[Release] Working MuGuard Source

Angerfist

Active Member
Joined
Apr 7, 2009
Messages
190
Reaction score
40
Hello
here is working MuGuard..
main file MuGaurd.cpp :: (leo123)

PHP:
#include "stdafx.h"
#include "define.h"
#include "cFile.h"
#include "AntiHack.h"

cFile MyFile;

void ChangeSerial()
{

    memset(&Main_Serial[0],0x00,16);                                // the max is 16 i think =/
    memcpy(&Main_Serial[0],MySerial,strlen(MySerial));
}
void FindHacks()
{
    ChangeSerial(); // Rum time changeing of serial
    bool State = MyFile.iCheckFileSize("Data\\Player\\Player.bmd",sizePlayerBMD);
    if(State == false)
    {
        MessageBoxA(FindWindowA(0,"MU"),"We are sorry, but a hack or cheat or other 3rd tool has been detected","MuGuard V1.0 by leo123",0);
        ExitProcess(1);
    }
    SystemProcessesScan();
    Sleep(3000);
    FindHacks();
}

void Setup()
{
    ChangeSerial();
    if(FindWindow(0,"MU") > 0)
    {
        WinExec("taskkill /IM main.exe",5);
        Sleep(200);
        ExitProcess(0);
    }
    SystemProcessesScan();
    bool State = MyFile.iCheckFileSize("Data\\Player\\Player.bmd",sizePlayerBMD);
    if(State == false)
    {
        MessageBoxA(0,"We are sorry, but a hack or cheat or other 3rd tool has been detected","MuGuard V1.0 by leo123",0);
        ExitProcess(0);
    }
    char* Temp = GetCommandLine();
    if(Temp[9] != 0x63)
    {
        MessageBoxA(0,"Please use lancher.","MuGuard V1.0 by leo123",0);
        ExitProcess(0);
    }
    
    #ifdef premu
    __asm
    {
        Mov Edi,0x0073BD18
        Jmp Edi
    }
    #endif

    SystemProcessesScan();
    DWORD MyId;
    CreateThread(NULL,NULL,(LPTHREAD_START_ROUTINE)FindHacks,NULL,0,&MyId);
}

extern "C" __declspec (dllexport) void __cdecl Loaded()
{
    DWORD OldProtect;
    if(VirtualProtect(LPVOID(0x401000),0x7C2FFF,PAGE_EXECUTE_READWRITE,&OldProtect))
    {
        Setup();
    }
    else
    {
        MessageBoxA(NULL,"Unable to initialize the MuGuard.dll","PRE DLL",MB_OK);
        ExitProcess(0);
    }

}

BOOL APIENTRY DllMain( HANDLE hModule, DWORD  ul_reason_for_call, LPVOID lpReserved)
{
    return TRUE;
}

AntiHack.cpp :: Credits F1x ( i add some exitprocess fix)

PHP:
// ----------------------------------------------------
//    Nazwa pliku: AntiHack.cpp
//    Data utworzenia: 2008-06-26
//    Autor: f1x / [email protected]
// ----------------------------------------------------

#include "stdafx.h"
#include "AntiHack.h"
#include <windows.h>
#include <tlhelp32.h>
#include <stdlib.h>

ANITHACK_PROCDUMP g_ProcessesDumps[MAX_PROCESS_DUMP] = {
{0x4C8259, {0xA1, 0x38, 0xBD, 0x4C, 0x00, 0x8B, 0x00, 0x8B, 0x4D, 0xFC, 0xBA, 0xC0, 0x82, 0x4C, 0x00, 0xE8, 0x1F, 0xF1, 0xFF, 0xFF, 0x33, 0xDB, 0xE8, 0xF8, 0xBE, 0xF3, 0xFF, 0x33, 0xC0, 0x5A, 0x59, 0x59}},    //Catastrophe
{0x4018bb, {0x74 ,0x3F ,0x0F ,0xB6 ,0x45 ,0xEC ,0x0F ,0xB6 ,0x9D ,0x74 ,0xFF ,0xFF ,0xFF ,0x39 ,0xD8 ,0x75 ,0x30 ,0x6A ,0x01 ,0x6A ,0x39 ,0x68 ,0xD4 ,0x75 ,0x40 ,0x00 ,0xE8 ,0x96 ,0x08 ,0x00 ,0x00 ,0x50}},   // Hasty MU
{0x4C5F31, {0x7C, 0x23, 0x8B, 0x45, 0xFC, 0x80, 0x38, 0xC1, 0x75, 0x1B, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x02, 0xF3, 0x75, 0x12, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x03, 0x00, 0x75, 0x09, 0x8B, 0x45, 0xFC, 0x80}},    // Catastrophe
};

void SystemProcessesScan() 
{
    HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
    if(hProcessSnap != INVALID_HANDLE_VALUE)
    {
        PROCESSENTRY32 pe32;
        pe32.dwSize = sizeof(PROCESSENTRY32);

        if(Process32First(hProcessSnap, &pe32))
        {
            do
            {
                HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, pe32.th32ProcessID);
                if(hProcess != NULL)
                {
                    if(ScanProcessMemory(hProcess))
                    {
                        MessageBoxA(FindWindowA(0,"MU"), "Found hack software in your system.\n\nHint: Close all illegal programs and run application again.", "leo123 MuGuard v1.0", MB_OK | MB_ICONSTOP);
                        ExitProcess(1);
                    }
                }
            }
        while(Process32Next(hProcessSnap, &pe32));
        }
    }
    CloseHandle(hProcessSnap);
}

