• Amused
  • Angry
  • Annoyed
  • Awesome
  • Bemused
  • Cocky
  • Cool
  • Crazy
  • Crying
  • Down
  • Drunk
  • Embarrased
  • Enraged
  • Friendly
  • Geeky
  • Godly
  • Happy
  • Hateful
  • Hungry
  • Innocent
  • Meh
  • Piratey
  • Poorly
  • Sad
  • Secret
  • Shy
  • Sneaky
  • Tired
  • Wtf
  • At Work
  • CodenzHub
  • Coding
  • Deejaying
  • Donating
  • Drinking
  • Eating
  • Editing
  • Hacking
  • Hate Mailing
  • Jamin'
  • Lagging
  • Live Streaming
  • Lurking
  • No Status
  • Pawning
  • PC Gaming
  • PS Gaming
  • Raging
  • Reversing
  • Sleeping
  • Steam Gaming
  • Trolling
  • TwitchStreamer
  • Vodka!
  • Watching TV/Movie
  • Xbox Gaming
  • Youtuber
  • Zombies
  • Results 1 to 7 of 7
    1. #1
      Newbie
      Learning to hack games!
       
      Feeling Normal
       
      Akira's Avatar
      Join Date
      Feb 2014
      Posts
      3
      Thanks (-->)
      1
      Thanks (<--)
      7

      XTrap Bypass Source v2

      Silent VPN
      XTrap Bypass Source v2
      By Akira


      #include <Windows.h>
      #include <process.h>
      #include <TlHelp32.h>
      #include <Psapi.h>
      #include "mHook.h"

      #pragma comment(lib,"Psapi.lib")

      // Module to exit
      HMODULE hDLL;

      /* Our hooked-function */
      void DefineNothing_CC();
      /* Our hooked-function */
      void K32Enum_CC();



      // Function to begin the hook
      void _beginhook(void*){

      // our addresses
      DWORD dwAddy;
      DWORD dwDLL;
      DWORD dwXTrap;
      DWORD dwXTrapDriver;


      // wait for xtrap
      while(1){
      // break
      Sleep(500);
      // get xtrap base
      dwXTrap = (DWORD)GetModuleHandle("XTrapVa.dll");
      // check if it exists
      if(dwXTrap){
      // leave
      break;
      }

      }


      if(PSAPI_VERSION == 1){
      // get address
      dwDLL = (DWORD)GetModuleHandle("Psapi.dll");
      // get address
      dwAddy = (DWORD)GetProcAddress((HINSTANCE)dwDLL,"EnumProcesses");
      // Prevent that Xtrap scan processes
      mHook::DetourCodeCave(dwAddy,(DWORD)DefineNothing_CC,19);

      // get address
      dwDLL = (DWORD)GetModuleHandle("Kernel32.dll");
      // get address
      dwAddy = (DWORD)GetProcAddress((HINSTANCE)dwDLL,"ExitProcess");
      // Prevent exit then ollydbg was found
      mHook::DetourCodeCave(dwAddy,(DWORD)DefineNothing_CC,27);
      }
      else
      {
      // little break
      Sleep(500);
      // set new dll
      dwDLL = (DWORD)GetModuleHandle("Kernel32.dll");
      // get new addy
      dwAddy = (DWORD)GetProcAddress((HINSTANCE)dwDLL,"K32EnumProcesses");
      // Prevent that Xtrap scan processes
      mHook::DetourCodeCave(dwAddy,(DWORD)K32Enum_CC,3);

      // get address
      dwDLL = (DWORD)GetModuleHandle("Kernel32.dll");
      // get address
      dwAddy = (DWORD)GetProcAddress((HINSTANCE)dwDLL,"ExitProcess");
      // Prevent exit then ollydbg was found
      mHook::DetourCodeCave(dwAddy,(DWORD)DefineNothing_CC,27);

      }

      // Get driver Address
      dwXTrapDriver = 0x406668A0;
      // Change it
      wmemcpy((wchar_t*)dwXTrapDriver,L"X6va01",6);

      // Exit
      FreeLibraryAndExitThread(hDLL,8);

