├── NO_ACESS Protect.sln
├── NO_ACESS Protect
    ├── NO_ACESS Protect.sln
    ├── NO_ACESS Protect.vcxproj
    ├── NO_ACESS Protect.vcxproj.filters
    ├── NO_ACESS Protect.vcxproj.user
    ├── main.cpp
    ├── protect.cpp
    └── protect.h
└── README.md


/NO_ACESS Protect.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 12.00
 3 | # Visual Studio Version 16
 4 | VisualStudioVersion = 16.0.31729.503
 5 | MinimumVisualStudioVersion = 10.0.40219.1
 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "NO_ACESS Protect", "NO_ACESS Protect\NO_ACESS Protect.vcxproj", "{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}"
 7 | EndProject
 8 | Global
 9 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | 		Debug|x64 = Debug|x64
11 | 		Debug|x86 = Debug|x86
12 | 		Release|x64 = Release|x64
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Debug|x64.ActiveCfg = Debug|x64
17 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Debug|x64.Build.0 = Debug|x64
18 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Debug|x86.ActiveCfg = Debug|Win32
19 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Debug|x86.Build.0 = Debug|Win32
20 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Release|x64.ActiveCfg = Release|x64
21 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Release|x64.Build.0 = Release|x64
22 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Release|x86.ActiveCfg = Release|Win32
23 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Release|x86.Build.0 = Release|Win32
24 | 	EndGlobalSection
25 | 	GlobalSection(SolutionProperties) = preSolution
26 | 		HideSolutionNode = FALSE
27 | 	EndGlobalSection
28 | 	GlobalSection(ExtensibilityGlobals) = postSolution
29 | 		SolutionGuid = {B6F7060D-B896-4850-912C-32B6C17AFBC1}
30 | 	EndGlobalSection
31 | EndGlobal
32 | 


--------------------------------------------------------------------------------
/NO_ACESS Protect/NO_ACESS Protect.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 12.00
 3 | # Visual Studio Version 16
 4 | VisualStudioVersion = 16.0.31729.503
 5 | MinimumVisualStudioVersion = 10.0.40219.1
 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "NO_ACESS Protect", "NO_ACESS Protect\NO_ACESS Protect.vcxproj", "{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}"
 7 | EndProject
 8 | Global
 9 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | 		Debug|x64 = Debug|x64
11 | 		Debug|x86 = Debug|x86
12 | 		Release|x64 = Release|x64
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Debug|x64.ActiveCfg = Debug|x64
17 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Debug|x64.Build.0 = Debug|x64
18 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Debug|x86.ActiveCfg = Debug|Win32
19 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Debug|x86.Build.0 = Debug|Win32
20 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Release|x64.ActiveCfg = Release|x64
21 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Release|x64.Build.0 = Release|x64
22 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Release|x86.ActiveCfg = Release|Win32
23 | 		{3D446505-97BA-4EFF-ABD1-D51559CAE0BA}.Release|x86.Build.0 = Release|Win32
24 | 	EndGlobalSection
25 | 	GlobalSection(SolutionProperties) = preSolution
26 | 		HideSolutionNode = FALSE
27 | 	EndGlobalSection
28 | 	GlobalSection(ExtensibilityGlobals) = postSolution
29 | 		SolutionGuid = {B6F7060D-B896-4850-912C-32B6C17AFBC1}
30 | 	EndGlobalSection
31 | EndGlobal
32 | 


