-
Q-Protect Anti hack source code
Hi,
I thought I release the source code now as I promised it ones :ott1:
I'm not working on this project anymore so no reason to keep it for myself.
Well I hope you all can use it well or even improve it if you like too :ott1:
If you are going to use this source don't forget to give me some credits :wink:
Source code from my Flyff Source
Functions : [C++] qProtect - Pastebin.com
How I execute them
Code:
#ifdef __QUGET_NON_PROTECT_DLL_VERSION
HANDLE_QUGET_ANTI_PACKET = CreateThread(0, 0, (LPTHREAD_START_ROUTINE)QUGET_ANTI_PACKET, 0, 0, 0 );
HANDLE_QUGET_ANTI_SPEED = CreateThread(0, 0, (LPTHREAD_START_ROUTINE)QUGET_ANTI_SPEED, 0, 0, 0 );
HANDLE_QUGET_ANTI_WINM = CreateThread(0, 0, (LPTHREAD_START_ROUTINE)QUGET_ANTI_WINM, 0, 0, 0 );
#endif
This source can be used for most games :ott1:
Lol its not really big its simple and messy in my view.
Don't forget to like this post for the release :P:
-
Re: Q-Protect Anti hack source code
If I can break your code by modifying the string table, you're doing it wrong.
Edit: Proxy DLLs.
-
Re: Q-Protect Anti hack source code
Then improve it? Source is there:p
You don't get the goal for releasing a source code?
-
Re: Q-Protect Anti hack source code
That's like releasing a hello world as an operating system example and then when someone says "this isn't an operating system" you reply "so improve it, isn't that the point of releasing the source code?"
/facepalm.
-
Re: Q-Protect Anti hack source code
Quote:
Originally Posted by
MisterKid
Then improve it? Source is there:p
You don't get the goal for releasing a source code?
That implies that there's something of substance to begin with. That's not to say that your code isn't useful -- it has the makings of a packet editor already -- just that if it cannot protect itself from reversing, it won't protect a game client.
-
Re: Q-Protect Anti hack source code
Anywho anyone willing to improve the anti-hack can just go ahead, the source was probably released probably due to it lacking interest for the OP and therefor decide to release it rather than working on it.
-
Re: Q-Protect Anti hack source code
It helps some people :ott1: that was my goal. Or it makes people wanting to do more into anti-hacking.
I didn't really like it so i gave up on it a long time ago. And I promised to release the source ones so I did.
@people complaining.
Read
Quote:
"Well I hope you all can use it well or even improve it if you like too "
Lol its not really big its simple and messy in my view.
-
Re: Q-Protect Anti hack source code
Well, I've been semi-waiting for this, merely because I'm interested in how it works (whether or not it's perfect)
Btw, think you put enough smilies in the first post? o.o
-
Re: Q-Protect Anti hack source code
Thanks For the Download I will try to make the antihack better
-
Re: Q-Protect Anti hack source code
Bump.
The non sourced thread is getting some post and I get bugged on msn/pm's
I do not continue so use the source!
-
Re: Q-Protect Anti hack source code
Is this source updated or not?
-
Re: Q-Protect Anti hack source code
Quote:
Originally Posted by
Intelligence
Is this source updated or not?
updated in which way? It haven't been touched since release if that's what you're asking.
-
Re: Q-Protect Anti hack source code
Ahhh ok. I mean is, the one that developing by misterkid is q-protect 4 and he said in his last post (I think) in the thread were q-protect 4 is 'go to the source of it'. That's why I came here.
-
Re: Q-Protect Anti hack source code
I haven't looked at it, but this was released after q-protect v4, so I'm guessing this is the source for that version.
-
Re: Q-Protect Anti hack source code
Alright and I see that this has been released after qpro 4.
-
Re: Q-Protect Anti hack source code
the source is the latest version :P
-
Re: Q-Protect Anti hack source code
Uhhhh...
#1 - Threading in an antihack isn't usually good unless done properly(which requires time checking by the main thread). A hacker can simply suspend your checking threads and your antihack is bypassed. You should have it check in a function that is essential to the game's processing, such as render.
#2 - Why are you using ASM and VirtualProtect at all? You can simply do something like:
Code:
DWORD dwAddr = GetProcAddress(hModule, "QueryPerformanceCounter");
if(*((BYTE*)dwAddr) == 0xE9)
...
#3 - This only checks for jmps at the address of the functions. A hacker can also jmp inside the function, or even hook the vtable and bypass any .text section checking completely. Do some research and you can easily find much better methods of detour detection.
#4 - At least check for hooks on ExitProcess/GetProcAddress/GetModuleHandle. Those are also easy ways to bypass this "antihack".
-
Re: Q-Protect Anti hack source code
Updated link
@ Mootie Ty :P
-
Re: Q-Protect Anti hack source code
hey sir can you add splash thingy?
-
Re: Q-Protect Anti hack source code
Erm Mootie your way is invalid.
DWORD dwAddr = GetProcAddress(hModule, "QueryPerformanceCounter");
Will get you the function address when the dll has the export.
