martes, 28 de octubre de 2008

nProtect gameguard bypass

Originally Posted by Sacrifice

I coded an nProtect gameguard bypass O.O, its very easy to do.

- Load a driver that has a hook in PspCreateThread or maybe some thread creation callback, also in a notify image callback - "Somthing like that".
- When the ddriver, npggnt.sys is loaded, (this is where the hook in PspCreateThread comes in), block that thread from being created, then restore the SDT (remove all hooks)
- Use the thread list entry in the PEPROCESS structure to suspend all the threads in nProtect and wala !

You have bypassed nProtect GameGuard

ÂÛ̳ÀïûÓйØÓÚnprotect GameGuardµ÷ÊÔµÄÎÄÕ - ¡º ÓÎÏ·°²È« ¡» - ¡º Èí¼þ°²È« ¡» - UnPacKcN Security - Powered by Discuz!
Publicado por c0lo en 9:02

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)