Source code for some of these projects is available at https://bitbucket.org/Douggem just log in with the credentials given in the resume!
I reversedObRegisterCallbacks and the structures it creates in order to research a solution to Anti-cheat kernel modules protecting game processes. You can see the results here:
SKiDE is a script development tool targeted at Arma 3. It has common IDE features such as syntax highlighting and auto completion, but it also has some Arma specific features like enumeration of script threads and script variables. It will also, if connected to the game, show the value of variables in a script if the user hovers the mouse over the variable. SKiDE is still early in development but is already complete enough to be a very strong tool for script development as it offers the user a real-time glimpse into the execution of their scripts.
Peacekeeper is an application that acts as a radar for Real Virtuality games. It reads memory from the target game, finds and parses data structures in the game’s memory, and presents it to the user in the form of a map. It also allows a small degree of object manipulation, such as changing the user’s weapon properties. For example, the user can increase the damage his weapon does, eliminate the weapon’s recoil, or make his handgun shoot missiles.
Source available at https://bitbucket.org/Douggem/peacekeeper by logging in with the credentials included in the resume.
DayZ ‘Big’ Cheat
The ‘Big’ DayZ cheat is a DLL that is injected into the Arma2 process that displays information to the user and allows the user to manipulate game objects. The amount of things it enables the user to do is a very large list, it does everything from item spawning to instantly killing everyone in the game to throwing vehicles into the sky and making them rain down on your target.
Real Virtuality Assistant
The Real Virtuality Assistant (RVA) is a tool used to reverse engineer someone else’s script systems or debug your own in Real Virtuality games. The Real Virtuality engine does not give a mechanism to see currently executing script threads or easily look at script variables, so the RVA had to be created to give developers that functionality. It can also hide prepackaged addons from the game engine so that developers can use non-whitelisted addons on secured servers, and it also allows the user to terminate script threads which enables the user to disable anti-cheat systems that run in the script engine.
Source is available at https://bitbucket.org/Douggem/real-virtuality-assistant just use the login credentials included in the resume.
The Battleye interface was a Proof of Concept to allow the game’s script system or a server admin through use of a console to issue Battleye admin commands to the server without having the server’s admin credentials. This would allow script anti-cheat systems to kick and ban users automatically, a feature sorely lacking in current anti-cheat systems. The Battleye interface primarily did two things: it hooked the game’s console output to display information to the user, and it piped Battleye admin commands directly to the handling function in Battleye’s DLL, bypassing the authentication checks that one would have to pass to normally issue a command to Battleye.
DCryptor – https://bitbucket.org/Douggem/dcryptor
DCryptor is a windows PE encoding tool that I made for a computer security course. It’s very basic and was done as a learning exercise, but it was a very fun project!
What does it do?
- DCryptor takes the path to a Windows PE binary (.exe, .dll) and encodes it.
- It encodes the .text and .data sections and drops a stub in the last section of the file, expanding that last section and flagging it as executable
- For simplicity, it disables the address randomization bit of the PE Optional Header
- It changes the entry point to a stub which decodes the .text and .data section then jumps back to the original entry point
- It uses a simple XOR operation with an optionally turning key for encoding. It’s not a good solution for any real-world application!