Glider is using shadow driver to protect there glider,
but does anyone know a good protection system for c#?
like a sort encryption in memory?
or just something like what Shadow driver does
or if you got tips please post it
Glider is using shadow driver to protect there glider,
but does anyone know a good protection system for c#?
like a sort encryption in memory?
or just something like what Shadow driver does
or if you got tips please post it
Thanks for that,
It could be usefull
but still this encrypt variables, but when you need to read it it get changed back, so probally they could detect it but thanks for the tip
Check out the book "Rootkits: Subverting the Windows Kernel". Pretty much any weaponsgrade protection you use is not going to be doable in c#. You're looking at writing device drivers in plain C with lots of poorly documented (or not documented at all!) structs and functions.
But i was wondering,
lets say i'm making a bot where does warden look at?
what does it try to read in the memory because memory reading is allowed though?
if i got another program with memory reading i get banned?
Want to make a bot but only for costum use not for releasing well atleast not yet
Yes but you can't run managed code as a driver. You can call APIs but you can't register your module into the windows kernel and hook the Ring0 functions needed to create a successful driver.
Calling APIs is different to running as a driver. (The whole point of running as a driver is that you get access to the kernel, you can't access the APIs you need from usermode so PInvoke won't help you.)
Currently warden looks inside its own memory space for changes that shouldn't be there. It doesn't enumerate windows or processes like it used to AFAIK.
If your program is just reading memory you should be safe. And if you keep it private then you'll have nothing to worry about.