Kernal32.dll exports QueryPerformanceCounter right?:P
if(*((BYTE*)dwAddr) == 0xE9)
It is not possible to do it like this :P
I found another way to block functions. The new way just replaces the function if it can find the function addres :P But using the same method you be able to bypass the antihack :S (only if you know the function addres) Most Flyff server has their neuzes unpacked so it would be easy to find the addres.
-
Re: Q-Protect Anti hack source code
Quote:
Originally Posted by
MisterKid
Erm Mootie your way is invalid.
DWORD dwAddr = GetProcAddress(hModule, "QueryPerformanceCounter");
Will get you the function address when the dll has the export.
Kernal32.dll exports QueryPerformanceCounter right?:P
if(*((BYTE*)dwAddr) == 0xE9)
It is not possible to do it like this :P
I found another way to block functions. The new way just replaces the function if it can find the function addres :P But using the same method you be able to bypass the antihack :S (only if you know the function addres) Most Flyff server has their neuzes unpacked so it would be easy to find the addres.
Why doesn't it work? It seems perfectly valid to me.
dwAddr = DWORD(an x86 address)
dwAddr is cast as a ptr to a BYTE
dwAddr is dereferenced and checked to make sure the function call isn't detoured
It does the exact same thing as what your code does, except less mess and performance overhead. The only thing that doesn't work about it is if the hacker uses a non-standard detour that doesn't use the 0xE9 instruction, but yours doesn't protect against this either. VirtualProtect is completely unnecessary to check the text section of a normal loaded module.
-
Re: Q-Protect Anti hack source code
getproc doesnt really return a Dword. But I try converting it and test it again .
:p just interested in it agaib lol
Posted via Mobile Device
-
Re: Q-Protect Anti hack source code
some ideas:
Let your anticheat scan itself and the Neuz.exe for modifications.
Let your anticheat send some crypted information to the server, which kicks/bans the user, if the informations are not valid / sent.
Create a driver, which blocks ZwOpenProcess, ZwReadProcessMemory, ZwWriteProcessMemory, etc..
Ignore jmps at the begging of a function (this isn't really efficient, because you still can hook in the mid of the function)
example
Code:
int QueryPerformanceCounter_real = (DWORD)GetProcAddress(GetModuleHandle("Kernel32.dll"), "QueryPerformanceCounter") + 5;
__declspec(naked) BOOL WINAPI QueryPerformanceCounter_proxy(LARGE_INTEGER *lpPerformanceCount)
{
__asm
{
mov edi, edi
push ebp
mov ebp, esp
jmp [QueryPerformanceCounter_real]
}
}
-
Re: Q-Protect Anti hack source code
make it minimized to tray when opened =))
-
Re: Q-Protect Anti hack source code
Which version should I use visual studio?
2003 not open
-
Re: Q-Protect Anti hack source code
You need visual studio 2010.
-
Re: Q-Protect Anti hack source code
-
Re: Q-Protect Anti hack source code
this anti hack is obsolete and really easy to bypass as is. Their is ALOT more secure and non by-passable ways to build an anti-hack in your neuz. Their is alot of releases out their that fix almost every major bug. if you are looking for cheat engine, speed hack fixes, and a simple hack detection system look in this source:
http://forum.ragezone.com/f457/goh-f...y-play-922629/
I do not recommend using this source for your live server, its loaded with bugs and back doors.... Just look at the versioncommon and rip the security stuff out for your server. You don't even have to know c++ to do this. just common sense.
And lastly their is a redone version of this out their, quget developed this decent anti-hack. when he couldn't take it any further he released it here. Some flyff servers took his code here and applied it into their neuz directly. At least 1 top flyff server i know of uses this antihack like i said above... Also if you REALLY need an antihack the itak-pro source was leaked and is around somewhere. *I'm not sure if its released here* I dont like itak but it will get the job done for your server for now, maybe since its a source you could make it better then itak himself. Itaks is by passable but its not something a normal player could do ( maybe if they tried..)
and this is all i have to say about this...
-
Re: Q-Protect Anti hack source code
Quote:
Originally Posted by
Johnny
this anti hack is obsolete and really easy to bypass as is.
Really? :?: but how does the NOP...
Quote:
Originally Posted by
Johnny
Their is ALOT more secure and non by-passable ways to build an anti-hack in your neuz.
I've bypassed GameGuard and Hackshield in various ways... VAC and Warden both have public bypasses available. You think you can make a better anticheat than these huge companies? Good luck sir. By definition, a client-sided anticheat can be bypassed. A clientsided anticheat is merely to keep idiots from messing with things they shouldn't be.
I'm betting itak pro would be able to keep you busy for awhile, which is funny considering is .NET unobfuscated anticheat... :/:
Quote:
Originally Posted by
Johnny
Almost every major bug? I can name dozens of remote code execution exploits that aren't patched publicly and I'm sure there are many more...
Quote:
Originally Posted by
Johnny
I do not recommend using this source for your live server, its loaded with bugs and back doors.... Just look at the versioncommon and rip the security stuff out for your server. You don't even have to know c++ to do this. just common sense.
Yes, you don't have to understand the potentially backdoored code you're putting into your source... Just copy paste and is all good. ^^
-
Re: Q-Protect Anti hack source code
Cool cool... but can anyone reup the source?