API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 26th, 2011
321
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Delphi 7.04 KB | None | 0 0
raw download clone embed print report
  1. library zz7;
  2.  
  3. uses
  4.   Windows,
  5.   sysutils,
  6.   classes,
  7.   tlhelp32,
  8.   WbemScripting_TLB,
  9.   OleServer,
  10.   ActiveX,
  11.   Variants;
  12.  
  13. {$E des}
  14.  
  15. const
  16.  ReplyGameGuardQuery = '?ReplyGameGuardQuery@UNetworkHandler@@UAEXKKKK@Z';
  17.  cdddd: PChar = 'cdddd'#0;
  18. {$R *.RES}
  19.  
  20. var DllHandle: THandle;
  21.     Offset: DWORD;
  22.     Hlapex: Byte;
  23.     ReplyGameGuardQueryAddr: PByte;
  24.     ID,
  25.     PK1,PK2,
  26.     PacketHdr: DWord;
  27.     key: Integer;
  28.     WindowList,
  29.     NamesList,
  30.     PEList,DataList: TStringList;
  31.     SWbemLocator:   TSWbemLocator;
  32.  
  33. function ShowProp(SProp: SWBemProperty; device_id: String): string;
  34. begin
  35. Result:='';
  36. if (SProp.Get_Value <> null) then
  37.   begin
  38.     with SProp do
  39.       begin
  40.           if Name = device_id then
  41.             begin
  42.               Result:= Get_Value;
  43.  
  44.           end;
  45.       end; { with }
  46.   end; { if 1 }
  47. end;
  48.  
  49. function getProc_id(id_device:String):string;
  50. var
  51.   Service:             ISWbemServices;
  52.   ObjectSet:           ISWbemObjectSet;
  53.   SObject:             ISWbemObject;
  54.   PropSet:             ISWbemPropertySet;
  55.   SProp:               ISWbemProperty;
  56.  
  57.   PropEnum, Enum:      IEnumVariant;
  58.   TempObj:             OleVariant;
  59.   Value:               Cardinal;
  60.  
  61.  
  62. begin
  63.    Result:='';
  64.   Service:= SWbemLocator.ConnectServer('.', 'root\CIMV2', '', '', '','', 0, nil);
  65.   SObject:= Service.Get('Win32_Processor', wbemFlagUseAmendedQualifiers, nil);
  66.   ObjectSet:= SObject.Instances_(0, nil);
  67.   Enum:= (ObjectSet._NewEnum) as IEnumVariant;
  68.   Enum.Next(1, TempObj, Value);
  69.   SObject:= IUnknown(TempObj) as SWBemObject;
  70.   PropSet := SObject.Properties_;
  71.   PropEnum := (PropSet._NewEnum) as IEnumVariant;
  72.   while (PropEnum.Next(1, TempObj, Value) = S_OK) do
  73.   begin
  74.     SProp:= IUnknown(TempObj) as SWBemProperty;
  75.     Result:=ShowProp(SProp,id_device);
  76.   end;
  77. end;
  78.  
  79.  
  80. function FindVolumeSerial(const Drive : PChar) : DWORD;
  81. var
  82.    VolumeSerialNumber : DWORD;
  83.    MaximumComponentLength : DWORD;
  84.    FileSystemFlags : DWORD;
  85. begin
  86.    Result:=0;
  87.    if GetVolumeInformation(
  88.         Drive,
  89.         nil,
  90.         0,
  91.         @VolumeSerialNumber,
  92.         MaximumComponentLength,
  93.         FileSystemFlags,
  94.         nil,
  95.         0)  then
  96.            Result := VolumeSerialNumber;
  97. end;
  98.  
  99.  
  100.  
