Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

Codex anti-hack system - V4 (C++ Source code)

Experienced Elementalist
Joined
Sep 27, 2014
Messages
228
Reaction score
171
My OS are 32 bits, i need to install 64 bit OS to try to fix this... I have no idea about what cause this problem.
 
Last edited:
Experienced Elementalist
Joined
Sep 27, 2014
Messages
228
Reaction score
171
Ok guys, some new codes from V5:

This one build a dll that can be hooked on your launcher, for exemple. This one don't alow to freeze/suspend "Main" (windowName)

Code:
// Video tutorial: [URL="http://www.youtube.com/user/vertexbrasil"]VertexBrasil - YouTube[/URL]
#include "StdAfx.h"


typedef LONG (NTAPI *NtResumeProcess)(IN HANDLE ProcessHandle); // *NtSuspendProcess
 
void main(DWORD processId){
while (TRUE){
Sleep (1000);


HWND procHwnd;
    HANDLE prochandle;
    DWORD pid;
    procHwnd = FindWindow(NULL, "Main"); 
    if (procHwnd != 0){ 
        cout << "Window Running"<<endl;
        GetWindowThreadProcessId(procHwnd, &pid); //  function that captures the pid
        cout<<"The window pid is "<< pid<<endl;

    HANDLE processHandle = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
    NtResumeProcess pfnNtResumeProcess = (NtResumeProcess)GetProcAddress(
    GetModuleHandle("ntdll"), "NtResumeProcess");
    pfnNtResumeProcess(processHandle);
    CloseHandle(processHandle);
}
}
}


void  TESTES(){ 
     CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(main),NULL,0,0);
}

Tested on 7 and xp x32
 
Last edited:
Experienced Elementalist
Joined
Sep 27, 2014
Messages
228
Reaction score
171
GameGuard.exe - WORKING on win7 and Winxp 32x
Dll injection and anti-suspend dll - WORKING on win7 and Winxp 32x
Added: Main WindowName check


This version is very easy to use, don´t need a lot of configuration... Just set some filenames, build dll's, configure some CRC for more security, and run.

I will make a beta release (soon), and after that i will format my computer to install Win64x to check is everything ok with this version!



Ok Guys, this one is new V5 anti-anti kill / freeze system packed, this is only to crack attempt, this is for Beta testers.

Anti-hacker detectors and shutdown feature are disabled, that means you can use process xp pc hunter and another ones to try to freeze / kill system...

Only CRC, file names check and anti-speed / freeze are active.

Code:
https://mega.co.nz/#!h0cUCZ7Q!HM7rXQdhsNzV5EnCQ_mxarxKP5sl-ZRHFWITZ6pfn3M

Comment!



Full Source code for beta test, soon!
 
Experienced Elementalist
Joined
Sep 27, 2014
Messages
228
Reaction score
171
Youtube delete my old download video...

There is no problem, i will make all beta releases at here, on Ragezone untill now.

About youtube, I need to make a entire new video to my channel, youtube don't accept my old video with some "small changes"...

I'm making some test on win 32 machine before format my computer and cahnge it to 64...

i will release full sorce code to beta test very soon. Im making a small tutorial for new features.
 
Junior Spellweaver
Joined
Sep 5, 2012
Messages
148
Reaction score
2
Cogito Ergo Sum you are online right now can u take a look at this program. new c.e but i cant get the dump / i tried ollydbg =Not a Valid Pe File : probably not a 32-bit portable. tried dump generator everything 00 00 i tried ,handler only (Window) how to get this application dump
 
Newbie Spellweaver
Joined
Jul 10, 2010
Messages
18
Reaction score
2
GameGuard.exe - WORKING on win7 and Winxp 32x
Dll injection and anti-suspend dll - WORKING on win7 and Winxp 32x
Added: Main WindowName check


This version is very easy to use, don´t need a lot of configuration... Just set some filenames, build dll's, configure some CRC for more security, and run.

I will make a beta release (soon), and after that i will format my computer to install Win64x to check is everything ok with this version!



Ok Guys, this one is new V5 anti-anti kill / freeze system packed, this is only to crack attempt, this is for Beta testers.

