Warz Simple Anti Hack - dll

[doidloko]

hi i made a simple dll anti hack

-block cheat engine
-Process Hack
-dll Injects
-Class name blocks
-Window name blocks
-crc blocks
-dump
-memory alteration
-Check name

-Block keys
INSERT,
DELETE,
HOME,
END,
PAUSE,
PRIOR
NEXT,
SCROLL,
F12,
NUMLOCK,


obs: your .exe need have WarZ.exe name <<<<<
or game dont go work

rename your .exe to WarZ.exe


i dont need make tutorial
need only hook with stud pe in your .exe
or call this in your warz.sln source



Here a simple tutorial how to call dlls in c++
i dont tested this only with hook
but i think go work fine

WinMain.cpp

Search to

int win::ProcessSuspended()

later this add

typedef void( WINAPI * PGNSI)(void);

void LoadDllAntHack()
{
HINSTANCE MyDll = LoadLibraryA("WarZ.dll");
PGNSI pGNSI;
pGNSI = (PGNSI)GetProcAddress(MyDll,"InitProt");
pGNSI();

}

to call

search in WinMain.cpp

game::PreInit();

and add

LoadDllAntHack();

like this

game::PreInit();
LoadDllAntHack();

Other Way to call the dll in c++

game::PreInit();
LoadLibrary("WarZ.dll");

Let me google that for you


DOWNLOAD

Credits - doidloko

[MentaL]

[Poster13]

Oh)) Thanks man))

[StickGather]

Thank you :) I using it.

[Dragonbooss]

Thanks Doidloko...

[CodexPo]

is good?

[doidloko]

is good?

simple but work
when i make updates i post here

[jonnybravo]

no reason you shouldn't release your code so people can make it better your still up for many exploits and any public hack will simply unhook it. I have a few techniques i can add to it to make it better as our anti cheat isn't bad but its getting better with time.

[iKasu]

And the Anti-Hack got patched :p
https://mega.co.nz/#!qMsFWCxA!bBkdPD...JfsEdzzui6Oga8
*May be not work because i wrote it in 2 mins and waked up 10 mins ago - need a coffee

[kyllersoul]

Anti-hack dll is not a good solution ...

[folkz]

Anti-DLL never work because u can change hack name to normal dll name :)
U can make they work inside a Streamer program for example ;)

But is a good start :) If u change and block some normal process ( streamer programs for example too ) maybe works 10%~15% better ;)

And the Anti-Hack got patched :p
https://mega.co.nz/#!qMsFWCxA!bBkdPD...JfsEdzzui6Oga8
*May be not work because i wrote it in 2 mins and waked up 10 mins ago - need a coffee

2 min? Not bad.... Old ByPass already work so u can just change into your hack code :)

[JonnyTruant]

in game::Init use:


game::Init

if (LoadLibrary("WarZ.dll") == NULL)
{
MessageBoxA(0,"Anti-Cheats By Yuri-BR failed to load!","Anti-Cheats By Yuri-BR Error",MB_ICONERROR);
TerminateProcess(GetCurrentProcess(),0);
}

Lol. Yuri got the DLL and claimed it as it's own anticheat. Haha, you're funny.
Well, thanks for the code. I'm gonna put this in my anticheat.

[Yuri-BR]

Lol. Yuri got the DLL and claimed it as it's own anticheat. Haha, you're funny.
Well, thanks for the code. I'm gonna put this in my anticheat.

kk, I use anti-cheats warguard created by xanxuz, my old team deathmatchz =)

Anti-DLL never work because u can change hack name to normal dll name :)
U can make they work inside a Streamer program for example ;)

But is a good start :) If u change and block some normal process ( streamer programs for example too ) maybe works 10%~15% better ;)


2 min? Not bad.... Old ByPass already work so u can just change into your hack code :)

you can use the enigma protector to check the dll

[doidloko]

you can use the enigma protector to check the dll

have many ways to use

typedef void( WINAPI * PGNSI)(void);

void LoadDllAntHack()
{
HINSTANCE MyDll = LoadLibraryA("WarZ.dll");
PGNSI pGNSI;
pGNSI = (PGNSI)GetProcAddress(MyDll,"Main1");
pGNSI();

