January 20, 2015

[Makes detected hacks undetected] Simple PE Cipher

Watch us Live Stream playing Crossfire and CSGO on YouTube
We do Live Game play everyday, Subscribe to our you tube channel

I was talking to Bombsaway a few days ago and he was saying that the old method of ciphering a file (pumping shit onto the end of the file) no longer works with CA.

It just so happens I was bored at the time so I wrote this simple little cipher. Basically it just manipulates a few values within the PE structure and also rewrites some data into the .text section.

This, unlike the older ciphers, should work to fool Nexon's hash logic. Using it is pretty straightforward: Download the .zip and extract it Run "Simple PE Cipher.exe" Press the browse button to locate your Dll Press "Run Cipher", if all goes as expected you should see a "Cipher Completed Successfully" message box appear. Inject the .dll.

 A backup of the original .dll is also created (with a .bak extension) in the same directory as the ciphered dll so you can revert at any time if something goes wrong. - See more at:

If you have any issues with it, please feel free to PM me or post in the thread, I'll do my best to rectify the issues.

No idea why this had those two scanners report a backdoor to be honest. Perhaps because I'm using some I/O API, dunno. Anyways, enjoy, and report back with results.

Download Now


Post a Comment