Suggestions

Find a Bug? Have a Problem? Like to Suggest a Feature? Do it Here

Moderators: g3nuin3, SpeedWing, WhiteHat, mezzo

Suggestions

Postby Felheart » Tue Jan 05, 2010 1:20 am

Hey L.
you wrote in the forums quite a few times that you consider writing a remake of MHS.
If you are open for suggestions for the rewrite, I have some:
Add a lot more of those "small" features. A very good example for this is CheatEngine.
Its disassembler has a lot of small but extremely useful features like:
"Find what values this code accesses" on a opcode.
"Break and trace X codes"
to name just a few of them!

also the reverse and / oldscool pointer-scanner,
as well as the "Hyperscan" (fancy name for a scan from within the target, injected) are definitely worth to be included
in my opinion.

Thanks to the awesome plugin support in MHS, I wrote countless dll's for mhs, that add the cheat-engine-like features(like the ones above and more) i'm missing.
Felheart
Acker
 
Posts: 89
Joined: Sun Apr 27, 2008 3:05 am
Location: Germany

Re: Suggestions

Postby L. Spiro » Tue Jan 05, 2010 7:13 am

DLL plug-ins would come back in a remake.
Other features were already planned for the current release of MHS, but I never got around to them thanks to my interest dying off.

But I am pretty sure most of those little features can be done with breakpoint scripts. You can definitely log what addresses an opcode accesses, for example.


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: Suggestions

Postby Felheart » Tue Jan 05, 2010 1:57 pm

L. Spiro wrote:But I am pretty sure most of those little features can be done with breakpoint scripts.
You can definitely log what addresses an opcode accesses, for example.

Yeah, I already have coded those features myself, as plugins.
But it would be great to see a actual implementation, even more when you consider rewriting MHS.
Rather than having the hassle with loading each plugin for a specific purpose, it would be better to have
those functions already built-in in MHS.

Oh and btw: Did you ever consider making the rewrite of mhs open-source? If not, why?

Thanks!
Felheart
Acker
 
Posts: 89
Joined: Sun Apr 27, 2008 3:05 am
Location: Germany

Re: Suggestions

Postby L. Spiro » Tue Jan 05, 2010 3:38 pm

By the way, I have already started on the remake of MHS in fact. In December.

I have not considered it being open-sourced because the existing code is available for $200 and giving the new code away free would be like punching the people who paid $200 in the groin.

But maybe I will make it open-source later, when the source is actually of some value and the value of the current source has dropped.


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: Suggestions

Postby Felheart » Tue Jan 05, 2010 5:58 pm

Ah, ok.
So there is no possibility to help with the development of the new MHS, besides providing you with the source of my own plugins???
Well, as a matter of fact, I think they wouldn't be that interesting anyways^^

Make sure to fix things like: http://i50.tinypic.com/sm7wn6.jpg
in the new mhs ;)
Felheart
Acker
 
Posts: 89
Joined: Sun Apr 27, 2008 3:05 am
Location: Germany

Re: Suggestions

Postby L. Spiro » Wed Jan 06, 2010 6:48 am

As I will have the Expression Evaluator from the start of the project (the feature that requires the least modification to fit into my new design), all boxes will allow all forms of expressions/formatting.


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: Suggestions

Postby Felheart » Fri Jan 08, 2010 1:42 am

Sounds good,
will you accept code pieces in the development of the new MHS from the community or make some files(headers) public for the community??
It would be great to be able to help with the development of it, even though I know that you don't exaclty "need" help.
If not, be sure to release a SDK or at least extensive plugin support ;D

btw: what injection method do you currently utilize for your dll injector? CreateRemoteThread + LoadLibrary?
Do you plan to extend that? *Thinking of something specific ;)*
Felheart
Acker
 
Posts: 89
Joined: Sun Apr 27, 2008 3:05 am
Location: Germany

Re: Suggestions

Postby L. Spiro » Fri Jan 08, 2010 12:42 pm

There is a possibility that some code snippets from the community could make it into the project, but this possibility is very low.
One of the reasons I feel the need to rewrite it is to be excruciatingly strict on organization and style.

It will, however, be heavily plug-in–enabled as part of the new design.

I use CreateRemoteThread() and LoadLibraryW() for the current injector.
I do not plan to extend it; although it should be detectable, it rarely ever is. Magic Mode, however, does not use this method for injection.