--------------------------------------------------------------------------------
/NO_ACESS Protect/NO_ACESS Protect.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <VCProjectVersion>16.0</VCProjectVersion>
 23 |     <Keyword>Win32Proj</Keyword>
 24 |     <ProjectGuid>{3d446505-97ba-4eff-abd1-d51559cae0ba}</ProjectGuid>
 25 |     <RootNamespace>NOACESSProtect</RootNamespace>
 26 |     <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
 27 |   </PropertyGroup>
 28 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 29 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 30 |     <ConfigurationType>Application</ConfigurationType>
 31 |     <UseDebugLibraries>true</UseDebugLibraries>
 32 |     <PlatformToolset>v142</PlatformToolset>
 33 |     <CharacterSet>Unicode</CharacterSet>
 34 |   </PropertyGroup>
 35 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 36 |     <ConfigurationType>Application</ConfigurationType>
 37 |     <UseDebugLibraries>false</UseDebugLibraries>
 38 |     <PlatformToolset>v142</PlatformToolset>
 39 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 40 |     <CharacterSet>Unicode</CharacterSet>
 41 |   </PropertyGroup>
 42 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 43 |     <ConfigurationType>Application</ConfigurationType>
 44 |     <UseDebugLibraries>true</UseDebugLibraries>
 45 |     <PlatformToolset>v142</PlatformToolset>
 46 |     <CharacterSet>Unicode</CharacterSet>
 47 |   </PropertyGroup>
 48 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 49 |     <ConfigurationType>Application</ConfigurationType>
 50 |     <UseDebugLibraries>false</UseDebugLibraries>
 51 |     <PlatformToolset>v142</PlatformToolset>
 52 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 53 |     <CharacterSet>Unicode</CharacterSet>
 54 |   </PropertyGroup>
 55 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 56 |   <ImportGroup Label="ExtensionSettings">
 57 |   </ImportGroup>
 58 |   <ImportGroup Label="Shared">
 59 |   </ImportGroup>
 60 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 61 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 62 |   </ImportGroup>
 63 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 64 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 65 |   </ImportGroup>
 66 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 67 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 68 |   </ImportGroup>
 69 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 70 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 71 |   </ImportGroup>
 72 |   <PropertyGroup Label="UserMacros" />
 73 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 74 |     <LinkIncremental>true</LinkIncremental>
 75 |   </PropertyGroup>
 76 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 77 |     <LinkIncremental>false</LinkIncremental>
 78 |   </PropertyGroup>
 79 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 80 |     <LinkIncremental>true</LinkIncremental>
 81 |   </PropertyGroup>
 82 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 83 |     <LinkIncremental>false</LinkIncremental>
 84 |   </PropertyGroup>
 85 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 86 |     <ClCompile>
 87 |       <WarningLevel>Level3</WarningLevel>
 88 |       <SDLCheck>true</SDLCheck>
 89 |       <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 90 |       <ConformanceMode>true</ConformanceMode>
 91 |     </ClCompile>
 92 |     <Link>
 93 |       <SubSystem>Console</SubSystem>
 94 |       <GenerateDebugInformation>true</GenerateDebugInformation>
 95 |     </Link>
 96 |   </ItemDefinitionGroup>
 97 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 98 |     <ClCompile>
 99 |       <WarningLevel>Level3</WarningLevel>
100 |       <FunctionLevelLinking>true</FunctionLevelLinking>
101 |       <IntrinsicFunctions>true</IntrinsicFunctions>
102 |       <SDLCheck>true</SDLCheck>
103 |       <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
104 |       <ConformanceMode>true</ConformanceMode>
105 |     </ClCompile>
106 |     <Link>
107 |       <SubSystem>Console</SubSystem>
108 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
109 |       <OptimizeReferences>true</OptimizeReferences>
110 |       <GenerateDebugInformation>true</GenerateDebugInformation>
111 |     </Link>
112 |   </ItemDefinitionGroup>
113 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
114 |     <ClCompile>
115 |       <WarningLevel>Level3</WarningLevel>
116 |       <SDLCheck>true</SDLCheck>
117 |       <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
118 |       <ConformanceMode>true</ConformanceMode>
119 |     </ClCompile>
120 |     <Link>
121 |       <SubSystem>Console</SubSystem>
122 |       <GenerateDebugInformation>true</GenerateDebugInformation>
123 |     </Link>
124 |   </ItemDefinitionGroup>
125 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
126 |     <ClCompile>
127 |       <WarningLevel>Level3</WarningLevel>
128 |       <FunctionLevelLinking>true</FunctionLevelLinking>
129 |       <IntrinsicFunctions>true</IntrinsicFunctions>
130 |       <SDLCheck>true</SDLCheck>
131 |       <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
132 |       <ConformanceMode>true</ConformanceMode>
133 |       <BufferSecurityCheck>false</BufferSecurityCheck>
134 |     </ClCompile>
135 |     <Link>
136 |       <SubSystem>Console</SubSystem>
137 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
138 |       <OptimizeReferences>true</OptimizeReferences>
139 |       <GenerateDebugInformation>true</GenerateDebugInformation>
140 |       <AdditionalOptions>/LTCG /OPT:NOREF %(AdditionalOptions)</AdditionalOptions>
141 |     </Link>
142 |   </ItemDefinitionGroup>
143 |   <ItemGroup>
144 |     <ClCompile Include="main.cpp" />
145 |     <ClCompile Include="protect.cpp" />
146 |   </ItemGroup>
147 |   <ItemGroup>
148 |     <ClInclude Include="includes.h" />
149 |     <ClInclude Include="protect.h" />
150 |   </ItemGroup>
151 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
152 |   <ImportGroup Label="ExtensionTargets">
153 |   </ImportGroup>
154 | </Project>


