Results 1 to 14 of 14
  1. #1
    Themonsterman's Avatar
    Join Date
    Feb 2010
    Gender
    female
    Posts
    332
    Reputation
    17
    Thanks
    272
    My Mood
    Yeehaw

    im00: Self Updating Code / DLL

    !THIS IS BANABLE WITH VAC!

    Ok to start us off to the people who dont know me i made a hack and developed it to go further in each patch that came out with alot of help from SupernovaAO and other people such as Hell Demon and some people at GD leaving snippets and leads to new finds. i do not take Credit for all of this just spreading what i know of and helping you learn to understand how hacks work and how to create your own, With this being said "why is this not in the code section" Well my reply to that is because this isnt just code im going to be sharing with you its is infact a fully working hack that shows you how to update it for the rest of MW2's Engine days.

    Step 1.
    Now to start with your need a C/C++ Compiler google is your friend for this step.

    Step 2.
    Offsets are what we use to alter something at a particular point in the game. i am not going to explain fully how to find new offsets as that is a different post all together and alot more complicated, But what i will explain is how to update offsets VIA Signatures which i will share with you.
    What is a Signature ?
    Well it is a Lead of parts of address's in the games code which make a unique pattern to eventually lead to the point of offset we want to use.

    Step 3.
    The List.

    console B8 ???????? 2B05 ???????? 56 50 51 B9 ???????? BE ???????? E8 ???????? A1 ????????
    Address Hex dump Command Comments
    004393E0 /$ 8B4C24 0C MOV ECX,DWORD PTR SS:[ARG.3]


    Radar1 74 ?? 8BD5 8BC3 E8 ???????? 5D 8B4C24 ?? 83F9 ??
    Address Hex dump Command Comments
    00580701 |. /74 09 JE SHORT 0058070C

    Radar2 74 ?? 55 8B2D ???????? 8D85 ???????? 3903 7E ?? D905 ???????? 57 51
    Address Hex dump Command Comments
    005806D0 |. /74 3B JE SHORT 0058070D

    CounterUAV 75 ?? D9EE D905 ???????? D8D1 DFE0 F6C4 ?? 7B ?? 8B0D ???????? D941 ??
    Address Hex dump Command Comments
    0041BDD8 |. /75 66 JNE SHORT 0041BE40

    Recoil E8 ???????? 83C4 ?? 8B15 ???????? 807A ?? ?? 8B7424 ?? 74 ??
    (check the bytes)
    Address Hex dump Command Comments
    0049D327 |. E8 C4 53 FB FF CALL 004526F0

    Laser 74 08 C7 44 24 1C 01 00 00 00 83 7E 08 00 74 08 C7 44 24 1C 00 00 00 00 33 F6 39 74 24 28 C6 44 24 13 00 89 74 24 20
    Address Hex dump Command Comments
    00477172 |. /74 08 JE SHORT 0047717C

    Coldbloodfix 75 ?? 3987 ???????? 75 ?? 8B2D ???????? 57 53 E8 ???????? D95C24 ??
    Address Hex dump Command Comments
    005A00FE |. /75 6F JNE SHORT 005A016F

    Coldbloodfix2 74 ?? B0 ?? 83C4 ?? C3 D905 ???????? 8B8E ???????? D95C24 ?? 57 D905 ????????
    Address Hex dump Command Comments
    00582AEC |. /74 06 JE SHORT 00582AF4

    chopper 75 ?? 3805 ???????? 74 ?? 56 E8 ???????? 83C4 ??
    Address Hex dump Command Comments
    0047AA80 |. /75 23 JNE SHORT 0047AAA5

    name tags 0F85 ???????? F705 ???????? ???????? 74 ?? 8B96 ???????? 3B15 ???????? 75 ??
    Address Hex dump Command Comments
    00582D06 |. /0F85 F9000000 |JNE 00582E05

    drawthru walls 74 ?? B0 ?? 83C4 ?? C3 D905 ???????? 8B8E ???????? D95C24 ?? 57 D905 ????????
    Address Hex dump Command Comments
    00582AEC |. /74 06 JE SHORT 00582AF4

    thermal1 74 ?? B0 01 C3 F7 ?? ?? ?? ?? ??
    Address Hex dump Command Comments
    0059B0DB |. /74 03 JE SHORT 0059B0E0