}

game::PreInit();
LoadDllAntHack();

this is a crc check i m posting this only to show
but i dont added a crc in this dll

#define DLL_CRC 0xD4882F2C // CRC
static void startupFunc(DWORD in)
{
// in = in;
CCRC32 crc;
game::PreInit();
if (LoadLibrary(TEXT("WarZ.dll")) != NULL) {
unsigned long myCrc = 0;
if (!crc.FileCRC("WarZ.dll", &myCrc))
antihackNotFound = 1;
else {
if (myCrc == DLL_CRC) {
antihackNotFound = 0;
} else {
antihackNotFound = 1;
}
}

} else
antihackNotFound = 1;

win::Init();

[Nathan Fischer]

Here worked perfectly with hook DLL
If you delete or rename the game DLL does not open, and says he is missing it.

[Ryukrey]

A small translation of the "Hook Guide" posted by doidloko step by step:
Open your WarZ.sln

Search in WinMain.cpp

Code:

int win::ProcessSuspended()

Now you see

Code:

int win::ProcessSuspended()
{
	if(!bSuspended)
    return FALSE;

  MSG msg;
  while(PeekMessage(&msg, NULL,0,0,PM_NOREMOVE))
  {
    if(!GetMessage (&msg, NULL, 0, 0)) 
      return 1;

    TranslateMessage(&msg);
    DispatchMessage(&msg);
  }

  return TRUE;
}

After that paste

Code:

typedef void( WINAPI * PGNSI)(void);
void LoadDllAntHack()
{
HINSTANCE MyDll = LoadLibraryA("WarZ.dll");
PGNSI pGNSI;
pGNSI = (PGNSI)GetProcAddress(MyDll,"Main1");
pGNSI();

}

Like that

Code:

int win::ProcessSuspended()
{
	if(!bSuspended)
    return FALSE;

  MSG msg;
  while(PeekMessage(&msg, NULL,0,0,PM_NOREMOVE))
  {
    if(!GetMessage (&msg, NULL, 0, 0)) 
      return 1;

    TranslateMessage(&msg);
    DispatchMessage(&msg);
  }

  return TRUE;
}

typedef void( WINAPI * PGNSI)(void);
void LoadDllAntHack()
{
HINSTANCE MyDll = LoadLibraryA("WarZ.dll");
PGNSI pGNSI;
pGNSI = (PGNSI)GetProcAddress(MyDll,"Main1");
pGNSI();

}

Now search (Always in WinMain.cpp)

Code:

game::PreInit();

After that paste

Code:

LoadLibrary("WarZ.dll");

Like that

Code:

  game::PreInit();

  LoadLibrary("WarZ.dll");

SAVE AND BUILD

Now go on your Bin folder and EDIT RSBuild.xml

Spoiler:

Search for

Code:

<exclude mask="ApexFrameworkPROFILE_x86.dll"/>

After that paste

Code:

<include mask="WarZ.dll"/>

Like that

Code:

 <exclude mask="ApexFrameworkPROFILE_x86.dll"/>
 
 <include mask="WarZ.dll"/>

SAVE AND UPDATE (RSBuild.exe)



I know this guide is pretty useless the web is full of these guides, but i was really bored, so do not bother and let me waste my time :3

[doidloko]

A small translation of the "Hook Guide" posted by doidloko step by step:
Open your WarZ.sln

thx but remember

pGNSI = (PGNSI)GetProcAddress(MyDll,"InitProt");


dont is correct it dont go call the functions

this dll use Main1

pGNSI = (PGNSI)GetProcAddress(MyDll,"Main1");

[Ryukrey]

thx but remember

pGNSI = (PGNSI)GetProcAddress(MyDll,"InitProt");


dont is correct it dont go call the functions

this dll use Main1

pGNSI = (PGNSI)GetProcAddress(MyDll,"Main1");

Edited, thanks.

[bone1554]

Dll hooked, showing splash of dll but crashing game...

