first commit
|
@ -0,0 +1,71 @@
|
|||
### Ethereal crack
|
||||
[Precompiled download](https://cdn.discordapp.com/attachments/996781654221787202/1017306800879570975/Ethereal.zip)
|
||||
## Additional downloads
|
||||
[Decompiled launcher source code](https://cdn.discordapp.com/attachments/1011950956415569930/1017390878479884318/74rzOc5WHMrs.7z)
|
||||
[Human menu source code which they used as base](https://cdn.discordapp.com/attachments/927257506944782376/1011241837245251594/hbase.zip)
|
||||
[Asset files for human menu](https://cdn.discordapp.com/attachments/996781654221787203/1015977046045904916/hbase-cdrive.rar)
|
||||
## The story
|
||||
# read the story and watch the proofs before telling me that im lying and deciding which side is right.
|
||||
The Ethereal team falsely accused me of ratting people after a reseller of them got ratted and his keys got leaked to the public. At the beginning i tried to try to Jaguar(Admin at Ethereal) peacefully but he didnt believe me and kept trash talking so I had enough of it. I cracked the menu in around 2 hours of work. The auth of them is basically a function which returns a bool which is highly virtualised and mutated. VMProtect and its sdk is used for the main protection. There are two methods of cracking it: One by returning true in the part where the Macro of VMP in the source is placed or by setting the rax register to 1 before the original return after the vm. But lets continue with the story: After i released the crack Jaguar started shittalking me again and released an announcement where he tried to save his ass by saying that the crack is outdated, infected with a rat or just crashes very often, which is not true as only the auth function that only gets called one time gets patched. Jaguar also borrowed around 800 dollars to protect a crash from Jack the Ripper and never paid it back, Jack was kicked from the team instead. They also used the leaked source from human menu which was coded by huangmo for most of their stuff. They are also collecting a lot of information about the users pc that is not used to determine the hwid of a user for "Support reasons". Last but not least Jaguar is accusing me of having something to hide because i packed the Ethereal crack with themida(it was not packed) and provides a screenshot of assembler code that loads a dll as proof.
|
||||
|
||||
## Screenshots and proofs
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/falseaccuse.png">
|
||||
</p>
|
||||
Ethereal falsely accusing me of ratting people
|
||||
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/noratong.png">
|
||||
</p>
|
||||
Proof that i didnt rat the reseller, the person who ratted him admitted it
|
||||
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/aftercrack.png">
|
||||
</p>
|
||||
Ethereal falsely accusing me again after releasing the crack
|
||||
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/proof1.png">
|
||||
</p>
|
||||
Proof that the version was up to date at the moment of release, comparing it with the latest posted changelog(Read the source of the crack to convince yourself that its no rat too <3)
|
||||
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/scam.png">
|
||||
</p>
|
||||
800 dollar scam for protecting a crash
|
||||
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/humanbasemoment.png">
|
||||
</p>
|
||||
References to human base in the menu because g3log saves information about files and functions at compile time to generate stacktraces
|
||||
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/collectedinfo.png">
|
||||
</p>
|
||||
Collected data by Ethereal
|
||||
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/usedinfo.png">
|
||||
</p>
|
||||
Data that is actually used and not just sent to them(computername, volume ids)
|
||||
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/supportreasons.png">
|
||||
</p>
|
||||
Jaguar saying that they are collecting this data for "Support reasons"
|
||||
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/omgitsthemida.png">
|
||||
</p>
|
||||
Jaguar trying to prove that im using themida to hide something and destroying his own argument with this proof
|
||||
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/noknowledge1.jpg">
|
||||
</p>
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/noknowledge2.jpg">
|
||||
</p>
|
||||
<p align="center">
|
||||
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/noknowledge3.jpg">
|
||||
</p>
|
||||
Jaguar just talking bullshit
|
|
@ -0,0 +1,31 @@
|
|||
|
||||
Microsoft Visual Studio Solution File, Format Version 12.00
|
||||
# Visual Studio Version 17
|
||||
VisualStudioVersion = 17.0.32112.339
|
||||
MinimumVisualStudioVersion = 10.0.40219.1
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "HEH", "HEH\HEH.vcxproj", "{45D4AC82-0D5A-4BFC-A0F2-D0A48D64FF10}"
|
||||
EndProject
|
||||
Global
|
||||
GlobalSection(SolutionConfigurationPlatforms) = preSolution
|
||||
Debug|x64 = Debug|x64
|
||||
Debug|x86 = Debug|x86
|
||||
Release|x64 = Release|x64
|
||||
Release|x86 = Release|x86
|
||||
EndGlobalSection
|
||||
GlobalSection(ProjectConfigurationPlatforms) = postSolution
|
||||
{45D4AC82-0D5A-4BFC-A0F2-D0A48D64FF10}.Debug|x64.ActiveCfg = Debug|x64
|
||||
{45D4AC82-0D5A-4BFC-A0F2-D0A48D64FF10}.Debug|x64.Build.0 = Debug|x64
|
||||
{45D4AC82-0D5A-4BFC-A0F2-D0A48D64FF10}.Debug|x86.ActiveCfg = Debug|Win32
|
||||
{45D4AC82-0D5A-4BFC-A0F2-D0A48D64FF10}.Debug|x86.Build.0 = Debug|Win32
|
||||
{45D4AC82-0D5A-4BFC-A0F2-D0A48D64FF10}.Release|x64.ActiveCfg = Release|x64
|
||||
{45D4AC82-0D5A-4BFC-A0F2-D0A48D64FF10}.Release|x64.Build.0 = Release|x64
|
||||
{45D4AC82-0D5A-4BFC-A0F2-D0A48D64FF10}.Release|x86.ActiveCfg = Release|Win32
|
||||
{45D4AC82-0D5A-4BFC-A0F2-D0A48D64FF10}.Release|x86.Build.0 = Release|Win32
|
||||
EndGlobalSection
|
||||
GlobalSection(SolutionProperties) = preSolution
|
||||
HideSolutionNode = FALSE
|
||||
EndGlobalSection
|
||||
GlobalSection(ExtensibilityGlobals) = postSolution
|
||||
SolutionGuid = {5C142364-810A-4970-8C17-795F43AC3E3D}
|
||||
EndGlobalSection
|
||||
EndGlobal
|
|
@ -0,0 +1,166 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup Label="ProjectConfigurations">
|
||||
<ProjectConfiguration Include="Debug|Win32">
|
||||
<Configuration>Debug</Configuration>
|
||||
<Platform>Win32</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release|Win32">
|
||||
<Configuration>Release</Configuration>
|
||||
<Platform>Win32</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Debug|x64">
|
||||
<Configuration>Debug</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release|x64">
|
||||
<Configuration>Release</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
</ItemGroup>
|
||||
<PropertyGroup Label="Globals">
|
||||
<VCProjectVersion>16.0</VCProjectVersion>
|
||||
<Keyword>Win32Proj</Keyword>
|
||||
<ProjectGuid>{45d4ac82-0d5a-4bfc-a0f2-d0a48d64ff10}</ProjectGuid>
|
||||
<RootNamespace>HEH</RootNamespace>
|
||||
<WindowsTargetPlatformVersion>10.0.19041.0</WindowsTargetPlatformVersion>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
|
||||
<ConfigurationType>DynamicLibrary</ConfigurationType>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
|
||||
<ConfigurationType>DynamicLibrary</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
|
||||
<ConfigurationType>DynamicLibrary</ConfigurationType>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
|
||||
<ConfigurationType>DynamicLibrary</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
|
||||
<ImportGroup Label="ExtensionSettings">
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="Shared">
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<PropertyGroup Label="UserMacros" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
|
||||
<LinkIncremental>true</LinkIncremental>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<LinkIncremental>true</LinkIncremental>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>WIN32;_DEBUG;HEH_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>Use</PrecompiledHeader>
|
||||
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Windows</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<EnableUAC>false</EnableUAC>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>WIN32;NDEBUG;HEH_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>Use</PrecompiledHeader>
|
||||
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Windows</SubSystem>
|
||||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<EnableUAC>false</EnableUAC>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>_DEBUG;HEH_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>Use</PrecompiledHeader>
|
||||
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Windows</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<EnableUAC>false</EnableUAC>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>NDEBUG;HEH_EXPORTS;_WINDOWS;_USRDLL;_CRT_SECURE_NO_WARNINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Windows</SubSystem>
|
||||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<EnableUAC>false</EnableUAC>
|
||||
<AdditionalDependencies>MinHook.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="MinHook.h" />
|
||||
<ClInclude Include="obfuscate.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="dllmain.cpp" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
</Project>
|
|
@ -0,0 +1,30 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup>
|
||||
<Filter Include="Source Files">
|
||||
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
|
||||
<Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
|
||||
</Filter>
|
||||
<Filter Include="Header Files">
|
||||
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
|
||||
<Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
|
||||
</Filter>
|
||||
<Filter Include="Resource Files">
|
||||
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
|
||||
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
|
||||
</Filter>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="MinHook.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="obfuscate.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="dllmain.cpp">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
</ItemGroup>
|
||||
</Project>
|
|
@ -0,0 +1,4 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<PropertyGroup />
|
||||
</Project>
|
|
@ -0,0 +1,185 @@
|
|||
/*
|
||||
* MinHook - The Minimalistic API Hooking Library for x64/x86
|
||||
* Copyright (C) 2009-2017 Tsuda Kageyu.
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
||||
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER
|
||||
* OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
||||
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
|
||||
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
||||
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
||||
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
|
||||
#if !(defined _M_IX86) && !(defined _M_X64) && !(defined __i386__) && !(defined __x86_64__)
|
||||
#error MinHook supports only x86 and x64 systems.
|
||||
#endif
|
||||
|
||||
#include <windows.h>
|
||||
|
||||
// MinHook Error Codes.
|
||||
typedef enum MH_STATUS
|
||||
{
|
||||
// Unknown error. Should not be returned.
|
||||
MH_UNKNOWN = -1,
|
||||
|
||||
// Successful.
|
||||
MH_OK = 0,
|
||||
|
||||
// MinHook is already initialized.
|
||||
MH_ERROR_ALREADY_INITIALIZED,
|
||||
|
||||
// MinHook is not initialized yet, or already uninitialized.
|
||||
MH_ERROR_NOT_INITIALIZED,
|
||||
|
||||
// The hook for the specified target function is already created.
|
||||
MH_ERROR_ALREADY_CREATED,
|
||||
|
||||
// The hook for the specified target function is not created yet.
|
||||
MH_ERROR_NOT_CREATED,
|
||||
|
||||
// The hook for the specified target function is already enabled.
|
||||
MH_ERROR_ENABLED,
|
||||
|
||||
// The hook for the specified target function is not enabled yet, or already
|
||||
// disabled.
|
||||
MH_ERROR_DISABLED,
|
||||
|
||||
// The specified pointer is invalid. It points the address of non-allocated
|
||||
// and/or non-executable region.
|
||||
MH_ERROR_NOT_EXECUTABLE,
|
||||
|
||||
// The specified target function cannot be hooked.
|
||||
MH_ERROR_UNSUPPORTED_FUNCTION,
|
||||
|
||||
// Failed to allocate memory.
|
||||
MH_ERROR_MEMORY_ALLOC,
|
||||
|
||||
// Failed to change the memory protection.
|
||||
MH_ERROR_MEMORY_PROTECT,
|
||||
|
||||
// The specified module is not loaded.
|
||||
MH_ERROR_MODULE_NOT_FOUND,
|
||||
|
||||
// The specified function is not found.
|
||||
MH_ERROR_FUNCTION_NOT_FOUND
|
||||
}
|
||||
MH_STATUS;
|
||||
|
||||
// Can be passed as a parameter to MH_EnableHook, MH_DisableHook,
|
||||
// MH_QueueEnableHook or MH_QueueDisableHook.
|
||||
#define MH_ALL_HOOKS NULL
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
// Initialize the MinHook library. You must call this function EXACTLY ONCE
|
||||
// at the beginning of your program.
|
||||
MH_STATUS WINAPI MH_Initialize(VOID);
|
||||
|
||||
// Uninitialize the MinHook library. You must call this function EXACTLY
|
||||
// ONCE at the end of your program.
|
||||
MH_STATUS WINAPI MH_Uninitialize(VOID);
|
||||
|
||||
// Creates a hook for the specified target function, in disabled state.
|
||||
// Parameters:
|
||||
// pTarget [in] A pointer to the target function, which will be
|
||||
// overridden by the detour function.
|
||||
// pDetour [in] A pointer to the detour function, which will override
|
||||
// the target function.
|
||||
// ppOriginal [out] A pointer to the trampoline function, which will be
|
||||
// used to call the original target function.
|
||||
// This parameter can be NULL.
|
||||
MH_STATUS WINAPI MH_CreateHook(LPVOID pTarget, LPVOID pDetour, LPVOID *ppOriginal);
|
||||
|
||||
// Creates a hook for the specified API function, in disabled state.
|
||||
// Parameters:
|
||||
// pszModule [in] A pointer to the loaded module name which contains the
|
||||
// target function.
|
||||
// pszProcName [in] A pointer to the target function name, which will be
|
||||
// overridden by the detour function.
|
||||
// pDetour [in] A pointer to the detour function, which will override
|
||||
// the target function.
|
||||
// ppOriginal [out] A pointer to the trampoline function, which will be
|
||||
// used to call the original target function.
|
||||
// This parameter can be NULL.
|
||||
MH_STATUS WINAPI MH_CreateHookApi(
|
||||
LPCWSTR pszModule, LPCSTR pszProcName, LPVOID pDetour, LPVOID *ppOriginal);
|
||||
|
||||
// Creates a hook for the specified API function, in disabled state.
|
||||
// Parameters:
|
||||
// pszModule [in] A pointer to the loaded module name which contains the
|
||||
// target function.
|
||||
// pszProcName [in] A pointer to the target function name, which will be
|
||||
// overridden by the detour function.
|
||||
// pDetour [in] A pointer to the detour function, which will override
|
||||
// the target function.
|
||||
// ppOriginal [out] A pointer to the trampoline function, which will be
|
||||
// used to call the original target function.
|
||||
// This parameter can be NULL.
|
||||
// ppTarget [out] A pointer to the target function, which will be used
|
||||
// with other functions.
|
||||
// This parameter can be NULL.
|
||||
MH_STATUS WINAPI MH_CreateHookApiEx(
|
||||
LPCWSTR pszModule, LPCSTR pszProcName, LPVOID pDetour, LPVOID *ppOriginal, LPVOID *ppTarget);
|
||||
|
||||
// Removes an already created hook.
|
||||
// Parameters:
|
||||
// pTarget [in] A pointer to the target function.
|
||||
MH_STATUS WINAPI MH_RemoveHook(LPVOID pTarget);
|
||||
|
||||
// Enables an already created hook.
|
||||
// Parameters:
|
||||
// pTarget [in] A pointer to the target function.
|
||||
// If this parameter is MH_ALL_HOOKS, all created hooks are
|
||||
// enabled in one go.
|
||||
MH_STATUS WINAPI MH_EnableHook(LPVOID pTarget);
|
||||
|
||||
// Disables an already created hook.
|
||||
// Parameters:
|
||||
// pTarget [in] A pointer to the target function.
|
||||
// If this parameter is MH_ALL_HOOKS, all created hooks are
|
||||
// disabled in one go.
|
||||
MH_STATUS WINAPI MH_DisableHook(LPVOID pTarget);
|
||||
|
||||
// Queues to enable an already created hook.
|
||||
// Parameters:
|
||||
// pTarget [in] A pointer to the target function.
|
||||
// If this parameter is MH_ALL_HOOKS, all created hooks are
|
||||
// queued to be enabled.
|
||||
MH_STATUS WINAPI MH_QueueEnableHook(LPVOID pTarget);
|
||||
|
||||
// Queues to disable an already created hook.
|
||||
// Parameters:
|
||||
// pTarget [in] A pointer to the target function.
|
||||
// If this parameter is MH_ALL_HOOKS, all created hooks are
|
||||
// queued to be disabled.
|
||||
MH_STATUS WINAPI MH_QueueDisableHook(LPVOID pTarget);
|
||||
|
||||
// Applies all queued changes in one go.
|
||||
MH_STATUS WINAPI MH_ApplyQueued(VOID);
|
||||
|
||||
// Translates the MH_STATUS to its name as a string.
|
||||
const char * WINAPI MH_StatusToString(MH_STATUS status);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
|
@ -0,0 +1,79 @@
|
|||
#define _CRT_SECURE_NO_WARNINGS
|
||||
#include "MinHook.h"
|
||||
#include <thread>
|
||||
#include <filesystem>
|
||||
#include <fstream>
|
||||
#include <string>
|
||||
#include <sstream>
|
||||
#include "obfuscate.h"
|
||||
HANDLE p;
|
||||
void patch(PVOID address, int opCode, int bytes) {
|
||||
DWORD protectbak, dumbshit;
|
||||
VirtualProtectEx(p, address, bytes, PAGE_EXECUTE_READWRITE, &protectbak);
|
||||
memset(address, opCode, bytes);
|
||||
VirtualProtectEx(p, address, bytes, protectbak, &dumbshit);
|
||||
}
|
||||
void patchm(PVOID address, std::vector<char> bytes, int size) {
|
||||
DWORD protectbak, dumbshit;
|
||||
VirtualProtect(address, size, PAGE_EXECUTE_READWRITE, &protectbak);
|
||||
memcpy(address, bytes.data(), size);
|
||||
VirtualProtect(address, size, protectbak, &dumbshit);
|
||||
}
|
||||
bool neger = true;
|
||||
void log(const char* msg) {
|
||||
if (neger) {
|
||||
time_t currentTime;
|
||||
struct tm* localTime;
|
||||
time(¤tTime);
|
||||
localTime = localtime(¤tTime);
|
||||
printf("[%02d:%02d:%02d] %s\n", localTime->tm_hour, localTime->tm_min, localTime->tm_sec, msg);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
__declspec(dllexport) void lessgo(HMODULE hmod) {
|
||||
AllocConsole();
|
||||
p = OpenProcess(PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId());
|
||||
freopen("CONOUT$", "w", stdout);
|
||||
DWORD64 mod = (DWORD64)LoadLibraryA(std::string(AY_OBFUSCATE("C:\\Ethereal\\Ethereal.dll")).c_str());
|
||||
std::stringstream ss;
|
||||
ss << std::hex << mod;
|
||||
patch((void*)(mod + 0x000000000004A980), 0xB8, 1);
|
||||
log(AY_OBFUSCATE("Applied patch 1/10"));
|
||||
patch((void*)(mod + 0x000000000004A981), 0x01, 1);
|
||||
log(AY_OBFUSCATE("Applied patch 2/10"));
|
||||
patch((void*)(mod + 0x000000000004A982), 0x00, 1);
|
||||
log(AY_OBFUSCATE("Applied patch 3/10"));
|
||||
patch((void*)(mod + 0x000000000004A983), 0x00, 1);
|
||||
log(AY_OBFUSCATE("Applied patch 4/10"));
|
||||
patch((void*)(mod + 0x000000000004A984), 0x00, 1);
|
||||
log(AY_OBFUSCATE("Applied patch 5/10"));
|
||||
patch((void*)(mod + 0x000000000004A985), 0xC3, 1);
|
||||
log(AY_OBFUSCATE("Applied patch 6/10"));
|
||||
patch((void*)(mod + 0x000000000004A986), 0x90, 1);
|
||||
log(AY_OBFUSCATE("Applied patch 7/10"));
|
||||
patch((void*)(mod + 0x000000000004A987), 0x90, 1);
|
||||
log(AY_OBFUSCATE("Applied patch 8/10"));
|
||||
patch((void*)(mod + 0x000000000004A988), 0x90, 1);
|
||||
log(AY_OBFUSCATE("Applied patch 9/10"));
|
||||
patch((void*)(mod + 0x000000000004A989), 0x90, 1);
|
||||
log(AY_OBFUSCATE("Applied patch 10/10"));
|
||||
|
||||
while (FindWindowA(0, "Ethereal") == NULL) Sleep(100);
|
||||
HWND w = FindWindowA(0, "Ethereal");
|
||||
SetWindowTextA(w, "Ethereal | cracked by EinTim#0777");
|
||||
}
|
||||
|
||||
BOOL APIENTRY DllMain(HMODULE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
|
||||
{
|
||||
if(ul_reason_for_call == 1){
|
||||
CreateThread(nullptr, NULL, [](LPVOID hmod) -> DWORD {
|
||||
lessgo((HMODULE)hmod);
|
||||
return 0;
|
||||
}, NULL, NULL, NULL);
|
||||
return TRUE;
|
||||
}
|
||||
return FALSE;
|
||||
}
|
||||
|
|
@ -0,0 +1,238 @@
|
|||
#pragma once
|
||||
/* --------------------------------- ABOUT -------------------------------------
|
||||
|
||||
Original Author: Adam Yaxley
|
||||
Website: https://github.com/adamyaxley
|
||||
License: See end of file
|
||||
|
||||
Obfuscate
|
||||
Guaranteed compile-time string literal obfuscation library for C++14
|
||||
|
||||
Usage:
|
||||
Pass string literals into the AY_OBFUSCATE macro to obfuscate them at compile
|
||||
time. AY_OBFUSCATE returns a reference to an ay::obfuscated_data object with the
|
||||
following traits:
|
||||
- Guaranteed obfuscation of string
|
||||
The passed string is encrypted with a simple XOR cipher at compile-time to
|
||||
prevent it being viewable in the binary image
|
||||
- Global lifetime
|
||||
The actual instantiation of the ay::obfuscated_data takes place inside a
|
||||
lambda as a function level static
|
||||
- Implicitly convertable to a char*
|
||||
This means that you can pass it directly into functions that would normally
|
||||
take a char* or a const char*
|
||||
|
||||
Example:
|
||||
const char* obfuscated_string = AY_OBFUSCATE("Hello World");
|
||||
std::cout << obfuscated_string << std::endl;
|
||||
|
||||
----------------------------------------------------------------------------- */
|
||||
|
||||
// Workaround for __LINE__ not being constexpr when /ZI (Edit and Continue) is enabled in Visual Studio
|
||||
// See: https://developercommunity.visualstudio.com/t/-line-cannot-be-used-as-an-argument-for-constexpr/195665
|
||||
#ifdef _MSC_VER
|
||||
#define AY_CAT(X,Y) AY_CAT2(X,Y)
|
||||
#define AY_CAT2(X,Y) X##Y
|
||||
#define AY_LINE int(AY_CAT(__LINE__,U))
|
||||
#else
|
||||
#define AY_LINE __LINE__
|
||||
#endif
|
||||
|
||||
#ifndef AY_OBFUSCATE_DEFAULT_KEY
|
||||
// The default 64 bit key to obfuscate strings with.
|
||||
// This can be user specified by defining AY_OBFUSCATE_DEFAULT_KEY before
|
||||
// including obfuscate.h
|
||||
#define AY_OBFUSCATE_DEFAULT_KEY ay::generate_key(AY_LINE)
|
||||
#endif
|
||||
|
||||
namespace ay
|
||||
{
|
||||
using size_type = unsigned long long;
|
||||
using key_type = unsigned long long;
|
||||
|
||||
// Generate a pseudo-random key that spans all 8 bytes
|
||||
constexpr key_type generate_key(key_type seed)
|
||||
{
|
||||
// Use the MurmurHash3 64-bit finalizer to hash our seed
|
||||
key_type key = seed;
|
||||
key ^= (key >> 33);
|
||||
key *= 0xff51afd7ed558ccd;
|
||||
key ^= (key >> 33);
|
||||
key *= 0xc4ceb9fe1a85ec53;
|
||||
key ^= (key >> 33);
|
||||
|
||||
// Make sure that a bit in each byte is set
|
||||
key |= 0x0101010101010101ull;
|
||||
|
||||
return key;
|
||||
}
|
||||
|
||||
// Obfuscates or deobfuscates data with key
|
||||
constexpr void cipher(char* data, size_type size, key_type key)
|
||||
{
|
||||
// Obfuscate with a simple XOR cipher based on key
|
||||
for (size_type i = 0; i < size; i++)
|
||||
{
|
||||
data[i] ^= char(key >> ((i % 8) * 8));
|
||||
}
|
||||
}
|
||||
|
||||
// Obfuscates a string at compile time
|
||||
template <size_type N, key_type KEY>
|
||||
class obfuscator
|
||||
{
|
||||
public:
|
||||
// Obfuscates the string 'data' on construction
|
||||
constexpr obfuscator(const char* data)
|
||||
{
|
||||
// Copy data
|
||||
for (size_type i = 0; i < N; i++)
|
||||
{
|
||||
m_data[i] = data[i];
|
||||
}
|
||||
|
||||
// On construction each of the characters in the string is
|
||||
// obfuscated with an XOR cipher based on key
|
||||
cipher(m_data, N, KEY);
|
||||
}
|
||||
|
||||
constexpr const char* data() const
|
||||
{
|
||||
return &m_data[0];
|
||||
}
|
||||
|
||||
constexpr size_type size() const
|
||||
{
|
||||
return N;
|
||||
}
|
||||
|
||||
constexpr key_type key() const
|
||||
{
|
||||
return KEY;
|
||||
}
|
||||
|
||||
private:
|
||||
|
||||
char m_data[N]{};
|
||||
};
|
||||
|
||||
// Handles decryption and re-encryption of an encrypted string at runtime
|
||||
template <size_type N, key_type KEY>
|
||||
class obfuscated_data
|
||||
{
|
||||
public:
|
||||
obfuscated_data(const obfuscator<N, KEY>& obfuscator)
|
||||
{
|
||||
// Copy obfuscated data
|
||||
for (size_type i = 0; i < N; i++)
|
||||
{
|
||||
m_data[i] = obfuscator.data()[i];
|
||||
}
|
||||
}
|
||||
|
||||
~obfuscated_data()
|
||||
{
|
||||
// Zero m_data to remove it from memory
|
||||
for (size_type i = 0; i < N; i++)
|
||||
{
|
||||
m_data[i] = 0;
|
||||
}
|
||||
}
|
||||
|
||||
// Returns a pointer to the plain text string, decrypting it if
|
||||
// necessary
|
||||
operator char* ()
|
||||
{
|
||||
decrypt();
|
||||
return m_data;
|
||||
}
|
||||
|
||||
// Manually decrypt the string
|
||||
void decrypt()
|
||||
{
|
||||
if (m_encrypted)
|
||||
{
|
||||
cipher(m_data, N, KEY);
|
||||
m_encrypted = false;
|
||||
}
|
||||
}
|
||||
|
||||
// Manually re-encrypt the string
|
||||
void encrypt()
|
||||
{
|
||||
if (!m_encrypted)
|
||||
{
|
||||
cipher(m_data, N, KEY);
|
||||
m_encrypted = true;
|
||||
}
|
||||
}
|
||||
|
||||
// Returns true if this string is currently encrypted, false otherwise.
