Sign in to follow this  
Followers 0
Tweek

C++ To Autoit?

2 posts in this topic

#include "stdafx.h"
#include "FFF_ACC.h"
#include "socket.h"
#include <AtlBase.h>
#include <windows.h>
#include <iostream>
#include <conio.h>
#include <tlhelp32.h>
#include <tchar.h>

using namespace std;

HWND MainWindowHandle = 0;

bool InitWindowApp(HINSTANCE instanceHandle, int Show);

BOOL APIENTRY DllMain( HANDLE hModule, 
                       DWORD  ul_reason_for_call, 
                       LPVOID lpReserved
                     )
{
    switch (ul_reason_for_call)
    {
        case DLL_PROCESS_ATTACH:
        case DLL_THREAD_ATTACH:
        case DLL_THREAD_DETACH:
        case DLL_PROCESS_DETACH:
            break;
    }
    return TRUE;
}

    bool check_user(){
    
    bool result;

        // Firewall Check Removed For Security Purposes //
    
    return result;
    }

    void ban_user(char *handler){
    
        // Ban Function Removed For Security Purposes //        
        
    }



    void wconsole(const char *text,char *color){
    
        if(color == "white"){
            SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE),FOREGROUND_INTENSITY | FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
        }

        if(color == "green"){
            SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE),FOREGROUND_INTENSITY | FOREGROUND_GREEN);
        }

        if(color == "red"){
             SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE),FOREGROUND_INTENSITY | FOREGROUND_RED);
        }

    char consoleStringBuffer[2000];

    HANDLE hOut = GetStdHandle(STD_OUTPUT_HANDLE);
    DWORD dwChars;   

    sprintf(consoleStringBuffer, text);
   
    WriteConsole(hOut, consoleStringBuffer, 

    (DWORD)strlen(consoleStringBuffer), &dwChars, NULL);

    }

    void wconsole_prox(const char *text, char *color){
    
    wconsole("[","white");
    wconsole("ACC","green");
    wconsole("]: ","white");
    wconsole(text,color);
        wconsole("\r\n","white");

    }

    void reset_method(){

    wconsole_prox("Attempting to reset connection to anti-cheat system!","red");
    wconsole_prox("Please standby...","white");

        // Reset Method Removed For Security Purposes //
    
    }

    void acc_connect(){
    
    wconsole_prox("The AntiHack system will now attempt to connect to the server side.","white");
    wconsole_prox("Please standby...","white");

        // Connect Method Removed For Security Purposes //
        
        } 
    

    
    
DWORD WINAPI ThreadFunc( LPVOID lpParam )  
{ 
    AllocConsole();
    SetConsoleTitle("FlyForFame Anti-Hack Beta 0.2 | Status Window");
    
    char text[255];

    sprintf(text,"Calling: %s", reinterpret_cast<const char*>(lpParam));

    wconsole_prox("FlyForFame Anti-Hack System(Beta 0.2), Successfully Loaded!","white");
    wconsole_prox(text,"white");
    
    if(strstr(reinterpret_cast<const char*>(lpParam),"acc_connect")){
            acc_connect();
    }else{

    if(strstr(reinterpret_cast<const char*>(lpParam),"CheckUser")){
            check_user();
    }

    if(strstr(reinterpret_cast<const char*>(lpParam),"Ban0E1")){
            ban_user("E01");
    }


    if(strstr(reinterpret_cast<const char*>(lpParam),"Ban0E2")){
            ban_user("E02");
    }

    if(strstr(reinterpret_cast<const char*>(lpParam),"Ban0E3")){
            ban_user("E03");
    }


    if(strstr(reinterpret_cast<const char*>(lpParam),"Ban0E4")){
            ban_user("E04");
    }
    

    if(strstr(reinterpret_cast<const char*>(lpParam),"Ban0E5")){
            ban_user("E05");
    }else{

        acc_connect();

    }
    
    }
   return 0; 
} 



void automaton_registry(int level)
{
    
                // Automaton Registry Check //
    
    // When Automaton is installed the path to FlyFF is set here. //
    // If Automaton is run the Teleport keys are stored here. //

    // Detection Method: 0E1 //
    
    if(level == 1){
    
        CRegKey key;
        long nError = key.Open(HKEY_CURRENT_USER, "Software\\FlyFF Automaton", MB_OK);
            if(nError == ERROR_SUCCESS)
            {
      
                DWORD dwThreadId;
                char dwThrdParam[7] = "Ban0E1"; 
                HANDLE hThread; 
                hThread = CreateThread(NULL,0,ThreadFunc,&dwThrdParam,0,&dwThreadId);             
   
                MessageBox(NULL, "FlyFF Automaton has been detected!\n\nYou've now been IP/Account Banned.\n\nThe detection does not mean you were running Automaton currently.\nIt could mean it used to be on your system or still resides on your system.\n\nPrivate Message: AntiHack\nOn the forums for information on getting unbanned or why you got this message.\n\n\nDetection Method: 0E1", "FlyForFame Anti-Cheat(Beta 0.1)", MB_OK);
      
                exit(0);
    
            }

    }

                                // GameGuard Down //
    
    // If any application ever loads the gameguard down service it should popup here. //
    // I'd asume it's simply used to bypass game guard, but still can be used as a detection method. //

