| View previous topic :: View next topic |
| Author |
Message |
h4c0r-BG
Master Cheater
 Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
 Posted: Wed Dec 05, 2007 5:31 pm Post subject: [Delphi] Changing the CRC of the program. |
 |
|
I want to make my program whenever starts to have a different CRC value.
Is there such a way / method / examples of it?
_________________
|
|
| Back to top |
|
 |
Noz3001
I'm a spammer
 Reputation: 26
Joined: 29 May 2006
Posts: 6220
Location: /dev/null
|
| Posted: Wed Dec 05, 2007 5:51 pm Post subject: |
|
|
| WriteProcessMemory
|
|
| Back to top |
|
|
h4c0r-BG
Master Cheater
Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
| Posted: Wed Dec 05, 2007 5:55 pm Post subject: |
|
|
| noz3001 wrote: | | WriteProcessMemory |
Yes thanks. I had that idea. Tried it (i simply edited some 00 00 00's with CE) but i "was detected"
It seems that what i am bypassing reads the file from the HardDrive.
So HexEditing ... would help. 
Right now i am googling for "hexedit in delphi" but with not so good results.
I hope someone can help me.
_________________
|
|
| Back to top |
|
|
Noz3001
I'm a spammer
Reputation: 26
Joined: 29 May 2006
Posts: 6220
Location: /dev/null
|
| Posted: Wed Dec 05, 2007 6:02 pm Post subject: |
|
|
| Do you need it to be different when it starts or can it change afterwards?
|
|
| Back to top |
|
|
h4c0r-BG
Master Cheater
Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
| Posted: Wed Dec 05, 2007 6:04 pm Post subject: |
|
|
| noz3001 wrote: | | Do you need it to be different when it starts or can it change afterwards? |
When starts.
_________________
|
|
| Back to top |
|
|
rapion124
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 25 Mar 2007
Posts: 1095
|
| Posted: Thu Dec 06, 2007 5:48 pm Post subject: |
|
|
| There is really no way to change the CRC. Give some more details of what you are trying to do. CRC is simply a check for consistency of a program's memory. There is no way to 'mask' the CRC without changing the memory in your program.
|
|
| Back to top |
|
|
h4c0r-BG
Master Cheater
Reputation: 0
Joined: 29 Nov 2006
Posts: 449
Location: The yogurt country
|
| Posted: Fri Dec 07, 2007 5:19 am Post subject: |
|
|
The program which is detecting me does not read the memory of the program. That means it does not matter if i changed some random bytes with Cheat Engine.
The "anticheat" looks for the file on my harddrive (which has the original/old CRC) is detecting.
So that means i want to make something like self-hexediting program.
@Startup to be changed one or two bytes (whoala a new CRC).
Does not matter if the efect of changing bytes would be active after restarting the app...
_________________
|
|
| Back to top |
|
|
linden
Master Cheater
![]() Reputation: 0
Joined: 10 Mar 2006
Posts: 319
|
| Posted: Fri Dec 07, 2007 7:30 am Post subject: |
|
|
| h4c0r-BG wrote: | | Does not matter if the efect of changing bytes would be active after restarting the app... |
It'll get quite tricky, since you can't edit the .exe file while it's running.
One way to go is...
1. You have your main program, let's call it "app A"
2. You write another program that acts as a launcher, let's call it "app B".
3. In your app A, write a function which consists of only X bytes (like more than 100 bytes so to make it significant when searching) of 'nop' instruction, using inline assembler. This function will never be called, but just include a dummy reference to it, so to make sure that it does get compiled into the binary.
4. Embed your app A into app B as a resource data.
5. Upon execution, app B will write out app A onto the disc, then search for those X bytes of 'nop' instructions and replace it with X bytes of random garbage. Then app B launches app A using CreateProcess. (Optional: You may have app B waiting for app A while it executs, and delete it upon termination for clean up  )
That will give your exe file different CRC every time it executes. Although very ugly, I think that's the easiest way to go. But just be careful, most anti-cheats are not that stupid, besides CRC, they'll look for other traces of blacklisted programs 
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
