Athix Launcher - Detection circumvention

[Seifer]

Athix Launcher - 0.0.1.55 - By Seifer and Duke / Athix.in

This is an exclusive release, it's coded by me and a friend of mine, and contains no keyloggers/viruses or any malware whatsoever.

The purpose of this Launcher is to replace the default WoW Launcher, and automatically work around the World of Warcraft start-up scan, which can possibly detect your glider or any other WoW hack/bot.

This entire project is written in Visual Basic 2008, and requires you to have to Microsoft .NET Framework 3.5.

The Application

First of all, here is an impression of the launcher file. It's only 663 KB in size, and very memory-efficient.


You can see two main functions in the easy-to-use interface: Scan hack, and Shadow injection. I'll explain these two functions.

Scan Hack
The Scan hack allows you to one-click prevent WoW from scanning on startup. We have created a custom scanner which will be ran, but doesn't detect anything. Instead, it defines some default coding variables, which isn't exactly what Blizzard wants it's scanner to do.

Shadow injection
The shadow injection is to prevent detection of the launcher by WoW.
Since Warden scans for application instances and window names, the shadow injection option allows you to hide these, while still having the benefit of the launcher. This way you will not be caught by Blizzard's anti-cheating system.

What is Athix Framework?
Athix Framework is the code our applications are built around. A small part of this framework has been included in this package.

What are it's limitations?
Right now, in the release candidate one edition, there are a few limitations, which we will have fixed in the upcoming update of the launcher. Known bugs/errors right now are:

• The launcher can only launch WoW from it's default directory. The registry scanner for the path is currently not functional.
• The launcher may boot WoW twice, or even thrice in high exception.
• The launcher may malfunction when the 'about' button is pressed. This, however, does not affect the functionality of the application.

We're working on these bugs, and will have them fixed in the next, stable release!

Please leave some feedback, and post any bugs/errors you may find.

And, as always with these '3rd party' tools: use at your own risk!

Available downloads:
Download Athix Launcher with setup.
Download Athix launcher .zip archive, without setup.

Originally released here.

[GanjalfTheGreen]

virus scan picture please

[Seifer]

Here you go:



I will release the source on a later point as well.

[trampy10]

erm.. cant you just delete/rename Scan.dll?

[Seifer]

erm.. cant you just delete/rename Scan.dll?

Yes, but this is an easier, and more efficient way of doing it.
Deleting the Scan.dll file will return false on a filecheck, with this you're safe.

[r00tman]

private void CmdStart_Click(object sender, EventArgs e)
{
Interaction.Shell(@"C:\Program Files\World of Warcraft\Wow.exe", AppWinStyle.MinimizedFocus, false, -1);
if (this.ScanHack.Checked)
{
Interaction.Shell("copylib.exe", AppWinStyle.MinimizedFocus, false, -1);
}
if (this.Shadow.Checked)
{
this.Close();
}

}
thats a joke?^^

[1337asusual]

I'm not at my computer so I can't check if this works or not, I hope it does though.

[1337asusual]

how do we know it works or not?

[Seifer]

private void CmdStart_Click(object sender, EventArgs e)
{
Interaction.Shell(@"C:Program FilesWorld of WarcraftWow.exe", AppWinStyle.MinimizedFocus, false, -1);
if (this.ScanHack.Checked)
{
Interaction.Shell("copylib.exe", AppWinStyle.MinimizedFocus, false, -1);
}
if (this.Shadow.Checked)
{
this.Close();
}

}
thats a joke?^^

The Visual Basic file you decompiled is only the interface.

[r00tman]

yeah but Interaction.Shell(@"C:Program FilesWorld of WarcraftWow.exe", AppWinStyle.MinimizedFocus, false, -1);

if (this.Shadow.Checked)
{
this.Close();
}

is a joke

[1337asusual]

so does it work or not?

[jillin]

See the end of this message for details on invoking
just-in-time (JIT) debugging instead of this dialog box.

************** Exception Text **************
System.IO.FileNotFoundException: File not found.
at Microsoft.VisualBasic.Interaction.Shell(String PathName, AppWinStyle Style, Boolean Wait, Int32 Timeout)
at AthixFramework.Form1.CmdStart_Click(Object sender, EventArgs e)
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)


************** Loaded Assemblies **************
mscorlib
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.1433 (REDBITS.050727-1400)
CodeBase: file:///C:/WINDOWS/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
AthixFramework
Assembly Version: 0.0.1.55
Win32 Version: 0.0.1.55
CodeBase: file:///E:/Program%20Files/World%20of%20Warcraft/Launcher.exe
----------------------------------------
Microsoft.VisualBasic
Assembly Version: 8.0.0.0
Win32 Version: 8.0.50727.1433 (REDBITS.050727-1400)
CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/Microsoft.VisualBasic/8.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll
----------------------------------------
System.Windows.Forms
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.1433 (REDBITS.050727-1400)
CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.1433 (REDBITS.050727-1400)
CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Drawing
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.1433 (REDBITS.050727-1400)
CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Runtime.Remoting
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.1433 (REDBITS.050727-1400)
CodeBase: file:///C:/WINDOWS/assembly/GAC_MSIL/System.Runtime.Remoting/2.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll
----------------------------------------

************** JIT Debugging **************
To enable just-in-time (JIT) debugging, the .config file for this
application or computer (machine.config) must have the
jitDebugging value set in the system.windows.forms section.
The application must also be compiled with debugging
enabled.

For example:

<configuration>
<system.windows.forms jitDebugging="true" />
</configuration>

When JIT debugging is enabled, any unhandled exception
will be sent to the JIT debugger registered on the computer
rather than be handled by this dialog box.


doesnt work

[r00tman]

cuz Interaction.Shell(@"C:Program FilesWorld of WarcraftWow.exe", AppWinStyle.MinimizedFocus, false, -1); read the registry....
u made my day: Shadow Injection: this.Close();

I mean what a perfect "Injection" solution

[1337asusual]

so this doesn't work....?!

[r00tman]

not rly ^^