Anti-hacker detectors and shutdown feature are disabled, that means you can use process xp pc hunter and another ones to try to freeze / kill system...

Only CRC, file names check and anti-speed / freeze are active.

Code:
https://mega.co.nz/#!h0cUCZ7Q!HM7rXQdhsNzV5EnCQ_mxarxKP5sl-ZRHFWITZ6pfn3M

Comment!



Full Source code for beta test, soon!

Not work in Windows 7 Ultimate SP1 x64
 
Experienced Elementalist
Joined
Sep 27, 2014
Messages
228
Reaction score
171
Thanks Daka! I will make the last ajusts, like video tutorial, and after that, i will format my computer to a x64 OS
 
Experienced Elementalist
Joined
Sep 27, 2014
Messages
228
Reaction score
171
Ok Guys, V5 download for beta test only...

So, on my computer everthing works fine!

Problem i have was: When i pack Main.exe and Codex.dll with Molebox, the injected victim just crash... Without molebox pack is everything ok...

Build, hook, test, crack it!

Download:

Code:
[URL]https://mega.co.nz/#!0gsG0RqR!hyUkDizuP6RwwffLp-bqmnHvZuUO4WOwjQylqcRpauw[/URL]
 
Experienced Elementalist
Joined
Sep 27, 2014
Messages
228
Reaction score
171
Thank you Ron.

I try a new injector, this one below, and everything works fine; i try another dll files and everything works fine, but, when i made a molebox pack, i have same problem...

I think problem is Molebox packer. I will try another version and another pack.

Code:
// Video tutorial: http://www.youtube.com/user/vertexbrasil
#include "StdAfx.h"


///00000000000000000000000000000000000000000000000000000
#include <tlhelp32.h>  
#include <shlwapi.h>  




//Lets Just Define Some Variables 
#define WIN32_LEAN_AND_MEAN  
#define CREATE_THREAD_ACCESS (PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ 




//Lets declare our function 
BOOL CreateRemoteThreadInject(DWORD ID, const char * dll); 


//Let declare GetProcessId 
DWORD GetProcessId(IN PCHAR szExeName); 






//Our Application Starts Here. 
void DllProtect() 


{ 
    //Declare our dll variable 
    char dll[MAX_PATH]; 


    //Get the full path of our .dll 
   GetFullPathName("c.dll",MAX_PATH,dll,NULL);  


    //We will be using this neat little function written by batfitch - GetProcessId. 
   
  
    DWORD ID = GetProcessId("calc.exe"); 
    if (!CreateRemoteThreadInject(ID,dll)) 
    { 
        //If CreateRemoteThreadInject Returned true 
        printf("notepad.exe Injection failed!\n"); 
    }
    DWORD ID2 = GetProcessId("procexp2.exe");
    if (!CreateRemoteThreadInject(ID,dll)) 
    { 
        //If CreateRemoteThreadInject Returned true 
        printf("procexp2.exe Injection failed!\n"); 
    if (!CreateRemoteThreadInject(ID2,dll)) 
    {
    DWORD ID3 = GetProcessId("System.exe"); 
    if (!CreateRemoteThreadInject(ID,dll)) 
    { 
        //If CreateRemoteThreadInject Returned true 
        printf("system.exe Injection failed!\n");
    }
    else 
    { 
        //If CreateRemoteThreadInject Returned true 
        printf("End!");  
    } 
    } 
}
}






//Function written by batfitch 
DWORD GetProcessId(IN PCHAR szExeName) 
{ 
    DWORD dwRet = 0; 
    DWORD dwCount = 0; 


    HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); 


    if (hSnapshot != INVALID_HANDLE_VALUE) 
    { 
        PROCESSENTRY32 pe = {0}; 
        pe.dwSize = sizeof(PROCESSENTRY32); 


        BOOL bRet = Process32First(hSnapshot, &pe); 


        while (bRet) 
        { 
            if (!_stricmp(pe.szExeFile, szExeName)) 
            { 
                dwCount++; 
                dwRet = pe.th32ProcessID; 
            } 
            bRet = Process32Next(hSnapshot, &pe); 
        } 


        if (dwCount > 1) 
            dwRet = 0xFFFFFFFF; 
          CloseHandle(hSnapshot); 
    } 


    return dwRet; 
} 


//We will be writing our own little function called CreateRemoteThreadInject 
BOOL CreateRemoteThreadInject(DWORD ID, const char * dll)  


