2016

Happy ‘late’ New Year to everyone.

I will continue my work on cVision in the coming months along with some other projects I have in mind. Stay tuned.. and oh yeah http://cra0vision.net look out for this soon.

More UI work I’ve done over the break.

Posted in Main | Tagged , | Leave a comment

[REL] LiveDump

LiveDump – A simple memory dumper

I’m a fan of 010 Editor‘s templating system they have in place where you can write layouts for hex dumps or file formats I use it in almost all of my research/reversing. More information about that can be found here even though the hex editor has a built in system to open a live processes memory it’s not really great. I needed a system where the data I was looking at was live and updated almost instantaneously so I wrote LiveDump. LiveDump is a simple memory dumper which will either dump a region of memory once to a file or constantly dump it every X many milliseconds, this way I can see the data updated almost live in 010 editor and make use of their templating to reverse a portion of a data structure or class object. There are things like Reclass which are purposely built for this reason which I do use however my own personal preference is the templating feature built into 010 editor as it’s very robust and you incorporate loops and logic into it to display the data out how you want it.

livedump

Usage: Select the process from the process list, then enter an address and size. The address and size input fields accept both decimal and hexadecimal numbers, if your input is going to be hexadecimal then you must add a ‘0x’ prefix or ‘h’ postfix to the numerical value. Now either begin dumping continuously to a file by hitting “Begin Dump” or “Dump Once” if you wish to dump only once.

LiveDump.zip | SHA1: 934fb95654cb05d2168e1e707a5cc80418380d4f

 

Posted in Main | Tagged , , , , , , , , , , | Leave a comment

[REL]Cheat Engine Trainer Decryptor/Unpacker

So someone uploaded a pretty dodgy looking binary to unknowncheats.me and since I moderate the uploaded files and determine if they are safe or not I decided to take a look at the particular submission, turned out to be a safe Cheat Engine trainer (sfx). Cheat Engine allows you to create trainers which include the Cheat Engine base along with the Cheat Engine table which stores the basic offsets and memory edits a user would of created, they allow this to be saved in an ‘encrypted’ manner to stop script kiddies from stealing each others CE tables. The author stated in the source code that this is very trivial however stops most of the idiots who have no idea what they are doing stealing tables. Anyway I wrote a small tool to automatically decrypt them back into plaintext xml. Sorry kids no binary here  🙂

http://github.com/cra0kalo/CETRAINER_DECRYPT

 

 

Posted in Main | Tagged , , , , , , | Leave a comment

[REL] Overwatch Revealer

For all that don’t known (and no I’m not referring to Blizzard’s new game) CSGO has a system called Overwatch where basically people who have been reported for cheating get their demos reviewed by other players or “overwatchers”. Typically these demos are stripped of all? most? information about the suspected cheater player, this includes their name, text chat, gun names (if any custom names are given to weapons) and other player names leaving the person watching the demo unaware of who it is they are reviewing. Now this is great as hopefully people who are doing these overwatch cases are not biased towards a certain player because of their name/display picture or even inventory. But hey in my opinion it’s no fun so I’ve made this tool which will reveal the suspected player  😛

cvow

Here are some case examples I’ve done before: Image1 | Image2 | Image3

<Download>

Anyway here is a short video I made showcasing the tool.

 

 

 

Posted in Main | Tagged , , , , | Leave a comment

DirectX GUI WIP

I have been working on GUI related developments in the past few weeks. Here is some demo work of controls I’v reimplemented in dirext2DI for cVision.

Currently developed:

  • Label
  • Button
  • Input Button
  • Panel
  • Slider
  • Tab Control
  • Image
  • Checkbox

2015-10-17_15-42-08

2015-10-20_00-28-05

Posted in Main | Tagged , , , , | Leave a comment

It’s been a while

Hello?

It’s been a while since I’ve posted anything here though it’s not because I haven’t been doing anything actually I’ve been more productive in these few months then before.

So I’ve been working on many things mainly cVision which will soon be up here. Dynamic code generation has been something I’ve been studying with cVision basically rendering any sort of signature scanning or code hashing useless, with that out of the way cVision is done sort of at least the application side is all functioning if you’re reading this and are interested in purchasing a copy get in contact with me.

As for other stuff well I’ve started working on the Insomniac Games engine again with Ratchet and Clank ill post more about that later.

Posted in Main | Leave a comment

CSGO Far/Extended ESP Concept