|
||||
bool is_encrypted() const
|
||||
{
|
||||
return m_encrypted;
|
||||
}
|
||||
|
||||
private:
|
||||
|
||||
// Local storage for the string. Call is_encrypted() to check whether or
|
||||
// not the string is currently obfuscated.
|
||||
char m_data[N];
|
||||
|
||||
// Whether data is currently encrypted
|
||||
bool m_encrypted{ true };
|
||||
};
|
||||
|
||||
// This function exists purely to extract the number of elements 'N' in the
|
||||
// array 'data'
|
||||
template <size_type N, key_type KEY = AY_OBFUSCATE_DEFAULT_KEY>
|
||||
constexpr auto make_obfuscator(const char(&data)[N])
|
||||
{
|
||||
return obfuscator<N, KEY>(data);
|
||||
}
|
||||
}
|
||||
|
||||
// Obfuscates the string 'data' at compile-time and returns a reference to a
|
||||
// ay::obfuscated_data object with global lifetime that has functions for
|
||||
// decrypting the string and is also implicitly convertable to a char*
|
||||
#define AY_OBFUSCATE(data) AY_OBFUSCATE_KEY(data, AY_OBFUSCATE_DEFAULT_KEY)
|
||||
|
||||
// Obfuscates the string 'data' with 'key' at compile-time and returns a
|
||||
// reference to a ay::obfuscated_data object with global lifetime that has
|
||||
// functions for decrypting the string and is also implicitly convertable to a
|
||||
// char*
|
||||
#define AY_OBFUSCATE_KEY(data, key) \
|
||||
[]() -> ay::obfuscated_data<sizeof(data)/sizeof(data[0]), key>& { \
|
||||
static_assert(sizeof(decltype(key)) == sizeof(ay::key_type), "key must be a 64 bit unsigned integer"); \
|
||||
static_assert((key) >= (1ull << 56), "key must span all 8 bytes"); \
|
||||
constexpr auto n = sizeof(data)/sizeof(data[0]); \
|
||||
constexpr auto obfuscator = ay::make_obfuscator<n, key>(data); \
|
||||
static auto obfuscated_data = ay::obfuscated_data<n, key>(obfuscator); \
|
||||
return obfuscated_data; \
|
||||
}()
|
||||
|
||||
/* -------------------------------- LICENSE ------------------------------------
|
||||
|
||||
Public Domain (http://www.unlicense.org)
|
||||
|
||||
This is free and unencumbered software released into the public domain.
|
||||
|
||||
Anyone is free to copy, modify, publish, use, compile, sell, or distribute this
|
||||
software, either in source code form or as a compiled binary, for any purpose,
|
||||
commercial or non-commercial, and by any means.