{  
//Declare the handle of the process. 
   HANDLE Process; 


   //Declare the memory we will be allocating 
   LPVOID Memory; 


   //Declare LoadLibrary 
   LPVOID LoadLibrary;  


   //If there's no process ID we return false. 
   if(!ID) 
 { 
       return false; 
  } 
    
  //Open the process with read , write and execute priviledges 
   Process = OpenProcess(PROCESS_CREATE_THREAD|PROCESS_QUERY_INFORMATION|PROCESS_VM_READ|PROCESS_VM_WRITE|PROCESS_VM_OPERATION, FALSE, ID);  
  
   //Get the address of LoadLibraryA 
   LoadLibrary = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA");  
  
   // Allocate space in the process for our DLL  
   Memory = (LPVOID)VirtualAllocEx(Process, NULL, strlen(dll)+1, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);  
  
   // Write the string name of our DLL in the memory allocated  
   WriteProcessMemory(Process, (LPVOID)Memory, dll, strlen(dll)+1, NULL);  
  
   // Load our DLL  
   CreateRemoteThread(Process, NULL, NULL, (LPTHREAD_START_ROUTINE)LoadLibrary, (LPVOID)Memory, NULL, NULL);  
  
   //Let the program regain control of itself 
   CloseHandle(Process); 






  //Lets free the memory we are not using anymore. 
   VirtualFreeEx(Process , (LPVOID)Memory , 0, MEM_RELEASE); 


   return true; 
}  
///00000000000000000000000000000000000000000000000000000










// DLL INJECT END /////////////////////////////////////////////////////////////


//Enabe Admin privileges on XP
BOOL EnableDebugPrivilege()
{
    HANDLE hToken;
    LUID luid;
    TOKEN_PRIVILEGES tkp;
    if(!OpenProcessToken( GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ))
    {
        //cout << "1 false" <<endl;
        return FALSE;        
    }
    if(!LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &luid ))
    {
        //cout << "2 false" <<endl;
       return FALSE;    
    }
    tkp.PrivilegeCount = 1;
    tkp.Privileges[0].Luid = luid;
    tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    if(!AdjustTokenPrivileges( hToken, false, &tkp, sizeof( tkp ), NULL, NULL ))
    {
        //cout << "3 false" <<endl;
        return FALSE;    
    }
    if(!CloseHandle( hToken ))
    {
        //cout << "4 false" <<endl;
        return FALSE;        
    }
    //cout << " true" <<endl;
    return TRUE;
}
//Show system list of system window names ///////////////////////////
BOOL CALLBACK EnumWindowsProc(HWND hwnd, LPARAM lParam);
int WINAPI WinMainChdeck(HINSTANCE hInstance, HINSTANCE hPrevInstance, PSTR pCmdLine, int iCmdShow)
{
    EnumWindows(EnumWindowsProc, NULL);
    return 0;
}
BOOL CALLBACK EnumWindowsProc(HWND hwnd, LPARAM lParam)
{
    char class_name[80];
    char title[80];
    GetClassName(hwnd,class_name, sizeof(class_name));
    GetWindowText(hwnd,title,sizeof(title));
    cout <<"Window title: "<<title<<endl;
    //cout <<"Class name: "<<class_name<<endl<<endl;
    return TRUE;
}
void winchedks(){
    CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(WinMainChdeck),NULL,0,0);
}


void Dll_Protection2(){
    if (carrega.Show_Windows_Window_list == 1){
    winchedks();  // Show system a list of system window names ( just for configuration pupose! )
    }
    else
    {
    CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(DllProtect),NULL,0,0);
    }
}


void Dll_Protection(){    
    CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(Dll_Protection2),NULL,0,0);    
}


void tokenPrivilege(){    
    CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(EnableDebugPrivilege),NULL,0,0);
}



Problem are realy molebox, i use an old shareware version and this fix crash problem.