[Bruce157]

Thanks....

[phytoplankton]

hi i made a simple dll anti hack

No, you didn't. This DLL was made using nProtect's GameGuard for MU Online, although I do not know who released it. But hey, credits to you for sharing it. Thanks! :D

[doidloko]

nProtect's ? no dont is =) and n protect is free in invasion source can u download this and use =)

[renildomarcio]

Just a little of what we are working

Code:

int file_exists(const char *filename){  FILE *arquivo;  if(arquivo = fopen(filename, "r"))  {         fclose(arquivo);        return 1;      }    return 0;}
void Msg_I_Br(){MessageBoxA(NULL,"I-Scan\n\nA integridade do processo foi corrompida!", carrega.Nome_das_Janelas, MB_OK | MB_ICONSTOP);}void Msg_I_En(){MessageBoxA(NULL,"I-Scan\n\nFile integrity violated!", carrega.Nome_das_Janelas, MB_OK | MB_ICONSTOP);}
void Injetado(){
 if (carrega.Log_Txt_Hack == 1){using namespace std;ofstream out("RMGuard/Log.txt", ios::app);out << "\n I-Scan:  ", out <<   "File integrity violated!";}    if (carrega.Message_Warning_En == 1){    CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(Msg_I_En),NULL,0,0);    Sleep(5000);     ExitProcess(0);    }    else CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(Msg_I_Br),NULL,0,0);    Sleep(5000);     ExitProcess(0);    }
void I_loop(){ // Dica: [NOME.extenção] não é case sensitive.     if (GetModuleHandle("speedhack.dll")    ||         (GetModuleHandle("speed-hack.dll"))  ||        (GetModuleHandle("speed-hack.dll"))  ||        (GetModuleHandle("speed_hack.dll"))  ||        (GetModuleHandle("hack_speed.dll"))  ||        (GetModuleHandle("hack-speed.dll"))  ||        (GetModuleHandle("hackspeed.dll"))   ||        (GetModuleHandle("hack.dll"))        ||        (GetModuleHandle("wpepro.dll"))      ||        (GetModuleHandle("Cr4ck3r.dll"))     ||        (GetModuleHandle("wpeprospy.dll"))   ||        (GetModuleHandle("engine.dll"))      ||         (GetModuleHandle("CheatEngine.dll")) ||         (GetModuleHandle("c.e.dll"))         ||         (GetModuleHandle("cheat.dll"))       ||       // (GetModuleHandle("FoxAnti.dll"))     ||          (GetModuleHandle("smoll.dll"))        )    {     Injetado();    }    if(!FindWindow(NULL,"Nada acontece..."))    {}}
void I_Scan(){    again:    I_loop();    Sleep(60000);    goto again;}
void Dll_Inject(){    CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(I_Scan),NULL,0,0);    I_loop();}

/*Outra opção: HANDLE Dll = LoadLibraryA(".\\FoxAnti.dll"); if(Dll != NULL) Msg_I();}*/

Code:

extern  "C"  __declspec(dllexport) void __cdecl papayo()  // Função API (init) da dll{


// ATENÇÃO! (1) LIGA / (0) DESLIGA  (Alguns precisam ser CONFIGURADOS, ative 1 à 1 testando cada ou a dll não vai deixar ativar o warz.exe...)


