BlairCheat Driver Valorant // Tutorial

x6437' Alıntı:

Selamlar, islem asiri basit sadece pastelemeniz lazim.


(konu uc'den alintidir)

Kernel veya Memory.h dosyasini olusturup icine,

C++:

    #pragma once
    #include "IOCTL_Define.h"
    #include <TlHelp32.h>
    #include <vector>
    class MemoryManagement
    {
    public:
        HANDLE hDevice;
        uint64_t ModuleBase;
        bool Init(string ProcessName);
        BOOL Read_Buf(ULONGLONG lpBaseAddress, PVOID buf, ULONG bufersize);
        uint32_t GetPIDByProcessName(string ProcessName);
        uint64_t GetModuleBase();
        void SetGuardedRegion();
        BOOL ReadGuardedRegion(
            ULONG_PTR Displacement,
            PVOID pBuffer,
            ULONG cbBuffer);
        BOOL ReadVirtualMemory(
            ULONG_PTR Address,
            PVOID pBuffer,
            ULONG cbBuffer);
    };
    inline bool MemoryManagement::Init(string ProcessName)
    {
        DWORD Bytes;
        this->hDevice = CreateFileW(DRIVER_DEVICE_PATH, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, 0, OPEN_EXISTING, 0, 0);
        if (this->hDevice == INVALID_HANDLE_VALUE)
            return 0;;
        _DRIVER_INIT tmp;
        tmp.ProcessId = this->GetPIDByProcessName(ProcessName);
        if (!tmp.ProcessId)
            return false;
        DeviceIoControl(this->hDevice, IOCTL_DRIVER_INIT, &tmp, sizeof(tmp), &tmp, sizeof(tmp), &Bytes, 0);
        this->ModuleBase = this->GetModuleBase();
        if (this->ModuleBase)
            return true;
        else
            return false;
    }
    inline BOOL MemoryManagement::ReadVirtualMemory(
        ULONG_PTR Address,
        PVOID pBuffer,
        ULONG cbBuffer)
    {
        if (Address) {
            READ_VIRTUAL_MEMORY_REQUEST Request = {};
            DWORD cbReturned = 0;
            BOOL status = TRUE;
  
            RtlSecureZeroMemory(pBuffer, cbBuffer);
  
            Request.Address = Address;
            Request.Size = cbBuffer;
  
            status = DeviceIoControl(
                this->hDevice,
                IOCTL_DRIVER_MANAGE_MEMORY,
                &Request,
                sizeof(Request),
                pBuffer,
                cbBuffer,
                &cbReturned,
                NULL);
            if (!status)
            {
                goto exit;
            }
  
        exit:
            return status;
        }
    }
  
    inline BOOL MemoryManagement::Read_Buf(DWORD_PTR lpBaseAddress, PVOID buf, ULONG bufersize)
    {
        DWORD Bytes;
        KERNEL_READ_REQUEST copy = {};
        RtlSecureZeroMemory(buf, bufersize);
        copy.TargetAddress = lpBaseAddress;
        copy.ResponseAddress = (DWORD_PTR)buf;
        copy.Size = bufersize;
        if (DeviceIoControl(this->hDevice, IOCTL_DRIVER_MANAGE_MEMORY, &copy, sizeof(copy), &copy, sizeof(copy), &Bytes, NULL))
            return TRUE;
        else
            return FALSE;
    }
  
    inline uint32_t MemoryManagement::GetPIDByProcessName(string ProcessName)
    {
        DWORD Result = 0;
        HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
        PROCESSENTRY32 ProcEntry;
        ProcEntry.dwSize = sizeof(ProcEntry);
        do
            if (!strcmp(ProcEntry.szExeFile, ProcessName.c_str()))
            {
                Result = ProcEntry.th32ProcessID;
            }
        while (Process32Next(hSnap, &ProcEntry));
        if (hSnap)
            CloseHandle(hSnap);
        return Result;
    }
    inline uint64_t MemoryManagement::GetModuleBase()
    {
        DWORD Bytes;
        _GET_BASE_ADDRESS ModuleBase;
        uint64_t ModulePtr = 0;
        ModuleBase.Result = &ModulePtr;
        DeviceIoControl(this->hDevice, IOCTL_DRIVER_GET_BASE_ADDRESS, &ModuleBase, sizeof(ModuleBase), &ModuleBase, sizeof(ModuleBase), &Bytes, 0);
        return ModulePtr;
    }
  
    inline void MemoryManagement::SetGuardedRegion()
    {
        DeviceIoControl(this->hDevice, IOCTL_SET_GUARDED_REGION, 0, 0, 0, 0, 0, 0);
    }
  
    inline BOOL MemoryManagement::ReadGuardedRegion(
        ULONG_PTR Displacement,
        PVOID pBuffer,
        ULONG cbBuffer)
    {
        READ_GUARDED_REGION_REQUEST Request = {};
        DWORD cbReturned = 0;
        BOOL status = TRUE;
  
        if (Displacement > 0x200000)
        {
            status = FALSE;
            goto exit;
        }
  
        RtlSecureZeroMemory(pBuffer, cbBuffer);
  
        Request.Displacement = Displacement;
        Request.Buffer = pBuffer;
        Request.Size = cbBuffer;
        status = DeviceIoControl(
            this->hDevice,
            IOCTL_READ_GUARDED_REGION,
            &Request,
            sizeof(Request),
            &Request,
            sizeof(Request),
            &cbReturned,
            NULL);
        if (!status)
        {
            goto exit;
        }
  
    exit:
        return status;
    }
  
    inline auto mem = std::make_unique<MemoryManagement>();

bunlari yaziyoruz.

ayni zamanda yine IOCTL_Define.h adli dosya olusturup icine,

C++:

    #pragma once
    #include <Windows.h>
    #include <iostream>
    using namespace std;
  
    #define DRIVER_NAME skCrypt(L"HONGZ")
    #define DRIVER_DEVICE_NAME     skCrypt(L"\\Device\\HONGZ")
    #define DRIVER_DOS_DEVICE_NAME skCrypt(L"\\DosDevices\\HONGZ")
    #define DRIVER_DEVICE_PATH  skCrypt(L"\\\\.\\HONGZ")
    #define DRIVER_DEVICE_TYPE 0x00000022
  
    #define IOCTL_DRIVER_INIT ((ULONG)CTL_CODE(DRIVER_DEVICE_TYPE, 4100, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS))
    #define IOCTL_DRIVER_GET_BASE_ADDRESS ((ULONG)CTL_CODE(DRIVER_DEVICE_TYPE, 4200, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS))
    #define IOCTL_DRIVER_MANAGE_MEMORY ((ULONG)CTL_CODE(DRIVER_DEVICE_TYPE, 4300, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS))
    #define IOCTL_SET_GUARDED_REGION            \
        CTL_CODE(                               \
            DRIVER_DEVICE_TYPE,                 \
            4400,                               \
            METHOD_BUFFERED,                    \
            FILE_READ_ACCESS | FILE_WRITE_ACCESS)
  
    #define IOCTL_READ_GUARDED_REGION           \
        CTL_CODE(                               \
            DRIVER_DEVICE_TYPE,                 \
            4500,                               \
            METHOD_BUFFERED,                    \
            FILE_READ_ACCESS | FILE_WRITE_ACCESS)
    typedef struct _DRIVER_INIT {
        ULONG ProcessId;
    } DRIVER_INIT, *PDRIVER_INIT;
  
    typedef struct _READ_VIRTUAL_MEMORY_REQUEST {
        ULONG_PTR Address;
        ULONG Size;
    } READ_VIRTUAL_MEMORY_REQUEST, * PREAD_VIRTUAL_MEMORY_REQUEST;
  
    typedef struct _DRIVER_MANAGE_MEMORY {
        ULONGLONG Src;
        ULONGLONG Dst;
        ULONGLONG Size;
        BOOLEAN isWrite;
        BOOLEAN isIgnoreProtect;
    } DRIVER_MANAGE_MEMORY, * PDRIVER_MANAGE_MEMORY;
  
    typedef struct _GET_BASE_ADDRESS
    {
        ULONGLONG *Result;
    } GET_BASE_ADDRESS, *PGET_BASE_ADDRESS;
  
    typedef struct _KERNEL_READ_REQUEST
    {
        DWORD_PTR TargetAddress;
        DWORD_PTR ResponseAddress;
        ULONG Size;
    } KERNEL_READ_REQUEST, *PKERNEL_READ_REQUEST;
  
    typedef struct _READ_GUARDED_REGION_REQUEST {
        ULONG_PTR Displacement;
        PVOID Buffer;
        ULONG Size;
        float X = 0.0f, Y = 0.0f;
    } READ_GUARDED_REGION_REQUEST, * PREAD_GUARDED_REGION_REQUEST;

bunlari yaziyor (pasteliyoruz XD) daha sonra buildleyip @EmreKennedy"nin anlatimi ile kullaniyoruz (sourceyi de derleyin ayrica src'deki offsetleri de guncelleyin, guncel offsetler icin

Linkleri görebilmek için kayıt olmanız gerekmektedir

)

bu driveri tahminimce tüm pasteler icin kullanabilirsiniz ama dt olur yakin zamanda, degistirip kullanabilirsinz.

burada da ingilizce tut.


video patlamis xd

Genişletmek için tıkla ...

zamaknokk' Alıntı:

Denedim ve gayet düzgünce çalışıyor.Silent'ı nasıl eklicez onuda söylersen çok iyi olur xd

Genişletmek için tıkla ...

zamaknokk' Alıntı:

Denedim ve gayet düzgünce çalışıyor.Silent'ı nasıl eklicez onuda söylersen çok iyi olur xd

Genişletmek için tıkla ...

x6437' Alıntı:

Selamlar, islem asiri basit sadece pastelemeniz lazim.


(konu uc'den alintidir)

Kernel veya Memory.h dosyasini olusturup icine,

C++:

    #pragma once
    #include "IOCTL_Define.h"
    #include <TlHelp32.h>
    #include <vector>
    class MemoryManagement
    {
    public:
        HANDLE hDevice;
        uint64_t ModuleBase;
        bool Init(string ProcessName);
        BOOL Read_Buf(ULONGLONG lpBaseAddress, PVOID buf, ULONG bufersize);
        uint32_t GetPIDByProcessName(string ProcessName);
        uint64_t GetModuleBase();
        void SetGuardedRegion();
        BOOL ReadGuardedRegion(
            ULONG_PTR Displacement,
            PVOID pBuffer,
            ULONG cbBuffer);
        BOOL ReadVirtualMemory(
            ULONG_PTR Address,
            PVOID pBuffer,
            ULONG cbBuffer);
    };
    inline bool MemoryManagement::Init(string ProcessName)
    {
        DWORD Bytes;
        this->hDevice = CreateFileW(DRIVER_DEVICE_PATH, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, 0, OPEN_EXISTING, 0, 0);
        if (this->hDevice == INVALID_HANDLE_VALUE)
            return 0;;
        _DRIVER_INIT tmp;
        tmp.ProcessId = this->GetPIDByProcessName(ProcessName);
        if (!tmp.ProcessId)
            return false;
        DeviceIoControl(this->hDevice, IOCTL_DRIVER_INIT, &tmp, sizeof(tmp), &tmp, sizeof(tmp), &Bytes, 0);
        this->ModuleBase = this->GetModuleBase();
        if (this->ModuleBase)
            return true;
        else
            return false;
    }
    inline BOOL MemoryManagement::ReadVirtualMemory(
        ULONG_PTR Address,
        PVOID pBuffer,
        ULONG cbBuffer)
    {
        if (Address) {
            READ_VIRTUAL_MEMORY_REQUEST Request = {};
            DWORD cbReturned = 0;
            BOOL status = TRUE;
  
            RtlSecureZeroMemory(pBuffer, cbBuffer);
  
            Request.Address = Address;
            Request.Size = cbBuffer;
  
            status = DeviceIoControl(
                this->hDevice,
                IOCTL_DRIVER_MANAGE_MEMORY,
                &Request,
                sizeof(Request),
                pBuffer,
                cbBuffer,
                &cbReturned,
                NULL);
            if (!status)
            {
                goto exit;
            }
  
        exit:
            return status;
        }
    }
  
    inline BOOL MemoryManagement::Read_Buf(DWORD_PTR lpBaseAddress, PVOID buf, ULONG bufersize)
    {
        DWORD Bytes;
        KERNEL_READ_REQUEST copy = {};
        RtlSecureZeroMemory(buf, bufersize);
        copy.TargetAddress = lpBaseAddress;
        copy.ResponseAddress = (DWORD_PTR)buf;
        copy.Size = bufersize;
        if (DeviceIoControl(this->hDevice, IOCTL_DRIVER_MANAGE_MEMORY, &copy, sizeof(copy), &copy, sizeof(copy), &Bytes, NULL))
            return TRUE;
        else
            return FALSE;
    }
  
    inline uint32_t MemoryManagement::GetPIDByProcessName(string ProcessName)
    {
        DWORD Result = 0;
        HANDLE hSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, NULL);
        PROCESSENTRY32 ProcEntry;
        ProcEntry.dwSize = sizeof(ProcEntry);
        do
            if (!strcmp(ProcEntry.szExeFile, ProcessName.c_str()))
            {
                Result = ProcEntry.th32ProcessID;
            }
        while (Process32Next(hSnap, &ProcEntry));
        if (hSnap)
            CloseHandle(hSnap);
        return Result;
    }
    inline uint64_t MemoryManagement::GetModuleBase()
    {
        DWORD Bytes;
        _GET_BASE_ADDRESS ModuleBase;
        uint64_t ModulePtr = 0;
        ModuleBase.Result = &ModulePtr;
        DeviceIoControl(this->hDevice, IOCTL_DRIVER_GET_BASE_ADDRESS, &ModuleBase, sizeof(ModuleBase), &ModuleBase, sizeof(ModuleBase), &Bytes, 0);
        return ModulePtr;
    }
  
    inline void MemoryManagement::SetGuardedRegion()
    {
        DeviceIoControl(this->hDevice, IOCTL_SET_GUARDED_REGION, 0, 0, 0, 0, 0, 0);
    }
  
    inline BOOL MemoryManagement::ReadGuardedRegion(
        ULONG_PTR Displacement,
        PVOID pBuffer,
        ULONG cbBuffer)
    {
        READ_GUARDED_REGION_REQUEST Request = {};
        DWORD cbReturned = 0;
        BOOL status = TRUE;
  
        if (Displacement > 0x200000)
        {
            status = FALSE;
            goto exit;
        }
  
        RtlSecureZeroMemory(pBuffer, cbBuffer);
  
        Request.Displacement = Displacement;
        Request.Buffer = pBuffer;
        Request.Size = cbBuffer;
        status = DeviceIoControl(
            this->hDevice,
            IOCTL_READ_GUARDED_REGION,
            &Request,
            sizeof(Request),
            &Request,
            sizeof(Request),
            &cbReturned,
            NULL);
        if (!status)
        {
            goto exit;
        }
  
    exit:
        return status;
    }
  
    inline auto mem = std::make_unique<MemoryManagement>();

bunlari yaziyoruz.

ayni zamanda yine IOCTL_Define.h adli dosya olusturup icine,

C++:

    #pragma once
    #include <Windows.h>
    #include <iostream>
    using namespace std;
  
    #define DRIVER_NAME skCrypt(L"HONGZ")
    #define DRIVER_DEVICE_NAME     skCrypt(L"\\Device\\HONGZ")
    #define DRIVER_DOS_DEVICE_NAME skCrypt(L"\\DosDevices\\HONGZ")
    #define DRIVER_DEVICE_PATH  skCrypt(L"\\\\.\\HONGZ")
    #define DRIVER_DEVICE_TYPE 0x00000022
  
    #define IOCTL_DRIVER_INIT ((ULONG)CTL_CODE(DRIVER_DEVICE_TYPE, 4100, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS))
    #define IOCTL_DRIVER_GET_BASE_ADDRESS ((ULONG)CTL_CODE(DRIVER_DEVICE_TYPE, 4200, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS))
    #define IOCTL_DRIVER_MANAGE_MEMORY ((ULONG)CTL_CODE(DRIVER_DEVICE_TYPE, 4300, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS))
    #define IOCTL_SET_GUARDED_REGION            \
        CTL_CODE(                               \
            DRIVER_DEVICE_TYPE,                 \
            4400,                               \
            METHOD_BUFFERED,                    \
            FILE_READ_ACCESS | FILE_WRITE_ACCESS)
  
    #define IOCTL_READ_GUARDED_REGION           \
        CTL_CODE(                               \
            DRIVER_DEVICE_TYPE,                 \
            4500,                               \
            METHOD_BUFFERED,                    \
            FILE_READ_ACCESS | FILE_WRITE_ACCESS)
    typedef struct _DRIVER_INIT {
        ULONG ProcessId;
    } DRIVER_INIT, *PDRIVER_INIT;
  
    typedef struct _READ_VIRTUAL_MEMORY_REQUEST {
        ULONG_PTR Address;
        ULONG Size;
    } READ_VIRTUAL_MEMORY_REQUEST, * PREAD_VIRTUAL_MEMORY_REQUEST;
  
    typedef struct _DRIVER_MANAGE_MEMORY {
        ULONGLONG Src;
        ULONGLONG Dst;
        ULONGLONG Size;
        BOOLEAN isWrite;
        BOOLEAN isIgnoreProtect;
    } DRIVER_MANAGE_MEMORY, * PDRIVER_MANAGE_MEMORY;
  
    typedef struct _GET_BASE_ADDRESS
    {
        ULONGLONG *Result;
    } GET_BASE_ADDRESS, *PGET_BASE_ADDRESS;
  
    typedef struct _KERNEL_READ_REQUEST
    {
        DWORD_PTR TargetAddress;
        DWORD_PTR ResponseAddress;
        ULONG Size;
    } KERNEL_READ_REQUEST, *PKERNEL_READ_REQUEST;
  
    typedef struct _READ_GUARDED_REGION_REQUEST {
        ULONG_PTR Displacement;
        PVOID Buffer;
        ULONG Size;
        float X = 0.0f, Y = 0.0f;
    } READ_GUARDED_REGION_REQUEST, * PREAD_GUARDED_REGION_REQUEST;

bunlari yaziyor (pasteliyoruz XD) daha sonra buildleyip @EmreKennedy"nin anlatimi ile kullaniyoruz (sourceyi de derleyin ayrica src'deki offsetleri de guncelleyin, guncel offsetler icin

Linkleri görebilmek için kayıt olmanız gerekmektedir

)

bu driveri tahminimce tüm pasteler icin kullanabilirsiniz ama dt olur yakin zamanda, degistirip kullanabilirsinz.

burada da ingilizce tut.


video patlamis xd

Genişletmek için tıkla ...

KekokomandO' Alıntı:

knka valodan anlamıyorum source kodunun içine mi açıyoruz bu dosyaları

Genişletmek için tıkla ...

x6437' Alıntı:

sourcenin icinde kmdf empty project acip aciyorsun bu ddosyalari, derliyorsun sonra

Genişletmek için tıkla ...

dororo' Alıntı:

hocam ben de 530 tane hata var main.cpp de

Genişletmek için tıkla ...

KekokomandO' Alıntı:

derlesen bile esp çalışmıyor

Genişletmek için tıkla ...