  101. function FindIllegalSowtware(hwnd: THandle; lParam: Longint): Boolean; stdcall;
  102. var buffer: array[0..255] of Char;
  103.     p, i: Integer;
  104.     classname, title: String;
  105.     DataWindow:TStringList;
  106. begin
  107. DataWindow:= TStringList.Create;
  108.  result := false;
  109.  Hlapex := Hlapex or 4;
  110.  GetClassName(hwnd,buffer,sizeof(buffer));
  111.  StrCopy(buffer,StrLower(buffer));
  112.  for i := 0 to WindowList.Count-1 do begin
  113.   title := '';
  114.   p := pos(#9,WindowList[i]);
  115.   if p <> 0 then begin
  116.      classname := copy(WindowList[i],1,p-1);
  117.  
  118.      title := copy(WindowList[i],p+1,length(WindowList[i]));
  119.       DataWindow.Add('title ='+title);
  120.   end else
  121.    classname :=  WindowList[i];
  122.    DataWindow.Add('ClassName ='+classname);
  123.   if StrPas(buffer) = classname then begin
  124.    if title<>'' then begin
  125.      GetWindowText(hwnd,buffer,sizeof(buffer));
  126.      StrCopy(buffer,StrLower(buffer));
  127.      if pos(title,StrPas(buffer)) = 0 then continue;
  128.    end;
  129.    exit;
  130.   end;
  131.  
  132.  end;
  133.  GetWindowText(hwnd,buffer,sizeof(buffer));
  134.  StrCopy(buffer,StrLower(buffer));
  135.  for i := 0 to NamesList.Count-1 do
  136.   if pos(NamesList[i],StrPas(buffer)) = 1 then exit;
  137.  Hlapex := Hlapex xor 4;
  138.  result := True;
  139.  
  140. end;
  141.  
  142.  
  143.  
  144. procedure ScanPe;
  145. var snapshoot: THandle;
  146.     PE: PROCESSENTRY32;
  147.     fn: STring;
  148.     i: Integer;
  149. begin
  150.  Hlapex := Hlapex or 4;
  151.  snapshoot := CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS,0);
  152.  if snapshoot <> 0 then try
  153.   if Process32First(snapshoot,PE) then
  154.   repeat
  155.      fn := LowerCase(ExtractFileName(Pe.szExeFile));
  156.      for i := 0 to PEList.Count-1 do
  157.       if pos(PEList[i],fn) = 1 then exit;
  158.  
  159.   until NOT Process32Next(snapshoot,PE);
  160.  finally
  161.   CloseHandle(snapshoot);
  162.  end;
  163.  Hlapex := Hlapex xor 4;
  164. end;
  165.  
  166. procedure CheckEnv; stdcall;
  167. begin
  168.  PK1 := Random(MaxInt);
  169.  PK1 := PK1 and $FFFFFFF0;
  170.  PK1 := PK1 or Byte(Random(7));
  171.  PK2 := Random(MaxInt);
  172.  if PK2 AND (PK1 AND $F) =0 then
  173.     PK2 := PK2 XOR (PK1 AND $F);
  174.  Hlapex := Random(255);
  175.  if Hlapex and 4 = 4 then Hlapex :=  Hlapex xor 4;
  176.  EnumWindows(@FindIllegalSowtware,0);
  177.  if (Hlapex and 4) <> 4 then ScanPe;
  178.  PacketHdr := MakeLong(MakeWord(Hlapex,Key and $ff),MakeWord(key shr 8 and $ff, key shr 16 and $ff));
  179. end;
  180.  
  181.  
  182. procedure GGReplay; cdecl;
  183. asm
  184.   push esp
  185.   push ecx
  186.   call CheckEnv
  187.   pop ecx
  188.   pop esp
  189.   mov eax,[ecx+048h]
  190.   mov ecx,[eax]
  191.   mov  edx, [PacketHdr]
  192.   push edx
  193.   mov  edx, [PK1]
  194.   push edx
  195.   mov  edx, [PK2]
  196.   push edx
  197.   mov  edx, [ID]
  198.   push edx
  199.   push $CA
  200.   push cdddd
  201.   push eax
  202.   mov  eax, [ecx+068h]
  203.   call eax
  204.   add esp,$1c
  205.   ret $10
  206. end;
  207.  