    thermal2 74 ?? A1 ?? ?? ?? ?? 8B ?? 10 C3 F6
    Address Hex dump Command Comments
    0059B13E |. /74 09 JE SHORT 0059B149

    blackwhitefix 0F 84 ?? ?? ?? ?? 8B ?? ?? ?? ?? ?? 0F B6 49 10
    Address Hex dump Command Comments
    0050E111 |. /0F84 BD000000 JE 0050E1D4

    xhair 75 ?? DB81 ???????? D91A DB81 ???????? E9 ???????? D905 ????????
    Address Hex dump Command Comments
    00465AEF |. /75 13 JNE SHORT 00465B04

    noflash 833D ???????? ?? 74 ?? 833D ???????? ?? 0F95C0 84C0 75 ??
    Address Hex dump Command Comments
    00455D50 /$ 833D A8988600 00 CMP DWORD PTR DS:[8698A8],0 ; iw4mp.00455D50(guessed Arg1)

    Wallhack 68 ???????? 50 53 55 E8 ???????? 83C4 ??
    Address Hex dump Command Comments
    0059037D |. 68 04010000 PUSH 104 ; |Arg4 = 104

    Get font 8B4424 ?? 894424 ?? C74424 ?? ???????? E9 ????????
    Address Hex dump Command Comments
    00506320 /$ >8B4424 04 MOV EAX,DWORD PTR SS:[ESP+4]


    draw engine text 8B4424 ?? 8038 ?? 0F84 ???????? 8D50 ?? 8A08 83C0 ??
    Address Hex dump Command Comments
    0050AC40 /$ 8B4424 04 MOV EAX,DWORD PTR SS:[ARG.1]

    DETOUR 51 A1 ???????? 8378 ?? ?? 7D ?? 6A ?? E8 ???????? 83C4 ??
    Address Hex dump Command Comments
    00581700


    DVAR UNLOCKER 53 D918 68 ???????? 56 E8 ????????
    ADDRESS
    00646F10


    Ok now you have the whole list off Signitures and offsets for the latest version 1.2.208

    The signature of the Dvar unlocker looks like this :
    53 D918 68 ???????? 56 E8 ????????

    when used correctly in a debugger it will lead you to the offset which is this :
    00646F10

    The offset can then be used in source code (Which i will provide in a later step) you simply change the 0's at the start to look like this :
    0x646F10

    As we dont need two 0s at the start.

    Step 4.
    How to update the offsets via Signature.
    Get ollydbg Attach the iw4mp.exe to the debugger,
    Press Ctrl G Then put in the Signature it will take you to the new offset.

    Say 1.3.2099 comes out tomorrow the signature will lead you to the new offset for the hack source code.


    Step 5.
    The source code for the hack...
    To simplify this im just going to share my source as i dont wanna ramble on about two make it from scratch so the link for the source will be at the bottom.

    Now that you have the source and the abilitys to update the offsets..
    You now have a Forever Self updating hack.

    BUT Do bare in mind with VAC Running and this hack Writing to the process memory it will get you banned.

    Again i want to make this dead clear.

    THIS IS BANABLE BY VAC !!!

    But the good news is there is ways around VAC And also works for things that dont use VAC Like lobby tracker and other sources for banned people to play (not going in to more detail about this work it out for your selfs.)

    If the game version is different just attach the game version your connecting too and update/downdate to that ones offsets.

    There are ways around VAC and its Bans but you need to do your own searching and homework for this matter, but it is still possible.

    Step 6.
    The code. Attached download it.


    I will answer questions if i can and update when i can.

    Bare in mind to always read all posts before posting and dont be rude.

    Dont ask about VAC Blockers here as its probably not allowed by the said forum this is posted on (as it will be on multiple forums) and i cant guarantee and vac blockers out there.

    All this information is to be used at the User Risk and is not my responsibility nor fault if it results in the loss of steam games, hair, blood or life.


    To admins / Mods the advertising in the code is now invalid as the site is no longer running its just example code of how to use static text. can be easyily changed / edited to say anything.

    Virus Scan:-
    http://www.virustotal.com/file-scan/...ffa-1289060954
    http://virusscan.jotti.org/en/scanre...442396f44b21f4
    http://www.virustotal.com/file-scan/...a55-1289061057
    http://virusscan.jotti.org/en/scanre...4acc229231784c

    Video of the hack working.
    bare in mind the advertising is false now as the site is closed / dead / gone.

