Valorant Vgc Bypass

med6sa · 28 May 2025

Arkadaşlar selamlar kernel koda biraz daha vakit ayırıp daha iyi bir yapı oluşturdum bu diğer basic koda göre biraz daha gelişmiş bir kod tabiki üstüne eklemeler yapılabilir.

#include <ntddk.h>
#include <intrin.h>

#define TARGET_PROCESS L"vgc.exe"
#define TARGET_DRIVER L"vgk.sys"

VOID DisableWriteProtection() {
__writecr0(__readcr0() & ~(1 << 16));
}

VOID EnableWriteProtection() {
__writecr0(__readcr0() | (1 << 16));
}

VOID PatchEtw() {
UNICODE_STRING EtwString;
RtlInitUnicodeString(&EtwString, L"EtwEventWrite");
PVOID* EtwEventWrite = (PVOID*)MmGetSystemRoutineAddress(&EtwString);
if (EtwEventWrite) {
DisableWriteProtection();
*EtwEventWrite = NULL;
EnableWriteProtection();
DbgPrint("[KERNEL] ETW Bypass Aktif!\n");
}
}

VOID SpoofHWID() {
UNICODE_STRING DiskDriver, NetworkDriver, GPUDriver;
RtlInitUnicodeString(&DiskDriver, L"\Driver\disk");
RtlInitUnicodeString(&NetworkDriver, L"\Driver\ndis");
RtlInitUnicodeString(&GPUDriver, L"\Driver\nvlddmkm");
PDRIVER_OBJECT pDriverObject;

if (NT_SUCCESS(ObReferenceObjectByName(&DiskDriver, OBJ_CASE_INSENSITIVE, NULL, 0, *IoDriverObjectType, KernelMode, NULL, &pDriverObject))) {
DisableWriteProtection();
pDriverObject->DriverUnload = NULL;
EnableWriteProtection();
DbgPrint("[KERNEL] HWID Spoof Aktif! (Disk)\n");
}

if (NT_SUCCESS(ObReferenceObjectByName(&NetworkDriver, OBJ_CASE_INSENSITIVE, NULL, 0, *IoDriverObjectType, KernelMode, NULL, &pDriverObject))) {
DisableWriteProtection();
pDriverObject->DriverUnload = NULL;
EnableWriteProtection();
DbgPrint("[KERNEL] HWID Spoof Aktif! (MAC)\n");
}

if (NT_SUCCESS(ObReferenceObjectByName(&GPUDriver, OBJ_CASE_INSENSITIVE, NULL, 0, *IoDriverObjectType, KernelMode, NULL, &pDriverObject))) {
DisableWriteProtection();
pDriverObject->DriverUnload = NULL;
EnableWriteProtection();
DbgPrint("[KERNEL] HWID Spoof Aktif! (GPU)\n");
}
}

VOID SpoofSMBIOS() {
PUCHAR SmbiosTable = (PUCHAR)__readmsr(0x174);
if (SmbiosTable) {
DisableWriteProtection();
RtlFillMemory(SmbiosTable, 64, 0xFF); // Fake serial number
EnableWriteProtection();
DbgPrint("[KERNEL] SMBIOS Spoof Aktif!\n");
}
}

VOID PatchHypervisor() {
__writemsr(0xC0000082, 0); // MSR Hook Bypass
DbgPrint("[KERNEL] Hypervisor Bypass Aktif!\n");
}

VOID RemoveVGK() {
UNICODE_STRING VGKService;
RtlInitUnicodeString(&VGKService, L"\Registry\Machine\System\CurrentControlSet\Services\vgk");
ZwDeleteKey(VGKService);
DbgPrint("[KERNEL] VGK Servis Kaldırıldı!\n");
}

VOID UnloadDriver(PDRIVER_OBJECT DriverObject) {
UNREFERENCED_PARAMETER(DriverObject);
DbgPrint("[KERNEL] Bypass Driver Unloaded!\n");
}

NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) {
UNREFERENCED_PARAMETER(RegistryPath);
DriverObject->DriverUnload = UnloadDriver;

PatchEtw();
SpoofHWID();
SpoofSMBIOS();
PatchHypervisor();
RemoveVGK();

return STATUS_SUCCESS;
}

ffrk4n · 28 May 2025

med6sa' Alıntı:
Arkadaşlar selamlar kernel koda biraz daha vakit ayırıp daha iyi bir yapı oluşturdum bu diğer basic koda göre biraz daha gelişmiş bir kod tabiki üstüne eklemeler yapılabilir.

