Новичок
-
Автор темы
- #1
Python:
import ctypes
import struct
def find_offsets(pattern, game_module):
memory_view = ctypes.string_at(game_module, 0x100000)
offset = memory_view.find(pattern)
if offset != -1:
address = game_module + offset
return address
else:
return None
def bypass_valve_anti_cheat():
game_module = ctypes.windll.kernel32.GetModuleHandleA(None)
client_state_pattern = b"\x8B\x35\x00\x00\x00\x00\x8B\x0D\x00\x00\x00\x00"
game_directory_pattern = b"\x8D\x8E\x00\x00\x00\x00\x50\xE8\x00\x00\x00\x00"
map_directory_pattern = b"\x8D\x8E\x00\x00\x00\x00\x50\xE8\x00\x00\x00\x00"
server_ip_pattern = b"\x8B\x35\x00\x00\x00\x00\x8B\x0D\x00\x00\x00\x00"
server_port_pattern = b"\x8B\x35\x00\x00\x00\x00\x8B\x0D\x00\x00\x00\x00"
client_state_address = find_offsets(client_state_pattern, game_module)
game_directory_address = find_offsets(game_directory_pattern, game_module)
map_directory_address = find_offsets(map_directory_pattern, game_module)
server_ip_address = find_offsets(server_ip_pattern, game_module)
server_port_address = find_offsets(server_port_pattern, game_module)
game_directory = ctypes.wstring_at(game_directory_address)
map_directory = ctypes.wstring_at(map_directory_address)
server_ip = struct.unpack('<I', ctypes.string_at(server_ip_address, 4))[0]
server_port = struct.unpack(
'<H', ctypes.string_at(server_port_address, 2))[0]
# Print the read values
print("Game Directory:", game_directory)
print("Map Directory:", map_directory)
print("Server IP:", server_ip)
print("Server Port:", server_port)
new_game_directory = game_directory + "_bypass"
new_map_directory = map_directory + "_bypass"
new_server_ip = "127.0.0.1"
new_server_port = 27015
ctypes.memmove(game_directory_address, new_game_directory.encode(
'utf-16-le'), len(new_game_directory) * 2)
ctypes.memmove(map_directory_address, new_map_directory.encode(
'utf-16-le'), len(new_map_directory) * 2)
ctypes.memmove(server_ip_address, struct.pack(
'<I', int(server_ip_address.IPv4Address(new_server_ip))), 4)
ctypes.memmove(server_port_address, struct.pack('<H', new_server_port), 2)
bypass_valve_anti_cheat()
Код:
#include <iostream>
#include <string>
#include <vector>
#include <windows.h>
std::vector<unsigned char> search_pattern(const std::vector<unsigned char>& pattern, HANDLE hProcess) {
std::vector<unsigned char> result;
MEMORY_BASIC_INFORMATION mbi;
unsigned char* p = nullptr;
for (p = nullptr; VirtualQueryEx(hProcess, p, &mbi, sizeof(mbi)) == sizeof(mbi); p += mbi.RegionSize) {
if (mbi.State == MEM_COMMIT && (mbi.Protect == PAGE_READWRITE || mbi.Protect == PAGE_EXECUTE_READWRITE)) {
std::vector<unsigned char> buffer(mbi.RegionSize);
SIZE_T bytesRead;
if (ReadProcessMemory(hProcess, p, &buffer[0], mbi.RegionSize, &bytesRead)) {
for (size_t i = 0; i < bytesRead - pattern.size(); ++i) {
if (std::equal(pattern.begin(), pattern.end(), buffer.begin() + i)) {
result.insert(result.end(), p + i, p + i + pattern.size());
}
}
}
}
}
return result;
}
void bypass_valve_anti_cheat() {
HANDLE hProcess = GetCurrentProcess();
// Define the patterns to search for
std::vector<unsigned char> client_state_pattern = { 0x8B, 0x35, 0x00, 0x00, 0x00, 0x00, 0x8B, 0x0D, 0x00, 0x00, 0x00, 0x00 };
std::vector<unsigned char> game_directory_pattern = { 0x8D, 0x8E, 0x00, 0x00, 0x00, 0x00, 0x50, 0xE8, 0x00, 0x00, 0x00, 0x00 };
std::vector<unsigned char> map_directory_pattern = { 0x8D, 0x8E, 0x00, 0x00, 0x00, 0x00, 0x50, 0xE8, 0x00, 0x00, 0x00, 0x00 };
std::vector<unsigned char> server_ip_pattern = { 0x8B, 0x35, 0x00, 0x00, 0x00, 0x00, 0x8B, 0x0D, 0x00, 0x00, 0x00, 0x00 };
std::vector<unsigned char> server_port_pattern = { 0x8B, 0x35, 0x00, 0x00, 0x00, 0x00, 0x8B, 0x0D, 0x00, 0x00, 0x00, 0x00 };
std::vector<unsigned char> client_state_address = search_pattern(client_state_pattern, hProcess);
std::vector<unsigned char> game_directory_address = search_pattern(game_directory_pattern, hProcess);
std::vector<unsigned char> map_directory_address = search_pattern(map_directory_pattern, hProcess);
std::vector<unsigned char> server_ip_address = search_pattern(server_ip_pattern, hProcess);
std::vector<unsigned char> server_port_address = search_pattern(server_port_pattern, hProcess);
std::string game_directory(reinterpret_cast<char*>(&game_directory_address[0]));
std::string map_directory(reinterpret_cast<char*>(&map_directory_address[0]));
DWORD server_ip = *reinterpret_cast<DWORD*>(&server_ip_address[0]);
WORD server_port = *reinterpret_cast<WORD*>(&server_port_address[0]);
std::cout << "Game Directory: " << game_directory << std::endl;
std::cout << "Map Directory: " << map_directory << std::endl;
std::cout << "Server IP: " << server_ip << std::endl;
std::cout << "Server Port: " << server_port << std::endl;
std::string new_game_directory = game_directory + "_bypass";
std::string new_map_directory = map_directory + "_bypass";
std::string new_server_ip = "127.0.0.1";
WORD new_server_port = 27015;
WriteProcessMemory(hProcess, &game_directory_address[0], new_game_directory.c_str(), new_game_directory.size() + 1, nullptr);
WriteProcessMemory(hProcess, &map_directory_address[0], new_map_directory.c_str(), new_map_directory.size() + 1, nullptr);
WriteProcessMemory(hProcess, &server_ip_address[0], &new_server_ip, new_server_ip.size() + 1, nullptr);
WriteProcessMemory(hProcess, &server_port_address[0], &new_server_port, sizeof(new_server_port), nullptr);
}
int main() {
bypass_valve_anti_cheat();
return 0;
}