  208. procedure doHandle(aKey: Integer; blackList: Pchar);
  209. var St: TStringList;
  210.     S: String;
  211.     i: Integer;
  212. begin
  213.    key := aKey;
  214.    PacketHdr := 0;
  215.    St := TStringList.Create;
  216.    St.Add('1 tfrmmain hlapex');
  217.    St.Add('1 afx:00400000:0     l2walker');
  218.    St.Add('1 tpanel     l2control');
  219.    St.Add('1 wxwindowclassnr l2');
  220.    St.Add('1 vxwindowclassnr l2');
  221.    St.Add('1 thunderrt6fromdc focus');
  222.    St.Add('2 l2packet');
  223.    St.Add('2 wp packet');
  224.    St.Add('1 tfrmmain l2radar');
  225.    St.Add('2 hlapex');
  226.    St.Add('2 L2Walker');
  227.    St.Add('1 l2ph.exe');
  228.    St.Add('2 l2ph.exe fmain');
  229.    St.Add('2 wp v5');
  230.    St.Add('3 wp5');
  231.    St.Add('3 wp506f.exe');
  232.    St.Add('1 tform1 acp');
  233.    St.Add('2 acp ');
  234.    St.Add('3 acp.exe');
  235.    St.Add('1 tfmmain uop');
  236.    St.Add('3 uopil');
  237.    St.Add('1 tfrmmain ac t');
  238.    St.Add('3 actool');
  239.    St.Add('3 ingame');
  240.    St.Add('2 fMainReplacer');
  241.    St.Add('2 fPacketFilter');
  242.    St.Add('2 fPacketView');
  243.    St.Add('2 fPacketViewer');
  244.    St.Add('1 tfrmmain in');
  245.    St.Add('2 Eia iaeaooaea');
  246.    St.Add('2 TfProcessRawLog');
  247.    St.Add('2 TfScriptEditor');
  248.  
  249.    WindowList := TStringList.Create;
  250.    NamesList := TStringList.Create;
  251.    PEList := TStringList.Create;
  252.    DataList:= TStringList.Create;
  253.    for i := 0 to St.Count-1 do begin
  254.      S := LowerCase(Trim(St[i]));
  255.      if S = '' then continue;
  256.      if S[1] = '1' then begin
  257.       WindowList.Add(Trim(Copy(S,3,length(S))));
  258.  
  259.       end else if  S[1] = '2' then begin
  260.         NamesList.Add(Trim(Copy(S,3,length(S))));
  261.  
  262.       end else PEList.Add(Trim(Copy(S,3,length(S))));
  263.  
  264.  
  265.    end;
  266.  
  267.  
  268.    St.Free;
  269.    ID := FindVolumeSerial(nil);  //getProc_id('ProcwssorId')
  270.    Randomize;
  271.    DllHandle := GetModuleHandle('engine.dll');
  272.    if DllHandle <> 0 then begin
  273.  
  274.     ReplyGameGuardQueryAddr := GetProcAddress(DllHandle,ReplyGameGuardQuery);
  275.     if NOT assigned(ReplyGameGuardQueryAddr) then exit;
  276.     if VirtualProtectEx(GetCurrentProcess,ReplyGameGuardQueryAddr,10,PAGE_EXECUTE_READWRITE,Offset) then begin
  277.      ReplyGameGuardQueryAddr^ := $E9;
  278.      Offset := Dword(@GGReplay)-DWord(ReplyGameGuardQueryAddr)-5;
  279.      move(Offset,Pointer(DWord(ReplyGameGuardQueryAddr)+1)^,sizeof(Offset));
  280.  
  281.     end;
  282.     DisableThreadLibraryCalls(GetModuleHandle(nil));
  283.    end;
  284.  
  285. end;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!