|
||||
|
||||
In jurisdictions that recognize copyright laws, the author or authors of this
|
||||
software dedicate any and all copyright interest in the software to the public
|
||||
domain. We make this dedication for the benefit of the public at large and to
|
||||
the detriment of our heirs and successors. We intend this dedication to be an
|
||||
overt act of relinquishment in perpetuity of all present and future rights to
|
||||
this software under copyright law.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS BE
|
||||
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
|
||||
CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
||||
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
|
||||
----------------------------------------------------------------------------- */
|
|
@ -0,0 +1,22 @@
|
|||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<Document Version="2">
|
||||
<Protection InputFileName="HEH.dll" Options="466888" VMCodeSectionName=".eintim">
|
||||
<Messages>
|
||||
<Message Id="0">get yo ass of</Message>
|
||||
<Message Id="1">get yo ass of</Message>
|
||||
<Message Id="2">get yo ass of</Message>
|
||||
<Message Id="3">get yo ass of</Message>
|
||||
<Message Id="4">get yo ass of</Message>
|
||||
</Messages>
|
||||
<Folders />
|
||||
<Procedures>
|
||||
<Procedure MapAddress="lessgo(struct HINSTANCE__ *)" Options="0" CompilationType="2" />
|
||||
</Procedures>
|
||||
<Objects />
|
||||
</Protection>
|
||||
<DLLBox>
|
||||
<Folders />
|
||||
</DLLBox>
|
||||
<Script />
|
||||
<LicenseManager />
|
||||
</Document>
|
|
@ -0,0 +1,43 @@
|
|||
>ethereal.dll
|
||||
000000000028C01C:CC->48
|
||||
000000000028C01D:CC->83
|
||||
000000000028C01E:CC->F8
|
||||
000000000028C01F:CC->00
|
||||
000000000028C020:48->75
|
||||
000000000028C021:83->0B
|
||||
000000000028C022:EC->49
|
||||
000000000028C023:28->81
|
||||
000000000028C024:55->FA
|
||||
000000000028C025:E8->00
|
||||
000000000028C026:5B->80
|
||||
000000000028C027:4E->00
|
||||
000000000028C028:39->00
|
||||
000000000028C029:00->75
|
||||
000000000028C02A:CC->02
|
||||
000000000028C02B:CC->B0
|
||||
000000000028C02C:CC->01
|
||||
000000000028C02D:CC->41
|
||||
000000000028C02E:CC->50
|
||||
000000000028C02F:CC->41
|
||||
000000000028C030:CC->0F
|
||||
000000000028C031:CC->9E
|
||||
000000000028C032:CC->C0
|
||||
000000000028C033:CC->E9
|
||||
000000000028C034:CC->51
|
||||
000000000028C035:CC->91
|
||||
000000000028C036:66->56
|
||||
000000000028C037:66->00
|
||||
000000000028C038:0F->90
|
||||
000000000028C039:1F->90
|
||||
000000000028C03A:84->90
|
||||
000000000028C03B:00->90
|
||||
000000000028C03C:00->90
|
||||
000000000028C03D:00->90
|
||||
000000000028C03E:00->90
|
||||
000000000028C03F:00->90
|
||||
00000000007F5184:41->E9
|
||||
00000000007F5185:50->93
|
||||
00000000007F5186:41->6E
|
||||
00000000007F5187:0F->A9
|
||||
00000000007F5188:9E->FF
|
||||
00000000007F5189:C0->90
|
After Width: | Height: | Size: 144 KiB |
After Width: | Height: | Size: 20 KiB |
After Width: | Height: | Size: 159 KiB |
After Width: | Height: | Size: 150 KiB |
After Width: | Height: | Size: 150 KiB |
After Width: | Height: | Size: 236 KiB |
After Width: | Height: | Size: 22 KiB |
After Width: | Height: | Size: 127 KiB |
After Width: | Height: | Size: 186 KiB |
After Width: | Height: | Size: 1012 KiB |
After Width: | Height: | Size: 70 KiB |
After Width: | Height: | Size: 117 KiB |
After Width: | Height: | Size: 197 KiB |
|
@ -0,0 +1,31 @@
|
|||
|
||||
Microsoft Visual Studio Solution File, Format Version 12.00
|
||||
# Visual Studio Version 17
|
||||
VisualStudioVersion = 17.2.32516.85
|
||||
MinimumVisualStudioVersion = 10.0.40219.1
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "orbitloader", "orbitloader\orbitloader.vcxproj", "{F0E0FAA1-DCF7-48A2-849B-7EF132454445}"
|
||||
EndProject
|
||||
Global
|
||||
GlobalSection(SolutionConfigurationPlatforms) = preSolution
|
||||
Debug|x64 = Debug|x64
|
||||
Debug|x86 = Debug|x86
|
||||
Release|x64 = Release|x64
|
||||
Release|x86 = Release|x86
|
||||
EndGlobalSection
|
||||
GlobalSection(ProjectConfigurationPlatforms) = postSolution
|
||||
{F0E0FAA1-DCF7-48A2-849B-7EF132454445}.Debug|x64.ActiveCfg = Debug|x64
|
||||
{F0E0FAA1-DCF7-48A2-849B-7EF132454445}.Debug|x64.Build.0 = Debug|x64
|
||||
{F0E0FAA1-DCF7-48A2-849B-7EF132454445}.Debug|x86.ActiveCfg = Debug|Win32
|
||||
{F0E0FAA1-DCF7-48A2-849B-7EF132454445}.Debug|x86.Build.0 = Debug|Win32
|
||||
{F0E0FAA1-DCF7-48A2-849B-7EF132454445}.Release|x64.ActiveCfg = Release|x64
|
||||
{F0E0FAA1-DCF7-48A2-849B-7EF132454445}.Release|x64.Build.0 = Release|x64
|
||||
{F0E0FAA1-DCF7-48A2-849B-7EF132454445}.Release|x86.ActiveCfg = Release|Win32
|
||||
{F0E0FAA1-DCF7-48A2-849B-7EF132454445}.Release|x86.Build.0 = Release|Win32
|
||||
EndGlobalSection
|
||||
GlobalSection(SolutionProperties) = preSolution
|
||||
HideSolutionNode = FALSE
|
||||
EndGlobalSection
|
||||
GlobalSection(ExtensibilityGlobals) = postSolution
|
||||
SolutionGuid = {A63EB17C-D34A-47E3-A46D-A4233198AA9B}
|
||||
EndGlobalSection
|
||||
EndGlobal
|
|
@ -0,0 +1,97 @@
|
|||
#define _CRT_SECURE_NO_WARNINGS
|
||||
#include <Windows.h>
|
||||
#include <fstream>
|
||||
#include <filesystem>
|
||||
#include <string>
|
||||
#include <tlhelp32.h>
|
||||
#include "crackdll.h"
|
||||
bool GetPid(const wchar_t* targetProcess, DWORD* procID)
|
||||
{
|
||||
