xerox
b1fa23a055
|
5 years ago | |
---|---|---|
buffer | 5 years ago | |
driver | 5 years ago | |
inject | 5 years ago | |
lapex | 5 years ago | |
llauncher | 5 years ago | |
mmap | 5 years ago | |
LICENSE | 5 years ago | |
README.md | 5 years ago | |
overview.png | 5 years ago |
README.md
amlegit
Reverse Engineering of amlegit/xcheats.cc this p2c sells an internal Apex cheat. Apex is protected by EAC and by the looks of this cheat/spoofer It doesnt even come remotely close to something that can evade a ban.
This cheat is a blatant paste of kdmapper and hwid spoofer using IOCTL hooking of a system driver. If you would like to read more about this scam you can do so here.
Overview
As stated before this cheat uses an IOCTL hook to communicate between its usermode process and its manually mapped driver.
IOCTL codes
0x2248D2 -> Testing communication
0x224DCA -> Read data (MmCopyVirtualMemory)
0x225CC1 -> Write data (MmCopyVirtualMemory)
0x224986 -> Allocate Virtual Memory (MmMapLockedPagesSpecifyCache, ZwOpenProcess, ZwAllocateVirtualMemory)
0x235C42 -> Spoofer (Pasted from hwid)