Autor Topic: Source MuGuard Antihacker  (Visto 322 veces)

0 Miembros and 1 Guest are viewing this topic.

Offline CorsarioDgx on: June 15, 2018, 02:07:09 PM

  • *
  • Rank: Destacado
  • Posts: 91
  • Gracias recibida: 766
Aportare esta Source de Antihack  algo antigua ! Espero  alguien con conosimiento haga algo bueno para el foro: run



Informacion Sobre la Source :


here is working MuGuard..
main file MuGaurd.cpp :: Credits to me (leo123)


#include "stdafx.h"
#include "define.h"
#include "cFile.h"
#include "AntiHack.h"

cFile MyFile;

void ChangeSerial()
{

    memset(&Main_Serial[0],0x00,16);                                // the max is 16 i think =/
    memcpy(&Main_Serial[0],MySerial,strlen(MySerial));
}
void FindHacks()
{
    ChangeSerial(); // Rum time changeing of serial
    bool State = MyFile.iCheckFileSize("Data\\Player\\Player.bmd",sizePlayerBMD);
    if(State == false)
    {
        MessageBoxA(FindWindowA(0,"MU"),"We are sorry, but a hack or cheat or other 3rd tool has been detected","MuGuard V1.0 by leo123",0);
        ExitProcess(1);
    }
    SystemProcessesScan();
    Sleep(3000);
    FindHacks();
}

void Setup()
{
    ChangeSerial();
    if(FindWindow(0,"MU") > 0)
    {
        WinExec("taskkill /IM main.exe",5);
        Sleep(200);
        ExitProcess(0);
    }
    SystemProcessesScan();
    bool State = MyFile.iCheckFileSize("Data\\Player\\Player.bmd",sizePlayerBMD);
    if(State == false)
    {
        MessageBoxA(0,"We are sorry, but a hack or cheat or other 3rd tool has been detected","MuGuard V1.0 by leo123",0);
        ExitProcess(0);
    }
    char* Temp = GetCommandLine();
    if(Temp[9] != 0x63)
    {
        MessageBoxA(0,"Please use lancher.","MuGuard V1.0 by leo123",0);
        ExitProcess(0);
    }
   
    #ifdef premu
    __asm
    {
        Mov Edi,0x0073BD18
        Jmp Edi
    }
    #endif

    SystemProcessesScan();
    DWORD MyId;
    CreateThread(NULL,NULL,(LPTHREAD_START_ROUTINE)FindHacks,NULL,0,&MyId);
}

extern "C" __declspec (dllexport) void __cdecl Loaded()
{
    DWORD OldProtect;
    if(VirtualProtect(LPVOID(0x401000),0x7C2FFF,PAGE_EXECUTE_READWRITE,&OldProtect))
    {
        Setup();
    }
    else
    {
        MessageBoxA(NULL,"Unable to initialize the MuGuard.dll","PRE DLL",MB_OK);
        ExitProcess(0);
    }

}

BOOL APIENTRY DllMain( HANDLE hModule, DWORD  ul_reason_for_call, LPVOID lpReserved)
{
    return TRUE;
}


AntiHack.cpp :: Credits F1x ( i add some exitprocess fix)

// ----------------------------------------------------
//    Nazwa pliku: AntiHack.cpp
//    Data utworzenia: 2008-06-26
//    Autor: f1x / f1ksiu@hotmail.com
// ----------------------------------------------------

#include "stdafx.h"
#include "AntiHack.h"
#include <windows.h>
#include <tlhelp32.h>
#include <stdlib.h>

ANITHACK_PROCDUMP g_ProcessesDumps[MAX_PROCESS_DUMP] = {
{0x4C8259, {0xA1, 0x38, 0xBD, 0x4C, 0x00, 0x8B, 0x00, 0x8B, 0x4D, 0xFC, 0xBA, 0xC0, 0x82, 0x4C, 0x00, 0xE8, 0x1F, 0xF1, 0xFF, 0xFF, 0x33, 0xDB, 0xE8, 0xF8, 0xBE, 0xF3, 0xFF, 0x33, 0xC0, 0x5A, 0x59, 0x59}},    //Catastrophe
{0x4018bb, {0x74 ,0x3F ,0x0F ,0xB6 ,0x45 ,0xEC ,0x0F ,0xB6 ,0x9D ,0x74 ,0xFF ,0xFF ,0xFF ,0x39 ,0xD8 ,0x75 ,0x30 ,0x6A ,0x01 ,0x6A ,0x39 ,0x68 ,0xD4 ,0x75 ,0x40 ,0x00 ,0xE8 ,0x96 ,0x08 ,0x00 ,0x00 ,0x50}},   // Hasty MU
{0x4C5F31, {0x7C, 0x23, 0x8B, 0x45, 0xFC, 0x80, 0x38, 0xC1, 0x75, 0x1B, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x02, 0xF3, 0x75, 0x12, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x03, 0x00, 0x75, 0x09, 0x8B, 0x45, 0xFC, 0x80}},    // Catastrophe
};

void SystemProcessesScan()
{
    HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
    if(hProcessSnap != INVALID_HANDLE_VALUE)
    {
        PROCESSENTRY32 pe32;
        pe32.dwSize = sizeof(PROCESSENTRY32);

        if(Process32First(hProcessSnap, &pe32))
        {
            do
            {
                HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
                if(hProcess != NULL)
                {
                    if(ScanProcessMemory(hProcess))
                    {
                        MessageBoxA(FindWindowA(0,"MU"), "Found hack software in your system.\n\nHint: Close all illegal programs and run application again.", "leo123 MuGuard v1.0", MB_OK | MB_ICONSTOP);
                        ExitProcess(1);
                    }
                }
            }
        while(Process32Next(hProcessSnap, &pe32));
        }
    }
    CloseHandle(hProcessSnap);
}