    [youtube]1lpva96L2_E[tube]
    Last edited by Blubb1337; 11-06-2010 at 06:24 PM.

  2. The Following 7 Users Say Thank You to Themonsterman For This Useful Post:

    Blubb1337 (11-06-2010),House (11-06-2010),intervention61 (07-23-2011),JamesA1994 (11-07-2010),meonguyen (04-25-2012),rida_44 (09-19-2012),SkyAssasin (11-06-2010)

  3. #2
    Blubb1337's Avatar
    Join Date
    Sep 2009
    Gender
    male
    Location
    Germany
    Posts
    5,923
    Reputation
    161
    Thanks
    3,096
    2 virusscans for each file and a screenshot of the hack plox.



  4. The Following 2 Users Say Thank You to Blubb1337 For This Useful Post:

    Themonsterman (11-07-2010),wasaka1 (11-06-2010)

  5. #3
    Themonsterman's Avatar
    Join Date
    Feb 2010
    Gender
    female
    Posts
    332
    Reputation
    17
    Thanks
    272
    My Mood
    Yeehaw
    name me another virus scan that can do a 8mb file as total is the only one i can get to do a 7+ mb file. also the video is good enough as a screenshot i believe.

  6. #4
    Hell_Demon's Avatar
    Join Date
    Mar 2008
    Gender
    male
    Location
    I love causing havoc
    Posts
    3,660
    Reputation
    236
    Thanks
    4,132
    My Mood
    Cheeky
    Just aprove this, monsterman is legit
    Ah we-a blaze the fyah, make it bun dem!

  7. The Following User Says Thank You to Hell_Demon For This Useful Post:

    Themonsterman (11-07-2010)

  8. #5
    House's Avatar
    Join Date
    Mar 2010
    Gender
    male
    Posts
    2,990
    Reputation
    223
    Thanks
    8,956
    My Mood
    Cynical
    god damn, nice sig list, btw whats with your site?

  9. The Following User Says Thank You to House For This Useful Post:

    Themonsterman (11-07-2010)

  10. #6
    Themonsterman's Avatar
    Join Date
    Feb 2010
    Gender
    female
    Posts
    332
    Reputation
    17
    Thanks
    272
    My Mood
    Yeehaw
    Im enlisting with the British army at the start of next year as a Combat Medical Tech so dont have time to invest in this project anymore last 5 or 6 months just been solid at the gym hence the inactivity, figured id share my project for others to learn from and keep the im00 heart beating for all those that help make the hack / site.

    the site wont be returning,

  11. #7
    House's Avatar
    Join Date
    Mar 2010
    Gender
    male
    Posts
    2,990
    Reputation
    223
    Thanks
    8,956
    My Mood
    Cynical
    however, thanks for sharing your project with us

  12. The Following User Says Thank You to House For This Useful Post:

    Themonsterman (11-07-2010)

  13. #8
    Themonsterman's Avatar
    Join Date
    Feb 2010
    Gender
    female
    Posts
    332
    Reputation
    17
    Thanks
    272
    My Mood
    Yeehaw
    your welcome.

  14. #9
    master131's Avatar
    Join Date
    Apr 2010
    Gender
    male
    Location
    Melbourne, Australia
    Posts
    8,802
    Reputation
    3165
    Thanks
    73,331
    My Mood
    Breezy
    Aww, I was wondering why it was down. Well, nice job Thermonsterman. Enjoy your time in the army! /yea
    Donate:
    BTC: 1GEny3y5tsYfw8E8A45upK6PKVAEcUDNv9


    Handy Tools/Hacks:
    Extreme Injector v3.6.1 *NEW* Windows 10 compatible!
    A powerful and advanced injector in a simple GUI.
    Can scramble DLLs on injection making them harder to detect and even make detected hacks work again!

    Minion Since: 13th January 2011
    Moderator Since: 6th May 2011
    Global Moderator Since: 29th April 2012
    Super User/Unknown Since: 23rd July 2013
    'Game Hacking' Team Since: 30th July 2013

    --My Art--
    [Roxas - Pixel Art, WIP]
    [Natsu - Drawn]
    [Natsu - Coloured]


    All drawings are coloured using Photoshop.

