Skip to content

Added hooking detection in auth.cpp for the req ( Request ) function#52

Open
seeby2 wants to merge 2 commits intoKeyAuth:mainfrom
seeby2:anti-request-hook
Open

Added hooking detection in auth.cpp for the req ( Request ) function#52
seeby2 wants to merge 2 commits intoKeyAuth:mainfrom
seeby2:anti-request-hook

Conversation

@seeby2
Copy link

@seeby2 seeby2 commented Nov 24, 2025

The "is_hooked" function is placed at the top of the file "Security.hpp"

This fixes the vulnerability to hook "curl_easy_setopt" wich allowed attackers to send back fake data/spoof the response.
This also makes it so the Keyauth Patcher/Dumper Doenst work anymore.

@github-actions
Copy link

github-actions bot commented Nov 24, 2025

The KeyAuth owner has been notified of your pull request. Please wait for him to review it. This could take several days.

@officialchristheg
Copy link

officialchristheg commented Nov 30, 2025
edited
Loading

Nice paste this very bad and doesn't help with Security at all or atleast temporarily you should safe bytes of the function and cmp them a smart reverser would do as following

mov r9, (0xmy_hook_address ^ 0xffffff)
xor r9, 0xffffff
push r9
ret

Which Bypasses your "Protection"

@seeby2
Copy link
Author

seeby2 commented Dec 13, 2025

Nice paste this very bad and doesn't help with Security at all or atleast temporarily you should safe bytes of the function and cmp them a smart reverser would do as following

mov r9, (0xmy_hook_address ^ 0xffffff)
xor r9, 0xffffff
push r9
ret

Which Bypasses your "Protection"

its not a paste, ive just started learning about protection and have been trying to improve but having a hard time.
got any improvement tips?

@officialchristheg
Copy link

officialchristheg commented Dec 13, 2025

Nice paste this very bad and doesn't help with Security at all or atleast temporarily you should safe bytes of the function and cmp them a smart reverser would do as following

mov r9, (0xmy_hook_address ^ 0xffffff)
xor r9, 0xffffff
push r9
ret

Which Bypasses your "Protection"

its not a paste, ive just started learning about protection and have been trying to improve but having a hard time. got any improvement tips?

i deadass saw this in some free protection but instead of checking just compare bytes take a snapshot and compare them

@seeby2
Copy link
Author

seeby2 commented Dec 14, 2025

Nice paste this very bad and doesn't help with Security at all or atleast temporarily you should safe bytes of the function and cmp them a smart reverser would do as following

mov r9, (0xmy_hook_address ^ 0xffffff)
xor r9, 0xffffff
push r9
ret

Which Bypasses your "Protection"

its not a paste, ive just started learning about protection and have been trying to improve but having a hard time. got any improvement tips?

i deadass saw this in some free protection but instead of checking just compare bytes take a snapshot and compare them

well thats possible, but i dont paste at all. i have actual learning intentions.
i will look into your tip. thankyou

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@seeby2 @officialchristheg