0x25E90B80
Пользователь
-
Автор темы
- #1
Дело было вечером, делать было нечего.
Советую глянуть инжектор, потому что судя по всему он у меня не работает :)
Советую компилить с
Ну или для жадных:
Советую глянуть инжектор, потому что судя по всему он у меня не работает :)
Советую компилить с
Пожалуйста, авторизуйтесь для просмотра ссылки.
, перед компиляцией можно обфусицровать код с
Пожалуйста, авторизуйтесь для просмотра ссылки.
.
Пожалуйста, авторизуйтесь для просмотра ссылки.
(Клик)Ну или для жадных:
Python:
'''Credits: Resilient'''
#all the modules we need
import subprocess
from ctypes import (WinError, byref, c_int, c_long, c_ulong,
create_string_buffer, windll)
import psutil
import time
import getpass
from socket import gethostname
import os
import requests
import pyperclip
import urllib
################################################################
class Injector: #Injector, seems not to work
PROC_ALL_ACCESS = (0x000F0000 | 0x00100000 | 0x00000FFF)
MEM_CREATE = 0x00001000 | 0x00002000
MEM_RELEASE = 0x8000
PAGE_EXECUTE_READWRITE = 0x40
def __init__(self):
self.kernel32 = windll.kernel32
self.user32 = windll.user32
self.pid = c_ulong()
self.handle = None
def create_process(self, path):
return subprocess.Popen([path]).pid
def load_from_pid(self, pid):
self.unload()
self.pid = c_ulong(pid)
self.handle = self.kernel32.OpenProcess(self.PROC_ALL_ACCESS, 0, pid)
if not self.handle:
raise WinError()
def unload(self):
if self.handle:
self.kernel32.CloseHandle(self.handle)
if not self.handle:
raise WinError()
self.handle = None
def alloc_remote(self, buffer, size):
alloc = self.kernel32.VirtualAllocEx(self.handle, None, c_int(size),
self.MEM_CREATE, self.PAGE_EXECUTE_READWRITE)
if not alloc:
raise WinError()
self.write_memory(alloc, buffer)
return alloc
def free_remote(self, addr, size):
if not self.kernel32.VirtualFreeEx(self.handle, addr, c_int(0), self.MEM_RELEASE):
raise WinError()
def get_address_from_module(self, module, function):
module_addr = self.kernel32.GetModuleHandleA(module.encode("ascii"))
if not module_addr:
raise WinError()
function_addr = self.kernel32.GetProcAddress(module_addr, function.encode("ascii"))
if not module_addr:
raise WinError()
return function_addr
def create_remote_thread(self, function_addr, args):
dll_addr = c_long(0)
args_addr = self.alloc_remote(args, len(args))
thread = self.kernel32.CreateRemoteThread(self.handle, None, None, c_long(function_addr),
c_long(args_addr), None, None)
if not thread:
raise WinError()
if self.kernel32.WaitForSingleObject(thread, 0xFFFFFFFF) == 0xFFFFFFFF:
raise WinError()
if not self.kernel32.GetExitCodeThread(thread, byref(dll_addr)):
raise WinError()
self.free_remote(args_addr, len(args))
return dll_addr.value
def read_memory(self, addr, size):
buffer = create_string_buffer(size)
if not self.kernel32.ReadProcessMemory(self.handle, c_long(addr), buffer, size, None):
raise WinError()
return buffer
def write_memory(self, addr, string):
size = len(string)
if not self.kernel32.WriteProcessMemory(self.handle, addr, string, size, None):
raise WinError()
def load_library(self, buffer):
function_addr = self.get_address_from_module("kernel32.dll", "LoadLibraryA")
dll_addr = self.create_remote_thread(function_addr, buffer)
return dll_addr
def inject_dll(self, path):
return self.load_library(path.encode("ascii"))
def call_from_injected(self, path, dll_addr, function, args):
function_offset = self.get_offset_of_exported_function(path.encode("ascii"), function)
self.create_remote_thread(dll_addr + function_offset, args)
def get_offset_of_exported_function(self, module, function):
base_addr = self.kernel32.LoadLibraryA(module)
if not base_addr:
raise WinError()
function_addr = self.kernel32.GetProcAddress(base_addr, function.encode("ascii"))
if not function_addr:
raise WinError()
if not self.kernel32.FreeLibrary(base_addr):
raise WinError()
return function_addr - base_addr
################################################################
class bcolors:
HEADER = '\033[95m'
OKBLUE = '\033[94m'
OKCYAN = '\033[96m'
OKGREEN = '\033[92m'
WARNING = '\033[93m'
FAIL = '\033[91m'
ENDC = '\033[0m'
BOLD = '\033[1m'
UNDERLINE = '\033[4m'
def twoiqhttpprotect():
# Actually my 2iq http debugger protection, you can make it better if you would spen more time on it
for proc in psutil.process_iter():
name = proc.name()
if name == "HTTPDebuggerUI.exe":
print(bcolors.UNDERLINE + "One more try using http debugger and u gonna get banned :)")
time.sleep(2)
exit(0)
hwid_link = requests.get("https://pastebin.com/raw/b5CFB7jp") #Your hwid link here, ex. pastebin
hwid = subprocess.check_output('wmic csproduct get uuid').decode().split('\n')[1].strip()
url = 'https://github.com/r3s1l13nt/ReLoader/raw/main/morph.dll' #xD, your dll link here
user = getpass.getuser()
hostname = gethostname()
userhome = os.path.expanduser('~')
path_process = "C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe"
path_dll = "/Users/" + os.path.split(userhome)[-1] + "/Videos/OneDriveUPD.dll"
def getdll():
urllib.request.urlretrieve(url, '/Users/' + os.path.split(userhome)[-1] + '/Videos/OneDriveUPD.dll') #very nice location to store the dll, I know
def inject():
injector = Injector()
# Open the process (needs to be done, cuz opening not from steam client lul)
pid = injector.create_process(path_process)
time.sleep(1)
# Load it.
injector.load_from_pid(pid)
time.sleep(1)
# Inject the DLL.
dll_addr = injector.inject_dll(path_dll)
#it would be a nice idea to delete the dll after closing the injected process btw
def hwid_check():
if hwid in hwid_link.text:
print("Hwid found!")
time.sleep(1)
getdll()
inject()
print("Injected! Have fun :)")
input("Press ENTER to exit.")
pass
else:
print("Invalid hwid")
time.sleep(0.5)
pyperclip.copy(hwid) #copying the user's hwid
print("Your hwid is now copied to your clipboard, if you're subbed send it to the admin")
time.sleep(5)
input("Press ENTER to exit.")
def hello():
twoiqhttpprotect()
print(" _____ __ _ \n| __ |___| | ___ ___ _| |___ ___ \n| -| -_| |__| . | .'| . | -_| _|\n|__|__|___|_____|___|__,|___|___|_| \n\nCredits: resilient#0001")
time.sleep(2)
os.system('cls')
hwid_check()
hello()
