20 replies to this topic

[Cloud]

Just brushing up on some C# skills and decided to try WPF (hate it)

Open Source.

Download

VirusTotal

GitHub

Extract the GoS.rar and go to GoS\WpfApplication1\bin\Debug\Loader.exe for the loader

 

Bugs:

Delete script and Open script only work on Check scripts, if you try to click delete script without a script check 100% crash

 

Not added:

Scripts Engine (API Hooking?)

1 Click install

Auth

Secure injection with options

 

Features:

Injection of GoS base! (DO NOT USE THIS ON MAIN ACCOUNT! Injector does not pass the recommended security level of GoS normal Injection) (Credits to HVInjector creator) (will create my own secure version soon)

raw install from github

Partially working Delete Script (only works on checked items)

Partially working Open Script ^

Open Scripts folder

Open Common folder

Color picker for loader

Settings picker

Creates GamingOnSteroids folders if they aren't there already (first ever booting ANY gos loader)

Creates a Settings2.ini (since this does not have injection I do not want to mess with your normal loader files)

News Section

If you close the loader and changed any settings, it will be saved in Settings2.ini so if you boot the loader again the settings will remain the same (Note: If you check any script, it will not be checked on your next boot up)

 

Why: Just brushing up on some C# and maybe Feretorix will take some ideas from this

Edited by Cloud, 20 February 2016 - 07:47 .
Injection added. Small code fixes.

[Zwei]

Approved

 

Screenies:

Spoiler

[Cloud]

Approved

Thank you

[laplace5]

looks cool ^^

[ilovesona]

plz put it to github

[Cloud]

plz put it to github

Good idea will do right now

[Cloud]

Uploaded to github

[ilovesona]

Uploaded to github

 

dat commit msg

[Cloud]

 

dat commit msg

Better then Inspired yet?

[ilovesona]

Better then Inspired yet?

asdf ?  keke 

[Cloud]

Best Answer

Injection of GoS base Make Sure to Run As Admin! (DO NOT USE THIS ON MAIN ACCOUNT! Injector does not pass the recommended security level of GoS normal Injection) (Credits to HVInjector creator) (will create my own secure version soon)

Small Code fixes.

Yes it auto injects whenever the LeagueOfLegends Client Spawns.

[0xfinndev]

You should add security features such as obfuscation, or process masking.

Note that the lua scripts don't need to be injected directly; they simply need to be compiled in the loader, through the GoS core.

[Cloud]

You should add security features such as obfuscation, or process masking.
Note that the lua scripts don't need to be injected directly; they simply need to be compiled in the loader, through the GoS core.

Obfuscation of the dll? Dll scrambling? As for the lua scripts, I have no clue where to start from on that but thanks for the help

[Hanndel]

Make an app for website

[Zwei]

Make an app for website

+1

[0xfinndev]

Obfuscation of the dll? Dll scrambling? As for the lua scripts, I have no clue where to start from on that but thanks for the help

For example, a different PID (this is done automatically by windows) and process name.

Obfuscating the assembly with something like confuser (or a free alternative; just make sure it's anti de4dot) would stop LoL from reading the strings or other data from the assembly if they DID get access to the process.

As for the lua, you can use NLUA (nlua.org) for bridging lua through .net. You should be able to load the lua script and compile it (while the dll is injected) through the injected API.

 

Here's an useful post I found:

 

 

 

First I'm taking the module and manually unlinking it from the linked lists, second I'm nulling out the entire LDR_MODULE structure (so its a lot harder to relink the module), then I'm nulling out the entire PE header of the module, and finally if the option is enabled (its optional becuase some game anti-cheat software doesn't like API hooks which is why I wrote the module cloaker) NT APIs for virtual memory management will be hooked to help prevent the reading of pages from the cloaked module (proven to work against World of Warcraft's anti-cheat software 'Warden').

I'm afraid I won't be able to tell you any more about API hooking, since my C++ is *cough* a bit *cough* rusty.

[Cloud]

For example, a different PID (this is done automatically by windows) and process name.

Obfuscating the assembly with something like confuser (or a free alternative; just make sure it's anti de4dot) would stop LoL from reading the strings or other data from the assembly if they DID get access to the process.

As for the lua, you can use NLUA (nlua.org) for bridging lua through .net. You should be able to load the lua script and compile it (while the dll is injected) through the injected API.

 

Here's an useful post I found:

I'm afraid I won't be able to tell you any more about API hooking, since my C++ is *cough* a bit *cough* rusty.

Thank you! I can manage of this much , thanks again.

[Cloud]

For example, a different PID (this is done automatically by windows) and process name.

Obfuscating the assembly with something like confuser (or a free alternative; just make sure it's anti de4dot) would stop LoL from reading the strings or other data from the assembly if they DID get access to the process.

As for the lua, you can use NLUA (nlua.org) for bridging lua through .net. You should be able to load the lua script and compile it (while the dll is injected) through the injected API.

 

Here's an useful post I found:

I'm afraid I won't be able to tell you any more about API hooking, since my C++ is *cough* a bit *cough* rusty.

Just went ingame with cheat engine to check somethings and it seems the GoS dll is already obfuscated nothing seemed to be "humanly" readable.

[Icesythe7]

Does this use new.dll? im assuming? 

[Cloud]

Does this use new.dll? im assuming? 

Yes, make sure you download it using the normal loader since i have no access to downloading new.dll