
    male
    Posts
    33
    Reputation
    10
    Thanks
    33
    Code:
    typedef UINT(__stdcall *threadFunc_t)(void*);
    HANDLE createStealthThread(threadFunc_t pThreadFunc, void *pArgument)
    {
       BYTE *pK32     = (BYTE*)GetModuleHandleA("kernel32");
       BYTE *pPopRet  = nullptr;
       DWORD oldProt;
    
       auto rva2va = [&](DWORD dwVA)
       { 
          return (void*)((uintptr_t)pK32 + dwVA);
       };
    
       // Find propper location to place our shellcode
       void *pWriteTarget = nullptr;
    
       auto pMz          = (IMAGE_DOS_HEADER*    )pK32;
       auto pNt          = (IMAGE_NT_HEADERS32*  )rva2va(pMz->e_lfanew);
       auto pCurSection  = (IMAGE_SECTION_HEADER*)((uintptr_t)pNt
                         + sizeof(IMAGE_NT_HEADERS32));
    
       for (int i = 0; i < pNt->FileHeader.NumberOfSections; ++i)
       {
          if (memcmp(".text", pCurSection->Name, 5) == 0)
          {
             pWriteTarget = (void*)((uintptr_t)rva2va(pCurSection->VirtualAddress) 
                                    + pCurSection->Misc.VirtualSize - 6);
             break;
          }
          ++pCurSection;
       }
    
       if (!pWriteTarget)
          return NULL;
    
       // Prepare and write shellcode to K32
       uint8_t shellcode[] = "\x68\x00\x00\x00\x00\xC2";
       *(threadFunc_t*)(shellcode + 1) = pThreadFunc;
       
       VirtualProtect(pWriteTarget, 6, PAGE_EXECUTE_READWRITE, &oldProt);
       memcpy(pWriteTarget, shellcode, 6);
       VirtualProtect(pWriteTarget, 6, oldProt, &oldProt);
    
       // Create thread
       return CreateThread(nullptr, 
                           0, 
                           (LPTHREAD_START_ROUTINE)pWriteTarget,
                           pArgument,
                           NULL,
                           nullptr);
    } // ==> createStealthThread
    Requires MSVC10+ or a compiler with at least equivalent C++11 support. We used that when debugging our hack in the beginning of 2013. Should still work (didn't test it, though).
    Last edited by Ende!; 12-26-2013 at 04:52 PM.

  15. #15
    kmanev073's Avatar
    Join Date
    Feb 2011
    Gender
    male
    Location
    Bulgaria
    Posts
    2,400
    Reputation
    97
    Thanks
    2,537
    My Mood
    Cool
    That munual map also doesnt work for me... I suggest that everybody writes his OS info here so we can see...

    I am Win 7 Ultimate x64

Similar Threads

  1. AIMBOT /tehe
    By Jack in forum General
    Replies: 16
    Last Post: 10-14-2010, 12:15 AM
  2. Help again please /tehe
    By wassup40 in forum Combat Arms Coding Help & Discussion
    Replies: 8
    Last Post: 10-12-2010, 06:22 PM
  3. Im A Freak /tehe
    By Swiftdude in forum CrossFire Discussions
    Replies: 22
    Last Post: 10-02-2010, 08:13 PM
  4. [Discussion] "Legit" Hackers /tehe
    By sirherc in forum WarRock Discussions
    Replies: 62
    Last Post: 07-26-2010, 02:56 PM
  5. :D finnaly /tehe
    By wordspy in forum CrossFire Discussions
    Replies: 10
    Last Post: 07-16-2010, 01:55 AM