bool ScanProcessMemory(HANDLE hProcess) 
{
    for(int i = 0; i < MAX_PROCESS_DUMP; i++)
    {
        char aTmpBuffer[MAX_DUMP_SIZE];
        SIZE_T aBytesRead = 0;
        ReadProcessMemory(hProcess, (LPCVOID)g_ProcessesDumps[i].m_aOffset, (LPVOID)aTmpBuffer, sizeof(aTmpBuffer), &aBytesRead);

        if(memcmp(aTmpBuffer, g_ProcessesDumps[i].m_aMemDump, MAX_DUMP_SIZE) == 0)
        {
            return true;
            break;

AntiHack.h :: Credits F1x

PHP:
// ----------------------------------------------------
//    Nazwa pliku: AntiHack.cpp
//    Data utworzenia: 2008-06-26
//    Autor: f1x / [email protected]
// ----------------------------------------------------

#ifndef PDC_ANTIHACK_H
#define PDC_ANTIHACK_H

#define MAX_DUMP_OFFSETS 3
#define MAX_DUMP_SIZE 32
#define MAX_PROCESS_DUMP 3

typedef struct ANITHACK_PROCDUMP {
unsigned int m_aOffset;
unsigned char m_aMemDump[MAX_DUMP_SIZE];
} *PANITHACK_PROCDUMP;

extern ANITHACK_PROCDUMP g_ProcessesDumps[MAX_PROCESS_DUMP];

void SystemProcessesScan();
bool ScanProcessMemory(HANDLE hProcess);


#endif //PDC_ANTIHACK_H

cFile.cpp :: Credits (leo123) it class to work with files (check size)...
PHP:
#include "Stdafx.h"
#include "cFile.h"

cFile::cFile() // constractor
{
}

int        cFile::iGetFileSize(char* FileName)
{
        HANDLE hFile = CreateFileA(FileName, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL, NULL);            
        return GetFileSize(hFile,NULL); 
}


bool    cFile::iCheckFileSize(char* cFile,int Size)
{

        int iSize = this->iGetFileSize(cFile);
        if(iSize == Size)
            return true;
        return false;
}


cFile::~cFile() // desratactor
{

}

cFile.h :: Credits (leo123)

PHP:
#include "Stdafx.h"

#ifndef cFile_H
#define cFile_H

class cFile
{
public:
    cFile();
    ~cFile();
    bool        iCheckFileSize(char* cFile,int Size);
    int            iGetFileSize(char* FileName);


};
#endif

define.h

#include "Stdafx.h"
#define livemu

#ifdef premu
int sizePlayerBMD = 2662002;

#endif

#ifdef livemu
int sizePlayerBMD = 2414277;
DWORD *Main_Serial = (DWORD*)0x006B9284;
const char* MySerial = "00XXXXXXXXXXXXXX";


#endif

stdafx.h

// stdafx.h : include file for standard system include files,
// or project specific include files that are used frequently, but
// are changed infrequently
//

#if !defined(AFX_STDAFX_H__50DF9A22_ED87_4980_8F7D_DFFCFE6A44CB__INCLUDED_)
#define AFX_STDAFX_H__50DF9A22_ED87_4980_8F7D_DFFCFE6A44CB__INCLUDED_

#if _MSC_VER > 1000
#pragma once
#endif // _MSC_VER > 1000


// Insert your headers here
#define WIN32_LEAN_AND_MEAN // Exclude rarely-used stuff from Windows headers

#include <windows.h>
#include <cstdio>

// TODO: reference additional headers your program requires here

//{{AFX_INSERT_LOCATION}}
// Microsoft Visual C++ will insert additional declarations immediately before the previous line.

#endif // !defined(AFX_STDAFX_H__50DF9A22_ED87_4980_8F7D_DFFCFE6A44CB__INCLUDED_)

how add new hacks? just open with ollydbg some hack
go to some offset of the hack
then go to dump of the currect offset
copy the 32 bytes of the offset and add in AntiHack.cpp


[ offset] [ 32 bytes]
{0x4C5F31, {0x7C, 0x23, 0x8B, 0x45, 0xFC, 0x80, 0x38, 0xC1, 0x75, 0x1B, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x02, 0xF3, 0x75, 0x12, 0x8B, 0x45, 0xFC, 0x80, 0x78, 0x03, 0x00, 0x75, 0x09, 0x8B, 0x45, 0xFC, 0x80}}, // Catastrophe

and change in AntiHack.h
#define MAX_DUMP_OFFSETS 3
#define MAX_PROCESS_DUMP 3
to 4
if u add more then one hacks put 5.. etc..

Download Source and dll:

Link 1 : DOX.bg - Файл организатор за лесно споделяне и съхранение на файлове
Link 2 : MuGuard.rar | Game Front
Link 3 : Multiupload.nl - upload your files to multiple file hosting sites!
Link 4 : http://vr-servers.org/don/muguard.rar

Dont Forget to Say Thanks!