--------------------------------------------------------------------------------
/NO_ACESS Protect/NO_ACESS Protect.vcxproj.filters:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <ItemGroup>
 4 |     <Filter Include="Quelldateien">
 5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
 6 |       <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
 7 |     </Filter>
 8 |     <Filter Include="Headerdateien">
 9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
10 |       <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
11 |     </Filter>
12 |     <Filter Include="Headerdateien\protect">
13 |       <UniqueIdentifier>{dea67bd7-5c4e-41e4-ad19-f31b54f1d1a4}</UniqueIdentifier>
14 |     </Filter>
15 |   </ItemGroup>
16 |   <ItemGroup>
17 |     <ClCompile Include="main.cpp">
18 |       <Filter>Quelldateien</Filter>
19 |     </ClCompile>
20 |     <ClCompile Include="protect.cpp">
21 |       <Filter>Headerdateien\protect</Filter>
22 |     </ClCompile>
23 |   </ItemGroup>
24 |   <ItemGroup>
25 |     <ClInclude Include="protect.h">
26 |       <Filter>Headerdateien\protect</Filter>
27 |     </ClInclude>
28 |   </ItemGroup>
29 | </Project>


--------------------------------------------------------------------------------
/NO_ACESS Protect/NO_ACESS Protect.vcxproj.user:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
3 |   <PropertyGroup />
4 | </Project>


--------------------------------------------------------------------------------
/NO_ACESS Protect/main.cpp:
--------------------------------------------------------------------------------
1 | #include "protect.h"
2 | 
3 | int main() {
4 | 	protect::initialize();
5 | 	/*
6 | 		main code
7 | 	*/
8 | 	system("pause");
9 | }


