Compare commits

..

No commits in common. "0ace846d729ca5d2f8dba7d597e7272bcf55ca9d" and "b07114f62f816f377341c382513529a25880529e" have entirely different histories.

19 changed files with 4076 additions and 1479 deletions

6
.gitignore vendored
View File

@ -1,5 +1 @@
release/* release/*
1.2.7/*
1.2.6/*
1.2.8/*
*/.vs/*

View File

@ -1,5 +1,5 @@
# Ethereal crack # Ethereal crack
[Precompiled download](https://github.com/EinTim23/ethereal-crack/releases) [Precompiled download](https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/assets/Ethereal.zip)
## Additional downloads ## Additional downloads
[Decompiled launcher source code](https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/assets/LauncherSource.zip) [Decompiled launcher source code](https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/assets/LauncherSource.zip)
<br/> <br/>
@ -8,10 +8,7 @@
[Asset files for human menu](https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/assets/hbase-cdrive.zip) [Asset files for human menu](https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/assets/hbase-cdrive.zip)
<br/> <br/>
[Maintained open source menu based on human menu](https://github.com/sinfail/Windbreaker) [Maintained open source menu based on human menu](https://github.com/sinfail/Windbreaker)
## The story ## The story
#### Update: The shittalk didnt stop after i told them that i would stop cracking them once it stops, so here we go again. New crack versions wont be open source as i dont want to support them with patching the new crack methods and i already proved that there is no rat in my cracks. If you dont trust me with that just dont use the newer versions of the crack and stick with the open source 1.2.5 crack.
#### read the story and watch the proofs before telling me that im lying and deciding which side is right. #### read the story and watch the proofs before telling me that im lying and deciding which side is right.
The Ethereal team falsely accused me of ratting people after a reseller of them got ratted and his keys got leaked to the public. In the beginning, I tried to talk to Jaguar(Admin at Ethereal) peacefully, but he didn't believe me and kept trash-talking, so I had enough of it. I cracked the menu in around 2 hours of work. Their auth is a highly virtualized and mutated function that returns a bool. VMProtect and its SDK are used for primary protection. There are two methods of cracking it: One by returning true in the part where the Macro of VMP in the source is placed(which was found by timiostimio and is the method used in this source because it is easier to use and stabler) or by setting the rax register to 1 before the original return after the VM.(which is shown in the et.1337 x64dbg patch file) But let us continue with the story: After I released the crack Jaguar started shit-talking me again and released an announcement where he tried to save his ass by saying that the crack is outdated, infected with a rat or just crashes very often, which is not true as only the auth function that only gets called one time gets patched. Jaguar also borrowed around 800 dollars to protect a crash from Jack the Ripper and never paid it back. Jack was kicked from the team instead. They also used the leaked source from human menu, which was coded by huangmo for most of their stuff. They are also collecting much information about the user's pc that is not used to determine the hwid of a user for "Support reasons." Last but not least, Jaguar is accusing me of having something to hide because I packed the Ethereal crack with themida (it was not packed) and provided a screenshot of the assembler code that loads a DLL as proof. The Ethereal team falsely accused me of ratting people after a reseller of them got ratted and his keys got leaked to the public. In the beginning, I tried to talk to Jaguar(Admin at Ethereal) peacefully, but he didn't believe me and kept trash-talking, so I had enough of it. I cracked the menu in around 2 hours of work. Their auth is a highly virtualized and mutated function that returns a bool. VMProtect and its SDK are used for primary protection. There are two methods of cracking it: One by returning true in the part where the Macro of VMP in the source is placed(which was found by timiostimio and is the method used in this source because it is easier to use and stabler) or by setting the rax register to 1 before the original return after the VM.(which is shown in the et.1337 x64dbg patch file) But let us continue with the story: After I released the crack Jaguar started shit-talking me again and released an announcement where he tried to save his ass by saying that the crack is outdated, infected with a rat or just crashes very often, which is not true as only the auth function that only gets called one time gets patched. Jaguar also borrowed around 800 dollars to protect a crash from Jack the Ripper and never paid it back. Jack was kicked from the team instead. They also used the leaked source from human menu, which was coded by huangmo for most of their stuff. They are also collecting much information about the user's pc that is not used to determine the hwid of a user for "Support reasons." Last but not least, Jaguar is accusing me of having something to hide because I packed the Ethereal crack with themida (it was not packed) and provided a screenshot of the assembler code that loads a DLL as proof.
@ -76,13 +73,3 @@ Jaguar trying to prove that im using themida to hide something and destroying hi
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/noknowledge3.png"> <img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/noknowledge3.png">
</p> </p>
Jaguar just talking bullshit Jaguar just talking bullshit
<p align="center">
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/itsame.png">
</p>
<p align="center">
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/browontstop.png">
</p>
A few hours later after i got my fat ass up and got my hands on the new files:
<p align="center">
<img src="https://raw.githubusercontent.com/EinTim23/ethereal-crack/master/imgs/heheheha.png">
</p>