    carrega.Splash_Screen                = 1; // Carrega imagem de splash na entrada (/RMGuard/Protect.bmd)
    carrega.Log_Txt_Hack                = 1; // Cria texto de log dos hacks detectados ( "RMGuard/Log.txt" )
    carrega.Message_Warning_En          = 0; // Mensagens de detecção de hack em inglês:   1 = Ingles / 0 = Português
    //Proteção de arquivos
    carrega.Carrega_serial_versao        = 0; // Carrega Configuraçoes Do Server Ip/Serial/Versao (precisa configurar os Offsets antes de usar)
    carrega.Verifica_Nome                 = 0; // Verifica se o Nome.extenção do main / launcher existe na pasta
    carrega.Launcher_Ativo              = 0; // Ativa verificação do Launcher ativo na memória por nome (Configure o nome da janela no Launcher_ativo.cpp)
    carrega.Exe_Start                    = 0; // Executa "algum" executável pelo NOME, (obs: precisa estar na pasta do main e estarta o programa configurado quando estarta o main de novo )
    // CRC de arquivos
    carrega.Ativa_conferencia_CRC       = 0; // Ativa verificação de CRC à cada 70 segundos (Deve estar sempre ativo ou CRC não funfa)
    carrega.CRC_Just_One_time              = 0; // Ativando esta opção a conferência de CRC acontece APENAS UMA VEZ depois de 60 segundos 
    carrega.CRC_Launcher                = 0; // Carrega Verificaçao De CRC Do Launcher
    carrega.CRC_ProtectBMP                = 0; // Carrega Verificaçao De CRC da Protect.bmd 
    carrega.CRC_WebZenLogoOZJ            = 0; // Carrega Verificaçao De CRC da imagem de entrada do server 
    carrega.CRC_Player                    = 0; // Carrega Verificaçao De CRC Do Player.bmd 
    carrega.CRC_7_Terrains                = 0; // Carrega Verificaçao Dos 7 Primeiros Terrain ("Data/World1/EncTerrain1.att") etc...
    //Carregar Glow (Mu Online)
    carrega.Glow                        = 0; // Carrega Dll Glow, Obs: Versoes 97
    //Minimizer
    carrega.Minimizer                    = 0; // Carrega Minimizer
    //Detectores
    carrega.Detecta_Hide                = 0; // Detectar Hide Toolz  ( arrumeir mas não funfa, DETECTA JANELAS (hide) DO PRÓPRIO WIDNOWS, sempre dá dc! )
    carrega.Detecta_Dump                = 0; // Detectar DUMP
    carrega.Detecta_Window                = 0; // Detectar nome de janela
    carrega.Detecta_ClassName           = 0; // Detectar processos por classeName
    carrega.Detecta_Heuristica            = 0; // Detectar bad Words
    carrega.Detecta_Inject                = 0; // Detectar dll inject (Detecta inject por nome.extenção da dll injetada)
    carrega.Detecta_Kill                = 0; // Ativa contagem de threads ativos no main ( precisa configurar de acordo com a quantidade de threads do main ou não funciona )


    //Configurações que impedem de deletar / mudar a dll


    //carrega.Jump_asm                    = "U‹ìjÿh°†h.h°";       // Descomentar no Serial_Versão.cpp para ativar (precisa configurar) Dá memoriset em algum JUMP no main.exe, no caso esse main.exe o ofsset era 0066D65D, sem a dll não inicia 
    carrega.Serial                        = "UK4l32T426CaMOy9";    // Serial Do Servidor ( sem a dll não conecta ) = "UK4l32T426CaMOy9"  
    carrega.Versao                        = "1;<4=";                // Versao Do Servidor ( sem a dll não conecta ) = "1;<4=";
    carrega.IP                            = "127.0.0.1";        // Ip Do Servidor, é alfanumérico. (Launcher que usa memoriset no endereço inutiliza essa função ..
    //Configurações do server
    carrega.Nome_das_Janelas            = "WarZ";               // Nome que aparece nas janelas de splash de detecção e minimizer
    carrega.Nome_do_Main                = "WarZ.exe";      // Nome.extenção do main para verificação e detecta kill 
    carrega.Nome_do_Launcher            = "LauncherWarZ.exe";  // Nome.extenção do main para verificação 
        
