Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 01.jul.2012:
- client:
- certificate & drivers reincluded in the exe
- e_krnl(apply to client and hack):
- bea-engine is not used anymore, hde (32/64) is used instead
- 24.jun.2012:
- e_anon(32&64):
- not anymore blank rh hack but blank dlls 32/64
- 23.jun.2012:
- e_sys(32&64):
- 32&64:
- MEMORY_PROTECT will now handle variable size of any lenght (not limited to one page maximum anymore)
- 64:
- MEMORY_LOCK/MEMORY_PROTECT now also handle 64bit addresses hence security of native process is now fully assured
- 20.jun.2012:
- e_krnl(apply to client and hack):
- now exports more stuff 32&64 compatible,
- smbios infos, two methods only, none for winxp32,it's to come.
- 13.jun.2012:
- plugins:
- ported 'global plugins' to x86-64
- e_krnl(apply to client and hack):
- fixed dll_map class for working with pe32+(amd64)
- added interception of critical functions via iat patching before resolving them,
- so it's not anymore needed for the user to have extra redefine in plugins & drawers ,
- 'malloc,new,realloc,delete,free' will then pass thru driver automatically
- 12.jun.2012:
- drawers:
- ported to x86-64 aswell as moved into a subdirectory of their own in "rhc_bin\drawers\x86-??"
- the only missing drawer actually is directx 8 due to the lack of d3d8x.lib for it (must search for, delayed)
- royalhack:
- ported to x86-64 ,
- plugins therefore are as drawers:
- into a subdirectory of their own in "rhc_bin\plugins\x86-??"
- 11.jun.2012:
- client:
- native 64 bit client executable (same as the 32 bit one, faster than in wow64 eats less memory too)
- irc module is less of a bother, eats less resources
- bassmod is removed(we had 32 bit only, new one is different + 64, removed),
- 3rd party evil player is used instead (see tools path,lightweight freeware indeed)
- system account detection (for elevation),
- is fixed for foreign language (ex: sistèma, then loopback elevate, never login, flashing console, ets...)
- dep can be enabled even permanently
- taskbar/shell icon remotely aquired (can be updated silently at anytime)
- directx(8,9,10,11) offset grabber fixed for 64 bit version
- the client clean the place behind himself,
- it'll close whatever exe it launch'as system' (childs,hidden or not,player/dbgview/psexec/cmd/else)
- vista/2008r1(sp0/sp1/sp2) and seven/2008r2(sp0/sp1) for x86-32/x86-64(disabled patchguard, debug mode) tested
- windows 8 tested only in 64 bit version of the oses (dev-prev,cons-prev,rls-prev)
- act erratically in windows xp 'it works or no' depends of the os-iso/intall/drivers/service packs/the softwares/the antiviruses/the face of the user/whatever else i not mentioned
- e_krnl(apply to client and hack):
- fixed for compiling as 64 bit with vs10+intel12.1
- manually make use of ddk's crt init rather than fully custom (handle it all rather than lacks this or that)
- does not mess up anymore when allocating memory
- does not contains "superflux/extras" in windows_api.cpp anymore
- harware random number genrator (some cpu only sry),
- should not bugs out anyone who can not use it see rand_hw.cpp
- added crc32 runtime hasing for compile time encrypted strings see "encrypt_line" ctstr.h
- if/when a protected "DYN_LOCK" function,
- has crashed the user will be asked if continue or leave the application see macro.h
- removed locker::dump "contained.cpp" function in "container.cpp"
- removed tib/teb/peb fake classes that inherit of each other & copy, use the real deal instead
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement