 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Guy
Expert Cheater
![]() Reputation: 0
Joined: 30 May 2009
Posts: 187
|
 Posted: Fri Jun 19, 2009 11:02 pm Post subject: [Release] Kal El: Protecting your Applications |
 |
|
| Quote: |
I wrote a class that uses a blend of polymorphic code; something I originally wrote for another user, who had too much trouble integrating it, I figure the community could use it.
The PHP script attached will verify an account ID given over a network pipe, then return the requested function. The script should store all valuable functions in an encoded/encrypted/encoded buffer, which the client will fetch when needed, decrypt, load to stack, and execute.
For an example, check out the WinMain.cpp file, and take note of the "GetFunction" and "QueueFunction".
The kePolymorphic class is, essentially, just a large NOP; a number of random instructions are completed on each run, but the instructions don't change, only which instructions get executed. That's where I would personally store strings that should appear interesting to a potential reverser, but in all reality, do nothing of value (As seen with examples such as "@lawnmower", "@godmode", etc).
Most, if not all of the strings in the library are encoded; you'll have to modify the host encoded buffer and the request to your specific server, where the modified PHP script would be hosted.
Lastly, there is a key in the keConfig.h file, you can modify it or not; I personally would. Below is a python script for encrypting given buffers, then writing to a file, "key.txt".
| Quote: |
#!/usr/bin/python
from time import sleep
eiEncrypt_Key = [ 0xA9, 0x9F, 0x02, 0x87, 0x3A, 0x16, 0xFF, 0x6F, 0x75, 0x74 ]
eiDecrypt_Key = [ 0x74, 0x75, 0x6F, 0xFF, 0x16, 0x3A, 0x87, 0x02, 0x9F, 0xA9 ]
def eiCrypt_Encrypt( eiString ):
i = 0
while eiString[i] != 0x00:
j = 0
for l in eiEncrypt_Key:
eiString[i] ^= eiEncrypt_Key[j]
j+=1
i+=1
return eiString
def eiCrypt_Decrypt( eiCryptedString ):
i = 0
while eiCryptedString[i] != 0x00:
j = 0
for l in eiEncrypt_Key:
eiCryptedString[i] ^= eiDecrypt_Key[j]
j+=1
i+=1
return eiCryptedString
x = input()
k = 0
m = []
while k < len ( x ):
m.append ( ord( x[k] ) )
k += 1
realstring = ""
m.append ( 0x00 )
for x in eiCrypt_Encrypt(m):
if x != 0x00:
realstring += "'\\x"+str(hex(x)).strip("0x")+", "
f = open ( "key.txt", "wb" )
k = " { %s };" % realstring
f.write ( k )
f.close ( )
|
Enjoy, everybody!
|
http://www.sendspace.com/file/wnbgdq
Use it as you want, credits or not.
|
|
| Back to top |
|
 |
&Vage
Grandmaster Cheater Supreme
![]() Reputation: 0
Joined: 25 Jul 2008
Posts: 1053
|
| Posted: Sat Jun 20, 2009 9:04 am Post subject: |
|
|
| Looks like a simple xor encryption.
|
|
| Back to top |
|
|
Guy
Expert Cheater
![]() Reputation: 0
Joined: 30 May 2009
Posts: 187
|
| Posted: Sat Jun 20, 2009 11:47 am Post subject: |
|
|
| ; wrote: | | Looks like a simple xor encryption. |
It is - the idea is, keys would be extended beyond a certain point, or different algorithms altogether could be used. Remember, if you have some functions that need to be accessed quickly, using PGP for over 50 functions wouldn't be a reliable solution.
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