bool ScanProcessMemory(HANDLE hProcess)
{
    for(int i = 0; i < MAX_PROCESS_DUMP; i++)
    {
        char aTmpBuffer[MAX_DUMP_SIZE];
        SIZE_T aBytesRead = 0;
        ReadProcessMemory(hProcess, (LPCVOID)g_ProcessesDumps.m_aOffset, (LPVOID)aTmpBuffer, sizeof(aTmpBuffer), &aBytesRead);

        if(memcmp(aTmpBuffer, g_ProcessesDumps.m_aMemDump, MAX_DUMP_SIZE) == 0)
        {
            return true;
            break;
        }
}
return false;

AntiHack.h :: Credits F1x

// ----------------------------------------------------
//    Nazwa pliku: AntiHack.cpp
//    Data utworzenia: 2008-06-26
//    Autor: f1x / f1ksiu@hotmail.com
// ----------------------------------------------------

#ifndef PDC_ANTIHACK_H
#define PDC_ANTIHACK_H

#define MAX_DUMP_OFFSETS 3
#define MAX_DUMP_SIZE 32
#define MAX_PROCESS_DUMP 3

typedef struct ANITHACK_PROCDUMP {
unsigned int m_aOffset;
unsigned char m_aMemDump[MAX_DUMP_SIZE];
} *PANITHACK_PROCDUMP;

extern ANITHACK_PROCDUMP g_ProcessesDumps[MAX_PROCESS_DUMP];

void SystemProcessesScan();
bool ScanProcessMemory(HANDLE hProcess);


#endif //PDC_ANTIHACK_H 

cFile.cpp :: Credits me (leo123) it class to work with files (check size)...

#include "Stdafx.h"
#include "cFile.h"

cFile::cFile() // constractor
{
}

int        cFile::iGetFileSize(char* FileName)
{
        HANDLE hFile = CreateFileA(FileName, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL, NULL);           
        return GetFileSize(hFile,NULL);
}


bool    cFile::iCheckFileSize(char* cFile,int Size)
{

        int iSize = this->iGetFileSize(cFile);
        if(iSize == Size)
            return true;
        return false;
}


cFile::~cFile() // desratactor
{


cFile.h :: Credits me (leo123)

#include "Stdafx.h"

#ifndef cFile_H
#define cFile_H

class cFile
{
public:
    cFile();
    ~cFile();
    bool        iCheckFileSize(char* cFile,int Size);
    int            iGetFileSize(char* FileName);


};
#endif 

define.h

#include "Stdafx.h"
#define livemu

#ifdef premu
int sizePlayerBMD = 2662002;

#endif

#ifdef livemu
int sizePlayerBMD = 2414277;
DWORD *Main_Serial = (DWORD*)0x006B9284;
const char* MySerial = "00XXXXXXXXXXXXXX";


#endif

stdafx.h


// stdafx.h : include file for standard system include files,
//  or project specific include files that are used frequently, but
//      are changed infrequently
//

#if !defined(AFX_STDAFX_H__50DF9A22_ED87_4980_8F7D_DFFCFE6A44CB__INCLUDED_)
#define AFX_STDAFX_H__50DF9A22_ED87_4980_8F7D_DFFCFE6A44CB__INCLUDED_

#if _MSC_VER > 1000
#pragma once
#endif // _MSC_VER > 1000


// Insert your headers here
#define WIN32_LEAN_AND_MEAN        // Exclude rarely-used stuff from Windows headers

#include <windows.h>
#include <cstdio>

// TODO: reference additional headers your program requires here

//{{AFX_INSERT_LOCATION}}
// Microsoft Visual C++ will insert additional declarations immediately before the previous line.

#endif // !defined(AFX_STDAFX_H__50DF9A22_ED87_4980_8F7D_DFFCFE6A44CB__INCLUDED_)


how add new hacks? just open with ollydbg some hack
go to some offset of the hack
then go to dump of the currect offset
copy the 32 bytes of the offset and add in AntiHack.cpp


[ offset]      [ 32 bytes]
{0x4C5F31, {0x7C, 0x23, 0x8B, 0x45, 0xFC, 0x80, 0x38, 0xC1, 0x75, 0x1B, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x02, 0xF3, 0x75, 0x12, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x03, 0x00, 0x75, 0x09, 0x8B, 0x45, 0xFC, 0x80}},    // Catastrophe


Offline Azzlaer #1 on: June 15, 2018, 02:35:28 PM

  • Colaborador
  • *
  • Rank: Puto amo
  • Posts: 819
  • Gracias recibida: 5211
noooooooooooooo me re cagaste jajajaja lo iba a publicar yo xd que lo tenia en uno de mis discos viejos xd
Gracias :) luego veo si es el mismo :P

Gracias:


 

Related Topics

  Subject / Started by Replies Last post
9 Replies
2045 Views
Last post July 07, 2018, 08:40:10 PM
by Cloud
6 Replies
1375 Views
Last post October 31, 2017, 09:50:46 PM
by ZabiinoOo
2 Replies
2431 Views
Last post April 18, 2017, 12:03:38 AM
by serker
0 Replies
179 Views
Last post November 02, 2017, 11:47:53 PM
by seedmaker
2 Replies
621 Views
Last post January 28, 2018, 12:56:29 PM
by mev_13