API tools faq
paste
Guest User

ksophon Bypass

a guest
Aug 30th, 2022
1,707
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.42 KB | Source Code | 0 0
raw download clone embed print report
  1. @echo off
  2. title ToF ksphon_x64 Bypass
  3.  
  4. :: BatchGotAdmin
  5. :-------------------------------------
  6. REM  --> Check for permissions
  7.     IF "%PROCESSOR_ARCHITECTURE%" EQU "amd64" (
  8. >nul 2>&1 "%SYSTEMROOT%\SysWOW64\cacls.exe" "%SYSTEMROOT%\SysWOW64\config\system"
  9. ) ELSE (
  10. >nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
  11. )
  12.  
  13. REM --> If error flag set, we do not have admin.
  14. if '%errorlevel%' NEQ '0' (
  15.     echo Requesting administrative privileges...
  16.     goto UACPrompt
  17. ) else ( goto gotAdmin )
  18.  
  19. :UACPrompt
  20.     echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
  21.     set params= %*
  22.     echo UAC.ShellExecute "cmd.exe", "/c ""%~s0"" %params:"=""%", "", "runas", 1 >> "%temp%\getadmin.vbs"
  23.  
  24.    "%temp%\getadmin.vbs"
  25.    del "%temp%\getadmin.vbs"
  26.    exit /B
  27.  
  28. :gotAdmin
  29.    pushd "%CD%"
  30.    CD /D "%~dp0"
  31. :--------------------------------------    
  32.  
  33. echo Select an action:
  34. echo [1] Bypass ksphon_x64
  35. echo [2] Restore ksphon_x64
  36. set /p action="Input: "
  37. echo.
  38.  
  39. if /I "%action%"=="1" goto bypass
  40. goto restore
  41.  
  42. :bypass
  43.     set "file=C:\Windows\System32\drivers\ksophon_x64.sys"
  44.     FOR %%A IN (%file%) DO set size=%%~zA
  45.     if %size% GTR 5000000 (
  46.         echo Backing up original ksophon_x64.sys...
  47.         copy C:\Windows\System32\drivers\ksophon_x64.sys C:\Windows\System32\drivers\ksophon_x64.sys.bak
  48.         echo Deleting original ksophon_x64.sys...
  49.         del C:\Windows\System32\drivers\ksophon_x64.sys
  50.         echo Copying null.sys as new ksophon_x64.sys...
  51.         copy C:\Windows\System32\drivers\null.sys C:\Windows\System32\drivers\ksophon_x64.sys
  52.         echo Setting new ksophon_x64.sys to read only
  53.         attrib +r C:\Windows\System32\drivers\ksophon_x64.sys
  54.         echo Copying new ksophon_x64.sys to ToF Folder
  55.         copy C:\Windows\System32\drivers\ksophon_x64.sys "E:\Games\Tower Of Fantasy\Hotta\Binaries\Win64\ksophon_x64.sys"
  56.         attrib +r "E:\Games\Tower Of Fantasy\Hotta\Binaries\Win64\ksophon_x64.sys"
  57.     )else (
  58.         echo ksophon_x64.sys already bypassed...
  59.     )
  60.     goto close
  61.  
  62. :restore
  63.     if exist C:\Windows\System32\drivers\ksophon_x64.sys.bak (
  64.         echo Deleting bypassed ksophon_x64.sys...
  65.         del /f C:\Windows\System32\drivers\ksophon_x64.sys
  66.         del /f "E:\Games\Tower Of Fantasy\Hotta\Binaries\Win64\ksophon_x64.sys"
  67.         echo Restoring backup...
  68.         ren C:\Windows\System32\drivers\ksophon_x64.sys.bak ksophon_x64.sys
  69.     ) else (
  70.         echo ksophon_x64 was not previously bypassed...
  71.     )
  72.     goto close
  73.  
  74. :close
  75.     echo.
  76.     pause
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!