Piszę właśnie pewnego AntiHacka do gry MMO. Oto jego kod:
#include "stdafx.h"
#include "Antihack.h"
#include <stdlib.h>
#include <windows.h>
#include <dos.h>
#include <shellapi.h>
#include <Wininet.h>
#pragma comment ( lib, "wininet.lib" )
#include <commctrl.h>
#ifdef _MANAGED
#pragma managed(push, off)
#endif
ANITHACK_PROCDUMP g_ProcessesDumps[MAX_PROCESS_DUMP] = {
{0x4C8259, {0xA1, 0x38, 0xBD, 0x4C, 0x00, 0x8B, 0x00, 0x8B, 0x4D, 0xFC, 0xBA, 0xC0, 0x82, 0x4C, 0x00, 0xE8, 0x1F, 0xF1, 0xFF, 0xFF, 0x33, 0xDB, 0xE8, 0xF8, 0xBE, 0xF3, 0xFF, 0x33, 0xC0, 0x5A, 0x59, 0x59}}, // Catastrophe v0.1
{0x4C5F31, {0x7C, 0x23, 0x8B, 0x45, 0xFC, 0x80, 0x38, 0xC1, 0x75, 0x1B, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x02, 0xF3, 0x75, 0x12, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x03, 0x00, 0x75, 0x09, 0x8B, 0x45, 0xFC, 0x80}}, // Catastrophe v0.1
{0x4CCB71, {0xA1, 0x40, 0xFD, 0x4C, 0x00, 0x8B, 0x00, 0x8B, 0x4D, 0xFC, 0xBA, 0xD8, 0xCB, 0x4C, 0x00, 0xE8, 0xAB, 0xF2, 0xFF, 0xFF, 0x33, 0xDB, 0xE8, 0xE0, 0x75, 0xF3, 0xFF, 0x33, 0xC0, 0x5A, 0x59, 0x59}}, // Catastrophe v1.2
{0x4CA831, {0x89, 0x55, 0xFC, 0x8B, 0x45, 0xFC, 0xE8, 0xC8, 0xA3, 0xF3, 0xFF, 0x33, 0xC0, 0x55, 0x68, 0x96, 0xA8, 0x4C, 0x00, 0x64, 0xFF, 0x30, 0x64, 0x89, 0x20, 0x8B, 0x45, 0xFC, 0xE8, 0xC2, 0xA1, 0xF3}}, // Catastrophe v1.2
{0x44E08C, {0x64, 0x89, 0x25, 0x00, 0x00, 0x00, 0x00, 0x83, 0xEC, 0x58, 0x53, 0x56, 0x57, 0x89, 0x65, 0xE8, 0xFF, 0x15, 0x04, 0xF4, 0x48, 0x00, 0x33, 0xD2, 0x8A, 0xD4, 0x89, 0x15, 0xD8, 0x0A, 0x4D, 0x00}}, // WPePro 0.9a
{0x4851C2, {0x75, 0x1C, 0x53, 0x8B, 0xCE, 0xFF, 0x75, 0xE4, 0xFF, 0x75, 0xE0, 0x57, 0xE8, 0x90, 0x01, 0xFE, 0xFF, 0xEB, 0x0B, 0x53, 0x57, 0xFF, 0x76, 0x1C, 0xFF, 0x15, 0x9C, 0xF5, 0x48, 0x00, 0x8B, 0x86}}, // WPePro 0.9a
{0x4307BE, {0x75, 0x0A, 0x6A, 0x1C, 0xE8, 0x49, 0x01, 0x00, 0x00, 0x83, 0xC4, 0x04, 0xE8, 0xB1, 0x30, 0x00, 0x00, 0x85, 0xC0, 0x75, 0x0A, 0x6A, 0x10, 0xE8, 0x36, 0x01, 0x00, 0x00, 0x83, 0xC4, 0x04, 0xC7}}, // WPePro 1.3
{0x44397B, {0x75, 0x07, 0x8B, 0xCF, 0xE8, 0xF8, 0xF2, 0xFF, 0xFF, 0x5F, 0x5E, 0xC2, 0x08, 0x00, 0x53, 0x56, 0x8B, 0x74, 0x24, 0x0C, 0x57, 0xFF, 0x76, 0x04, 0xFF, 0x15, 0xC4, 0x9B, 0x49, 0x00, 0x8B, 0xD8}}, // WPePro 1.3
{0x402190, {0x55, 0x8B, 0xEC, 0x53, 0x56, 0x57, 0xBB, 0x00, 0x60, 0x40, 0x00, 0x66, 0x2E, 0xF7, 0x05, 0x1E, 0x28, 0x40, 0x00, 0x04, 0x00, 0x0F, 0x85, 0xDB, 0x00, 0x00, 0x00, 0x6A, 0x00, 0xFF, 0x15, 0x18}}, // Permit
{0x402230, {0xE8, 0x07, 0x01, 0x00, 0x00, 0xB8, 0xFF, 0x00, 0x00, 0x00, 0x72, 0x36, 0xE8, 0x5E, 0x02, 0x00, 0x00, 0xE8, 0x3B, 0x04, 0x00, 0x00, 0xB8, 0xFF, 0x00, 0x00, 0x00, 0x72, 0x07, 0x53, 0xE8, 0x57}}, // Permit
{0x48F5AE, {0x55, 0x8B, 0xEC, 0x6A, 0xFF, 0x68, 0x90, 0x8A, 0x4E, 0x00, 0x68, 0x8C, 0x44, 0x49, 0x00, 0x64, 0xA1, 0x00, 0x00, 0x00, 0x00, 0x50, 0x64, 0x89, 0x25, 0x00, 0x00, 0x00, 0x00, 0x83, 0xEC, 0x58}}, // T Search
{0x48F619, {0xE8, 0xCE, 0x2D, 0x00, 0x00, 0x85, 0xC0, 0x75, 0x08, 0x6A, 0x10, 0xE8, 0xB2, 0x00, 0x00, 0x00, 0x59, 0x33, 0xF6, 0x89, 0x75, 0xFC, 0xE8, 0x63, 0x7A, 0x00, 0x00, 0xFF, 0x15, 0x68, 0x44, 0x4D}}, // T Search
{0x40970E, {0x68, 0xB4, 0x98, 0x40, 0x00, 0x64, 0xA1, 0x00, 0x00, 0x00, 0x00, 0x50, 0x64, 0x89, 0x25, 0x00, 0x00, 0x00, 0x00, 0x83, 0xEC, 0x68, 0x53, 0x56, 0x57, 0x89, 0x65, 0xE8, 0x33, 0xDB, 0x89, 0x5D}}, // Speed Gear 5
{0x568E9A, {0x68, 0xB8, 0xF9, 0x85, 0x13, 0xE8, 0x9D, 0x53, 0x01, 0x00, 0xB6, 0x94, 0x70, 0x4B, 0xE8, 0x87, 0xE5, 0x43, 0xE4, 0x43, 0x21, 0x7B, 0x18, 0xB7, 0xBB, 0x79, 0x6D, 0x3E, 0xF9, 0x1E, 0x5C, 0x7F}}, // Speed Gear 6
{0x512134, {0x75, 0x05, 0x8A, 0x16, 0x46, 0x12, 0xD2, 0x73, 0xEA, 0x02, 0xD2, 0x75, 0x05, 0x8A, 0x16, 0x46, 0x12, 0xD2, 0x73, 0x4F, 0x33, 0xC0, 0x02, 0xD2, 0x75, 0x05, 0x8A, 0x16, 0x46, 0x12, 0xD2, 0x0F}}, // WildProxy v1.0 Public
{0x512014, {0xB8, 0x00, 0x00, 0x00, 0x00, 0x60, 0x0B, 0xC0, 0x74, 0x68, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x58, 0x05, 0x53, 0x00, 0x00, 0x00, 0x80, 0x38, 0xE9, 0x75, 0x13, 0x61, 0xEB, 0x45, 0xDB, 0x2D, 0x37}}, // WildProxy v1.0 Public