#include <ntddk.h>
#include <intrin.h>

#define TARGET_PROCESS L"vgc.exe"
#define TARGET_DRIVER L"vgk.sys"

VOID DisableWriteProtection() {
__writecr0(__readcr0() & ~(1 << 16));
}

VOID EnableWriteProtection() {
__writecr0(__readcr0() | (1 << 16));
}

VOID PatchEtw() {
UNICODE_STRING EtwString;
RtlInitUnicodeString(&EtwString, L"EtwEventWrite");
PVOID* EtwEventWrite = (PVOID*)MmGetSystemRoutineAddress(&EtwString);
if (EtwEventWrite) {
DisableWriteProtection();
*EtwEventWrite = NULL;
EnableWriteProtection();
DbgPrint("[KERNEL] ETW Bypass Aktif!\n");
}
}

VOID SpoofHWID() {
UNICODE_STRING DiskDriver, NetworkDriver, GPUDriver;
RtlInitUnicodeString(&DiskDriver, L"\Driver\disk");
RtlInitUnicodeString(&NetworkDriver, L"\Driver\ndis");
RtlInitUnicodeString(&GPUDriver, L"\Driver\nvlddmkm");
PDRIVER_OBJECT pDriverObject;

if (NT_SUCCESS(ObReferenceObjectByName(&DiskDriver, OBJ_CASE_INSENSITIVE, NULL, 0, *IoDriverObjectType, KernelMode, NULL, &pDriverObject))) {
DisableWriteProtection();
pDriverObject->DriverUnload = NULL;
EnableWriteProtection();
DbgPrint("[KERNEL] HWID Spoof Aktif! (Disk)\n");
}

if (NT_SUCCESS(ObReferenceObjectByName(&NetworkDriver, OBJ_CASE_INSENSITIVE, NULL, 0, *IoDriverObjectType, KernelMode, NULL, &pDriverObject))) {
DisableWriteProtection();
pDriverObject->DriverUnload = NULL;
EnableWriteProtection();
DbgPrint("[KERNEL] HWID Spoof Aktif! (MAC)\n");
}

if (NT_SUCCESS(ObReferenceObjectByName(&GPUDriver, OBJ_CASE_INSENSITIVE, NULL, 0, *IoDriverObjectType, KernelMode, NULL, &pDriverObject))) {
DisableWriteProtection();
pDriverObject->DriverUnload = NULL;
EnableWriteProtection();
DbgPrint("[KERNEL] HWID Spoof Aktif! (GPU)\n");
}
}

VOID SpoofSMBIOS() {
PUCHAR SmbiosTable = (PUCHAR)__readmsr(0x174);
if (SmbiosTable) {
DisableWriteProtection();
RtlFillMemory(SmbiosTable, 64, 0xFF); // Fake serial number
EnableWriteProtection();
DbgPrint("[KERNEL] SMBIOS Spoof Aktif!\n");
}
}

VOID PatchHypervisor() {
__writemsr(0xC0000082, 0); // MSR Hook Bypass
DbgPrint("[KERNEL] Hypervisor Bypass Aktif!\n");
}

VOID RemoveVGK() {
UNICODE_STRING VGKService;
RtlInitUnicodeString(&VGKService, L"\Registry\Machine\System\CurrentControlSet\Services\vgk");
ZwDeleteKey(VGKService);
DbgPrint("[KERNEL] VGK Servis Kaldırıldı!\n");
}

VOID UnloadDriver(PDRIVER_OBJECT DriverObject) {
UNREFERENCED_PARAMETER(DriverObject);
DbgPrint("[KERNEL] Bypass Driver Unloaded!\n");
}

NTSTATUS DriverEntry(PDRIVER_OBJECT DriverObject, PUNICODE_STRING RegistryPath) {
UNREFERENCED_PARAMETER(RegistryPath);
DriverObject->DriverUnload = UnloadDriver;

PatchEtw();
SpoofHWID();
SpoofSMBIOS();
PatchHypervisor();
RemoveVGK();

return STATUS_SUCCESS;
}

elinesaglik

ffrk4n · 28 May 2025

eline saglik

med6sa · 28 May 2025

ffrk4n' Alıntı:
eline saglik

eyvllah kardeşim işini gördüyse ne mutlu bize

ErenKA24 · 29 May 2025

Reis bunu nasıl çalıştıracağız

med6sa · 30 May 2025

ErenKA24' Alıntı:
Reis bunu nasıl çalıştıracağız

tg @gizlemek yazarsan yardımcı olayım

Valorant Vgc Bypass

About Us & Legal Notice