Forum Authority

Full Version: Commercial Game Hack Loader
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Yo.

So I've been at this for a bit, I finished the project I was hired to do, but kind of overdid it and made a whole system for injecting dll's securely all the while keeping a commerce aspect in mind and embedding it.

The whole project combined has taken me roughly 1-2 weeks for me now to be able to call it done.

Side note that the videos and pictures are a little outdated in this thread, I've done allot of stuff since I originally posted this thread on a few other forums, so a few problems like not being able to back out of the inject hack menu have since been fixed and more options like being able to set your public and private keys have been added.

Here's a snap of the Solution Explorer:
[Image: Cy1xFup.png]

The program in a nutshell:

User buys access to a hack for say a month, a log is created on ftp of transaction, program recognizes that and acts accordingly, then disposes of the log. Client is now able to inject a hacked dll into a game of their choice (Obv. the one they payed for). Every day a "chronjob" is ran and checks and removes access to hacks as it's needed. 

How it works in depth:

The program here is extremely secure, there is never a dll actually created on the client's computer, all dll's are stored server side and are encrypted and sent to the client with Polymorphic AES 2056, once received the client asks the server for the key to decrypt(key changes after every request for key), once it gets the key it will decrypt the bytes it just received. Now here's the kicker, it's a pain in the **** to inject a process without writing a dll to the disk, so what i took some time to learn is manual memory mapping, thus, the client will remap the bytes IN MEMORY into the target process and then unload all traces of the dll's bytes ever existing. This meaning that the client will never be able to keep any of the hacks. And for the keen out of you, you've already realised that this is a pretty much bulletproof anti-reverse engineering and decompiling program, because all info is stored on the server and requires an active account to access it's files, every time a function is called on the server I check the validity of the account accessing it, so if it's a forged account, I'll see right through it and may in the future force the client to self destruct, and then ban that IP and HWID. All DLL's are dynamically grabbed on the server, so all you have to do is add more dll's with no need to recompile the server every time you add a new hack. Here's a video of it in action.  Also mind you every time a client requests a hack, the DLL is scrambled, its control flow is modified and it's then obfuscated to ensure that there won't be signature based detections by Anti-cheats

Looks fuckin sick. Great job man!
Great Scott, this is the shit.