Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

Q-Protect Anti hack source code

Ginger by design.
Member
Joined
Feb 15, 2007
Messages
2,340
Reaction score
653
This is bad code and it only checks a few functions for 0xE9 jumps.

- No IAT patch checking
- No EAT patch checking
- Not comparing current bytes vs orig bytes (like a CRC over the .text section of the dll after it's loaded)

This won't catch non-E9 jumps (push addr/ret for example). It is vulnerable to hooks made via starting the process with CREATE_SUSPENDED since the main thread doesn't start on the C preamble (@ OEP) until the launcher decides to do it. It can be killed by simply stopping all of the AC threads or nopping a few jxx's. It's also vulnerable to false positives if these libraries in the future are modified to use stubs in place of their exports.

And intermixing asm commands and C is stupid. Don't do that.
 
Back
Top