Printable View
Learn ASM... But dont worry i will released a compiled version and in time more i will released as a library for C++ coders.Quote:
Originally Posted by buffon
For now on just look at it and do nothing lol... Wait till compiled.
PS: Right now i am testing compiled version.
Updated:
http://www.valkyrieproject.org/assets/Cow.rarCode:- Source all bug fixed + compiled DLL
- Database added with a signature example
Left alot of things
Some times for check at what speed the anti cheat runs:
Code:ScanSystem: 10 signatures - all process in 0 - 15 milliseconds
FullAntiCheat: All protections + ScanSystem in 0-18 milliseconds
Thank you sir.
Adding:
Code:- Option to scan full memory
- * Probably a new method for scan
---------- Post added 19-11-10 at 01:07 AM ---------- Previous post was 18-11-10 at 11:43 PM ----------
Updated !
Download: http://www.valkyrieproject.org/assets/Cow.rarCode:- Improved system for scan (Full memory in base of RVA)
- Compiled DLL (not ready for use yet, just testing mode)
Time testing:
Let me explain how this method work:Code:New scan (full memory + RVA) = 516 ms to 1.451 ms
Full anti cheat (Everything executed = 532 ms to 1.489 ms
First you pick the offset of the signature you want to detect, to that offset you need to sub the image base (can view it with any PE editor). Example:
Now what happen if for example a cheat load a DLL that have the main core signature you want to detect? Well Image base will be loaded on other place making the offset useless... Thats why i pick an RVA and calculate the position in memory.Code:004013ED (Offset for my signature)
00400000 (Image Base)
13ED (RVA)
Now whats the new system?. Well the scanner take all memory from a process and detect all modules in a PE header format, in base of that module take the image base and add it to the RVA for detect signature. (If you dont understand a shit read below)
So you can add multiples signatures for multiples modules on a single process to detect !.
This is an example:
The first signature references to RVA 136D (from main module)Code:"TestExe.exe" 57C685F8CFFFFF00B9FF03000033C08DBDF9CFFFFFF3AB66ABAAC685F8DFFFFF 136D
"TestExe.exe" 57C685F8CFFFFF00B9FF03000033C08DBDF9CFFFFFF3AB66ABAAC685F8DFFFFF 12120
But the second signature its refered to RVA 12120 (loaded DLL)
So scanner will detect both signature or will detect one in case cheat maker find out your first signature. :ott1:
PS: Ill do a detailed guide once its finished. -.-
Fenix, maybe u must make a tool to generate encripted DB (Server side)
Meaby i dont care... no mean to offence, i will do whatever i like :laugh:Quote:
Originally Posted by Mulegend
Work whit a simple hook? or have process? thanks for your work (y)
Hook with LoadLibrary nothing more. And its a test version DB not encrypted.Quote:
Originally Posted by |ARIES|
JAJAJ wn.. not for me, but if u make decrypted DB :P i can edit and remove cheats xDQuote:
Originally Posted by theunknownguy
full agree with MuLegend :-) make his ideas ^_^
Lol if you could read better, like i say the last step is to encrypt DB.Quote:
Originally Posted by Mulegend
What kind of the part "TESTING" you guys dont figure out :laugh::laugh:
TESTING = Not ready for use = T.E.S.T.I.N.G (gosh)
Updated !
Downloads: http://www.valkyrieproject.org/assets/Cow.rar
Whats New:
Can i start using it?! = NO ! (still things to be done)Code:- Tool for Encryption/Decryption Database (RC4 algo)
- Decryption added on COW anti cheat
- Minor fixups
- Everything inside Data folder of Tool will be encrypted
FAQ about encryption tool:
Enjoy. :lol:Code:- Can i encrpt more files?
R: Yes ofcourse put all the files you want to encrypt on Data folder
- How can i change RC4 password?
R: Enter here https://www.grc.com/passwords.htm and take a new generated password of random alphanumeric, set on source code and compile again (on COW anti cheat as on tool)
- Why RC4?
R: Caused thats what i wanted...
- Why key cant be long?
R: It can be as long as you want, just dont forget to edit source code constants before doing it so.
- Why isnt with interface?
R: Caused i dont give a f*ck.
Good Job Felipe :)
Official icon of the anti cheat. :thumbup1:
http://www.thetechnologyblog.net/wp-...12/mad-cow.JPG
facepalm
good Work anyWay
We hope you Will finish it
respect4you
Hope alot, since if i want to finish it i will, if not... not... :lol:Quote:
Originally Posted by buffon
list cheats posting
Do one yourself or you expect i do the list? hahahah... :lol:Quote:
Originally Posted by 1313
Error trying to compile...
LINK : fatal error LNK1104: cannot open file "\masm32\lib\Dbghelp.lib"
Yes, I have masm32 installed...
Use JWASM compiler and please try to get all the librarys that are included.Quote:
Originally Posted by darckalan
Seems awesome, thanks for this
Could you just upload your MASM? I don't understand this, and I never worked with ASM before... I am really new to the programming scene.
There are tutorials anywhere, i dont use any kind of "special" MASM just download the package from the official site. In case you feel not up to learn ASM, you can use the compiled version included under the download ofcourse when i say its "ready to use".Quote:
Originally Posted by darckalan
Thanks.
I think i will continue tomorrow or today (surely tomorrow).
Ive been busy at work, thanks for understand. :8: