ALERT!
Click here to register with a few steps and explore all our cool stuff we have to offer!
Home
Upgrade
Credits
Help
Search
Awards
Achievements
 5091

Anti Peek Poke

by kiwi2014566 - 02-08-2019 - 08:12 PM
#1
This is a much cleaner way better than fucking with xbdm Enjoy!


Content Unlocked


typedef void* object;

__declspec(naked) object MmDbgReadCheckStub(...)
{
__asm
{
li r3, 60
nop
nop
nop
nop
nop
nop
blr
}
}

__declspec(naked) object MmDbgWriteCheckStub(...)
{
__asm
{
li r3, 61
nop
nop
nop
nop
nop
nop
blr
}
}

PVOID AntiRead(DWORD ReadAddress)
{
if ((ReadAddress & (0xFFF00000)) == 0x91E60000) return 0;
if ((ReadAddress & (0xFFFF0000)) == 0x900A0000) return 0;
else return MmDbgReadCheckStub(ReadAddress);
}

PVOID AntiWrite(DWORD ReadAddress)
{
if ((ReadAddress & (0xFFF00000)) == PUTYABASEADDRESSHERE) return 0;
if ((ReadAddress & (0xFFFF0000)) == GUESS ;)) return 0;
else return MmDbgReadCheckStub(ReadAddress);
}
byte OriginalRead[0x10];
byte OriginalWrite[0x10];
void StartHooks() {
memcpy(OriginalRead, (unsigned long*)resolveFunc("xboxkrnl.exe", 0x1AB), 0x10);
memcpy(OriginalWrite, (unsigned long*)resolveFunc("xboxkrnl.exe", 0x1AD), 0x10);
HookFunctionStart((unsigned long*)resolveFunc("xboxkrnl.exe", 0x1AB), (unsigned long*)MmDbgReadCheckStub, (unsigned long)AntiRead);
HookFunctionStart((unsigned long*)resolveFunc("xboxkrnl.exe", 0x1AD), (unsigned long*)MmDbgWriteCheckStub, (unsigned long)AntiWrite);
}

void StopHooks() {
memcpy((void*)resolveFunc("xboxkrnl.exe", 0x1AB), OriginalRead, 0x10);
memcpy((void*)resolveFunc("xboxkrnl.exe", 0x1AB), OriginalWrite, 0x10);
}

Add my Discord Kiwi2014566#9755
Reply
#2
Careful, king always wins
Reply
#3
Why are people focusing on anti-debug/anti-disasm when they don’t even know how to last?
Reply
#4
wow this seems coolio
Reply
#5
(02-08-2019 - 08:12 PM)kiwi2014566 Wrote: This is a much cleaner way better than fucking with xbdm Enjoy!


Hidden Content
You must register or login to view this content.

nice
[Image: eZYKdLc.png]
Reply
#6
yyyyyyyyyyyyyyyyyyyyyyyoooooooooooooooooooooooooooooooooooooooooo NICE

yooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
This account is currently banned
Ban reason: Leeching and Spamming is not allowed, please read the forum Rules upon your return.
(Spamming weird links in here)
Reply
#7
thanks for this im going to look at it
Reply
#8
wtf is this lol
This account is currently banned
Ban reason: Multi
Reply
#9
old, easy to bypass and most of all, not your research. How about ya stop leaking shit and instead put it to use? make some money out of your time.. this scenes gone fucking retarded, beyond levels I could of EVER imagined.
[Image: nArZdh1.png]
Discord: Tommy#4321
Ride till' I die.
Reply
#10
(08-08-2020 - 09:46 PM)Tom Wrote: old, easy to bypass and most of all, not your research. How about ya stop leaking shit and instead put it to use? make some money out of your time.. this scenes gone fucking retarded, beyond levels I could of EVER imagined.
I 100% agree with you this scene is fucked beyond repair now I believe and will only continue to get worse sadly.
Reply

Users browsing: 4 Guest(s)