• Amused
  • Angry
  • Annoyed
  • Awesome
  • Bemused
  • Cocky
  • Cool
  • Crazy
  • Crying
  • Down
  • Drunk
  • Embarrased
  • Enraged
  • Friendly
  • Geeky
  • Godly
  • Happy
  • Hateful
  • Hungry
  • Innocent
  • Meh
  • Piratey
  • Poorly
  • Sad
  • Secret
  • Shy
  • Sneaky
  • Tired
  • Wtf
  • At Work
  • CodenzHub
  • Coding
  • Deejaying
  • Donating
  • Drinking
  • Eating
  • Editing
  • Hacking
  • Hate Mailing
  • Jamin'
  • Lagging
  • Live Streaming
  • Lurking
  • No Status
  • Pawning
  • PC Gaming
  • PS Gaming
  • Raging
  • Reversing
  • Sleeping
  • Steam Gaming
  • Trolling
  • TwitchStreamer
  • Vodka!
  • Watching TV/Movie
  • Xbox Gaming
  • Youtuber
  • Zombies
  • Page 1 of 3 123 LastLast
    Results 1 to 10 of 22

    Thread: EXE Signature

    1. #1
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      guru's Avatar
      Join Date
      Jun 2012
      Posts
      117
      Thanks (-->)
      7
      Thanks (<--)
      20

      EXE Signature

      John Kittz
      Hi,

      I think you all know about VAC. VAC has started using EXE signature scans to detect cheats(Famous of them is mw2 external esp hack detection. Detected after 9 months of hard work). Do any body know how exe signatures are scanned? Or how the scan is performed? Because sph4ck has started to program exe which would act like a scrambler to avoid vac detection. If we get an idea about exe signature scanning we can get our cheats undetected from vac. So any valuable points regarding EXE signature scanning are welcomed.


      Note: Mention how VAC checks an exe(like checking readprocessmemory function in exe or method names like aimbot, readgame data).

    2. #2
      Hacker
      Learning to hack games!
       
      Pawning
       
      Fleep's Avatar
      Join Date
      May 2012
      Posts
      626
      Thanks (-->)
      208
      Thanks (<--)
      727

      Re: EXE Signature

      I agree with you on this Guru, dealing with Vac is something I am still inexperienced with, maybe someone with some knowledge in cheat detection can provide some input here.
      I am hoping to tackle this problem soon also, but like anything having an idea of how the anti cheat behaves is always helpful to know.

      From what I read a while back, most functions are detected by Vac, including ReadProcessMemory WriteProcessMemory etc. This pretty much removes any external hacks from the picture.

      Obviously with this in mind DLL's and C++ is the way to go, other than that any extra info is awesome sauce.

      Fleep

    3. #3
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      guru's Avatar
      Join Date
      Jun 2012
      Posts
      117
      Thanks (-->)
      7
      Thanks (<--)
      20

      Re: EXE Signature

      And fleep one more way to get around VAC is simple thing. Run your hack in python or java(very few people use java for game hacking). Because you need not create an exe while using python or java(or any other language that don't create exe before executing). VAC scans only EXE not the run environment in programming(means it don't check for either we are running java or python simultaneously). This is the present way people use to get around VAC bans.

      Apart from this, we need to know how to scramble the exe to avoid detection since we make our hack mostly in c++ and winapi. If we get the idea on exe signature scanning we can scramble our exe to what ever level we need.

    4. #4
      Hacker
      Learning to hack games!
       
      Pawning
       
      Fleep's Avatar
      Join Date
      May 2012
      Posts
      626
      Thanks (-->)
      208
      Thanks (<--)
      727

      Re: EXE Signature

      Interesting stuff, but wouldnt Java and Python limit the amount of things your hack can do?, I'l have a look into that when I start focusing on bypassing anti-cheat.