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: Suggestions

Postby Felheart » Fri Jan 08, 2010 1:59 pm

There is a possibility that some code snippets from the community could make it into the project, but this possibility is very low.
One of the reasons I feel the need to rewrite it is to be excruciatingly strict on organization and style.

I know that too well from my own projects, i think it's normal for someone that he wants to have everything in the same style. :) I would not mind adapting to your programming style, if you'd provide an example on how you typically work. 8)

I use CreateRemoteThread() and LoadLibraryW() for the current injector.
I do not plan to extend it; although it should be detectable, it rarely ever is. Magic Mode, however, does not use this method for injection.

Haha, I lol'ed irl while reading this. Any details on what "Magic Mode" actually is?
SetWindowsHookEx? a modified kernel32/ntdll? Or... manually mapping the moudle (aka reflective injection)?
Felheart
Acker
 
Posts: 89
Joined: Sun Apr 27, 2008 3:05 am
Location: Germany

Re: Suggestions

Postby L. Spiro » Fri Jan 08, 2010 4:06 pm

I have been asked by several people, including coworkers, to write a style guide.
I guess I should do that.


Magic Mode is an unreleased mode (similar to Restricted Mode) MHS uses to invade any process on your computer regardless of its level of anti-cheat protection.
Because it is made of pure magic, it is impossible to detect and block by any anti-cheat, and works on all versions of Windows. It is the final bypass against all anti-cheat systems. Its code name is "God Mode", and working title is, "Main Screen Turn On."


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: Suggestions

Postby Felheart » Fri Jan 08, 2010 6:44 pm

Code: Select all
...it is impossible to detect and block by any anti-cheat, and works on all versions of Windows. It is the final bypass against all anti-cheat systems.

Sounds interesting, provided it isn't just a joke. I hope that there aren't just some cheap kernel-driver tricks to sort of "emulate" all the magic ;)

I assume you will implement the disassembler again; so will you add support for FFT/MMX instructions?
Also, do you already have a date for a beta or something in mind, or do you just work on it from time to time and see how it goes?
Felheart
Acker
 
Posts: 89
Joined: Sun Apr 27, 2008 3:05 am
Location: Germany

Re: Suggestions

Postby L. Spiro » Fri Jan 08, 2010 10:24 pm

Magic Mode is no joke, and does not work through the kernel. It works by changing the paradigm between the target and MHS, and I will have a technical article explaining how it works in an upcoming magazine soon to be released.


I will add those commands depending on my level of dedication at the time. That is what keeps me from adding it to the existing one, since the existing one will mostly be a direct port. It is one of the things that needs the fewest modifications.
The Expression Evaluator, Debugger, Disassembler/Assembler, and Code Filter are the tools in least need of updating.


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Re: Suggestions

Postby Felheart » Sat Jan 09, 2010 6:44 am

L. Spiro wrote:in an upcoming magazine soon to be released.

What is that magazine called? I would love to read about the technique.
Is it still true that the new MHS will use the Qt toolkit for its GUI ? Has the "the new MHS" also got
a new name / code name or will it be called MHS2?
Felheart
Acker
 
Posts: 89
Joined: Sun Apr 27, 2008 3:05 am
Location: Germany

Re: Suggestions

Postby g3nuin3 » Sat Jan 09, 2010 9:42 am

pfft. L.Spiro isnt that creative, itll probably still be named Memory Hacking Software.
g3nuin3
Acker
 
Posts: 96
Joined: Tue Jul 18, 2006 10:53 am

Re: Suggestions

Postby L. Spiro » Sat Jan 09, 2010 1:10 pm

Actually I am super-creative.
MHS is its code name, and Fallout is its release name.
But I was not satisfied just following trends, so in order to one-up the rest of the world I pulled a fast one and released it under its code name and used its release name as its code name.

If you do not believe me, buy the source code. You will see that the project and folders are actually named "Fallout".



The magazine is secret for now, the name will modified only to reflect on the superiority of the new code, and it will of course use Qt.


L. Spiro
Our songs remind you of songs you’ve never heard.
User avatar
L. Spiro
L. Spiro
 
Posts: 3129
Joined: Mon Jul 17, 2006 10:14 pm
Location: Tokyo, Japan

Next

Return to Bugs/Problems/Suggestions

Who is online

Users browsing this forum: No registered users and 0 guests