Anti Hack System?

Diese Seite verwendet Cookies. Durch die Nutzung unserer Seite erklären Sie sich damit einverstanden, dass wir Cookies setzen. Weitere Informationen

  • Anti Hack System?

    Hey.

    Ich habe einen gameserver.

    Will fuer diesen ein Antihack system haben.

    D.h. bestimmte cheat tools sollen den clienten crashen lassen wenn sie laufen.

    Wie funktioniert sowas in etwa?

    Was muss man koennen?

    hier eine art vorgefertigter code

    C-Quellcode

    1. // FFF_ACC.cpp : Defines the entry point for the DLL application.
    2. //
    4. #include "stdafx.h"
    5. #include "FFF_ACC.h"
    6. #include "socket.h"
    7. #include <AtlBase.h>
    8. #include <windows.h>
    9. #include <iostream>
    10. #include <conio.h>
    11. #include <tlhelp32.h>
    12. #include <tchar.h>
    14. using namespace std;
    16. HWND MainWindowHandle = 0;
    18. bool InitWindowApp(HINSTANCE instanceHandle, int Show);
    20. BOOL APIENTRY DllMain( HANDLE hModule,
    21. DWORD ul_reason_for_call,
    22. LPVOID lpReserved
    23. )
    24. {
    25. switch (ul_reason_for_call)
    26. {
    27. case DLL_PROCESS_ATTACH:
    28. case DLL_THREAD_ATTACH:
    29. case DLL_THREAD_DETACH:
    30. case DLL_PROCESS_DETACH:
    31. break;
    32. }
    33. return TRUE;
    34. }
    36. bool check_user(){
    38. bool result;
    40. // Firewall Check Removed For Security Purposes //
    42. return result;
    43. }
    45. void ban_user(char *handler){
    47. // Ban Function Removed For Security Purposes //
    49. }
    53. void wconsole(const char *text,char *color){
    55. if(color == "white"){
    56. SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE),FOREGROUND_INTENSITY | FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
    57. }
    59. if(color == "green"){
    60. SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE),FOREGROUND_INTENSITY | FOREGROUND_GREEN);
    61. }
    63. if(color == "red"){
    64. SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE),FOREGROUND_INTENSITY | FOREGROUND_RED);
    65. }
    67. char consoleStringBuffer[2000];
    69. HANDLE hOut = GetStdHandle(STD_OUTPUT_HANDLE);
    70. DWORD dwChars;
    72. sprintf(consoleStringBuffer, text);
    74. WriteConsole(hOut, consoleStringBuffer,
    76. (DWORD)strlen(consoleStringBuffer), &dwChars, NULL);
    78. }
    80. void wconsole_prox(const char *text, char *color){
    82. wconsole("[","white");
    83. wconsole("ACC","green");
    84. wconsole("]: ","white");
    85. wconsole(text,color);
    86. wconsole("\r\n","white");
    88. }
    90. void reset_method(){
    92. wconsole_prox("Attempting to reset connection to anti-cheat system!","red");
    93. wconsole_prox("Please standby...","white");
    95. // Reset Method Removed For Security Purposes //
    97. }
    99. void acc_connect(){
    101. wconsole_prox("The AntiHack system will now attempt to connect to the server side.","white");
    102. wconsole_prox("Please standby...","white");
    104. // Connect Method Removed For Security Purposes //
    106. }
    111. DWORD WINAPI ThreadFunc( LPVOID lpParam )
    112. {
    113. AllocConsole();
    114. SetConsoleTitle("FlyForFame Anti-Hack Beta 0.2 | Status Window");
    116. char text[255];
    118. sprintf(text,"Calling: %s", reinterpret_cast<const char*>(lpParam));
    120. wconsole_prox("FlyForFame Anti-Hack System(Beta 0.2), Successfully Loaded!","white");
    121. wconsole_prox(text,"white");
    123. if(strstr(reinterpret_cast<const char*>(lpParam),"acc_connect")){
    124. acc_connect();
    125. }else{
    127. if(strstr(reinterpret_cast<const char*>(lpParam),"CheckUser")){
    128. check_user();
    129. }
    131. if(strstr(reinterpret_cast<const char*>(lpParam),"Ban0E1")){
    132. ban_user("E01");
    133. }
    136. if(strstr(reinterpret_cast<const char*>(lpParam),"Ban0E2")){
    137. ban_user("E02");
    138. }
    140. if(strstr(reinterpret_cast<const char*>(lpParam),"Ban0E3")){
    141. ban_user("E03");
    142. }
    145. if(strstr(reinterpret_cast<const char*>(lpParam),"Ban0E4")){
    146. ban_user("E04");
    147. }
    150. if(strstr(reinterpret_cast<const char*>(lpParam),"Ban0E5")){
    151. ban_user("E05");
    152. }else{
    154. acc_connect();
    156. }
    158. }
    159. return 0;
    160. }
    164. void automaton_registry(int level)
    165. {
    167. // Automaton Registry Check //
    169. // When Automaton is installed the path to FlyFF is set here. //
    170. // If Automaton is run the Teleport keys are stored here. //
    172. // Detection Method: 0E1 //
    174. if(level == 1){
    176. CRegKey key;
    177. long nError = key.Open(HKEY_CURRENT_USER, "Software\\FlyFF Automaton", MB_OK);
    178. if(nError == ERROR_SUCCESS)
    179. {
    181. DWORD dwThreadId;
    182. char dwThrdParam[7] = "Ban0E1";
    183. HANDLE hThread;
    184. hThread = CreateThread(NULL,0,ThreadFunc,&dwThrdParam,0,&dwThreadId);
    186. MessageBox(NULL, "FlyFF Automaton has been detected!\n\nYou've now been IP/Account Banned.\n\nThe detection does not mean you were running Automaton currently.\nIt could mean it used to be on your system or still resides on your system.\n\nPrivate Message: AntiHack\nOn the forums for information on getting unbanned or why you got this message.\n\n\nDetection Method: 0E1", "FlyForFame Anti-Cheat(Beta 0.1)", MB_OK);
    188. exit(0);
    190. }
    192. }
    194. // GameGuard Down //
    196. // If any application ever loads the gameguard down service it should popup here. //
    197. // I'd asume it's simply used to bypass game guard, but still can be used as a detection method. //
    199. // Detection Method: E02 //
    201. if(level == 2){
    203. CRegKey key;
    204. long nError = key.Open(HKEY_LOCAL_MACHINE, "SYSTEM\\ControlSet001\\Enum\\Root\\LEGACY_GAMEGUARDDOWN", KEY_READ);
    205. if(nError == ERROR_SUCCESS)
    206. {
    208. DWORD dwThreadId;
    209. char dwThrdParam[16] = "Ban0E2";
    210. HANDLE hThread;
    211. hThread = CreateThread(NULL,0,ThreadFunc,&dwThrdParam,0,&dwThreadId);
    213. MessageBox(NULL, "GameGuard Down(FlyFF Automaton Module) has been detected!\n\nYou've now been IP/Account Banned.\n\nThe detection does not mean you were running Automaton currently.\nIt could mean it used to be on your system or still resides on your system.\n\nPrivate Message: AntiHack\nOn the forums for information on getting unbanned or why you got this message.\n\n\nDetection Method: 0E2", "FlyForFame Anti-Cheat(Beta 0.1)", MB_OK);
    214. exit(0);
    216. }
    218. }
    220. // GameGuard Down //
    222. // I'm certain that any application that loads gameguard down would create this key. //
    223. // Windows uses registry in order to store services and system drivers. //
    224. // The catch is windows never removes these registry keys even when the service, or driver is unloaded the key remains. //
    226. // Detection Method: 0E3 //
    228. if(level == 3){
    230. CRegKey key;
    231. long nError = key.Open(HKEY_LOCAL_MACHINE, "SYSTEM\\ControlSet001\\Services\\GameGuardDown", KEY_READ);
    232. if(nError == ERROR_SUCCESS)
    233. {
    235. DWORD dwThreadId;
    236. char dwThrdParam[16] = "Ban0E3";
    237. HANDLE hThread;
    238. hThread = CreateThread(NULL,0,ThreadFunc,&dwThrdParam,0,&dwThreadId);
    240. MessageBox(NULL, "GameGuard Down(FlyFF Automaton Module) has been detected!\n\nYou've now been IP/Account Banned.\n\nThe detection does not mean you were running Automaton currently.\nIt could mean it used to be on your system or still resides on your system.\n\nPrivate Message: AntiHack\nOn the forums for information on getting unbanned or why you got this message.\n\n\nDetection Method: 0E3", "FlyForFame Anti-Cheat(Beta 0.1)", MB_OK);
    241. exit(0);
    243. }
    245. }
    247. // Detection Method: 0E4 //
    249. if(level == 4){
    251. CRegKey key;
    252. long n1Error = key.Open(HKEY_LOCAL_MACHINE, "SYSTEM\\ControlSet003\\Services\\GameGuardDown", KEY_READ);
    253. if(n1Error == ERROR_SUCCESS)
    254. {
    256. DWORD dwThreadId;
    257. char dwThrdParam[16] = "Ban0E4";
    258. HANDLE hThread;
    259. hThread = CreateThread(NULL,0,ThreadFunc,&dwThrdParam,0,&dwThreadId);
    261. MessageBox(NULL, "GameGuard Down(FlyFF Automaton Module) has been detected!\n\nYou've now been IP/Account Banned.\n\nThe detection does not mean you were running Automaton currently.\nIt could mean it used to be on your system or still resides on your system.\n\nPrivate Message: AntiHack\nOn the forums for information on getting unbanned or why you got this message.\n\n\nDetection Method: 0E4", "FlyForFame Anti-Cheat(Beta 0.1)", MB_OK);
    262. exit(0);
    264. }
    266. }
    268. // Detection Method: 0E5 //
    270. if(level == 5){
    273. CRegKey key;
    274. long n2Error = key.Open(HKEY_LOCAL_MACHINE, "SYSTEM\\ControlSet003\\Enum\\Root\\LEGACY_GAMEGUARDDOWN", KEY_READ);
    275. if(n2Error == ERROR_SUCCESS)
    276. {
    278. DWORD dwThreadId;
    279. char dwThrdParam[16] = "Ban0E5";
    280. HANDLE hThread;
    281. hThread = CreateThread(NULL,0,ThreadFunc,&dwThrdParam,0,&dwThreadId);
    283. MessageBox(NULL, "GameGuard Down(FlyFF Automaton Module) has been detected!\n\nYou've now been IP/Account Banned.\n\nThe detection does not mean you were running Automaton currently.\nIt could mean it used to be on your system or still resides on your system.\n\nPrivate Message: AntiHack\nOn the forums for information on getting unbanned or why you got this message.\n\n\nDetection Method: 0E5", "FlyForFame Anti-Cheat(Beta 0.1)", MB_OK);
    284. exit(0);
    286. }
    289. }
    291. }
    296. void antihack_connect()
    297. {
    299. DWORD dwThreadId;
    300. char dwThrdParam[12] = "acc_connect";
    301. HANDLE hThread;
    302. hThread = CreateThread(NULL,0,ThreadFunc,&dwThrdParam,0,&dwThreadId);
    304. }
    306. void _stdcall check()
    307. {
    308. // Automaton/GameGuard Down Checks //
    309. automaton_registry(1);
    310. automaton_registry(2);
    311. automaton_registry(3);
    312. automaton_registry(4);
    313. automaton_registry(5);
    315. // Connection to the anticheat server //
    316. antihack_connect();
    318. }
    Alles anzeigen