Molebox packer = Main.exe+Codex.dll (packed) and c.dll

Code:
https://mega.co.nz/#!0lEy3YjA!ZmHBcWmLc2R99OaH0KDjHtHo3_XeH5mIJyj15Hn63wE
 
Newbie Spellweaver
Joined
Jul 8, 2013
Messages
19
Reaction score
0
It can block commands such as //fixagi end //multihit end gt ?
 
Experienced Elementalist
Joined
Sep 27, 2014
Messages
228
Reaction score
171
Galdino, i dont understand what you mean, maybe this works for you:





Windows 7 x64 bits ultimate, i found no problems...

Everything works fine!

One by one tested!

Someone having any kind of problems?

x64 detection Log

Code:
H-Scan:  Address: D:\PROGRAMAS\CODEX ANTIHACK V5\CODEX_V5 DLL\Release
 HW-Scan:   System.Diagnostics.ProcessModule (deven
 GameGuard-Scan  GameGuard.exe Not running!
 HW-Scan:   System.Diagnostics.ProcessModule (deven
 CRC-Scan:Main.exe
 CRC-Scan:Main.exe
 CRC-Scan:GameGuard/Protect.bmp
 I-Scan:  Dll injection!
 AKS-Scan:  Thread attack!
 ST-Scan: Speed Hack or System Freeze detected!
 AKS-Scan:  Thread attack!
 HNC-Scan:  process explorer - sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [codex-pc\codex]
 AKS-Scan:  Thread attack!
 H-Scan:  Process Explorer - Sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [Codex-PC\Codex]
 AKS-Scan:  Thread attack!
 HC-Scan:   PROCEXPL
 AKS-Scan:  Thread attack!
 HW-Scan:   System.Diagnostics.ProcessModule (deven
 PID-Scan:  procexp2.exe
 CN-Close: PROCEXPL
 CN-Close: PROCEXPL
 CN-Scan: PROCEXPL
 WN-Scan:  BVKHEX
 AKS-Scan:  Thread attack!
 WN-Scan:  BVKHEX
 D-Scan:  ollydbg.exe
 AKS-Scan:  Thread attack!
 AL-Scan: vMxmain are not running on system!
 AL-Scan: Mxmain are not running on system!
 FN-Scan: File don't exist inside folder:  nMain.exe
 AKS-Scan:  Thread attack!
 FN-Scan: File don't exist inside folder:  cMain.exe
 AKS-Scan:  Thread attack!
 FN-Scan: File don't exist inside folder:  nMain.exe
 AKS-Scan:  Thread attack!
 FN-Scan: File don't exist inside folder:  nMain.exe
 AKS-Scan:  Thread attack!
 FN-Scan: File don't exist inside folder:  nMain.exe
 AKS-Scan:  Thread attack!
 FN-Scan: File don't exist inside folder:  mMain.exe
 AKS-Scan:  Thread attack!
 FN-Scan: File don't exist inside folder:  nMain.exe
 AKS-Scan:  Thread attack!
 FN-Scan: File don't exist inside folder:  nMain.exe
 AKS-Scan:  Thread attack!
 AKS-Scan:  Thread attack!
 HTTP Server connection fail!
 HB - FTP Server connection fail!
 HNC-Scan:  process explorer - sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [codex-pc\codex]
 AKS-Scan:  Thread attack!
 HNC-Scan:  process explorer - sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [codex-pc\codex]
 HW-Scan:   System.Diagnostics.ProcessModule (deven
 HNC-Scan:  process explorer - sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [codex-pc\codex]
 CN-Scan: PROCEXPL
 HW-Scan:   System.Diagnostics.ProcessModule (deven
 HNC-Scan:  process explorer - sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [codex-pc\codex]
 CN-Scan: PROCEXPL
 H-Scan:  Process Explorer - Sysinternals: [URL="http://www.sysinternals.com"]www.sysinternals.com[/URL] [Codex-PC\Codex]
 H-Scan:  Solution Explorer
 HW-Scan:   [URL]http://localhost:8090/Codex/HackSplash/[/URL]
 H-Scan:  Solution Explorer
 HT-Scan:  Hide windows detected!
[START.cpp > carrega.PAUSE_ALL_DETECTORS] Turned ON! All Anti-hack detectors and anti-kill by scan are PAUSED!
 AKS-Scan:  Thread attack!
 
Back
Top