[Admin] tierrilopes Posted October 1, 2016 at 07:54 PM Share Posted October 1, 2016 at 07:54 PM Abrir o ficheiro UserInterface/locale.cpp Debaixo dos includes colar: // Inicio PE DUMP SCAN #include <tlhelp32.h> typedef struct PE_Head { int TimeStamp; int Text; int Data; } * PEE; PE_Head ListaNegra[] = { //[dmg_hack.dll] { 1419698603, 4669440, 237568 }, }; std::vector <std::string> detect; inline PE_Head Get_Header(const char * FileName) { PE_Head PE_Headers; PE_Headers.TimeStamp = 0; PE_Headers.Text = 0; PE_Headers.Data = 0; try { HMODULE base = LoadLibraryExA(FileName, NULL, DONT_RESOLVE_DLL_REFERENCES); if (base != NULL) { PIMAGE_DOS_HEADER dos = (PIMAGE_DOS_HEADER) base; if (dos) { PIMAGE_NT_HEADERS nt = (PIMAGE_NT_HEADERS)((DWORD)(dos) + (dos -> e_lfanew)); if (nt -> Signature == IMAGE_NT_SIGNATURE) { PE_Headers.TimeStamp = nt -> FileHeader.TimeDateStamp; PE_Headers.Text = nt -> OptionalHeader.SizeOfCode; PE_Headers.Data = nt -> OptionalHeader.SizeOfInitializedData; FreeLibrary(base); return PE_Headers; } } } } catch (std::runtime_error) { return PE_Headers; } return PE_Headers; } void CP() { Sleep(3000); ExitProcess(0); } void CA(const char * Name) { CreateThread(NULL, NULL, LPTHREAD_START_ROUTINE(CP), NULL, NULL, NULL); MessageBoxA(NULL, Name, "Hack detectado!", NULL); ExitProcess(0); } inline void Check_Dll(const char * Name) { for (std::vector < std::string > ::iterator it = detect.begin(); it != detect.end(); it++) if (_stricmp(std::string( * it).c_str(), Name) == 0) return; PE_Head PEx = Get_Header(Name); for (unsigned int i = 0; i < sizeof(ListaNegra) / sizeof(ListaNegra[0]); i++) { if (ListaNegra[i].TimeStamp == PEx.TimeStamp && ListaNegra[i].Text == PEx.Text && ListaNegra[i].Data == PEx.Data) { CA(Name); return; } } detect.push_back(Name); } inline void vModule() { MODULEENTRY32 me32; HANDLE hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, GetCurrentProcessId()); me32.dwSize = sizeof(MODULEENTRY32); if (!Module32First(hModuleSnap, & me32)) return; while (Module32Next(hModuleSnap, & me32)) Check_Dll(me32.szExePath); CloseHandle(hModuleSnap); } void initPEScan() { redo: vModule();Sleep(5000);goto redo; } //Fim PE DUMP SCAN Procurar por: void LocaleService_LoadConfig(const char *fileName){ Adicionar debaixo: CreateThread(NULL, NULL, LPTHREAD_START_ROUTINE(initPEScan), NULL, 0, 0); _____Para adicionar novos itens à lista negra: Fazer download da ferramenta em anexo; Criar uma pasta e colocar lá todas as dll de hacks que encontrar; Colar a ferramenta dentro da pasta criada e executá-la; Será criado um ficheiro chamado PE_DUMP_Dll.txt Colar o conteúdo do ficheiro dentro de: PE_Head ListaNegra[] = { //Colar aqui o conteúdo do ficheiro}; Existe no entanto uma maneira de ultrapassar, escondendo o modulo logo após a injeção. Deverá servir como um método adicional e não como o único método de proteção.Cumprimentos,Tierri Lopes. pe_dumper_TLTHINGS.exe Link to comment Share on other sites More sharing options...
Karbust Posted October 4, 2016 at 09:43 PM Share Posted October 4, 2016 at 09:43 PM Boas Não podes arranjar a tua "colecção" de hacks e dlls que possam ser adicionados a este sistema sff? Obrigado Abraço Link to comment Share on other sites More sharing options...
WLN Posted February 28, 2017 at 10:44 PM Share Posted February 28, 2017 at 10:44 PM tive um probleminha imagem não está aparecendo Link to comment Share on other sites More sharing options...
[Admin] tierrilopes Posted February 28, 2017 at 11:30 PM Author Share Posted February 28, 2017 at 11:30 PM Não deve ter colocado o link completo da imagem mas sim o link curto Envia-me o locale.cpp todo sff, posso ter-me esquecido de colocar algum include Link to comment Share on other sites More sharing options...
WLN Posted February 28, 2017 at 11:38 PM Share Posted February 28, 2017 at 11:38 PM o locale.cpp tem um leak de proteção do frankie, seria isso o problema? sei que não é o melhor a se fazer mas por enquanto não da para pagar proteção Locale.7z Locale.7z Link to comment Share on other sites More sharing options...
[Admin] tierrilopes Posted February 28, 2017 at 11:45 PM Author Share Posted February 28, 2017 at 11:45 PM Código corrigido. Faltava um include e o indice do vector. Link to comment Share on other sites More sharing options...
WLN Posted February 28, 2017 at 11:54 PM Share Posted February 28, 2017 at 11:54 PM como sempre, util e preciso, obrigado Link to comment Share on other sites More sharing options...
xabugas123 Posted September 2, 2017 at 05:40 PM Share Posted September 2, 2017 at 05:40 PM https://gyazo.com/e95c33888e97ad120c11b50c343c0138 Penso não ter feito nada mal. Link to comment Share on other sites More sharing options...
[Admin] tierrilopes Posted September 2, 2017 at 08:02 PM Author Share Posted September 2, 2017 at 08:02 PM - > muda para -> Link to comment Share on other sites More sharing options...
AprendizM2 Posted March 22, 2018 at 02:30 AM Share Posted March 22, 2018 at 02:30 AM como posso adcionar essa função na proteção ? Ela fecha o jogo se tiver alguns processos abertos. void TerminateProc_Func (char *ProcName) { PROCESSENTRY32 pe32; HANDLE hSnapshot = NULL; pe32.dwSize = sizeof (PROCESSENTRY32); hSnapshot = CreateToolhelp32Snapshot (TH32CS_SNAPPROCESS, 0); if (Process32First (hSnapshot, &pe32)) { do { if (strcmp (pe32.szExeFile, ProcName) == 0) { HANDLE hProcess = OpenProcess (PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID); TerminateProcess (hProcess, NULL); } } while (Process32Next (hSnapshot, &pe32)); } if (hSnapshot != INVALID_HANDLE_VALUE) { CloseHandle (hSnapshot); } } void TerminateProc() { TerminateProc_Func ("cmd.exe"); TerminateProc_Func ("conhost.exe"); } void Terminate_Scan() { again: TerminateProc(); Sleep (5000); goto again; } void CloseProcess() { Sleep (4000); exit (0); } void CloseApp (const char *Name) { CreateThread (NULL, NULL, LPTHREAD_START_ROUTINE (CloseProcess), NULL, NULL, NULL); MessageBoxA (NULL, Name, "Zakazane oprogramowanie:", NULL); exit (0); } Link to comment Share on other sites More sharing options...
BobJulian Posted March 26, 2018 at 05:07 PM Share Posted March 26, 2018 at 05:07 PM how can I block a lacker hacker? Hack: http://lalaker1.org/ I pay for fix Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now