      }




      /* Main */
      BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved){


      if(fdwReason == DLL_PROCESS_ATTACH){



      // set our Module
      hDLL = hinstDLL;
      // begin
      _beginthread(_beginhook,0,0);

      // success
      return true;
      }

      // fail
      return false;
      }


      /* Our hooked-function */
      __declspec( naked ) void K32Enum_CC(){
      __asm{
      ret 0x00C
      }
      }

      /* Our hooked-function */
      __declspec( naked ) void DefineNothing_CC(){
      __asm{
      mov edi,edi
      push ebp
      mov ebp,esp
      pop ebp
      jmp orig
      nop
      nop
      nop
      nop
      nop
      orig:
      nop
      nop
      nop
      nop
      nop
      nop
      nop
      nop
      nop
      nop
      nop
      nop
      nop
      nop
      nop
      nop
      nop
      nop
      }
      }
      Last edited by Akira; 02-15-2014 at 07:32 PM.

    2. Thanks Crazywink, NTvalk, andrewfam, shogun, squeenie thanked for this post
    3. #2
      Hacker
      ^.^
       
      Eating
       
      NTvalk's Avatar
      Join Date
      Jul 2013
      Location
      Your RAM
      Posts
      512
      Thanks (-->)
      176
      Thanks (<--)
      146
      This anticheat sure is stupid.
      Why don't you just RET at enumprocesses?

    4. Thanks till0sch thanked for this post
    5. #3
      Newbie
      Learning to hack games!
       
      Feeling Normal
       
      andrewfam's Avatar
      Join Date
      Feb 2014
      Posts
      1
      Thanks (-->)
      2
      Thanks (<--)
      0
      Thanks for the source codes. What game does it apply to? Can it bypass with the one that has "heartbeat" protection?

      [QUOTE]// Get driver Address
      dwXTrapDriver = 0x406668A0;[/QUOTE]


      How can you get the address of XTrap driver as above?

      Thanks
      Andrew

    6. #4
      Newbie
      Learning to hack games!
       
      Feeling Normal
       
      Akira's Avatar
      Join Date
      Feb 2014
      Posts
      3
      Thanks (-->)
      1
      Thanks (<--)
      7
      Use ProcessHacker [Service]
      Search the Xtrap Driver name like -> 16va001
      Cheat engine text 16va001

      You need reverse engineering basics.

    7. #5
      Newbie
      Learning to hack games!
       
      Feeling Normal
       
      josueinaki's Avatar
      Join Date
      Dec 2013
      Posts
      8
      Thanks (-->)
      0
      Thanks (<--)
      0
      #include "mHook.h"
      mHook::
      wmemcpy
      get error, why?

    8. #6
      Hacker
      ^.^
       
      Eating
       
      NTvalk's Avatar
      Join Date
      Jul 2013
      Location
      Your RAM
      Posts
      512
      Thanks (-->)
      176
      Thanks (<--)
      146
      Quote Originally Posted by josueinaki View Post
      #include "mHook.h"
      mHook::
      wmemcpy
      get error, why?
      You need to hook the functions, you can look on the internet if you can find mhook otherwise you can look at Microsoft Detours or any other hooking library.
      You are missing the mhook file.

    9. Thanks Akira thanked for this post
    10. #7
      Newbie
      wut.
       
      Hacking
       
      shogun's Avatar
      Join Date
      Nov 2013
      Posts
      2
      Thanks (-->)
      1
      Thanks (<--)
      0
      Silent VPN
      Want to help me out with DetourCodeCave? mhook doesn't have that function. I think I know what it is saying just don't know for sure...
      Last edited by shogun; 03-03-2014 at 06:24 PM.

    Similar Game Hacker Threads

    1. MicroVolts XTrap bypass
      By Exa in forum AntiCheat - AntiDebug
      Replies: 2
      Last Post: 05-23-2014, 03:29 PM
    2. [Source Code] HGWC Bypass (Only Function Source)
      By Akira in forum Tutorials and Snippets
      Replies: 0
      Last Post: 02-13-2014, 03:55 PM
    3. Bypass XTrap?
      By AlphaAnonymous in forum AntiCheat - AntiDebug
      Replies: 8
      Last Post: 09-15-2012, 07:20 AM

    Tags for this Thread