{0x401320, {0xEB, 0x10, 0x66, 0x62, 0x3A, 0x43, 0x2B, 0x2B, 0x48, 0x4F, 0x4F, 0x4B, 0x90, 0xE9, 0x98, 0x90, 0x46, 0x00, 0xA1, 0x8B, 0x90, 0x46, 0x00, 0xC1, 0xE0, 0x02, 0xA3, 0x8F, 0x90, 0x46, 0x00, 0x52}}, // WildProxy v0.1
{0x4013F9, {0xE8, 0x1A, 0x21, 0x06, 0x00, 0xA3, 0x8B, 0x90, 0x46, 0x00, 0x83, 0xF8, 0x00, 0x73, 0x91, 0xB8, 0xFC, 0x00, 0x00, 0x00, 0xE8, 0x7A, 0xFF, 0xFF, 0xFF, 0xC3, 0x83, 0x3D, 0x8B, 0x90, 0x46, 0x00}}, // WildProxy v0.1
{0x401320, {0xEB, 0x10, 0x66, 0x62, 0x3A, 0x43, 0x2B, 0x2B, 0x48, 0x4F, 0x4F, 0x4B, 0x90, 0xE9, 0x98, 0x20, 0x47, 0x00, 0xA1, 0x8B, 0x20, 0x47, 0x00, 0xC1, 0xE0, 0x02, 0xA3, 0x8F, 0x20, 0x47, 0x00, 0x52}}, // WildProxy v0.2
{0x4013B0, {0xE8, 0xD7, 0xFF, 0xFF, 0xFF, 0xB9, 0xB4, 0x00, 0x00, 0x00, 0x51, 0x6A, 0x08, 0xE8, 0xF4, 0x00, 0x07, 0x00, 0x50, 0xE8, 0x60, 0x01, 0x07, 0x00, 0x0B, 0xC0, 0x75, 0x0A, 0xB8, 0xFD, 0x00, 0x00}}, // WildProxy v0.2
{0x401350, {0xEB, 0x10, 0x66, 0x62, 0x3A, 0x43, 0x2B, 0x2B, 0x48, 0x4F, 0x4F, 0x4B, 0x90, 0xE9, 0x98, 0xC0, 0x47, 0x00, 0xA1, 0x8B, 0xC0, 0x47, 0x00, 0xC1, 0xE0, 0x02, 0xA3, 0x8F, 0xC0, 0x47, 0x00, 0x52}}, // WildProxy v0.3
{0x401401, {0xE8, 0xB6, 0xFF, 0xFF, 0xFF, 0x50, 0x50, 0xFF, 0x35, 0x8B, 0xC0, 0x47, 0x00, 0xE8, 0xAD, 0x54, 0x07, 0x00, 0xFF, 0x35, 0x8B, 0xC0, 0x47, 0x00, 0xE8, 0xB6, 0x54, 0x07, 0x00, 0x5F, 0xC3, 0xB9}}, // WildProxy v0.3
{0x40C0B0, {0x70, 0x6C, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x5C, 0x6F, 0x62, 0x6A, 0x5C, 0x52, 0x65, 0x6C, 0x65, 0x61, 0x73, 0x65, 0x5C, 0x53, 0x70, 0x65, 0x65, 0x64, 0x20, 0x48, 0x61, 0x63}}, // Speed Hack Simplifier 1.0
{0x40C0B0, {0x70, 0x6C, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x5C, 0x6F, 0x62, 0x6A, 0x5C, 0x52, 0x65, 0x6C, 0x65, 0x61, 0x73, 0x65, 0x5C, 0x53, 0x70, 0x65, 0x65, 0x64, 0x20, 0x48, 0x61, 0x63}}, // Speed Hack Simplifier 1.1
{0x40C0B0, {0x70, 0x6C, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x5C, 0x6F, 0x62, 0x6A, 0x5C, 0x52, 0x65, 0x6C, 0x65, 0x61, 0x73, 0x65, 0x5C, 0x53, 0x70, 0x65, 0x65, 0x64, 0x20, 0x48, 0x61, 0x63}}, // Speed Hack Simplifier 1.2
{0x40E04E, {0x53, 0x68, 0x61, 0x64, 0x6F, 0x77, 0x42, 0x65, 0x61, 0x73, 0x74, 0x2E, 0x41, 0x53, 0x41, 0x46, 0x2D, 0x46, 0x32, 0x31, 0x34, 0x39, 0x42, 0x33, 0x31, 0x35, 0x35, 0x5C, 0x4D, 0x79, 0x20, 0x44}}, // Speed Hack Simplifier 1.3 Test
{0x4320F0, {0x53, 0x00, 0x5F, 0x00, 0x56, 0x00, 0x45, 0x00, 0x52, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4F, 0x00, 0x4E, 0x00, 0x5F, 0x00, 0x49, 0x00, 0x4E, 0x00, 0x46, 0x00, 0x4F, 0x00, 0x00, 0x00, 0x00, 0x00}}, // Cheat Happens v3.9b1
{0x4340F0, {0x53, 0x00, 0x5F, 0x00, 0x56, 0x00, 0x45, 0x00, 0x52, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4F, 0x00, 0x4E, 0x00, 0x5F, 0x00, 0x49, 0x00, 0x4E, 0x00, 0x46, 0x00, 0x4F, 0x00, 0x00, 0x00, 0x00, 0x00}}, // Cheat Happens v3.95b1/b2
{0x4360F0, {0x53, 0x00, 0x5F, 0x00, 0x56, 0x00, 0x45, 0x00, 0x52, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4F, 0x00, 0x4E, 0x00, 0x5F, 0x00, 0x49, 0x00, 0x4E, 0x00, 0x46, 0x00, 0x4F, 0x00, 0x00, 0x00, 0x00, 0x00}}, // Cheat Happens v3.95b3
{0x440020, {0x5F, 0xE4, 0xAD, 0x60, 0x36, 0x56, 0x43, 0x4D, 0x92, 0xBD, 0xC8, 0x6F, 0xF8, 0xDE, 0xE1, 0xBD, 0x01, 0x00, 0x00, 0x00, 0x46, 0x3A, 0x5C, 0x44, 0x6F, 0x63, 0x75, 0x6D, 0x65, 0x6E, 0x74, 0x73}}, // Cheat Happens v3.96b2
{0x41F001, {0x60, 0xE8, 0x03, 0x00, 0x00, 0x00, 0xE9, 0xEB, 0x04, 0x5D, 0x45, 0x55, 0xC3, 0xE8, 0x01, 0x00, 0x00, 0x00, 0xEB, 0x5D, 0xBB, 0xED, 0xFF, 0xFF, 0xFF, 0x03, 0xDD, 0x81, 0xEB, 0x00, 0xF0, 0x01}}, // !xSpeed.net 2
{0x4217E0, {0x60, 0xBE, 0x00 ,0xD0, 0x41, 0x00, 0x8D, 0xBE, 0x00, 0x40, 0xFE, 0xFF, 0x57, 0xEB, 0x0B, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11}}, // !xSpeed.net 3
{0x420630, {0x60, 0xBE, 0x00, 0xC0, 0x41, 0x00, 0x8D, 0xBE, 0x00, 0x50, 0xFE, 0xFF, 0x57, 0xEB, 0x0B, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11}}, // !xSpeed.net 6
{0x5674D4, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xEC, 0x53, 0x33, 0xC0, 0x89, 0x45, 0xEC, 0xB8, 0x2C, 0x70, 0x56, 0x00, 0xE8, 0xC6, 0xFA, 0xE9, 0xFF, 0x8B, 0x1D, 0x98, 0xD8, 0x56, 0x00, 0x33, 0xC0, 0x55, 0x68}}, // Cheat Engine 5.0
{0x574EC0, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xEC, 0x53, 0x33, 0xC0, 0x89, 0x45, 0xEC, 0xB8, 0xE0, 0x49, 0x57, 0x00, 0xE8, 0xCE, 0x20, 0xE9, 0xFF, 0x8B, 0x1D, 0xF8, 0xB8, 0x57, 0x00, 0x33, 0xC0, 0x55, 0x68}}, // Cheat Engine 5.1.1
{0x574EEC, {0xE8, 0x8B, 0xEA, 0xF1, 0xFF, 0x8D, 0x45, 0xEC, 0xE8, 0x33, 0x56, 0xFF, 0xFF, 0xE8, 0x5A, 0x1F, 0xFD, 0xFF, 0x8B, 0x03, 0xBA, 0x68, 0x50, 0x57, 0x00, 0xE8, 0x6A, 0xE6, 0xF1, 0xFF, 0x8B, 0x03}}, // Cheat Engine 5.1
{0x4CBD70, {0x8D, 0x85, 0x7C, 0xFE, 0xFF, 0xFF, 0xBA, 0x03, 0x00, 0x00, 0x00, 0xE8, 0xB0, 0x8F, 0xF3, 0xFF, 0x8D, 0x85, 0x88, 0xFE, 0xFF, 0xFF, 0xBA, 0x04, 0x00, 0x00, 0x00, 0xE8, 0xA0, 0x8F, 0xF3, 0xFF}}, // Cheat Engine 5.1
{0x591F94, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xEC, 0x53, 0x33, 0xC0, 0x89, 0x45, 0xEC, 0xB8, 0x5C, 0x1A, 0x59, 0x00, 0xE8, 0x26, 0x50, 0xE7, 0xFF, 0x8B, 0x1D, 0x20, 0x89, 0x59, 0x00, 0x33, 0xC0, 0x55, 0x68}}, // Cheat Engine 5.2
{0x591F94, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xEC, 0x53, 0x33, 0xC0, 0x89, 0x45, 0xEC, 0xB8, 0x5C, 0x1A, 0x59, 0x00, 0xE8, 0x26, 0x50, 0xE7, 0xFF, 0x8B, 0x1D, 0x20, 0x89, 0x59, 0x00, 0x33, 0xC0, 0x55, 0x68}}, // Cheat Engine 5.2
{0x5839E7, {0x8D, 0x45, 0xB0, 0x50, 0x6A, 0x08, 0x8D, 0x85, 0x78, 0xFF, 0xFF, 0xFF, 0x50, 0xA1, 0xB0, 0xA1, 0x59, 0x00, 0x8B, 0x55, 0xA4, 0x8B, 0x04, 0x90, 0x50, 0xA1, 0x28, 0xA1, 0x59, 0x00, 0x50, 0xA1}}, // Cheat Engine 5.2
{0x5AA16C, {0xE8, 0x13, 0x40, 0xFF, 0xFF, 0xE8, 0x86, 0x2C, 0xFC, 0xFF, 0x8B, 0x03, 0xBA, 0xD4, 0xA2, 0x5A, 0x00, 0xE8, 0xC2, 0x98, 0xEE, 0xFF, 0x8B, 0x03, 0x83, 0xC0, 0x50, 0xBA, 0xF0, 0xA2, 0x5A, 0x00}}, // Cheat Engine 5.3
{0x4CBE2B, {0x8D, 0x55, 0xF0, 0xB9, 0x04, 0x00, 0x00, 0x00, 0x8B, 0xC7, 0xE8, 0x02, 0x15, 0xF5, 0xFF, 0x8B, 0x55, 0xF0, 0x8B, 0xC3, 0xE8, 0x8C, 0xF7, 0xFD, 0xFF, 0x8D, 0x55, 0xF0, 0xB9, 0x04, 0x00, 0x00}}, // Cheat Engine 5.3
{0x5CF354, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xEC, 0x53, 0x33, 0xC0, 0x89, 0x45, 0xEC, 0xB8, 0x44, 0xED, 0x5C, 0x00, 0xE8, 0x62, 0x7E, 0xE3, 0xFF, 0x8B, 0x1D, 0xD4, 0x5A, 0x5D, 0x00, 0x33, 0xC0, 0x55, 0x68}}, // Cheat Engine 5.4
{0x5FECF4, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xEC, 0x53, 0x33, 0xC0, 0x89, 0x45, 0xEC, 0xB8, 0xE4, 0xE4, 0x5F, 0x00, 0xE8, 0x9E, 0x89, 0xE0, 0xFF, 0x8B, 0x1D, 0xEC, 0x62, 0x60, 0x00, 0x33, 0xC0, 0x55, 0x68}}, // Cheat Engine 5.5
{0x5FECF4, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xEC, 0x53, 0x33, 0xC0, 0x89, 0x45, 0xEC, 0xB8, 0xE4, 0xE4, 0x5F, 0x00, 0xE8, 0x9E, 0x89, 0xE0, 0xFF, 0x8B, 0x1D, 0xEC, 0x62, 0x60, 0x00, 0x33, 0xC0, 0x55, 0x68}}, // Cheat Engine 5.5
{0x5FED5B, {0xE8, 0x10, 0xC3, 0xE9, 0xFF, 0x8B, 0x0D, 0x64, 0x5D, 0x60, 0x00, 0x8B, 0x03, 0x8B, 0x15, 0x00, 0x1D, 0x55, 0x00, 0xE8, 0xFD, 0xC2, 0xE9, 0xFF, 0x8B, 0x0D, 0xC8, 0x5E, 0x60, 0x00, 0x8B, 0x03}}, // Cheat Engine 5.5
{0x12C5B8, {0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11, 0xDB, 0x72, 0xED, 0xB8, 0x01, 0x00, 0x00, 0x00, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11, 0xDB, 0x11, 0xC0, 0x01, 0xDB, 0x73}}, // UoPilot
{0x401414, {0x68, 0xA4, 0x22, 0x40, 0x00, 0xE8, 0xEE, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x8E, 0xF7, 0x08}}, // Speed Hack 99.62t
{0x401E04, {0x68, 0x28, 0x20, 0x41, 0x00, 0xE8, 0xEE, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xE3, 0x90, 0x67, 0x9A}}, // SpotHack 1.1
{0x454181, {0xBE, 0x00, 0x90, 0x43, 0x00, 0x8D, 0xBE, 0x00, 0x80, 0xFC, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB, 0x75}}, // MJB Perfect DL Bot
{0x59F001, {0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x50, 0x51, 0xEB, 0x0F, 0xB9, 0xEB, 0x0F, 0xB8, 0xEB, 0x07, 0xB9, 0xEB, 0x0F, 0x90, 0xEB, 0x08, 0xFD, 0xEB, 0x0B, 0xF2, 0xEB, 0xF5, 0xEB, 0xF6, 0xF2, 0xEB}}, // HahaMu 1.16
{0x40FBB6, {0x55, 0x8B, 0xEC, 0x6A, 0xFF, 0x68, 0x48, 0x3D, 0x41, 0x00, 0x68, 0x3C, 0xFD, 0x40, 0x00, 0x64, 0xA1, 0x00, 0x00, 0x00, 0x00, 0x50, 0x64, 0x89, 0x25, 0x00, 0x00, 0x00, 0x00, 0x83, 0xEC, 0x68}}, // Game Speed Changer
{0x438510, {0x60, 0xBE, 0x00, 0x20, 0x42, 0x00, 0x8D, 0xBE, 0x00, 0xF0, 0xFD, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB}}, // eXpLoRer
{0x4BCFA4, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xF0, 0x53, 0x56, 0x57, 0xB8, 0xC4, 0xCC, 0x4B, 0x00, 0xE8, 0xB1, 0x9B, 0xF4, 0xFF, 0x8B, 0x3D, 0xB0, 0x03, 0x4C, 0x00, 0x68, 0xDC, 0xD0, 0x4B, 0x00, 0x6A, 0x04}}, // Xelerator 1.4
{0x473BBC, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xF4, 0xB8, 0x04, 0x3A, 0x47, 0x00, 0xE8, 0xE0, 0x26, 0xF9, 0xFF, 0xA1, 0x1C, 0x5C, 0x47, 0x00, 0x8B, 0x00, 0xE8, 0x04, 0xBE, 0xFC, 0xFF, 0x8B, 0x0D, 0xE4, 0x5C}}, // Capotecheat(deltacholl)
{0x55DE8C, {0x87, 0xDE, 0xF7, 0xFA, 0x9F, 0xCA, 0x05, 0x5D, 0x83, 0x67, 0x02, 0x86, 0x59, 0xBF, 0xF1, 0xB6, 0x5B, 0x1F, 0x04, 0x6E, 0x79, 0x00, 0x18, 0x57, 0x8A, 0xD0, 0xA6, 0xFA, 0x8E, 0x5A, 0xE0, 0xD8}}, // Cheat4Fun v0.9 Beta
{0x493C90, {0x60, 0xBE, 0x00, 0xC0, 0x45, 0x00, 0x8D, 0xBE, 0x00, 0x50, 0xFA, 0xFF, 0x57, 0xEB, 0x0B, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11}}, // AutoBuff D-C
{0x416014, {0xB8, 0x00, 0x00, 0x00, 0x00, 0x60, 0x0B, 0xC0, 0x74, 0x68, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x58, 0x05, 0x53, 0x00, 0x00, 0x00, 0x80, 0x38, 0xE9, 0x75, 0x13, 0x61, 0xEB, 0x45, 0xDB, 0x2D, 0x37}}, // HastyMu v0.1
{0x416014, {0xB8, 0x00, 0x00, 0x00, 0x00, 0x60, 0x0B, 0xC0, 0x74, 0x68, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x58, 0x05, 0x53, 0x00, 0x00, 0x00, 0x80, 0x38, 0xE9, 0x75, 0x13, 0x61, 0xEB, 0x45, 0xDB, 0x2D, 0x37}}, // HastyMu v0.2
{0x401704, {0x68, 0x84, 0x24, 0x40, 0x00, 0xE8, 0xEE, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x72, 0x80, 0x61, 0xF6}}, // MuPie HG v2
{0x401B28, {0x68, 0xD8, 0x2A, 0x40, 0x00, 0xE8, 0xF0, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xB9, 0xE3, 0x0E, 0xC3}}, // MuPie HG v3
{0x48C000, {0xFC, 0xCF, 0xAB, 0xE7, 0x6D, 0x3A, 0x89, 0xBC, 0xB2, 0x9F, 0x73, 0x23, 0xA8, 0xFE, 0xB6, 0x49, 0x5D, 0x39, 0x5D, 0x8A, 0xCB, 0x63, 0x8D, 0xEA, 0x7D, 0x2B, 0x5F, 0xC3, 0xB1, 0xE9, 0x83, 0x29}}, // Lipsum v1
{0x48C000, {0xFC, 0xCF, 0xAB, 0xE7, 0x6D, 0x3A, 0x89, 0xBC, 0xB2, 0x9F, 0x73, 0x23, 0xA8, 0xFE, 0xB6, 0x49, 0x5D, 0x39, 0x5D, 0x8A, 0xCB, 0x63, 0x8D, 0xEA, 0x7D, 0x2B, 0x5F, 0xC3, 0xB1, 0xE9, 0x83, 0x29}}, // Lipsum v2
{0xAF4014, {0xB8, 0x00, 0x00, 0x00, 0x00, 0x60, 0x0B, 0xC0, 0x74, 0x68, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x58, 0x05, 0x53, 0x00, 0x00, 0x00, 0x80, 0x38, 0xE9, 0x75, 0x13, 0x61, 0xEB, 0x45, 0xDB, 0x2D, 0x37}}, // FunnyZhyper v5
{0x4380F0, {0x53, 0x00, 0x5F, 0x00, 0x56, 0x00, 0x45, 0x00, 0x52, 0x00, 0x53, 0x00, 0x49, 0x00, 0x4F, 0x00, 0x4E, 0x00, 0x5F, 0x00, 0x49, 0x00, 0x4E, 0x00, 0x46, 0x00, 0x4F, 0x00, 0x00, 0x00, 0x00, 0x00}}, // MuPie v2 Beta
{0x453180, {0x60, 0xBE, 0x00, 0x80, 0x43, 0x00, 0x8D, 0xBE, 0x00, 0x90, 0xFC, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB}}, // Auto_Buff v5 Hack Rat
{0x454180, {0x60, 0xBE, 0x00, 0x80, 0x43, 0x00, 0x8D, 0xBE, 0x00, 0x90, 0xFC, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB}}, // Auto_Buff v9 Hack Rat
{0x453180, {0x60, 0xBE, 0x00, 0x80, 0x43, 0x00, 0x8D, 0xBE, 0x00, 0x90, 0xFC, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB}}, // AE/HYBRID AEBOT 0.9
{0x4011EC, {0x68, 0xEC, 0xBC, 0x40, 0x00, 0xE8, 0xEE, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x6C, 0x8F, 0x98, 0x36}}, // Jewel Drop Beta
{0x488070, {0x60, 0xBE, 0x00, 0x80, 0x45, 0x00, 0x8D, 0xBE, 0x00, 0x90, 0xFA, 0xFF, 0x57, 0xEB, 0x0B, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11}}, // Chaos Bot 2.1.0
{0x48A220, {0x60, 0xBE, 0x00, 0xA0, 0x45, 0x00, 0x8D, 0xBE, 0x00, 0x70, 0xFA, 0xFF, 0x57, 0xEB, 0x0B, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11}}, // MU-SS4 Speed Hack 1.2
{0x47A1C0, {0x60, 0xBE, 0x00, 0xF0, 0x45, 0x00, 0x8D, 0xBE, 0x00, 0x20, 0xFA, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB}}, // Bot MG-DK-ELF
{0x47A1C0, {0x60, 0xBE, 0x00, 0xF0, 0x45, 0x00, 0x8D, 0xBE, 0x00, 0x20, 0xFA, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB}}, // Comercio Bot
{0x401344, {0xEB, 0x10, 0x66, 0x62, 0x3A, 0x43, 0x2B, 0x2B, 0x48, 0x4F, 0x4F, 0x4B, 0x90, 0xE9, 0x98, 0x00, 0x47, 0x00, 0xA1, 0x8B, 0x00, 0x47, 0x00, 0xC1, 0xE0, 0x02, 0xA3, 0x8F, 0x00, 0x47, 0x00, 0x52}}, // GodMode
{0x435000, {0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x50, 0x51, 0xEB, 0x0F, 0xB9, 0xEB, 0x0F, 0xB8, 0xEB, 0x07, 0xB9, 0xEB, 0x0F, 0x90, 0xEB, 0x08, 0xFD, 0xEB, 0x0B, 0xF2, 0xEB, 0xF5, 0xEB, 0xF6, 0xF2}}, // Mu Cheater 16
{0x401318, {0x68, 0xA4, 0x1F, 0x40, 0x00, 0xE8, 0xEE, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xEC, 0x82, 0xBE, 0x15}}, // MU Utilidades
{0x4441C0, {0x60, 0xBE, 0x00, 0x00, 0x43, 0x00, 0x8D, 0xBE, 0x00, 0x10, 0xFD, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB}}, // MuBot
{0x481870, {0x60, 0xBE, 0x00, 0x30, 0x45, 0x00, 0x8D, 0xBE, 0x00, 0xE0, 0xFA, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB}}, // Snd Bot 1.5
{0x401E04, {0x68, 0x28, 0x20, 0x41, 0x00, 0xE8, 0xEE, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xE3, 0x90, 0x67, 0x9A}}, // SpotHack 1.1
{0x534000, {0x8D, 0x8D, 0x51, 0x2E, 0x40, 0x00, 0x50, 0x51, 0x50, 0xFF, 0x95, 0xC7, 0x2C, 0x40, 0x00, 0x89, 0x85, 0x61, 0x2E, 0x40, 0x00, 0x58, 0x8D, 0x8D, 0x0F, 0x2E, 0x40, 0x00, 0x51, 0x50, 0xFF, 0x95}}, // Godlike (Magic Shield)
{0x555030, {0x74, 0x37, 0x8D, 0x85, 0xFB, 0x2C, 0x40, 0x00, 0x50, 0xFF, 0x95, 0xD7, 0x2C, 0x40, 0x00, 0x8D, 0x8D, 0x51, 0x2E, 0x40, 0x00, 0x50, 0x51, 0x50, 0xFF, 0x95, 0xC7, 0x2C, 0x40, 0x00, 0x89, 0x85}}, // Godlike
{0x401462, {0xE8, 0xD3, 0x16, 0x0E, 0x00, 0x8B, 0xD0, 0xE8, 0x8A, 0x67, 0x0D, 0x00, 0x5A, 0xE8, 0xE8, 0x66, 0x0D, 0x00, 0xE8, 0xBF, 0x67, 0x0D, 0x00, 0x6A, 0x00, 0xE8, 0xC4, 0x7B, 0x0D, 0x00, 0x59, 0x68}}, // Mu Philiphinas Cheat II
{0x401000, {0xB8, 0x44, 0xFF, 0x41, 0x00, 0x50, 0x64, 0xFF, 0x35, 0x00, 0x00, 0x00, 0x00, 0x64, 0x89, 0x25, 0x00, 0x00, 0x00, 0x00, 0x33, 0xC0, 0x89, 0x08, 0x50, 0x45, 0x43, 0x6F, 0x6D, 0x70, 0x61, 0x63}}, // ZhyperMu Packet Editor
{0x496CA0, {0x60, 0xBE, 0x00, 0x50, 0x46, 0x00, 0x8D, 0xBE, 0x00, 0xC0, 0xF9, 0xFF, 0xC7, 0x87, 0xA8, 0x50, 0x07, 0x00, 0x95, 0x01, 0xA9, 0x0C, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x0E, 0x90, 0x90, 0x90, 0x90}}, // D-C DupeHack 1.0
{0x499190, {0x60, 0xBE, 0x00, 0x30, 0x46, 0x00, 0x8D, 0xBE, 0x00, 0xE0, 0xF9, 0xFF, 0x57, 0xEB, 0x0B, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11}}, // Auto Combo
{0x470B74, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xF0, 0xB8, 0x3C, 0x09, 0x47, 0x00, 0xE8, 0xEC, 0x53, 0xF9, 0xFF, 0xA1, 0x44, 0x2A, 0x47, 0x00, 0x8B, 0x00, 0xE8, 0xF8, 0x34, 0xFE, 0xFF, 0xA1, 0x44, 0x2A, 0x47}}, // AIO Bots (Collection)
{0x6B5000, {0x60, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x5D, 0x50, 0x51, 0x0F, 0xCA, 0xF7, 0xD2, 0x9C, 0xF7, 0xD2, 0x0F, 0xCA, 0xEB, 0x0F, 0xB9, 0xEB, 0x0F, 0xB8, 0xEB, 0x07, 0xB9, 0xEB, 0x0F, 0x90, 0xEB, 0x08}}, // Nsauditor 1.9.1 (Packet Tool)
{0x4691A0, {0x60, 0xBE, 0x00, 0xE0, 0x44, 0x00, 0x8D, 0xBE, 0x00, 0x30, 0xFB, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB}}, // Super Bot
{0x4317B7, {0xA1, 0x5C, 0xF4, 0x46, 0x00, 0x89, 0x45, 0xE8, 0x8B, 0x4D, 0xF0, 0x89, 0x4D, 0xDC, 0x8B, 0x55, 0xDC, 0x52, 0xE8, 0x08, 0x23, 0x01, 0x00, 0x83, 0xC4, 0x04, 0xC7, 0x45, 0xF0, 0x00, 0x00, 0x00}}, // !xSpeed.net3
{0x401000, {0xE8, 0x9B, 0x27, 0x00, 0x00, 0x50, 0xE8, 0xA7, 0x22, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x90, 0x55, 0x8B, 0xEC, 0x53, 0x56, 0x57, 0x8B, 0x7D, 0x10, 0x8B, 0x5D, 0x0C, 0x8B, 0x75, 0x08, 0x8B}}, // D-C Bypass Public Version
{0x4A851C, {0x40, 0xAE, 0x80, 0x7C, 0x41, 0xB7, 0x80, 0x7C, 0x7B, 0x1D, 0x80, 0x7C, 0x12, 0xCB, 0x81, 0x7C, 0xEA, 0x07, 0x3A, 0x7E, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x47, 0x65, 0x74, 0x50, 0x72, 0x6F}}, // Ultimate Cheat
{0x690002, {0xE8, 0x03, 0x00, 0x00, 0x00, 0xE9, 0xEB, 0x04, 0x5D, 0x45, 0x55, 0xC3, 0xE8, 0x01, 0x00, 0x00, 0x00, 0xEB, 0x5D, 0xBB, 0xED, 0xFF, 0xFF, 0xFF, 0x03, 0xDD, 0x81, 0xEB, 0x00, 0x00, 0x29, 0x00}}, // ArtMoney SE v7.31
{0x401AA8, {0xE8, 0x49, 0x24, 0x00, 0x00, 0xE9, 0x16, 0xFE, 0xFF, 0xFF, 0x55, 0x8B, 0xEC, 0x81, 0xEC, 0x28, 0x03, 0x00, 0x00, 0xA3, 0x98, 0xD0, 0x40, 0x00, 0x89, 0x0D, 0x94, 0xD0, 0x40, 0x00, 0x89, 0x15}}, // JoyToKey
{0x4010B0, {0x68, 0xC8, 0x2A, 0x40, 0x00, 0xE8, 0xF0, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x69, 0x7D, 0xF4, 0xB1}}, // codez
{0x401C29, {0xE8, 0x50, 0x1F, 0x00, 0x00, 0xE9, 0x16, 0xFE, 0xFF, 0xFF, 0x55, 0x8B, 0xEC, 0x81, 0xEC, 0x28, 0x03, 0x00, 0x00, 0xA3, 0x00, 0xD4, 0x41, 0x00, 0x89, 0x0D, 0xFC, 0xD3, 0x41, 0x00, 0x89, 0x15}}, // Minimize nuevo
{0x43FC4F, {0x90, 0x61, 0xBE, 0x00, 0x90, 0x43, 0x00, 0x8D, 0xBE, 0x00, 0x80, 0xFC, 0xFF, 0x57, 0x83, 0xCD, 0xFF, 0xEB, 0x10, 0xEB, 0x00, 0xEB, 0xEA, 0xEB, 0xE8, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01}}, // Mush
{0x401000, {0xB8, 0xA0, 0x37, 0x48, 0x00, 0x50, 0x64, 0xFF, 0x35, 0x00, 0x00, 0x00, 0x00, 0x64, 0x89, 0x25, 0x00, 0x00, 0x00, 0x00, 0x33, 0xC0, 0x89, 0x08, 0x50, 0x45, 0x43, 0x6F, 0x6D, 0x70, 0x61, 0x63}}, // NoNameMini
{0x48D080, {0x60, 0xBE, 0x00, 0xD0, 0x45, 0x00, 0x8D, 0xBE, 0x00, 0x40, 0xFA, 0xFF, 0x57, 0xEB, 0x0B, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11}}, // Tablet2
{0x4032EE, {0x55, 0x8B, 0xEC, 0x6A, 0xFF, 0x68, 0x30, 0x43, 0x40, 0x00, 0x68, 0x80, 0x34, 0x40, 0x00, 0x64, 0xA1, 0x00, 0x00, 0x00, 0x00, 0x50, 0x64, 0x89, 0x25, 0x00, 0x00, 0x00, 0x00, 0x83, 0xEC, 0x68}}, // Dupe-Full
{0x44E284, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xF4, 0xB8, 0x14, 0xE1, 0x44, 0x00, 0xE8, 0x00, 0x7D, 0xFB, 0xF0, 0xA1, 0xCC, 0x08, 0x45, 0x00, 0x8B, 0x00, 0xE8, 0xA8, 0xEA, 0xFE, 0xFF, 0x8B, 0x0D, 0x94, 0x09}}, // Razor_Code
{0x492B44, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xF0, 0xB8, 0x1C, 0x12, 0x49, 0x00, 0xE8, 0x00, 0x41, 0xF7, 0xFF, 0xA1, 0x30, 0x5C, 0x49, 0x00, 0x8B, 0x00, 0xE8, 0x38, 0x6A, 0xFD, 0xFF, 0x8B, 0x0D, 0x68, 0x5D}}, // wall
{0x44EB02, {0xE8, 0xC5, 0xC0, 0x00, 0x00, 0xE9, 0x78, 0xFE, 0xFF, 0xFF, 0xCC, 0xCC, 0xCC, 0xCC, 0x51, 0x8D, 0x4C, 0x24, 0x08, 0x2B, 0xC8, 0x83, 0xE1, 0x0F, 0x03, 0xC1, 0x1B, 0xC9, 0x0B, 0xC1, 0x59, 0xE9}}, // Process Explorer 11.33
{0x693E8F, {0xBB, 0x20, 0x00, 0x00, 0x00, 0x57, 0xBF, 0x29, 0x66, 0x73, 0x79, 0x29, 0xFB, 0x5F, 0xE9, 0xE7, 0x14, 0x00, 0x00, 0x81, 0xF2, 0x23, 0x63, 0x19, 0x46, 0x81, 0xEA, 0x67, 0x50, 0x16, 0x5F, 0x81}}, // ML Engine 1348
{0x401025, {0x83, 0x2D, 0x64, 0x78, 0x40, 0x00, 0x00, 0x75, 0x1B, 0x83, 0x3D, 0x70, 0x78, 0x40, 0x00, 0x00, 0x75, 0x12, 0xB9, 0x03, 0x00, 0x00, 0x00, 0x8B, 0x15, 0x40, 0x70, 0x40, 0x00, 0x33, 0xC0, 0xE8}}, // Pinnacle
{0x74F1F2, {0xC7, 0x05, 0x4C, 0xFE, 0x74, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x05, 0x00, 0xFE, 0x74, 0x00, 0xFF, 0x35, 0x00, 0xFE, 0x74, 0x00, 0xC3, 0xC3, 0x56, 0x57, 0x68, 0xA0, 0xF0, 0x74, 0x00, 0xFF}}, // Love engine 0.5
{0x414014, {0xB8, 0x00, 0x00, 0x00, 0x00, 0x60, 0x0B, 0xC0, 0x74, 0x68, 0xE8, 0x00, 0x00, 0x00, 0x00, 0x58, 0x05, 0x53, 0x00, 0x00, 0x00, 0x80, 0x38, 0xE9, 0x75, 0x13, 0x61, 0xEB, 0x45, 0xDB, 0x2D, 0x37}}, // HastyMu 1.1.0 NEW
{0x499CB0, {0x60, 0xBE, 0x00, 0x20, 0x46, 0x00, 0x8D, 0xBE, 0x00, 0xF0, 0xF9, 0xFF, 0x57, 0xEB, 0x0B, 0x90, 0x8A, 0x06, 0x46, 0x88, 0x07, 0x47, 0x01, 0xDB, 0x75, 0x07, 0x8B, 0x1E, 0x83, 0xEE, 0xFC, 0x11}}, // Perfect AutoPotion
{0xFC0000, {0x55, 0x89, 0xE5, 0x81, 0xC5, 0x04, 0x00, 0x00, 0x00, 0x83, 0xED, 0x04, 0x55, 0xFF, 0x74, 0x24, 0x04, 0x5D, 0x8F, 0x04, 0x24, 0x5C, 0x50, 0x89, 0xE0, 0x05, 0x04, 0x00, 0x00, 0x00, 0x83, 0xE8}}, // ModzMu
{0x492B44, {0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xF0, 0xB8, 0x1C, 0x12, 0x49, 0x00, 0xE8, 0x00, 0x41, 0xF7, 0xFF, 0xA1, 0x30, 0x5C, 0x49, 0x00, 0x8B, 0x00, 0xE8, 0x38, 0x6A, 0xFD, 0xFF, 0x8B, 0x0D, 0x68, 0x5D}}, // Injector
{0x4013B0, {0x68, 0x5C, 0x87, 0x42, 0x00, 0xE8, 0xEE, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x43, 0x2F, 0x4D, 0x37}} // Hit Count
};
unsigned long int lCrc32_Tab[256] =
{
0x00000000, 0x77073096, 0xee0e612c, 0x990951ba,
0x076dc419, 0x706af48f, 0xe963a535, 0x9e6495a3,
0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,
0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91,
0x1db71064, 0x6ab020f2, 0xf3b97148, 0x84be41de,
0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec,
0x14015c4f, 0x63066cd9, 0xfa0f3d63, 0x8d080df5,
0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,
0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b,
0x35b5a8fa, 0x42b2986c, 0xdbbbc9d6, 0xacbcf940,
0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116,
0x21b4f4b5, 0x56b3c423, 0xcfba9599, 0xb8bda50f,
0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d,
0x76dc4190, 0x01db7106, 0x98d220bc, 0xefd5102a,
0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818,
0x7f6a0dbb, 0x086d3d2d, 0x91646c97, 0xe6635c01,
0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,
0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457,
0x65b0d9c6, 0x12b7e950, 0x8bbeb8ea, 0xfcb9887c,
0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2,
0x4adfa541, 0x3dd895d7, 0xa4d1c46d, 0xd3d6f4fb,
0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,
0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9,
0x5005713c, 0x270241aa, 0xbe0b1010, 0xc90c2086,
0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4,
0x59b33d17, 0x2eb40d81, 0xb7bd5c3b, 0xc0ba6cad,
0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,
0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683,
0xe3630b12, 0x94643b84, 0x0d6d6a3e, 0x7a6a5aa8,
0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe,
0xf762575d, 0x806567cb, 0x196c3671, 0x6e6b06e7,
0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,
0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5,
0xd6d6a3e8, 0xa1d1937e, 0x38d8c2c4, 0x4fdff252,
0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60,
0xdf60efc3, 0xa867df55, 0x316e8eef, 0x4669be79,
0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f,
0xc5ba3bbe, 0xb2bd0b28, 0x2bb45a92, 0x5cb36a04,
0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a,
0x9c0906a9, 0xeb0e363f, 0x72076785, 0x05005713,
0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,
0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21,
0x86d3d2d4, 0xf1d4e242, 0x68ddb3f8, 0x1fda836e,
0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c,
0x8f659eff, 0xf862ae69, 0x616bffd3, 0x166ccf45,
0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,
0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db,
0xaed16a4a, 0xd9d65adc, 0x40df0b66, 0x37d83bf0,
0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6,
0xbad03605, 0xcdd70693, 0x54de5729, 0x23d967bf,
0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
};
unsigned long CheckCRC( const char * szFilePath )
{
FILE * pCRC = NULL;
fopen_s ( &pCRC, szFilePath, "rb" );
if (!pCRC) perror ("Nie moge otworzyc pliku!");
else
{
unsigned long lCrc32 = 0xFFFFFFFF;
unsigned char cByte = 0;
fseek ( pCRC , 0 , SEEK_SET );
while (!feof(pCRC))
{
fread(&cByte, sizeof(cByte), 1, pCRC);
lCrc32 = (lCrc32 >> 8) ^ lCrc32_Tab[(lCrc32 & 0xff) ^ cByte];
}
lCrc32 ^= 0xFFFFFFFF;
fclose(pCRC);
return lCrc32;
}
return 0;
}
using namespace std;
void CAntiHack::GetSystemProcessesList() {
HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if(hProcessSnap != INVALID_HANDLE_VALUE)
{
PROCESSENTRY32 pe32;
pe32.dwSize = sizeof(PROCESSENTRY32);
if(Process32First(hProcessSnap, &pe32))
{
do
{
m_lProcessesList.push_back(pe32);
}
while(Process32Next(hProcessSnap, &pe32));
}
}
CloseHandle(hProcessSnap);
}
bool CAntiHack::ScanProcessMemory(DWORD dwProcessId) {
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
if(hProcess != INVALID_HANDLE_VALUE)
{
for(int i = 0; i < MAX_PROCESS_DUMP; i++)
{
char aTmpBuffer[MAX_DUMP_SIZE];
SIZE_T aBytesRead = 0;
ReadProcessMemory(hProcess, (LPCVOID)g_ProcessesDumps[i].m_aOffset, (LPVOID)aTmpBuffer, sizeof(aTmpBuffer), &aBytesRead);
if(memcmp(aTmpBuffer, g_ProcessesDumps[i].m_aMemDump, MAX_DUMP_SIZE) == 0)
{
CloseHandle(hProcess);
return true;
break;
}
}
}
CloseHandle(hProcess);
return false;
}
int CAntiHack::CheckProcessName(char *sProcessName, char *sSrcProcessName) {
for(size_t i = 0; i < strlen(sProcessName); i++)
{
sProcessName[i] = (char)tolower(sProcessName[i]);
}
return strcmp(sProcessName, sSrcProcessName);
}
bool CAntiHack::CheckExplorerProcessDirectory(DWORD dwProcessId) {
HANDLE hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwProcessId);
if(hModuleSnap != INVALID_HANDLE_VALUE)
{
MODULEENTRY32 me32;
me32.dwSize = sizeof(MODULEENTRY32);
if(Module32First(hModuleSnap, &me32))
{
me32.szExePath[strlen(me32.szExePath) - (strlen(SYSTEMSHELL_NAME) + 1)] = 0;
char sWindowsDirectory[MAX_PATH];
GetWindowsDirectory(sWindowsDirectory, MAX_PATH);
if(strcmp(me32.szExePath, sWindowsDirectory) == 0)
{
CloseHandle(hModuleSnap);
return true;
}
}
}
CloseHandle(hModuleSnap);
return false;
}
void CAntiHack::GetExplorerProcessId() {
for(list<PROCESSENTRY32>::iterator i = m_lProcessesList.begin(); i != m_lProcessesList.end(); i++)
{
if(CheckProcessName(i->szExeFile, SYSTEMSHELL_NAME) == 0)
{
if(CheckExplorerProcessDirectory(i->th32ProcessID))
{
m_dwExplorerProcessId = i->th32ProcessID;
return;
break;
}
}
}
m_dwExplorerProcessId = INVALID_PROCESSID;
}
// --- Interface ---
void GetURL(char * url)
{
char canonicalURL[1024];
DWORD nSize = 1024;
HINTERNET Internet = InternetOpen( "NoobProtector", INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, 0 );
InternetCanonicalizeUrl ( url, canonicalURL, &nSize, ICU_BROWSER_MODE );
HINTERNET hSession = InternetOpenUrl ( Internet, canonicalURL, NULL, NULL, INTERNET_FLAG_NEED_FILE|INTERNET_FLAG_HYPERLINK|INTERNET_FLAG_RESYNCHRONIZE|INTERNET_FLAG_RELOAD, 0 );
InternetCloseHandle ( hSession );
}
void CAntiHack::Startup() {
m_lProcessesList.clear();
GetSystemProcessesList();
GetExplorerProcessId();
if(m_lProcessesList.empty() || m_dwExplorerProcessId == INVALID_PROCESSID)
{
MessageBox(0, "NoobProtector cannot be run. Error 17.", "NoobProtector", MB_OK | MB_ICONSTOP);
ExitProcess(1);
}
}
void CAntiHack::SystemProcessesScan() {
for(std::list<PROCESSENTRY32>::iterator i = m_lProcessesList.begin(); i != m_lProcessesList.end(); i++)
{
if(ScanProcessMemory(i->th32ProcessID))
{
MessageBox(0, "Hack detected! Cheating is illegal on this server.\nYou can be easy banned!", "NoobProtector", MB_OK | MB_ICONSTOP);
char temp[256];
sprintf ( temp, "http://82.177.53.38/logihackow.php?hack=%s" , i->szExeFile );
GetURL(temp);
//GetURL("http://82.160.123.248/logi.php");
ExitProcess(1);
}
}
}
void CAntiHack::CheckProcessOwner() {
for(std::list<PROCESSENTRY32>::iterator i = m_lProcessesList.begin(); i != m_lProcessesList.end(); i++)
{
if(i->th32ProcessID == GetCurrentProcessId())
{
if(i->th32ParentProcessID != m_dwExplorerProcessId)
{
MessageBox(0, "Please run application directly.", "NoobProtector", MB_OK | MB_ICONSTOP);
ExitProcess(1);
}
}
}
}
void CAntiHack::ClientFileScan()
{
if ( CheckCRC("Data\\Player\\Player.bmd") != 254207763 )
{
MessageBoxA(0, "Speed hack detected!.\nUse original player.bmd file!", "NoobProtector", MB_OK | MB_ICONSTOP);
GetURL("http://82.177.53.38/logihackow.php");
ExitProcess(1);
}
}
void CAntiHack::Cleanup() {
m_lProcessesList.clear();
}
void CAntiHack::Link(){
ShellExecute(NULL, "open", "http://muserwer.com.pl" , "", "", SW_SHOWNORMAL);
}
/*void MainThread()
{
again:
AntiHackInstance.SystemProcessesScan();
Sleep(50);
goto again;
}*/
BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved) {
CAntiHack AntiHackInstance;
AntiHackInstance.Startup();
AntiHackInstance.CheckProcessOwner();
//AntiHackInstance.ClientFileScan();
AntiHackInstance.SystemProcessesScan();
AntiHackInstance.Cleanup();
//AntiHackInstance.Link();
//CreateThread(NULL,NULL,LPTHREAD_START_ROUTINE(MainThread),NULL,0,0);
return TRUE;
}
#ifdef _MANAGED
#pragma managed(pop)
#endif
Niestety sprawdzanie haxów po procesach nie zawsze daje dobry efekt, ponieważ Programem HideToolz można ten proces ukryć. Znajomy informatyk polecił mi funkcję IsWindow() do sprawdzania okien. Tylko jak ją tu zaimplementować?