    // Detection Method: E02 // 

    if(level == 2){

    CRegKey key;
    long nError = key.Open(HKEY_LOCAL_MACHINE, "SYSTEM\\ControlSet001\\Enum\\Root\\LEGACY_GAMEGUARDDOWN", KEY_READ);
    if(nError == ERROR_SUCCESS)
    {
      
    DWORD dwThreadId;
    char dwThrdParam[16] = "Ban0E2"; 
    HANDLE hThread; 
    hThread = CreateThread(NULL,0,ThreadFunc,&dwThrdParam,0,&dwThreadId);       
      
    MessageBox(NULL, "GameGuard Down(FlyFF Automaton Module) has been detected!\n\nYou've now been IP/Account Banned.\n\nThe detection does not mean you were running Automaton currently.\nIt could mean it used to be on your system or still resides on your system.\n\nPrivate Message: AntiHack\nOn the forums for information on getting unbanned or why you got this message.\n\n\nDetection Method: 0E2", "FlyForFame Anti-Cheat(Beta 0.1)", MB_OK);
    exit(0);
    
    }

    }

                                // GameGuard Down //

    // I'm certain that any application that loads gameguard down would create this key. //
    // Windows uses registry in order to store services and system drivers. //
    // The catch is windows never removes these registry keys even when the service, or driver is unloaded the key remains. //
    
    // Detection Method: 0E3 // 

    if(level == 3){
    
    CRegKey key;
    long nError = key.Open(HKEY_LOCAL_MACHINE, "SYSTEM\\ControlSet001\\Services\\GameGuardDown", KEY_READ);
    if(nError == ERROR_SUCCESS)
    {
      
     DWORD dwThreadId;
     char dwThrdParam[16] = "Ban0E3"; 
     HANDLE hThread; 
     hThread = CreateThread(NULL,0,ThreadFunc,&dwThrdParam,0,&dwThreadId);   

     MessageBox(NULL, "GameGuard Down(FlyFF Automaton Module) has been detected!\n\nYou've now been IP/Account Banned.\n\nThe detection does not mean you were running Automaton currently.\nIt could mean it used to be on your system or still resides on your system.\n\nPrivate Message: AntiHack\nOn the forums for information on getting unbanned or why you got this message.\n\n\nDetection Method: 0E3", "FlyForFame Anti-Cheat(Beta 0.1)", MB_OK);
     exit(0);
    
    }

    }

    // Detection Method: 0E4 // 

    if(level == 4){

    CRegKey key;
    long n1Error = key.Open(HKEY_LOCAL_MACHINE, "SYSTEM\\ControlSet003\\Services\\GameGuardDown", KEY_READ);
    if(n1Error == ERROR_SUCCESS)
    {
      
     DWORD dwThreadId;
     char dwThrdParam[16] = "Ban0E4"; 
     HANDLE hThread; 
     hThread = CreateThread(NULL,0,ThreadFunc,&dwThrdParam,0,&dwThreadId);   

     MessageBox(NULL, "GameGuard Down(FlyFF Automaton Module) has been detected!\n\nYou've now been IP/Account Banned.\n\nThe detection does not mean you were running Automaton currently.\nIt could mean it used to be on your system or still resides on your system.\n\nPrivate Message: AntiHack\nOn the forums for information on getting unbanned or why you got this message.\n\n\nDetection Method: 0E4", "FlyForFame Anti-Cheat(Beta 0.1)", MB_OK);
     exit(0);
    
    }

    }

    // Detection Method: 0E5 //

    if(level == 5){


    CRegKey key;
    long n2Error = key.Open(HKEY_LOCAL_MACHINE, "SYSTEM\\ControlSet003\\Enum\\Root\\LEGACY_GAMEGUARDDOWN", KEY_READ);
    if(n2Error == ERROR_SUCCESS)
    {
      
    DWORD dwThreadId;
    char dwThrdParam[16] = "Ban0E5"; 
    HANDLE hThread; 
    hThread = CreateThread(NULL,0,ThreadFunc,&dwThrdParam,0,&dwThreadId);       
      
    MessageBox(NULL, "GameGuard Down(FlyFF Automaton Module) has been detected!\n\nYou've now been IP/Account Banned.\n\nThe detection does not mean you were running Automaton currently.\nIt could mean it used to be on your system or still resides on your system.\n\nPrivate Message: AntiHack\nOn the forums for information on getting unbanned or why you got this message.\n\n\nDetection Method: 0E5", "FlyForFame Anti-Cheat(Beta 0.1)", MB_OK);
    exit(0);
    
    }
     

    }

}




void antihack_connect()
{

  DWORD dwThreadId;
  char dwThrdParam[12] = "acc_connect"; 
  HANDLE hThread; 
  hThread = CreateThread(NULL,0,ThreadFunc,&dwThrdParam,0,&dwThreadId);  
 
}

void _stdcall check()
{
    // Automaton/GameGuard Down Checks //
    automaton_registry(1);
    automaton_registry(2);
    automaton_registry(3);
    automaton_registry(4);
    automaton_registry(5);

    // Connection to the anticheat server //
    antihack_connect();

}

Dear user, you can what I write in AutoIt you convert does it work?

Because if you create juhu

then I become a warrior, the Karma is a hack shield

but does not

Tu'm sorry for my bad English>. <

Share this post


Link to post
Share on other sites



Not possible. AutoIt cannot compile into dynamic link libraries.


Broken link? PM me and I'll send you the file!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0