_xeroxz
/
amlegit
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8c371e9c9e'
${ noResults }
amlegit/README.md

1.0 KiB
Raw Blame History

amlegit

Reverse Engineering of amlegit/xcheats.cc this p2c sells an internal Apex cheat. Apex is protected by EAC and by the looks of this cheat/spoofer It doesnt even come remotely close to something that can evade a ban.

This cheat is a blatant paste of kdmapper and hwid spoofer using IOCTL hooking of a system driver. If you would like to read more about this scam you can do so here.

Overview

As stated before this cheat uses an IOCTL hook to communicate between its usermode process and its manually mapped driver.

IOCTL codes

0x2248D2 -> Testing communication

0x224DCA -> Read data (MmCopyVirtualMemory)

0x225CC1 -> Write data (MmCopyVirtualMemory)

0x224986 -> Allocate Virtual Memory (MmMapLockedPagesSpecifyCache, ZwOpenProcess, ZwAllocateVirtualMemory)

0x235C42 -> Spoofer (Pasted from hwid)