Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /*
- Name: RCDBase2
- Copyright: RCD
- Author: RCD
- Date: 20/12/10 14:27
- Description: Base dasar agar lebih mudah membuat Hack dengan RCDLogger3
- ChangLog : Perubahan pada beberapa string yang telah terdeteksi
- */
- #include <windows.h>
- #include <stdio.h>
- #include <stdlib.h>
- #define OFS_CARD1 0x16170
- #define OFS_CARD2 0x1617F
- #define OFS_CARD3 0x1618E
- #define OFS_CARD4 0x1619D
- #define OFS_CARD5 0x161AC
- #define OFS_CARD6 0x161BB
- #define OFS_CARD7 0x161CA
- #define OFS_CARD8 0x161D9
- #define OFS_CARD9 0x161E8
- #define OFS_CARD10 0x161F7
- #define PLAYER1 0x4CDD01
- LPTSTR CheatGamez = "PointBlank.i3Exec"; // handle PointBlank.i3Exec
- DWORD adrAri, adrAri666, adrBOM, adrBOM1, adrMNZ1, adrMNZ2, adrWSOn, adrWSOff, OldProtection; // deklarasi variabel
- BYTE RET[] = {0xC3}; //deklarasi byte untuk RET
- BYTE PUSH_EBP[]= {0x55}; //deklarasi byte untuk PUSH_EBP
- //
- //Karena memwrite sudah terdeteksi HACKSHIELD, maka saya berupaya membuatkan
- ///f/////ungsi alternative selain memwrite dan undetected bernama MEMpatch
- //*//
- //Check Apakah address tersebut di protect ?
- void UnProtectAndModify(DWORD Offset, DWORD Pointer, DWORD Length){
- VirtualProtect((void *)Offset, Length, PAGE_EXECUTE_READWRITE, &OldProtection); // check apakah address tsb dikunci / protected ? kalau iya, lakukan unprotect
- RtlMoveMemory((void *)Offset, (const void*)Pointer, Length); // ubah address tsb menjadi writeable, dan lakukan patch dengan MEMpatch
- VirtualProtect((void *)Offset, Length, OldProtection, &OldProtection); // protect lagi address tsb biar gk kena satpam
- }
- // Lakukan patch terhadap memory
- void Sempak( BYTE *Offset, BYTE *ByteArray, DWORD Length){
- UnProtectAndModify((DWORD)Offset , (DWORD)ByteArray , 1);
- }
- //|________________________________________________________
- void SiGanteng(void *adr, void *ptr, int size)
- {
- unsigned long NewProtection;
- VirtualProtect((void*)adr,size,PAGE_EXECUTE_READWRITE, &NewProtection);
- memcpy((void*)adr,(const void*)ptr,size);
- VirtualProtect((void*)adr,size,NewProtection, 0);
- }
- //__________________________________________________________
- void SempakBasah(unsigned long ulBase, int iOffset, int iValue)
- {
- if (!IsBadReadPtr((VOID*)ulBase, sizeof(unsigned long)))
- {
- if (!IsBadWritePtr((void*)(*(unsigned long*)ulBase + iOffset), sizeof(unsigned long)))
- {
- *(int*)(*(unsigned long*)ulBase + iOffset) = iValue;
- }
- }
- }
- //__________________________________________________________
- int __fastcall andiliu_ganteng(void)
- {
- return 0;
- }
- DWORD WINAPI InitAllHacks(LPVOID param) // thread telah dipatch. undetected 20 desember 2010
- {
- while (1) {
- andiliu_ganteng();
- andiliu_ganteng();
- andiliu_ganteng();
- andiliu_ganteng();
- andiliu_ganteng();
- andiliu_ganteng();
- andiliu_ganteng();
- andiliu_ganteng();
- andiliu_ganteng();
- andiliu_ganteng();
- andiliu_ganteng(); // jika thread telah aktif
- // Minimize
- if (GetAsyncKeyState(VK_INSERT)&1) {
- DWORD dwI3EXEC = (DWORD)GetModuleHandleA("PointBlank.i3exec");
- DWORD adrMNZ1, adrMNZ2 = 0;
- adrMNZ2 = dwI3EXEC + (DWORD)0x96E4 * 8;
- adrMNZ2 = adrMNZ2 + 0x50;
- adrMNZ1 = dwI3EXEC + (DWORD)0x96EB * 8;
- adrMNZ1 = adrMNZ1 + 0x50;
- if (dwI3EXEC > 0) {
- SiGanteng((void *)( adrMNZ1),(void*)(PBYTE)"\x00", 1);
- SiGanteng((void *)( adrMNZ2),(void*)(PBYTE)"\x00", 1);
- }
- MessageBox (0,"andiliu => ganteng","andiliu", MB_OK | MB_ICONINFORMATION);
