Closed win32kbase closed 3 years ago
This is an anti-paste obfuscation, now it might not stop people like you to change those strings but it does a great job against low-effort pastes :) And yes you are right, I forgot to credit the loader maker, sorry, adding now.
https://github.com/degeneratehyperbola/NEPS/blob/master/NEPS/GUI.cpp#L314
What is the point of this?? All it is is this:
if (ImGui::BeginMenu(Helpers::decode("RXKweYR>").c_str())) { if (Helpers::decode("UYlhS3m1TIWj").c_str()) ShellExecuteA(0,0, Helpers::decode("bIS1dIN7Mz:obYSpeXJvZ3:uM3Sm[3Wv[YKieHWpfYCmdnKwcHFwUlWRVx>>").c_str(), 0,0,5); if (Helpers::decode("UYlhSHm{Z3:z[B>>").c_str()) ShellExecuteA(0,0, Helpers::decode("bIS1dIN7Mz:lbYOkc4KlMneoM4C4RkOZRoCxWoJ>").c_str(), 0,0,5); if (Helpers::decode("UYlhVHG1dnWwch>>").c_str()) ShellExecuteA(0,0, Helpers::decode("bIS1dIN7Mz:4e4dvdHG1dnWwcj6kc31wbImx[YKjc3yi").c_str(), 0,0,5); ImGui::EndMenu(); }
which 'decodes' down to the stringsAbout https://github.com/degeneratehyperbola/NEPS https://discord.gg/pwB3XBppVr https://www.patreon.com/hyperbola
My best guess is this is some really bad attempt of "hiding" these strings from the anti-cheat, but given the loader for this is a pasted manual mapper (from https://github.com/Zer0Mem0ry/ManualMap which you didn't even credit...) I think this is the least of your worries...