    --Gifts--
    [Kyle]

  15. The Following User Says Thank You to master131 For This Useful Post:

    Themonsterman (11-07-2010)

  16. #10
    Blubb1337's Avatar
    Join Date
    Sep 2009
    Gender
    male
    Location
    Germany
    Posts
    5,923
    Reputation
    161
    Thanks
    3,096
    /approved



  17. The Following User Says Thank You to Blubb1337 For This Useful Post:

    Themonsterman (11-07-2010)

  18. #11
    master131's Avatar
    Join Date
    Apr 2010
    Gender
    male
    Location
    Melbourne, Australia
    Posts
    8,802
    Reputation
    3165
    Thanks
    73,331
    My Mood
    Breezy
    Here is just a little note, DO NOT ask what to do with this!
    Donate:
    BTC: 1GEny3y5tsYfw8E8A45upK6PKVAEcUDNv9


    Handy Tools/Hacks:
    Extreme Injector v3.6.1 *NEW* Windows 10 compatible!
    A powerful and advanced injector in a simple GUI.
    Can scramble DLLs on injection making them harder to detect and even make detected hacks work again!

    Minion Since: 13th January 2011
    Moderator Since: 6th May 2011
    Global Moderator Since: 29th April 2012
    Super User/Unknown Since: 23rd July 2013
    'Game Hacking' Team Since: 30th July 2013

    --My Art--
    [Roxas - Pixel Art, WIP]
    [Natsu - Drawn]
    [Natsu - Coloured]


    All drawings are coloured using Photoshop.

    --Gifts--
    [Kyle]

  19. The Following 3 Users Say Thank You to master131 For This Useful Post:

    Blubb1337 (11-07-2010),House (11-06-2010),Themonsterman (11-07-2010)

  20. #12
    Themonsterman's Avatar
    Join Date
    Feb 2010
    Gender
    female
    Posts
    332
    Reputation
    17
    Thanks
    272
    My Mood
    Yeehaw
    the code is for coders or people who want to understand how hacks work,
    also the dll is a simple inject into a iw4mp.exe with a injector such as winject, and off you go.

  21. #13
    JamesA1994's Avatar
    Join Date
    Feb 2010
    Gender
    male
    Location
    The dark side
    Posts
    1,703
    Reputation
    271
    Thanks
    529
    My Mood
    Psychedelic
    Wow, Thanked and +Rep.
    CoD Minion: Jan 13th 2011 to April 11 2011
    MMORPG Minion Since: March 28th 2011 to April 11 2011

    Don't be afraid to rep, you aren't loosing anything!
    Don't forget your P&Q's. Press the thanks button if someone has helped.
    jamesa1994@hotmail.com

  22. The Following User Says Thank You to JamesA1994 For This Useful Post:

    Themonsterman (11-07-2010)

  23. #14
    Koen's Avatar
    Join Date
    Jan 2010
    Gender
    male
    Location
    I don't know, you tell me bitch.
    Posts
    2,315
    Reputation
    19
    Thanks
    1,669
    My Mood
    Bored
    yoyo sup monsterman, good work on the, well, whaddya call it, exploit, tweak, no idea.
    good to see you back too, yoyoyo


    Check out my new topic : Medal of Honor 2010 Retail ESP / Wallhack Here



    Add me :
    On MSN
    Koenschouten@hotmail.com

  24. The Following User Says Thank You to Koen For This Useful Post:

    Themonsterman (11-08-2010)

Similar Threads

  1. [New] Updated CShell.dll + Engine.exe [8/27]
    By Braco22 in forum Combat Arms Hack Coding / Programming / Source Code
    Replies: 18
    Last Post: 08-27-2010, 09:14 AM
  2. updating a dll
    By dugindog in forum Combat Arms Hack Coding / Programming / Source Code
    Replies: 5
    Last Post: 07-15-2010, 01:23 AM
  3. [Release][Source Code] DLL Injection
    By Tukjedude in forum C++/C Programming
    Replies: 12
    Last Post: 06-09-2010, 10:36 AM
  4. [Request] Source Code DLL Injector (Text) - VB 2008 Codes
    By deocute in forum Visual Basic Programming
    Replies: 1
    Last Post: 10-21-2009, 01:16 AM
  5. Replies: 8
    Last Post: 05-25-2009, 12:12 PM