--------------------------------------------------------------------------------
/NO_ACESS Protect/protect.cpp:
--------------------------------------------------------------------------------
 1 | #include "protect.h"
 2 | 
 3 | 
 4 | void test_func() {
 5 | 	printf("HELLO FROM .text func!\n");
 6 | }
 7 | 
 8 | #pragma optimize("", off) //Disable it so it doesn't get inlined
 9 | #pragma section(".0dev", execute, read, write) //Write so we can erase encryption func
10 | #pragma comment(linker,"/SECTION:.0dev,ERW")
11 | #pragma code_seg(push, ".0dev")
12 | 
13 | uint8_t encryption_key;
14 | 
15 | PIMAGE_SECTION_HEADER get_section_by_name(const char* name) {
16 | 	uint64_t modulebase = (uint64_t)GetModuleHandleA(0);
17 | 	PIMAGE_NT_HEADERS64 nt = (PIMAGE_NT_HEADERS)(modulebase + ((PIMAGE_DOS_HEADER)modulebase)->e_lfanew);
18 | 	PIMAGE_SECTION_HEADER section = IMAGE_FIRST_SECTION(nt);
19 | 	for (int i = 0; i < nt->FileHeader.NumberOfSections; ++i, ++section) {
20 | 		if (!_stricmp((char*)section->Name, name))
21 | 			return section;
22 | 	}
23 | 	return nullptr;
24 | }
25 | 
26 | void encrypt_section(PIMAGE_SECTION_HEADER section) {
27 | 	uint64_t modulebase = (uint64_t)GetModuleHandleA(0);
28 | 	int valid_page_count = section->Misc.VirtualSize / 0x1000; //If section is smaller than page size skip it
29 | 	for (int page_idx = 0; page_idx < valid_page_count; page_idx++)
30 | 	{
31 | 		uintptr_t address = modulebase + section->VirtualAddress + page_idx * 0x1000;
32 | 		printf("Encrypted: %p\n", address);
33 | 		DWORD old;
34 | 		VirtualProtect((LPVOID)address, 0x1000, PAGE_EXECUTE_READWRITE, &old);
35 | 		for (int off = 0; off < 0x1000; off += 0x1) {
36 | 			*(BYTE*)(address + off) = _rotr8((*(BYTE*)(address + off) + 0x10) ^ encryption_key, 69);
37 | 		}
38 | 		VirtualProtect((LPVOID)address, 0x1000, PAGE_NOACCESS, &old);
39 | 	}
40 | }
41 | 
42 | bool rip_in_legit_module(uint64_t rip) {
43 | 	PPEB peb = (PPEB)__readgsqword(0x60);
44 | 	PPEB_LDR_DATA ldr = peb->Ldr;
45 | 	PLDR_DATA_TABLE_ENTRY module = NULL;
46 | 	PLIST_ENTRY list = ldr->InMemoryOrderModuleList.Flink;
47 | 	while (list != NULL && list != &ldr->InMemoryOrderModuleList) {
48 | 		module = CONTAINING_RECORD(list, LDR_DATA_TABLE_ENTRY, InMemoryOrderLinks);
49 | 		PIMAGE_NT_HEADERS nt = (PIMAGE_NT_HEADERS)((uint64_t)module->DllBase + ((PIMAGE_DOS_HEADER)module->DllBase)->e_lfanew);
50 | 		if ((rip >= (uint64_t)module->DllBase) && (rip <= (uint64_t)module->DllBase + nt->OptionalHeader.SizeOfImage))
51 | 		{
52 | 			return true;
53 | 		}
54 | 		list = list->Flink;
55 | 	}
56 | 	return false;
57 | }
58 | 
59 | LONG WINAPI handler(struct _EXCEPTION_POINTERS* ExceptionInfo) {
60 | 	if (ExceptionInfo->ExceptionRecord->ExceptionCode == EXCEPTION_ACCESS_VIOLATION) {
61 | 		DWORD old;
62 | 		//ExceptionInformation[1] holds the invalid referenced memory address
63 | 		uint64_t page_start = (uint64_t)ExceptionInfo->ExceptionRecord->ExceptionInformation[1];
64 | 		page_start = page_start - (page_start % 0x1000);
65 | 		//Before we decrypt our page we want to verify the RIP that caused the violation. If it's not valid someone trys to forcefully decrypt the pages
66 | 		if (!rip_in_legit_module(ExceptionInfo->ContextRecord->Rip))
67 | 			return EXCEPTION_CONTINUE_SEARCH; //Force crash the program
68 | 		VirtualProtect((LPVOID)page_start, 0x1000, PAGE_READWRITE, &old);//Set write protection to decrypt
69 | 		for (int off = 0; off < 0x1000; off += 0x1) {
70 | 			*(BYTE*)(page_start + off) = (_rotl8(*(BYTE*)(page_start + off),69) ^ encryption_key) - 0x10;
71 | 		}
72 | 		VirtualProtect((LPVOID)page_start, 0x1000, PAGE_EXECUTE_READ, &old);//Set original protection
73 | 		printf("Decrypted %p rip %p\n", page_start, ExceptionInfo->ContextRecord->Rip);
74 | 		return EXCEPTION_CONTINUE_EXECUTION;
75 | 	}
76 | 	return EXCEPTION_CONTINUE_SEARCH;
77 | }
78 | 
79 | 
80 | 
81 | 
82 |  void protect::initialize()  {
83 | 	srand(time(NULL));
84 | 	encryption_key = rand() % 255 + 1; //Generate a small decryption key
85 | 	AddVectoredExceptionHandler(1, handler); //Handler will handle decryption and access rights
86 | 	encrypt_section(get_section_by_name(".text")); 
87 | 	//We won't use memset since this will unnecessarily decrypt a page
88 | 	for (int i = 0; i < (uint64_t)rip_in_legit_module - (uint64_t)encrypt_section; i+= 0x1) {
89 | 		*(uint8_t*)((uint64_t)encrypt_section + i) = 0;
90 | 	}
91 | 	//Tests 1: Dereference an address that has NO_ACCESS
92 | 	printf("%x\n", *(BYTE*)(test_func));
93 | 	//Tests 2: Call a func that in a NO_ACCESS region
94 | 	test_func();
95 | 	system("pause");
96 | }
97 | #pragma code_seg(pop, ".0dev")
98 | #pragma optimize("", on)
99 | 


--------------------------------------------------------------------------------
/NO_ACESS Protect/protect.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | #include <Windows.h>
3 | #include <iostream>
4 | #include <vector>
5 | #include <winternl.h>
6 | namespace protect {
7 | 	void initialize();
8 | }


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # NO_ACCESS_Protection
2 | This is a technique that I found while reversing Halos anticheat. They encrypt the text section and set the protection to NO_ACCESS. The pages will be decrypted on first access. If the RIP, that referenced the memory, is outside of a valid module it will fail and will crash the process after some time. 
3 | With this they can prevent:
4 | - basic signature scanning (access violation + rip check)
5 | - cheat engine veh debugger
6 | - full process dumping (since you can encrypt the pages again)
7 | 


--------------------------------------------------------------------------------