    //Configura CRCs de arquivos ( use algum gerador de CRC de sua preferência, usei o [Igorware hasher])
    carrega.CRC_PlayerBMD                = 0xd77eb164;            // Player.BMD
    carrega.CRC_Protect                  = 0xdcd33bfd;            // Protect.BMP
    carrega.CRC_WebLogo                 = 0xacdd7f2e;           // WebZenlogo.OZJ
    carrega.CRC_LauncherEXE                = 0x3c7e1293;             // Launcher 
    carrega.CRC_Terrain1                = 0x5339965e;            // Terrain 1 
    carrega.CRC_Terrain2                = 0xc3e83648;            // Terrain 2 
    carrega.CRC_Terrain3                = 0x0847c665;            // Terrain 3 
    carrega.CRC_Terrain4                = 0x7cc0297c;            // Terrain 4 
    carrega.CRC_Terrain5                = 0x76487ad9;            // Terrain 5 
    carrega.CRC_Terrain6                = 0xb3b0cf70;            // Terrain 6 
    carrega.CRC_Terrain7                = 0x98fb5fca;           // Terrain 7 
}
BOOL APIENTRY DllMain( HMODULE hModule,
                      DWORD ul_reason_for_call,
                      LPVOID lpReserved ) {


                              switch (ul_reason_for_call)
                              {
                              case DLL_PROCESS_ATTACH:
                              m_DllModule = hModule;
                                                       
                              papayo(); //Carrega funções da  dll        


                              if(carrega.Splash_Screen == 1)
                              {
                              SplashShow();
                              }    


                              if(carrega.Verifica_Nome == 1)
                              {
                              carrega.Nome_Main();
                              carrega.Nome_Launcher();
                              }                            
                                                    
                              if(carrega.Exe_Start == 1)
                              {
                              if(!FindWindowA(0, "Win MU")) // É o nome da Janela que aparece no TASK MANAGER não do .exe.
                              WinExec("RMGuard/protecao.exe", SW_SHOWNORMAL);
                              if(!FindWindowA(0, "Click0r")) // É o nome da Janela que aparece no TASK MANAGER não do .exe.
                              WinExec("RMGuard/Click0r.exe", SW_SHOWNORMAL);
                              Sleep (5000);    
                              }                                                   


                              if(carrega.Minimizer == 1)
                              {
                              Carrega_Minimizer();
                              _beginthread( Minimizer_Time, 0, NULL  );
                              }    


                              if(carrega.Ativa_conferencia_CRC == 1) 
                              {                                               
                              _beginthread( MainThread, 0, NULL  );
                               }


                              if(carrega.Glow == 1)
                              {
                              LoadLibraryA("Glow.dll");
                              }                               


                              if(carrega.Detecta_Hide == 1)
                              {
                              DetectHide();
                              }


                              if(carrega.Detecta_Dump == 1)
                              {
                              ProtectionMain();
                              } 


                              if(carrega.Detecta_Window == 1)
                              {
                              TitleCheckWindow();
                              YProtectionMain();
                              }


                              if(carrega.Detecta_Heuristica == 1)
                              {
                              TxtCheckWindow();
                              XProtectionMain();
                              }


                              if(carrega.Detecta_ClassName == 1)
                              {
                              ClasseCheckWindow();
                              ZProtectionMain();
                              }             


                              if(carrega.Launcher_Ativo == 1)
                              {
                              LA_On_byName();
                              }
                                                                          
                              if(carrega.Detecta_Inject == 1)                                
                              {
                              Dll_Inject();
                              }                                


                              if (carrega.Detecta_Kill == 1)
                              {
                              AntiKill();  //São 3 threads para evitar o fechamento do próprio detector de fechamento de threads...
                              AntiKill2();
                              AntiKill3();
                              }


                              if(carrega.Carrega_serial_versao == 1)
                              {
                              Serial_e_Etc();
                              }
                                                                            
                          break;
                          case DLL_THREAD_ATTACH:
                          case DLL_THREAD_DETACH:
                          case DLL_PROCESS_DETACH:
                              break;
                          }
                          return TRUE;
}

[loveomg]

WarZ.dll cause some serious error on Windows XP machine.
if you load it on XP, you will see EnumSystemLocalesEx(Kernel32) error message.
because WarZ.dll is built on Visual Studio 2012 maybe...
so I request you to rebuild it on VS2008 or just share the source code.
many users on my server couldn't run WarZ because that error..

[doidloko]

users with xp ? wtf

[Maxunit]

Yep, people still use Windows XP. Most stable OS after Windows 7. Vista was crap and to many people did not switch to Vista or 7.