library Project2;
uses
SysUtils,
Windows,
Dialogs,
Forms,
Classes,
ShellApi,
Unit1 in 'Unit1.pas' {Form1};
{$R *.res}
procedure ExitProc(uExitCode : DWORD);stdcall;
begin
end;
function TerminateProc(Proc : THandle;uExitCode : DWORD) : DWORD;stdcall;
begin
result := 8;
end;
procedure HookThis(Lib, Func : String;CallBack : Pointer);
begin
Place := GetProcAddress(LoadLibrary(PChar(Lib)), PChar(Func));
VirtualProtect(Place, 6, PAGE_READWRITE, ProtecaoAntiga);
PBYTE(DWORD(Place))^ := $E9;
PDWORD(DWORD(Place) + 1)^ := (DWORD(CallBack) - (DWORD(Place)) -5);
VirtualProtect(Place, 6, ProtecaoAntiga, ProtecaoAntiga);
end;
function CreateThr(lpThreadAttribute : Pointer;dwStackSize : Cardinal;lpStartAddress, lpParameter : Pointer;dwCreationFlag, ThreadID : Cardinal) : Cardinal;stdcall;
var
dwTemp1, dwTemp2 : DWORD;
i : integer;
hModule, dwFunc : DWORD;
Command : string;
CreateRemoteThreadEx : function (hProcess : Cardinal;lpThreadAttribute : Pointer;dwStackSize : Cardinal;lpStartAddress, lpParameter : Pointer;dwCreationFlag : DWORD; lpAttributeList : Pointer;ThreadID : Cardinal) : Cardinal;stdcall;
begin
i := 0;
CreateRemoteThreadEx := GetProcAddress(GetModuleHandle('kernel32.dll'), 'CreateRemoteThreadEx');
if (GetModuleHandle('XTrapVa.dll') <> 0) then begin
hModule := GetModuleHandle('XTrapVa.dll');
dwFunc := DWORD(GetProcAddress(hModule, 'XProc3'));
dwTemp1 := DWORD(lpStartAddress) - hModule;
dwTemp2 := DWORD(lpStartAddress) - dwFunc;
if ((dwTemp1 = $17C0) or (dwTemp2 = $2D510) or (dwTemp2 = $321E0)) then begin
result := CreateRemoteThreadEx(DWORD(-1), lpThreadAttribute, dwStackSize, lpStartAddress, lpParameter, CREATE_SUSPENDED, nil, ThreadID);
Exit;
end;
end;
result := CreateRemoteThreadEx(DWORD(-1), lpThreadAttribute, dwStackSize, lpStartAddress, lpParameter, dwCreationFlag, nil, ThreadID);
end;
begin
HookThis('ntdll.dll', 'RtlExitUserProcess', @ExitProc);
HookThis('ntdll.dll', 'ZwTerminateProcess', @TerminateProc);
MessageBoxA(0, 'You´re now full bypassed.', 'By Vitrix!', MB_ICONEXCLAMATION);
begin
end;
begin
CreateThread(nil, Vt, @Vitrix, nil, Vt, Vt);
end;
end.