Jump to content


Popular Content

Showing content with the highest reputation since 23/12/18 in all areas

  1. 4 points
    Legit the most misinforming post I’ve ever seen - goes to show just how bad Aasdf really is, when he doesn’t even understand the basics of this 😂 1. fs:0xc0 is not a “TEB hook” - you just hook the KiFastSystemcall. 2. It doesn’t intercept ALL WinAPIs, only the ones that needs to trampoline into a 64-bit environment so they can elevate execution to ring0 (it’s not even that many...) 3. The entire thing you explained about how BlackCipher worked now is straight wrong :s 4. Nice credit leech Imagine spending every single of your woken hours of healthcare provided stability on trying to hack games, and yet, after 12 years of autistic attempting, continue to fail... I feel sad for you, but I suppose we aren’t all meant to succeed... in anything, ever, I guess. 🤔
  2. 1 point
    I don't think I have posted the source code here? So here. dinput8 It shows how to intercept all winapi calls from a single hook for a wow64 process. It won't work with the current version of blackcipher. For some WinApi like (NtOpenProcess,NtReadVirtualMemory,NtQueryVirtualMemory), it doesn't go through the wow64 callgate anymore (fs:c0), BlackCipher create a 64 bit thread and make it call the native syscall instead. There is 2 ntdll.dll loaded one 32 bit and the other 64 bit for a wow64 process. You now have to hook the 64 bit ntdll now. In Cheat Engine the module symbol "_NtOpenProcess" without the quotes is the 64 bit NtOpenProcess. There is an underscore before the winapi name. I have wrote a wow64 library in 2011 if anyones interested: wow64ext I gave it to my subordinate rewolf and he released it on his github.
  3. 1 point
    Hi, Puppet, Nice to meet you, I have read your NGS emulator source code, got a lot of help. I'm working on the GMS2 to emulate right now, I want to ask you two questions. firstly, I load NGClient.aes and BlackCipher.aes to call start, but the GMS2 crashed when on the eighth call. Secondly, How do you do unvirtualization of themida? Thanks your for help. Shuo.
  4. 1 point
    No aasdf isn’t me. Someone I will not name informed me of this so I had to register as forgot last account. Bye bye until someone mentions this again and I gotta clear up the smoke. I only have a macbook for my work now, I don’t have freetime like aasdf.
  5. 1 point
    I gave it to my subordinate rewolf and he released it on his github" AASDF best coder!
  6. 1 point
    Hey! Since so manny people seam to have problems building the new bypass I have made a pretty noob friendly video guide. I will continiously update this to make it easier to follow and troubleshoot. I just wanna say thanks to everyone who helped me figure all of this out in the other tutorial thread. Special thanks to Sprux, Hippo, xScritZx, Razz and DAVHEED Before you ask questions in this thread make sure they have not yet been awnserd in Hippos tutorial thread. links to his thread at the bottom of this post. What do I need? This guide requires you to have visual studio installed. Visual studio 2013 be downloded from here: https://go.microsoft.com/fwlink/?LinkId=532495&clcid=0x409 you will also need to have a MSCRC bypass installed on the computer you will use to hack. Downloads and instructions can be foud at the bottom of this post. 2 computers. or a virtual machine. Video Guide (Updated: No need for Detour!) In order to remove detour Delete this code from XignCode Client>Source>main.cpp. Delete the code that is marked in red below. The line that you should add at line 3 in XignCode CLient>Network>Client.cpp is marked in red below. Troubleshooting XignCode Host.exe closes as soon as i start it. this is because your filepath is incorrect. Dubblechect the path and copy past it to eliminate spelling errors. Make sure that the path has dubble \\ insted of singel \ by each folder. make sure that the folder name in XignCode Host>XignCode>XignCode.cpp matches your own. I needed to change it from XingCode3 to XingCode. The game sends heartbeat but the host does not reply. Check your firewall. You will need to let thrugh trafic on port 38666. To test this out ty to disabel your entire firewall on both your main computer and server computer. When building the solution i get errors if the error is simular to this: error MSB3073: The command "copy /Y "C:\XignCode3 Bypass\Release\XignCode Client.dll" "G:\Games\MapleStory (Europe)\XignCode\x3.xem" then the dll is still created and will work. if the error is simular to this: error C4996: 'inet_addr': Use inet_pton() or InetPton() instead or define _WINSOCK_DEPRECATED_NO_WARNINGS to disable deprecated API warnings then add: #define _WINSOCK_DEPRECATED_NO_WARNINGS to the top of Xingcode Client>Network>clinent.cpp document, so it will be like this: #ifndef _CRT_SECURE_NO_WARNINGS #define _CRT_SECURE_NO_WARNINGS #define _WINSOCK_DEPRECATED_NO_WARNINGS #endif Changes Removed the need for Detour, credits to Sprux for showing me this. Remade the Video so its now alot easier to follow. Added spoilers with easy to follow instructions, as a compliment to the video.
This leaderboard is set to Amsterdam/GMT+01:00


  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up