Back to General and Gameplay Programming

How fraps bypasses x-trap?

General and Gameplay Programming Programming

Started by WerWoolf September 04, 2013 08:23 PM

13 comments, last by WerWoolf 10 years, 7 months ago

WerWoolf

129

Author

September 04, 2013 08:23 PM

Greetings. I am writing a program to capture video from directx applications. But the x-trap (anti-cheat) blocking my app. How can i bypass x-trap?

Thanks.

Zaoshi Kaba

8,470

September 04, 2013 09:12 PM

It's probably the opposite - XTrap allows Fraps to work.

Bacterius

13,181

September 05, 2013 02:41 AM

It's probably the opposite - XTrap allows Fraps to work.

So the question becomes, can another application pass itself off as Fraps, and how?

“If I understand the standard right it is legal and safe to do this but the resulting value could be anything.”

Matias Goldberg

9,637

September 05, 2013 04:19 AM

It's probably the opposite - XTrap allows Fraps to work.

So the question becomes, can another application pass itself off as Fraps, and how?

I'd change the process name to fraps.exe and try (remember the quack fiasco)

Anti cheat systems can be bypassed. How? Well, cracker communities have much more experience on that field, but it isn't straightforward nor elegant.

Twitter: @matiasgoldberg

Distant Souls ? Alliance AirWar ? My Free Royalty-Free Music Library

WerWoolf

129

Author

September 08, 2013 06:35 AM

I learned that the x-trap scans memory modifications in the process. How can I hide it?

rip-off

11,000

September 08, 2013 12:06 PM

Why do you need to modify memory?

It sounds like you are trying to build a hack for a game. This is a community for people who make games, you probably won't find many people here interested in helping you break someone else's game.

blog | twitter

WerWoolf

129

Author

September 08, 2013 12:37 PM

I writing program for capturing video from DirectX applications. An i set hook ( jmp method ) to IDirect3DDevice9::Present(). This method modifing memory in the process.

Bacterius

13,181

September 08, 2013 07:08 PM

Why do you need to modify memory?

It sounds like you are trying to build a hack for a game. This is a community for people who make games, you probably won't find many people here interested in helping you break someone else's game.

The typical approach to efficiency capture D3D applications is to hook into their presentation loop and save the backbuffer somewhere.

“If I understand the standard right it is legal and safe to do this but the resulting value could be anything.”

WerWoolf

129

Author

September 08, 2013 10:34 PM

Why do you need to modify memory?

It sounds like you are trying to build a hack for a game. This is a community for people who make games, you probably won't find many people here interested in helping you break someone else's game.

The typical approach to efficiency capture D3D applications is to hook into their presentation loop and save the backbuffer somewhere.

Yes, but i need modify memory to set hook.

L. Spiro

25,818

September 10, 2013 06:08 AM

Bypassing X-Trap is non-trivial, but there are a few ways.

Assuming the target of your client is a game protected by X-Trap, one way is to write a kernel driver that hooks SwapContext() so that when any thread belonging to X-Trap is started you set back the memory you modified (or vise-versa—when the game’s thread is activated you set the modified memory back, and put the original back when it is deactivated).

Or you could just take a screenshot without modifying the game’s memory…

http://msdn.microsoft.com/en-us/library/dd144947%28VS.85%29.aspx

http://msdn.microsoft.com/en-us/library/dd183370%28VS.85%29.aspx

L. Spiro

I restore Nintendo 64 video-game OST’s into HD! https://www.youtube.com/channel/UCCtX_wedtZ5BoyQBXEhnVZw/playlists?view=1&sort=lad&flow=grid