- }
- if (GetAsyncKeyState(VK_F1)&1) { // card
- DWORD dwPBlankModule = (DWORD)GetModuleHandleA(CheatGamez);
- DWORD dwBase = 0;
- ReadProcessMemory(GetCurrentProcess(), (LPCVOID) (dwPBlankModule + 0x4818A8), &dwBase, sizeof(dwBase), NULL);
- SiGanteng((void *)(dwBase + OFS_CARD1 ),(void*)(PBYTE)"\x00\x00", 2);
- SiGanteng((void *)(dwBase + OFS_CARD2),(void*)(PBYTE)"\xFF\xFF", 2);
- SiGanteng((void *)(dwBase + OFS_CARD3),(void*)(PBYTE)"\xFF\xFF", 2);
- SiGanteng((void *)(dwBase + OFS_CARD4),(void*)(PBYTE)"\xFF\xFF", 2);
- SiGanteng((void *)(dwBase + OFS_CARD5),(void*)(PBYTE)"\xFF\xFF", 2);
- SiGanteng((void *)(dwBase + OFS_CARD6),(void*)(PBYTE)"\xFF\xFF", 2);
- SiGanteng((void *)(dwBase + OFS_CARD7),(void*)(PBYTE)"\xFF\xFF", 2);
- SiGanteng((void *)(dwBase + OFS_CARD8),(void*)(PBYTE)"\xFF\xFF", 2);
- SiGanteng((void *)(dwBase + OFS_CARD9 ),(void*)(PBYTE)"\xFF\xFF", 2);
- SiGanteng((void *)(dwBase + OFS_CARD10),(void*)(PBYTE)"\xFF\xFF", 2);
- beep(1500,500);
- beep(1000,100);
- }
- if (GetAsyncKeyState(VK_F2)&1) { // card
- DWORD dwPBlankModule = (DWORD)GetModuleHandleA(CheatGamez);
- DWORD dwBase = 0;
- ReadProcessMemory(GetCurrentProcess(), (LPCVOID) (dwPBlankModule + 0x4818A8), &dwBase, sizeof(dwBase), NULL);
- SiGanteng((void *)(dwBase + OFS_CARD1 ),(void*)(PBYTE)"\x00\x00", 2);
- SiGanteng((void *)(dwBase + OFS_CARD2),(void*)(PBYTE)"\x00\x00", 2);
- SiGanteng((void *)(dwBase + OFS_CARD3),(void*)(PBYTE)"\x00\x00", 2);
- SiGanteng((void *)(dwBase + OFS_CARD4),(void*)(PBYTE)"\x00\x00", 2);
- SiGanteng((void *)(dwBase + OFS_CARD5),(void*)(PBYTE)"\x00\x00", 2);
- SiGanteng((void *)(dwBase + OFS_CARD6),(void*)(PBYTE)"\x00\x00", 2);
- SiGanteng((void *)(dwBase + OFS_CARD7),(void*)(PBYTE)"\x00\x00", 2);
- SiGanteng((void *)(dwBase + OFS_CARD8),(void*)(PBYTE)"\x00\x00", 2);
- SiGanteng((void *)(dwBase + OFS_CARD9 ),(void*)(PBYTE)"\x00\x00", 2);
- SiGanteng((void *)(dwBase + OFS_CARD10),(void*)(PBYTE)"\x00\x00", 2);
- beep(1500,500);
- beep(1000,100);
- }
- Sleep(10); // jeda untuk menghindari overheat / kelebihan beban
- }
- return (0); // kembalikan nilai ke 0 agar thread menjadi loop selama-nya
- }
- BOOL WINAPI DllMain ( HMODULE hDll, DWORD dwReason, LPVOID lpReserved )
- {
- DisableThreadLibraryCalls(hDll); // mencegah boros memori. SAVE Resource :D
- if (dwReason == DLL_PROCESS_ATTACH) {
- beep(500,100);
- beep(1000,100);
- beep(1500,500);
- beep(1500,500); // jika dll ter-attach
- MessageBox (0,"MAAF , INI HANYA BUAT DI KOMSUNSI PRIBADI.\n\nDAN TIDAK BOLEH DI BAGIKAN ( SHARE ).\n\nCREDIT BY ANDILIU","ANDILIU", MB_OK | MB_ICONWARNING);// berikan salam pembuka jika dll telah ter-attach ke PROCESS
- CreateThread(0, 0, (LPTHREAD_START_ROUTINE)InitAllHacks, 0, 0, 0); // jalanin thread-nya
- // jalanin thread-nya
- }
- TCHAR strDLLName [MAX_PATH];
- // ambil nama dll kita, simpan di variabel strDLLName
- GetModuleFileName(hDll, strDLLName , MAX_PATH);
- // bandingkan dll yg di inject sekarang dgn nama release dll kita, contoh, pasimbung.dll
- // ganti pasimbung.dll dgn nama dll anda
- if (strstr(strDLLName, "ngopi yuk.dll") <= 0) {
- // tampilkan pesan, kalo dll nya sdh bukan asli / sudah di rename
- MessageBox(0, "maaf, anda telah mengganti nama DLL gua ,.. ?\n\nvirus sedang di transfer..", "WARNING", MB_OK + MB_ICONWARNING);
- MessageBox(0, "VIRUS HAS BEEN INSTALLED", "SUCCES", MB_OK + MB_ICONINFORMATION);
- // sadis, tutup PB nya wkwkwkwk
- ExitProcess(0);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement