Posted: 28-12-2015, 06:17 AM
(This post was last modified: 28-12-2015, 06:29 AM by Killpot.)
So I've been at this for a bit, some of you in the chat will have seen me talking about it, I finished the project I was hired to do, but kind of overdid it and made a whole system for injecting dll's securely all the while keeping a commerce aspect in mind and embedding it.
The whole project combined has taken me roughly 1-2 weeks for me now to be able to call it done.
Here's a snap of the Solution Explorer:
The program in a nutshell:
User buys access to a hack for say a month, a log is created on ftp of transaction, program recognizes that and acts accordingly, then disposes of the log. Client is now able to inject a hacked dll into a game of their choice (Obv. the one they payed for). Every day a "chronjob" is ran and checks and removes access to hacks as it's needed.
How it works in depth:
The program here is extremely secure, there is never a dll actually created on the client's computer, all dll's are stored server side and are encrypted and sent to the client with Polymorphic AES 2056, once received the client asks the server for the key to decrypt(key changes after every request for key), once it gets the key it will decrypt the bytes it just received. Now here's the kicker, it's a pain in the ass to inject a process without writing a dll to the disk, so what i took some time to learn is manual memory mapping, thus, the client will remap the bytes IN MEMORY into the target process and then unload all traces of the dll's bytes ever existing. This meaning that the client will never be able to keep any of the hacks. And for the keen out of you, you've already realised that this is a pretty much bulletproof anti-reverse engineering and decompiling program, because all info is stored on the server and requires an active account to access it's files, every time a function is called on the server I check the validity of the account accessing it, so if it's a forged account, I'll see right through it and may in the future force the client to self destruct, and then ban that IP and HWID. All DLL's are dynamically grabbed on the server, so all you have to do is add more dll's with no need to recompile the server every time you add a new hack. Here's a video of it in action.