      Fleep

    5. #5
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      guru's Avatar
      Join Date
      Jun 2012
      Posts
      117
      Thanks (-->)
      7
      Thanks (<--)
      20

      Re: EXE Signature

      Did you look at the source code which i posted in c/c++ section. My friend is trying to port that code to python. He has done almost everything expect fixing structs in python. Actually he got full functionality in his hack. When he runs his hack, we see no difference between exe and python code. Soon me too would be moving to python or do a difficult job of java using open gl .


      Once we started to run hacks using java/python then detecting them is very difficult as java create only class file (unlike exe) which cannot be inspected except for JVM. I don't know much about python. But class file is difficult to inspect without help of java virtual machine.


      Even though we get ton of info on how to avoid vac bans. Knowledge on exe signature scanning would help us create hack soon with usual c++ way. My hack for 4d1 would be soon detected. It has drawn attention from 4d1. Soon they would fix the hack. Simple exe signature scanning would ban my hack. Injecting dll is definitely a 'no'. VAC is particular about exe and other dll file checks that the game is not modified in client.

    6. #6
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      BlackPitchPL's Avatar
      Join Date
      May 2012
      Location
      POLAND
      Posts
      171
      Thanks (-->)
      1
      Thanks (<--)
      14

      Re: EXE Signature

      Most of pay hack are not block the vac :P They only look if vac try to make a screen shoot and ofc they have special function's to inject and i also know that they are inject after the vac is running not at start

    7. #7
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      guru's Avatar
      Join Date
      Jun 2012
      Posts
      117
      Thanks (-->)
      7
      Thanks (<--)
      20

      Re: EXE Signature

      Blackpitchpl, could you please elucidate further into it? And also what do you mean by special functions? Just curious

    8. #8
      Coder
      Learning to hack games!
       
      Feeling Normal
       
      BlackPitchPL's Avatar
      Join Date
      May 2012
      Location
      POLAND
      Posts
      171
      Thanks (-->)
      1
      Thanks (<--)
      14

      Re: EXE Signature

      I'm not a specialist in this case that's all i was mean that they r using more complicated injection method .

    9. #9
      Newbie
      Learning to hack games!
       
      Feeling Normal
       
      justintcs's Avatar
      Join Date
      Jul 2012
      Posts
      30
      Thanks (-->)
      1
      Thanks (<--)
      0

      Re: EXE Signature

      Sir Fleep, I need your help to code something to bypass these anti-cheat program. We need to fills memory with random data and a piece of code, It avoids any anti-cheat program to be able to detect this hack by looking at fixed memory locations. Because idk how to write some code to fills memory with random data.

    10. #10
      Newbie
      Learning to hack games!
       
      Feeling Normal
       
      nomad's Avatar
      Join Date
      Aug 2012
      Posts
      13
      Thanks (-->)
      0
      Thanks (<--)
      0

      Re: EXE Signature

      Cheats'n'Trainers
      OK so I was thinking about this quite a lot and I think I have a possible solution. If any of you have ever looked into AV bypass you would know what metasploit is.

      if not I would look it up and focus on encoders.

      Would the encoding function be adaptable too making a randomized exe signatures to bypass VAC, in much the same way as it does for AV.

      Memory scanning for patches or hooks is a different story though.

    Page 1 of 3 123 LastLast

    Similar Game Hacker Threads

    1. [Help] Fleep's Signature Scanning Tutorial (C++)
      By WhiteHood in forum Hacking Help
      Replies: 2
      Last Post: 01-26-2016, 05:48 AM
    2. [Help] Signature scanning vs finding offset
      By PandoraBytes in forum Hacking Help
      Replies: 4
      Last Post: 11-03-2015, 05:37 PM
    3. [Help] Signature scan
      By meekaah in forum C#
      Replies: 1
      Last Post: 07-05-2015, 07:45 AM
    4. [Tutorial] Signature Scanner for Delphi by ArxLex
      By arxlex in forum Misc Coding
      Replies: 0
      Last Post: 05-25-2014, 08:41 AM
    5. [Help] Signature Scanning/Question
      By kn0cturnal in forum GH Tutorials Help
      Replies: 1
      Last Post: 05-12-2014, 12:04 AM