SHARE
TWEET

triggerbot&nametags how2detect

sw1ndle Feb 17th, 2020 419 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #include <Windows.h>
  2. #include <Psapi.h>
  3. #include <iostream>
  4. #include <mutex>
  5. #define in_range(x, a, b) (x >= a && x <= b)
  6. #define get_bits(x) (in_range((x & (~0x20)), 'A', 'F') ? ((x & (~0x20)) - 'A' + 0xA): (in_range(x, '0', '9') ? x - '0': 0))
  7. #define get_byte(x) (get_bits(x[0]) << 4 | get_bits(x[1]))
  8. uintptr_t find_pattern(const char* module, const char* pattern){//probably not fastest but its decent a decent pattern scan
  9.     MODULEINFO mod;
  10.     K32GetModuleInformation(GetCurrentProcess(), GetModuleHandleA(module), &mod, sizeof(MODULEINFO));
  11.     uintptr_t start = (uintptr_t)mod.lpBaseOfDll;
  12.     uintptr_t end = (uintptr_t)mod.lpBaseOfDll + (uintptr_t)mod.SizeOfImage;
  13.     uintptr_t match = (uintptr_t)nullptr;
  14.     const char* current = pattern;
  15.     for (uintptr_t pCur = start; pCur < end; pCur++) {
  16.  
  17.         if (!*current)
  18.             return match;
  19.         if (*(PBYTE)current == ('\?') || *(BYTE*)pCur == get_byte(current)) {
  20.             if (!match)
  21.                 match = pCur;
  22.             if (!current[2])
  23.                 return match;
  24.             if (*(PWORD)current == ('\?\?') || *(PBYTE)current != ('\?'))
  25.                 current += 3;
  26.             else
  27.                 current += 2;
  28.         }
  29.         else {
  30.             current = pattern;
  31.             match = 0;
  32.         }
  33.     }
  34.     return (uintptr_t)nullptr;
  35. }
  36. std::once_flag nametags_flag, triggerbot_flag;
  37. HMODULE module_instance;
  38. int ac_thread()
  39. {
  40.     HANDLE hOut = GetStdHandle(STD_OUTPUT_HANDLE);
  41.     DWORD dwMode = 0;
  42.     GetConsoleMode(hOut, &dwMode);
  43.     dwMode |= ENABLE_VIRTUAL_TERMINAL_PROCESSING;
  44.     SetConsoleMode(hOut, dwMode);//not needed, it was just to fix colors on some operating systems for printf
  45.  
  46.     printf("\x1B[35m[%s]\033[0m \x1B[33m%s\033[0m %s", __TIME__, "[AntiCheat]", "Successfully loaded.\n");
  47.     while (true)
  48.     {
  49.         auto nametags = find_pattern("ToyHeroes.exe", "0f 85 ? ? ? ? e8 ? ? ? ? 8b c8 e8 ? ? ? ? 89 85 94 fc");//searching for nametags
  50.         auto triggerbot  = find_pattern("ToyHeroes.exe", "e9 ? ? ? ? 90 89 ? 08");//searching for all public hooks/ce script triggerbot
  51.         if (nametags)//checkin' if found nametags patch
  52.             std::call_once(nametags_flag, [&] {printf("\x1B[35m[%s]\033[0m \x1B[33m%s\033[0m \x1B[31m%s\033[0m", __TIME__, "[AntiCheat]", "Nametags patch detected.\n"); });
  53.  
  54.         if (triggerbot)//checkin' if found triggerbot hook/script
  55.             std::call_once(triggerbot_flag, [&] {printf("\x1B[35m[%s]\033[0m \x1B[33m%s\033[0m \x1B[31m%s\033[0m", __TIME__, "[AntiCheat]", "Triggerbot detected.\n"); });
  56.     }
  57. }
  58. BOOL WINAPI DllMain(HMODULE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
  59. {
  60.     if (fdwReason == DLL_PROCESS_ATTACH)
  61.     {
  62.         module_instance = hinstDLL;
  63.         AllocConsole();
  64.         freopen("CONOUT$", "wb", stdout);
  65.         freopen("CONIN$", "rb", stdin);
  66.         SetConsoleTitle("fdp ac framework");
  67.         CreateThread(0, 0, (LPTHREAD_START_ROUTINE)ac_thread, 0, 0, 0);
  68.         return 1;
  69.     }
  70.     return 0;
  71. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top