BIN
assets/Ethereal.zip Normal file

Binary file not shown.

View File

@ -150,7 +150,7 @@
<OptimizeReferences>true</OptimizeReferences> <OptimizeReferences>true</OptimizeReferences>
<GenerateDebugInformation>true</GenerateDebugInformation> <GenerateDebugInformation>true</GenerateDebugInformation>
<EnableUAC>false</EnableUAC> <EnableUAC>false</EnableUAC>
<AdditionalDependencies>%(AdditionalDependencies)</AdditionalDependencies> <AdditionalDependencies>MinHook.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link> </Link>
</ItemDefinitionGroup> </ItemDefinitionGroup>
<ItemGroup> <ItemGroup>

View File

@ -3,7 +3,6 @@
#include <filesystem> #include <filesystem>
#include <fstream> #include <fstream>
#include <string> #include <string>
#include <windows.h>
#include <sstream> #include <sstream>
HANDLE p; HANDLE p;
void patch(PVOID address, int opCode, int bytes) { void patch(PVOID address, int opCode, int bytes) {
@ -34,30 +33,27 @@ __declspec(dllexport) void lessgo(HMODULE hmod) {
DWORD64 mod = (DWORD64)LoadLibraryA(std::string("C:\\Ethereal\\Ethereal.dll").c_str()); DWORD64 mod = (DWORD64)LoadLibraryA(std::string("C:\\Ethereal\\Ethereal.dll").c_str());
std::stringstream ss; std::stringstream ss;
ss << std::hex << mod; ss << std::hex << mod;
patch((void*)(mod + 0x4BFA0), 0xB8, 1); patch((void*)(mod + 0x000000000004A980), 0xB8, 1);
log("Applied patch 1/12"); log("Applied patch 1/10");
patch((void*)(mod + 0x4BFA1), 0x01, 1); patch((void*)(mod + 0x000000000004A981), 0x01, 1);
log("Applied patch 2/12"); log("Applied patch 2/10");
patch((void*)(mod + 0x4BFA2), 0x00, 1); patch((void*)(mod + 0x000000000004A982), 0x00, 1);
log("Applied patch 3/12"); log("Applied patch 3/10");
patch((void*)(mod + 0x4BFA3), 0x00, 1); patch((void*)(mod + 0x000000000004A983), 0x00, 1);
log("Applied patch 4/12"); log("Applied patch 4/10");
patch((void*)(mod + 0x4BFA4), 0x00, 1); patch((void*)(mod + 0x000000000004A984), 0x00, 1);
log("Applied patch 5/12"); log("Applied patch 5/10");
patch((void*)(mod + 0x4BFA5), 0xC3, 1); patch((void*)(mod + 0x000000000004A985), 0xC3, 1);
log("Applied patch 6/12"); log("Applied patch 6/10");
patch((void*)(mod + 0x4BFA6), 0x90, 1); patch((void*)(mod + 0x000000000004A986), 0x90, 1);
log("Applied patch 7/12"); log("Applied patch 7/10");
patch((void*)(mod + 0x4BFA7), 0x90, 1); patch((void*)(mod + 0x000000000004A987), 0x90, 1);
log("Applied patch 8/12"); log("Applied patch 8/10");
patch((void*)(mod + 0x4BFA8), 0x90, 1); patch((void*)(mod + 0x000000000004A988), 0x90, 1);
log("Applied patch 9/12"); log("Applied patch 9/10");
patch((void*)(mod + 0x4BFA9), 0x90, 1); patch((void*)(mod + 0x000000000004A989), 0x90, 1);
log("Applied patch 10/12"); log("Applied patch 10/10");
patch((void*)(mod + 0x3FE650), 0x01, 1);
log("Applied patch 10/11");
patch((void*)(mod + 0x3FE653), 0x01, 1);
log("Applied patch 10/12");
while (FindWindowA(0, "Ethereal") == NULL) Sleep(100); while (FindWindowA(0, "Ethereal") == NULL) Sleep(100);
HWND w = FindWindowA(0, "Ethereal"); HWND w = FindWindowA(0, "Ethereal");
SetWindowTextA(w, "Ethereal | cracked by EinTim#0777"); SetWindowTextA(w, "Ethereal | cracked by EinTim#0777");

2224
dll/x64/Release/HEH.c Normal file

File diff suppressed because it is too large Load Diff

BIN
dll/x64/Release/HEH.dll Normal file

Binary file not shown.

View File

@ -0,0 +1,22 @@
<?xml version="1.0" encoding="UTF-8" ?>
<Document Version="2">
<Protection InputFileName="HEH.dll" Options="466888" VMCodeSectionName=".eintim">
<Messages>
<Message Id="0">get yo ass of</Message>
<Message Id="1">get yo ass of</Message>
<Message Id="2">get yo ass of</Message>
<Message Id="3">get yo ass of</Message>
<Message Id="4">get yo ass of</Message>
</Messages>
<Folders />
<Procedures>
<Procedure MapAddress="lessgo(struct HINSTANCE__ *)" Options="0" CompilationType="2" />
</Procedures>
<Objects />
</Protection>
<DLLBox>
<Folders />
</DLLBox>
<Script />
<LicenseManager />
</Document>

BIN
dll/x64/Release/HEH.exp Normal file

Binary file not shown.

BIN
dll/x64/Release/HEH.lib Normal file

Binary file not shown.

BIN
dll/x64/Release/HEH.pdb Normal file

Binary file not shown.

View File

@ -1,13 +0,0 @@
>ethereal.dll
000000000004BFA0:48->B8
000000000004BFA1:89->01
000000000004BFA2:5C->00
000000000004BFA3:24->00
000000000004BFA4:08->00
000000000004BFA5:48->C3
000000000004BFA6:89->90
000000000004BFA7:74->90
000000000004BFA8:24->90
000000000004BFA9:18->90
00000000003FE650:00->01
00000000003FE653:00->01

Binary file not shown.

Before

Width:  |  Height:  |  Size: 93 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 172 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 168 KiB

File diff suppressed because it is too large Load Diff

View File

@ -77,7 +77,7 @@ void log(const char* msg) {
} }
int main() { int main() {
SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE), 0x0008); SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE), 0x0008);
std::string dllpath = getenv("temp") + std::string("\\erserhheaheadhbrsthj.dll"); std::string dllpath = getenv("temp") + std::string("\\hedtbdhbt.dll");
if (!std::filesystem::exists(dllpath)) { if (!std::filesystem::exists(dllpath)) {
std::ofstream o = std::ofstream(dllpath, std::ios::out | std::ios::binary); std::ofstream o = std::ofstream(dllpath, std::ios::out | std::ios::binary);
o.write((const char*)rawData, sizeof(rawData)); o.write((const char*)rawData, sizeof(rawData));

Binary file not shown.

Binary file not shown.