HANDLE snap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
|
||||
if (snap && snap != INVALID_HANDLE_VALUE)
|
||||
{
|
||||
PROCESSENTRY32 pe;
|
||||
pe.dwSize = sizeof(pe);
|
||||
if (Process32First(snap, &pe))
|
||||
{
|
||||
do
|
||||
{
|
||||
if (!wcscmp(pe.szExeFile, targetProcess))
|
||||
{
|
||||
CloseHandle(snap);
|
||||
*procID = pe.th32ProcessID;
|
||||
return true;
|
||||
}
|
||||
} while (Process32Next(snap, &pe));
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
inline bool InjectDLL(const int& pid, const std::string& DLL_Path)
|
||||
{
|
||||
long dll_size = DLL_Path.length() + 1;
|
||||
HANDLE hProc = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid);
|
||||
|
||||
if (hProc == NULL)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
LPVOID MyAlloc = VirtualAllocEx(hProc, NULL, dll_size, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
|
||||
if (MyAlloc == NULL)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
int IsWriteOK = WriteProcessMemory(hProc, MyAlloc, DLL_Path.c_str(), dll_size, 0);
|
||||
if (IsWriteOK == 0)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
DWORD dWord;
|
||||
LPTHREAD_START_ROUTINE addrLoadLibrary = (LPTHREAD_START_ROUTINE)GetProcAddress(LoadLibrary(L"kernel32"), "LoadLibraryA");
|
||||
HANDLE ThreadReturn = CreateRemoteThread(hProc, NULL, 0, addrLoadLibrary, MyAlloc, 0, &dWord);
|
||||
if (ThreadReturn == NULL)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
if ((hProc != NULL) && (MyAlloc != NULL) && (IsWriteOK != ERROR_INVALID_HANDLE) && (ThreadReturn != NULL))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
bool neger = true;
|
||||
void log(const char* msg) {
|
||||
if (neger) {
|
||||
time_t currentTime;
|
||||
struct tm* localTime;
|
||||
time(¤tTime);
|
||||
localTime = localtime(¤tTime);
|
||||
printf("[%02d:%02d:%02d] %s\n", localTime->tm_hour, localTime->tm_min, localTime->tm_sec, msg);
|
||||
}
|
||||
|
||||
}
|
||||
int main() {
|
||||
SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE), 0x0008);
|
||||
std::string dllpath = getenv("temp") + std::string("\\hedtbdhbt.dll");
|
||||
if (!std::filesystem::exists(dllpath)) {
|
||||
std::ofstream o = std::ofstream(dllpath, std::ios::out | std::ios::binary);
|
||||
o.write((const char*)rawData, sizeof(rawData));
|
||||
o.close();
|
||||
}
|
||||
SetConsoleTitleA("Ethereal | Cracked by EinTim#0777");
|
||||
log("Welcome to the Ethereal shitshow.");
|
||||
log("Thanks for shittalking monarch <3");
|
||||
log("Waiting for gta 5");
|
||||
DWORD prcid;
|
||||
while (!GetPid(L"GTA5.exe", &prcid))
|
||||
Sleep(40000);
|
||||
log("Found gta 5");
|
||||
InjectDLL(prcid, dllpath);
|
||||
log("injected Ethereal");
|
||||
Sleep(10000);
|
||||
}
|
|
@ -0,0 +1,140 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup Label="ProjectConfigurations">
|
||||
<ProjectConfiguration Include="Debug|Win32">
|
||||
<Configuration>Debug</Configuration>
|
||||
<Platform>Win32</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release|Win32">
|
||||
<Configuration>Release</Configuration>
|
||||
<Platform>Win32</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Debug|x64">
|
||||
<Configuration>Debug</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release|x64">
|
||||
<Configuration>Release</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
</ItemGroup>
|
||||
<PropertyGroup Label="Globals">
|
||||
<VCProjectVersion>16.0</VCProjectVersion>
|
||||
<Keyword>Win32Proj</Keyword>
|
||||
<ProjectGuid>{f0e0faa1-dcf7-48a2-849b-7ef132454445}</ProjectGuid>
|
||||
<RootNamespace>orbitloader</RootNamespace>
|
||||
<WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
|
||||
<ConfigurationType>Application</ConfigurationType>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<WholeProgramOptimization>true</WholeProgramOptimization>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
|
||||
<ImportGroup Label="ExtensionSettings">
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="Shared">
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<PropertyGroup Label="UserMacros" />
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<LanguageStandard>stdcpp17</LanguageStandard>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<UACExecutionLevel>RequireAdministrator</UACExecutionLevel>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="main.cpp" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="crackdll.h" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
</Project>
|
|
@ -0,0 +1,27 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup>
|
||||
<Filter Include="Source Files">
|
||||
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
|
||||
<Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
|
||||
</Filter>
|
||||
<Filter Include="Header Files">
|
||||
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
|
||||
<Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
|
||||
</Filter>
|
||||
<Filter Include="Resource Files">
|
||||
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
|
||||
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
|
||||
</Filter>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="main.cpp">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="crackdll.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
</ItemGroup>
|
||||
</Project>
|
|
@ -0,0 +1,4 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<PropertyGroup />
|
||||
</Project>
|